gui: Switch SSL certificate handler to barrier::fs paths

This commit is contained in:
Povilas Kanapickas 2021-11-01 04:29:54 +02:00
parent b76b332f2f
commit 0f3afed664
2 changed files with 17 additions and 41 deletions

View File

@ -22,41 +22,32 @@
#include "net/FingerprintDatabase.h" #include "net/FingerprintDatabase.h"
#include "net/SecureUtils.h" #include "net/SecureUtils.h"
#include <QProcess>
#include <QDir>
#include <QCoreApplication>
#include <openssl/bio.h> #include <openssl/bio.h>
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/pem.h> #include <openssl/pem.h>
#include <openssl/x509.h> #include <openssl/x509.h>
static const char kCertificateFilename[] = "Barrier.pem";
static const char kSslDir[] = "SSL";
SslCertificate::SslCertificate(QObject *parent) : SslCertificate::SslCertificate(QObject *parent) :
QObject(parent) QObject(parent)
{ {
m_ProfileDir = barrier::DataDirectories::profile(); if (barrier::DataDirectories::profile().empty()) {
if (m_ProfileDir.empty()) {
emit error(tr("Failed to get profile directory.")); emit error(tr("Failed to get profile directory."));
} }
} }
void SslCertificate::generateCertificate() void SslCertificate::generateCertificate()
{ {
auto cert_path = getCertificatePath(); auto cert_path = barrier::DataDirectories::ssl_certificate_path();
QFile file(QString::fromStdString(cert_path));
if (!file.exists() || !isCertificateValid(cert_path)) {
QDir sslDir(QString::fromStdString(getCertificateDirectory()));
if (!sslDir.exists()) {
sslDir.mkpath(".");
}
if (!barrier::fs::exists(cert_path) || !is_certificate_valid(cert_path)) {
try { try {
barrier::generate_pem_self_signed_cert(cert_path); auto cert_dir = cert_path.parent_path();
if (!barrier::fs::exists(cert_dir)) {
barrier::fs::create_directories(cert_dir);
}
barrier::generate_pem_self_signed_cert(cert_path.u8string());
} catch (const std::exception& e) { } catch (const std::exception& e) {
emit error(QString("SSL tool failed: %1").arg(e.what())); emit error(QString("SSL tool failed: %1").arg(e.what()));
return; return;
@ -65,19 +56,19 @@ void SslCertificate::generateCertificate()
emit info(tr("SSL certificate generated.")); emit info(tr("SSL certificate generated."));
} }
generateFingerprint(cert_path); generate_fingerprint(cert_path);
emit generateFinished(); emit generateFinished();
} }
void SslCertificate::generateFingerprint(const std::string& cert_path) void SslCertificate::generate_fingerprint(const barrier::fs::path& cert_path)
{ {
try { try {
auto local_path = barrier::DataDirectories::local_ssl_fingerprints_path(); auto local_path = barrier::DataDirectories::local_ssl_fingerprints_path();
barrier::FingerprintDatabase db; barrier::FingerprintDatabase db;
db.add_trusted(barrier::get_pem_file_cert_fingerprint(cert_path, db.add_trusted(barrier::get_pem_file_cert_fingerprint(cert_path.u8string(),
barrier::FingerprintType::SHA1)); barrier::FingerprintType::SHA1));
db.add_trusted(barrier::get_pem_file_cert_fingerprint(cert_path, db.add_trusted(barrier::get_pem_file_cert_fingerprint(cert_path.u8string(),
barrier::FingerprintType::SHA256)); barrier::FingerprintType::SHA256));
db.write(local_path); db.write(local_path);
@ -87,17 +78,7 @@ void SslCertificate::generateFingerprint(const std::string& cert_path)
} }
} }
std::string SslCertificate::getCertificatePath() bool SslCertificate::is_certificate_valid(const barrier::fs::path& path)
{
return getCertificateDirectory() + QDir::separator().toLatin1() + kCertificateFilename;
}
std::string SslCertificate::getCertificateDirectory()
{
return m_ProfileDir + QDir::separator().toLatin1() + kSslDir;
}
bool SslCertificate::isCertificateValid(const std::string& path)
{ {
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
ERR_load_crypto_strings(); ERR_load_crypto_strings();

View File

@ -19,6 +19,7 @@
#include <QObject> #include <QObject>
#include <string> #include <string>
#include "io/filesystem.h"
class SslCertificate : public QObject class SslCertificate : public QObject
{ {
@ -36,13 +37,7 @@ signals:
void generateFinished(); void generateFinished();
private: private:
std::pair<bool, std::string> runTool(const QStringList& args); void generate_fingerprint(const barrier::fs::path& cert_path);
void generateFingerprint(const std::string& cert_path);
std::string getCertificatePath(); bool is_certificate_valid(const barrier::fs::path& path);
std::string getCertificateDirectory();
bool isCertificateValid(const std::string& path);
private:
std::string m_ProfileDir;
}; };