Read client certificates before dropping privileges

[k0ekk0ek]

Andreas Schulze gave some feedback on the mutual tls(-auth) (#185 and #337) feature on the nsd-users mailing list.

It appears certificates specified with client-cert are read on opening a connection. Think about updating the logic to read the certificates before dropping privileges, a more extensive description is provided by Andreas below:

NSD serving as simple TLS server is configured with:

server:
	username: nsd
	ip-address: ::@853
	tls-service-key: /path/to/key.pem
	tls-service-pem: /path/to/cert+intermediate.pem
	tls-port: 853

	# since 4.10.1rc2
	ip-address: ::@1853
	tls-auth-port: 1853
	tls-auth-xfr-only: yes
	tls-cert-bundle: /path/to/ca-certificates.crt

In this mode, /path/to/*.pem may accessible for the root user only.

Now, when adding a tls-auth for the purpose of client authentication I add:

tls-auth:
	name: primary.nsd.example
	auth-domain-name: primary.nsd.example
	client-cert: /path/to/cert+intermediate.pem
	client-key: /path/to/key.pem

Here, the files /path/to/*.pem are used by a child process with limited privileges of the username 'nsd' It would be better, if nsd read all tls-auth client-[cert|key] data before dropping privileges. Then the files could be still limited to be readable by the root user.