commit efb48052dcb6788001e7cce089c2b2f375d927c5
from: Omar Polo <op@omarpolo.com>
date: Tue Jul 27 09:21:42 2021 UTC

relax openat rule: follow symlinks

O_NOFOLLOW acts only on *the last component*, so on
open("/foo/bar/baz") only when baz is a symlink open fails.
Checking every path component is not viable.

gh issue #5 related (sort of)

commit - a8e1e8d73853b4373ae4554be976bf827cb2dc81
commit + efb48052dcb6788001e7cce089c2b2f375d927c5
blob - 905ca0fe7582e6f2c6e821c50ca50e6960cf1897
blob + 18fdb6e5878d1d81c9e1cb709bec9fb05c450c8c
--- server.c
+++ server.c
@@ -310,7 +310,7 @@ check_path(struct client *c, const char *path, int *fd
 {
 	struct stat sb;
 	const char *p;
-	int flags, dirfd, strip;
+	int dirfd, strip;
 
 	assert(path != NULL);
 
@@ -332,8 +332,7 @@ check_path(struct client *c, const char *path, int *fd
 	dirfd = vhost_dirfd(c->host, path, &c->loc);
 	log_debug(c, "check_path: strip=%d path=%s original=%s",
 	    strip, p, path);
-	flags = O_RDONLY | O_NOFOLLOW;
-	if (*fd == -1 && (*fd = openat(dirfd, p, flags)) == -1)
+	if (*fd == -1 && (*fd = openat(dirfd, p, O_RDONLY)) == -1)
 		return FILE_MISSING;
 
 	if (fstat(*fd, &sb) == -1) {