X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;ds=sidebyside;f=src%2Finvitation.c;h=e068ae89b6af27730958781e71556c2acd8fc7a1;hb=38a4eb4ebc730d805fcab9d64fe988be42a99122;hp=cff9e7270c4606447d83c02af3423ce5068d700c;hpb=0289162552cd85375605044c696e2a3294e7aa9a;p=tinc

diff --git a/src/invitation.c b/src/invitation.c
index cff9e727..e068ae89 100644
--- a/src/invitation.c
+++ b/src/invitation.c
@@ -36,6 +36,7 @@
 #include "xalloc.h"
 #include "random.h"
 #include "pidfile.h"
+#include "fs.h"
 
 #include "ed25519/sha512.h"
 
@@ -314,6 +315,7 @@ static bool copy_config_replacing_port(FILE *out, const char *filename, const ch
 		}
 	}
 
+	memzero(line, sizeof(line));
 	fclose(in);
 	return true;
 }
@@ -332,6 +334,11 @@ int cmd_invite(int argc, char *argv[]) {
 		return 1;
 	}
 
+	if(argc > 2) {
+		fprintf(stderr, "Too many arguments!\n");
+		return 1;
+	}
+
 	// Check validity of the new node's name
 	if(!check_id(argv[1])) {
 		fprintf(stderr, "Invalid name for node.\n");
@@ -378,13 +385,12 @@ int cmd_invite(int argc, char *argv[]) {
 		}
 	}
 
-	snprintf(filename, sizeof(filename), "%s" SLASH "invitations", confbase);
-
-	if(mkdir(filename, 0700) && errno != EEXIST) {
-		fprintf(stderr, "Could not create directory %s: %s\n", filename, strerror(errno));
-		return 1;
+	if(!makedirs(DIR_INVITATIONS)) {
+		return false;
 	}
 
+	snprintf(filename, sizeof(filename), "%s" SLASH "invitations", confbase);
+
 	// Count the number of valid invitations, clean up old ones
 	DIR *dir = opendir(filename);
 
@@ -521,6 +527,7 @@ int cmd_invite(int argc, char *argv[]) {
 	int ifd = open(filename, O_RDWR | O_CREAT | O_EXCL, 0600);
 
 	if(!ifd) {
+		memzero(cookie, sizeof(cookie));
 		fprintf(stderr, "Could not create invitation file %s: %s\n", filename, strerror(errno));
 		return 1;
 	}
@@ -536,9 +543,17 @@ int cmd_invite(int argc, char *argv[]) {
 	char *port = NULL;
 
 	if(!get_my_hostname(&address, &port)) {
+		memzero(cookie, sizeof(cookie));
 		return 1;
 	}
 
+	// Create an URL from the local address, key hash and cookie
+	char *url;
+	xasprintf(&url, "%s/%s%s", address, hash, cookie);
+
+	memzero(cookie, sizeof(cookie));
+	free(address);
+
 	// Fill in the details.
 	fprintf(f, "Name = %s\n", argv[1]);
 
@@ -577,14 +592,10 @@ int cmd_invite(int argc, char *argv[]) {
 
 	if(!appended) {
 		fprintf(stderr, "Could not append my config to invitation file: %s.\n", strerror(errno));
-		free(address);
+		free_string(url);
 		return 1;
 	}
 
-	// Create an URL from the local address, key hash and cookie
-	char *url;
-	xasprintf(&url, "%s/%s%s", address, hash, cookie);
-
 	// Call the inviation-created script
 	environment_t env;
 	environment_init(&env);
@@ -595,8 +606,7 @@ int cmd_invite(int argc, char *argv[]) {
 	environment_exit(&env);
 
 	puts(url);
-	free(url);
-	free(address);
+	free_string(url);
 
 	return 0;
 }
@@ -668,7 +678,7 @@ static char *get_value(const char *data, const char *var) {
 }
 
 static char *grep(const char *data, const char *var) {
-	static char value[1024];
+	char value[1024];
 
 	const char *p = data;
 	size_t varlen = strlen(var);
@@ -708,7 +718,7 @@ static char *grep(const char *data, const char *var) {
 
 	memcpy(value, p, e - p);
 	value[e - p] = 0;
-	return value;
+	return xstrdup(value);
 }
 
 static bool finalize_join(void) {
@@ -725,10 +735,10 @@ static bool finalize_join(void) {
 	}
 
 	if(!netname) {
-		const char *net = grep(data, "NetName");
+		char *net = grep(data, "NetName");
 
 		if(net) {
-			netname = xstrdup(net);
+			netname = net;
 
 			if(!check_netname(netname, true)) {
 				fprintf(stderr, "Unsafe NetName found in invitation!\n");
@@ -769,13 +779,7 @@ make_names:
 		goto make_names;
 	}
 
