From 0d0dfd0852e9b2c9a7660880966a3c84790d5ea2 Mon Sep 17 00:00:00 2001
From: Guus Sliepen <guus@tinc-vpn.org>
Date: Tue, 20 Jan 2009 14:21:50 +0100
Subject: [PATCH] Validate Name before using it in a filename when generating a
 keypair.

---
 src/tincd.c | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/src/tincd.c b/src/tincd.c
index c4e8fad..5fedd69 100644
--- a/src/tincd.c
+++ b/src/tincd.c
@@ -292,6 +292,18 @@ static bool keygen(int bits)
 	char *name = NULL;
 	char *filename;
 
+	get_config_string(lookup_config(config_tree, "Name"), &name);
+
+	if(name) {
+		if(!check_id(name)) {
+			fprintf(stderr, _("Invalid name for myself!\n"));
+			return false;
+		}
+		asprintf(&filename, "%s/hosts/%s", confbase, name);
+		free(name);
+	} else
+		asprintf(&filename, "%s/rsa_key.pub", confbase);
+
 	fprintf(stderr, _("Generating %d bits keys:\n"), bits);
 	rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL);
 
@@ -319,13 +331,6 @@ static bool keygen(int bits)
 	fclose(f);
 	free(filename);
 
-	get_config_string(lookup_config(config_tree, "Name"), &name);
-
-	if(name)
-		asprintf(&filename, "%s/hosts/%s", confbase, name);
-	else
-		asprintf(&filename, "%s/rsa_key.pub", confbase);
-
 	f = ask_and_open(filename, _("public RSA key"), "a");
 
 	if(!f)
-- 
2.25.1