[CalendarServer-changes] [1714] CalendarServer/trunk

source_changes at macosforge.org source_changes at macosforge.org
Wed Jul 25 16:16:00 PDT 2007


Revision: 1714
          http://trac.macosforge.org/projects/calendarserver/changeset/1714
Author:   wsanchez at apple.com
Date:     2007-07-25 16:16:00 -0700 (Wed, 25 Jul 2007)

Log Message:
-----------
Remove SSL cert/key files from default config, must be configured explicitly.
Handle unset SSL cert/key files when SSLPort is set by disabling SSL port and logging an error.

Modified Paths:
--------------
    CalendarServer/trunk/conf/caldavd.plist
    CalendarServer/trunk/twistedcaldav/tap.py

Modified: CalendarServer/trunk/conf/caldavd.plist
===================================================================
--- CalendarServer/trunk/conf/caldavd.plist	2007-07-24 17:12:18 UTC (rev 1713)
+++ CalendarServer/trunk/conf/caldavd.plist	2007-07-25 23:16:00 UTC (rev 1714)
@@ -214,11 +214,11 @@
 
   <!-- Public key -->
   <key>SSLCertificate</key>
-  <string>/etc/certificates/Default.crt</string>
+  <string></string>
 
   <!-- Private key -->
   <key>SSLPrivateKey</key>
-  <string>/etc/certificates/Default.key</string>
+  <string></string>
 
 
   <!--

Modified: CalendarServer/trunk/twistedcaldav/tap.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/tap.py	2007-07-24 17:12:18 UTC (rev 1713)
+++ CalendarServer/trunk/twistedcaldav/tap.py	2007-07-25 23:16:00 UTC (rev 1714)
@@ -206,18 +206,23 @@
 
         # Verify that ssl certs exist if needed
         if config.SSLPort:
-            self.checkFile(
-                config.SSLPrivateKey,
-                "SSL Private key",
-                access=os.R_OK,
-                #permissions=0640
-            )
-            self.checkFile(
-                config.SSLCertificate,
-                "SSL Public key",
-                access=os.R_OK,
-                #permissions=0644
-            )
+            try:
+                self.checkFile(
+                    config.SSLPrivateKey,
+                    "SSL Private key",
+                    access=os.R_OK,
+                    #permissions=0640
+                )
+                self.checkFile(
+                    config.SSLCertificate,
+                    "SSL Public key",
+                    access=os.R_OK,
+                    #permissions=0644
+                )
+            except ConfigurationError, e:
+                log.err(str(e))
+                log.err("Disabling SSL port")
+                config.SSLPort = 0
 
         #
         # Nuke the file log observer's time format.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20070725/ba6c08a9/attachment.html


More information about the calendarserver-changes mailing list