Resist directory traversal attacks through indirections.
In various versions of Puppet it was possible to cause a directory traversal
attack through the SSLFile indirection base class. This was variously
triggered through the user-supplied key, or the Subject of the certificate, in
the code.
Now, we detect bad patterns down in the base class for our indirections, and
fail hard on them. This reduces the attack surface with as little disruption
to the overall codebase as possible, making it suitable to deploy as part of
older, stable versions of Puppet.
In the long term we will also address this higher up the stack, to prevent
these problems from reoccurring, but for now this will suffice.
Huge thanks to Kristian Erik Hermansen <kristian.hermansen@gmail.com> for the
responsible disclosure, and useful analysis, around this defect.
Signed-off-by: Daniel Pittman <daniel@puppetlabs.com>