Page MenuHomeVyOS Platform

SSTP wrong certificates check
Open, Requires assessmentPublicBUG


In python SSTP CLI handler we check certificate existence, but handler does not check this directory or file.
I propose to change os.path.exists() to os.path.isfile()

if not os.path.isfile(sstp['ssl_ca']):
    file = sstp['ssl_ca']
    raise ConfigError(f'SSL CA certificate file "{file}" does not exist')

if not os.path.isfile(sstp['ssl_cert']):
    file = sstp['ssl_cert']
    raise ConfigError(f'SSL public key file "{file}" does not exist')

if not os.path.isfile(sstp['ssl_key']):
    file = sstp['ssl_key']
    raise ConfigError(f'SSL private key file "{file}" does not exist')

Related forum topic


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)

Event Timeline

Dmitry created this task.Mon, Jun 29, 1:06 PM
Dmitry updated the task description. (Show Details)Mon, Jun 29, 1:12 PM
pasik added a subscriber: pasik.Mon, Jun 29, 4:11 PM