[svn-upgrade] new version strongswan (4.5.0)

1 files changed, 10 insertions, 2 deletions

diff --git a/src/libcharon/plugins/ha/ha_ctl.c b/src/libcharon/plugins/ha/ha_ctl.c
index e188a8484..980c0551a 100644
--- a/src/libcharon/plugins/ha/ha_ctl.c
+++ b/src/libcharon/plugins/ha/ha_ctl.c
@@ -114,6 +114,7 @@ METHOD(ha_ctl_t, destroy, void,
 ha_ctl_t *ha_ctl_create(ha_segments_t *segments, ha_cache_t *cache)
 {
 	private_ha_ctl_t *this;
+	mode_t old;
 
 	INIT(this,
 		.public = {
@@ -125,16 +126,23 @@ ha_ctl_t *ha_ctl_create(ha_segments_t *segments, ha_cache_t *cache)
 
 	if (access(HA_FIFO, R_OK|W_OK) != 0)
 	{
-		if (mkfifo(HA_FIFO, 600) != 0)
+		old = umask(~(S_IRWXU | S_IRWXG));
+		if (mkfifo(HA_FIFO, S_IRUSR | S_IWUSR) != 0)
 		{
 			DBG1(DBG_CFG, "creating HA FIFO %s failed: %s",
 				 HA_FIFO, strerror(errno));
 		}
+		umask(old);
+	}
+	if (chown(HA_FIFO, charon->uid, charon->gid) != 0)
+	{
+		DBG1(DBG_CFG, "changing HA FIFO permissions failed: %s",
+			 strerror(errno));
 	}
 
 	this->job = callback_job_create((callback_job_cb_t)dispatch_fifo,
 									this, NULL, NULL);
-	charon->processor->queue_job(charon->processor, (job_t*)this->job);
+	lib->processor->queue_job(lib->processor, (job_t*)this->job);
 	return &this->public;
 }