From: Guus Sliepen <guus@tinc-vpn.org>
Date: Fri, 26 Jul 2013 13:44:05 +0000 (+0200)
Subject: Make absolutely sure we can write config files before accepting an invitation.
X-Git-Tag: release-1.1pre8~12
X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=d47c79533f831a2714aff277aff31c46da1ec684

Make absolutely sure we can write config files before accepting an invitation.
---

diff --git a/src/invitation.c b/src/invitation.c
index a5454bf4..95478a7f 100644
--- a/src/invitation.c
+++ b/src/invitation.c
@@ -749,9 +749,20 @@ int cmd_join(int argc, char *argv[]) {
 		return 1;
 	}
 
-	// Make sure confdir exists.
-	if(mkdir(confdir, 0755) && errno != EEXIST) {
-		fprintf(stderr, "Could not create directory %s: %s\n", CONFDIR, strerror(errno));
+	// Make sure confbase exists and is accessible.
+	if(mkdir(confbase, 0755) && errno != EEXIST) {
+		fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno));
+		return 1;
+	}
+
+	if(access(confbase, R_OK | W_OK | X_OK)) {
+		fprintf(stderr, "No permission to write in directory %s: %s\n", confbase, strerror(errno));
+		return 1;
+	}
+
+	// If a netname or explicit configuration directory is specified, check for an existing tinc.conf.
+	if((netname || confbasegiven) && !access(tinc_conf, F_OK)) {
+		fprintf(stderr, "Configuration file %s already exists!\n", tinc_conf);
 		return 1;
 	}