add an extra check for existing "api ..." line in the config.
move the check of existing "account ..." line from main.c to the parser.
The first one actually triggers a null deref later on if you have a broken
config.
ok?
diff --git usr.sbin/acme-client/main.c usr.sbin/acme-client/main.c
index d96bf40e036..fd0f7339891 100644
--- usr.sbin/acme-client/main.c
+++ usr.sbin/acme-client/main.c
@@ -156,11 +156,6 @@ main(int argc, char *argv[])
acctkey = authority->account;
- if (acctkey == NULL) {
- /* XXX replace with existance check in parse.y */
- err(EXIT_FAILURE, "no account key in config?");
- }
-
if ((chngdir = domain->challengedir) == NULL)
if ((chngdir = strdup(WWW_DIR)) == NULL)
err(EXIT_FAILURE, "strdup");
diff --git usr.sbin/acme-client/parse.y usr.sbin/acme-client/parse.y
index dc38e120bb6..abc7da6f8fa 100644
--- usr.sbin/acme-client/parse.y
+++ usr.sbin/acme-client/parse.y
@@ -186,7 +186,16 @@ authority : AUTHORITY STRING {
YYERROR;
}
} '{' optnl authorityopts_l '}' {
- /* XXX enforce minimum config here */
+ if (auth->api == NULL) {
+ yyerror("authority %s: no api URL specified",
+ auth->name);
+ YYERROR;
+ }
+ if (auth->account == NULL) {
+ yyerror("authority %s: no account key file "
+ "specified", auth->name);
+ YYERROR;
+ }
auth = NULL;
}
;
