smeserver-openvpn-bridge/contribs8/smeserver-openvpn-bridge-2.0-check_certs.patch2

diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm
--- smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm  2009-01-16 15:56:58.000000000 +0100
+++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm        2009-01-16 15:56:54.000000000 +0100
@@ -491,7 +491,7 @@
        if (
                (( -z "$pubdir/cacert.pem" ) || ( ! -e "$pubdir/cacert.pem" )) ||
                (( -z "$pubdir/cert.pem") || ( ! -e "$pubdir/cert.pem" )) ||
-               (( -z "$privdir/key.pem") || ( ! -e "$pubdir/key.pem" )) ||
+               (( -z "$privdir/key.pem") || ( ! -e "$privdir/key.pem" )) ||
                (( -z "$pubdir/cacrl.pem") || ( ! -e "$pubdir/cacrl.pem" )) ||
                (( -z "$pubdir/dh.pem") || ( ! -e "$pubdir/dh.pem" ))
        ){
@@ -640,7 +640,7 @@
        $fm->error('ERROR_OPEN_CA','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print CA $ca;
        close CA;
 
@@ -648,7 +648,7 @@
        $fm->error('ERROR_OPEN_CRT','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print CRT $crt;
        close CRT;
 
@@ -656,7 +656,7 @@
        $fm->error('ERROR_OPEN_KEY','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print KEY $key;
        close KEY;
 
@@ -664,7 +664,7 @@
        $fm->error('ERROR_OPEN_DH','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print DH $dh;
        close DH;
 
@@ -672,15 +672,14 @@
        $fm->error('ERROR_OPEN_TA','FIRST');
        # Tell the user something bad has happened
         return;
-    }
+       }
        print TA $ta;
        close TA;
 
-       esmith::util::chownFile("root", "root",
-        "$privdir");
-       esmith::util::chownFile("root", "root",
-        "$pubdir");
-    chmod 0640, "$privdir";
+       # Restrict permissions on sensitive data
+       esmith::util::chownFile("root", "root","$privdir");
+       esmith::util::chownFile("root", "root","$pubdir");
+       chmod 0700, "$privdir";
 
        unless(system("/sbin/e-smith/signal-event openvpn-bridge-update") == 0){
                $fm->error('ERROR_OCCURED','RULES_PAGE');
1	diff -Nur -x '.orig' -x '.rej' smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm
2	--- smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm 2009-01-16 15:56:58.000000000 +0100
3	+++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm 2009-01-16 15:56:54.000000000 +0100
4	@@ -491,7 +491,7 @@
5	if (
6	(( -z "$pubdir/cacert.pem" ) \|\| ( ! -e "$pubdir/cacert.pem" )) \|\|
7	(( -z "$pubdir/cert.pem") \|\| ( ! -e "$pubdir/cert.pem" )) \|\|
8	- (( -z "$privdir/key.pem") \|\| ( ! -e "$pubdir/key.pem" )) \|\|
9	+ (( -z "$privdir/key.pem") \|\| ( ! -e "$privdir/key.pem" )) \|\|
10	(( -z "$pubdir/cacrl.pem") \|\| ( ! -e "$pubdir/cacrl.pem" )) \|\|
11	(( -z "$pubdir/dh.pem") \|\| ( ! -e "$pubdir/dh.pem" ))
12	){
13	@@ -640,7 +640,7 @@
14	$fm->error('ERROR_OPEN_CA','FIRST');
15	# Tell the user something bad has happened
16	return;
17	- }
18	+ }
19	print CA $ca;
20	close CA;
21
22	@@ -648,7 +648,7 @@
23	$fm->error('ERROR_OPEN_CRT','FIRST');
24	# Tell the user something bad has happened
25	return;
26	- }
27	+ }
28	print CRT $crt;
29	close CRT;
30
31	@@ -656,7 +656,7 @@
32	$fm->error('ERROR_OPEN_KEY','FIRST');
33	# Tell the user something bad has happened
34	return;
35	- }
36	+ }
37	print KEY $key;
38	close KEY;
39
40	@@ -664,7 +664,7 @@
41	$fm->error('ERROR_OPEN_DH','FIRST');
42	# Tell the user something bad has happened
43	return;
44	- }
45	+ }
46	print DH $dh;
47	close DH;
48
49	@@ -672,15 +672,14 @@
50	$fm->error('ERROR_OPEN_TA','FIRST');
51	# Tell the user something bad has happened
52	return;
53	- }
54	+ }
55	print TA $ta;
56	close TA;
57
58	- esmith::util::chownFile("root", "root",
59	- "$privdir");
60	- esmith::util::chownFile("root", "root",
61	- "$pubdir");
62	- chmod 0640, "$privdir";
63	+ # Restrict permissions on sensitive data
64	+ esmith::util::chownFile("root", "root","$privdir");
65	+ esmith::util::chownFile("root", "root","$pubdir");
66	+ chmod 0700, "$privdir";
67
68	unless(system("/sbin/e-smith/signal-event openvpn-bridge-update") == 0){
69	$fm->error('ERROR_OCCURED','RULES_PAGE');