Fixed loading of secrets with IDs.
authorTobias Brunner <tobias@strongswan.org>
Wed, 4 Aug 2010 13:59:15 +0000 (15:59 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 4 Aug 2010 14:03:46 +0000 (16:03 +0200)
Since the ID string is manually terminated by a null character, write
permission is required for the mmapped ipsec.secrets.

src/libcharon/plugins/stroke/stroke_cred.c

index 8dd0bb0..e9087dc 100644 (file)
@@ -1141,7 +1141,7 @@ static void load_secrets(private_stroke_cred_t *this, char *file, int level,
                close(fd);
                return;
        }
-       addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
+       addr = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
        if (addr == MAP_FAILED)
        {
                DBG1(DBG_LIB, "mapping '%s' failed: %s", file, strerror(errno));