r1166111 | danielsh | 2011-09-07 11:00:27 +0000 (Wed, 07 Sep 2011)
Path-based authz: error out on non-canonical fspaths in the input. (We
already canonicalize fspaths passed to the API for access testing.)
This is an incompatible change: some previously-accepted authz files
will now cause visible errors. However, before this change the semantics
of such authz files might have been different from what a casual gloss
over them would have suggested.
Found by: Malte Schirmacher
(thana on IRC)
(authz_validate_section): Validate the fspath part of the section name.
(authz): Add a basic regression test for this.