From 35d46f266ab2c8deac8d8899fdde3cd3cd4d6818 Mon Sep 17 00:00:00 2001
From: +++ <berhsi@web.de>
Date: Tue, 30 Jul 2019 22:06:07 +0200
Subject: [PATCH] statusd.py: add function certs_readable()

add a function to test at start, if needed certs are readable
---
 statusd.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/statusd.py b/statusd.py
index 454b004..dc68d3c 100755
--- a/statusd.py
+++ b/statusd.py
@@ -41,6 +41,15 @@ def read_config(CONFIGFILE, CONFIG):
     return True
 
 
+def certs_readable(config):
+
+    for i in (config['SERVER_KEY'], config['SERVER_CERT'], config['CLIENT_CERT']):
+        if os.access(i, os.R_OK) == False:
+            logging.error('Cant read {}'.format(i))
+            return False
+    return True
+
+
 def strip_argument(argument):
     '''
     Becomes a string and strips at first whitespaces, second apostrops and
@@ -213,6 +222,10 @@ def main():
     read_config(CONFIG_FILE, CONFIG)
     print_config(CONFIG)
 
+    if certs_readable(CONFIG) == False:
+        logging.error('Cert check failed\nExit')
+        exit()
+
     context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
     context.options &= ~ssl.PROTOCOL_TLS
     context.verify_mode = ssl.CERT_REQUIRED