rayelliott
/
barrier
mirror of https://github.com/debauchee/barrier.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

gui: Simplify isCertificateValid()

This commit is contained in:
Povilas Kanapickas 2021-11-01 02:52:49 +02:00
parent 7cced74119
commit a238b27879
1 changed files with 9 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/gui/src/SslCertificate.cpp
View File

@ -17,6 +17,8 @@
#include "SslCertificate.h" #include "SslCertificate.h"
#include "common/DataDirectories.h" #include "common/DataDirectories.h"
#include "base/finally.h"
#include "io/fstream.h"
#include "net/FingerprintDatabase.h" #include "net/FingerprintDatabase.h"
#include "net/SecureUtils.h" #include "net/SecureUtils.h"
@ -98,39 +100,32 @@ std::string SslCertificate::getCertificateDirectory()
bool SslCertificate::isCertificateValid(const std::string& path) bool SslCertificate::isCertificateValid(const std::string& path)
{ {
OpenSSL_add_all_algorithms(); OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
ERR_load_crypto_strings(); ERR_load_crypto_strings();
BIO* bio = BIO_new(BIO_s_file()); auto fp = barrier::fopen_utf8_path(path, "r");
if (!fp) {
auto ret = BIO_read_filename(bio, path.c_str());
if (!ret) {
emit info(tr("Could not read from default certificate file.")); emit info(tr("Could not read from default certificate file."));
BIO_free_all(bio);
return false; return false;
} }
auto file_close = barrier::finally([fp]() { std::fclose(fp); });
X509* cert = PEM_read_bio_X509(bio, NULL, 0, NULL); auto* cert = PEM_read_X509(fp, nullptr, nullptr, nullptr);
if (!cert) { if (!cert) {
emit info(tr("Error loading default certificate file to memory.")); emit info(tr("Error loading default certificate file to memory."));
BIO_free_all(bio);
return false; return false;
} }
auto cert_free = barrier::finally([cert]() { X509_free(cert); });
EVP_PKEY* pubkey = X509_get_pubkey(cert); auto* pubkey = X509_get_pubkey(cert);
if (!pubkey) { if (!pubkey) {
emit info(tr("Default certificate key file does not contain valid public key")); emit info(tr("Default certificate key file does not contain valid public key"));
X509_free(cert);
BIO_free_all(bio);
return false; return false;
} }
auto pubkey_free = barrier::finally([pubkey]() { EVP_PKEY_free(pubkey); });
auto type = EVP_PKEY_type(EVP_PKEY_id(pubkey)); auto type = EVP_PKEY_type(EVP_PKEY_id(pubkey));
if (type != EVP_PKEY_RSA && type != EVP_PKEY_DSA) { if (type != EVP_PKEY_RSA && type != EVP_PKEY_DSA) {
emit info(tr("Public key in default certificate key file is not RSA or DSA")); emit info(tr("Public key in default certificate key file is not RSA or DSA"));
EVP_PKEY_free(pubkey);
X509_free(cert);
BIO_free_all(bio);
return false; return false;
} }
@ -138,14 +133,8 @@ bool SslCertificate::isCertificateValid(const std::string& path)
if (bits < 2048) { if (bits < 2048) {
// We could have small keys in old barrier installations // We could have small keys in old barrier installations
emit info(tr("Public key in default certificate key file is too small.")); emit info(tr("Public key in default certificate key file is too small."));
EVP_PKEY_free(pubkey);
X509_free(cert);
BIO_free_all(bio);
return false; return false;
} }
EVP_PKEY_free(pubkey);
X509_free(cert);
BIO_free_all(bio);
return true; return true;
} }