Mirrors/Radarr
1
0
Fork 0
mirror of https://github.com/Radarr/Radarr.git synced 2024-11-20 01:42:35 +01:00
Code Issues Releases Wiki Activity

New: Add exception to SSL Certificate validation message

Browse Source 
(cherry picked from commit d84c4500949a530fac92d73f7f2f8e8462b37244)

Closes #10437
This commit is contained in:
Mark McDowall 2024-09-14 13:40:02 -07:00 committed by Bogdan
parent 348060351a
commit c1f1307345
2 changed files with 53 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
src/Radarr.Api.V3/Config/CertificateValidator.cs Normal file
View File

@ -0,0 +1,52 @@
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using FluentValidation;
using FluentValidation.Validators;
using NLog;
using NzbDrone.Common.Instrumentation;
namespace Radarr.Api.V3.Config
{
public static class CertificateValidation
{
public static IRuleBuilderOptions<T, string> IsValidCertificate<T>(this IRuleBuilder<T, string> ruleBuilder)
{
return ruleBuilder.SetValidator(new CertificateValidator());
}
}
public class CertificateValidator : PropertyValidator
{
protected override string GetDefaultMessageTemplate() => "Invalid SSL certificate file or password. {message}";
private static readonly Logger Logger = NzbDroneLogger.GetLogger(typeof(CertificateValidator));
protected override bool IsValid(PropertyValidatorContext context)
{
if (context.PropertyValue == null)
{
return false;
}
if (context.InstanceToValidate is not HostConfigResource resource)
{
return true;
}
try
{
new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
return true;
}
catch (CryptographicException ex)
{
Logger.Debug(ex, "Invalid SSL certificate file or password. {0}", ex.Message);
context.MessageFormatter.AppendArgument("message", ex.Message);
return false;
}
}
}
}

18
src/Radarr.Api.V3/Config/HostConfigController.cs
View File

@ -1,7 +1,6 @@
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Reflection; using System.Reflection;
using System.Security.Cryptography.X509Certificates;
using FluentValidation; using FluentValidation;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using NzbDrone.Common.Extensions; using NzbDrone.Common.Extensions;
@ -58,7 +57,7 @@ public HostConfigController(IConfigFileProvider configFileProvider,
.NotEmpty() .NotEmpty()
.IsValidPath() .IsValidPath()
.SetValidator(fileExistsValidator) .SetValidator(fileExistsValidator)
.Must((resource, path) => IsValidSslCertificate(resource)).WithMessage("Invalid SSL certificate file or password") .IsValidCertificate()
.When(c => c.EnableSsl); .When(c => c.EnableSsl);
SharedValidator.RuleFor(c => c.LogSizeLimit).InclusiveBetween(1, 10); SharedValidator.RuleFor(c => c.LogSizeLimit).InclusiveBetween(1, 10);
@ -71,21 +70,6 @@ public HostConfigController(IConfigFileProvider configFileProvider,
SharedValidator.RuleFor(c => c.BackupRetention).InclusiveBetween(1, 90); SharedValidator.RuleFor(c => c.BackupRetention).InclusiveBetween(1, 90);
} }
private bool IsValidSslCertificate(HostConfigResource resource)
{
X509Certificate2 cert;
try
{
cert = new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
}
catch
{
return false;
}
return cert != null;
}
private bool IsMatchingPassword(HostConfigResource resource) private bool IsMatchingPassword(HostConfigResource resource)
{ {
var user = _userService.FindUser(); var user = _userService.FindUser();