Sanity checks for SSL cacertfile configuration
We were not able to handle ~/... type of path configurations and we crashed with mysterious SSL errors when no file was found at the configured location. Expand '~' and bomb out with usable error messages in case such a file does not exist. This will still not protect against corrupt cacert files but it goes a long way towards user friendliness. Signed-off-by: Sebastian Spaeth <Sebastian@SSpaeth.de> Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
This commit is contained in:
parent
2ab51e6855
commit
1c71e37f8f
@ -140,7 +140,17 @@ class IMAPRepository(BaseRepository):
|
||||
return self.getconf('sslclientkey', None)
|
||||
|
||||
def getsslcacertfile(self):
|
||||
return self.getconf('sslcacertfile', None)
|
||||
"""Return the absolute path of the CA certfile to use, if any"""
|
||||
cacertfile = self.getconf('sslcacertfile', None)
|
||||
if cacertfile is None:
|
||||
return None
|
||||
cacertfile = os.path.expanduser(cacertfile)
|
||||
cacertfile = os.path.abspath(cacertfile)
|
||||
if not os.path.isfile(cacertfile):
|
||||
raise SyntaxWarning("CA certfile for repository '%s' could "
|
||||
"not be found. No such file: '%s'" \
|
||||
% (self.name, cacertfile))
|
||||
return cacertfile
|
||||
|
||||
def getpreauthtunnel(self):
|
||||
return self.getconf('preauthtunnel', None)
|
||||
|
Loading…
x
Reference in New Issue
Block a user