diff --git a/key.cpp b/key.cpp index 0ae24b8..2da3b8d 100644 --- a/key.cpp +++ b/key.cpp @@ -261,9 +261,8 @@ bool Key_file::load_from_file (const char* key_file_name) bool Key_file::store_to_file (const char* key_file_name) const { - mode_t old_umask = util_umask(0077); // make sure key file is protected + create_protected_file(key_file_name); std::ofstream key_file_out(key_file_name, std::fstream::binary); - util_umask(old_umask); if (!key_file_out) { return false; } diff --git a/util-unix.cpp b/util-unix.cpp index 2385566..2bdf364 100644 --- a/util-unix.cpp +++ b/util-unix.cpp @@ -37,6 +37,7 @@ #include #include #include +#include #include #include #include @@ -72,14 +73,14 @@ void temp_fstream::open (std::ios_base::openmode mode) char* path = &path_buffer[0]; std::strcpy(path, tmpdir); std::strcpy(path + tmpdir_len, "/git-crypt.XXXXXX"); - mode_t old_umask = util_umask(0077); + mode_t old_umask = umask(0077); int fd = mkstemp(path); if (fd == -1) { int mkstemp_errno = errno; - util_umask(old_umask); + umask(old_umask); throw System_error("mkstemp", "", mkstemp_errno); } - util_umask(old_umask); + umask(old_umask); std::fstream::open(path, mode); if (!std::fstream::is_open()) { unlink(path); @@ -288,9 +289,13 @@ static void init_std_streams_platform () { } -mode_t util_umask (mode_t mode) +void create_protected_file (const char* path) { - return umask(mode); + int fd = open(path, O_WRONLY | O_CREAT, 0600); + if (fd == -1) { + throw System_error("open", path, errno); + } + close(fd); } int util_rename (const char* from, const char* to) diff --git a/util-win32.cpp b/util-win32.cpp index 4e6e9c1..4d442db 100644 --- a/util-win32.cpp +++ b/util-win32.cpp @@ -346,10 +346,8 @@ static void init_std_streams_platform () _setmode(_fileno(stdout), _O_BINARY); } -mode_t util_umask (mode_t mode) +void create_protected_file (const char* path) // TODO { - // Not available in Windows and function not always defined in Win32 environments - return 0; } int util_rename (const char* from, const char* to) diff --git a/util.hpp b/util.hpp index 8281294..aa04912 100644 --- a/util.hpp +++ b/util.hpp @@ -73,7 +73,7 @@ void write_be32 (std::ostream& out, uint32_t); void* explicit_memset (void* s, int c, size_t n); // memset that won't be optimized away bool leakless_equals (const void* a, const void* b, size_t len); // compare bytes w/o leaking timing void init_std_streams (); -mode_t util_umask (mode_t); +void create_protected_file (const char* path); // create empty file accessible only by current user int util_rename (const char*, const char*); std::vector get_directory_contents (const char* path);