From 2105f79ed33b08b054f3d5e50445ea5e7e75a2e3 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 22 Nov 2023 12:02:07 +0100
Subject: [PATCH] machine-credential: tweak --load-credential= use a bit

Let's try to recognize paths (i.e. those with a "/") as source for
credentials to load, and then read them from the file system. Also, only read
credentials from an inbound credentials directory if the source
qualifies as valid credential name.

Otherwise print a nice error.
---
 src/shared/machine-credential.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/shared/machine-credential.c b/src/shared/machine-credential.c
index 7df36049777..17f7afc4a0f 100644
--- a/src/shared/machine-credential.c
+++ b/src/shared/machine-credential.c
@@ -90,9 +90,9 @@ int machine_credential_load(MachineCredential **credentials, size_t *n_credentia
                 if (streq(cred->id, word))
                         return log_error_errno(SYNTHETIC_ERRNO(EEXIST), "Duplicate credential '%s', refusing.", word);
 
-        if (path_is_absolute(p))
+        if (is_path(p) && path_is_valid(p))
                 flags |= READ_FULL_FILE_CONNECT_SOCKET;
-        else {
+        else if (credential_name_valid(p)) {
                 const char *e;
 
                 r = get_credentials_dir(&e);
@@ -104,7 +104,8 @@ int machine_credential_load(MachineCredential **credentials, size_t *n_credentia
                         return log_oom();
 
                 p = j;
-        }
+        } else
+                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Credential source appears to be neither a valid path nor a credential name: %s", p);
 
         r = read_full_file_full(AT_FDCWD, p, UINT64_MAX, SIZE_MAX,
                                 flags,
-- 
2.47.3