~singpolyma/biboumi

f50f50653dc064575e4730c31b5615301f00e057 — louiz’ 8 years ago e1934a0
Refactor load_certs()
M louloulibs/network/credentials_manager.cpp => louloulibs/network/credentials_manager.cpp +26 -21
@@ 29,7 29,7 @@ BasicCredentialsManager::BasicCredentialsManager(const TCPSocketHandler* const s
    socket_handler(socket_handler),
    trusted_fingerprint{}
{
  this->load_certs();
  BasicCredentialsManager::load_certs();
}

void BasicCredentialsManager::set_trusted_fingerprint(const std::string& fingerprint)


@@ 62,17 62,8 @@ void BasicCredentialsManager::verify_certificate_chain(const std::string& type,
    }
}

void BasicCredentialsManager::load_certs()
bool BasicCredentialsManager::try_to_open_one_ca_bundle(const std::vector<std::string>& paths)
{
  //  Only load the certificates the first time
  if (BasicCredentialsManager::certs_loaded)
    return;
  const std::string conf_path = Config::get("ca_file", "");
  std::vector<std::string> paths;
  if (conf_path.empty())
    paths = default_cert_files;
  else
    paths.push_back(conf_path);
  for (const auto& path: paths)
    {
      try


@@ 87,25 78,39 @@ void BasicCredentialsManager::load_certs()
              // will be ignored. As a result, some TLS connection may be refused
              // because the certificate is signed by an issuer that was ignored.
              try {
                  const Botan::X509_Certificate cert(bundle);
                  BasicCredentialsManager::certificate_store.add_certificate(cert);
                } catch (const Botan::Decoding_Error& error)
                {
                  Botan::X509_Certificate cert(bundle);
                  BasicCredentialsManager::certificate_store.add_certificate(std::move(cert));
                } catch (const Botan::Decoding_Error& error) {
                  continue;
                }
            }
          // Only use the first file that can successfully be read.
          goto success;
          return true;
        }
      catch (Botan::Stream_IO_Error& e)
      catch (const Botan::Stream_IO_Error& e)
        {
          log_debug(e.what());
        }
    }
  //  If we could not open one of the files, print a warning
  log_warning("The CA could not be loaded, TLS negociation will probably fail.");
  success:
  BasicCredentialsManager::certs_loaded = true;
  return false;
}

void BasicCredentialsManager::load_certs()
{
  //  Only load the certificates the first time
  if (BasicCredentialsManager::certs_loaded)
    return;
  const std::string conf_path = Config::get("ca_file", "");
  std::vector<std::string> paths;
  if (conf_path.empty())
    paths = default_cert_files;
  else
    paths.push_back(conf_path);

  if (BasicCredentialsManager::try_to_open_one_ca_bundle(paths))
    BasicCredentialsManager::certs_loaded = true;
  else
    log_warning("The CA could not be loaded, TLS negociation will probably fail.");
}

std::vector<Botan::Certificate_Store*> BasicCredentialsManager::trusted_certificate_authorities(const std::string&, const std::string&)

M louloulibs/network/credentials_manager.hpp => louloulibs/network/credentials_manager.hpp +1 -0
@@ 29,6 29,7 @@ public:
private:
  const TCPSocketHandler* const socket_handler;

  static bool try_to_open_one_ca_bundle(const std::vector<std::string>& paths);
  static void load_certs();
  static Botan::Certificate_Store_In_Memory certificate_store;
  static bool certs_loaded;

M louloulibs/utils/encoding.cpp => louloulibs/utils/encoding.cpp +2 -2
@@ 151,7 151,7 @@ namespace utils
      throw std::runtime_error("Cannot convert into UTF-8");

    // Make sure cd is always closed when we leave this function
    const auto sg = utils::make_scope_guard([&](auto&&){ iconv_close(cd); });
    const auto sg = utils::make_scope_guard([&cd](auto&&){ iconv_close(cd); });

    size_t inbytesleft = str.size();



@@ 168,7 168,7 @@ namespace utils
    char* outbuf_ptr = outbuf;

    // Make sure outbuf is always deleted when we leave this function
    const auto sg2 = utils::make_scope_guard([&](auto&&){ delete[] outbuf; });
    const auto sg2 = utils::make_scope_guard([outbuf](auto&&){ delete[] outbuf; });

    bool done = false;
    while (done == false)