vyatta-op-vpn: prevent invalid rsa key file from being generated

If the command "generate vpn rsa-key" is aborted during key generation
it leaves behind a temporary file.  If the command is then executed
again, this temporary file is appended to rather than being replaced,
resulting in a key file with an extra : RSA { line at the beginning.

This patch checks if this temporary file exists, deleting it if it
does.

Bug #262 http://bugzilla.vyos.net/show_bug.cgi?id=262

1 files changed, 15 insertions, 0 deletions

diff --git a/scripts/gen_local_rsa_key.pl b/scripts/gen_local_rsa_key.pl
index 4f800ab..ce3f69b 100755
--- a/scripts/gen_local_rsa_key.pl
+++ b/scripts/gen_local_rsa_key.pl
@@ -85,6 +85,21 @@ if (-r $local_key_file) {
     }
 }
 
+# Remove the temporary file used to hold the new key if it already exists
+# as this can cause invalid key generation if a previous run has been
+# aborted.
+
+my $temp_key_file = $local_key_file.".new";
+
+if (-e $temp_key_file) {
+    $cmd = "rm $temp_key_file";
+    vpn_debug $cmd;
+    $rc = system($cmd);
+    if ($rc != 0) {
+        die "Cannot remove temporary key file $!\n";
+    }
+}
+
 $cmd = "/usr/lib/ipsec/newhostkey --output $local_key_file --bits $bits";
 #
 # The default random number generator is /dev/random, but it will block