From ca033e166ca9f9dc7bf010065a93af668a09fd44 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 1 Nov 2001 06:11:43 +0000 Subject: [PATCH] 1098. [bug] libbind: HMAC-MD5 key files are now mode 0600. --- CHANGES | 4 +++- lib/bind/dst/dst_api.c | 7 +++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index f1bdb95047..0683dbc89c 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,6 @@ -1096. [func] libbind: RES_PRF_TRUNC for dig. +1098. [bug] libbind: HMAC-MD5 key files are now mode 0600. + +1097. [func] libbind: RES_PRF_TRUNC for dig. 1096. [func] libbind: "DNSSEC OK" (DO) support. diff --git a/lib/bind/dst/dst_api.c b/lib/bind/dst/dst_api.c index ca21f7563f..808051a730 100644 --- a/lib/bind/dst/dst_api.c +++ b/lib/bind/dst/dst_api.c @@ -1,5 +1,5 @@ #ifndef LINT -static const char rcsid[] = "$Header: /u0/home/explorer/proj/ISC/git-conversion/cvsroot/bind9/lib/bind/dst/Attic/dst_api.c,v 1.4 2001/04/03 06:42:17 marka Exp $"; +static const char rcsid[] = "$Header: /u0/home/explorer/proj/ISC/git-conversion/cvsroot/bind9/lib/bind/dst/Attic/dst_api.c,v 1.5 2001/11/01 06:11:43 marka Exp $"; #endif /* @@ -587,6 +587,7 @@ dst_s_write_public_key(const DST_KEY *key) u_char out_key[RAW_KEY_SIZE]; char enc_key[RAW_KEY_SIZE]; int len = 0; + int mode; memset(out_key, 0, sizeof(out_key)); if (key == NULL) { @@ -602,8 +603,10 @@ dst_s_write_public_key(const DST_KEY *key) key->dk_key_name, key->dk_id, PUBLIC_KEY)); return (0); } + /* XXX in general this should be a check for symmetric keys */ + mode = (key->dk_alg == KEY_HMAC_MD5) ? 0600 : 0644; /* create public key file */ - if ((fp = dst_s_fopen(filename, "w+", 0644)) == NULL) { + if ((fp = dst_s_fopen(filename, "w+", mode)) == NULL) { EREPORT(("DST_write_public_key: open of file:%s failed (errno=%d)\n", filename, errno)); return (0);