#include <string.h>
#include <ctype.h>
+#include <unistd.h>
#include "config.h"
#include "project.h"
#include "miscutil.h"
/*
* Sending final message to client
*/
- ssl_send_data(ssl_attr, (const unsigned char *)message, strlen(message));
+ (void)ssl_send_data(ssl_attr, (const unsigned char *)message, strlen(message));
free_certificate_chain(csp);
log_error(LOG_LEVEL_CRUNCH, "Certificate error: %s: https://%s%s",
reason, csp->http->hostport, csp->http->path);
- log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s https://%s%s %s\" 200 %u",
+ log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s https://%s%s %s\" 200 %lu",
csp->ip_addr_str, csp->http->gpc, csp->http->hostport, csp->http->path,
csp->http->version, message_len-head_length);
return 1;
}
+
+
+/*********************************************************************
+ *
+ * Function : enforce_sane_certificate_state
+ *
+ * Description : Makes sure the certificate state is sane.
+ *
+ * Parameters :
+ * 1 : certificate = Path to the potentionally existing certifcate.
+ * 2 : key = Path to the potentionally existing key.
+ *
+ * Returns : -1 => Error
+ * 0 => Certificate state is sane
+ *
+ *********************************************************************/
+extern int enforce_sane_certificate_state(const char *certificate, const char *key)
+{
+ if (file_exists(certificate) == 0 && file_exists(key) == 1)
+ {
+ log_error(LOG_LEVEL_ERROR,
+ "A website key already exists but there's no matching certificate. "
+ "Removing %s before creating a new key and certificate.", key);
+ if (unlink(key))
+ {
+ log_error(LOG_LEVEL_ERROR, "Failed to unlink %s: %E", key);
+
+ return -1;
+ }
+ }
+
+ return 0;
+
+}