projects / oweals / tinc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
If no Port is specified, set myport to actual port of first listening socket.
[oweals/tinc.git] / src / net_setup.c
diff --git a/src/net_setup.c b/src/net_setup.c
index 2eff09f3f6d7a1370269c462e55ee63c908844df..249724d31791c4bac6fbea13c8eb2e64399a736d 100644 (file)
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -1,7 +1,7 @@
 /*
     net_setup.c -- Setup.
     Copyright (C) 1998-2005 Ivo Timmermans,
-                  2000-2012 Guus Sliepen <guus@tinc-vpn.org>
+                  2000-2013 Guus Sliepen <guus@tinc-vpn.org>
                   2006      Scott Lamb <slamb@slamb.org>
                   2010      Brandon Black <blblack@gmail.com>
 
@@ -55,7 +55,8 @@ proxytype_t proxytype;
 
 bool read_rsa_public_key(connection_t *c) {
        FILE *fp;
-       char *fname;
+       char *pubname;
+       char *hcfname;
        char *key;
 
        if(!c->rsa_key) {
@@ -66,7 +67,10 @@ bool read_rsa_public_key(connection_t *c) {
        /* First, check for simple PublicKey statement */
 
        if(get_config_string(lookup_config(c->config_tree, "PublicKey"), &key)) {
-               BN_hex2bn(&c->rsa_key->n, key);
+               if(BN_hex2bn(&c->rsa_key->n, key) != strlen(key)) {
+                       logger(LOG_ERR, "Invalid PublicKey for %s!", c->name);
+                       return false;
+               }
                BN_hex2bn(&c->rsa_key->e, "FFFF");
                free(key);
                return true;
@@ -74,80 +78,79 @@ bool read_rsa_public_key(connection_t *c) {
 
        /* Else, check for PublicKeyFile statement and read it */
 
-       if(get_config_string(lookup_config(c->config_tree, "PublicKeyFile"), &fname)) {
-               fp = fopen(fname, "r");
+       if(get_config_string(lookup_config(c->config_tree, "PublicKeyFile"), &pubname)) {
+               fp = fopen(pubname, "r");
 
                if(!fp) {
-                       logger(LOG_ERR, "Error reading RSA public key file `%s': %s",
-                                  fname, strerror(errno));
-                       free(fname);
+                       logger(LOG_ERR, "Error reading RSA public key file `%s': %s", pubname, strerror(errno));
+                       free(pubname);
                        return false;
                }
 
-               free(fname);
                c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
                fclose(fp);
 
-               if(c->rsa_key)
+               if(c->rsa_key) {
+                       free(pubname);
                        return true;            /* Woohoo. */
+               }
 
                /* If it fails, try PEM_read_RSA_PUBKEY. */
-               fp = fopen(fname, "r");
+               fp = fopen(pubname, "r");
 
                if(!fp) {
-                       logger(LOG_ERR, "Error reading RSA public key file `%s': %s",
-                                  fname, strerror(errno));
-                       free(fname);
+                       logger(LOG_ERR, "Error reading RSA public key file `%s': %s", pubname, strerror(errno));
+                       free(pubname);
                        return false;
                }
 
-               free(fname);
                c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
                fclose(fp);
 
                if(c->rsa_key) {
 //                             RSA_blinding_on(c->rsa_key, NULL);
+                       free(pubname);
                        return true;
                }
 
-               logger(LOG_ERR, "Reading RSA public key file `%s' failed: %s",
-                          fname, strerror(errno));
+               logger(LOG_ERR, "Reading RSA public key file `%s' failed: %s", pubname, strerror(errno));
+               free(pubname);
                return false;
        }
 
        /* Else, check if a harnessed public key is in the config file */
 
-       xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
-       fp = fopen(fname, "r");
+       xasprintf(&hcfname, "%s/hosts/%s", confbase, c->name);
+       fp = fopen(hcfname, "r");
 
        if(!fp) {
-               logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
-               free(fname);
+               logger(LOG_ERR, "Error reading RSA public key file `%s': %s", hcfname, strerror(errno));
+               free(hcfname);
                return false;
        }
 
        c->rsa_key = PEM_read_RSAPublicKey(fp, &c->rsa_key, NULL, NULL);
        fclose(fp);
-       free(fname);
 
-       if(c->rsa_key)
+       if(c->rsa_key) {
+               free(hcfname);
                return true;
+       }
 
        /* Try again with PEM_read_RSA_PUBKEY. */
 
-       xasprintf(&fname, "%s/hosts/%s", confbase, c->name);
-       fp = fopen(fname, "r");
+       fp = fopen(hcfname, "r");
 
        if(!fp) {
-               logger(LOG_ERR, "Error reading RSA public key file `%s': %s", fname, strerror(errno));
-               free(fname);
+               logger(LOG_ERR, "Error reading RSA public key file `%s': %s", hcfname, strerror(errno));
+               free(hcfname);
                return false;
        }
 
