gpg2/gnupg-set_umask_before_open_outfile.patch

Index: gnupg-2.1.20/g10/plaintext.c
===================================================================
--- gnupg-2.1.20.orig/g10/plaintext.c	2017-04-03 17:13:56.000000000 +0200
+++ gnupg-2.1.20/g10/plaintext.c	2017-04-04 09:53:31.541145727 +0200
@@ -24,6 +24,7 @@
 #include <string.h>
 #include <errno.h>
 #include <sys/types.h>
+#include <sys/stat.h>
 #ifdef HAVE_DOSISH_SYSTEM
 # include <fcntl.h> /* for setmode() */
 #endif
@@ -38,6 +39,9 @@
 #include "../common/status.h"
 #include "../common/i18n.h"
 
+/* define safe permissions for creating plaintext files */
+#define GPG_SAFE_PERMS (S_IRUSR | S_IWUSR)
+#define GPG_SAFE_UMASK (0777 & ~GPG_SAFE_PERMS)
 
 /* Get the output filename.  On success, the actual filename that is
    used is set in *FNAMEP and a filepointer is returned in *FP.
@@ -161,11 +165,15 @@ get_output_file (const byte *embedded_na
       log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
       goto leave;
     }
-  else if (!(fp = es_fopen (fname, "wb")))
-    {
-      err = gpg_error_from_syserror ();
-      log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));
-      goto leave;
+    else {
+	mode_t saved_umask = umask(GPG_SAFE_UMASK);
+	if( !(fp = es_fopen(fname,"wb")) ) {
+		err = gpg_error_from_syserror ();
+		log_error(_("error creating `%s': %s\n"), fname, strerror(errno) );
+		umask(saved_umask);
+		goto leave;
+	}
+	umask(saved_umask);
     }
 #else /* __riscos__ */
   /* If no output filename was given, i.e. we constructed it, convert
Accepting request 485777 from security:privacy 2.1.20 OBS-URL: https://build.opensuse.org/request/show/485777 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=168 2017-04-05 11:54:08 +02:00			`Index: gnupg-2.1.20/g10/plaintext.c`
Accepting request 175573 from home:vitezslav_cizek:branches:Base:System - set safe umask before creating a plaintext file (bnc#780943) added gpg2-set_umask_before_open_outfile.patch - select proper ciphers when running in FIPS mode (bnc#808958) added gnupg-detect_FIPS_mode.patch OBS-URL: https://build.opensuse.org/request/show/175573 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=56 2013-05-16 12:06:39 +02:00			`===================================================================`
Accepting request 485777 from security:privacy 2.1.20 OBS-URL: https://build.opensuse.org/request/show/485777 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=168 2017-04-05 11:54:08 +02:00			`--- gnupg-2.1.20.orig/g10/plaintext.c 2017-04-03 17:13:56.000000000 +0200`
			`+++ gnupg-2.1.20/g10/plaintext.c 2017-04-04 09:53:31.541145727 +0200`
Accepting request 394632 from security:privacy GnuPG 2.1.12 OBS-URL: https://build.opensuse.org/request/show/394632 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=135 2016-05-10 13:27:26 +02:00			`@@ -24,6 +24,7 @@`
			`#include <string.h>`
Accepting request 175573 from home:vitezslav_cizek:branches:Base:System - set safe umask before creating a plaintext file (bnc#780943) added gpg2-set_umask_before_open_outfile.patch - select proper ciphers when running in FIPS mode (bnc#808958) added gnupg-detect_FIPS_mode.patch OBS-URL: https://build.opensuse.org/request/show/175573 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=56 2013-05-16 12:06:39 +02:00			`#include <errno.h>`
			`#include <sys/types.h>`
			`+#include <sys/stat.h>`
			`#ifdef HAVE_DOSISH_SYSTEM`
Accepting request 260826 from home:vitezslav_cizek:branches:Base:System - upgrade to 2.1.0 (modern) - The file "secring.gpg" is not anymore used to store the secret keys. Merging of secret keys is now supported. - All support for PGP-2 keys has been removed for security reasons. - The standard key generation interface is now much leaner. This will help a new user to quickly generate a suitable key. - Support for Elliptic Curve Cryptography (ECC) is now available. - Commands to create and sign keys from the command line without any extra prompts are now available. - The Pinentry may now show the new passphrase entry and the passphrase confirmation entry in one dialog. - There is no more need to manually start the gpg-agent. It is now started by any part of GnuPG as needed. - Problems with importing keys with the same long key id have been addressed. - The Dirmngr is now part of GnuPG proper and also takes care of accessing keyserver. - Keyserver pools are now handled in a smarter way. - A new format for locally storing the public keys is now used. This considerable speeds up operations on large keyrings. - Revocation certificates are now created by default. - Card support has been updated, new readers and token types are supported. - The format of the key listing has been changed to better identify the properties of a key. - The gpg-agent may now be used on Windows as a Pageant replacement for Putty in the same way it is used for years on Unix as ssh-agent replacement. - Creation of X.509 certificates has been improved. It is now also possible to export them directly in PKCS#8 and PEM format for use OBS-URL: https://build.opensuse.org/request/show/260826 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=79 2014-11-11 11:52:31 +01:00			`# include <fcntl.h> /* for setmode() */`
