Loc Gomez
parent
517cda4946
commit
8c0ce5efd3
61
src/bip.c
61
src/bip.c
|
|
@ -846,30 +846,6 @@ static int validate_config(bip_t *bip)
|
|||
}
|
||||
}
|
||||
|
||||
if (conf_css && conf_ssl_certfile) {
|
||||
int e, fd;
|
||||
struct stat fs;
|
||||
|
||||
if ( (fd = open(conf_ssl_certfile, O_RDONLY)) == -1) {
|
||||
conf_die(bip, "Unable to open PEM file %s for reading",
|
||||
conf_ssl_certfile);
|
||||
return 0;
|
||||
}
|
||||
close(fd);
|
||||
|
||||
e = stat(conf_ssl_certfile, &fs);
|
||||
if (e) {
|
||||
mylog(LOG_WARN, "Unable to check PEM file, stat(%s): "
|
||||
"%s", conf_ssl_certfile, strerror(errno));
|
||||
} else if ( (fs.st_mode & S_IROTH) | (fs.st_mode & S_IWOTH) ) {
|
||||
conf_die(bip, "PEM file %s should not be world readable / "
|
||||
"writable. Please fix the modes.",
|
||||
conf_ssl_certfile);
|
||||
return 0;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if (strstr(conf_log_format, "%u") == NULL)
|
||||
mylog(LOG_WARN, "log_format does not contain %%u, all users'"
|
||||
" logs will be mixed !");
|
||||
|
|
@ -1268,14 +1244,37 @@ int main(int argc, char **argv)
|
|||
}
|
||||
|
||||
#ifdef HAVE_LIBSSL
|
||||
if (!conf_ssl_certfile) {
|
||||
char *ap = "/bip.pem";
|
||||
conf_ssl_certfile = malloc(strlen(conf_biphome) +
|
||||
strlen(ap) + 1);
|
||||
strcpy(conf_ssl_certfile, conf_biphome);
|
||||
strcat(conf_ssl_certfile, ap);
|
||||
mylog(LOG_INFO, "Using default SSL certificate file: %s",
|
||||
if (conf_css) {
|
||||
int e, fd;
|
||||
struct stat fs;
|
||||
|
||||
if (!conf_ssl_certfile) {
|
||||
char *ap = "/bip.pem";
|
||||
conf_ssl_certfile = malloc(strlen(conf_biphome) +
|
||||
strlen(ap) + 1);
|
||||
strcpy(conf_ssl_certfile, conf_biphome);
|
||||
strcat(conf_ssl_certfile, ap);
|
||||
mylog(LOG_INFO, "Using default SSL certificate file: "
|
||||
"%s", conf_ssl_certfile);
|
||||
}
|
||||
|
||||
if ( (fd = open(conf_ssl_certfile, O_RDONLY)) == -1) {
|
||||
fatal("Unable to open PEM file %s for reading",
|
||||
conf_ssl_certfile);
|
||||
return 0;
|
||||
}
|
||||
close(fd);
|
||||
|
||||
e = stat(conf_ssl_certfile, &fs);
|
||||
if (e) {
|
||||
mylog(LOG_WARN, "Unable to check PEM file, stat(%s): "
|
||||
"%s", conf_ssl_certfile, strerror(errno));
|
||||
} else if ( (fs.st_mode & S_IROTH) | (fs.st_mode & S_IWOTH) ) {
|
||||
fatal("PEM file %s should not be world readable / "
|
||||
"writable. Please fix the modes.",
|
||||
conf_ssl_certfile);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue