krb5 commit [krb5-1.15]: Ignore dotfiles in profile includedir

[Greg Hudson]

https://github.com/krb5/krb5/commit/06ad6810d86641489e2c05be0a74aeef36811be9
commit 06ad6810d86641489e2c05be0a74aeef36811be9
Author: Greg Hudson <ghudson at mit.edu>
Date:   Fri Mar 24 11:07:21 2017 -0400

    Ignore dotfiles in profile includedir
    
    Editors and filesystems may create artifacts related to .conf files
    which don't change the file suffix; these artifacts generally begin
    with "." so that they don't appear in normal directory listings
    (e.g. ".#filename" for emacs interlock files).  Make sure to ignore
    any such artifacts when processing a profile includedir directive.
    
    (cherry picked from commit e8e1d841f8e43e4f441b451d91333a01e43c1b6f)
    
    ticket: 8563
    version_fixed: 1.15.2

 doc/admin/conf_files/krb5_conf.rst |    7 ++++---
 src/util/profile/prof_parse.c      |    6 +++++-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
index 653aad6..02a9359 100644
--- a/doc/admin/conf_files/krb5_conf.rst
+++ b/doc/admin/conf_files/krb5_conf.rst
@@ -55,9 +55,10 @@ following directives at the beginning of a line::
 directory must exist and be readable.  Including a directory includes
 all files within the directory whose names consist solely of
 alphanumeric characters, dashes, or underscores.  Starting in release
-1.15, files with names ending in ".conf" are also included.  Included
-profile files are syntactically independent of their parents, so each
-included file must begin with a section header.
+1.15, files with names ending in ".conf" are also included, unless the
+name begins with ".".  Included profile files are syntactically
+independent of their parents, so each included file must begin with a
+section header.
 
 The krb5.conf file can specify that configuration should be obtained
 from a loadable module, rather than the file itself, using the
diff --git a/src/util/profile/prof_parse.c b/src/util/profile/prof_parse.c
index e7c1f65..1baceea 100644
--- a/src/util/profile/prof_parse.c
+++ b/src/util/profile/prof_parse.c
@@ -222,12 +222,16 @@ static errcode_t parse_include_file(const char *filename,
 }
 
 /* Return non-zero if filename contains only alphanumeric characters, dashes,
- * and underscores, or if the filename ends in ".conf". */
+ * and underscores, or if the filename ends in ".conf" and is not a dotfile. */
 static int valid_name(const char *filename)
 {
     const char *p;
     size_t len = strlen(filename);
 
+    /* Ignore dotfiles, which might be editor or filesystem artifacts. */
+    if (*filename == '.')
+        return 0;
+
     if (len >= 5 && !strcmp(filename + len - 5, ".conf"))
         return 1;