mirror of
https://github.com/certbot/certbot.git
synced 2026-03-15 15:12:28 -04:00
7d0ac47139
Fixes #1473. writes privkey.pem to 0600 by default for new lineages on renewals where a new privkey is generated, preserves group mode and gid Things this PR does not do: we talked about forcing 0600 on privkeys when a Certbot upgrade is detected. Instead, this PR only creates new lineages with the more restrictive permission to prevent renewal breakages. this doesn't solve many of the problems mentioned in #1473 that are not directly related to the title issue! * safe_open on archive keyfiles * keep group from current lineage * clean up integration test * safe_open can follow symlinks * fix tests on windows, maybe * Address Brad's comments * Revert changes to safe_open * Test chown is called when saving new key * Reorder chown operation * Changelog and documentation * Fix documentation style |
||
|---|---|---|
| .. | ||
| display | ||
| testdata | ||
| __init__.py | ||
| account_test.py | ||
| acme_util.py | ||
| auth_handler_test.py | ||
| cert_manager_test.py | ||
| cli_test.py | ||
| client_test.py | ||
| compat_test.py | ||
| configuration_test.py | ||
| crypto_util_test.py | ||
| eff_test.py | ||
| error_handler_test.py | ||
| errors_test.py | ||
| hook_test.py | ||
| lock_test.py | ||
| log_test.py | ||
| main_test.py | ||
| notify_test.py | ||
| ocsp_test.py | ||
| renewal_test.py | ||
| renewupdater_test.py | ||
| reporter_test.py | ||
| reverter_test.py | ||
| storage_test.py | ||
| util.py | ||
| util_test.py | ||