]> git.ipfire.org Git - thirdparty/systemd.git/blobdiff - src/network/netdev/wireguard.c
projects / thirdparty / systemd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
network: warn when wireguard keys are stored in world readable files
[thirdparty/systemd.git] / src / network / netdev / wireguard.c
diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
index 0b61896201555c6ebfd96a1228d4c40df5e584d4..5fac92a973c33507ad29953a10098d76c2af2d21 100644 (file)
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -494,6 +494,9 @@ static int wireguard_decode_key_and_warn(
                 return 0;
         }
 
+        if (!streq(lvalue, "PublicKey"))
+                (void) warn_file_is_world_accessible(filename, NULL, unit, line);
+
         r = unbase64mem_full(rvalue, strlen(rvalue), true, &key, &len);
         if (r < 0) {
                 log_syntax(unit, LOG_ERR, filename, line, r,
Unnamed repository; edit this file 'description' to name the repository.