X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Finvitation.c;h=c008be2ac7a6c7d2cbbca62d1845b040716a723d;hb=0fe69908838248c28624beb540257892db6bdcbd;hp=e71a4889a3f177a14826db0aaf5dfd4082f2b79d;hpb=28b7a53b693f6b4e70218a926e68a36ece54cda1;p=tinc diff --git a/src/invitation.c b/src/invitation.c index e71a4889..c008be2a 100644 --- a/src/invitation.c +++ b/src/invitation.c @@ -34,6 +34,7 @@ #include "tincctl.h" #include "utils.h" #include "xalloc.h" +#include "random.h" #include "ed25519/sha512.h" @@ -457,11 +458,13 @@ int cmd_invite(int argc, char *argv[]) { randomize(cookie, 18); // Create a filename that doesn't reveal the cookie itself - uint8_t buf[18 + strlen(fingerprint)]; + const size_t buflen = 18 + strlen(fingerprint); + uint8_t *buf = alloca(buflen); + char cookiehash[64]; memcpy(buf, cookie, 18); - memcpy(buf + 18, fingerprint, sizeof(buf) - 18); - sha512(buf, sizeof(buf), cookiehash); + memcpy(buf + 18, fingerprint, buflen - 18); + sha512(buf, buflen, cookiehash); b64encode_tinc_urlsafe(cookiehash, cookiehash, 18); free(fingerprint); @@ -551,7 +554,7 @@ static char *data; static size_t datalen; static bool success = false; -static char *get_line(const char **data) { +static char *get_line(char *line, size_t linelen, const char **data) { if(!data || !*data) { return NULL; } @@ -561,11 +564,10 @@ static char *get_line(const char **data) { return NULL; } - static char line[1024]; const char *end = strchr(*data, '\n'); size_t len = end ? (size_t)(end - *data) : strlen(*data); - if(len >= sizeof(line)) { + if(len >= linelen) { fprintf(stderr, "Maximum line length exceeded!\n"); return NULL; } @@ -587,7 +589,9 @@ static char *get_line(const char **data) { } static char *get_value(const char *data, const char *var) { - char *line = get_line(&data); + static char buf[1024]; + + char *line = get_line(buf, sizeof(buf), &data); if(!line) { return NULL; @@ -654,18 +658,13 @@ static char *grep(const char *data, const char *var) { } static bool finalize_join(void) { - const char *temp_name = get_value(data, "Name"); + const char *name = get_value(data, "Name"); - if(!temp_name) { + if(!name) { fprintf(stderr, "No Name found in invitation!\n"); return false; } - size_t len = strlen(temp_name); - char name[len + 1]; - memcpy(name, temp_name, len); - name[len] = 0; - if(!check_id(name)) { fprintf(stderr, "Invalid Name found in invitation!\n"); return false; @@ -772,7 +771,9 @@ make_names: const char *p = data; char *l, *value; - while((l = get_line(&p))) { + static char line[1024]; + + while((l = get_line(line, sizeof(line), &p))) { // Ignore comments if(*l == '#') { continue; @@ -879,7 +880,7 @@ make_names: return false; } - while((l = get_line(&p))) { + while((l = get_line(line, sizeof(line), &p))) { if(!strcmp(l, "#---------------------------------------------------------------#")) { continue; } @@ -996,7 +997,7 @@ ask_netname: char filename2[PATH_MAX]; snprintf(filename, sizeof(filename), "%s" SLASH "tinc-up.invitation", confbase); -#ifdef HAVE_MINGW +#ifdef HAVE_WINDOWS snprintf(filename2, sizeof(filename2), "%s" SLASH "tinc-up.bat", confbase); #else snprintf(filename2, sizeof(filename2), "%s" SLASH "tinc-up", confbase); @@ -1028,7 +1029,7 @@ ask_netname: if(response == 'e') { char *command; -#ifndef HAVE_MINGW +#ifndef HAVE_WINDOWS const char *editor = getenv("VISUAL"); if(!editor) { @@ -1358,7 +1359,7 @@ next: continue; } -#if HAVE_MINGW +#if HAVE_WINDOWS // If socket has been shut down, recv() on Windows returns -1 and sets sockerrno // to WSAESHUTDOWN, while on UNIX-like operating systems recv() returns 0, so we