diff options
author | Jonathan Gray <jsg@cvs.openbsd.org> | 2010-06-23 19:28:19 +0000 |
---|---|---|
committer | Jonathan Gray <jsg@cvs.openbsd.org> | 2010-06-23 19:28:19 +0000 |
commit | cb691adbb31405ba1956b5dc6a20e771258dc7dd (patch) | |
tree | a9cbde1b502763bec798546ed6a788555f554268 /usr.sbin/ikectl | |
parent | 3096ea24e5321de222bf7fc42c23bf8eccf3599e (diff) |
fix the permissions on directories inside the exported tarball
in the cert case.
Diffstat (limited to 'usr.sbin/ikectl')
-rw-r--r-- | usr.sbin/ikectl/ikeca.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/usr.sbin/ikectl/ikeca.c b/usr.sbin/ikectl/ikeca.c index 4c2a40fbb4e..1e790c7df6f 100644 --- a/usr.sbin/ikectl/ikeca.c +++ b/usr.sbin/ikectl/ikeca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikeca.c,v 1.8 2010/06/23 17:10:49 jsg Exp $ */ +/* $OpenBSD: ikeca.c,v 1.9 2010/06/23 19:28:18 jsg Exp $ */ /* $vantronix: ikeca.c,v 1.13 2010/06/03 15:52:52 reyk Exp $ */ /* @@ -456,11 +456,20 @@ ca_export(struct ca *ca, char *keyname, char *myname) char dst[PATH_MAX]; char *p; char tpl[] = "/tmp/ikectl.XXXXXXXXXX"; - const char *exdirs[] = { "/ca", "/certs", "/crls", "/private", - "/export" }; u_int i; int fd; + struct { + char *dir; + mode_t mode; + } exdirs[] = { + { "/ca", 0755 }, + { "/certs", 0755 }, + { "/crls", 0755 }, + { "/export", 0755 }, + { "/private", 0700 } + }; + if (keyname != NULL) { if (strlcpy(oname, keyname, sizeof(oname)) >= sizeof(oname)) err(1, "name too long"); @@ -503,8 +512,8 @@ ca_export(struct ca *ca, char *keyname, char *myname) for (i = 0; i < nitems(exdirs); i++) { strlcpy(dst, p, sizeof(dst)); - strlcat(dst, exdirs[i], sizeof(dst)); - if (mkdir(dst, 0700) != 0) + strlcat(dst, exdirs[i].dir, sizeof(dst)); + if (mkdir(dst, exdirs[i].mode) != 0) err(1, "failed to create dir %s", dst); } |