lib/common: Move SSL certificate path definition to common location

src/lib/common/DataDirectories.h

@@ -38,6 +38,7 @@ public:
     static fs::path local_ssl_fingerprints_path();
     static fs::path trusted_servers_ssl_fingerprints_path();
     static fs::path trusted_clients_ssl_fingerprints_path();
+    static fs::path ssl_certificate_path();
 private:
     static fs::path _profile;
     static fs::path _global;

src/lib/common/DataDirectories_static.cpp

@@ -48,4 +48,9 @@ fs::path DataDirectories::trusted_clients_ssl_fingerprints_path()
     return ssl_fingerprints_path() / kFingerprintsTrustedClientsFilename;
 }
 
+fs::path DataDirectories::ssl_certificate_path()
+{
+    return profile() / "SSL" / "Barrier.pem";
+}
+
 } // namespace barrier

src/lib/net/SecureListenSocket.cpp

@@ -25,13 +25,6 @@
 #include "common/DataDirectories.h"
 #include "base/String.h"
 
-static const char s_certificateDir[] = { "SSL" };
-static const char s_certificateFilename[] = { "Barrier.pem" };
-
-//
-// SecureListenSocket
-//
-
 SecureListenSocket::SecureListenSocket(
         IEventQueue* events,
         SocketMultiplexer* socketMultiplexer,
@@ -55,12 +48,7 @@ SecureListenSocket::accept()
             setListeningJob();
         }
 
-        std::string certificateFilename = barrier::string::sprintf("%s/%s/%s",
+        bool loaded = socket->load_certificates(barrier::DataDirectories::ssl_certificate_path());
-                                        barrier::DataDirectories::profile().c_str(),
-                                        s_certificateDir,
-                                        s_certificateFilename);
-
-        bool loaded = socket->loadCertificates(certificateFilename);
         if (!loaded) {
             delete socket;
             return NULL;

src/lib/net/SecureSocket.cpp

@@ -327,35 +327,35 @@ SecureSocket::initSsl(bool server)
     initContext(server);
 }
 
-bool SecureSocket::loadCertificates(const std::string& filename)
+bool SecureSocket::load_certificates(const barrier::fs::path& path)
 {
-    if (filename.empty()) {
+    if (path.empty()) {
         showError("ssl certificate is not specified");
         return false;
     }
     else {
-        if (!barrier::fs::is_regular_file(barrier::fs::u8path(filename))) {
+        if (!barrier::fs::is_regular_file(path)) {
-            showError("ssl certificate doesn't exist: " + filename);
+            showError("ssl certificate doesn't exist: " + path.u8string());
             return false;
         }
     }
 
     int r = 0;
-    r = SSL_CTX_use_certificate_file(m_ssl->m_context, filename.c_str(), SSL_FILETYPE_PEM);
+    r = SSL_CTX_use_certificate_file(m_ssl->m_context, path.u8string().c_str(), SSL_FILETYPE_PEM);
     if (r <= 0) {
-        showError("could not use ssl certificate: " + filename);
+        showError("could not use ssl certificate: " + path.u8string());
         return false;
     }
 
-    r = SSL_CTX_use_PrivateKey_file(m_ssl->m_context, filename.c_str(), SSL_FILETYPE_PEM);
+    r = SSL_CTX_use_PrivateKey_file(m_ssl->m_context, path.u8string().c_str(), SSL_FILETYPE_PEM);
     if (r <= 0) {
-        showError("could not use ssl private key: " + filename);
+        showError("could not use ssl private key: " + path.u8string());
         return false;
     }
 
     r = SSL_CTX_check_private_key(m_ssl->m_context);
     if (!r) {
-        showError("could not verify ssl private key: " + filename);
+        showError("could not verify ssl private key: " + path.u8string());
         return false;
     }
 

src/lib/net/SecureSocket.h

@@ -19,6 +19,7 @@
 
 #include "net/TCPSocket.h"
 #include "net/XSocket.h"
+#include "io/filesystem.h"
 
 class IEventQueue;
 class SocketMultiplexer;
@@ -55,7 +56,7 @@ public:
     EJobResult            doRead() override;
     EJobResult            doWrite() override;
     void                initSsl(bool server);
-    bool loadCertificates(const std::string& filename);
+    bool load_certificates(const barrier::fs::path& path);
 
 private:
     // SSL