From 19c2201aa48bbfd2ffb8d582ffacd2d403d76a32 Mon Sep 17 00:00:00 2001
From: Marcel Poul <marcel.poul@cern.ch>
Date: Wed, 11 Jan 2012 15:48:55 +0000
Subject: [PATCH] check whether paths to certs returned by voms methods are
 correct

---
 emi.canl.canl-c/src/canl_ssl.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c
index 1ff4483..5801cf0 100644
--- a/emi.canl.canl-c/src/canl_ssl.c
+++ b/emi.canl.canl-c/src/canl_ssl.c
@@ -36,9 +36,12 @@ int ssl_server_init(glb_ctx *cc)
     err = proxy_get_filenames(0, &ca_cert_fn, &ca_cert_dirn, &user_proxy_fn,
             &user_cert_fn, &user_key_fn);
     if (!err && (!cc->cert_key || !cc->cert_key->cert || !cc->cert_key->key)) {
-        err = do_set_ctx_own_cert_file(cc, user_cert_fn, user_key_fn);
-        if (err)
-            return err;
+        if (user_cert_fn && user_key_fn && !access(user_cert_fn, R_OK) && 
+                !access(user_key_fn, R_OK)) {
+            err = do_set_ctx_own_cert_file(cc, user_cert_fn, user_key_fn);
+            if (err)
+                return err;
+        }
     }
 
     free(user_cert_fn);
@@ -150,7 +153,7 @@ int ssl_client_init(glb_ctx *cc, io_handler *io)
     err = proxy_get_filenames(0, &ca_cert_fn, &ca_cert_dirn, &user_proxy_fn,
             &user_cert_fn, &user_key_fn);
     if (!err && (!cc->cert_key || !cc->cert_key->cert || !cc->cert_key->key)) {
-        if (user_proxy_fn) {
+        if (user_proxy_fn && !access(user_proxy_fn, R_OK)) {
             err = do_set_ctx_own_cert_file(cc, user_proxy_fn, user_proxy_fn);
             if (err)
                 return err;
-- 
1.8.2.3