From 1008d4379e7d1e8d744481379efed987be591876 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Tue, 7 Aug 2018 13:24:57 +0300 Subject: [PATCH 1/3] Generating files with more strict permissions --- SOURCES/webkaos-utils | 8 +++++++- webkaos-utils.spec | 5 ++++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/SOURCES/webkaos-utils b/SOURCES/webkaos-utils index 459c6ca..7048ba9 100755 --- a/SOURCES/webkaos-utils +++ b/SOURCES/webkaos-utils @@ -7,7 +7,7 @@ APP="WEBKAOS Utils" # Utility version -VER="1.5.0" +VER="1.5.1" ######################################################################################## @@ -223,6 +223,10 @@ genCSR() { local host="${1//./_}" openssl req -new -newkey rsa:4096 -nodes -sha256 -keyout "${host}.key" -out "${host}.csr" + + chmod 600 "${host}.key" "${host}.csr" + + show "Certificate Signing Request successfully generated as ${host}.csr (key: ${host}.key)" $GREEN } # Generate HPKP for some request @@ -293,6 +297,8 @@ generateOCSPFile() { return 1 fi + chmod 600 "$output" + show "OCSP stapling file saved as $output" $GREEN return 0 diff --git a/webkaos-utils.spec b/webkaos-utils.spec index 7607f40..3e7f29b 100644 --- a/webkaos-utils.spec +++ b/webkaos-utils.spec @@ -2,7 +2,7 @@ Summary: Helpers for working with webkaos server Name: webkaos-utils -Version: 1.5.0 +Version: 1.5.1 Release: 0%{?dist} Group: Applications/System License: EKOL @@ -47,6 +47,9 @@ rm -rf %{buildroot} ################################################################################ %changelog +* Tue Aug 07 2018 Anton Novojilov - 1.5.1-0 +- Generating files with more strict permissions + * Mon Aug 06 2018 Anton Novojilov - 1.5.0-0 - Added output name normalization for csr-gen command From a1c1394a1f446adbc4c8a21dde616a9b0dace670 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Tue, 7 Aug 2018 13:27:10 +0300 Subject: [PATCH 2/3] Minor UI improvement --- SOURCES/webkaos-utils | 2 ++ 1 file changed, 2 insertions(+) diff --git a/SOURCES/webkaos-utils b/SOURCES/webkaos-utils index 7048ba9..cd9f9fd 100755 --- a/SOURCES/webkaos-utils +++ b/SOURCES/webkaos-utils @@ -173,6 +173,7 @@ csrInfo() { cname=$(echo "$subject" | cut -f6 -d"," | cut -f2 -d"=" | cut -f1 -d"/") email=$(echo "$subject" | cut -f6 -d"," | cut -f3 -d"=") + show "" show "${CL_BOLD}Country Name:${CL_NORM} ${country:---empty--}" show "${CL_BOLD}State or Province Name:${CL_NORM} ${state:---empty--}" show "${CL_BOLD}Locality Name:${CL_NORM} ${locality:---empty--}" @@ -180,6 +181,7 @@ csrInfo() { show "${CL_BOLD}Organizational Unit:${CL_NORM} ${unit:---empty--}" show "${CL_BOLD}Common Name:${CL_NORM} ${cname:---empty--}" show "${CL_BOLD}Email address:${CL_NORM} ${email:---empty--}" + show "" } # Check OCSP stapling From 704d8b96d755dc6d5060ec4eb1bfdd22a7fc2af9 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Tue, 7 Aug 2018 13:39:12 +0300 Subject: [PATCH 3/3] Improved TravisCI config --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index c77dc81..94744d9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,7 +17,7 @@ before_install: - tar xf shellcheck-latest.linux.x86_64.tar.xz - ./shellcheck-latest/shellcheck --version - docker pull "$IMAGE" - - wget https://raw.githubusercontent.com/essentialkaos/perfecto/master/perfecto-docker + - wget https://kaos.sh/perfecto/perfecto-docker - chmod +x perfecto-docker script: