Skip to content

Commit

Permalink
Modified keystore to ignore invalid key files inside the keystore dir…
Browse files Browse the repository at this point in the history
…ectory to address #4681

* Has calls the validateName function before checking if we have the file
* List filters the returned list of file names by validateName.

License: MIT
Signed-off-by: matrushka <[email protected]>
  • Loading branch information
matrushka committed Feb 14, 2018
1 parent eca0486 commit 407ec27
Show file tree
Hide file tree
Showing 2 changed files with 76 additions and 1 deletion.
20 changes: 19 additions & 1 deletion keystore/keystore.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,10 @@ func (ks *FSKeystore) Has(name string) (bool, error) {
return false, err
}

if err := validateName(name); err != nil {
return false, err
}

return true, nil
}

Expand Down Expand Up @@ -149,5 +153,19 @@ func (ks *FSKeystore) List() ([]string, error) {
return nil, err
}

return dir.Readdirnames(0)
dirs, err := dir.Readdirnames(0)
if err != nil {
return nil, err
}

var list []string

for _, name := range dirs {
err := validateName(name)
if err == nil {
list = append(list, name)
}
}

return list, err
}
57 changes: 57 additions & 0 deletions keystore/keystore_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"fmt"
"io/ioutil"
"math/rand"
"path/filepath"
"sort"
"testing"

Expand Down Expand Up @@ -143,6 +144,62 @@ func TestKeystoreBasics(t *testing.T) {
}
}

func TestInvalidKeyFiles(t *testing.T) {
tdir, err := ioutil.TempDir("", "keystore-test")

if err != nil {
t.Fatal(err)
}

ks, err := NewFSKeystore(tdir)
if err != nil {
t.Fatal(err)
}

key := privKeyOrFatal(t)

bytes, err := key.Bytes()
if err != nil {
t.Fatal(err)
}

err = ioutil.WriteFile(filepath.Join(ks.dir, "valid"), bytes, 0644)
if err != nil {
t.Fatal(err)
}

err = ioutil.WriteFile(filepath.Join(ks.dir, ".invalid"), bytes, 0644)
if err != nil {
t.Fatal(err)
}

l, err := ks.List()
if err != nil {
t.Fatal(err)
}

sort.Strings(l)
if len(l) != 1 {
t.Fatal("wrong entry count")
}

if l[0] != "valid" {
t.Fatal("wrong entries listed")
}

exist, err := ks.Has("valid")
if !exist {
t.Fatal("should know it has a key named valid")
}
if err != nil {
t.Fatal(err)
}

if exist, err = ks.Has(".invalid"); err == nil {
t.Fatal("shouldnt be able to put a key with a 'hidden' name")
}
}

func TestNonExistingKey(t *testing.T) {
tdir, err := ioutil.TempDir("", "keystore-test")
if err != nil {
Expand Down

1 comment on commit 407ec27

@GitCop
Copy link

@GitCop GitCop commented on 407ec27 Feb 14, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There were the following issues with your Pull Request

We ask for a few features in the commit message for Open Source licensing hygiene and commit message clarity.
git commit --amend can often help you quickly improve the commit message.
Guidelines and a script are available to help in the long run.
Your feedback on GitCop is welcome on this issue.


This message was auto-generated by https://gitcop.com

Please sign in to comment.