statusd.py: add function certs_readable()
add a function to test at start, if needed certs are readable
This commit is contained in:
parent
7d5753c879
commit
35d46f266a
1 changed files with 13 additions and 0 deletions
13
statusd.py
13
statusd.py
|
@ -41,6 +41,15 @@ def read_config(CONFIGFILE, CONFIG):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
def certs_readable(config):
|
||||||
|
|
||||||
|
for i in (config['SERVER_KEY'], config['SERVER_CERT'], config['CLIENT_CERT']):
|
||||||
|
if os.access(i, os.R_OK) == False:
|
||||||
|
logging.error('Cant read {}'.format(i))
|
||||||
|
return False
|
||||||
|
return True
|
||||||
|
|
||||||
|
|
||||||
def strip_argument(argument):
|
def strip_argument(argument):
|
||||||
'''
|
'''
|
||||||
Becomes a string and strips at first whitespaces, second apostrops and
|
Becomes a string and strips at first whitespaces, second apostrops and
|
||||||
|
@ -213,6 +222,10 @@ def main():
|
||||||
read_config(CONFIG_FILE, CONFIG)
|
read_config(CONFIG_FILE, CONFIG)
|
||||||
print_config(CONFIG)
|
print_config(CONFIG)
|
||||||
|
|
||||||
|
if certs_readable(CONFIG) == False:
|
||||||
|
logging.error('Cert check failed\nExit')
|
||||||
|
exit()
|
||||||
|
|
||||||
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
|
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
|
||||||
context.options &= ~ssl.PROTOCOL_TLS
|
context.options &= ~ssl.PROTOCOL_TLS
|
||||||
context.verify_mode = ssl.CERT_REQUIRED
|
context.verify_mode = ssl.CERT_REQUIRED
|
||||||
|
|
Loading…
Reference in a new issue