| OLD | NEW |
|---|
| (Empty) | |
| 1 package azure |
| 2 |
| 3 import ( |
| 4 "fmt" |
| 5 "io/ioutil" |
| 6 "launchpad.net/juju-core/utils" |
| 7 "math/rand" |
| 8 "os" |
| 9 "path" |
| 10 ) |
| 11 |
| 12 // tempCertFile is a temporary file containing an x509 certificate. |
| 13 // It's possible to pass a certificate to libcurl in-memory, but much more |
| 14 // complicated. We went with this hack for now. Call newTempCertFile to |
| 15 // store a certificate in a temporary file, and once you're done with the |
| 16 // file, invoke its Delete method to clean it up. |
| 17 type tempCertFile struct { |
| 18 tempDir string |
| 19 filename string |
| 20 } |
| 21 |
| 22 // Path returns the full absolute path for the temporary certificate file. |
| 23 func (certFile *tempCertFile) Path() string { |
| 24 return path.Join(certFile.tempDir, certFile.filename) |
| 25 } |
| 26 |
| 27 // Delete cleans up a tempCertFile. You must call this after use, or you'll |
| 28 // leave not just garbage but security-sensitive garbage. |
| 29 // This method is idempotent. If called after it's already been run, it |
| 30 // does nothing. |
| 31 func (certFile *tempCertFile) Delete() { |
| 32 if certFile.tempDir == "" { |
| 33 // Either it wasn't constructed, or it's been deleted already. |
| 34 return |
| 35 } |
| 36 err := os.RemoveAll(certFile.tempDir) |
| 37 if err != nil { |
| 38 panic(err) |
| 39 } |
| 40 // We no longer own a file that needs cleaning up. |
| 41 certFile.filename = "" |
| 42 certFile.tempDir = "" |
| 43 } |
| 44 |
| 45 // newTempCertFile stores the given x509 certificate in a temporary file, |
| 46 // which only the current user will be allowed to access. |
| 47 // You *must* clean up the file after use, by calling its Delete method. |
| 48 func newTempCertFile(data []byte) (certFile *tempCertFile, err error) { |
| 49 // Add context to any error we may return. |
| 50 defer utils.ErrorContextf(&err, "failed while writing temporary certific
ate file") |
| 51 |
| 52 // Access permissions for these temporary files: |
| 53 const ( |
| 54 // Owner can read/write temporary files. Not backed up. |
| 55 fileMode = 0600 | os.ModeTemporary | os.ModeExclusive |
| 56 // Temporary dirs are like files, but owner also has "x" |
| 57 // permission. |
| 58 dirMode = fileMode | 0100 |
| 59 ) |
| 60 |
| 61 certFile = &tempCertFile{} |
| 62 |
| 63 // We'll randomize the file's name, so that even someone with access |
| 64 // to the temporary directory (perhaps a group member sneaking in |
| 65 // just before we close access to the directory) won't be able to |
| 66 // guess its name and inject their own file. |
| 67 certFile.filename = fmt.Sprint("x509-%d.cert", rand.Int31()) |
| 68 |
| 69 // To guarantee that nobody else will be able to access the file, even |
| 70 // by predicting or guessing its name, we create the file in its own |
| 71 // private directory. |
| 72 certFile.tempDir, err = ioutil.TempDir("", "juju-azure") |
| 73 if err != nil { |
| 74 return nil, err |
| 75 } |
| 76 err = os.Chmod(certFile.tempDir, dirMode) |
| 77 if err != nil { |
| 78 return nil, err |
| 79 } |
| 80 |
| 81 // Now, at last, write the file. WriteFile could have done most of |
| 82 // the work on its own, but it doesn't guarantee that nobody creates |
| 83 // a file of the same name first. When that happens, you get a file |
| 84 // but not with the requested permissions. |
| 85 err = ioutil.WriteFile(certFile.Path(), data, fileMode) |
| 86 if err != nil { |
| 87 os.RemoveAll(certFile.tempDir) |
| 88 return nil, err |
| 89 } |
| 90 |
| 91 return certFile, nil |
| 92 } |
| OLD | NEW |
|---|
