diff options
| author | Justus Winter <justus@g10code.com> | 2016-04-20 14:55:45 +0200 |
|---|---|---|
| committer | Justus Winter <justus@g10code.com> | 2016-04-20 15:02:37 +0200 |
| commit | f8adf1a3234655877a4f985d627d98567507002c (patch) | |
| tree | fc52acddf11211860bdfa2608c376bf783884d3a /common/sysutils.c | |
| parent | tests: Test the migration from a classic GnuPG home directory. (diff) | |
| download | gnupg2-f8adf1a3234655877a4f985d627d98567507002c.tar.xz gnupg2-f8adf1a3234655877a4f985d627d98567507002c.zip | |
agent: Sanitize permissions of the private key directory.
* agent/gpg-agent.c (create_private_keys_directory): Set permissions.
* common/sysutils.c (modestr_to_mode): New function.
(gnupg_mkdir): Use new function.
(gnupg_chmod): New function.
* common/sysutils.h (gnupg_chmod): New prototype.
* tests/migrations/from-classic.test: Test migration with existing
directory.
GnuPG-bug-id: 2312
Signed-off-by: Justus Winter <justus@g10code.com>
Diffstat (limited to 'common/sysutils.c')
| -rw-r--r-- | common/sysutils.c | 73 |
1 files changed, 49 insertions, 24 deletions
diff --git a/common/sysutils.c b/common/sysutils.c index ccd35422c..18625d0ff 100644 --- a/common/sysutils.c +++ b/common/sysutils.c @@ -554,6 +554,40 @@ gnupg_remove (const char *fname) } +#ifndef HAVE_W32_SYSTEM +static mode_t +modestr_to_mode (const char *modestr) +{ + mode_t mode = 0; + + if (modestr && *modestr) + { + modestr++; + if (*modestr && *modestr++ == 'r') + mode |= S_IRUSR; + if (*modestr && *modestr++ == 'w') + mode |= S_IWUSR; + if (*modestr && *modestr++ == 'x') + mode |= S_IXUSR; + if (*modestr && *modestr++ == 'r') + mode |= S_IRGRP; + if (*modestr && *modestr++ == 'w') + mode |= S_IWGRP; + if (*modestr && *modestr++ == 'x') + mode |= S_IXGRP; + if (*modestr && *modestr++ == 'r') + mode |= S_IROTH; + if (*modestr && *modestr++ == 'w') + mode |= S_IWOTH; + if (*modestr && *modestr++ == 'x') + mode |= S_IXOTH; + } + + return mode; +} +#endif + + /* A wrapper around mkdir which takes a string for the mode argument. This makes it easier to handle the mode argument which is not defined on all systems. The format of the modestring is @@ -589,31 +623,22 @@ gnupg_mkdir (const char *name, const char *modestr) because this sets ERRNO. */ return mkdir (name); #else - mode_t mode = 0; + return mkdir (name, modestr_to_mode (modestr)); +#endif +} - if (modestr && *modestr) - { - modestr++; - if (*modestr && *modestr++ == 'r') - mode |= S_IRUSR; - if (*modestr && *modestr++ == 'w') - mode |= S_IWUSR; - if (*modestr && *modestr++ == 'x') - mode |= S_IXUSR; - if (*modestr && *modestr++ == 'r') - mode |= S_IRGRP; - if (*modestr && *modestr++ == 'w') - mode |= S_IWGRP; - if (*modestr && *modestr++ == 'x') - mode |= S_IXGRP; - if (*modestr && *modestr++ == 'r') - mode |= S_IROTH; - if (*modestr && *modestr++ == 'w') - mode |= S_IWOTH; - if (*modestr && *modestr++ == 'x') - mode |= S_IXOTH; - } - return mkdir (name, mode); + +/* A wrapper around mkdir which takes a string for the mode argument. + This makes it easier to handle the mode argument which is not + defined on all systems. The format of the modestring is the same + as for gnupg_mkdir. */ +int +gnupg_chmod (const char *name, const char *modestr) +{ +#ifdef HAVE_W32_SYSTEM + return 0; +#else + return chmod (name, modestr_to_mode (modestr)); #endif } |