ipn/ipnlocal: use atomicfile.WriteFile in certFileStore

Signed-off-by: Maisem Ali <maisem@tailscale.com>
pull/7674/head
Maisem Ali 2 years ago committed by Maisem Ali
parent 8a11f76a0d
commit 9e81db50f6

@ -31,6 +31,7 @@ import (
"time" "time"
"golang.org/x/crypto/acme" "golang.org/x/crypto/acme"
"tailscale.com/atomicfile"
"tailscale.com/envknob" "tailscale.com/envknob"
"tailscale.com/hostinfo" "tailscale.com/hostinfo"
"tailscale.com/ipn" "tailscale.com/ipn"
@ -195,7 +196,7 @@ func (f certFileStore) ACMEKey() ([]byte, error) {
func (f certFileStore) WriteACMEKey(b []byte) error { func (f certFileStore) WriteACMEKey(b []byte) error {
pemName := filepath.Join(f.dir, acmePEMName) pemName := filepath.Join(f.dir, acmePEMName)
return os.WriteFile(pemName, b, 0600) return atomicfile.WriteFile(pemName, b, 0600)
} }
func (f certFileStore) Read(domain string, now time.Time) (*TLSCertKeyPair, error) { func (f certFileStore) Read(domain string, now time.Time) (*TLSCertKeyPair, error) {
@ -220,11 +221,11 @@ func (f certFileStore) Read(domain string, now time.Time) (*TLSCertKeyPair, erro
} }
func (f certFileStore) WriteCert(domain string, cert []byte) error { func (f certFileStore) WriteCert(domain string, cert []byte) error {
return os.WriteFile(certFile(f.dir, domain), cert, 0644) return atomicfile.WriteFile(certFile(f.dir, domain), cert, 0644)
} }
func (f certFileStore) WriteKey(domain string, key []byte) error { func (f certFileStore) WriteKey(domain string, key []byte) error {
return os.WriteFile(keyFile(f.dir, domain), key, 0600) return atomicfile.WriteFile(keyFile(f.dir, domain), key, 0600)
} }
// certStateStore implements certStore by storing the cert & key files in an ipn.StateStore. // certStateStore implements certStore by storing the cert & key files in an ipn.StateStore.

Loading…
Cancel
Save