smeserver-openvpn-bridge/contribs8/smeserver-openvpn-bridge-2.0-check_certs.patch2

diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm
--- smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm  2009-01-16 15:56:58.000000000 +0100
+++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm        2009-01-16 15:56:54.000000000 +0100
@@ -491,7 +491,7 @@
        if (
                (( -z "$pubdir/cacert.pem" ) || ( ! -e "$pubdir/cacert.pem" )) ||
                (( -z "$pubdir/cert.pem") || ( ! -e "$pubdir/cert.pem" )) ||
-               (( -z "$privdir/key.pem") || ( ! -e "$pubdir/key.pem" )) ||
+               (( -z "$privdir/key.pem") || ( ! -e "$privdir/key.pem" )) ||
                (( -z "$pubdir/cacrl.pem") || ( ! -e "$pubdir/cacrl.pem" )) ||
                (( -z "$pubdir/dh.pem") || ( ! -e "$pubdir/dh.pem" ))
        ){
@@ -640,7 +640,7 @@
        $fm->error('ERROR_OPEN_CA','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print CA $ca;
        close CA;
 
@@ -648,7 +648,7 @@
        $fm->error('ERROR_OPEN_CRT','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print CRT $crt;
        close CRT;
 
@@ -656,7 +656,7 @@
        $fm->error('ERROR_OPEN_KEY','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print KEY $key;
        close KEY;
 
@@ -664,7 +664,7 @@
        $fm->error('ERROR_OPEN_DH','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print DH $dh;
        close DH;
 
@@ -672,15 +672,14 @@
        $fm->error('ERROR_OPEN_TA','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print TA $ta;
        close TA;
 
-       esmith::util::chownFile("root", "root",
-        "$privdir");
-       esmith::util::chownFile("root", "root",
-        "$pubdir");
-    chmod 0640, "$privdir";
+       # Restrict permissions on sensitive data
+       esmith::util::chownFile("root", "root","$privdir");
+       esmith::util::chownFile("root", "root","$pubdir");
+       chmod 0700, "$privdir";
 
        unless(system("/sbin/e-smith/signal-event openvpn-bridge-update") == 0){
                $fm->error('ERROR_OCCURED','RULES_PAGE');
1	unnilennium	1.1	diff -Nur -x '.orig' -x '.rej' smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm
2			--- smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm 2009-01-16 15:56:58.000000000 +0100
3			+++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm 2009-01-16 15:56:54.000000000 +0100
4			@@ -491,7 +491,7 @@
5			if (
6			(( -z "$pubdir/cacert.pem" ) \|\| ( ! -e "$pubdir/cacert.pem" )) \|\|
7			(( -z "$pubdir/cert.pem") \|\| ( ! -e "$pubdir/cert.pem" )) \|\|
8			- (( -z "$privdir/key.pem") \|\| ( ! -e "$pubdir/key.pem" )) \|\|
9			+ (( -z "$privdir/key.pem") \|\| ( ! -e "$privdir/key.pem" )) \|\|
10			(( -z "$pubdir/cacrl.pem") \|\| ( ! -e "$pubdir/cacrl.pem" )) \|\|
11			(( -z "$pubdir/dh.pem") \|\| ( ! -e "$pubdir/dh.pem" ))
12			){
13			@@ -640,7 +640,7 @@
14			$fm->error('ERROR_OPEN_CA','FIRST');
15			# Tell the user something bad has happened
16			return;
17			- }
18			+ }
19			print CA $ca;
20			close CA;
21
22			@@ -648,7 +648,7 @@
23			$fm->error('ERROR_OPEN_CRT','FIRST');
24			# Tell the user something bad has happened
25			return;
26			- }
27			+ }
28			print CRT $crt;
29			close CRT;
30
31			@@ -656,7 +656,7 @@
32			$fm->error('ERROR_OPEN_KEY','FIRST');
33			# Tell the user something bad has happened
34			return;
35			- }
36			+ }
37			print KEY $key;
38			close KEY;
39
40			@@ -664,7 +664,7 @@
41			$fm->error('ERROR_OPEN_DH','FIRST');
42			# Tell the user something bad has happened
43			return;
44			- }
45			+ }
46			print DH $dh;
47			close DH;
48
49			@@ -672,15 +672,14 @@
50			$fm->error('ERROR_OPEN_TA','FIRST');
51			# Tell the user something bad has happened
52			return;
53			- }
54			+ }
55			print TA $ta;
56			close TA;
57
58			- esmith::util::chownFile("root", "root",
59			- "$privdir");
60			- esmith::util::chownFile("root", "root",
61			- "$pubdir");
62			- chmod 0640, "$privdir";
63			+ # Restrict permissions on sensitive data
64			+ esmith::util::chownFile("root", "root","$privdir");
65			+ esmith::util::chownFile("root", "root","$pubdir");
66			+ chmod 0700, "$privdir";
67
68			unless(system("/sbin/e-smith/signal-event openvpn-bridge-update") == 0){
69			$fm->error('ERROR_OCCURED','RULES_PAGE');