[rs-dev] TransactionIDs on SCEP and filenames
Dirk-Willem van Gulik
dirkx at webweaving.org
Mon Aug 7 17:37:50 CEST 2023
It appears that we're sailing fairly close to the wind when using the transaction ID 'raw' as the start of the filename; relying on just
apr_filepath_merge(... APR_FILEPATH_SECUREROOT | APR_FILEPATH_NOTRELATIVE ..) to trap shenanigans:
[Mon Aug 07 15:21:12.278390 2023] [ca_disk:error] [pid 15425] (20023)The given path was above the root path: [client 127.0.1.11:42999]
mod_ca_disk: The CADiskCertificateByTransactionPath could not be merged with: /tmp/ATNBEIl2XHzyFxwAp++Rv/uyBsQ=.cert
Would it make sense to simply SHA256 it; and use that instead as the file name (mod_ca_disk.c - near line 356).
It also prevents 'confusing' names. E.g. a transaction ID such as 'ca' or 'foo' will yield a file foo.cert or ca.cert 'near' the real ones.
Dw
More information about the rs-dev
mailing list