1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/source4
Stefan Metzmacher a2c3479878 Revert "s4:tls_tstream: allow mode of SSL keyfile to be 0400, not only 0600"
This reverts commit 05c1fe5055.

This was discussed here:
https://bugzilla.samba.org/show_bug.cgi?id=10392#c11

This generated warnings like:
invalid permissions on file
'/memdisk/metze/W/b138235/samba/bin/ab/promoted_dc/private/tls/key.pem': has
0600 should be 0400'.

I think we need a better way. Maybe file_check_permissions()
should get allow_perms and deny_perms. And we would call it
with allow_perms = 0400 and deny_perms = 0177. And bits in none
of them are ignored.

For now we revert this and wait for a better fix.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Mar 28 12:37:17 CET 2014 on sn-devel-104
2014-03-28 12:37:17 +01:00
..
auth auth/gensec: remove tevent_context argument from gensec_update() 2014-03-27 00:36:32 +01:00
build/pasn1
cldap_server s4:lib/socket: simplify iface_list_wildcard() and its callers 2014-03-07 02:18:17 +01:00
client s4:client: fix some compiler warnings 2014-02-13 11:54:13 +01:00
cluster s4:cluster: use DBWRAP_LOCK_ODER_NONE for local_db_tmp_open() 2014-02-07 16:06:07 +01:00
dns_server s4:dns_server: make use of gensec_update_ev() 2014-03-27 00:36:31 +01:00
dsdb dsdb: Improve missing objectClass handling 2014-03-27 00:36:31 +01:00
echo_server s4:echo_server fix compiler warnings 2013-12-12 14:21:28 -08:00
heimdal heimdal: Use krb5_free_default_realm() for free() 2014-02-21 15:59:28 +01:00
heimdal_build heimdal_build: only enable libintl functions if everything was found 2014-02-20 01:28:24 +01:00
include Replace all uses of setXX[ug]id() and setgroups with samba_setXX[ug]id() calls. 2012-06-28 17:15:16 -07:00
kdc s4:kdc: make use of gensec_update_ev() 2014-03-27 00:36:31 +01:00
ldap_server s4:ldap_server: make use of gensec_update_ev() 2014-03-27 00:36:31 +01:00
lib Revert "s4:tls_tstream: allow mode of SSL keyfile to be 0400, not only 0600" 2014-03-28 12:37:17 +01:00
libcli s4:libcli: make use of gensec_update_ev() 2014-03-27 00:36:31 +01:00
libnet Remove a number of NT_STATUS_HAVE_NO_MEMORY_AND_FREE macros from the codebase. 2014-03-05 16:33:21 +01:00
librpc s4:librpc/rpc: remember "ncalrpc_dir" on the dcerpc_pipe->binding 2014-03-28 10:34:51 +01:00
nbt_server lib/param: handle non-constant strings properly by passing in a memory context 2014-02-20 10:11:06 +13:00
ntp_signd build: Build with system md5.h on OpenIndiana 2013-06-19 21:32:36 +02:00
ntptr spoolss: make spoolss deal with ndr64 SetForm by using proper container object. 2013-01-17 17:11:37 +01:00
ntvfs Remove all uses of the NT_STATUS_NOT_OK_RETURN_AND_FREE macro from the codebase. 2014-03-05 16:33:22 +01:00
param lib/param: handle non-constant strings properly by passing in a memory context 2014-02-20 10:11:06 +13:00
rpc_server dcerpc.idl: fix dcerpc_bind_nack definition 2014-03-28 08:34:25 +01:00
script lib/param: generate the param_functions.h containing the prototypes 2014-02-12 13:17:13 +13:00
scripting samba-tool: make provision check for bind version 2014-03-09 02:52:49 +01:00
selftest selftest: Remove print_smbtorture4_version and smbtorture4_possible check 2014-03-26 04:20:16 +01:00
setup samba-tool: make provision check for bind version 2014-03-09 02:52:49 +01:00
smb_server s4:smb_server: make use of gensec_update_ev() 2014-03-27 00:36:32 +01:00
smbd Remove a number of NT_STATUS_HAVE_NO_MEMORY_AND_FREE macros from the codebase. 2014-03-05 16:33:21 +01:00
torture auth/gensec: remove tevent_context argument from gensec_update() 2014-03-27 00:36:32 +01:00
utils s4:ntlm_auth: make use of gensec_update_ev() 2014-03-27 00:36:32 +01:00
web_server s4:lib/socket: simplify iface_list_wildcard() and its callers 2014-03-07 02:18:17 +01:00
winbind winbind4: Remove unused winbind_get_idmap irpc operation 2014-03-05 16:33:21 +01:00
wrepl_server Remove all uses of the NT_STATUS_NOT_OK_RETURN_AND_FREE macro from the codebase. 2014-03-05 16:33:22 +01:00
.clang_complete s3-build: Add .clang_complete. 2011-10-27 17:09:50 +02:00
.valgrind_suppressions
wscript_build build: Add missing deps and make MESSAGING a private library 2012-06-07 06:45:06 +02:00