projects / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d31fb0b) | patch
RT2547: Tighten perms on generated privkey files
authorRich Salz <rsalz@akamai.com>
Sat, 2 May 2015 14:01:33 +0000 (10:01 -0400)
committerRich Salz <rsalz@openssl.org>
Mon, 15 Jun 2015 22:26:56 +0000 (18:26 -0400)
commit3b061a00e39d2e4ad524ff01cbdc0c53fe8171ee
tree0389af5c46f6c56ab6f88c737f55aa07493dfd39tree | snapshot
parentd31fb0b5b341aa7883b487d07e6a56d216224e25commit | diff
RT2547: Tighten perms on generated privkey files

When generating a private key, try to make the output file be readable
only by the owner.  Put it in CHANGES file since it might be noticeable.

Add "int private" flag to apps that write private keys, and check that it's
set whenever we do write a private key.  Checked via assert so that this
bug (security-related) gets fixed.  Thanks to Viktor for help in tracing
the code-paths where private keys are written.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
22 files changed:
CHANGES diff | blob | history
apps/apps.c diff | blob | history
apps/apps.h diff | blob | history
apps/dsa.c diff | blob | history
apps/dsaparam.c diff | blob | history
apps/ec.c diff | blob | history
apps/ecparam.c diff | blob | history
apps/gendsa.c diff | blob | history
apps/genpkey.c diff | blob | history
apps/genrsa.c diff | blob | history
apps/openssl.c diff | blob | history
apps/opt.c diff | blob | history
apps/passwd.c diff | blob | history
apps/pkcs12.c diff | blob | history
apps/pkcs8.c diff | blob | history
apps/pkey.c diff | blob | history
apps/req.c diff | blob | history
apps/rsa.c diff | blob | history
apps/s_cb.c diff | blob | history
apps/s_client.c diff | blob | history
apps/s_server.c diff | blob | history
apps/x509.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.