Opened 13 years ago
Closed 13 years ago
#139 closed Bug / Defect (duplicate)
WARNING: file server.key is group or others accessible even with chmod 0400
Reported by: | totaluser | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | Generic / unclassified | Version: | OpenVPN 2.2.0 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
I was crosscompiling OpenVPN 2.2.0 sources and OpenSSL 1.0.0d
yesterday I used this config
OpenSSL ./Configure linux-generic32 && make
OpenVPN ./configure --host=mipsel-linux-uclibc --disable-lzo --with-ssl-headers=/home/martin/Downloads/openssl-1.0.0d/include/ --with-ssl-lib=/home/martin/Downloads/openssl-1.0.0d/
then I added -static flag into LIBS in Makefile and ran make
the binary works fine and does not show any warnings
today I was trying to make the binary as small as possible
OpenSSL ./Configure linux-generic32 no-bf no-camellia no-seed no-krb5 no-idea no-cast no-asm no-whirlpool no-rc2 no-ripemd no-capieng no-mostasm no-cms no-gms
then I added -ldl flag into SHARED_LDFLAGS and ran make depend && make
OpenVPN ./configure --host=mipsel-linux-uclibc --disable-lzo --with-ssl-headers=/home/martin/Downloads/openssl-1.0.0d/include/ --with-ssl-lib=/home/martin/Downloads/openssl-1.0.0d/ --disable-selinux --enable-small --disable-debug --disable-pkcs11 --disable-plugins
then I added -ldl flag into LDFLAGS and ran make
the binary works fine but show this line in log
WARNING: file server.key is group or others accessible
when the file is created the command chmod 0400 system.key is issued and the permissions are set correctly
I used compiler from this toolchain toolchain-mipsel_gcc4.1.2 which can be downloaded from here ftp://ftp.dd-wrt.com/others/sourcecode/toolchains/current-toolchains.tar.bz2
the binary works fine but I am curios what option causes it to warn me about something that is not true
the binaries can be downloaded from my dropbox account
http://dl.dropbox.com/u/29867397/openvpn.WARN
http://dl.dropbox.com/u/29867397/openvpn.noWARN
none are stripped, hence the filesize (winth statically linked I can reduce it by ~30kB, with dynamically linked I can reduce it by ~1500kB)
this is a duplicate of ticket #138
closing this ticket