Fix tempfile usage so we no longer need the world_accessible patches

haata · haata · commit 553a58557f56 · 2022-05-21T20:53:43.000-07:00
- Just use a tempdir for the read-all permissions and create a file
- The directory is removed when the connection is dropped
diff --git a/Cargo.toml b/Cargo.toml
@@ -109,7 +109,7 @@ rcgen           = { version = "^0.9", optional = true }
 regex           = { version = "^1.5", optional = true }
 rustls          = { version = "^0.20", optional = true, features = ["dangerous_configuration"] }
 sys-info        = "^0.9"
-tempfile        = { version = "3.1.0", git = "https://github.com/haata/tempfile", optional = true } # Needed for world accessible patches
+tempfile        = { version = "3.3.0", optional = true }
 tokio           = { version = "^1.18", features = ["net", "rt-multi-thread", "macros", "sync", "time"] }
 tokio-rustls    = { version = "^0.23", optional = true }
 tokio-stream    = { version = "^0.1", features = ["sync"], optional = true }
diff --git a/src/api/capnp.rs b/src/api/capnp.rs
@@ -36,6 +36,7 @@ use hid_io_protocol::{HidIoCommandId, HidIoPacketType};
 use rcgen::generate_simple_self_signed;
 use std::collections::HashMap;
 use std::env;
+use std::fs::File;
 use std::io::Write;
 use std::net::ToSocketAddrs;
 use std::sync::atomic::Ordering;
@@ -119,7 +120,7 @@ struct HidIoServerImpl {
     basic_key: String,
     auth_key: String,
 
-    basic_key_file: tempfile::NamedTempFile,
+    basic_key_dir: tempfile::TempDir,
     auth_key_file: tempfile::NamedTempFile,
 
     subscriptions: Arc<RwLock<Subscriptions>>,
@@ -133,15 +134,16 @@ impl HidIoServerImpl {
         subscriptions: Arc<RwLock<Subscriptions>>,
     ) -> HidIoServerImpl {
         // Create temp file for basic key
-        let mut basic_key_file = tempfile::Builder::new()
-            .world_accessible(true)
-            .tempfile()
-            .expect("Unable to create file");
+        let basic_key_dir = tempfile::Builder::new()
+            .prefix("hidio")
+            .tempdir()
+            .expect("Unable to create dir");
+        let mut basic_key_file =
+            File::create(basic_key_dir.path().join("key")).expect("Unable to create file");
 
         // Create temp file for auth key
         // Only this user can read the auth key
         let mut auth_key_file = tempfile::Builder::new()
-            .world_accessible(false)
             .tempfile()
             .expect("Unable to create file");
 
@@ -172,7 +174,7 @@ impl HidIoServerImpl {
             basic_key,
             auth_key,
 
-            basic_key_file,
+            basic_key_dir,
             auth_key_file,
 
             subscriptions,
@@ -297,7 +299,7 @@ impl hidio_capnp::hid_io_server::Server for HidIoServerImpl {
     ) -> Promise<(), Error> {
         // Get and set fields
         let mut key = results.get().init_key();
-        key.set_basic_key_path(&self.basic_key_file.path().display().to_string());
+        key.set_basic_key_path(&self.basic_key_dir.path().join("key").display().to_string());
         key.set_auth_key_path(&self.auth_key_file.path().display().to_string());
         Promise::ok(())
     }
