From 259e2cb5eb2507d0321ceb9f46278df18ebe3066 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Sat, 21 Nov 2020 14:59:03 +0100
Subject: conf: allow administrators to add and remove configs easily

We loosen the permissions a little bit while tightening the
restrictions on encrypted files. This should allow administrators to
easily drop unencrypted files into Data\Configurations\ and get them
encrypted and made read-only, while also allowing them to delete
unwanted configurations.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
---
 conf/store.go | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

(limited to 'conf/store.go')

diff --git a/conf/store.go b/conf/store.go
index 21bd3a22..e79e24b8 100644
--- a/conf/store.go
+++ b/conf/store.go
@@ -103,7 +103,7 @@ func MigrateUnencryptedConfigs() (int, []error) {
 			e++
 			continue
 		}
-		err = ioutil.WriteFile(dstFile, bytes, 0600)
+		err = writeEncryptedFile(dstFile, bytes)
 		if err != nil {
 			errs[e] = err
 			e++
@@ -185,16 +185,7 @@ func (config *Config) Save() error {
 	if err != nil {
 		return err
 	}
-	err = ioutil.WriteFile(filename+".tmp", bytes, 0600)
-	if err != nil {
-		return err
-	}
-	err = os.Rename(filename+".tmp", filename)
-	if err != nil {
-		os.Remove(filename + ".tmp")
-		return err
-	}
-	return nil
+	return writeEncryptedFile(filename, bytes)
 }
 
 func (config *Config) Path() (string, error) {
-- 
cgit v1.2.3-59-g8ed1b