From: Marcel Poul <marcel.poul@cern.ch>
Date: Wed, 11 Jan 2012 15:48:55 +0000 (+0000)
Subject: check whether paths to certs returned by voms methods are correct
X-Git-Tag: emi-canl-c_R_1_0_0_0~86
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=19c2201aa48bbfd2ffb8d582ffacd2d403d76a32;p=jra1mw.git

check whether paths to certs returned by voms methods are correct
---

diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c
index 1ff4483..5801cf0 100644
--- a/emi.canl.canl-c/src/canl_ssl.c
+++ b/emi.canl.canl-c/src/canl_ssl.c
@@ -36,9 +36,12 @@ int ssl_server_init(glb_ctx *cc)
     err = proxy_get_filenames(0, &ca_cert_fn, &ca_cert_dirn, &user_proxy_fn,
             &user_cert_fn, &user_key_fn);
     if (!err && (!cc->cert_key || !cc->cert_key->cert || !cc->cert_key->key)) {
-        err = do_set_ctx_own_cert_file(cc, user_cert_fn, user_key_fn);
-        if (err)
-            return err;
+        if (user_cert_fn && user_key_fn && !access(user_cert_fn, R_OK) && 
+                !access(user_key_fn, R_OK)) {
+            err = do_set_ctx_own_cert_file(cc, user_cert_fn, user_key_fn);
+            if (err)
+                return err;
+        }
     }
 
     free(user_cert_fn);
@@ -150,7 +153,7 @@ int ssl_client_init(glb_ctx *cc, io_handler *io)
     err = proxy_get_filenames(0, &ca_cert_fn, &ca_cert_dirn, &user_proxy_fn,
             &user_cert_fn, &user_key_fn);
     if (!err && (!cc->cert_key || !cc->cert_key->cert || !cc->cert_key->key)) {
-        if (user_proxy_fn) {
+        if (user_proxy_fn && !access(user_proxy_fn, R_OK)) {
             err = do_set_ctx_own_cert_file(cc, user_proxy_fn, user_proxy_fn);
             if (err)
                 return err;