fix the permissions on directories inside the exported tarball

in the cert case.

1 files changed, 14 insertions, 5 deletions

diff --git a/usr.sbin/ikectl/ikeca.c b/usr.sbin/ikectl/ikeca.c
index 4c2a40fbb4e..1e790c7df6f 100644
--- a/usr.sbin/ikectl/ikeca.c
+++ b/usr.sbin/ikectl/ikeca.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ikeca.c,v 1.8 2010/06/23 17:10:49 jsg Exp $	*/
+/*	$OpenBSD: ikeca.c,v 1.9 2010/06/23 19:28:18 jsg Exp $	*/
 /*	$vantronix: ikeca.c,v 1.13 2010/06/03 15:52:52 reyk Exp $	*/
 
 /*
@@ -456,11 +456,20 @@ ca_export(struct ca *ca, char *keyname, char *myname)
 	char		 dst[PATH_MAX];
 	char		*p;
 	char		 tpl[] = "/tmp/ikectl.XXXXXXXXXX";
-	const char	*exdirs[] = { "/ca", "/certs", "/crls", "/private",
-	    		              "/export" };
 	u_int		 i;
 	int		 fd;
 
+	struct {
+		char	*dir;
+		mode_t	 mode;
+	} exdirs[] = {
+		{ "/ca",	0755 },
+		{ "/certs",	0755 },
+		{ "/crls",	0755 },
+		{ "/export",	0755 },
+		{ "/private",	0700 }
+	};
+
 	if (keyname != NULL) {
 		if (strlcpy(oname, keyname, sizeof(oname)) >= sizeof(oname))
 			err(1, "name too long");
@@ -503,8 +512,8 @@ ca_export(struct ca *ca, char *keyname, char *myname)
 
 	for (i = 0; i < nitems(exdirs); i++) {
 		strlcpy(dst, p, sizeof(dst));
-		strlcat(dst, exdirs[i], sizeof(dst));
-		if (mkdir(dst, 0700) != 0)
+		strlcat(dst, exdirs[i].dir, sizeof(dst));
+		if (mkdir(dst, exdirs[i].mode) != 0)
 			err(1, "failed to create dir %s", dst);
 	}