+       free(hcfname);
        c->rsa_key = PEM_read_RSA_PUBKEY(fp, &c->rsa_key, NULL, NULL);
 //     RSA_blinding_on(c->rsa_key, NULL);
        fclose(fp);
-       free(fname);
 
        if(c->rsa_key)
                return true;
@@ -160,7 +163,6 @@ bool read_rsa_public_key(connection_t *c) {
 static bool read_rsa_private_key(void) {
        FILE *fp;
        char *fname, *key, *pubkey;
-       struct stat s;
 
        if(get_config_string(lookup_config(config_tree, "PrivateKey"), &key)) {
                if(!get_config_string(lookup_config(config_tree, "PublicKey"), &pubkey)) {
@@ -169,8 +171,14 @@ static bool read_rsa_private_key(void) {
                }
                myself->connection->rsa_key = RSA_new();
 //             RSA_blinding_on(myself->connection->rsa_key, NULL);
-               BN_hex2bn(&myself->connection->rsa_key->d, key);
-               BN_hex2bn(&myself->connection->rsa_key->n, pubkey);
+               if(BN_hex2bn(&myself->connection->rsa_key->d, key) != strlen(key)) {
+                       logger(LOG_ERR, "Invalid PrivateKey for myself!");
+                       return false;
+               }
+               if(BN_hex2bn(&myself->connection->rsa_key->n, pubkey) != strlen(pubkey)) {
+                       logger(LOG_ERR, "Invalid PublicKey for myself!");
+                       return false;
+               }
                BN_hex2bn(&myself->connection->rsa_key->e, "FFFF");
                free(key);
                free(pubkey);
@@ -190,6 +198,8 @@ static bool read_rsa_private_key(void) {
        }
 
 #if !defined(HAVE_MINGW) && !defined(HAVE_CYGWIN)
+       struct stat s;
+
        if(fstat(fileno(fp), &s)) {
                logger(LOG_ERR, "Could not stat RSA private key file `%s': %s'",
                                fname, strerror(errno));
@@ -285,17 +295,18 @@ char *get_name(void) {
 
        if(*name == '$') {
                char *envname = getenv(name + 1);
+               char hostname[32] = "";
                if(!envname) {
                        if(strcmp(name + 1, "HOST")) {
                                fprintf(stderr, "Invalid Name: environment variable %s does not exist\n", name + 1);
                                return false;
                        }
-                       envname = alloca(32);
-                       if(gethostname(envname, 32)) {
+                       if(gethostname(hostname, sizeof hostname) || !*hostname) {
                                fprintf(stderr, "Could not get hostname: %s\n", strerror(errno));
                                return false;
                        }
-                       envname[31] = 0;
+                       hostname[31] = 0;
+                       envname = hostname;
                }
                free(name);
                name = xstrdup(envname);
@@ -324,11 +335,12 @@ static bool setup_myself(void) {
        char *address = NULL;
        char *proxy = NULL;
        char *space;
-       char *envp[5];
+       char *envp[5] = {NULL};
        struct addrinfo *ai, *aip, hint = {0};
        bool choice;
        int i, err;
        int replaywin_int;
+       bool port_specified = false;
 
        myself = new_node();
        myself->connection = new_connection();
@@ -344,6 +356,8 @@ static bool setup_myself(void) {
                return false;
        }
 
+       /* Read tinc.conf and our own host config file */
+
        myself->name = name;
        myself->connection->name = xstrdup(name);
        xasprintf(&fname, "%s/hosts/%s", confbase, name);
@@ -356,6 +370,10 @@ static bool setup_myself(void) {
 
        if(!get_config_string(lookup_config(config_tree, "Port"), &myport))
                myport = xstrdup("655");
+       else
+               port_specified = true;
+
+       /* Ensure myport is numeric */
 
        if(!atoi(myport)) {
                struct addrinfo *ai = str2addrinfo("localhost", myport, SOCK_DGRAM);
@@ -422,7 +440,7 @@ static bool setup_myself(void) {
                                if(proxyuser && *proxyuser)
                                        proxyuser = xstrdup(proxyuser);
                                if(proxypass && *proxypass)
-                                       proxyuser = xstrdup(proxypass);
+                                       proxypass = xstrdup(proxypass);
                                break;
                }
 
@@ -682,11 +700,10 @@ static bool setup_myself(void) {
        xasprintf(&envp[1], "DEVICE=%s", device ? : "");
        xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
        xasprintf(&envp[3], "NAME=%s", myself->name);
-       envp[4] = NULL;
 
        execute_script("tinc-up", envp);
 
-       for(i = 0; i < 5; i++)
+       for(i = 0; i < 4; i++)
                free(envp[i]);
 
        /* Run subnet-up scripts for our own subnets */
@@ -802,13 +819,27 @@ static bool setup_myself(void) {
                } while(cfg);
        }
 
-       if(listen_sockets)
-               logger(LOG_NOTICE, "Ready");
-       else {
+       if(!listen_sockets) {
                logger(LOG_ERR, "Unable to create any listening socket!");
                return false;
        }
 
+       /* If no Port option was specified, set myport to the port used by the first listening socket. */
+
+       if(!port_specified) {
+               sockaddr_t sa;
+               socklen_t salen = sizeof sa;
+               if(!getsockname(listen_socket[0].udp, &sa.sa, &salen)) {
+                       free(myport);
+                       sockaddr2str(&sa, NULL, &myport);
+                       if(!myport)
+                               myport = xstrdup("655");
+               }
+       }
+
+       /* Done. */
+
+       logger(LOG_NOTICE, "Ready");
        return true;
 }
 
@@ -852,7 +883,7 @@ bool setup_network(void) {
 void close_network_connections(void) {
        avl_node_t *node, *next;
        connection_t *c;
-       char *envp[5];
+       char *envp[5] = {NULL};
        int i;
 
        for(node = connection_tree->head; node; node = next) {
@@ -886,7 +917,6 @@ void close_network_connections(void) {
        xasprintf(&envp[1], "DEVICE=%s", device ? : "");
        xasprintf(&envp[2], "INTERFACE=%s", iface ? : "");
        xasprintf(&envp[3], "NAME=%s", myself->name);
-       envp[4] = NULL;
 
        exit_requests();
        exit_edges();
Unnamed repository; edit this file 'description' to name the repository.