res_crypto: Don't load non-regular files in keys directory

author Philip Prindeville <philipp@redfish-solutions.com>

Wed, 27 Apr 2022 01:44:32 +0000 (19:44 -0600)

committer Friendly Automation <jenkins2@gerrit.asterisk.org>

Mon, 12 Sep 2022 12:55:38 +0000 (07:55 -0500)
author Philip Prindeville <philipp@redfish-solutions.com>
Wed, 27 Apr 2022 01:44:32 +0000 (19:44 -0600)
committer Friendly Automation <jenkins2@gerrit.asterisk.org>
Mon, 12 Sep 2022 12:55:38 +0000 (07:55 -0500)
diff --git a/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt b/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt

new file mode 100644 (file)

index 0000000..a2d8d81
--- /dev/null
+++ b/doc/UPGRADE-staging/res_crypto-regular-file-keys.txt
@@ -0,0 +1,5 @@
+Subject: res_crypto
+
+In addition to only paying attention to files ending with .key or .pub
+in the keys directory, we now also ignore any files which aren't regular
+files.
diff --git a/res/res_crypto.c b/res/res_crypto.c

index a11182bc0fd0ed893518253e62af7cf4bc58cb59..71cc9798d150820617e7310fb12a4a695f280871 100644 (file)
--- a/res/res_crypto.c
+++ b/res/res_crypto.c
@@ -270,7 +270,7 @@ static struct ast_key *try_load_key(const char *dir, const char *fname, int ifd,
                         ast_log(LOG_NOTICE, "Key '%s' is not expected size.\n", key->name);
                 }
         } else if (key->infd != -2) {
-               ast_log(LOG_WARNING, "Key load %s '%s' failed\n",key->ktype == AST_KEY_PUBLIC ? "PUBLIC" : "PRIVATE", key->name);
+               ast_log(LOG_WARNING, "Key load %s '%s' failed\n", key->ktype == AST_KEY_PUBLIC ? "PUBLIC" : "PRIVATE", key->name);
                 if (ofd > -1) {
                         ERR_print_errors_fp(stderr);
                 } else {
@@ -507,6 +507,13 @@ static void crypto_load(int ifd, int ofd)
         /* Load new keys */
         if ((dir = opendir(ast_config_AST_KEY_DIR))) {
                 while ((ent = readdir(dir))) {
+                       if (!strcmp(ent->d_name, ".") || !strcmp(ent->d_name, "..")) {
+                               continue;
+                       }
+                       if (ent->d_type != DT_REG) {
+                               ast_log(LOG_WARNING, "Non-regular file '%s' in keys directory\n", ent->d_name);
+                               continue;
+                       }
                         try_load_key(ast_config_AST_KEY_DIR, ent->d_name, ifd, ofd, &note);
                 }
                 closedir(dir);
author	Philip Prindeville <philipp@redfish-solutions.com>
	Wed, 27 Apr 2022 01:44:32 +0000 (19:44 -0600)
committer	Friendly Automation <jenkins2@gerrit.asterisk.org>
	Mon, 12 Sep 2022 12:55:38 +0000 (07:55 -0500)
doc/UPGRADE-staging/res_crypto-regular-file-keys.txt	[new file with mode: 0644]	patch \| blob
res/res_crypto.c		patch \| blob \| blame \| history