shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-03-25 18:50:18 +03:00
Code

network: also check the permission of key file

Browse Source
This commit is contained in:
Yu Watanabe 2019-09-11 18:09:55 +09:00
parent 39b7b6cb4a
commit 0bae857564
2 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/network/netdev/macsec.c
View File

@ -981,6 +981,8 @@ static int macsec_read_key_file(NetDev *netdev, SecurityAssociation *sa) {
if (!sa->key_file)
return 0;
(void) warn_file_is_world_accessible(sa->key_file, NULL, NULL, 0);
r = read_full_file_full(sa->key_file, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNHEX, (char **) &key, &key_len);
if (r < 0)
return log_netdev_error_errno(netdev, r,

2
src/network/netdev/wireguard.c
View File

@ -901,6 +901,8 @@ static int wireguard_read_key_file(const char *filename, uint8_t dest[static WG_
assert(dest);
(void) warn_file_is_world_accessible(filename, NULL, NULL, 0);
r = read_full_file_full(filename, READ_FULL_FILE_SECURE | READ_FULL_FILE_UNBASE64, &key, &key_len);
if (r < 0)
return r;