Apply restrictive permissions on private key files during creation

[hph86]

This should fix #11.

[aburgm]

I wonder if flags should really be an argument to this function given that it attempts to write to the newly created file immediately afterwards, and so passing or not passing certain flags does not make sense for it (such as everything that would result in the file being opened for reading only). In both cases this function is used, the flags are the same anyway, so we could just hardcode those inside this function.

[aburgm]

Thanks! Can you also add the new inf_file_write_data_with_perms function into docs/reference/libinfinity/libinfinity-0.7-sections.txt, so that it shows up in the documentation?

One advantage of g_file_set_contents over inf_file_write_data_with_perms is that it replaces an already existing file atomically, so that if writing the new file fails for some reason, an already existing file with the same name is not truncated. It does this by writing to a file with a different filename, and then using g_rename to rename the newly written file over the potentially existing one. I feel this would be somewhat important with this function to prevent someone from accidentally losing their private key. Would do you think?

[hph86]

You're welcome! Many thanks for your feedback. I will incorporate your suggestions and update the PR accordingly.

Regarding your last point: What do you mean by "loosing their private key"? I think in most of the cases (successful write) the old key is lost anyway (with and without applying your suggestion). Your suggestion only improves the failure case. Wouldn't it make sense to abort the key generation if a private key file (and possibly a certificate file) already exist?

[aburgm]

You are right, in the success case the previous key is lost anyway. I don't think it's an issue to overwrite an existing file, but it would be good to guarantee that either the previous or the new private key is available, and not to leave the user without any.

I wouldn't prevent the key generation if another file already exists--if that is desired, it should be handled before calling inf_file_write_data_with_perms, such as with an overwrite confirmation dialog in the file chooser in the GUI.

[hph86]

Dear Armin, I think I have applied all your suggestion in the second commit. If you are fine with the changes, I will happily rebase them on the master branch.

[aburgm]

data needs to be advanced by written bytes at this point, or in the next iteration of the loop it will point to an incorrect location. Sorry I didn't see this the first time.

[aburgm]

Thanks @hph86. I'll merge once those two remaining things are fixed.

[aburgm]

Oh, and you might also want to protect the implementation of the new function in an #ifdef block defaulting to g_file_set_contents on Windows... otherwise it probably won't compile on Windows. That would allow to remove the #ifdefs around the invocation of the function as well.

[aburgm]

Should be data and length instead of string->str and string->len.

[aburgm]

Merged--Thanks for the contribution!