mirror of
https://github.com/certbot/certbot.git
synced 2026-03-15 07:02:13 -04:00
7d0ac47139
Fixes #1473. writes privkey.pem to 0600 by default for new lineages on renewals where a new privkey is generated, preserves group mode and gid Things this PR does not do: we talked about forcing 0600 on privkeys when a Certbot upgrade is detected. Instead, this PR only creates new lineages with the more restrictive permission to prevent renewal breakages. this doesn't solve many of the problems mentioned in #1473 that are not directly related to the title issue! * safe_open on archive keyfiles * keep group from current lineage * clean up integration test * safe_open can follow symlinks * fix tests on windows, maybe * Address Brad's comments * Revert changes to safe_open * Test chown is called when saving new key * Reorder chown operation * Changelog and documentation * Fix documentation style |
||
|---|---|---|
| .. | ||
| integration | ||
| letstest | ||
| boulder-fetch.sh | ||
| boulder-integration.sh | ||
| certbot-boulder-integration.sh | ||
| display.py | ||
| lock_test.py | ||
| manual-dns-auth.sh | ||
| manual-dns-cleanup.sh | ||
| manual-http-auth.sh | ||
| manual-http-cleanup.sh | ||
| modification-check.py | ||
| run_http_server.py | ||
| tox-boulder-integration.sh | ||