Co-authored-by: Fabian Klemp <fabian.klemp@frequentis.com>pull/16743/head
@@ -0,0 +1 @@ | |||||
Fix a long-standing bug where the signing keys generated by Synapse were world-readable. Contributed by Fabian Klemp. |
@@ -13,6 +13,7 @@ | |||||
# See the License for the specific language governing permissions and | # See the License for the specific language governing permissions and | ||||
# limitations under the License. | # limitations under the License. | ||||
import argparse | import argparse | ||||
import os | |||||
import sys | import sys | ||||
from signedjson.key import generate_signing_key, write_signing_keys | from signedjson.key import generate_signing_key, write_signing_keys | ||||
@@ -26,15 +27,21 @@ def main() -> None: | |||||
parser.add_argument( | parser.add_argument( | ||||
"-o", | "-o", | ||||
"--output_file", | "--output_file", | ||||
type=argparse.FileType("w"), | |||||
default=sys.stdout, | |||||
type=str, | |||||
default="-", | |||||
help="Where to write the output to", | help="Where to write the output to", | ||||
) | ) | ||||
args = parser.parse_args() | args = parser.parse_args() | ||||
key_id = "a_" + random_string(4) | key_id = "a_" + random_string(4) | ||||
key = (generate_signing_key(key_id),) | key = (generate_signing_key(key_id),) | ||||
write_signing_keys(args.output_file, key) | |||||
if args.output_file == "-": | |||||
write_signing_keys(sys.stdout, key) | |||||
else: | |||||
with open( | |||||
args.output_file, "w", opener=lambda p, f: os.open(p, f, mode=0o640) | |||||
) as signing_key_file: | |||||
write_signing_keys(signing_key_file, key) | |||||
if __name__ == "__main__": | if __name__ == "__main__": | ||||
@@ -263,7 +263,9 @@ class KeyConfig(Config): | |||||
if not self.path_exists(signing_key_path): | if not self.path_exists(signing_key_path): | ||||
print("Generating signing key file %s" % (signing_key_path,)) | print("Generating signing key file %s" % (signing_key_path,)) | ||||
with open(signing_key_path, "w") as signing_key_file: | |||||
with open( | |||||
signing_key_path, "w", opener=lambda p, f: os.open(p, f, mode=0o640) | |||||
) as signing_key_file: | |||||
key_id = "a_" + random_string(4) | key_id = "a_" + random_string(4) | ||||
write_signing_keys(signing_key_file, (generate_signing_key(key_id),)) | write_signing_keys(signing_key_file, (generate_signing_key(key_id),)) | ||||
else: | else: | ||||
@@ -274,7 +276,9 @@ class KeyConfig(Config): | |||||
key = decode_signing_key_base64( | key = decode_signing_key_base64( | ||||
NACL_ED25519, key_id, signing_keys.split("\n")[0] | NACL_ED25519, key_id, signing_keys.split("\n")[0] | ||||
) | ) | ||||
with open(signing_key_path, "w") as signing_key_file: | |||||
with open( | |||||
signing_key_path, "w", opener=lambda p, f: os.open(p, f, mode=0o640) | |||||
) as signing_key_file: | |||||
write_signing_keys(signing_key_file, (key,)) | write_signing_keys(signing_key_file, (key,)) | ||||