Add sanity checks when generating new RSA keys.

[tinc] / src / tincctl.c

diff --git a/src/tincctl.c b/src/tincctl.c
index fdb72e0..2f7fe6b 100644 (file)
--- a/src/tincctl.c
+++ b/src/tincctl.c
@@ -39,6 +39,10 @@
 #include "tincctl.h"
 #include "top.h"
 
+#ifndef MSG_NOSIGNAL
+#define MSG_NOSIGNAL 0
+#endif
+
 static char **orig_argv;
 static int orig_argc;
 
@@ -413,6 +417,15 @@ static bool rsa_keygen(int bits, bool ask) {
        FILE *f;
        char *pubname, *privname;
 
+       // Make sure the key size is a multiple of 8 bits.
+       bits &= ~0x7;
+
+       // Force them to be between 1024 and 8192 bits long.
+       if(bits < 1024)
+               bits = 1024;
+       if(bits > 8192)
+               bits = 8192;
+
        fprintf(stderr, "Generating %d bits keys:\n", bits);
 
        if(!(key = rsa_generate(bits, 0x10001))) {
@@ -529,7 +542,7 @@ bool sendline(int fd, char *format, ...) {
        blen++;
 
        while(blen) {
-               int result = send(fd, p, blen, 0);
+               int result = send(fd, p, blen, MSG_NOSIGNAL);
                if(result == -1 && errno == EINTR)
                        continue;
                else if(result <= 0)
@@ -741,6 +754,11 @@ bool connect_tincd(bool verbose) {
        freeaddrinfo(res);
 #endif
 
+#ifdef SO_NOSIGPIPE
+       static const int one = 1;
+       setsockopt(c, SOL_SOCKET, SO_NOSIGPIPE, (void *)&one, sizeof one);
+#endif
+
        char data[4096];
        int version;
 
@@ -2129,6 +2147,8 @@ static int cmd_network(int argc, char *argv[]) {
                free(fname);
        }
 
+       closedir(dir);
+
        return 0;
 }