add support for cert with password

This commit is contained in:
Luke Pulverenti 2017-04-30 22:22:13 -04:00
parent c197360047
commit dbfb1fb370
7 changed files with 40 additions and 20 deletions

View File

@ -257,7 +257,7 @@ namespace Emby.Server.Core
internal IPowerManagement PowerManagement { get; private set; }
internal IImageEncoder ImageEncoder { get; private set; }
private readonly Action<string, string> _certificateGenerator;
private readonly Action<string, string, string> _certificateGenerator;
private readonly Func<string> _defaultUserNameFactory;
/// <summary>
@ -274,7 +274,7 @@ namespace Emby.Server.Core
ISystemEvents systemEvents,
IMemoryStreamFactory memoryStreamFactory,
INetworkManager networkManager,
Action<string, string> certificateGenerator,
Action<string, string, string> certificateGenerator,
Func<string> defaultUsernameFactory)
: base(applicationPaths,
logManager,
@ -609,8 +609,8 @@ namespace Emby.Server.Core
RegisterSingleInstance<ISearchEngine>(() => new SearchEngine(LogManager, LibraryManager, UserManager));
CertificatePath = GetCertificatePath(true);
Certificate = GetCertificate(CertificatePath);
CertificateInfo = GetCertificateInfo(true);
Certificate = GetCertificate(CertificateInfo);
HttpServer = HttpServerFactory.CreateServer(this, LogManager, ServerConfigurationManager, NetworkManager, MemoryStreamFactory, "Emby", "web/index.html", textEncoding, SocketFactory, CryptographyProvider, JsonSerializer, XmlSerializer, EnvironmentInfo, Certificate, FileSystemManager, SupportsDualModeSockets);
HttpServer.GlobalResponse = LocalizationManager.GetLocalizedString("StartupEmbyServerIsLoading");
@ -745,8 +745,10 @@ namespace Emby.Server.Core
}
}
private ICertificate GetCertificate(string certificateLocation)
private ICertificate GetCertificate(CertificateInfo info)
{
var certificateLocation = info == null ? null : info.Path;
if (string.IsNullOrWhiteSpace(certificateLocation))
{
return null;
@ -759,7 +761,7 @@ namespace Emby.Server.Core
return null;
}
X509Certificate2 localCert = new X509Certificate2(certificateLocation);
X509Certificate2 localCert = new X509Certificate2(certificateLocation, info.Password);
//localCert.PrivateKey = PrivateKey.CreateFromFile(pvk_file).RSA;
if (!localCert.HasPrivateKey)
{
@ -1064,7 +1066,7 @@ namespace Emby.Server.Core
SyncManager.AddParts(GetExports<ISyncProvider>());
}
private string CertificatePath { get; set; }
private CertificateInfo CertificateInfo { get; set; }
private ICertificate Certificate { get; set; }
private IEnumerable<string> GetUrlPrefixes()
@ -1080,7 +1082,7 @@ namespace Emby.Server.Core
"http://"+i+":" + HttpPort + "/"
};
if (!string.IsNullOrWhiteSpace(CertificatePath))
if (CertificateInfo != null)
{
prefixes.Add("https://" + i + ":" + HttpsPort + "/");
}
@ -1123,17 +1125,21 @@ namespace Emby.Server.Core
}
}
private string GetCertificatePath(bool generateCertificate)
private CertificateInfo GetCertificateInfo(bool generateCertificate)
{
if (!string.IsNullOrWhiteSpace(ServerConfigurationManager.Configuration.CertificatePath))
{
// Custom cert
return ServerConfigurationManager.Configuration.CertificatePath;
return new CertificateInfo
{
Path = ServerConfigurationManager.Configuration.CertificatePath
};
}
// Generate self-signed cert
var certHost = GetHostnameFromExternalDns(ServerConfigurationManager.Configuration.WanDdns);
var certPath = Path.Combine(ServerConfigurationManager.ApplicationPaths.ProgramDataPath, "ssl", "cert_" + (certHost + "1").GetMD5().ToString("N") + ".pfx");
var password = "embycert";
if (generateCertificate)
{
@ -1143,7 +1149,7 @@ namespace Emby.Server.Core
try
{
_certificateGenerator(certPath, certHost);
_certificateGenerator(certPath, certHost, password);
}
catch (Exception ex)
{
@ -1153,7 +1159,11 @@ namespace Emby.Server.Core
}
}
return certPath;
return new CertificateInfo
{
Path = certPath,
Password = password
};
}
/// <summary>
@ -1189,7 +1199,11 @@ namespace Emby.Server.Core
requiresRestart = true;
}
if (!string.Equals(CertificatePath, GetCertificatePath(false), StringComparison.OrdinalIgnoreCase))
var currentCertPath = CertificateInfo == null ? null : CertificateInfo.Path;
var newCertInfo = GetCertificateInfo(false);
var newCertPath = newCertInfo == null ? null : newCertInfo.Path;
if (!string.Equals(currentCertPath, newCertPath, StringComparison.OrdinalIgnoreCase))
{
requiresRestart = true;
}
@ -1779,6 +1793,11 @@ namespace Emby.Server.Core
{
Container.Register(typeInterface, typeImplementation);
}
}
internal class CertificateInfo
{
public string Path { get; set; }
public string Password { get; set; }
}
}

View File

@ -18,7 +18,7 @@ namespace MediaBrowser.Server.Mac
{
public class MacAppHost : ApplicationHost
{
public MacAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action<string, string> certificateGenerator, Func<string> defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory)
public MacAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action<string, string, string> certificateGenerator, Func<string> defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory)
{
}

View File

@ -19,7 +19,7 @@ namespace MediaBrowser.Server.Mono
{
public class MonoAppHost : ApplicationHost
{
public MonoAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action<string, string> certificateGenerator, Func<string> defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory)
public MonoAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action<string, string, string> certificateGenerator, Func<string> defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory)
{
}

View File

@ -159,9 +159,9 @@ namespace MediaBrowser.Server.Mono
Task.WaitAll(task);
}
private static void GenerateCertificate(string certPath, string certHost)
private static void GenerateCertificate(string certPath, string certHost, string certPassword)
{
CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, _logger);
CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, certPassword, _logger);
}
private static MonoEnvironmentInfo GetEnvironmentInfo()

View File

@ -12,6 +12,7 @@ namespace Emby.Common.Implementations.Security
public static void CreateSelfSignCertificatePfx(
string fileName,
string hostname,
string password,
ILogger logger)
{
if (string.IsNullOrWhiteSpace(fileName))

View File

@ -391,9 +391,9 @@ namespace MediaBrowser.ServerApplication
}
}
private static void GenerateCertificate(string certPath, string certHost)
private static void GenerateCertificate(string certPath, string certHost, string certPassword)
{
CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, _logger);
CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, certPassword, _logger);
}
private static ServerNotifyIcon _serverNotifyIcon;

View File

@ -25,7 +25,7 @@ namespace MediaBrowser.ServerApplication
{
public class WindowsAppHost : ApplicationHost
{
public WindowsAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action<string, string> certificateGenerator, Func<string> defaultUsernameFactory)
public WindowsAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action<string, string, string> certificateGenerator, Func<string> defaultUsernameFactory)
: base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory)
{
}