diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-06-04 15:30:40 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-06-04 15:30:40 +0000 |
| commit | 6faa9e26414abde4832ec88c347435565c751e0b (patch) | |
| tree | 7b29c0f45deb534b8178879faa204047c45e6607 /src/tools | |
| parent | 97cc48f904806157ce47fa524b4247d03d55e769 (diff) | |
| download | tor-6faa9e26414abde4832ec88c347435565c751e0b.tar tor-6faa9e26414abde4832ec88c347435565c751e0b.tar.gz | |
r13239@catbus: nickm | 2007-06-04 11:30:37 -0400
Fix the fix for bug 445: set umask properly. Also use open+fdopen rather than just umask+fopen, and create authority identity key with mode 400.
svn:r10485
Diffstat (limited to 'src/tools')
| -rw-r--r-- | src/tools/tor-gencert.c | 28 |
1 files changed, 23 insertions, 5 deletions
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c index e4bc01df7..c879c9760 100644 --- a/src/tools/tor-gencert.c +++ b/src/tools/tor-gencert.c @@ -9,6 +9,8 @@ #include <sys/types.h> #include <sys/stat.h> +#include <fcntl.h> +#include <unistd.h> #include <openssl/evp.h> #include <openssl/pem.h> @@ -149,6 +151,7 @@ load_identity_key(void) FILE *f; if (make_new_id) { + int fd; RSA *key; if (status != FN_NOENT) { log_err(LD_GENERAL, "--create-identity-key was specified, but %s " @@ -168,8 +171,15 @@ load_identity_key(void) return 1; } - if (!(f = fopen(identity_key_file, "w"))) { - log_err(LD_GENERAL, "Couldn't open %s for writing: %s", + if ((fd = open(identity_key_file, O_CREAT|O_EXCL|O_WRONLY, 0400))<0) { + log_err(LD_GENERAL, "Couldn't fdopen %s for writing: %s", + identity_key_file, strerror(errno)); + return 1; + } + + if (!(f = fdopen(fd, "w"))) { + close(fd); + log_err(LD_GENERAL, "Couldn't fdopen %s for writing: %s", identity_key_file, strerror(errno)); return 1; } @@ -214,6 +224,7 @@ load_identity_key(void) static int generate_signing_key(void) { + int fd; FILE *f; RSA *key; log_notice(LD_GENERAL, "Generating %d-bit RSA signing key.", @@ -229,8 +240,15 @@ generate_signing_key(void) return 1; } - if (!(f = fopen(signing_key_file, "w"))) { - log_err(LD_GENERAL, "Couldn't open %s for reading: %s", + if ((fd = open(signing_key_file, O_CREAT|O_EXCL|O_WRONLY, 0600))<0) { + log_err(LD_GENERAL, "Couldn't open %s for writing: %s", + signing_key_file, strerror(errno)); + return 1; + } + + if (!(f = fdopen(fd, "w"))) { + close(fd); + log_err(LD_GENERAL, "Couldn't open %s for writing: %s", signing_key_file, strerror(errno)); return 1; } @@ -358,7 +376,7 @@ main(int argc, char **argv) goto done; } /* Make sure that files are made private. */ - umask(0700); + umask(0077); if (parse_commandline(argc, argv)) goto done; |