-	if(mkdir(confbase, 0777) && errno != EEXIST) {
-		fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno));
-		return false;
-	}
-
-	if(mkdir(hosts_dir, 0777) && errno != EEXIST) {
-		fprintf(stderr, "Could not create directory %s: %s\n", hosts_dir, strerror(errno));
+	if(!makedirs(DIR_HOSTS | DIR_CONFBASE | DIR_CACHE)) {
 		return false;
 	}
 
@@ -972,9 +976,9 @@ make_names:
 		return false;
 	}
 
-	char *b64key = ecdsa_get_base64_public_key(key);
+	char *b64_pubkey = ecdsa_get_base64_public_key(key);
 
-	if(!b64key) {
+	if(!b64_pubkey) {
 		return false;
 	}
 
@@ -994,10 +998,10 @@ make_names:
 
 	fclose(f);
 
-	fprintf(fh, "Ed25519PublicKey = %s\n", b64key);
+	fprintf(fh, "Ed25519PublicKey = %s\n", b64_pubkey);
 
-	sptps_send_record(&sptps, 1, b64key, strlen(b64key));
-	free(b64key);
+	sptps_send_record(&sptps, 1, b64_pubkey, strlen(b64_pubkey));
+	free(b64_pubkey);
 	ecdsa_free(key);
 
 #ifndef DISABLE_LEGACY
@@ -1203,14 +1207,8 @@ int cmd_join(int argc, char *argv[]) {
 	}
 
 	// Make sure confbase exists and is accessible.
-	if(!confbase_given && mkdir(confdir, 0755) && errno != EEXIST) {
-		fprintf(stderr, "Could not create directory %s: %s\n", confdir, strerror(errno));
-		return 1;
-	}
-
-	if(mkdir(confbase, 0777) && errno != EEXIST) {
-		fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno));
-		return 1;
+	if(!makedirs(DIR_CONFDIR | DIR_CONFBASE)) {
+		return false;
 	}
 
 	if(access(confbase, R_OK | W_OK | X_OK)) {
@@ -1238,7 +1236,7 @@ int cmd_join(int argc, char *argv[]) {
 
 		if(!fgets(line, sizeof(line), stdin)) {
 			fprintf(stderr, "Error while reading stdin: %s\n", strerror(errno));
-			return false;
+			return 1;
 		}
 
 		invitation = line;
@@ -1299,13 +1297,13 @@ int cmd_join(int argc, char *argv[]) {
 		return 1;
 	}
 
-	char *b64key = ecdsa_get_base64_public_key(key);
+	char *b64_pubkey = ecdsa_get_base64_public_key(key);
 
 	// Connect to the tinc daemon mentioned in the URL.
 	struct addrinfo *ai = str2addrinfo(address, port, SOCK_STREAM);
 
 	if(!ai) {
-		free(b64key);
+		free(b64_pubkey);
 		ecdsa_free(key);
 		return 1;
 	}
@@ -1320,7 +1318,7 @@ next:
 
 		if(!aip) {
 			freeaddrinfo(ai);
-			free(b64key);
+			free(b64_pubkey);
 			ecdsa_free(key);
 			return 1;
 		}
@@ -1346,13 +1344,13 @@ next:
 	fprintf(stderr, "Connected to %s port %s...\n", address, port);
 
 	// Tell him we have an invitation, and give him our throw-away key.
-	ssize_t len = snprintf(line, sizeof(line), "0 ?%s %d.%d\n", b64key, PROT_MAJOR, PROT_MINOR);
+	ssize_t len = snprintf(line, sizeof(line), "0 ?%s %d.%d\n", b64_pubkey, PROT_MAJOR, PROT_MINOR);
 
 	if(len <= 0 || (size_t)len >= sizeof(line)) {
 		abort();
 	}
 
-	if(!sendline(sock, "0 ?%s %d.%d", b64key, PROT_MAJOR, 1)) {
+	if(!sendline(sock, "0 ?%s %d.%d", b64_pubkey, PROT_MAJOR, 1)) {
 		fprintf(stderr, "Error sending request to %s port %s: %s\n", address, port, strerror(errno));
 		closesocket(sock);
 		goto next;
@@ -1371,8 +1369,8 @@ next:
 	ai = NULL;
 	aip = NULL;
 
-	free(b64key);
-	b64key = NULL;
+	free(b64_pubkey);
+	b64_pubkey = NULL;
 
 	// Check if the hash of the key he gave us matches the hash in the URL.
 	char *fingerprint = line + 2;