/*
invitation.c -- Create and accept invitations
- Copyright (C) 2013-2014 Guus Sliepen <guus@tinc-vpn.org>
+ Copyright (C) 2014 Guus Sliepen <guus@meshlink.io>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
#include "ecdsa.h"
#include "ecdsagen.h"
#include "invitation.h"
-#include "names.h"
#include "netutl.h"
-#include "rsagen.h"
-#include "script.h"
#include "sptps.h"
#include "tincctl.h"
#include "utils.h"
}
}
- char hash[25];
+ char hash[64];
xasprintf(&filename, "%s" SLASH "invitations", confbase);
if(mkdir(filename, 0700) && errno != EEXIST) {
// Create a hash of the key.
char *fingerprint = ecdsa_get_base64_public_key(key);
- digest_t *digest = digest_open_by_name("sha256", 18);
- if(!digest)
- abort();
- digest_create(digest, fingerprint, strlen(fingerprint), hash);
+ sha512(fingerprint, strlen(fingerprint), hash);
b64encode_urlsafe(hash, hash, 18);
// Create a random cookie for this invitation.
// Create a filename that doesn't reveal the cookie itself
char buf[18 + strlen(fingerprint)];
- char cookiehash[25];
+ char cookiehash[64];
memcpy(buf, cookie, 18);
memcpy(buf + 18, fingerprint, sizeof buf - 18);
- digest_create(digest, buf, sizeof buf, cookiehash);
+ sha512(buf, sizeof buf, cookiehash);
b64encode_urlsafe(cookiehash, cookiehash, 18);
b64encode_urlsafe(cookie, cookie, 18);
char *url;
xasprintf(&url, "%s/%s%s", address, hash, cookie);
- // Call the inviation-created script
- char *envp[6] = {};
- xasprintf(&envp[0], "NAME=%s", myname);
- xasprintf(&envp[1], "NETNAME=%s", netname);
- xasprintf(&envp[2], "NODE=%s", argv[1]);
- xasprintf(&envp[3], "INVITATION_FILE=%s", filename);
- xasprintf(&envp[4], "INVITATION_URL=%s", url);
- execute_script("invitation-created", envp);
- for(int i = 0; i < 6 && envp[i]; i++)
- free(envp[i]);
-
- puts(url);
- free(url);
- free(filename);
- free(address);
-
return 0;
}
char temp_netname[32];
make_names:
- if(!confbasegiven) {
- free(confbase);
- confbase = NULL;
- }
-
- make_names();
-
free(tinc_conf);
free(hosts_dir);
sptps_send_record(&sptps, 1, b64key, strlen(b64key));
free(b64key);
-
- rsa_t *rsa = rsa_generate(2048, 0x1001);
- xasprintf(&filename, "%s" SLASH "rsa_key.priv", confbase);
- f = fopenmask(filename, "w", 0600);
-
- rsa_write_pem_private_key(rsa, f);
- fclose(f);
-
- rsa_write_pem_public_key(rsa, fh);
- fclose(fh);
-
ecdsa_free(key);
- rsa_free(rsa);
check_port(name);
free(newbase);
netname = line;
- make_names();
}
fprintf(stderr, "Configuration stored in: %s\n", confbase);
}
// Make sure confbase exists and is accessible.
- if(!confbase_given && mkdir(confdir, 0755) && errno != EEXIST) {
- fprintf(stderr, "Could not create directory %s: %s\n", confdir, strerror(errno));
- return 1;
- }
-
if(mkdir(confbase, 0777) && errno != EEXIST) {
fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno));
return 1;
// Check if the hash of the key he gave us matches the hash in the URL.
char *fingerprint = line + 2;
- digest_t *digest = digest_open_by_name("sha256", 18);
- if(!digest)
- abort();
- char hishash[18];
- if(!digest_create(digest, fingerprint, strlen(fingerprint), hishash)) {
- fprintf(stderr, "Could not create digest\n%s\n", line + 2);
+ char hishash[64];
+ if(!sha512(fingerprint, strlen(fingerprint), hishash)) {
+ fprintf(stderr, "Could not create hash\n%s\n", line + 2);
return 1;
}
if(memcmp(hishash, hash, 18)) {