forked from Krautspace/doorstatus
statusd.py: add function certs_readable()
add a function to test at start, if needed certs are readable
This commit is contained in:
+++
parent
7d5753c879
commit
35d46f266a
1 changed files with 13 additions and 0 deletions
13
statusd.py
13
statusd.py
|
|
@ -41,6 +41,15 @@ def read_config(CONFIGFILE, CONFIG):
|
|||
return True
|
||||
|
||||
|
||||
def certs_readable(config):
|
||||
|
||||
for i in (config['SERVER_KEY'], config['SERVER_CERT'], config['CLIENT_CERT']):
|
||||
if os.access(i, os.R_OK) == False:
|
||||
logging.error('Cant read {}'.format(i))
|
||||
return False
|
||||
return True
|
||||
|
||||
|
||||
def strip_argument(argument):
|
||||
'''
|
||||
Becomes a string and strips at first whitespaces, second apostrops and
|
||||
|
|
@ -213,6 +222,10 @@ def main():
|
|||
read_config(CONFIG_FILE, CONFIG)
|
||||
print_config(CONFIG)
|
||||
|
||||
if certs_readable(CONFIG) == False:
|
||||
logging.error('Cert check failed\nExit')
|
||||
exit()
|
||||
|
||||
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
|
||||
context.options &= ~ssl.PROTOCOL_TLS
|
||||
context.verify_mode = ssl.CERT_REQUIRED
|
||||
|
|
|
|||
Loading…
Reference in a new issue