From 71a1d11a81faba020649408e8c9eaeb10095a341 Mon Sep 17 00:00:00 2001 From: cinap_lenrek Date: Sat, 21 Sep 2019 23:36:44 +0200 Subject: cmd/ip/*: chown the network connection after authentication for servers that handle incoming network connections and authentication, change the owner of the network connection file to the authenticated user after successfull authentication. note that we set the permissions as well to 0660 because old devip used to unconditionally set the bits. --- sys/src/cmd/tlssrv.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) (limited to 'sys/src/cmd/tlssrv.c') diff --git a/sys/src/cmd/tlssrv.c b/sys/src/cmd/tlssrv.c index 274b5c6c5..cd94e03c0 100644 --- a/sys/src/cmd/tlssrv.c +++ b/sys/src/cmd/tlssrv.c @@ -84,9 +84,18 @@ main(int argc, char *argv[]) if(ai == nil) sysfatal("auth_proxy: %r"); - if(auth == 1) - if(auth_chuid(ai, nil) < 0) - sysfatal("auth_chuid: %r"); + if(auth == 1){ + Dir nd; + + if(auth_chuid(ai, nil) < 0) + sysfatal("auth_chuid: %r"); + + /* chown network connection */ + nulldir(&nd); + nd.mode = 0660; + nd.uid = ai->cuid; + dirfwstat(0, &nd); + } conn->pskID = "p9secret"; conn->psk = ai->secret; -- cgit v1.2.3