From 922e14145866c966e9cd7ef50ede844beb348bd2 Mon Sep 17 00:00:00 2001 From: Hans-Joerg Hoexer Date: Wed, 23 Jun 2004 03:01:54 +0000 Subject: Avoid stat before open. Do open and fstat instead. Remove check_file_secrecy() as it is obsoleted be check_file_secrecy_fd(). ok ho@ --- sbin/isakmpd/ike_auth.c | 23 ++++++++++++++++------- sbin/isakmpd/util.c | 28 +--------------------------- sbin/isakmpd/util.h | 3 +-- 3 files changed, 18 insertions(+), 36 deletions(-) (limited to 'sbin') diff --git a/sbin/isakmpd/ike_auth.c b/sbin/isakmpd/ike_auth.c index 72816f12533..ddcd8cd0b32 100644 --- a/sbin/isakmpd/ike_auth.c +++ b/sbin/isakmpd/ike_auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ike_auth.c,v 1.93 2004/06/22 18:22:18 hshoexer Exp $ */ +/* $OpenBSD: ike_auth.c,v 1.94 2004/06/23 03:01:52 hshoexer Exp $ */ /* $EOM: ike_auth.c,v 1.59 2000/11/21 00:21:31 angelos Exp $ */ /* @@ -148,6 +148,7 @@ ike_auth_get_key(int type, char *id, char *local_id, size_t *keylen) { char *key, *buf; #if defined (USE_X509) || defined (USE_KEYNOTE) + int fd; char *keyfile; #if defined (USE_X509) FILE *keyfp; @@ -204,7 +205,7 @@ ike_auth_get_key(int type, char *id, char *local_id, size_t *keylen) struct stat sb; struct keynote_deckey dc; char *privkeyfile, *buf2; - int fd, pkflen; + int pkflen; size_t size; pkflen = strlen(keyfile) + strlen(local_id) + @@ -284,15 +285,23 @@ ignorekeynote: /* Otherwise, try X.509 */ keyfile = conf_get_str("X509-certificates", "Private-key"); - if (check_file_secrecy(keyfile, &fsize)) - return 0; - - keyfp = monitor_fopen(keyfile, "r"); - if (!keyfp) { + fd = monitor_open(keyfile, O_RDONLY, 0); + if (fd < 0) { log_print("ike_auth_get_key: failed opening \"%s\"", keyfile); return 0; } + + if (check_file_secrecy_fd(fd, keyfile, &fsize) < 0) { + close(fd); + return 0; + } + + if ((keyfp = fdopen(fd, "r")) == NULL) { + log_print("ike_auth_get_key: fdopen failed"); + close(fd); + return 0; + } #if SSLEAY_VERSION_NUMBER >= 0x00904100L rsakey = PEM_read_RSAPrivateKey(keyfp, NULL, NULL, NULL); #else diff --git a/sbin/isakmpd/util.c b/sbin/isakmpd/util.c index 5778a227b81..cfa3f8b4d31 100644 --- a/sbin/isakmpd/util.c +++ b/sbin/isakmpd/util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: util.c,v 1.44 2004/06/23 01:17:29 ho Exp $ */ +/* $OpenBSD: util.c,v 1.45 2004/06/23 03:01:53 hshoexer Exp $ */ /* $EOM: util.c,v 1.23 2000/11/23 12:22:08 niklas Exp $ */ /* @@ -505,32 +505,6 @@ util_ntoa(char **buf, int af, u_int8_t *addr) * Returns -1 on failure, 0 otherwise. * Also, if FILE_SIZE is a not a null pointer, store file size here. */ -int -check_file_secrecy(char *name, size_t *file_size) -{ - struct stat st; - - if (monitor_stat(name, &st) == -1) { - log_error("check_file_secrecy: stat (\"%s\") failed", name); - return -1; - } - if (st.st_uid != 0 && st.st_uid != getuid()) { - log_print("check_file_secrecy: " - "not loading %s - file owner is not process user", name); - errno = EPERM; - return -1; - } - if ((st.st_mode & (S_IRWXG | S_IRWXO)) != 0) { - log_print("check_file_secrecy: not loading %s - too open " - "permissions", name); - errno = EPERM; - return -1; - } - if (file_size) - *file_size = (size_t)st.st_size; - - return 0; -} int check_file_secrecy_fd(int fd, char *name, size_t *file_size) diff --git a/sbin/isakmpd/util.h b/sbin/isakmpd/util.h index 92dab9a7d82..b370ff26c18 100644 --- a/sbin/isakmpd/util.h +++ b/sbin/isakmpd/util.h @@ -1,4 +1,4 @@ -/* $OpenBSD: util.h,v 1.20 2004/06/20 15:24:05 ho Exp $ */ +/* $OpenBSD: util.h,v 1.21 2004/06/23 03:01:53 hshoexer Exp $ */ /* $EOM: util.h,v 1.10 2000/10/24 13:33:39 niklas Exp $ */ /* @@ -42,7 +42,6 @@ extern unsigned long seed; struct message; struct sockaddr; -extern int check_file_secrecy(char *, size_t *); extern int check_file_secrecy_fd(int, char *, size_t *); extern u_int16_t decode_16(u_int8_t *); extern u_int32_t decode_32(u_int8_t *); -- cgit v1.2.3