ripe-atlas-fw: imported version 45504550

Signed-off-by: Bjørn Mork <bjorn@mork.no>
author: Bjørn Mork <bjorn@mork.no> 2015-05-15 10:25:07 +0200
committer: Bjørn Mork <bjorn@mork.no> 2015-05-15 10:25:07 +0200
commit: 35294332b2e75151b4b614719ee6522e1afd8748 (patch)
tree: fde51b865f9a08ebd3ef87bc382dec5bb165f4c9 /eperd/eperd.c
parent: 02013228914a1d17e8df15d4e2b7950469395a5c (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/eperd/eperd.c b/eperd/eperd.c
index 48a1ef0..b240e6e 100644
--- a/eperd/eperd.c
+++ b/eperd/eperd.c
@@ -21,6 +21,8 @@
 
 #include "eperd.h"
 
+#define SAFE_PREFIX ATLAS_DATA_NEW
+
 /* glibc frees previous setenv'ed value when we do next setenv()
  * of the same variable. uclibc does not do this! */
 #if (defined(__GLIBC__) && !defined(__UCLIBC__)) /* || OTHER_SAFE_LIBC... */
@@ -261,6 +263,12 @@ int eperd_main(int argc UNUSED_PARAM, char **argv)
 			USE_FEATURE_PERD_D(,&LogLevel), &out_filename);
 	/* both -d N and -l N set the same variable: LogLevel */
 
+	if (out_filename && !validate_filename(out_filename, SAFE_PREFIX))
+	{
+		crondlog(DIE9 "insecure file '%s'. allowed path '%s'", 
+				out_filename, SAFE_PREFIX);
+	}
+
 	if (!(opt & OPT_f)) {
 		/* close stdin, stdout, stderr.
 		 * close unused descriptors - don't need them. */
@@ -786,6 +794,7 @@ static struct builtin
 {
 	{ "evhttpget", &httpget_ops },
 	{ "evping", &ping_ops },
+	{ "evsslgetcert", &sslgetcert_ops },
 	{ "evtdig", &tdig_ops },
 	{ "evtraceroute", &traceroute_ops },
 	{ "condmv", &condmv_ops },
author	Bjørn Mork <bjorn@mork.no>	2015-05-15 10:25:07 +0200
committer	Bjørn Mork <bjorn@mork.no>	2015-05-15 10:25:07 +0200
commit	35294332b2e75151b4b614719ee6522e1afd8748 (patch)
tree	fde51b865f9a08ebd3ef87bc382dec5bb165f4c9 /eperd/eperd.c
parent	02013228914a1d17e8df15d4e2b7950469395a5c (diff)