again:
fprintf(stderr, "Fix y/n? ");
char buf[1024];
- if(!fgets(buf, sizeof buf, stdin)) {
+ if(!fgets(buf, sizeof(buf), stdin)) {
tty = false;
return false;
}
bool skip = false;
const int maxvariables = 50;
int count[maxvariables];
- memset(count, 0, sizeof count);
+ memset(count, 0, sizeof(count));
- while(fgets(line, sizeof line, f)) {
+ while(fgets(line, sizeof(line), f)) {
if(skip) {
if(!strncmp(line, "-----END", 8))
skip = false;
#ifndef DISABLE_LEGACY
rsa_t *rsa_priv = NULL;
- snprintf(fname, sizeof fname, "%s/rsa_key.priv", confbase);
+ snprintf(fname, sizeof(fname), "%s/rsa_key.priv", confbase);
if(stat(fname, &st)) {
if(errno != ENOENT) {
return 1;
}
+#if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN)
if(st.st_mode & 077) {
fprintf(stderr, "WARNING: unsafe file permissions on %s.\n", fname);
if(st.st_uid != uid) {
fprintf(stderr, "Fixed permissions of %s.\n", fname);
}
}
+#endif
}
#endif
ecdsa_t *ecdsa_priv = NULL;
- snprintf(fname, sizeof fname, "%s/ed25519_key.priv", confbase);
+ snprintf(fname, sizeof(fname), "%s/ed25519_key.priv", confbase);
if(stat(fname, &st)) {
if(errno != ENOENT) {
return 1;
}
+#if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN)
if(st.st_mode & 077) {
fprintf(stderr, "WARNING: unsafe file permissions on %s.\n", fname);
if(st.st_uid != uid) {
fprintf(stderr, "Fixed permissions of %s.\n", fname);
}
}
+#endif
}
#ifdef DISABLE_LEGACY
}
// Check for public keys.
- // TODO: use RSAPublicKeyFile and Ed25519PublicKeyFile variables if present.
+ // TODO: use RSAPublicKeyFile variable if present.
- snprintf(fname, sizeof fname, "%s/hosts/%s", confbase, name);
+ snprintf(fname, sizeof(fname), "%s/hosts/%s", confbase, name);
if(access(fname, R_OK))
fprintf(stderr, "WARNING: cannot read %s\n", fname);
rsa_t *rsa_pub = NULL;
f = fopen(fname, "r");
- if(f)
+ if(f) {
rsa_pub = rsa_read_pem_public_key(f);
- fclose(f);
+ fclose(f);
+ }
if(rsa_priv) {
if(!rsa_pub) {
return 1;
}
char buf1[len], buf2[len], buf3[len];
- randomize(buf1, sizeof buf1);
+ randomize(buf1, sizeof(buf1));
buf1[0] &= 0x7f;
- memset(buf2, 0, sizeof buf2);
- memset(buf3, 0, sizeof buf2);
- if(!rsa_public_encrypt(rsa_pub, buf1, sizeof buf1, buf2)) {
+ memset(buf2, 0, sizeof(buf2));
+ memset(buf3, 0, sizeof(buf2));
+ if(!rsa_public_encrypt(rsa_pub, buf1, sizeof(buf1), buf2)) {
fprintf(stderr, "ERROR: public RSA key does not work.\n");
return 1;
}
- if(!rsa_private_decrypt(rsa_priv, buf2, sizeof buf2, buf3)) {
+ if(!rsa_private_decrypt(rsa_priv, buf2, sizeof(buf2), buf3)) {
fprintf(stderr, "ERROR: private RSA key does not work.\n");
return 1;
}
- if(memcmp(buf1, buf3, sizeof buf1)) {
+ if(memcmp(buf1, buf3, sizeof(buf1))) {
fprintf(stderr, "ERROR: public and private RSA keys do not match.\n");
return 1;
}
fprintf(stderr, "WARNING: A public RSA key was found but no private key is known.\n");
}
#endif
- //
- // TODO: this should read the Ed25519PublicKey config variable instead.
+
ecdsa_t *ecdsa_pub = NULL;
f = fopen(fname, "r");
- if(f)
- ecdsa_pub = ecdsa_read_pem_public_key(f);
- fclose(f);
+ if(f) {
+ ecdsa_pub = get_pubkey(f);
+ if(!ecdsa_pub) {
+ rewind(f);
+ ecdsa_pub = ecdsa_read_pem_public_key(f);
+ }
+ fclose(f);
+ }
if(ecdsa_priv) {
if(!ecdsa_pub) {
if(strtailcmp(ent->d_name, "-up") && strtailcmp(ent->d_name, "-down"))
continue;
- strncpy(fname, ent->d_name, sizeof fname);
+ strncpy(fname, ent->d_name, sizeof(fname));
char *dash = strrchr(fname, '-');
if(!dash)
continue;
continue;
}
- snprintf(fname, sizeof fname, "%s" SLASH "%s", confbase, ent->d_name);
+ snprintf(fname, sizeof(fname), "%s" SLASH "%s", confbase, ent->d_name);
if(access(fname, R_OK | X_OK)) {
if(errno != EACCES) {
fprintf(stderr, "ERROR: cannot access %s: %s\n", fname, strerror(errno));
}
closedir(dir);
- snprintf(dname, sizeof dname, "%s" SLASH "hosts", confbase);
+ snprintf(dname, sizeof(dname), "%s" SLASH "hosts", confbase);
dir = opendir(dname);
if(!dir) {
fprintf(stderr, "ERROR: cannot read directory %s: %s\n", dname, strerror(errno));
if(strtailcmp(ent->d_name, "-up") && strtailcmp(ent->d_name, "-down"))
continue;
- strncpy(fname, ent->d_name, sizeof fname);
+ strncpy(fname, ent->d_name, sizeof(fname));
char *dash = strrchr(fname, '-');
if(!dash)
continue;
*dash = 0;
- snprintf(fname, sizeof fname, "%s" SLASH "hosts" SLASH "%s", confbase, ent->d_name);
+ snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, ent->d_name);
if(access(fname, R_OK | X_OK)) {
if(errno != EACCES) {
fprintf(stderr, "ERROR: cannot access %s: %s\n", fname, strerror(errno));
if(!check_id(ent->d_name))
continue;
- snprintf(fname, sizeof fname, "%s" SLASH "hosts" SLASH "%s", confbase, ent->d_name);
+ snprintf(fname, sizeof(fname), "%s" SLASH "hosts" SLASH "%s", confbase, ent->d_name);
check_conffile(fname, false);
}
closedir(dir);
projects / tinc / blobdiff