Bug 5012 - tlstunnel should refuse to work with private keys that has insecure permissions
Summary: tlstunnel should refuse to work with private keys that has insecure permissions
Status: CLOSED FIXED
Alias: None
Product: ThinLinc
Classification: Unclassified
Component: Other (show other bugs)
Version: 4.1.1
Hardware: PC Unknown
: P2 Normal
Target Milestone: 4.3.0
Assignee: Henrik Andersson
URL:
Keywords: ossman_tester, prosaic
Depends on:
Blocks:
 
Reported: 2014-03-05 10:54 CET by Karl Mikaelsson
Modified: 2014-10-06 15:54 CEST (History)
1 user (show)

See Also:
Acceptance Criteria:


Attachments

Description Karl Mikaelsson cendio 2014-03-05 10:54:54 CET

    
Comment 1 Henrik Andersson cendio 2014-06-11 08:51:01 CEST
There is also a race window that needs to be solved between the check and use of file. This can be solved by reading cert+key into memory, do checks and pass buffers to gnutls.
Comment 2 Henrik Andersson cendio 2014-06-11 08:56:44 CEST
Fixed in commit r29056.
Comment 3 Henrik Andersson cendio 2014-06-11 10:04:23 CEST
(In reply to comment #2)
> Fixed in commit r29056.

A few fixes done in commit 29057.
Comment 4 Pierre Ossman cendio 2014-10-03 10:12:11 CEST
Looks good, possibly even a bit too paranoid. :)

Note You need to log in before you can comment on or make changes to this bug.