Module: ngircd.git Branch: master Commit: 9a4f1532008bbae148e197a6e56f53e5f3504fd1 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=9a4f1...
Author: Florian Westphal fw@strlen.de Date: Sun Sep 20 20:43:12 2009 +0200
configtest: complain when ssl keys are not readable
---
src/ngircd/conf.c | 43 ++++++++++++++++++++++++++++++++++++++----- 1 files changed, 38 insertions(+), 5 deletions(-)
diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c index 71f0fe8..4dcf9e6 100644 --- a/src/ngircd/conf.c +++ b/src/ngircd/conf.c @@ -96,18 +96,50 @@ ConfSSL_Init(void) }
-static void +static bool ConfSSL_Puts(void) { - if (Conf_SSLOptions.KeyFile) + FILE *fp; + bool ret = true; + + if (Conf_SSLOptions.KeyFile) { printf( " SSLKeyFile = %s\n", Conf_SSLOptions.KeyFile); - if (Conf_SSLOptions.CertFile) + fp = fopen(Conf_SSLOptions.KeyFile, "r"); + if (fp) { + fclose(fp); + } else { + fprintf(stderr, "ERROR: SSLKeyFile "%s": %s\n", + Conf_SSLOptions.KeyFile, strerror(errno)); + ret = false; + } + } + if (Conf_SSLOptions.CertFile) { printf( " SSLCertFile = %s\n", Conf_SSLOptions.CertFile); - if (Conf_SSLOptions.DHFile) + fp = fopen(Conf_SSLOptions.CertFile, "r"); + if (fp) { + fclose(fp); + } else { + fprintf(stderr, "ERROR: SSLCertFile "%s": %s\n", + Conf_SSLOptions.CertFile, strerror(errno)); + ret = false; + } + } + if (Conf_SSLOptions.DHFile) { printf( " SSLDHFile = %s\n", Conf_SSLOptions.DHFile); + fp = fopen(Conf_SSLOptions.DHFile, "r"); + if (fp) { + fclose(fp); + } else { + fprintf(stderr, "ERROR: SSLDHFile "%s": %s\n", + Conf_SSLOptions.CertFile, strerror(errno)); + ret = false; + } + } if (array_bytes(&Conf_SSLOptions.KeyFilePassword)) puts(" SSLKeyFilePassword = <secret>" ); array_free_wipe(&Conf_SSLOptions.KeyFilePassword); + + return ret; } #endif
@@ -245,7 +277,8 @@ Conf_Test( void ) #ifdef SSL_SUPPORT fputs(" SSLPorts = ", stdout); ports_puts(&Conf_SSLOptions.ListenPorts); - ConfSSL_Puts(); + if (!ConfSSL_Puts()) + config_valid = false; #endif
pwd = getpwuid( Conf_UID );