- certs.py: write keys out as mode 600

- make sure we setup the config dict immediately in config_data - clean up our config, pki and var dirs on removal
author: Seth Vidal <skvidal@fedoraproject.org> 2007-09-27 12:33:06 -0400
committer: Seth Vidal <skvidal@fedoraproject.org> 2007-09-27 12:33:06 -0400
commit: f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea (patch)
tree: 023eba9059a7e6f78e29a9bee4149e86cf103b92 /func
parent: db29f4bf424b7b804617cb042ad796f2812c0ca0 (diff)
download: third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.tar.gz
third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.tar.xz
third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/func/certs.py b/func/certs.py
index bf624a2..6e3a025 100644
--- a/func/certs.py
+++ b/func/certs.py
@@ -29,9 +29,9 @@ def make_keypair(dest=None):
     pkey = crypto.PKey()
     pkey.generate_key(crypto.TYPE_RSA, 2048)
     if dest:
-        destfo = open(dest, 'w')
-        destfo.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))
-        destfo.close()
+        destfd = os.open(dest, os.O_RDWR|os.O_CREAT, 0600)
+        os.write(destfd, (crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)))
+        os.close(destfd)
     
     return pkey
author	Seth Vidal <skvidal@fedoraproject.org>	2007-09-27 12:33:06 -0400
committer	Seth Vidal <skvidal@fedoraproject.org>	2007-09-27 12:33:06 -0400
commit	f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea (patch)
tree	023eba9059a7e6f78e29a9bee4149e86cf103b92 /func
parent	db29f4bf424b7b804617cb042ad796f2812c0ca0 (diff)
download	third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.tar.gz third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.tar.xz third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.zip