summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/lib/pq/ssl_permissions.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/lib/pq/ssl_permissions.go')
-rw-r--r--vendor/github.com/lib/pq/ssl_permissions.go16
1 files changed, 10 insertions, 6 deletions
diff --git a/vendor/github.com/lib/pq/ssl_permissions.go b/vendor/github.com/lib/pq/ssl_permissions.go
index 33076a8da..3b7c3a2a3 100644
--- a/vendor/github.com/lib/pq/ssl_permissions.go
+++ b/vendor/github.com/lib/pq/ssl_permissions.go
@@ -4,13 +4,17 @@ package pq
import "os"
-// sslCertificatePermissions checks the permissions on user-supplied certificate
-// files. The key file should have very little access.
+// sslKeyPermissions checks the permissions on user-supplied ssl key files.
+// The key file should have very little access.
//
// libpq does not check key file permissions on Windows.
-func sslCertificatePermissions(cert, key os.FileInfo) {
- kmode := key.Mode()
- if kmode != kmode&0600 {
- panic(ErrSSLKeyHasWorldPermissions)
+func sslKeyPermissions(sslkey string) error {
+ info, err := os.Stat(sslkey)
+ if err != nil {
+ return err
}
+ if info.Mode().Perm()&0077 != 0 {
+ return ErrSSLKeyHasWorldPermissions
+ }
+ return nil
}
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-05-20 22:10:10 +0000