fix bug due to unset vars

Author: aptalca

README.md

@@ -206,6 +206,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
 
 ## Versions
 
+* **30.07.20:** - Fix bug related to unset optional `CERTFILE` and `KEYFILE` vars.
 * **27.07.20:** - Add support for HTTP over SSL (HTTPS).
 * **21.07.20:** - Add support for optional user defined fernet key.
 * **02.06.20:** - Rebasing to alpine 3.12, serve login page at `/ldaplogin` as well as `/login`, to prevent clashes with reverese proxied apps.

readme-vars.yml

@@ -43,6 +43,7 @@ app_setup_block: |
 
 # changelog
 changelogs:
+  - { date: "30.07.20:", desc: "Fix bug related to unset optional `CERTFILE` and `KEYFILE` vars." }
   - { date: "27.07.20:", desc: "Add support for HTTP over SSL (HTTPS)." }
   - { date: "21.07.20:", desc: "Add support for optional user defined fernet key." }
   - { date: "02.06.20:", desc: "Rebasing to alpine 3.12, serve login page at `/ldaplogin` as well as `/login`, to prevent clashes with reverese proxied apps." }

root/app/nginx-ldap-auth-daemon.py

@@ -336,7 +336,7 @@ def exit_handler(signal, frame):
     }
     LDAPAuthHandler.set_params(auth_params)
     server = AuthHTTPServer(Listen, LDAPAuthHandler)
-    if os.path.isfile(os.environ.get("CERTFILE")) and os.path.isfile(os.environ.get("KEYFILE")):
+    if os.environ.get("CERTFILE") and os.environ.get("KEYFILE") and os.path.isfile(os.environ.get("CERTFILE")) and os.path.isfile(os.environ.get("KEYFILE")):
         import ssl
         server.socket = ssl.wrap_socket (server.socket, certfile=os.environ.get("CERTFILE"), keyfile=os.environ.get("KEYFILE"), server_side=True)
         sys.stdout.write("SSL enabled using certificate file %s and key file %s\n" % (os.environ.get("CERTFILE"), os.environ.get("KEYFILE")))