SSL options:
- fixes - PEM file world readable is a non fatal error
This commit is contained in:
Loc Gomez
parent
8c0ce5efd3
commit
eb32b16872
14
src/bip.c
14
src/bip.c
|
|
@ -1258,23 +1258,19 @@ int main(int argc, char **argv)
|
|||
"%s", conf_ssl_certfile);
|
||||
}
|
||||
|
||||
if ( (fd = open(conf_ssl_certfile, O_RDONLY)) == -1) {
|
||||
if ( (fd = open(conf_ssl_certfile, O_RDONLY)) == -1)
|
||||
fatal("Unable to open PEM file %s for reading",
|
||||
conf_ssl_certfile);
|
||||
return 0;
|
||||
}
|
||||
close(fd);
|
||||
|
||||
e = stat(conf_ssl_certfile, &fs);
|
||||
if (e) {
|
||||
if (e)
|
||||
mylog(LOG_WARN, "Unable to check PEM file, stat(%s): "
|
||||
"%s", conf_ssl_certfile, strerror(errno));
|
||||
} else if ( (fs.st_mode & S_IROTH) | (fs.st_mode & S_IWOTH) ) {
|
||||
fatal("PEM file %s should not be world readable / "
|
||||
"writable. Please fix the modes.",
|
||||
else if ( (fs.st_mode & S_IROTH) | (fs.st_mode & S_IWOTH) )
|
||||
mylog(LOG_ERROR, "PEM file %s should not be world "
|
||||
"readable / writable. Please fix the modes.",
|
||||
conf_ssl_certfile);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue