wanting to copy them into a configuration file.
fi
osi=found
-AC_CHECK_HEADERS(evp.h rsa.h rand.h err.h sha.h,
+AC_CHECK_HEADERS(evp.h rsa.h rand.h err.h sha.h pem.h,
[], [osi=none; break])
if test "$osi" = "none" ; then
osi=found
- AC_CHECK_HEADERS(openssl/evp.h openssl/rsa.h openssl/rand.h openssl/err.h openssl/sha.h,
+ AC_CHECK_HEADERS(openssl/evp.h openssl/rsa.h openssl/rand.h openssl/err.h openssl/sha.h openssl/pem.h,
[], [osi=none; break])
fi
/*
conf.c -- configuration code
- Copyright (C) 1998 Emphyrio,
+ Copyright (C) 1998 Robert van der Meulen
Copyright (C) 1998,1999,2000 Ivo Timmermans <itimmermans@bigfoot.com>
2000 Guus Sliepen <guus@sliepen.warande.net>
2000 Cris van Pelt <tribbel@arise.dhs.org>
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: conf.c,v 1.9.4.22 2000/11/20 19:12:11 guus Exp $
+ $Id: conf.c,v 1.9.4.23 2000/11/28 23:12:56 zarq Exp $
*/
#include "config.h"
#include <syslog.h>
#include <xalloc.h>
+#include <utils.h> /* for cp */
#include "conf.h"
#include "netutl.h" /* for strtoip */
-#include <utils.h> /* for cp */
#include "config.h"
#include "system.h"
*base = NULL;
cp
}
+
+#define is_safe_file(p) 1
+
+FILE *ask_and_safe_open(const char* filename)
+{
+ FILE *r;
+ char *directory;
+ char *fn;
+ int len;
+
+ if(!isatty(0))
+ {
+ /* Argh, they are running us from a script or something. Write
+ the files to the current directory and let them burn in hell
+ for ever. */
+ directory = "."; /* get_current_directory */
+ }
+ else
+ {
+ directory = ".";
+ }
+
+ len = strlen(filename) + strlen(directory) + 2; /* 1 for the / */
+ fn = xmalloc(len);
+ snprintf(fn, len, "%s/%s", directory, filename);
+
+ if(!is_safe_file(fn))
+ {
+ fprintf(stderr, _("The file `%s' (or any of the leading directories) has unsafe permissions.\n"
+ "I will not create or overwrite this file.\n"),
+ fn);
+ return NULL;
+ }
+
+ if((r = fopen(fn, "w")) == NULL)
+ {
+ fprintf(stderr, _("Error opening file `%s': %m"),
+ fn);
+ }
+
+ free(fn);
+
+ return r;
+}
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- $Id: tincd.c,v 1.10.4.35 2000/11/24 23:13:07 guus Exp $
+ $Id: tincd.c,v 1.10.4.36 2000/11/28 23:12:57 zarq Exp $
*/
#include "config.h"
# include <err.h>
#endif
+#ifdef HAVE_OPENSSL_PEM_H
+# include <openssl/pem.h>
+#else
+# include <pem.h>
+#endif
+
#include <utils.h>
}
}
-/* Generate a public/private RSA keypair, and possibly store it into the configuration file. */
-
+/*
+ Generate a public/private RSA keypair, and ask for a file to store
+ them in.
+*/
int keygen(int bits)
{
RSA *rsa_key;
+ FILE *f;
fprintf(stderr, _("Generating %d bits keys:\n"), bits);
rsa_key = RSA_generate_key(bits, 0xFFFF, indicator, NULL);
else
fprintf(stderr, _("Done.\n"));
- fprintf(stderr, _("Please copy the private key to tinc.conf and the\npublic key to your host configuration file:\n\n"));
- printf("PublicKey = %s\n", BN_bn2hex(rsa_key->n));
- printf("PrivateKey = %s\n", BN_bn2hex(rsa_key->d));
+ if((f = ask_and_safe_open("rsa_key.pub")) == NULL)
+ return -1;
+ PEM_write_RSAPublicKey(f, rsa_key);
+ fclose(f);
- fflush(stdin);
+ if((f = ask_and_safe_open("rsa_key.priv")) == NULL)
+ return -1;
+ PEM_write_RSAPrivateKey(f, rsa_key, NULL, NULL, 0, NULL, NULL);
+ fclose(f);
+
return 0;
}
projects / oweals / tinc.git / commitdiff