From: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue, 20 Jan 2009 13:21:50 +0000 (+0100)
Subject: Validate Name before using it in a filename when generating a keypair.
X-Git-Tag: release-1.0.10~88
X-Git-Url: https://git.librecmc.org/?p=oweals%2Ftinc.git;a=commitdiff_plain;h=0d0dfd0852e9b2c9a7660880966a3c84790d5ea2

Validate Name before using it in a filename when generating a keypair.
---

diff --git a/src/tincd.c b/src/tincd.c
index c4e8fad..5fedd69 100644
--- a/src/tincd.c
+++ b/src/tincd.c
@@ -292,6 +292,18 @@ static bool keygen(int bits)
 	char *name = NULL;
 	char *filename;
 
+	get_config_string(lookup_config(config_tree, "Name"), &name);
+
+	if(name) {
+		if(!check_id(name)) {
+			fprintf(stderr, _("Invalid name for myself!\n"));
+			return false;
+		}
+		asprintf(&filename, "%s/hosts/%s", confbase, name);
+		free(name);
+	} else
+		asprintf(&filename, "%s/rsa_key.pub", confbase);
+
 	fprintf(stderr, _("Generating %d bits keys:\n"), bits);
 	rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL);
 
@@ -319,13 +331,6 @@ static bool keygen(int bits)
 	fclose(f);
 	free(filename);
 
-	get_config_string(lookup_config(config_tree, "Name"), &name);
-
-	if(name)
-		asprintf(&filename, "%s/hosts/%s", confbase, name);
-	else
-		asprintf(&filename, "%s/rsa_key.pub", confbase);
-
 	f = ask_and_open(filename, _("public RSA key"), "a");
 
 	if(!f)