1From d68db9f2cee975aad5e07b44485615f3d842ab45 Mon Sep 17 00:00:00 2001 2From: Darik Horn <dajhorn@vanadac.com> 3Date: Fri, 11 Jul 2014 16:17:18 -0400 4Subject: [PATCH] Change GetExeDir to GetStateDir in Cedar and Mayaqua. 5 6Resolve this AppArmor error by ensuring that certificate files files are 7written into /var/lib/softether instead of the current working directory: 8 9 Profile: /usr/sbin/softetherd 10 Operation: mkdir 11 Name: /usr/sbin/chain_certs 12 Denied: c 13 Logfile: /var/log/kern.log 14 15 type=1400 audit: apparmor="DENIED" operation="mkdir" profile="/usr/sbin/softetherd" name="/usr/sbin/chain_certs/" pid=36448 comm="softetherd" requested_mask="c" denied_mask="c" fsuid=0 ouid=0 16 17Taken from Github 18https://github.com/dajhorn/SoftEtherVPN/commit/d68db9f2cee975aad5e07b44485615f3d842ab45. 19 20Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> 21Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 22--- 23 src/Cedar/Protocol.c | 12 ++++++------ 24 src/Mayaqua/Network.c | 6 +++--- 25 2 files changed, 9 insertions(+), 9 deletions(-) 26 27Index: b/src/Cedar/Protocol.c 28=================================================================== 29--- a/src/Cedar/Protocol.c 30+++ b/src/Cedar/Protocol.c 31@@ -161,10 +161,10 @@ 32 UINT i; 33 DIRLIST *dir; 34 wchar_t dirname[MAX_SIZE]; 35- wchar_t exedir[MAX_SIZE]; 36+ wchar_t statedir[MAX_SIZE]; 37 38- GetExeDirW(exedir, sizeof(exedir)); 39- CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs"); 40+ GetStateDirW(statedir, sizeof(statedir)); 41+ CombinePathW(dirname, sizeof(dirname), statedir, L"chain_certs"); 42 MakeDirExW(dirname); 43 44 if (auto_save) 45@@ -461,7 +461,7 @@ 46 void AddAllChainCertsToCertList(LIST *o) 47 { 48 wchar_t dirname[MAX_SIZE]; 49- wchar_t exedir[MAX_SIZE]; 50+ wchar_t statedir[MAX_SIZE]; 51 DIRLIST *dir; 52 // Validate arguments 53 if (o == NULL) 54@@ -469,9 +469,9 @@ 55 return; 56 } 57 58- GetExeDirW(exedir, sizeof(exedir)); 59+ GetStateDirW(statedir, sizeof(statedir)); 60 61- CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs"); 62+ CombinePathW(dirname, sizeof(dirname), statedir, L"chain_certs"); 63 64 MakeDirExW(dirname); 65 66Index: b/src/Mayaqua/Network.c 67=================================================================== 68--- a/src/Mayaqua/Network.c 69+++ b/src/Mayaqua/Network.c 70@@ -12588,7 +12588,7 @@ 71 void AddChainSslCertOnDirectory(struct ssl_ctx_st *ctx) 72 { 73 wchar_t dirname[MAX_SIZE]; 74- wchar_t exedir[MAX_SIZE]; 75+ wchar_t statedir[MAX_SIZE]; 76 wchar_t txtname[MAX_SIZE]; 77 DIRLIST *dir; 78 LIST *o; 79@@ -12602,9 +12602,9 @@ 80 81 o = NewListFast(NULL); 82 83- GetExeDirW(exedir, sizeof(exedir)); 84+ GetStateDirW(statedir, sizeof(statedir)); 85 86- CombinePathW(dirname, sizeof(dirname), exedir, L"chain_certs"); 87+ CombinePathW(dirname, sizeof(dirname), statedir, L"chain_certs"); 88 89 MakeDirExW(dirname); 90 91