AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2024-11-25 02:49:52 +03:00
Code Releases Activity

Change GetExeDir to GetStateDir in Cedar and Mayaqua.

Browse Source 
Resolve this AppArmor error by ensuring that certificate files files are
written into /var/lib/softether instead of the current working directory:

	Profile: /usr/sbin/softetherd
	Operation: mkdir
	Name: /usr/sbin/chain_certs
	Denied: c
	Logfile: /var/log/kern.log

	type=1400 audit: apparmor="DENIED" operation="mkdir" profile="/usr/sbin/softetherd" name="/usr/sbin/chain_certs/" pid=36448 comm="softetherd" requested_mask="c" denied_mask="c" fsuid=0 ouid=0
This commit is contained in:
Darik Horn 2014-07-11 16:17:18 -04:00
parent 64dd780905
commit d68db9f2ce
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/Cedar/Protocol.c
View File

@ -161,10 +161,10 @@ bool TryGetRootCertChain(LIST *o, X *x, bool auto_save, X **found_root_x)
UINT i; UINT i;
DIRLIST *dir; DIRLIST *dir;
wchar_t dirname[MAX_SIZE]; wchar_t dirname[MAX_SIZE];
wchar_t exedir[MAX_SIZE]; wchar_t statedir[MAX_SIZE];
GetExeDirW(exedir, sizeof(exedir)); GetStateDirW(statedir, sizeof(statedir));
CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs"); CombinePathW(dirname, sizeof(dirname), statedir, L"chain_certs");
MakeDirExW(dirname); MakeDirExW(dirname);
if (auto_save) if (auto_save)
@ -461,7 +461,7 @@ void AddXToCertList(LIST *o, X *x)
void AddAllChainCertsToCertList(LIST *o) void AddAllChainCertsToCertList(LIST *o)
{ {
wchar_t dirname[MAX_SIZE]; wchar_t dirname[MAX_SIZE];
wchar_t exedir[MAX_SIZE]; wchar_t statedir[MAX_SIZE];
DIRLIST *dir; DIRLIST *dir;
// Validate arguments // Validate arguments
if (o == NULL) if (o == NULL)
@ -469,9 +469,9 @@ void AddAllChainCertsToCertList(LIST *o)
return; return;
} }
GetExeDirW(exedir, sizeof(exedir)); GetStateDirW(statedir, sizeof(statedir));
CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs"); CombinePathW(dirname, sizeof(dirname), statedir, L"chain_certs");
MakeDirExW(dirname); MakeDirExW(dirname);

6
src/Mayaqua/Network.c
View File

@ -12594,7 +12594,7 @@ void SetWantToUseCipher(SOCK *sock, char *name)
void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx) void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
{ {
wchar_t dirname[MAX_SIZE]; wchar_t dirname[MAX_SIZE];
wchar_t exedir[MAX_SIZE]; wchar_t statedir[MAX_SIZE];
wchar_t txtname[MAX_SIZE]; wchar_t txtname[MAX_SIZE];
DIRLIST *dir; DIRLIST *dir;
LIST *o; LIST *o;
@ -12608,9 +12608,9 @@ void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx)
o = NewListFast(NULL); o = NewListFast(NULL);
GetExeDirW(exedir, sizeof(exedir)); GetStateDirW(statedir, sizeof(statedir));
CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs"); CombinePathW(dirname, sizeof(dirname), statedir, L"chain_certs");
MakeDirExW(dirname); MakeDirExW(dirname);