From 1df46520ee6ee6c5afc3764af8efbc4d71b41ec1 Mon Sep 17 00:00:00 2001
From: Philippe Larose <philippe.larose@savoirfairelinux.com>
Date: Fri, 30 Aug 2024 10:01:11 -0400
Subject: [PATCH] jams-server: prevent server start if CA failed to load

If the config.json file is corrupted, JAMS may start even though its CA
is null. In this state, the server cannot authenticate any user and is
not operational.

Ticket: https://redmine.savoirfairelinux.com/issues/7668
Change-Id: I61e69200af1089a085991176fa6bb6273ecc2e82
---
 jams-server/src/main/java/net/jami/jams/server/Server.java    | 4 ++++
 .../java/net/jami/jams/server/startup/CryptoEngineLoader.java | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/jams-server/src/main/java/net/jami/jams/server/Server.java b/jams-server/src/main/java/net/jami/jams/server/Server.java
index 4c5273bc..23ac0f9e 100644
--- a/jams-server/src/main/java/net/jami/jams/server/Server.java
+++ b/jams-server/src/main/java/net/jami/jams/server/Server.java
@@ -168,6 +168,10 @@ public class Server {
         certificateAuthority =
                 CryptoEngineLoader.loadCertificateAuthority(
                         serverSettings.getCaConfiguration(), dataStore);
+        if (certificateAuthority == null) {
+            log.error("Could not load certificate authority - this is critical");
+            System.exit(1);
+        }
         userAuthenticationModule =
                 AuthModuleLoader.loadAuthenticationModule(dataStore, certificateAuthority);
 
diff --git a/jams-server/src/main/java/net/jami/jams/server/startup/CryptoEngineLoader.java b/jams-server/src/main/java/net/jami/jams/server/startup/CryptoEngineLoader.java
index 3ce6ba76..ea30acd6 100644
--- a/jams-server/src/main/java/net/jami/jams/server/startup/CryptoEngineLoader.java
+++ b/jams-server/src/main/java/net/jami/jams/server/startup/CryptoEngineLoader.java
@@ -51,7 +51,7 @@ public class CryptoEngineLoader {
                     "Loaded X509 Engine - please make sure it is initialized before using it to sign requests!");
             return certificateAuthority;
         } catch (Exception e) {
-            log.error("Unable to load X509 Engine!");
+            log.error("Load X509 Engine failed with error:", e);
             return null;
         }
     }
-- 
GitLab