kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-31 02:37:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

res_crypto: handle unsafe private key files

Browse Source 
ASTERISK-30213 #close

Change-Id: I4a77143d41615b7c4fc25bb1251c0a9cb87b417a
This commit is contained in:
Philip Prindeville
2022-09-16 12:45:55 -06:00
committed by George Joseph
parent 4fd2f07ff9
commit 0655d5f83e
2 changed files with 31 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
tests/test_crypto.c
View File

@@ -40,6 +40,7 @@
#include "asterisk/file.h"
#include <assert.h>
#include <sys/stat.h>
#include <linux/limits.h>
#include <openssl/evp.h>
@@ -117,6 +118,9 @@ AST_TEST_DEFINE(crypto_rsa_encrypt)
push_key_dir((const char *)key_dir);
snprintf(priv, sizeof(priv), "%s/%s.key", key_dir, keypair1);
/* because git doesn't preserve permissions */
(void)chmod(priv, 0400);
if (ast_crypto_reload() != 1) {
ast_test_status_update(test, "Couldn't force crypto reload\n");
goto cleanup;
@@ -414,6 +418,9 @@ AST_TEST_DEFINE(crypto_verify)
push_key_dir((const char *)key_dir);
snprintf(priv, sizeof(priv), "%s/%s.key", key_dir, keypair1);
/* because git doesn't preserve permissions */
(void)chmod(priv, 0400);
if (ast_crypto_reload() != 1) {
ast_test_status_update(test, "Couldn't force crypto reload\n");
goto cleanup;