mirror of
https://github.com/lidarr/Lidarr
synced 2024-12-22 15:53:23 +00:00
New: Add exception to SSL Certificate validation message
(cherry picked from commit d84c4500949a530fac92d73f7f2f8e8462b37244) Closes #5103
This commit is contained in:
parent
b2a4c75cce
commit
856ac2ffa5
2 changed files with 53 additions and 17 deletions
52
src/Lidarr.Api.V1/Config/CertificateValidator.cs
Normal file
52
src/Lidarr.Api.V1/Config/CertificateValidator.cs
Normal file
|
@ -0,0 +1,52 @@
|
||||||
|
using System.Security.Cryptography;
|
||||||
|
using System.Security.Cryptography.X509Certificates;
|
||||||
|
using FluentValidation;
|
||||||
|
using FluentValidation.Validators;
|
||||||
|
using NLog;
|
||||||
|
using NzbDrone.Common.Instrumentation;
|
||||||
|
|
||||||
|
namespace Lidarr.Api.V1.Config
|
||||||
|
{
|
||||||
|
public static class CertificateValidation
|
||||||
|
{
|
||||||
|
public static IRuleBuilderOptions<T, string> IsValidCertificate<T>(this IRuleBuilder<T, string> ruleBuilder)
|
||||||
|
{
|
||||||
|
return ruleBuilder.SetValidator(new CertificateValidator());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public class CertificateValidator : PropertyValidator
|
||||||
|
{
|
||||||
|
protected override string GetDefaultMessageTemplate() => "Invalid SSL certificate file or password. {message}";
|
||||||
|
|
||||||
|
private static readonly Logger Logger = NzbDroneLogger.GetLogger(typeof(CertificateValidator));
|
||||||
|
|
||||||
|
protected override bool IsValid(PropertyValidatorContext context)
|
||||||
|
{
|
||||||
|
if (context.PropertyValue == null)
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (context.InstanceToValidate is not HostConfigResource resource)
|
||||||
|
{
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
catch (CryptographicException ex)
|
||||||
|
{
|
||||||
|
Logger.Debug(ex, "Invalid SSL certificate file or password. {0}", ex.Message);
|
||||||
|
|
||||||
|
context.MessageFormatter.AppendArgument("message", ex.Message);
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,7 +1,6 @@
|
||||||
using System.IO;
|
using System.IO;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Reflection;
|
using System.Reflection;
|
||||||
using System.Security.Cryptography.X509Certificates;
|
|
||||||
using FluentValidation;
|
using FluentValidation;
|
||||||
using Lidarr.Http;
|
using Lidarr.Http;
|
||||||
using Lidarr.Http.REST;
|
using Lidarr.Http.REST;
|
||||||
|
@ -58,7 +57,7 @@ public HostConfigController(IConfigFileProvider configFileProvider,
|
||||||
.NotEmpty()
|
.NotEmpty()
|
||||||
.IsValidPath()
|
.IsValidPath()
|
||||||
.SetValidator(fileExistsValidator)
|
.SetValidator(fileExistsValidator)
|
||||||
.Must((resource, path) => IsValidSslCertificate(resource)).WithMessage("Invalid SSL certificate file or password")
|
.IsValidCertificate()
|
||||||
.When(c => c.EnableSsl);
|
.When(c => c.EnableSsl);
|
||||||
|
|
||||||
SharedValidator.RuleFor(c => c.LogSizeLimit).InclusiveBetween(1, 10);
|
SharedValidator.RuleFor(c => c.LogSizeLimit).InclusiveBetween(1, 10);
|
||||||
|
@ -71,21 +70,6 @@ public HostConfigController(IConfigFileProvider configFileProvider,
|
||||||
SharedValidator.RuleFor(c => c.BackupRetention).InclusiveBetween(1, 90);
|
SharedValidator.RuleFor(c => c.BackupRetention).InclusiveBetween(1, 90);
|
||||||
}
|
}
|
||||||
|
|
||||||
private bool IsValidSslCertificate(HostConfigResource resource)
|
|
||||||
{
|
|
||||||
X509Certificate2 cert;
|
|
||||||
try
|
|
||||||
{
|
|
||||||
cert = new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
|
|
||||||
}
|
|
||||||
catch
|
|
||||||
{
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return cert != null;
|
|
||||||
}
|
|
||||||
|
|
||||||
private bool IsMatchingPassword(HostConfigResource resource)
|
private bool IsMatchingPassword(HostConfigResource resource)
|
||||||
{
|
{
|
||||||
var user = _userService.FindUser();
|
var user = _userService.FindUser();
|
||||||
|
|
Loading…
Reference in a new issue