X-Git-Url: https://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Ffsck.c;h=a60dcf3fe4aacee073b47d3ac0b45768ea961c8b;hb=3bfdf45893f28f232c5851eb67d1800dc5004687;hp=e17b46c553432f0c0fa25aeddd939ee82b007472;hpb=f6e87ab476a0faf8b124ecaaa27f967d825e6457;p=tinc

diff --git a/src/fsck.c b/src/fsck.c
index e17b46c5..a60dcf3f 100644
--- a/src/fsck.c
+++ b/src/fsck.c
@@ -1,6 +1,6 @@
 /*
     fsck.c -- Check the configuration files for problems
-    Copyright (C) 2014 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2014-2021 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -88,6 +88,8 @@ static int strtailcmp(const char *str, const char *tail) {
 }
 
 static void check_conffile(const char *fname, bool server) {
+	(void)server;
+
 	FILE *f = fopen(fname, "r");
 
 	if(!f) {
@@ -252,7 +254,7 @@ int fsck(const char *argv0) {
 			return 1;
 		}
 
-#if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN)
+#ifndef HAVE_MINGW
 
 		if(st.st_mode & 077) {
 			fprintf(stderr, "WARNING: unsafe file permissions on %s.\n", fname);
@@ -301,7 +303,7 @@ int fsck(const char *argv0) {
 			return 1;
 		}
 
-#if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN)
+#ifndef HAVE_MINGW
 
 		if(st.st_mode & 077) {
 			fprintf(stderr, "WARNING: unsafe file permissions on %s.\n", fname);
@@ -383,26 +385,38 @@ int fsck(const char *argv0) {
 				return 1;
 			}
 
-			char buf1[len], buf2[len], buf3[len];
-			randomize(buf1, sizeof(buf1));
-			buf1[0] &= 0x7f;
-			memset(buf2, 0, sizeof(buf2));
-			memset(buf3, 0, sizeof(buf2));
+			char *buf1 = malloc(len);
+			char *buf2 = malloc(len);
+			char *buf3 = malloc(len);
 
-			if(!rsa_public_encrypt(rsa_pub, buf1, sizeof(buf1), buf2)) {
+			randomize(buf1, len);
+			buf1[0] &= 0x7f;
+			memset(buf2, 0, len);
+			memset(buf3, 0, len);
+			bool result = false;
+
+			if(rsa_public_encrypt(rsa_pub, buf1, len, buf2)) {
+				if(rsa_private_decrypt(rsa_priv, buf2, len, buf3)) {
+					if(memcmp(buf1, buf3, len)) {
+						result = true;
+					} else {
+						fprintf(stderr, "ERROR: public and private RSA keys do not match.\n");
+					}
+				} else {
+					fprintf(stderr, "ERROR: private RSA key does not work.\n");
+				}
+			} else {
 				fprintf(stderr, "ERROR: public RSA key does not work.\n");
-				return 1;
 			}
 
-			if(!rsa_private_decrypt(rsa_priv, buf2, sizeof(buf2), buf3)) {
-				fprintf(stderr, "ERROR: private RSA key does not work.\n");
-				return 1;
-			}
+			free(buf3);
+			free(buf2);
+			free(buf1);
 
-			if(memcmp(buf1, buf3, sizeof(buf1))) {
-				fprintf(stderr, "ERROR: public and private RSA keys do not match.\n");
+			if(!result) {
 				return 1;
 			}
+
 		}
 	} else {
 		if(rsa_pub) {