[Asterisk-code-review] res_crypto: Don't load non-regular files in keys directory (asterisk[19])

Philip Prindeville asteriskteam at digium.com
Wed Sep 7 14:28:05 CDT 2022 

Philip Prindeville has uploaded this change for review. ( https://gerrit.asterisk.org/c/asterisk/+/19116 )


Change subject: res_crypto: Don't load non-regular files in keys directory
......................................................................

res_crypto: Don't load non-regular files in keys directory

ASTERISK-30046

Change-Id: Ie77e0648f8b0b1c2159fb24662d1989cfd4cc36d
---
A doc/UPGRADE-staging/res_crypto-regular-file-keys.txt
M res/res_crypto.c
2 files changed, 25 insertions(+), 1 deletion(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/16/19116/1

diff --git a/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt b/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt
new file mode 100644
index 0000000..d0225a8
--- /dev/null
+++ b/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt
@@ -0,0 +1,6 @@
+Subject: res_crypto
+Master-Only: True
+
+In addition to only paying attention to files ending with .key or .pub
+in the keys directory, we now also ignore any files which aren't regular
+files.
diff --git a/res/res_crypto.c b/res/res_crypto.c
index a11182b..71cc979 100644
--- a/res/res_crypto.c
+++ b/res/res_crypto.c
@@ -270,7 +270,7 @@
 			ast_log(LOG_NOTICE, "Key '%s' is not expected size.\n", key->name);
 		}
 	} else if (key->infd != -2) {
-		ast_log(LOG_WARNING, "Key load %s '%s' failed\n",key->ktype == AST_KEY_PUBLIC ? "PUBLIC" : "PRIVATE", key->name);
+		ast_log(LOG_WARNING, "Key load %s '%s' failed\n", key->ktype == AST_KEY_PUBLIC ? "PUBLIC" : "PRIVATE", key->name);
 		if (ofd > -1) {
 			ERR_print_errors_fp(stderr);
 		} else {
@@ -507,6 +507,13 @@
 	/* Load new keys */
 	if ((dir = opendir(ast_config_AST_KEY_DIR))) {
 		while ((ent = readdir(dir))) {
+			if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) {
+				continue;
+			}
+			if (ent->d_type != DT_REG) {
+				ast_log(LOG_WARNING, "Non-regular file '%s' in keys directory\n", ent->d_name);
+				continue;
+			}
 			try_load_key(ast_config_AST_KEY_DIR, ent->d_name, ifd, ofd, &note);
 		}
 		closedir(dir);

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/19116
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 19
Gerrit-Change-Id: Ie77e0648f8b0b1c2159fb24662d1989cfd4cc36d
Gerrit-Change-Number: 19116
Gerrit-PatchSet: 1
Gerrit-Owner: Philip Prindeville <philipp at redfish-solutions.com>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20220907/3090e9cb/attachment-0001.html>

More information about the asterisk-code-review mailing list