Use exact mask when calling umask(2)

Due to the previous negation the high bits of the mask were set, which
at least some versions of the Android build system prevent with a compile-time
check.

diff --git a/src/libcharon/plugins/ha/ha_ctl.c b/src/libcharon/plugins/ha/ha_ctl.c
index 178a034..a954997 100644 (file)
--- a/src/libcharon/plugins/ha/ha_ctl.c
+++ b/src/libcharon/plugins/ha/ha_ctl.c
@@ -121,7 +121,7 @@ ha_ctl_t *ha_ctl_create(ha_segments_t *segments, ha_cache_t *cache)
 
        if (access(HA_FIFO, R_OK|W_OK) != 0)
        {
-               old = umask(~(S_IRWXU | S_IRWXG));
+               old = umask(S_IRWXO);
                if (mkfifo(HA_FIFO, S_IRUSR | S_IWUSR) != 0)
                {
                        DBG1(DBG_CFG, "creating HA FIFO %s failed: %s",

diff --git a/src/libcharon/plugins/smp/smp.c b/src/libcharon/plugins/smp/smp.c
index 7bc1700..04bf382 100644 (file)
--- a/src/libcharon/plugins/smp/smp.c
+++ b/src/libcharon/plugins/smp/smp.c
@@ -767,7 +767,7 @@ plugin_t *smp_plugin_create()
        }
 
        unlink(unix_addr.sun_path);
-       old = umask(~(S_IRWXU | S_IRWXG));
+       old = umask(S_IRWXO);
        if (bind(this->socket, (struct sockaddr *)&unix_addr, sizeof(unix_addr)) < 0)
        {
                DBG1(DBG_CFG, "could not bind XML socket: %s", strerror(errno));

diff --git a/src/libstrongswan/networking/streams/stream_service.c b/src/libstrongswan/networking/streams/stream_service.c
index ece17b4..4e0eebd 100644 (file)
--- a/src/libstrongswan/networking/streams/stream_service.c
+++ b/src/libstrongswan/networking/streams/stream_service.c
@@ -264,7 +264,7 @@ stream_service_t *stream_service_create_unix(char *uri, int backlog)
        }
        unlink(addr.sun_path);
 
-       old = umask(~(S_IRWXU | S_IRWXG));
+       old = umask(S_IRWXO);
        if (bind(fd, (struct sockaddr*)&addr, len) < 0)
        {
                DBG1(DBG_NET, "binding socket '%s' failed: %s", uri, strerror(errno));