During the init command, tinc changed the umask to 077 when writing the public
and private key files, to prevent the temporary copies from being world
readable. However, subsequently created files would therefore also be
unreadable for others. Now we don't change the umask anymore, therefore
allowing the user to choose whether the files are world readable or not by
setting the umask as desired. The private key files are still made unreadable
for others of course. Temporary files now inherit the permissions of the
original, and the tinc-up script's permissions now also honour the umask.
+#ifdef HAVE_FCHMOD
+ /* Let the temporary file have the same permissions as the original. */
+
+ if(w) {
+ struct stat st = {.st_mode = 0600};
+ fstat(fileno(r), &st);
+ fchmod(fileno(w), st.st_mode);
+ }
+#endif
+
while(fgets(buf, sizeof buf, r)) {
if(!block && !strncmp(buf, "-----BEGIN ", 11)) {
if((strstr(buf, " EC ") && strstr(what, "ECDSA")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) {
while(fgets(buf, sizeof buf, r)) {
if(!block && !strncmp(buf, "-----BEGIN ", 11)) {
if((strstr(buf, " EC ") && strstr(what, "ECDSA")) || (strstr(buf, " RSA ") && strstr(what, "RSA"))) {
- umask(0077); /* Disallow everything for group and other */
-
disable_old_keys(filename, what);
/* Open it first to keep the inode busy */
disable_old_keys(filename, what);
/* Open it first to keep the inode busy */
fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno));
return 1;
}
fprintf(stderr, "Could not create file %s: %s\n", filename, strerror(errno));
return 1;
}
- fchmod(fileno(f), 0755);
+ mode_t mask = umask(0);
+ umask(mask);
+ fchmod(fileno(f), 0755 & ~mask);
fprintf(f, "#!/bin/sh\n\necho 'Unconfigured tinc-up script, please edit!'\n\n#ifconfig $INTERFACE <your vpn IP address> netmask <netmask of whole VPN>\n");
fclose(f);
}
fprintf(f, "#!/bin/sh\n\necho 'Unconfigured tinc-up script, please edit!'\n\n#ifconfig $INTERFACE <your vpn IP address> netmask <netmask of whole VPN>\n");
fclose(f);
}