104 lines
2.9 KiB
Diff
104 lines
2.9 KiB
Diff
a53a18e Be more careful about which config files we load
|
|
|
|
diff --git a/src/include/conffile.h b/src/include/conffile.h
|
|
index bc7f90a..21fc2cd 100644
|
|
--- a/src/include/conffile.h
|
|
+++ b/src/include/conffile.h
|
|
@@ -58,6 +58,7 @@ int cf_section_parse(CONF_SECTION *, void *base,
|
|
const CONF_PARSER *variables);
|
|
void cf_section_parse_free(CONF_SECTION *cs, void *base);
|
|
const CONF_PARSER *cf_section_parse_table(CONF_SECTION *cs);
|
|
+int cf_exclude_file(const char *filename);
|
|
CONF_SECTION *cf_file_read(const char *file);
|
|
int cf_file_include(const char *file, CONF_SECTION *cs);
|
|
|
|
diff --git a/src/main/conffile.c b/src/main/conffile.c
|
|
index ff76e2c..38b6aec 100644
|
|
--- a/src/main/conffile.c
|
|
+++ b/src/main/conffile.c
|
|
@@ -1276,6 +1276,41 @@ static int condition_looks_ok(const char **ptr)
|
|
return 0;
|
|
}
|
|
|
|
+int cf_exclude_file(const char *filename)
|
|
+{
|
|
+ int i;
|
|
+ size_t len;
|
|
+ const char *p = filename;
|
|
+
|
|
+ /*
|
|
+ * FIXME: Maybe later make this a globally set configuration
|
|
+ * variable. But that's low priority.
|
|
+ */
|
|
+ static const char *excluded[] = {
|
|
+ "rpmsave", "rpmnew", "dpkg-new", "dpkg-dist", "dpkg-old",
|
|
+ "bak", NULL
|
|
+ };
|
|
+
|
|
+ if (!p || !*p) return TRUE; /* coding error */
|
|
+
|
|
+ if (*p == '.') return TRUE; /* ".", "..", ".foo", ... */
|
|
+
|
|
+ if (*p == '#') return TRUE; /* #foo# */
|
|
+
|
|
+ len = strlen(p);
|
|
+ if (p[len - 1] == '~') return TRUE; /* foo~ */
|
|
+
|
|
+ p = strrchr(p, '.');
|
|
+ if (!p) return FALSE; /* just "foo", it's OK */
|
|
+
|
|
+ p++;
|
|
+ for (i = 0; excluded[i] != NULL; i++) {
|
|
+ if (strcmp(p, excluded[i]) == 0) return TRUE;
|
|
+ }
|
|
+
|
|
+ return FALSE;
|
|
+}
|
|
+
|
|
|
|
static const char *cf_local_file(CONF_SECTION *cs, const char *local,
|
|
char *buffer, size_t bufsize)
|
|
@@ -1512,25 +1547,11 @@ static int cf_section_read(const char *filename, int *lineno, FILE *fp,
|
|
}
|
|
|
|
/*
|
|
- * Read the directory, ignoring "." files.
|
|
+ * Read the directory, ignoring some files.
|
|
*/
|
|
while ((dp = readdir(dir)) != NULL) {
|
|
- const char *p;
|
|
-
|
|
- if (dp->d_name[0] == '.') continue;
|
|
-
|
|
- /*
|
|
- * Check for valid characters
|
|
- */
|
|
- for (p = dp->d_name; *p != '\0'; p++) {
|
|
- if (isalpha((int)*p) ||
|
|
- isdigit((int)*p) ||
|
|
- (*p == '-') ||
|
|
- (*p == '_') ||
|
|
- (*p == '.')) continue;
|
|
- break;
|
|
- }
|
|
- if (*p != '\0') continue;
|
|
+ if (cf_exclude_file(dp->d_name))
|
|
+ continue;
|
|
|
|
snprintf(buf2, sizeof(buf2), "%s%s",
|
|
value, dp->d_name);
|
|
diff --git a/src/modules/rlm_policy/parse.c b/src/modules/rlm_policy/parse.c
|
|
index 71a7eb6..4b3fc7c 100644
|
|
--- a/src/modules/rlm_policy/parse.c
|
|
+++ b/src/modules/rlm_policy/parse.c
|
|
@@ -1589,8 +1589,7 @@ static int parse_include(policy_lex_file_t *lexer)
|
|
while ((dp = readdir(dir)) != NULL) {
|
|
struct stat buf;
|
|
|
|
- if (dp->d_name[0] == '.') continue;
|
|
- if (strchr(dp->d_name, '~') != NULL) continue;
|
|
+ if (cf_exclude_file(dp->d_name)) continue;
|
|
|
|
strlcpy(p, dp->d_name,
|
|
sizeof(buffer) - (p - buffer));
|