From f33b102a97cf94e7f0ef85bf7c183cda63b2b35c Mon Sep 17 00:00:00 2001 From: Dan Williams Date: Wed, 2 Jul 2008 20:36:39 +0000 Subject: [PATCH] 2008-07-02 Dan Williams * properties/auth-helpers.c - (tls_default_filter): read more of the certificate/key file to look for the known certificate or key tags, not just 1024 bytes git-svn-id: http://svn-archive.gnome.org/svn/NetworkManager/trunk@3801 4912f4e0-d625-0410-9fb7-b9a5a253dbdc --- vpn-daemons/openvpn/ChangeLog | 6 +++++ vpn-daemons/openvpn/properties/auth-helpers.c | 26 ++++++++++--------- 2 files changed, 20 insertions(+), 12 deletions(-) diff --git a/vpn-daemons/openvpn/ChangeLog b/vpn-daemons/openvpn/ChangeLog index e969f2c1c..11c5c4112 100644 --- a/vpn-daemons/openvpn/ChangeLog +++ b/vpn-daemons/openvpn/ChangeLog @@ -1,3 +1,9 @@ +2008-07-02 Dan Williams + + * properties/auth-helpers.c + - (tls_default_filter): read more of the certificate/key file to look + for the known certificate or key tags, not just 1024 bytes + 2008-06-30 Dan Williams * properties/auth-helpers.c diff --git a/vpn-daemons/openvpn/properties/auth-helpers.c b/vpn-daemons/openvpn/properties/auth-helpers.c index 381596ef8..ef751651e 100644 --- a/vpn-daemons/openvpn/properties/auth-helpers.c +++ b/vpn-daemons/openvpn/properties/auth-helpers.c @@ -458,11 +458,10 @@ static gboolean tls_default_filter (const GtkFileFilterInfo *filter_info, gpointer data) { int fd; - unsigned char buffer[1024]; - ssize_t bytes_read; + char *contents = NULL, *p, *ext; + gsize bytes_read = 0; gboolean show = FALSE; - char *p; - char *ext; + struct stat statbuf; if (!filter_info->filename) return FALSE; @@ -480,33 +479,36 @@ tls_default_filter (const GtkFileFilterInfo *filter_info, gpointer data) } g_free (ext); - fd = open (filter_info->filename, O_RDONLY); - if (fd < 0) + /* Ignore files that are really large */ + if (!stat (filter_info->filename, &statbuf)) { + if (statbuf.st_size > 500000) + return FALSE; + } + + if (!g_file_get_contents (filter_info->filename, &contents, &bytes_read, NULL)) return FALSE; - bytes_read = read (fd, buffer, sizeof (buffer) - 1); if (bytes_read < 400) /* needs to be lower? */ goto out; - buffer[bytes_read] = '\0'; /* Check for PEM signatures */ - if (find_tag (pem_rsa_key_begin, (const char *) buffer, bytes_read)) { + if (find_tag (pem_rsa_key_begin, (const char *) contents, bytes_read)) { show = TRUE; goto out; } - if (find_tag (pem_dsa_key_begin, (const char *) buffer, bytes_read)) { + if (find_tag (pem_dsa_key_begin, (const char *) contents, bytes_read)) { show = TRUE; goto out; } - if (find_tag (pem_cert_begin, (const char *) buffer, bytes_read)) { + if (find_tag (pem_cert_begin, (const char *) contents, bytes_read)) { show = TRUE; goto out; } out: - close (fd); + g_free (contents); return show; }