[Asterisk-code-review] res_crypto: Don't load non-regular files in keys directory (asterisk[master])

Friendly Automation asteriskteam at digium.com
Mon Sep 12 07:55:48 CDT 2022 

Friendly Automation has submitted this change. ( https://gerrit.asterisk.org/c/asterisk/+/18533 )

Change subject: res_crypto: Don't load non-regular files in keys directory
......................................................................

res_crypto: Don't load non-regular files in keys directory

ASTERISK-30046

Change-Id: Ie77e0648f8b0b1c2159fb24662d1989cfd4cc36d
---
A doc/UPGRADE-staging/res_crypto-regular-file-keys.txt
M res/res_crypto.c
2 files changed, 24 insertions(+), 1 deletion(-)

Approvals:
  George Joseph: Looks good to me, approved
  Friendly Automation: Approved for Submit




diff --git a/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt b/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt
new file mode 100644
index 0000000..a2d8d81
--- /dev/null
+++ b/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt
@@ -0,0 +1,5 @@
+Subject: res_crypto
+
+In addition to only paying attention to files ending with .key or .pub
+in the keys directory, we now also ignore any files which aren't regular
+files.
diff --git a/res/res_crypto.c b/res/res_crypto.c
index a11182b..71cc979 100644
--- a/res/res_crypto.c
+++ b/res/res_crypto.c
@@ -270,7 +270,7 @@
 			ast_log(LOG_NOTICE, "Key '%s' is not expected size.\n", key->name);
 		}
 	} else if (key->infd != -2) {
-		ast_log(LOG_WARNING, "Key load %s '%s' failed\n",key->ktype == AST_KEY_PUBLIC ? "PUBLIC" : "PRIVATE", key->name);
+		ast_log(LOG_WARNING, "Key load %s '%s' failed\n", key->ktype == AST_KEY_PUBLIC ? "PUBLIC" : "PRIVATE", key->name);
 		if (ofd > -1) {
 			ERR_print_errors_fp(stderr);
 		} else {
@@ -507,6 +507,13 @@
 	/* Load new keys */
 	if ((dir = opendir(ast_config_AST_KEY_DIR))) {
 		while ((ent = readdir(dir))) {
+			if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) {
+				continue;
+			}
+			if (ent->d_type != DT_REG) {
+				ast_log(LOG_WARNING, "Non-regular file '%s' in keys directory\n", ent->d_name);
+				continue;
+			}
 			try_load_key(ast_config_AST_KEY_DIR, ent->d_name, ifd, ofd, &note);
 		}
 		closedir(dir);

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/18533
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: Ie77e0648f8b0b1c2159fb24662d1989cfd4cc36d
Gerrit-Change-Number: 18533
Gerrit-PatchSet: 18
Gerrit-Owner: Philip Prindeville <philipp at redfish-solutions.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: Kevin Harwell <default.enum at gmail.com>
Gerrit-Reviewer: N A <mail at interlinked.x10host.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20220912/1c1523d3/attachment.html>

More information about the asterisk-code-review mailing list