From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 7 Apr 2019 18:48:57 +0000 (+0900)
Subject: network: warn when wireguard keys are stored in world readable files
X-Git-Tag: v242-rc4~1^2~3
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=26f86d500e82c68fd46dc6328df1e1422bf57cb5;p=thirdparty%2Fsystemd.git

network: warn when wireguard keys are stored in world readable files
---

diff --git a/src/network/netdev/wireguard.c b/src/network/netdev/wireguard.c
index 0b618962015..5fac92a973c 100644
--- a/src/network/netdev/wireguard.c
+++ b/src/network/netdev/wireguard.c
@@ -494,6 +494,9 @@ static int wireguard_decode_key_and_warn(
                 return 0;
         }
 
+        if (!streq(lvalue, "PublicKey"))
+                (void) warn_file_is_world_accessible(filename, NULL, unit, line);
+
         r = unbase64mem_full(rvalue, strlen(rvalue), true, &key, &len);
         if (r < 0) {
                 log_syntax(unit, LOG_ERR, filename, line, r,