Refuse to start if cafile points at an unreadable file, to avoid silent

cert verification failures.
author: Wilmer van der Gaast <wilmer@gaast.net> 2011-12-19 18:23:28 +0100
committer: Wilmer van der Gaast <wilmer@gaast.net> 2011-12-19 18:23:28 +0100
commit: af5764e30a841b82bcba603fc06366442daa9c0a (patch)
tree: bcfff5cb5de8c4400daba958ef97f6086e6c42e7 /conf.c
parent: 78b840187cc1e2d370dd758e6a73c21e510107b5 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/conf.c b/conf.c
index 52055c35..3592f769 100644
--- a/conf.c
+++ b/conf.c
@@ -177,6 +177,14 @@ conf_t *conf_load( int argc, char *argv[] )
 	if( config_missing )
 		fprintf( stderr, "Warning: Unable to read configuration file `%s'.\n", global.conf_file );
 	
+	if( conf->cafile && access( conf->cafile, R_OK ) != 0 )
+	{
+		/* Let's treat this as a serious problem so people won't think
+		   they're secure when in fact they're not. */
+		fprintf( stderr, "Error: Could not read CA file %s: %s\n", conf->cafile, strerror( errno ) );
+		return NULL;
+	}
+	
 	return conf;
 }
author	Wilmer van der Gaast <wilmer@gaast.net>	2011-12-19 18:23:28 +0100
committer	Wilmer van der Gaast <wilmer@gaast.net>	2011-12-19 18:23:28 +0100
commit	af5764e30a841b82bcba603fc06366442daa9c0a (patch)
tree	bcfff5cb5de8c4400daba958ef97f6086e6c42e7 /conf.c
parent	78b840187cc1e2d370dd758e6a73c21e510107b5 (diff)