config: supply meaningful error for non-existing pathnames

If tlshd.conf had a non-exists pathname, the code would have a non-descriptive error: tlshd[64556]: open: No such file or directory Such error can happen when a filename specified had trailing spaces after the name of the file. Instead provide a more descriptive error such as: tlshd[64423]: server x509.certificate pathname "/root/server.crt " does not exist In hope that the administrator would notice the error or extra spaces or some other typos in the pathname. Addresses issue #59. Signed-off-by: Olga Kornievskaia <[email protected]> Reviewed-by: Hannes Reinecke <[email protected]> Signed-off-by: Chuck Lever <[email protected]>
oracle · Jun 12, 2024 · ad57063 · ad57063
1 parent 4f57659
commit ad57063
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/src/tlshd/config.c b/src/tlshd/config.c
@@ -184,6 +184,9 @@ bool tlshd_config_get_client_truststore(char **bundle)
 	if (!pathname) {
 		g_error_free(error);
 		return false;
+	} else if (access(pathname, F_OK)) {
+		tlshd_log_debug("client x509.truststore pathname \"%s\" is not accessible", pathname);
+		return false;
 	}
 
 	*bundle = strdup(pathname);
@@ -217,6 +220,9 @@ bool tlshd_config_get_client_certs(gnutls_pcert_st *certs,
 	if (!pathname) {
 		g_error_free(error);
 		return false;
+	} else if (access(pathname, F_OK)) {
+		tlshd_log_debug("client x509.certificate pathname \"%s\" is not accessible", pathname);
+		return false;
 	}
 
 	if (!tlshd_config_read_datum(pathname, &data, TLSHD_OWNER,
@@ -261,6 +267,9 @@ bool tlshd_config_get_client_privkey(gnutls_privkey_t *privkey)
 	if (!pathname) {
 		g_error_free(error);
 		return false;
+	} else if (access(pathname, F_OK)) {
+		tlshd_log_debug("client x095.private_key pathname \"%s\" is not accessible", pathname);
+		return false;
 	}
 
 	if (!tlshd_config_read_datum(pathname, &data, TLSHD_OWNER,
@@ -310,6 +319,9 @@ bool tlshd_config_get_server_truststore(char **bundle)
 	if (!pathname) {
 		g_error_free(error);
 		return false;
+	} else if (access(pathname, F_OK)) {
+		tlshd_log_debug("server x509.truststore pathname \"%s\" is not accessible", pathname);
+		return false;
 	}
 
 	*bundle = strdup(pathname);
@@ -343,6 +355,9 @@ bool tlshd_config_get_server_certs(gnutls_pcert_st *certs,
 	if (!pathname) {
 		g_error_free(error);
 		return false;
+	} else if (access(pathname, F_OK)) {
+		tlshd_log_debug("server x509.certificate pathname \"%s\" is not accessible", pathname);
+		return false;
 	}
 
 	if (!tlshd_config_read_datum(pathname, &data, TLSHD_OWNER,
@@ -386,6 +401,9 @@ bool tlshd_config_get_server_privkey(gnutls_privkey_t *privkey)
 	if (!pathname) {
 		g_error_free(error);
 		return false;
+	} else if (access(pathname, F_OK)) {
+		tlshd_log_debug("server x509.privkey pathname \"%s\" is not accessible", pathname);
+		return false;
 	}
 
 	if (!tlshd_config_read_datum(pathname, &data, TLSHD_OWNER,