Ticket #299: 301-fix-filechecking.patch
File 301-fix-filechecking.patch, 1.3 KB (added by , 11 years ago) |
---|
-
src/openvpn/options.c
2609 2609 return (errcode != 0 ? true : false); 2610 2610 } 2611 2611 2612 /* Filecheck if file might be relative to chroot dir */ 2613 static bool 2614 check_file_access_chroot(const int type, const char *file, const int mode, const char *opt, const char *chrootpath) 2615 { 2616 if (chrootpath) 2617 { 2618 char fullpath [strlen(file) + strlen(chrootpath) +2]; 2619 sprintf(fullpath, "%s/%s", chrootpath,file); 2620 return check_file_access(type, fullpath, mode, opt); 2621 } 2622 else 2623 return check_file_access(type, file, mode, opt); 2624 } 2625 2612 2626 /* 2613 2627 * Verifies that the path in the "command" that comes after certain script options (e.g., --up) is a 2614 2628 * valid file with appropriate permissions. … … 2733 2747 R_OK|W_OK|X_OK, "--tls-export-cert"); 2734 2748 #endif /* ENABLE_SSL */ 2735 2749 #if P2MP_SERVER 2736 errs |= check_file_access (CHKACC_FILE, options->client_config_dir,2737 R_OK|X_OK, "--client-config-dir" );2750 errs |= check_file_access_chroot (CHKACC_FILE, options->client_config_dir, 2751 R_OK|X_OK, "--client-config-dir", options->chroot_dir); 2738 2752 errs |= check_file_access (CHKACC_FILE, options->tmp_dir, 2739 2753 R_OK|W_OK|X_OK, "Temporary directory (--tmp-dir)"); 2740 2754