]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 5d44f67) | patch
Relax absolut path checking in our 'file' scheme implementation
authorRichard Levitte <levitte@openssl.org>
Wed, 23 Apr 2025 18:14:38 +0000 (20:14 +0200)
committerTomas Mraz <tomas@openssl.org>
Fri, 25 Apr 2025 14:11:25 +0000 (16:11 +0200)
commit6683c886f27d1f21a3a893af994160b1b26fe2c1
tree35b5877aee420a0e68a579fde88fdaa023dee5a4tree
parent5d44f67aafb26ea3adcd33cd6d34bc17e40466cbcommit | diff
Relax absolut path checking in our 'file' scheme implementation

So far, we strictly obeyed [RFC 8089], which only allows absolute paths
in a 'file:' URI.  However, this seems to give a confusing user
experience, where something like 'file:foo.pem' wouldn't open foo.pem,
even though it's there in the current directory, but 'file:$(pwd)/foo.pem'
would.

To be less surprising for such use cases, we relax our implementation
visavi [RFC 8089] to allow relative paths.

[RFC 8089]: https://datatracker.ietf.org/doc/html/rfc8089

Fixes #27461

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27482)
CHANGES.md diff | blob | blame | history
engines/e_loader_attic.c diff | blob | blame | history
providers/implementations/storemgmt/file_store.c diff | blob | blame | history
test/recipes/90-test_store.t diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git