.

2025-07-02 22:46:30 +02:00 · 2010-08-26 08:47:42 +00:00 · 2010-08-26 08:47:42 +00:00 · a400cfe14e
commit a400cfe14e
parent 789732e05a
9 changed files with 182 additions and 84 deletions
--- a/agent/ChangeLog
+++ b/agent/ChangeLog
@ -1,6 +1,16 @@
+2010-08-26  Werner Koch  <wk@g10code.com>
+
+	* command-ssh.c (open_control_file): Use estream to create the file.
+
+	* findkey.c (agent_write_private_key): Explicitly create file with
+	mode 600.
+	* gpg-agent.c (main): Ditto.
+	* trustlist.c (agent_marktrusted): Explicitly create file with
+	mode 640.
+
 2010-08-16  Werner Koch  <wk@g10code.com>

-	* gpg-agent.c: Repalce remaining printf by es_printf.
+	* gpg-agent.c: Replace remaining printf by es_printf.

 2010-08-11  Werner Koch  <wk@g10code.com>

--- a/agent/command-ssh.c
+++ b/agent/command-ssh.c
@ -678,18 +678,16 @@ open_control_file (FILE **r_fp, int append)
  fp = fopen (fname, append? "a+":"r");
  if (!fp && errno == ENOENT)
    {
-      /* Fixme: "x" is a GNU extension.  We might want to use the es_
-         functions here.  */
-      fp = fopen (fname, "wx");  
-      if (!fp)
+      estream_t stream = es_fopen (fname, "wx,mode=-rw-r");  
+      if (!stream)
        {
-          err = gpg_error (gpg_err_code_from_errno (errno));
+          err = gpg_error_from_syserror ();
          log_error (_("can't create `%s': %s\n"), fname, gpg_strerror (err));
          xfree (fname);
          return err;
        }
-      fputs (sshcontrolblurb, fp);
-      fclose (fp);
+      es_fputs (sshcontrolblurb, stream);
+      es_fclose (stream);
      fp = fopen (fname, append? "a+":"r");
    }

--- a/agent/findkey.c
+++ b/agent/findkey.c
@ -72,8 +72,7 @@ agent_write_private_key (const unsigned char *grip,
      return gpg_error (GPG_ERR_EEXIST);
    }

-  /* FIXME: On POSIX systems we used include S_IRGRP as well.  */
-  fp = es_fopen (fname, force? "wb" : "wbx");
+  fp = es_fopen (fname, force? "wb,mode=-rw" : "wbx,mode=-rw");
  if (!fp) 
    { 
      gpg_error_t tmperr = gpg_error_from_syserror ();
--- a/agent/gpg-agent.c
+++ b/agent/gpg-agent.c
@ -1100,7 +1100,7 @@ main (int argc, char **argv )
            {
              estream_t fp;
              
-              fp = es_fopen (env_file_name, "w");
+              fp = es_fopen (env_file_name, "w,mode=-rw");
              if (!fp)
                log_error (_("error creating `%s': %s\n"),
                             env_file_name, strerror (errno));
--- a/agent/trustlist.c
+++ b/agent/trustlist.c
@ -691,7 +691,7 @@ agent_marktrusted (ctrl_t ctrl, const char *name, const char *fpr, int flag)
  fname = make_filename (opt.homedir, "trustlist.txt", NULL);
  if ( access (fname, F_OK) && errno == ENOENT)
    {
-      fp = es_fopen (fname, "wx");
+      fp = es_fopen (fname, "wx,mode=-rw-r");
      if (!fp)
        {
          err = gpg_error_from_syserror ();
@ -705,7 +705,7 @@ agent_marktrusted (ctrl_t ctrl, const char *name, const char *fpr, int flag)
      es_fputs (headerblurb, fp);
      es_fclose (fp);
    }
-  fp = es_fopen (fname, "a+");
+  fp = es_fopen (fname, "a+,mode=-rw-r");
  if (!fp)
    {
      err = gpg_error_from_syserror ();