From 615edcc68c8a238f497d3938b0c8e933d3b0472d Mon Sep 17 00:00:00 2001 From: David Bar-On Date: Sat, 21 Oct 2023 13:04:24 +0300 Subject: [PATCH] Per #1583 add check that server authorized users file is accessible --- src/iperf_api.c | 14 +++++++++++++- src/iperf_api.h | 1 + src/iperf_error.c | 3 +++ 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/src/iperf_api.c b/src/iperf_api.c index 855c1c2..ca1ad11 100644 --- a/src/iperf_api.c +++ b/src/iperf_api.c @@ -1150,6 +1150,7 @@ iperf_parse_arguments(struct iperf_test *test, int argc, char **argv) server_flag = client_flag = rate_flag = duration_flag = rcv_timeout_flag = snd_timeout_flag =0; #if defined(HAVE_SSL) char *client_username = NULL, *client_rsa_public_key = NULL, *server_rsa_private_key = NULL; + FILE *ptr_file; #endif /* HAVE_SSL */ while ((flag = getopt_long(argc, argv, "p:f:i:D1VJvsc:ub:t:n:k:l:P:Rw:B:M:N46S:L:ZO:F:A:T:C:dI:hX:", longopts, NULL)) != -1) { @@ -1684,7 +1685,18 @@ iperf_parse_arguments(struct iperf_test *test, int argc, char **argv) !(server_rsa_private_key && test->server_authorized_users)) { i_errno = IESETSERVERAUTH; return -1; - } else if (test->role == 's' && server_rsa_private_key) { + } + + if (test->role == 's' && test->server_authorized_users) { + ptr_file =fopen(test->server_authorized_users, "r"); + if (!ptr_file) { + i_errno = IESERVERAUTHUSERS; + return -1; + } + fclose(ptr_file); + } + + if (test->role == 's' && server_rsa_private_key) { test->server_rsa_private_key = load_privkey_from_file(server_rsa_private_key); if (test->server_rsa_private_key == NULL){ iperf_err(test, "%s\n", ERR_error_string(ERR_get_error(), NULL)); diff --git a/src/iperf_api.h b/src/iperf_api.h index 093ea97..0100d38 100644 --- a/src/iperf_api.h +++ b/src/iperf_api.h @@ -406,6 +406,7 @@ enum { IERVRSONLYRCVTIMEOUT = 32, // Client receive timeout is valid only in reverse mode IESNDTIMEOUT = 33, // Illegal message send timeout IEUDPFILETRANSFER = 34, // Cannot transfer file using UDP + IESERVERAUTHUSERS = 35, // Cannot access authorized users file /* Test errors */ IENEWTEST = 100, // Unable to create a new test (check perror) IEINITTEST = 101, // Test initialization failed (check perror) diff --git a/src/iperf_error.c b/src/iperf_error.c index f7cae63..ea7955c 100644 --- a/src/iperf_error.c +++ b/src/iperf_error.c @@ -178,6 +178,9 @@ iperf_strerror(int int_errno) case IESETSERVERAUTH: snprintf(errstr, len, "you must specify a path to a valid RSA private key and a user credential file"); break; + case IESERVERAUTHUSERS: + snprintf(errstr, len, "cannot access authorized users file"); + break; case IEBADFORMAT: snprintf(errstr, len, "bad format specifier (valid formats are in the set [kmgtKMGT])"); break;