diff options
| author | Jacob Young <jacobly0@users.noreply.github.com> | 2024-11-07 20:25:04 -0500 |
|---|---|---|
| committer | Jacob Young <jacobly0@users.noreply.github.com> | 2024-11-07 20:56:33 -0500 |
| commit | 9373abf7f77c37094f9ba6ca68287d8a06ebafa0 (patch) | |
| tree | c9fb5a5324d741042de3c581d8719bb2b27c889a /lib/std/http | |
| parent | 75adba7cb9501f33453275c187bcd7f4b11eaa9d (diff) | |
| download | zig-9373abf7f77c37094f9ba6ca68287d8a06ebafa0.tar.gz zig-9373abf7f77c37094f9ba6ca68287d8a06ebafa0.zip | |
std.http.Client: change ssl key log creation permission bits
This is the same mode used by openssh for private keys. This does not
change the mode of an existing file, so users who need something
different can pre-create the file with their designed permissions or
change them after the fact, and running another process that writes to
the key log will not change it back.
Diffstat (limited to 'lib/std/http')
| -rw-r--r-- | lib/std/http/Client.zig | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/std/http/Client.zig b/lib/std/http/Client.zig index cddc6297c9..9dcf7b5693 100644 --- a/lib/std/http/Client.zig +++ b/lib/std/http/Client.zig @@ -1361,7 +1361,13 @@ pub fn connectTcp(client: *Client, host: []const u8, port: u16, protocol: Connec error.OutOfMemory => return error.OutOfMemory, }; defer client.allocator.free(ssl_key_log_path); - break :ssl_key_log_file std.fs.cwd().createFile(ssl_key_log_path, .{ .truncate = false }) catch null; + break :ssl_key_log_file std.fs.cwd().createFile(ssl_key_log_path, .{ + .truncate = false, + .mode = switch (builtin.os.tag) { + .windows, .wasi => 0, + else => 0o600, + }, + }) catch null; } else null; errdefer if (ssl_key_log_file) |key_log_file| key_log_file.close(); |