]> git.ipfire.org Git - thirdparty/systemd.git/commitdiff
projects / thirdparty / systemd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (from parent 1: a3945c6)
network: warn when wireguard keys are stored in world readable files
authorYu Watanabe <watanabe.yu+github@gmail.com>
Sun, 7 Apr 2019 18:48:57 +0000 (03:48 +0900)
committerYu Watanabe <watanabe.yu+github@gmail.com>
Tue, 9 Apr 2019 06:50:22 +0000 (15:50 +0900)
src/network/netdev/wireguard.c patch | blob | blame | history

diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
index 0b61896201555c6ebfd96a1228d4c40df5e584d4..5fac92a973c33507ad29953a10098d76c2af2d21 100644 (file)
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -494,6 +494,9 @@ static int wireguard_decode_key_and_warn(
                 return 0;
         }
 
+        if (!streq(lvalue, "PublicKey"))
+                (void) warn_file_is_world_accessible(filename, NULL, unit, line);
+
         r = unbase64mem_full(rvalue, strlen(rvalue), true, &key, &len);
         if (r < 0) {
                 log_syntax(unit, LOG_ERR, filename, line, r,
Unnamed repository; edit this file 'description' to name the repository.