From af5764e30a841b82bcba603fc06366442daa9c0a Mon Sep 17 00:00:00 2001
From: Wilmer van der Gaast <wilmer@gaast.net>
Date: Mon, 19 Dec 2011 18:23:28 +0100
Subject: Refuse to start if cafile points at an unreadable file, to avoid
 silent cert verification failures.

---
 conf.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'conf.c')

diff --git a/conf.c b/conf.c
index 52055c35..3592f769 100644
--- a/conf.c
+++ b/conf.c
@@ -177,6 +177,14 @@ conf_t *conf_load( int argc, char *argv[] )
 	if( config_missing )
 		fprintf( stderr, "Warning: Unable to read configuration file `%s'.\n", global.conf_file );
 	
+	if( conf->cafile && access( conf->cafile, R_OK ) != 0 )
+	{
+		/* Let's treat this as a serious problem so people won't think
+		   they're secure when in fact they're not. */
+		fprintf( stderr, "Error: Could not read CA file %s: %s\n", conf->cafile, strerror( errno ) );
+		return NULL;
+	}
+	
 	return conf;
 }
 
-- 
cgit v1.2.3