mirror of
https://github.com/lidarr/Lidarr
synced 2024-12-21 23:32:27 +00:00
New: Add exception to SSL Certificate validation message
(cherry picked from commit d84c4500949a530fac92d73f7f2f8e8462b37244) Closes #5103
This commit is contained in:
parent
b2a4c75cce
commit
856ac2ffa5
2 changed files with 53 additions and 17 deletions
52
src/Lidarr.Api.V1/Config/CertificateValidator.cs
Normal file
52
src/Lidarr.Api.V1/Config/CertificateValidator.cs
Normal file
|
@ -0,0 +1,52 @@
|
|||
using System.Security.Cryptography;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using FluentValidation;
|
||||
using FluentValidation.Validators;
|
||||
using NLog;
|
||||
using NzbDrone.Common.Instrumentation;
|
||||
|
||||
namespace Lidarr.Api.V1.Config
|
||||
{
|
||||
public static class CertificateValidation
|
||||
{
|
||||
public static IRuleBuilderOptions<T, string> IsValidCertificate<T>(this IRuleBuilder<T, string> ruleBuilder)
|
||||
{
|
||||
return ruleBuilder.SetValidator(new CertificateValidator());
|
||||
}
|
||||
}
|
||||
|
||||
public class CertificateValidator : PropertyValidator
|
||||
{
|
||||
protected override string GetDefaultMessageTemplate() => "Invalid SSL certificate file or password. {message}";
|
||||
|
||||
private static readonly Logger Logger = NzbDroneLogger.GetLogger(typeof(CertificateValidator));
|
||||
|
||||
protected override bool IsValid(PropertyValidatorContext context)
|
||||
{
|
||||
if (context.PropertyValue == null)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
if (context.InstanceToValidate is not HostConfigResource resource)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
|
||||
|
||||
return true;
|
||||
}
|
||||
catch (CryptographicException ex)
|
||||
{
|
||||
Logger.Debug(ex, "Invalid SSL certificate file or password. {0}", ex.Message);
|
||||
|
||||
context.MessageFormatter.AppendArgument("message", ex.Message);
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,7 +1,6 @@
|
|||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Reflection;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using FluentValidation;
|
||||
using Lidarr.Http;
|
||||
using Lidarr.Http.REST;
|
||||
|
@ -58,7 +57,7 @@ public HostConfigController(IConfigFileProvider configFileProvider,
|
|||
.NotEmpty()
|
||||
.IsValidPath()
|
||||
.SetValidator(fileExistsValidator)
|
||||
.Must((resource, path) => IsValidSslCertificate(resource)).WithMessage("Invalid SSL certificate file or password")
|
||||
.IsValidCertificate()
|
||||
.When(c => c.EnableSsl);
|
||||
|
||||
SharedValidator.RuleFor(c => c.LogSizeLimit).InclusiveBetween(1, 10);
|
||||
|
@ -71,21 +70,6 @@ public HostConfigController(IConfigFileProvider configFileProvider,
|
|||
SharedValidator.RuleFor(c => c.BackupRetention).InclusiveBetween(1, 90);
|
||||
}
|
||||
|
||||
private bool IsValidSslCertificate(HostConfigResource resource)
|
||||
{
|
||||
X509Certificate2 cert;
|
||||
try
|
||||
{
|
||||
cert = new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
|
||||
}
|
||||
catch
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
return cert != null;
|
||||
}
|
||||
|
||||
private bool IsMatchingPassword(HostConfigResource resource)
|
||||
{
|
||||
var user = _userService.FindUser();
|
||||
|
|
Loading…
Reference in a new issue