BUG/MINOR: ssl: trailing slashes in directory names wrongly cached

The crtlist_load_cert_dir() caches the directory name without trailing slashes when ssl_sock_load_cert_list_file() tries to lookup without cleaning the trailing slashes. This bug leads to creating the crtlist twice and prevents to remove correctly a crtlist_entry since it exists in the serveral crtlists created by accident. Move the trailing slashes cleanup in ssl_sock_load_cert_list_file() to fix the problem. This bug was introduced by 6be66ec ("MINOR: ssl: directories are loaded like crt-list")
2025-01-03 18:52:04 +00:00 · 2020-04-08 13:15:18 +02:00 · 2020-04-08 13:15:18 +02:00 · 41ca930e58
commit 41ca930e58
parent 419e6349f6
1 changed files with 5 additions and 4 deletions
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@ -4560,10 +4560,6 @@ static int crtlist_load_cert_dir(char *path, struct bind_conf *bind_conf, struct
 	int j;
 #endif

-	/* strip trailing slashes, including first one */
-	for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
-		*end = 0;
-
 	dir = malloc(sizeof(*dir) + strlen(path) + 1);
 	if (dir == NULL) {
 		memprintf(err, "not enough memory");
@ -4980,6 +4976,7 @@ int ssl_sock_load_cert_list_file(char *file, int dir, struct bind_conf *bind_con
 	struct crtlist_entry *entry = NULL;
 	struct bind_conf_list *bind_conf_node = NULL;
 	int cfgerr = 0;
+	char *end;

 	bind_conf_node = malloc(sizeof(*bind_conf_node));
 	if (!bind_conf_node) {
@ -4990,6 +4987,10 @@ int ssl_sock_load_cert_list_file(char *file, int dir, struct bind_conf *bind_con
 	bind_conf_node->next = NULL;
 	bind_conf_node->bind_conf = bind_conf;

+	/* strip trailing slashes, including first one */
+	for (end = file + strlen(file) - 1; end >= file && *end == '/'; end--)
+		*end = 0;
+
 	/* look for an existing crtlist or create one */
 	eb = ebst_lookup(&crtlists_tree, file);
 	if (eb) {