diff options
Diffstat (limited to 'prosodyctl')
| -rwxr-xr-x | prosodyctl | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -161,10 +161,12 @@ if ok and pposix then -- Set our umask to protect data files pposix.umask(config.get("*", "core", "umask") or "027"); + pposix.setenv("HOME", data_path); else print("Error: Unable to load pposix module. Check that Prosody is installed correctly.") print("For more help send the below error to us through http://prosody.im/discuss"); print(tostring(pposix)) + os.exit(1); end local function test_writeable(filename) @@ -685,11 +687,13 @@ function cert_commands.key(arg) if ask_overwrite(key_filename) then return nil, key_filename; end - os.remove(key_filename); -- We chmod this file to not have write permissions + os.remove(key_filename); -- This file, if it exists is unlikely to have write permissions local key_size = tonumber(arg[2] or show_prompt("Choose key size (2048):") or 2048); + local old_umask = pposix.umask("0377"); if openssl.genrsa{out=key_filename, key_size} then os.execute(("chmod 400 '%s'"):format(key_filename)); show_message("Key written to ".. key_filename); + pposix.umask(old_umask); return nil, key_filename; end show_message("There was a problem, see OpenSSL output"); @@ -721,7 +725,7 @@ function cert_commands.generate(arg) if #arg >= 1 and arg[1] ~= "--help" then local cert_filename = (CFG_DATADIR or ".") .. "/" .. arg[1] .. ".cert"; if ask_overwrite(cert_filename) then - return nil, conf_filename; + return nil, cert_filename; end local _, key_filename = cert_commands.key({arg[1]}); local _, conf_filename = cert_commands.config(arg); |