Improve error handling when checking downloaded pem cert

We access pkBlock.Type later and pkBlock can be nil here.

Improve error handling when checking downloaded pem cert
c6bca076 · Pea Nut · jkito · 1f91f6f8 · c6bca076 · c6bca076
Commit c6bca076 authored 6 months ago by Pea Nut Committed by jkito 5 months ago
--- a/pkg/vpn/openvpn.go
+++ b/pkg/vpn/openvpn.go
@@ -329,9 +329,10 @@ func (b *Bitmask) getCert() error {
 	}
 	b.certPemPath = b.getTempCertPemPath()
-	// If we start OpenVPN, openvpn.pem does not exist and isValidCert returns false
+	// If we start OpenVPN for  the first time, openvpn.pem does not exist
-	// If we start OpenVPN later again (not restarting the  client), there
+	// and isValidCert returns false
-	// should be a valid openvpn.pem
+	// If we start OpenVPN later again (not restarting the client), there
+	// should be a valid openvpn.pem and isValidCert should return true
 	// If there is no valid openvpn.pem, fetch a new one from menshen
 	// Note: b.tempdir is unique for every run of the desktop client
 	if !isValidCert(b.certPemPath) {

--- a/pkg/vpn/utils.go
+++ b/pkg/vpn/utils.go
@@ -40,18 +40,19 @@ func isUpgradeAvailable() bool {
 func isValidCert(path string) bool {
 	log.Trace().
 		Str("path", path).
-		Msg("Checking for a valid OpenVPN client credentials (key and certificate)")
+		Msg("Checking for valid OpenVPN client credentials (key and certificate)")
 	data, err := ioutil.ReadFile(path)
 	if err != nil {
 		log.Debug().
 			Str("path", path).
+			Str("err", err.Error()).
 			Msg("Could not read certificate file")
 		return false
 	}
 	pkBlock, rest := pem.Decode(data)
-	if rest == nil {
+	if rest == nil || pkBlock == nil {
 		log.Warn().
 			Str("data", string(data)).
 			Msg("Could not decode pem data")