From: Guus Sliepen Date: Tue, 30 Aug 2011 17:56:56 +0000 (+0200) Subject: Prevent read_rsa_public_key() from returning an uninitialized RSA structure. X-Git-Tag: release-1.0.17~30 X-Git-Url: https://tinc-vpn.org/git/browse?a=commitdiff_plain;h=e838289683c0039fac0ae6172d40b4177c17911b;p=tinc Prevent read_rsa_public_key() from returning an uninitialized RSA structure. In case the config file could not be opened a new but unitialized RSA structure would be returned, causing a segmentation fault later on. This would only happen in the case that the config file could be opened before, but not when read_rsa_public_key() was called. This situation could occur when the --user option was used, and the config files were not readable by the specified user. --- diff --git a/src/net_setup.c b/src/net_setup.c index f18e3bfe..c4337ccc 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -113,11 +113,14 @@ bool read_rsa_public_key(connection_t *c) { xasprintf(&fname, "%s/hosts/%s", confbase, c->name); fp = fopen(fname, "r"); - if(fp) { - c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL); - fclose(fp); + if(!fp) { + logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno)); + free(fname); + return; } + c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL); + fclose(fp); free(fname); if(c->rsa_key) @@ -128,12 +131,15 @@ bool read_rsa_public_key(connection_t *c) { xasprintf(&fname, "%s/hosts/%s", confbase, c->name); fp = fopen(fname, "r"); - if(fp) { - c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL); -// RSA_blinding_on(c->rsa_key, NULL); - fclose(fp); + if(!fp) { + logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno)); + free(fname); + return; } + c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL); +// RSA_blinding_on(c->rsa_key, NULL); + fclose(fp); free(fname); if(c->rsa_key)