X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=ssl_common.c;h=6d2e11f6342f17703f90d361491d509edc40e4c4;hp=c7bd538aab8b8fc9c05ed33ce0676f4210e60e1c;hb=e6c7a0409aed822fc6a8ad8028b7e7bde0b711ac;hpb=e6ba01ae43adfab0a32d976d9aedacc22723ff2e

diff --git a/ssl_common.c b/ssl_common.c
index c7bd538a..6d2e11f6 100644
--- a/ssl_common.c
+++ b/ssl_common.c
@@ -31,6 +31,7 @@
 #include <string.h>
 
 #include <ctype.h>
+#include <unistd.h>
 #include "config.h"
 #include "project.h"
 #include "miscutil.h"
@@ -407,7 +408,7 @@ extern void ssl_send_certificate_error(struct client_state *csp)
    /*
     * Sending final message to client
     */
-   ssl_send_data(ssl_attr, (const unsigned char *)message, strlen(message));
+   (void)ssl_send_data(ssl_attr, (const unsigned char *)message, strlen(message));
 
    free_certificate_chain(csp);
 
@@ -698,3 +699,37 @@ extern int host_is_ip_address(const char *host)
    return 1;
 
 }
+
+
+/*********************************************************************
+ *
+ * Function    :  enforce_sane_certificate_state
+ *
+ * Description :  Makes sure the certificate state is sane.
+ *
+ * Parameters  :
+ *          1  :  certificate = Path to the potentionally existing certifcate.
+ *          2  :  key = Path to the potentionally existing key.
+ *
+ * Returns     :   -1 => Error
+ *                 0 => Certificate state is sane
+ *
+ *********************************************************************/
+extern int enforce_sane_certificate_state(const char *certificate, const char *key)
+{
+   if (file_exists(certificate) == 0 && file_exists(key) == 1)
+   {
+      log_error(LOG_LEVEL_ERROR,
+         "A website key already exists but there's no matching certificate. "
+         "Removing %s before creating a new key and certificate.", key);
+      if (unlink(key))
+      {
+         log_error(LOG_LEVEL_ERROR, "Failed to unlink %s: %E", key);
+
+         return -1;
+      }
+   }
+
+   return 0;
+
+}