Hi! I've taken on this task recently, and you definitely raise a good point. However, to be consistent with the other supported platforms, LP_find_file should NOT skip over directories. Its up to the application to check them and handle them appropriately. I'm working on making the appropriate changes.
On Tue Apr 29 08:35:06 2014, [email protected] wrote: > OpenSSL 1.0.1f 6 Jan 2014 > built on: Tue Jan 21 21:28:48 2014 > platform: VC-WIN32 > options: bn(64,32) rc4(8x,mmx) des(idx,cisc,2,long) idea(int) > blowfish(idx) > compiler: cl /MDd /Od -DDEBUG -D_DEBUG -DOPENSSL_THREADS -DDSO_WIN32 > -W3 -WX -Gs0 -GF -Gy -Zi -nologo -DOPENSSL_SYSNAME_WIN32 > -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE > -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 > -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM > -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM > -DWHIRLPOOL_ASM -DGHASH_ASM -DOPENSSL_USE_APPLINK -I. > -DOPENSSL_NO_RC5 -DOPENSSL_NO_MD2 -DOPENSSL_NO_KRB5 > -DOPENSSL_NO_JPAKE -DOPENSSL_NO_STATIC_ENGINE > OPENSSLDIR: "C:\openssl-vc-32-dbg/ssl" > > OS: Windows 7 > > CC: Microsoft (R) 32-bit C/C++ Optimizing Compiler Version > 16.00.40219.01 for 80x86 > > Problem description: > On windows systems, SSL_add_dir_cert_subjects_to_stack() does not > work. > > This problem exists in all releases of 1.0.0, 1.0.1, and 1.0.2. > > The implementation LP_find_file () incorrectly assumes that the win32 > api > call FindFirstFile () works the same as opendir. It does not, rather > it is > more like grep in that it treats the argument as a regular expression. > Given > a path such as "./certs" in which there are 1 or more *.pem files that > are > valid certificate files, LP_find_file () will return a single entry > "./certs" > which of course is not a valid certificate file. When provided an > expression > such as "./certs/*", FindFirstFile () and its companion FindNextFile() > step > through all entries. Since the returned name may be a directory, it is > necessary to verify the entry type and skip over directories. > > Attached is a patch for LPdir_win.c which does just that - first it > ensures > the supplied directory name is suitable to be searchable, then it > skips > entries that are directories by recursing. > > Best regards, > Phil > > -- > Phil Mesnier > Principal Software Engineer and Partner, http://www.ociweb.com > Object Computing, Inc. +01.314.579.0066 x225 > -- Richard Levitte [email protected] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
