BUG/MINOR: ssl: trailing slashes in directory names wrongly cached
The crtlist_load_cert_dir() caches the directory name without trailing
slashes when ssl_sock_load_cert_list_file() tries to lookup without
cleaning the trailing slashes.
This bug leads to creating the crtlist twice and prevents to remove
correctly a crtlist_entry since it exists in the serveral crtlists
created by accident.
Move the trailing slashes cleanup in ssl_sock_load_cert_list_file() to
fix the problem.
This bug was introduced by 6be66ec ("MINOR: ssl: directories are loaded
like crt-list")
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 14ee251..f58a1c0 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4560,10 +4560,6 @@
int j;
#endif
- /* strip trailing slashes, including first one */
- for (end = path + strlen(path) - 1; end >= path && *end == '/'; end--)
- *end = 0;
-
dir = malloc(sizeof(*dir) + strlen(path) + 1);
if (dir == NULL) {
memprintf(err, "not enough memory");
@@ -4980,6 +4976,7 @@
struct crtlist_entry *entry = NULL;
struct bind_conf_list *bind_conf_node = NULL;
int cfgerr = 0;
+ char *end;
bind_conf_node = malloc(sizeof(*bind_conf_node));
if (!bind_conf_node) {
@@ -4990,6 +4987,10 @@
bind_conf_node->next = NULL;
bind_conf_node->bind_conf = bind_conf;
+ /* strip trailing slashes, including first one */
+ for (end = file + strlen(file) - 1; end >= file && *end == '/'; end--)
+ *end = 0;
+
/* look for an existing crtlist or create one */
eb = ebst_lookup(&crtlists_tree, file);
if (eb) {