diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-19 00:06:49 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-20 18:18:48 +0100 |
commit | baa7c25db322a9472c9155422057ec56aa93f439 (patch) | |
tree | 9d6218b9fa85ae177e7c7a4593181ee21ff953f5 /lacme | |
parent | 42a8f9813716ed3495b6f49edea429b127eef0f0 (diff) |
Use File::Basename::dirname().
To correctly extract the parent directory of the socket path. The
previous returned an empty string when the socket path didn't contain
‘/’.
Diffstat (limited to 'lacme')
-rwxr-xr-x | lacme | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -27,6 +27,7 @@ my $NAME = 'lacme'; use Errno 'EINTR'; use Fcntl qw/F_GETFD F_SETFD FD_CLOEXEC O_CREAT O_EXCL O_WRONLY SEEK_SET/; +use File::Basename 'dirname'; use File::Temp (); use Getopt::Long qw/:config posix_default no_ignore_case gnu_getopt auto_version/; use List::Util 'first'; @@ -531,8 +532,8 @@ sub acme_client($@) { $sockname = $sockname =~ /\A(\p{Print}+)\z/ ? $1 : die "Invalid socket name\n"; # untaint $sockname # ensure we're the only user with write access to the parent dir - my $dirname = $sockname =~ s/[^\/]+$//r; - @stat = stat($dirname) or die "stat($dirname): $!"; + my $dirname = dirname($sockname); + @stat = stat($dirname) or die "stat($dirname): $!\n"; die "Error: insecure permissions on $dirname\n" if ($stat[2] & 0022) != 0; # ensure we're the only user with read/write access to the socket @@ -695,7 +696,7 @@ elsif ($COMMAND eq 'newOrder' or $COMMAND eq 'new-cert') { : [ "$NAME-certs.conf", "$NAME-certs.conf.d/" ]; my ($conf, %defaults); foreach my $conffile (@$conffiles) { - $conffile = ($CONFFILENAME =~ s#[^/]+\z##r).$conffile unless $conffile =~ /\A\//; + $conffile = dirname($CONFFILENAME) .'/'. $conffile unless $conffile =~ /\A\//; my @filenames; unless ($conffile =~ s#/\z## or -d $conffile) { @filenames = ($conffile); |