a53a18e Be more careful about which config files we load

diff --git a/src/include/conffile.h b/src/include/conffile.h
index bc7f90a..21fc2cd 100644
--- a/src/include/conffile.h
+++ b/src/include/conffile.h
@@ -58,6 +58,7 @@ int		cf_section_parse(CONF_SECTION *, void *base,
 				 const CONF_PARSER *variables);
 void		cf_section_parse_free(CONF_SECTION *cs, void *base);
 const CONF_PARSER *cf_section_parse_table(CONF_SECTION *cs);
+int cf_exclude_file(const char *filename);
 CONF_SECTION	*cf_file_read(const char *file);
 int		cf_file_include(const char *file, CONF_SECTION *cs);
 
diff --git a/src/main/conffile.c b/src/main/conffile.c
index ff76e2c..38b6aec 100644
--- a/src/main/conffile.c
+++ b/src/main/conffile.c
@@ -1276,6 +1276,41 @@ static int condition_looks_ok(const char **ptr)
 	return 0;
 }
 
+int cf_exclude_file(const char *filename)
+{
+	int i;
+	size_t len;
+	const char *p = filename;
+
+	/*
+	 *	FIXME: Maybe later make this a globally set configuration
+	 *	variable.  But that's low priority.
+	 */
+	static const char *excluded[] = {
+		"rpmsave", "rpmnew", "dpkg-new", "dpkg-dist", "dpkg-old",
+		"bak", NULL
+	};
+
+	if (!p || !*p) return TRUE; /* coding error */
+
+	if (*p == '.') return TRUE; /* ".", "..", ".foo", ... */
+
+	if (*p == '#') return TRUE; /* #foo# */
+
+	len = strlen(p);
+	if (p[len - 1] == '~') return TRUE; /* foo~ */
+
+	p = strrchr(p, '.');
+	if (!p) return FALSE;	/* just "foo", it's OK */
+
+	p++;
+	for (i = 0; excluded[i] != NULL; i++) {
+		if (strcmp(p, excluded[i]) == 0) return TRUE;
+	}
+
+	return FALSE;
+}
+
 
 static const char *cf_local_file(CONF_SECTION *cs, const char *local,
 				 char *buffer, size_t bufsize)
@@ -1512,25 +1547,11 @@ static int cf_section_read(const char *filename, int *lineno, FILE *fp,
 				}
 
 				/*
-				 *	Read the directory, ignoring "." files.
+				 *	Read the directory, ignoring some files.
 				 */
 				while ((dp = readdir(dir)) != NULL) {
-					const char *p;
-
-					if (dp->d_name[0] == '.') continue;
-
-					/*
-					 *	Check for valid characters
-					 */
-					for (p = dp->d_name; *p != '\0'; p++) {
-						if (isalpha((int)*p) ||
-						    isdigit((int)*p) ||
-						    (*p == '-') ||
-						    (*p == '_') ||
-						    (*p == '.')) continue;
-						break;
-					}
-					if (*p != '\0') continue;
+					if (cf_exclude_file(dp->d_name))
+						continue;
 
 					snprintf(buf2, sizeof(buf2), "%s%s",
 						 value, dp->d_name);
diff --git a/src/modules/rlm_policy/parse.c b/src/modules/rlm_policy/parse.c
index 71a7eb6..4b3fc7c 100644
--- a/src/modules/rlm_policy/parse.c
+++ b/src/modules/rlm_policy/parse.c
@@ -1589,8 +1589,7 @@ static int parse_include(policy_lex_file_t *lexer)
 			while ((dp = readdir(dir)) != NULL) {
 				struct stat buf;
 
-				if (dp->d_name[0] == '.') continue;
-				if (strchr(dp->d_name, '~') != NULL) continue;
+				if (cf_exclude_file(dp->d_name)) continue;
 
 				strlcpy(p, dp->d_name,
 					sizeof(buffer) - (p - buffer));