X-Git-Url: http://git.silcnet.org/gitweb/?a=blobdiff_plain;f=apps%2Fsilcd%2Fserverconfig.c;h=30d76af3516cae4c81cbb60a718e938cc66fadf3;hb=805fddcf6431e784f9f77114782a90c9d12f9cbe;hp=694f40eca6163407986487da1eafb8d1af14676b;hpb=8006e349e0ca4747f847fd059e6ac73622ed5211;p=silc.git diff --git a/apps/silcd/serverconfig.c b/apps/silcd/serverconfig.c index 694f40ec..30d76af3 100644 --- a/apps/silcd/serverconfig.c +++ b/apps/silcd/serverconfig.c @@ -183,8 +183,8 @@ static SilcBool my_parse_authdata(SilcAuthMethod auth_meth, const char *p, return TRUE; } -static SilcBool my_parse_publickeydir(const char *dirname, void **auth_data, - SilcSKRKeyUsage usage) +static int my_parse_publickeydir(const char *dirname, void **auth_data, + SilcSKRKeyUsage usage) { int total = 0; struct dirent *get_file; @@ -193,7 +193,7 @@ static SilcBool my_parse_publickeydir(const char *dirname, void **auth_data, if (!(dp = opendir(dirname))) { SILC_SERVER_LOG_ERROR(("Error while parsing config file: " "Could not open directory \"%s\"", dirname)); - return FALSE; + return -1; } /* errors are not considered fatal */ @@ -216,14 +216,14 @@ static SilcBool my_parse_publickeydir(const char *dirname, void **auth_data, SILC_SERVER_LOG_ERROR(("Error stating file %s: %s", buf, strerror(errno))); } else if (S_ISREG(check_file.st_mode)) { - my_parse_authdata(SILC_AUTH_PUBLIC_KEY, buf, auth_data, NULL, - usage, NULL); - total++; + if (my_parse_authdata(SILC_AUTH_PUBLIC_KEY, buf, auth_data, NULL, + usage, NULL)) + total++; } } SILC_LOG_DEBUG(("Tried to load %d public keys in \"%s\"", total, dirname)); - return TRUE; + return total; } /* Callbacks */ @@ -640,10 +640,11 @@ SILC_CONFIG_CALLBACK(fetch_serverinfo) /* Check the private key file permissions. */ if ((stat(file_tmp, &st)) != -1) { - if ((st.st_mode & 0777) != 0600) { + if (((st.st_mode & 0777) != 0600) && + ((st.st_mode & 0777) != 0640)) { SILC_SERVER_LOG_ERROR(("Wrong permissions in private key " "file \"%s\". The permissions must be " - "0600.", file_tmp)); + "0600 or 0640.", file_tmp)); return SILC_CONFIG_ESILENT; } } @@ -867,18 +868,22 @@ SILC_CONFIG_CALLBACK(fetch_client) else if (!strcmp(name, "publickey")) { if (!my_parse_authdata(SILC_AUTH_PUBLIC_KEY, (char *) val, (void *)&config->server->repository, NULL, + SILC_SKR_USAGE_AUTH | SILC_SKR_USAGE_KEY_AGREEMENT, NULL)) { got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else if (!strcmp(name, "publickeydir")) { - if (!my_parse_publickeydir((char *) val, - (void *)&config->server->repository, - SILC_SKR_USAGE_KEY_AGREEMENT)) { + if (my_parse_publickeydir((char *) val, + (void *)&config->server->repository, + SILC_SKR_USAGE_AUTH | + SILC_SKR_USAGE_KEY_AGREEMENT) < 0) { got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else if (!strcmp(name, "params")) { CONFIG_IS_DOUBLE(tmp->param); @@ -946,6 +951,7 @@ SILC_CONFIG_CALLBACK(fetch_admin) got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else return SILC_CONFIG_EINTERNAL; @@ -1043,10 +1049,12 @@ SILC_CONFIG_CALLBACK(fetch_server) CONFIG_IS_DOUBLE(tmp->publickeys); if (!my_parse_authdata(SILC_AUTH_PUBLIC_KEY, (char *) val, (void *)&config->server->repository, NULL, + SILC_SKR_USAGE_AUTH | SILC_SKR_USAGE_KEY_AGREEMENT, NULL)) { got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else if (!strcmp(name, "params")) { CONFIG_IS_DOUBLE(tmp->param); @@ -1120,10 +1128,12 @@ SILC_CONFIG_CALLBACK(fetch_router) CONFIG_IS_DOUBLE(tmp->publickeys); if (!my_parse_authdata(SILC_AUTH_PUBLIC_KEY, (char *) val, (void *)&config->server->repository, NULL, + SILC_SKR_USAGE_AUTH | SILC_SKR_USAGE_KEY_AGREEMENT, NULL)) { got_errno = SILC_CONFIG_EPRINTLINE; goto got_err; } + tmp->publickeys = TRUE; } else if (!strcmp(name, "params")) { CONFIG_IS_DOUBLE(tmp->param);