Fail cleanly if necessary files can't be opened.

rlgwebd

@@ -25,7 +25,8 @@ var rlgwebd_options = {
 
 /* Read configuration from a file */
 var config_file = "/etc/rlgwebd.conf";
-var config_lines = fs.readFileSync(config_file).toString().split('\n');
+var config_lines = read_or_die(config_file, "Configuration file").toString().split('\n');
+
 for (var i = 0; i < config_lines.length; i++) {
   if (config_lines[i].length > 0 && config_lines[i][0] != '#') {
     var config_fields = config_lines[i].split('=');
@@ -578,6 +579,25 @@ function tslog() {
   console.log.apply(console, arguments);
 }
 
+// Read a file synchronously, exiting if anything goes wrong.
+// Intended only for files required at startup.
+function read_or_die(filename, description) {
+  var contents;
+  try {
+    contents = fs.readFileSync(filename);
+  }
+  catch (err) {
+    if (err.code == "ENOENT") {
+      tslog("%s %s does not exist", description, filename);
+    }
+    else {
+      console.log(err.stack);
+    }
+    process.exit(1);
+  }
+  return contents;
+}
+
 /* Returns a list of the cookies in the request, obviously. */
 function getCookies(req) {
   cookies = [];
@@ -1237,9 +1257,11 @@ if (fs.existsSync(rlgwebd_options.control_socket)) {
 
 var tls_options = {};
 if (rlgwebd_options.use_https) {
-  tls_options.key = fs.readFileSync(rlgwebd_options.keyfile),
+  /* If the cert can't be found, don't fall back to insecure HTTP. */
-  tls_options.cert = fs.readFileSync(rlgwebd_options.certfile),
+  tls_options.key = read_or_die(rlgwebd_options.keyfile, "Keyfile");
-  tls_options.ca = fs.readFileSync(rlgwebd_options.cafile)
+  tls_options.cert = read_or_die(rlgwebd_options.certfile, "Certfile");
+  if ("cafile" in rlgwebd_options)
+    tls_options.ca = read_or_die(rlgwebd_options.cafile, "CA file");
 };
 
 /* Open the control socket before chrooting where it can't be found */
@@ -1273,10 +1295,10 @@ ctlServer.listen(rlgwebd_options.control_socket, function () {
   wsServer.on("request", wsHandler);
   tslog('WebSockets are online'); 
   if (rlgwebd_options.use_https) {
-  var httpsServer = https.createServer(tls_options, webHandler);
+    var httpsServer = https.createServer(tls_options, webHandler);
     httpsServer.listen(rlgwebd_options.https_port);
     tslog('TLS running on port %d', rlgwebd_options.https_port); 
-    wssServer = new WebSocketServer({"httpServer": httpsServer});
+    var wssServer = new WebSocketServer({"httpServer": httpsServer});
     wssServer.on("request", wsHandler);
     tslog('Secure WebSockets are online'); 
   }