From bd07cb35071e16f8aa3fc08d9e3cb678e9b28f97 Mon Sep 17 00:00:00 2001
From: Solderpunk <solderpunk@posteo.net>
Date: Wed, 1 Mar 2023 19:50:45 +0100
Subject: [PATCH] Check for errors when parsing TLS certificates even after
 successful PEM decoding.

---
 launch.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/launch.go b/launch.go
index ce68dcb..b5c5fcc 100644
--- a/launch.go
+++ b/launch.go
@@ -76,6 +76,10 @@ func launch(sysConfig SysConfig, userConfig UserConfig, privInfo userInfo) int {
 		return 1
 	}
 	certx509, err := x509.ParseCertificate(certDer.Bytes)
+	if err != nil {
+		log.Println("Error parsing TLS certificate: " + err.Error())
+		return 1
+	}
 	err = certx509.VerifyHostname(sysConfig.Hostname)
 	if err != nil {
 		log.Println("Invalid TLS certificate: " + err.Error())