Accepting request 175573 from home:vitezslav_cizek:branches:Base:System - set safe umask before creating a plaintext file (bnc#780943) added gpg2-set_umask_before_open_outfile.patch - select proper ciphers when running in FIPS mode (bnc#808958) added gnupg-detect_FIPS_mode.patch OBS-URL: https://build.opensuse.org/request/show/175573 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=56 2013-05-16 12:06:39 +02:00			`#endif`
Accepting request 394632 from security:privacy GnuPG 2.1.12 OBS-URL: https://build.opensuse.org/request/show/394632 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=135 2016-05-10 13:27:26 +02:00			`@@ -38,6 +39,9 @@`
Accepting request 485777 from security:privacy 2.1.20 OBS-URL: https://build.opensuse.org/request/show/485777 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=168 2017-04-05 11:54:08 +02:00			`#include "../common/status.h"`
			`#include "../common/i18n.h"`
Accepting request 175573 from home:vitezslav_cizek:branches:Base:System - set safe umask before creating a plaintext file (bnc#780943) added gpg2-set_umask_before_open_outfile.patch - select proper ciphers when running in FIPS mode (bnc#808958) added gnupg-detect_FIPS_mode.patch OBS-URL: https://build.opensuse.org/request/show/175573 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=56 2013-05-16 12:06:39 +02:00
			`+/* define safe permissions for creating plaintext files */`
			`+#define GPG_SAFE_PERMS (S_IRUSR \| S_IWUSR)`
			`+#define GPG_SAFE_UMASK (0777 & ~GPG_SAFE_PERMS)`

Accepting request 347464 from security:privacy 2.1.10 OBS-URL: https://build.opensuse.org/request/show/347464 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=122 2015-12-04 16:26:14 +01:00			`/* Get the output filename. On success, the actual filename that is`
			`used is set in FNAMEP and a filepointer is returned in FP.`
Accepting request 485777 from security:privacy 2.1.20 OBS-URL: https://build.opensuse.org/request/show/485777 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=168 2017-04-05 11:54:08 +02:00			`@@ -161,11 +165,15 @@ get_output_file (const byte *embedded_na`
Accepting request 260826 from home:vitezslav_cizek:branches:Base:System - upgrade to 2.1.0 (modern) - The file "secring.gpg" is not anymore used to store the secret keys. Merging of secret keys is now supported. - All support for PGP-2 keys has been removed for security reasons. - The standard key generation interface is now much leaner. This will help a new user to quickly generate a suitable key. - Support for Elliptic Curve Cryptography (ECC) is now available. - Commands to create and sign keys from the command line without any extra prompts are now available. - The Pinentry may now show the new passphrase entry and the passphrase confirmation entry in one dialog. - There is no more need to manually start the gpg-agent. It is now started by any part of GnuPG as needed. - Problems with importing keys with the same long key id have been addressed. - The Dirmngr is now part of GnuPG proper and also takes care of accessing keyserver. - Keyserver pools are now handled in a smarter way. - A new format for locally storing the public keys is now used. This considerable speeds up operations on large keyrings. - Revocation certificates are now created by default. - Card support has been updated, new readers and token types are supported. - The format of the key listing has been changed to better identify the properties of a key. - The gpg-agent may now be used on Windows as a Pageant replacement for Putty in the same way it is used for years on Unix as ssh-agent replacement. - Creation of X.509 certificates has been improved. It is now also possible to export them directly in PKCS#8 and PEM format for use OBS-URL: https://build.opensuse.org/request/show/260826 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=79 2014-11-11 11:52:31 +01:00			`log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));`
			`goto leave;`
			`}`
			`- else if (!(fp = es_fopen (fname, "wb")))`
			`- {`
			`- err = gpg_error_from_syserror ();`
			`- log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err));`
			`- goto leave;`
