upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-08 00:02:14 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Save account private_key.json as 0o400.

Browse source
This commit is contained in:
Jakub Warmuz 2015-07-09 11:33:02 +00:00
parent 7aa749174b
commit 5e450e879c
No known key found for this signature in database
GPG key ID: 2A7BAD3A489B52EA
2 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
letsencrypt/account.py
View file

@ -192,7 +192,8 @@ class AccountFileStorage(interfaces.AccountStorage):
try:
with open(self._regr_path(account_dir_path), "w") as regr_file:
regr_file.write(account.regr.json_dumps())
with open(self._key_path(account_dir_path), "w") as key_file:
with le_util.safe_open(self._key_path(account_dir_path),
"w", chmod=0o400) as key_file:
key_file.write(account.key.json_dumps())
with open(self._metadata_path(account_dir_path), "w") as metadata_file:
metadata_file.write(account.meta.json_dumps())

3
letsencrypt/tests/account_test.py
View file

@ -3,6 +3,7 @@ import datetime
import os
import pkg_resources
import shutil
import stat
import tempfile
import unittest
@ -130,6 +131,8 @@ class AccountFileStorageTest(unittest.TestCase):
for file_name in "regr.json", "meta.json", "private_key.json":
self.assertTrue(os.path.exists(
os.path.join(account_path, file_name)))
self.assertEqual("0400", oct(os.stat(os.path.join(
account_path, "private_key.json"))[stat.ST_MODE] & 0o777))
# restore
self.assertEqual(self.acc, self.storage.load(self.acc.id))