[btr] Only print debug message if we're really increasing the wrap buffer.

[paraslash.git] / user_list.c

diff --git a/user_list.c b/user_list.c
index 1d3f21cfa248a9b950ea57fd86877682ae75e152..525a47dfac7ce6705859836c67998cf3e9358107 100644 (file)
--- a/user_list.c
+++ b/user_list.c
@@ -6,6 +6,7 @@
 
 /** \file user_list.c User handling for para_server. */
 
+#include <regex.h>
 #include <sys/types.h>
 #include <dirent.h>
 #include <openssl/rc4.h>
@@ -17,6 +18,7 @@
 #include "string.h"
 #include "list.h"
 #include "user_list.h"
+#include "rc4.h"
 
 static struct list_head user_list;
 
@@ -41,7 +43,7 @@ static void populate_user_list(char *user_list_file)
                struct user *u;
                RSA *rsa;
 
-               ret = para_fgets(line, MAXLINE, file_ptr);
+               ret = para_fgets(line, sizeof(line), file_ptr);
                if (ret <= 0)
                        break;
                if (sscanf(line,"%200s %200s %200s %200s", w, n, k, p) < 3)
@@ -55,8 +57,15 @@ static void populate_user_list(char *user_list_file)
                                para_strerror(-ret));
                        continue;
                }
-               if (ret < CHALLENGE_SIZE + 2 * CHALLENGE_SIZE + 41) {
-                       PARA_WARNING_LOG("rsa key for %s too small\n", n);
+               /*
+                * In order to encrypt len := CHALLENGE_SIZE + 2 * RC4_KEY_LEN
+                * bytes using RSA_public_encrypt() with EME-OAEP padding mode,
+                * RSA_size(rsa) must be greater than len + 41. So ignore keys
+                * which are too short. For details see RSA_public_encrypt(3).
+                */
+               if (ret <= CHALLENGE_SIZE + 2 * RC4_KEY_LEN + 41) {
+                       PARA_WARNING_LOG("rsa key %s too short (%d)\n",
+                               k, ret);
                        rsa_free(rsa);
                        continue;
                }