Accepting request 175573 from home:vitezslav_cizek:branches:Base:System - set safe umask before creating a plaintext file (bnc#780943) added gpg2-set_umask_before_open_outfile.patch - select proper ciphers when running in FIPS mode (bnc#808958) added gnupg-detect_FIPS_mode.patch OBS-URL: https://build.opensuse.org/request/show/175573 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=56 2013-05-16 12:06:39 +02:00			`+ else {`
			`+ mode_t saved_umask = umask(GPG_SAFE_UMASK);`
Accepting request 260826 from home:vitezslav_cizek:branches:Base:System - upgrade to 2.1.0 (modern) - The file "secring.gpg" is not anymore used to store the secret keys. Merging of secret keys is now supported. - All support for PGP-2 keys has been removed for security reasons. - The standard key generation interface is now much leaner. This will help a new user to quickly generate a suitable key. - Support for Elliptic Curve Cryptography (ECC) is now available. - Commands to create and sign keys from the command line without any extra prompts are now available. - The Pinentry may now show the new passphrase entry and the passphrase confirmation entry in one dialog. - There is no more need to manually start the gpg-agent. It is now started by any part of GnuPG as needed. - Problems with importing keys with the same long key id have been addressed. - The Dirmngr is now part of GnuPG proper and also takes care of accessing keyserver. - Keyserver pools are now handled in a smarter way. - A new format for locally storing the public keys is now used. This considerable speeds up operations on large keyrings. - Revocation certificates are now created by default. - Card support has been updated, new readers and token types are supported. - The format of the key listing has been changed to better identify the properties of a key. - The gpg-agent may now be used on Windows as a Pageant replacement for Putty in the same way it is used for years on Unix as ssh-agent replacement. - Creation of X.509 certificates has been improved. It is now also possible to export them directly in PKCS#8 and PEM format for use OBS-URL: https://build.opensuse.org/request/show/260826 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=79 2014-11-11 11:52:31 +01:00			`+ if( !(fp = es_fopen(fname,"wb")) ) {`
			`+ err = gpg_error_from_syserror ();`
Accepting request 175573 from home:vitezslav_cizek:branches:Base:System - set safe umask before creating a plaintext file (bnc#780943) added gpg2-set_umask_before_open_outfile.patch - select proper ciphers when running in FIPS mode (bnc#808958) added gnupg-detect_FIPS_mode.patch OBS-URL: https://build.opensuse.org/request/show/175573 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=56 2013-05-16 12:06:39 +02:00			+ log_error(_("error creating `%s': %s\n"), fname, strerror(errno) );
			`+ umask(saved_umask);`
			`+ goto leave;`
			`+ }`
			`+ umask(saved_umask);`
			`}`
			`#else /* __riscos__ */`
Accepting request 260826 from home:vitezslav_cizek:branches:Base:System - upgrade to 2.1.0 (modern) - The file "secring.gpg" is not anymore used to store the secret keys. Merging of secret keys is now supported. - All support for PGP-2 keys has been removed for security reasons. - The standard key generation interface is now much leaner. This will help a new user to quickly generate a suitable key. - Support for Elliptic Curve Cryptography (ECC) is now available. - Commands to create and sign keys from the command line without any extra prompts are now available. - The Pinentry may now show the new passphrase entry and the passphrase confirmation entry in one dialog. - There is no more need to manually start the gpg-agent. It is now started by any part of GnuPG as needed. - Problems with importing keys with the same long key id have been addressed. - The Dirmngr is now part of GnuPG proper and also takes care of accessing keyserver. - Keyserver pools are now handled in a smarter way. - A new format for locally storing the public keys is now used. This considerable speeds up operations on large keyrings. - Revocation certificates are now created by default. - Card support has been updated, new readers and token types are supported. - The format of the key listing has been changed to better identify the properties of a key. - The gpg-agent may now be used on Windows as a Pageant replacement for Putty in the same way it is used for years on Unix as ssh-agent replacement. - Creation of X.509 certificates has been improved. It is now also possible to export them directly in PKCS#8 and PEM format for use OBS-URL: https://build.opensuse.org/request/show/260826 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=79 2014-11-11 11:52:31 +01:00			`/* If no output filename was given, i.e. we constructed it, convert`