From ec39a1d765b565615e7a55075b82efe9ae040ebd Mon Sep 17 00:00:00 2001
From: Hans Trompert <hans.trompert@surf.nl>
Date: Fri, 29 Oct 2021 14:30:07 +0200
Subject: [PATCH] always try to find key and certificate in config
---
opennsa/config.py | 29 ++++++++++++++++++++---------
1 file changed, 20 insertions(+), 9 deletions(-)
diff --git a/opennsa/config.py b/opennsa/config.py
index eeeaa89a..90ba7e5a 100644
--- a/opennsa/config.py
+++ b/opennsa/config.py
@@ -315,6 +315,16 @@ class Config(object):
except configparser.NoOptionError:
vc[BASE_URL] = None
+ try:
+ vc[KEY] = cfg.get(BLOCK_SERVICE, KEY)
+ except configparser.NoOptionError:
+ vc[KEY] = None
+
+ try:
+ vc[CERTIFICATE] = cfg.get(BLOCK_SERVICE, CERTIFICATE)
+ except configparser.NoOptionError:
+ vc[CERTIFICATE] = None
+
try:
policies = cfg.get(BLOCK_SERVICE, POLICY).split(',')
for policy in policies:
@@ -356,18 +366,19 @@ class Config(object):
# tls
if vc[TLS]:
try:
- hostkey = cfg.get(BLOCK_SERVICE, KEY)
- hostcert = cfg.get(BLOCK_SERVICE, CERTIFICATE)
-
- if not os.path.exists(hostkey):
+ if not vc[KEY]:
raise ConfigurationError(
- 'Specified hostkey does not exist (%s)' % hostkey)
- if not os.path.exists(hostcert):
+ 'must specify a key when TLS is enabled')
+ elif not os.path.exists(vc[KEY]):
raise ConfigurationError(
- 'Specified hostcert does not exist (%s)' % hostcert)
+ 'Specified key does not exist (%s)' % vc[KEY])
- vc[KEY] = hostkey
- vc[CERTIFICATE] = hostcert
+ if not vc[CERTIFICATE]:
+ raise ConfigurationError(
+ 'must specify a certificate when TLS is enabled')
+ elif not os.path.exists(vc[CERTIFICATE]):
+ raise ConfigurationError(
+ 'Specified certificate does not exist (%s)' % vc[CERTIFICATE])
try:
allowed_hosts_cfg = cfg.get(BLOCK_SERVICE, ALLOWED_HOSTS)
--
GitLab