aljaz/lightning
1
0
Fork 0
mirror of https://github.com/aljazceru/lightning.git synced 2026-01-04 14:54:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

grpc: make the mTLS private keys user-readable only

Browse Source 
Fixes #6064
Reported-by: denis2342 <@denis2342>

Changelog-Changed: grpc: The mTLS private keys are no longer group-readable
This commit is contained in:
Christian Decker
2023-03-07 14:07:17 +01:00
committed by Vincenzo Palazzo
parent 3424f70585
commit 97de4f8e0f
2 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
tests/test_cln_rs.py
View File

@@ -181,6 +181,11 @@ def test_grpc_generate_certificate(node_factory):
assert contents[-2] != files[-2].open().read()
assert contents[-1] != files[-1].open().read()
keys = [f for f in files if f.name.endswith('-key.pem')]
modes = [f.stat().st_mode for f in keys]
private = [m % 8 == 0 and (m // 8) % 8 == 0 for m in modes]
assert all(private)
def test_grpc_no_auto_start(node_factory):
"""Ensure that we do not start cln-grpc unless a port is configured.