The resurrection of --no-cert-check was not met with universal acclaim

How about `--servercert=ACCEPT`, along with the usual exhortation to use the real `--servercert` option?

Signed-off-by: Daniel Lenski <dlenski@gmail.com>

diff --git a/configure.ac b/configure.ac
index 7a2250dda542efacbebd1dd71b0e8f7080cceb8b..076212b730d2ba15b7d5608501ad6045b4345c31 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -991,7 +991,7 @@ AC_SUBST(SYMVER_JAVA, $symver_java)
 
 AC_ARG_ENABLE([insecure-debugging],
        AS_HELP_STRING([--enable-insecure-debugging],
-                      [Enable --no-cert-check option, and don't logout on SIGINT]),
+                      [Enable --servercert=ACCEPT option, and don't logout on SIGINT]),
        [insecure_debugging=yes],[insecure_debugging=no])
 
 if test "$insecure_debugging" = "yes"; then

diff --git a/main.c b/main.c
index 3f365eb8260242d1b5e963e8925516aeafe76853..cf3b5fdb3971b84afc3176c3d05b7c0e2358c22d 100644 (file)
--- a/main.c
+++ b/main.c
@@ -82,9 +82,6 @@ static int verbose = PRG_INFO;
 static int timestamp;
 int background;
 static int do_passphrase_from_fsid;
-#ifdef INSECURE_DEBUGGING
-static int nocertcheck;
-#endif
 static int non_inter;
 static int cookieonly;
 static int allow_stdin_read;
@@ -1701,14 +1698,10 @@ int main(int argc, char **argv)
                        vpninfo->no_http_keepalive = 1;
                        break;
                case OPT_NO_CERT_CHECK:
-#ifdef INSECURE_DEBUGGING
-                       nocertcheck = 1;
-#else
                        fprintf(stderr,
                                _("The --no-cert-check option was insecure and has been removed.\n"
                                  "Fix your server's certificate or use --servercert to trust it.\n"));
                        exit(1);
-#endif
                        break;
                case 's':
                        vpnc_script = dup_config_arg();
@@ -2033,21 +2026,21 @@ int main(int argc, char **argv)
                ret = 1;
                break;
        case -EINTR:
-               vpn_progress(vpninfo, PRG_INFO, _("User cancelled (SIGTERM%s); exiting.\n"),
+               vpn_progress(vpninfo, PRG_INFO, _("User cancelled (%s); exiting.\n"),
 #ifdef INSECURE_DEBUGGING
-                            ""
+                            "SIGTERM"
 #else
-                            "/SIGINT"
+                            "SIGINT/SIGTERM"
 #endif
                             );
                ret = 0;
                break;
        case -ECONNABORTED:
-               vpn_progress(vpninfo, PRG_INFO, _("User detached from session (SIGHUP%s); exiting.\n"),
+               vpn_progress(vpninfo, PRG_INFO, _("User detached from session (%s); exiting.\n"),
 #ifdef INSECURE_DEBUGGING
-                            "/SIGINT"
+                            "SIGHUP/SIGINT"
 #else
-                            ""
+                            "SIGHUP"
 #endif
                             );
                ret = 0;
@@ -2128,7 +2121,11 @@ static int validate_peer_cert(void *_vpninfo, const char *reason)
        const char *fingerprint;
        struct accepted_cert *this;
 
+#ifdef INSECURE_DEBUGGING
+       if (server_cert && strcasecmp(server_cert, "ACCEPT")) {
+#else
        if (server_cert) {
+#endif
                int err = openconnect_check_peer_cert_hash(vpninfo, server_cert);
 
                if (!err)
@@ -2145,14 +2142,6 @@ static int validate_peer_cert(void *_vpninfo, const char *reason)
                return -EINVAL;
        }
 
-#ifdef INSECURE_DEBUGGING
-       if (nocertcheck) {
-               vpn_progress(vpninfo, PRG_ERR,
-                            _("Ignoring because you built with --enable-insecure-debugging and invoked with --no-cert-check"));
-               return 0;
-       }
-#endif
-
        fingerprint = openconnect_get_peer_cert_hash(vpninfo);
 
        for (this = accepted_certs; this; this = this->next) {
@@ -2175,6 +2164,12 @@ static int validate_peer_cert(void *_vpninfo, const char *reason)
                if (non_inter)
                        return -EINVAL;
 
+#ifdef INSECURE_DEBUGGING
+               if (!strcasecmp(server_cert, "ACCEPT")) {
+                       fprintf(stderr, _("Insecurely accepting because you ran with --servertcert=ACCEPT.\n"));
+                       goto accepted;
+               }
+#endif
                fprintf(stderr, _("Enter '%s' to accept, '%s' to abort; anything else to view: "),
                       _("yes"), _("no"));
 
@@ -2183,7 +2178,11 @@ static int validate_peer_cert(void *_vpninfo, const char *reason)
                        return -EINVAL;
 
                if (!strcasecmp(response, _("yes"))) {
-                       struct accepted_cert *newcert = malloc(sizeof(*newcert));
+                       struct accepted_cert *newcert;
+#ifdef INSECURE_DEBUGGING
+               accepted:
+#endif
+                       newcert = malloc(sizeof(*newcert));
                        if (newcert) {
                                newcert->next = accepted_certs;
                                accepted_certs = newcert;