Validate Name before using it in a filename when generating a keypair.

[tinc] / src / tincd.c

diff --git a/src/tincd.c b/src/tincd.c
index 457aafd..5fedd69 100644 (file)
--- a/src/tincd.c
+++ b/src/tincd.c
@@ -1,7 +1,7 @@
 /*
     tincd.c -- the main file for tincd
-    Copyright (C) 1998-2004 Ivo Timmermans <ivo@tinc-vpn.org>
-                  2000-2004 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 1998-2005 Ivo Timmermans
+                  2000-2008 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -35,8 +35,9 @@
 #include <openssl/rsa.h>
 #include <openssl/pem.h>
 #include <openssl/evp.h>
+#include <openssl/engine.h>
 
-#include <lzo1x.h>
+#include LZO1X_H
 
 #include <getopt.h>
 #include "pidfile.h"
@@ -291,6 +292,18 @@ static bool keygen(int bits)
        char *name = NULL;
        char *filename;
 
+       get_config_string(lookup_config(config_tree, "Name"), &name);
+
+       if(name) {
+               if(!check_id(name)) {
+                       fprintf(stderr, _("Invalid name for myself!\n"));
+                       return false;
+               }
+               asprintf(&filename, "%s/hosts/%s", confbase, name);
+               free(name);
+       } else
+               asprintf(&filename, "%s/rsa_key.pub", confbase);
+
        fprintf(stderr, _("Generating %d bits keys:\n"), bits);
        rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL);
 
@@ -318,13 +331,6 @@ static bool keygen(int bits)
        fclose(f);
        free(filename);
 
-       get_config_string(lookup_config(config_tree, "Name"), &name);
-
-       if(name)
-               asprintf(&filename, "%s/hosts/%s", confbase, name);
-       else
-               asprintf(&filename, "%s/rsa_key.pub", confbase);
-
        f = ask_and_open(filename, _("public RSA key"), "a");
 
        if(!f)
@@ -391,6 +397,14 @@ static void make_names(void)
        }
 }
 
+static void free_names() {
+       if (identname) free(identname);
+       if (netname) free(netname);
+       if (pidfilename) free(pidfilename);
+       if (logfilename) free(logfilename);
+       if (confbase) free(confbase);
+}
+
 int main(int argc, char **argv)
 {
        program_name = argv[0];
@@ -407,7 +421,7 @@ int main(int argc, char **argv)
        if(show_version) {
                printf(_("%s version %s (built %s %s, protocol %d)\n"), PACKAGE,
                           VERSION, __DATE__, __TIME__, PROT_CURRENT);
-               printf(_("Copyright (C) 1998-2004 Ivo Timmermans, Guus Sliepen and others.\n"
+               printf(_("Copyright (C) 1998-2008 Ivo Timmermans, Guus Sliepen and others.\n"
                                "See the AUTHORS file for a complete list.\n\n"
                                "tinc comes with ABSOLUTELY NO WARRANTY.  This is free software,\n"
                                "and you are welcome to redistribute it under certain conditions;\n"
@@ -448,6 +462,9 @@ int main(int argc, char **argv)
 
        RAND_load_file("/dev/urandom", 1024);
 
+       ENGINE_load_builtin_engines();
+       ENGINE_register_all_complete();
+
        OpenSSL_add_all_algorithms();
 
        if(generate_keys) {
@@ -494,17 +511,26 @@ int main2(int argc, char **argv)
 
        /* Shutdown properly. */
 
-       close_network_connections();
-
        ifdebug(CONNECTIONS)
                dump_device_stats();
 
+       close_network_connections();
+
 end:
        logger(LOG_NOTICE, _("Terminating"));
 
 #ifndef HAVE_MINGW
        remove_pid(pidfilename);
 #endif
+
+       EVP_cleanup();
+       ENGINE_cleanup();
+       CRYPTO_cleanup_all_ex_data();
+       ERR_remove_state(0);
+       ERR_free_strings();
+
+       exit_configuration(&config_tree);
+       free_names();
        
        return status;
 }