git.samba.org
/
sfrench
/
samba-autobuild
/
.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
cf29fb2
)
CVE-2013-4476: s4:libtls: Create tls private key file (key.pem) with mode 0600
author
Björn Baumbach
<bb@sernet.de>
Tue, 29 Oct 2013 16:52:39 +0000
(17:52 +0100)
committer
Karolin Seeger
<kseeger@samba.org>
Mon, 11 Nov 2013 10:14:36 +0000
(11:14 +0100)
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10234
Signed-off-by: Björn Baumbach <bb@sernet.de>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
source4/lib/tls/tlscert.c
patch
|
blob
|
history
diff --git
a/source4/lib/tls/tlscert.c
b/source4/lib/tls/tlscert.c
index 0c780ea2f30f11b249811c2c7911cfa1f3f8fcc6..8a19e0a2301307bbee8df21aff9dc41468c7df33 100644
(file)
--- a/
source4/lib/tls/tlscert.c
+++ b/
source4/lib/tls/tlscert.c
@@
-152,7
+152,7
@@
void tls_cert_generate(TALLOC_CTX *mem_ctx,
bufsize = sizeof(buf);
TLSCHECK(gnutls_x509_privkey_export(key, GNUTLS_X509_FMT_PEM, buf, &bufsize));
- if (!file_save
(keyfile, buf, bufsize
)) {
+ if (!file_save
_mode(keyfile, buf, bufsize, 0600
)) {
DEBUG(0,("Unable to save privatekey in %s parent dir exists ?\n", keyfile));
goto failed;
}