[Pkg-voip-commits] r5505 - in /asterisk/trunk/debian: changelog patches/astgenkey-security patches/series
lmamane at alioth.debian.org
lmamane at alioth.debian.org
Sun Apr 6 12:23:16 UTC 2008
Author: lmamane
Date: Sun Apr 6 12:23:16 2008
New Revision: 5505
URL: http://svn.debian.org/wsvn/pkg-voip/?sc=1&rev=5505
Log:
Fix genastkey so that keys are not world-readable by default.
Added:
asterisk/trunk/debian/patches/astgenkey-security
Modified:
asterisk/trunk/debian/changelog
asterisk/trunk/debian/patches/series
Modified: asterisk/trunk/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/trunk/debian/changelog?rev=5505&op=diff
==============================================================================
--- asterisk/trunk/debian/changelog (original)
+++ asterisk/trunk/debian/changelog Sun Apr 6 12:23:16 2008
@@ -10,6 +10,7 @@
[ Lionel Elie Mamane ]
* debian/rules: fix get-orig-source to actually work
+ * Fix genastkey so that keys are not world-readable by default.
-- Lionel Elie Mamane <lmamane at debian.org> Sun, 06 Apr 2008 13:59:37 +0200
Added: asterisk/trunk/debian/patches/astgenkey-security
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/trunk/debian/patches/astgenkey-security?rev=5505&op=file
==============================================================================
--- asterisk/trunk/debian/patches/astgenkey-security (added)
+++ asterisk/trunk/debian/patches/astgenkey-security Sun Apr 6 12:23:16 2008
@@ -1,0 +1,15 @@
+Index: asterisk-1.4.19~dfsg/contrib/scripts/astgenkey
+===================================================================
+--- asterisk-1.4.19~dfsg.orig/contrib/scripts/astgenkey 2008-04-06 14:12:56.316323355 +0200
++++ asterisk-1.4.19~dfsg/contrib/scripts/astgenkey 2008-04-06 14:18:24.212318949 +0200
+@@ -47,7 +47,10 @@
+ rm -f ${KEY}.key ${KEY}.pub
+
+ echo "Generating SSL key '$KEY': "
++umask 0077
+ openssl genrsa -out ${KEY}.key ${DES3} 1024
++[ "$(id -u)" = 0 ] && chown asterisk:asterisk ${KEY}.key
++umask 0022
+ openssl rsa -in ${KEY}.key -pubout -out ${KEY}.pub
+
+ if [ -f "${KEY}.key" ] && [ -f "${KEY}.pub" ]; then
Modified: asterisk/trunk/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-voip/asterisk/trunk/debian/patches/series?rev=5505&op=diff
==============================================================================
--- asterisk/trunk/debian/patches/series (original)
+++ asterisk/trunk/debian/patches/series Sun Apr 6 12:23:16 2008
@@ -92,3 +92,5 @@
#bristuff/ast_channel_masquerade_locked
#bristuff/find-feature
#bristuff/feature-parking_con
+
+astgenkey-security
More information about the Pkg-voip-commits
mailing list