File 4781-ssl-fix-for-symlink-resolving-to-relative-path-with-.patch of Package erlang

From 93e185448b5da51227f8a11b9fc588f9bb892ac3 Mon Sep 17 00:00:00 2001
From: Jakub Witczak <kuba@erlang.org>
Date: Tue, 27 Sep 2022 20:11:51 +0200
Subject: [PATCH] ssl: fix for symlink resolving to relative path with CA certs

---
 lib/ssl/src/ssl.erl                  |  8 +++-
 lib/ssl/test/ssl_pem_cache_SUITE.erl | 56 +++++++++++++++++++++++-----
 2 files changed, 54 insertions(+), 10 deletions(-)

diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 571a00e627..9835d3d9db 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -2883,7 +2883,13 @@ unambiguous_path(Value) ->
     AbsName = filename:absname(Value),
     case file:read_link(AbsName) of
         {ok, PathWithNoLink} ->
-            PathWithNoLink;
+            case filename:pathtype(PathWithNoLink) of
+                relative ->
+                    Dirname = filename:dirname(AbsName),
+                    filename:join([Dirname, PathWithNoLink]);
+                _ ->
+                    PathWithNoLink
+            end;
         _ ->
             AbsName
     end.
diff --git a/lib/ssl/test/ssl_pem_cache_SUITE.erl b/lib/ssl/test/ssl_pem_cache_SUITE.erl
index 8591be9102..53c95c0cb7 100644
--- a/lib/ssl/test/ssl_pem_cache_SUITE.erl
+++ b/lib/ssl/test/ssl_pem_cache_SUITE.erl
@@ -65,6 +65,8 @@
          alternative_path_symlink/1,
          alternative_path_noabspath/0,
          alternative_path_noabspath/1,
+         alternative_path_symlink_relative/0,
+         alternative_path_symlink_relative/1,
          check_cert/3
         ]).
 
@@ -88,7 +90,8 @@ all() ->
      new_root_pem_no_cleanup_hardlink,
      alternative_path_noabspath,
      alternative_path_hardlink,
-     alternative_path_symlink].
+     alternative_path_symlink,
+     alternative_path_symlink_relative].
 
 groups() -> [].
 
@@ -413,6 +416,19 @@ alternative_path_noabspath(Config) when is_list(Config) ->
                  disconnected => [7, 0, 0, 0]},
     alternative_path_helper(Config, fun strip_path/1, Expected).
 
+alternative_path_symlink_relative() ->
+    [{doc,"Test that internal reference table contains separate instance of data "
+      "for absolute path and relative symbolic ink pointing to a file in subdirectory."
+      "This test verifies handling of different files."
+      "Relative path to a symlink is expected to be converted to absolute file path - "
+      "as a result establishing 2nd connection should add new data to tables."}].
+%% see alternative_path_hardlink for detailed specification
+alternative_path_symlink_relative(Config) when is_list(Config) ->
+    Expected = #{init => [0, 0, 0, 0], connected1 => [6, 6, 2, 2],
+                 connected2 => [7, 9, 3, 3], connected3 => [8, 12, 4, 4],
+                 disconnected => [8, 0, 0, 0]},
+    alternative_path_helper(Config, fun make_symlink_noabspath/1, Expected).
+
 %%--------------------------------------------------------------------
 %% Internal functions
 %%--------------------------------------------------------------------
@@ -631,15 +647,9 @@ alternative_path_helper(Config, GetAlternative,
     R1 = TestAlternative(4, Connected2, CACertFilePath1),
 
     %% check that same filenames in different folders don't collide
-    SubDir = "subdir",
-    SubDirPath = filename:join([Cwd, SubDir]),
+    SubDirPath = make_subdirectory(Cwd, "subdir"),
     CACertFilePath2 = filename:join([SubDirPath, CACertFilename]),
-    case file:read_file_info(SubDirPath) of
-        {error, enoent} ->
-            ok = file:make_dir(SubDirPath);
-        _ ->
-            ok
-    end,
+
     {ok, _} = file:copy(CACertFilePath0, CACertFilePath2),
     ok = c:cd(SubDirPath),
     R2 = TestAlternative(6, Connected3, CACertFilePath2),
@@ -846,4 +856,32 @@ make_symlink(AbsPath) ->
             {skip, Reason}
     end.
 
+make_symlink_noabspath(CACertFilePath1) ->
+    {ok, Cwd} = file:get_cwd(),
+    {ok, CACertFilename1} = strip_path(CACertFilePath1),
+
+    SubDir = "foo",
+    SubDirPath = make_subdirectory(Cwd, SubDir),
+    CACertFilename2 = CACertFilename1 ++ "_copy",
+    LinkName = CACertFilename2 ++ "_symlink",
+    CACertFilePath2 = filename:join([SubDirPath, CACertFilename2]),
+    {ok, _} = file:copy(CACertFilePath1, CACertFilePath2),
+    case file:make_symlink(CACertFilename2,
+                           filename:join([SubDirPath, LinkName])) of
+        ok ->
+            {ok, filename:join([SubDir, LinkName])};
+        Reason ->
+            {skip, Reason}
+    end.
+
+make_subdirectory(Cwd, SubDir) ->
+    SubDirPath = filename:join([Cwd, SubDir]),
+    case file:read_file_info(SubDirPath) of
+        {error, enoent} ->
+            ok = file:make_dir(SubDirPath);
+        _ ->
+            ok
+    end,
+    SubDirPath.
+
 identity(Path) -> {ok, Path}.
-- 
2.35.3