Commit 7e80ddea authored by deuce's avatar deuce
Browse files

Open cryptlib.key read-only (also, be cooler)

parent 66a23d64
......@@ -2993,7 +2993,7 @@ static void smtp_thread(void* arg)
srand((unsigned int)(time(NULL) ^ (time_t)GetCurrentThreadId())); /* seed random number generator */
rand(); /* throw-away first result */
SAFEPRINTF4(session_id,"%x%x%x%lx",getpid(),socket,rand(),clock());
SAFEPRINTF4(session_id,"%x%x%x%lx",getpid(),socket,rand(),(long)clock());
lprintf(LOG_DEBUG,"%04d SMTP Session ID=%s", socket, session_id);
SAFEPRINTF2(msgtxt_fname,"%sSBBS_SMTP.%s.msg", scfg.temp_dir, session_id);
SAFEPRINTF2(newtxt_fname,"%sSBBS_SMTP.%s.new", scfg.temp_dir, session_id);
......
......@@ -109,34 +109,34 @@ static link_list_t current_connections;
int thread_suid_broken=TRUE; /* NPTL is no longer broken */
#endif
#define GCES(status, node, sess, action) do { \
char *GCES_estr; \
int GCES_level; \
get_crypt_error_string(status, sess, &GCES_estr, action, &GCES_level); \
#define GCES(status, node, sess, action) do { \
char *GCES_estr; \
int GCES_level; \
get_crypt_error_string(status, sess, &GCES_estr, action, &GCES_level);\
if (GCES_estr) { \
lprintf(GCES_level, "Node %d SSH %s", node, GCES_estr); \
free_crypt_attrstr(GCES_estr); \
} \
lprintf(GCES_level, "Node %d SSH %s", node, GCES_estr); \
free_crypt_attrstr(GCES_estr); \
} \
} while (0)
#define GCESNN(status, sess, action) do { \
char *GCES_estr; \
int GCES_level; \
get_crypt_error_string(status, sess, &GCES_estr, action, &GCES_level); \
#define GCESNN(status, sess, action) do { \
char *GCES_estr; \
int GCES_level; \
get_crypt_error_string(status, sess, &GCES_estr, action, &GCES_level);\
if (GCES_estr) { \
lprintf(GCES_level, "SSH %s", GCES_estr); \
free_crypt_attrstr(GCES_estr); \
} \
lprintf(GCES_level, "SSH %s", GCES_estr); \
free_crypt_attrstr(GCES_estr); \
} \
} while (0)
#define GCESS(status, sock, sess, action) do { \
char *GCES_estr; \
int GCES_level; \
get_crypt_error_string(status, sess, &GCES_estr, action, &GCES_level); \
#define GCESS(status, sock, sess, action) do { \
char *GCES_estr; \
int GCES_level; \
get_crypt_error_string(status, sess, &GCES_estr, action, &GCES_level);\
if (GCES_estr) { \
lprintf(GCES_level, "%04d SSH %s", sock, GCES_estr); \
free_crypt_attrstr(GCES_estr); \
} \
lprintf(GCES_level, "%04d SSH %s", sock, GCES_estr); \
free_crypt_attrstr(GCES_estr); \
} \
} while (0)
extern "C" {
......@@ -4976,7 +4976,7 @@ void DLLCALL bbs_thread(void* arg)
}
/* Get the private key... first try loading it from a file... */
SAFEPRINTF2(str,"%s%s",scfg.ctrl_dir,"cryptlib.key");
if(cryptStatusOK(cryptKeysetOpen(&ssh_keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, str, CRYPT_KEYOPT_NONE))) {
if(cryptStatusOK(cryptKeysetOpen(&ssh_keyset, CRYPT_UNUSED, CRYPT_KEYSET_FILE, str, CRYPT_KEYOPT_READONLY))) {
if(!cryptStatusOK(i=cryptGetPrivateKey(ssh_keyset, &ssh_context, CRYPT_KEYID_NAME, "ssh_server", scfg.sys_pass))) {
GCESNN(i, ssh_keyset, "getting private key");
goto NO_SSH;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment