| skipped 101 lines |
| 102 | 102 | | // generateKeypair generates a private key and the corresponding public key. If |
| 103 | 103 | | // privkeyFilename and pubkeyFilename are respectively empty, it prints the |
| 104 | 104 | | // corresponding key to standard output; otherwise it saves the key to the given |
| 105 | | - | // file name. In case of any error, it attempts to delete any files it has |
| 106 | | - | // created before returning. |
| | 105 | + | // file name. The private key is saved with mode 0400 and the public key is |
| | 106 | + | // saved with 0666 (before umask). In case of any error, it attempts to delete |
| | 107 | + | // any files it has created before returning. |
| 107 | 108 | | func generateKeypair(privkeyFilename, pubkeyFilename string) (err error) { |
| 108 | 109 | | // Filenames to delete in case of error (avoid leaving partially written |
| 109 | 110 | | // files). |
| skipped 17 lines |
| 127 | 128 | | |
| 128 | 129 | | if privkeyFilename != "" { |
| 129 | 130 | | // Save the privkey to a file. |
| 130 | | - | f, err := os.Create(privkeyFilename) |
| | 131 | + | f, err := os.OpenFile(privkeyFilename, os.O_RDWR|os.O_CREATE, 0400) |
| 131 | 132 | | if err != nil { |
| 132 | 133 | | return err |
| 133 | 134 | | } |
| skipped 664 lines |
David Fifield
committed
4 years ago
1 parent a650238f