Allow loading symlinked certificates When mbedtls_x509_crt_parse_path() checks each object in the supplied path, it only processes regular files. This change makes it also accept a symlink to a file. Fixes #3005. This was observed to be a problem on Fedora/CentOS/RHEL systems, where the ca-bundle in the default location is actually a symlink.

commit: 6f45cb995b51039df76873ca2ef6bfde2bc90941 [log] [tgz]
author: Jonathan Bennett <JBennett@incomsystems.biz> Fri Jan 24 09:12:03 2020 -0600
committer: Jaeden Amero <jaeden@patater.com> Tue Jan 28 11:28:42 2020 +0000
tree: 9d82d2bf5d83d43b2fbe5320f683881be94de05a
parent: b0deeccc58e43e5e776879617b892d6184a812df [diff] [blame]
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 9c2e365..a4202be 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c

@@ -1366,7 +1366,7 @@
             goto cleanup;
         }
 
-        if( !S_ISREG( sb.st_mode ) )
+        if( !( S_ISREG( sb.st_mode ) || S_ISLNK( sb.st_mode ) ) )
             continue;
 
         // Ignore parse errors
commit	6f45cb995b51039df76873ca2ef6bfde2bc90941	[log] [tgz]
author	Jonathan Bennett <JBennett@incomsystems.biz>	Fri Jan 24 09:12:03 2020 -0600
committer	Jaeden Amero <jaeden@patater.com>	Tue Jan 28 11:28:42 2020 +0000
tree	9d82d2bf5d83d43b2fbe5320f683881be94de05a
parent	b0deeccc58e43e5e776879617b892d6184a812df [diff] [blame]