~singpolyma/asterisk

ffddb32f9815bb836a977992f666c2f0229a26f4 — Lionel Elie Mamane 4 years ago 3d5252a
astgenkey should generate a private key that is not world-readable

Bug: http://issues.asterisk.org/view.php?id=12373
Last-Update: 2016-03-19

Upstream has not accepted this patch and chose instead to document this
as a known minor issue.

Gbp-Pq: Name astgenkey-security
1 files changed, 4 insertions(+), 0 deletions(-)

M contrib/scripts/astgenkey
M contrib/scripts/astgenkey => contrib/scripts/astgenkey +4 -0
@@ 47,7 47,11 @@ done
rm -f ${KEY}.key ${KEY}.pub

echo "Generating SSL key '$KEY': "
oldumask="`umask`"
umask 0077
openssl genrsa -out ${KEY}.key ${DES3} 1024
[ "$(id -u)" = 0 ] && chown asterisk: ${KEY}.key
umask $oldumask
openssl rsa -in ${KEY}.key -pubout -out ${KEY}.pub

if [ -f "${KEY}.key" ] && [ -f "${KEY}.pub" ]; then