-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSL certificates from relative symbolic links broken since OTP 25.1 #6328
Comments
Thanks for reporting. Fix is planned to be included in OTP 25.1.1 and released this week. |
This also affected |
yes 24.3.4.5 will be corrected as well, but a little later probably. |
OTP25.1.1 will be delayed until Monday, sorry for inconvenience. |
OTP-25.1.1 is released |
OTP-24 fix is released as well. thanks for the report |
Describe the bug
Starting SSL connections fails in cases where certificates are read from files that are relative symbolic links.
To Reproduce
foo
:mkdir foo
foo
:cd foo
openssl req -x509 -newkey rsa:4096 -out cert.pem -days 365 -nodes
ln -s cert.pem cert2.pem
foo
:cd ..
Expected behavior
The SSL connection should establish.
Affected versions
25.1
Additional context
I think this bug started in #6287
More specifically, I believe this piece of code is the culprit:
This code looks up the path of the file but it does not properly resolve the path of the symbolic link. For example, if the symbolic link points to
cert.pem
, then it always returns the pathcert.pem
, regardless of where the symbolic link is located.The text was updated successfully, but these errors were encountered: