set the permissions on a symmetric keyfile before anything is written to it,

rather than after it is closed

lib/dns/sec/dst/dst_api.c

@@ -19,7 +19,7 @@
 
 /*
  * Principal Author: Brian Wellington
- * $Id: dst_api.c,v 1.82 2001/05/21 22:10:22 bwelling Exp $
+ * $Id: dst_api.c,v 1.83 2001/05/31 10:45:32 tale Exp $
  */
 
 #include <config.h>
@@ -938,6 +938,14 @@ write_public_key(const dst_key_t *key, const char *directory) {
 	if ((fp = fopen(filename, "w")) == NULL)
 		return (DST_R_WRITEERROR);
 
+	if (key->func->issymmetric()) {
+		access = 0;
+		isc_fsaccess_add(ISC_FSACCESS_OWNER,
+				 ISC_FSACCESS_READ | ISC_FSACCESS_WRITE,
+				 &access);
+		(void)isc_fsaccess_set(filename, access);
+	}
+
 	ret = dns_name_print(key->key_name, fp);
 	if (ret != ISC_R_SUCCESS)
 		return (ret);
@@ -955,14 +963,6 @@ write_public_key(const dst_key_t *key, const char *directory) {
 	fputc('\n', fp);
 	fclose(fp);
 
-	if (key->func->issymmetric()) {
-		access = 0;
-		isc_fsaccess_add(ISC_FSACCESS_OWNER,
-				 ISC_FSACCESS_READ | ISC_FSACCESS_WRITE,
-				 &access);
-		(void)isc_fsaccess_set(filename, access);
-	}
-
 	return (ISC_R_SUCCESS);
 }