summaryrefslogtreecommitdiff
path: root/usr/src/lib/libipsecutil/common/ipsec_util.h
diff options
context:
space:
mode:
authorpwernau <none@none>2007-10-24 13:59:51 -0700
committerpwernau <none@none>2007-10-24 13:59:51 -0700
commit23c73ecc8c565b8247ce7f888170bfbbce3e589c (patch)
treebeb6129493794b485697be7e1c85d6b89c756a04 /usr/src/lib/libipsecutil/common/ipsec_util.h
parent351420b34707afeafa8d5c3e0c77b7bcffb1edc0 (diff)
downloadillumos-gate-23c73ecc8c565b8247ce7f888170bfbbce3e589c.tar.gz
5053475 certlib_load() error messages need improving.
6614180 file permissions on public keys and CRLs should be more open 6614741 keying material with insecure permissions should not be trusted
Diffstat (limited to 'usr/src/lib/libipsecutil/common/ipsec_util.h')
-rw-r--r--usr/src/lib/libipsecutil/common/ipsec_util.h5
1 files changed, 5 insertions, 0 deletions
diff --git a/usr/src/lib/libipsecutil/common/ipsec_util.h b/usr/src/lib/libipsecutil/common/ipsec_util.h
index a78831e678..e9995cc6f8 100644
--- a/usr/src/lib/libipsecutil/common/ipsec_util.h
+++ b/usr/src/lib/libipsecutil/common/ipsec_util.h
@@ -79,6 +79,11 @@ extern "C" {
#define TBUF_SIZE 50
#define TIME_MAX LONG_MAX
+#ifndef INSECURE_PERMS
+#define INSECURE_PERMS(sbuf) (((sbuf).st_uid != 0) || \
+ ((sbuf).st_mode & S_IRWXG) || ((sbuf).st_mode & S_IRWXO))
+#endif
+
/* For keyword-lookup tables */
typedef struct keywdtab {
uint_t kw_tag;
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-26 13:11:44 +0000