Commit 87bb01b3 authored by Sietse Ringers's avatar Sietse Ringers
Browse files

Fix path handling that would break on relative paths

parent e485a7a9
...@@ -273,8 +273,25 @@ func (conf *Configuration) ParseSchemeManagerFolder(dir string, manager *SchemeM ...@@ -273,8 +273,25 @@ func (conf *Configuration) ParseSchemeManagerFolder(dir string, manager *SchemeM
return return
} }
func relativePath(absolute string, relative string) string { // relativePath returns, given a outer path that contains the inner path,
return relative[len(absolute)+1:] // the relative path between outer an inner, which is such that
// outer/returnvalue refers to inner.
func relativePath(outer string, inner string) (string, error) {
// Take Abs() of both paths to ensure that we don't fail on e.g.
// outer = "./foo" and inner = "foo/bar"
outerAbs, err := filepath.Abs(outer)
if err != nil {
return "", err
}
innerAbs, err := filepath.Abs(inner)
if err != nil {
return "", err
}
if !strings.HasPrefix(innerAbs, outerAbs) {
return "", errors.New("inner path is not contained in outer path")
}
return innerAbs[len(outerAbs)+1:], nil
} }
// PublicKey returns the specified public key, or nil if not present in the Configuration. // PublicKey returns the specified public key, or nil if not present in the Configuration.
...@@ -408,7 +425,11 @@ func (conf *Configuration) parseKeysFolder(issuerid IssuerIdentifier) error { ...@@ -408,7 +425,11 @@ func (conf *Configuration) parseKeysFolder(issuerid IssuerIdentifier) error {
if err != nil { if err != nil {
return err return err
} }
bts, found, err := conf.ReadAuthenticatedFile(manager, relativePath(conf.Path, file)) relativepath, err := relativePath(conf.Path, file)
if err != nil {
return err
}
bts, found, err := conf.ReadAuthenticatedFile(manager, relativepath)
if err != nil || !found { if err != nil || !found {
return err return err
} }
...@@ -517,7 +538,11 @@ func (conf *Configuration) pathToDescription(manager *SchemeManager, path string ...@@ -517,7 +538,11 @@ func (conf *Configuration) pathToDescription(manager *SchemeManager, path string
return false, nil return false, nil
} }
bts, found, err := conf.ReadAuthenticatedFile(manager, relativePath(conf.Path, path)) relativepath, err := relativePath(conf.Path, path)
if err != nil {
return false, err
}
bts, found, err := conf.ReadAuthenticatedFile(manager, relativepath)
if !found { if !found {
return false, nil return false, nil
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment