From 0a63898f5b40dff5d0a898c5539e2071e12789c1 Mon Sep 17 00:00:00 2001
From: toddouska <todd@yassl.com>
Date: Wed, 13 Mar 2013 11:17:14 -0700
Subject: [PATCH] make sure stat uses full path for REG check

---
 src/crl.c | 21 ++++++++++++++-------
 src/ssl.c | 16 ++++++++--------
 2 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/src/crl.c b/src/crl.c
index 38487eb67..e65cc3236 100644
--- a/src/crl.c
+++ b/src/crl.c
@@ -30,6 +30,7 @@
 #include <cyassl/error.h>
 
 #include <dirent.h>
+#include <sys/stat.h>
 #include <string.h>
 
 
@@ -532,8 +533,19 @@ int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor)
         return BAD_PATH_ERROR;
     }
     while ( (entry = readdir(dir)) != NULL) {
-        if (entry->d_type & DT_REG) {
-            char name[MAX_FILENAME_SZ];
+        char name[MAX_FILENAME_SZ];
+        struct stat s;
+
+        XMEMSET(name, 0, sizeof(name));
+        XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2);
+        XSTRNCAT(name, "/", 1);
+        XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2);
+
+        if (stat(name, &s) != 0) {
+            CYASSL_MSG("stat on name failed");
+            continue;
+        }
+        if (s.st_mode & S_IFREG) {
 
             if (type == SSL_FILETYPE_PEM) {
                 if (strstr(entry->d_name, ".pem") == NULL) {
@@ -550,11 +562,6 @@ int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor)
                 }
             }
 
-            XMEMSET(name, 0, sizeof(name));
-            XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2);
-            XSTRNCAT(name, "/", 1);
-            XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2);
-
             if (ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl)
                                                                != SSL_SUCCESS) {
                 CYASSL_MSG("CRL file load failed, continuing");
diff --git a/src/ssl.c b/src/ssl.c
index 85fed9fc3..a5b7c9957 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -1672,20 +1672,20 @@ int CyaSSL_CTX_load_verify_locations(CYASSL_CTX* ctx, const char* file,
             return BAD_PATH_ERROR;
         }
         while ( ret == SSL_SUCCESS && (entry = readdir(dir)) != NULL) {
+            char name[MAX_FILENAME_SZ];
             struct stat s;
-            if (stat(entry->d_name, &s) != 0) {
+
+            XMEMSET(name, 0, sizeof(name));
+            XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2);
+            XSTRNCAT(name, "/", 1);
+            XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2);
+
+            if (stat(name, &s) != 0) {
                 CYASSL_MSG("stat on name failed");
                 closedir(dir);
                 return BAD_PATH_ERROR;
             }
             if (s.st_mode & S_IFREG) {
-                char name[MAX_FILENAME_SZ];
-
-                XMEMSET(name, 0, sizeof(name));
-                XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2);
-                XSTRNCAT(name, "/", 1);
-                XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2);
-                
                 ret = ProcessFile(ctx, name, SSL_FILETYPE_PEM, CA_TYPE, NULL,0,
                                   NULL);
             }