diff options
author | Niklas Hallqvist <niklas@cvs.openbsd.org> | 2000-10-13 13:42:51 +0000 |
---|---|---|
committer | Niklas Hallqvist <niklas@cvs.openbsd.org> | 2000-10-13 13:42:51 +0000 |
commit | 29797fad999ccfa3ccf9f4addfab306543d3c606 (patch) | |
tree | 2d2417d720e0e28e5420d87cde05a3f4993a5584 /sbin/isakmpd | |
parent | 53dee6c83c078c4fad978c6719a51078220f17d1 (diff) |
util.h: Merge with EOM 1.8
ike_auth.c: Merge with EOM 1.57
author: ho
Add file permission check to private key file. Split out check function to util.c.
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r-- | sbin/isakmpd/ike_auth.c | 7 | ||||
-rw-r--r-- | sbin/isakmpd/util.h | 5 |
2 files changed, 8 insertions, 4 deletions
diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c index bf716c226d7..70144e7758e 100644 --- a/sbin/isakmpd/ike_auth.c +++ b/sbin/isakmpd/ike_auth.c @@ -1,5 +1,5 @@ -/* $OpenBSD: ike_auth.c,v 1.28 2000/10/07 07:01:04 niklas Exp $ */ -/* $EOM: ike_auth.c,v 1.56 2000/09/28 12:53:27 niklas Exp $ */ +/* $OpenBSD: ike_auth.c,v 1.29 2000/10/13 13:42:50 niklas Exp $ */ +/* $EOM: ike_auth.c,v 1.57 2000/10/13 13:04:16 ho Exp $ */ /* * Copyright (c) 1998, 1999, 2000 Niklas Hallqvist. All rights reserved. @@ -273,6 +273,9 @@ ike_auth_get_key (int type, char *id, char *local_id, size_t *keylen) /* Otherwise, try X.509 */ keyfile = conf_get_str ("X509-certificates", "Private-key"); + if (check_file_secrecy (keyfile, NULL)) + return 0; + if ((keyh = LC (BIO_new, (LC (BIO_s_file, ())))) == NULL) { log_print ("ike_auth_get_key: " diff --git a/sbin/isakmpd/util.h b/sbin/isakmpd/util.h index 8b8ee3a6c76..302763570ce 100644 --- a/sbin/isakmpd/util.h +++ b/sbin/isakmpd/util.h @@ -1,5 +1,5 @@ -/* $OpenBSD: util.h,v 1.4 1999/08/05 22:40:37 niklas Exp $ */ -/* $EOM: util.h,v 1.7 1999/08/05 15:00:04 niklas Exp $ */ +/* $OpenBSD: util.h,v 1.5 2000/10/13 13:42:50 niklas Exp $ */ +/* $EOM: util.h,v 1.8 2000/10/13 13:04:16 ho Exp $ */ /* * Copyright (c) 1998 Niklas Hallqvist. All rights reserved. @@ -52,5 +52,6 @@ extern void encode_32 (u_int8_t *, u_int32_t); extern u_int8_t *getrandom (u_int8_t *, size_t); extern int hex2raw (char *, u_int8_t *, size_t); extern int zero_test (const u_int8_t *, size_t); +extern int check_file_secrecy (char *, off_t *); #endif /* _UTIL_H_ */ |