5012 – tlstunnel should refuse to work with private keys that has insecure permissions

Bug 5012 - tlstunnel should refuse to work with private keys that has insecure permissions

Summary: tlstunnel should refuse to work with private keys that has insecure permissions

Status:	CLOSED FIXED

Alias:	None

Product:	ThinLinc
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	4.1.1
Hardware:	PC Unknown

Importance:	P2 Normal
Target Milestone:	4.3.0
Assignee:	Henrik Andersson

URL:
Keywords:	ossman_tester, prosaic

Depends on:
Blocks:

Reported:	2014-03-05 10:54 CET by Karl Mikaelsson
Modified:	2014-10-06 15:54 CEST (History)
CC List:	1 user (show)

See Also:
Acceptance Criteria:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Karl Mikaelsson cendio

2014-03-05 10:54:54 CET

Comment 1 Henrik Andersson cendio

2014-06-11 08:51:01 CEST

There is also a race window that needs to be solved between the check and use of file. This can be solved by reading cert+key into memory, do checks and pass buffers to gnutls.

Comment 2 Henrik Andersson cendio

2014-06-11 08:56:44 CEST

Fixed in commit r29056.

Comment 3 Henrik Andersson cendio

2014-06-11 10:04:23 CEST

(In reply to comment #2)
> Fixed in commit r29056.

A few fixes done in commit 29057.

Comment 4 Pierre Ossman cendio

2014-10-03 10:12:11 CEST

Looks good, possibly even a bit too paranoid. :)

Note You need to log in before you can comment on or make changes to this bug.