Description: astgenkey should generate a private key that is not world-readable
 Upstream has not accepted this patch and chose intead to document this
 as a known minor issue.
Author: Lionel Elie Mamane <lionel@mamane.lu>
Bug: http://issues.asterisk.org/view.php?id=12373
Last-Update: 2016-03-19

--- a/contrib/scripts/astgenkey
+++ b/contrib/scripts/astgenkey
@@ -47,7 +47,11 @@
 rm -f ${KEY}.key ${KEY}.pub
 
 echo "Generating SSL key '$KEY': "
+oldumask="`umask`"
+umask 0077
 openssl genrsa -out ${KEY}.key ${DES3} 1024
+[ "$(id -u)" = 0 ] && chown asterisk: ${KEY}.key
+umask $oldumask
 openssl rsa -in ${KEY}.key -pubout -out ${KEY}.pub
 
 if [ -f "${KEY}.key" ] && [ -f "${KEY}.pub" ]; then
