Validate Name before using it in a filename when generating a keypair.

2009-01-20 14:21:50 +01:00 · 2009-01-20 14:21:50 +01:00 · 0d0dfd0852
commit 0d0dfd0852
parent 0966cca8ab
1 changed files with 12 additions and 7 deletions
--- a/src/tincd.c
+++ b/src/tincd.c
@ -292,6 +292,18 @@ static bool keygen(int bits)
 	char *name = NULL;
 	char *filename;

+	get_config_string(lookup_config(config_tree, "Name"), &name);
+
+	if(name) {
+		if(!check_id(name)) {
+			fprintf(stderr, _("Invalid name for myself!\n"));
+			return false;
+		}
+		asprintf(&filename, "%s/hosts/%s", confbase, name);
+		free(name);
+	} else
+		asprintf(&filename, "%s/rsa_key.pub", confbase);
+
 	fprintf(stderr, _("Generating %d bits keys:\n"), bits);
 	rsa_key = RSA_generate_key(bits, 0x10001, indicator, NULL);

@ -319,13 +331,6 @@ static bool keygen(int bits)
 	fclose(f);
 	free(filename);

-	get_config_string(lookup_config(config_tree, "Name"), &name);
-
-	if(name)
-		asprintf(&filename, "%s/hosts/%s", confbase, name);
-	else
-		asprintf(&filename, "%s/rsa_key.pub", confbase);
-
 	f = ask_and_open(filename, _("public RSA key"), "a");

 	if(!f)