diff options
| author | Koichiro IWAO <meta@vmeta.jp> | 2017-03-08 13:30:14 +0900 |
|---|---|---|
| committer | metalefty <meta@vmeta.jp> | 2017-06-12 16:57:04 +0900 |
| commit | 65c1fe87d7a58f431c6cc1ab62766394837e7408 (patch) | |
| tree | 810b8e6b5cb6ae19cab37c331436d1e01f92593d /libxrdp/xrdp_rdp.c | |
| parent | 0299d64fa87e1d5b396a0498785879834f6860f5 (diff) | |
| download | xrdp-proprietary-65c1fe87d7a58f431c6cc1ab62766394837e7408.tar.gz xrdp-proprietary-65c1fe87d7a58f431c6cc1ab62766394837e7408.zip | |
Log user-friendly message when certificate/privkey is inaccessible
We shouldn't assume that xrdp daemon is running under root privilege.
In many cases, root privilege is not really needed for xrdp daemon.
xrdp may fail to load certificate/privkey due to lack of permissions
when running under user privilege. Checking existence of files is not
enough and xrdp should output user-friendly log in such case.
Reported by Debian user in bug 856436 [1].
[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856436
Diffstat (limited to 'libxrdp/xrdp_rdp.c')
| -rw-r--r-- | libxrdp/xrdp_rdp.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/libxrdp/xrdp_rdp.c b/libxrdp/xrdp_rdp.c index 0409f96c..75b8768c 100644 --- a/libxrdp/xrdp_rdp.c +++ b/libxrdp/xrdp_rdp.c @@ -269,6 +269,12 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info) /* use user defined certificate */ g_strncpy(client_info->certificate, value, 1023); } + + if (!g_file_readable(client_info->certificate)) + { + log_message(LOG_LEVEL_ERROR, "Cannot open certificate file %s: %s", + client_info->certificate, g_get_strerror()); + } } else if (g_strcasecmp(item, "key_file") == 0) { @@ -293,6 +299,12 @@ xrdp_rdp_read_config(struct xrdp_client_info *client_info) /* use user defined key_file */ g_strncpy(client_info->key_file, value, 1023); } + + if (!g_file_readable(client_info->key_file)) + { + log_message(LOG_LEVEL_ERROR, "Cannot open private key file %s: %s", + client_info->key_file, g_get_strerror()); + } } } |