From: Daniel Lenski Date: Fri, 15 May 2020 20:42:28 +0000 (-0700) Subject: The resurrection of --no-cert-check was not met with universal acclaim X-Git-Tag: v8.20~384^2 X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=7789af0e5cbaf35ae0c68e34c9d191b40dbcad58;p=users%2Fdwmw2%2Fopenconnect.git The resurrection of --no-cert-check was not met with universal acclaim How about `--servercert=ACCEPT`, along with the usual exhortation to use the real `--servercert` option? Signed-off-by: Daniel Lenski --- diff --git a/configure.ac b/configure.ac index 7a2250dd..076212b7 100644 --- a/configure.ac +++ b/configure.ac @@ -991,7 +991,7 @@ AC_SUBST(SYMVER_JAVA, $symver_java) AC_ARG_ENABLE([insecure-debugging], AS_HELP_STRING([--enable-insecure-debugging], - [Enable --no-cert-check option, and don't logout on SIGINT]), + [Enable --servercert=ACCEPT option, and don't logout on SIGINT]), [insecure_debugging=yes],[insecure_debugging=no]) if test "$insecure_debugging" = "yes"; then diff --git a/main.c b/main.c index 3f365eb8..cf3b5fdb 100644 --- a/main.c +++ b/main.c @@ -82,9 +82,6 @@ static int verbose = PRG_INFO; static int timestamp; int background; static int do_passphrase_from_fsid; -#ifdef INSECURE_DEBUGGING -static int nocertcheck; -#endif static int non_inter; static int cookieonly; static int allow_stdin_read; @@ -1701,14 +1698,10 @@ int main(int argc, char **argv) vpninfo->no_http_keepalive = 1; break; case OPT_NO_CERT_CHECK: -#ifdef INSECURE_DEBUGGING - nocertcheck = 1; -#else fprintf(stderr, _("The --no-cert-check option was insecure and has been removed.\n" "Fix your server's certificate or use --servercert to trust it.\n")); exit(1); -#endif break; case 's': vpnc_script = dup_config_arg(); @@ -2033,21 +2026,21 @@ int main(int argc, char **argv) ret = 1; break; case -EINTR: - vpn_progress(vpninfo, PRG_INFO, _("User cancelled (SIGTERM%s); exiting.\n"), + vpn_progress(vpninfo, PRG_INFO, _("User cancelled (%s); exiting.\n"), #ifdef INSECURE_DEBUGGING - "" + "SIGTERM" #else - "/SIGINT" + "SIGINT/SIGTERM" #endif ); ret = 0; break; case -ECONNABORTED: - vpn_progress(vpninfo, PRG_INFO, _("User detached from session (SIGHUP%s); exiting.\n"), + vpn_progress(vpninfo, PRG_INFO, _("User detached from session (%s); exiting.\n"), #ifdef INSECURE_DEBUGGING - "/SIGINT" + "SIGHUP/SIGINT" #else - "" + "SIGHUP" #endif ); ret = 0; @@ -2128,7 +2121,11 @@ static int validate_peer_cert(void *_vpninfo, const char *reason) const char *fingerprint; struct accepted_cert *this; +#ifdef INSECURE_DEBUGGING + if (server_cert && strcasecmp(server_cert, "ACCEPT")) { +#else if (server_cert) { +#endif int err = openconnect_check_peer_cert_hash(vpninfo, server_cert); if (!err) @@ -2145,14 +2142,6 @@ static int validate_peer_cert(void *_vpninfo, const char *reason) return -EINVAL; } -#ifdef INSECURE_DEBUGGING - if (nocertcheck) { - vpn_progress(vpninfo, PRG_ERR, - _("Ignoring because you built with --enable-insecure-debugging and invoked with --no-cert-check")); - return 0; - } -#endif - fingerprint = openconnect_get_peer_cert_hash(vpninfo); for (this = accepted_certs; this; this = this->next) { @@ -2175,6 +2164,12 @@ static int validate_peer_cert(void *_vpninfo, const char *reason) if (non_inter) return -EINVAL; +#ifdef INSECURE_DEBUGGING + if (!strcasecmp(server_cert, "ACCEPT")) { + fprintf(stderr, _("Insecurely accepting because you ran with --servertcert=ACCEPT.\n")); + goto accepted; + } +#endif fprintf(stderr, _("Enter '%s' to accept, '%s' to abort; anything else to view: "), _("yes"), _("no")); @@ -2183,7 +2178,11 @@ static int validate_peer_cert(void *_vpninfo, const char *reason) return -EINVAL; if (!strcasecmp(response, _("yes"))) { - struct accepted_cert *newcert = malloc(sizeof(*newcert)); + struct accepted_cert *newcert; +#ifdef INSECURE_DEBUGGING + accepted: +#endif + newcert = malloc(sizeof(*newcert)); if (newcert) { newcert->next = accepted_certs; accepted_certs = newcert;