aboutsummaryrefslogtreecommitdiffstats
path: root/conf
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2019-07-19 15:59:53 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2019-07-19 15:59:53 +0200
commit54b2e7113ead40f0be9b21370415346fd6c356b1 (patch)
tree8346fd7c7ecaeb7260a8c80ee9df5942a100797b /conf
parentringlogger: windows only (diff)
downloadwireguard-windows-54b2e7113ead40f0be9b21370415346fd6c356b1.tar.xz
wireguard-windows-54b2e7113ead40f0be9b21370415346fd6c356b1.zip
tunnel: extract owner of config file for pipe dacl
If the config file is unencrypted and its owner is not Local System, then we allow the runtime named pipe to be accessed by that owner, since generally the private key is already stored in the config file.
Diffstat (limited to 'conf')
-rw-r--r--conf/store.go4
1 files changed, 4 insertions, 0 deletions
diff --git a/conf/store.go b/conf/store.go
index b5cdd1ef..504a0d01 100644
--- a/conf/store.go
+++ b/conf/store.go
@@ -148,6 +148,10 @@ func LoadFromPath(path string) (*Config, error) {
return FromWgQuickWithUnknownEncoding(string(bytes), name)
}
+func PathIsEncrypted(path string) bool {
+ return strings.HasSuffix(filepath.Base(path), configFileSuffix)
+}
+
func NameFromPath(path string) (string, error) {
name := filepath.Base(path)
if !((len(name) > len(configFileSuffix) && strings.HasSuffix(name, configFileSuffix)) ||