Merge 366625510f into d5d4996c40

3 weeks ago · 911ea76a63
parent d5d4996c40 366625510f
commit 911ea76a63
2 changed files with 53 additions and 17 deletions
--- a/src/Readarr.Api.V1/Config/HostConfigController.cs
+++ b/src/Readarr.Api.V1/Config/HostConfigController.cs
@ -1,7 +1,6 @@
 using System.IO;
 using System.Linq;
 using System.Reflection;
-using System.Security.Cryptography.X509Certificates;
 using FluentValidation;
 using Microsoft.AspNetCore.Mvc;
 using NzbDrone.Common.Extensions;
@ -57,7 +56,7 @@ namespace Readarr.Api.V1.Config
                .NotEmpty()
                .IsValidPath()
                .SetValidator(fileExistsValidator)
-                .Must((resource, path) => IsValidSslCertificate(resource)).WithMessage("Invalid SSL certificate file or password")
+                .IsValidCertificate()
                .When(c => c.EnableSsl);

            SharedValidator.RuleFor(c => c.Branch).NotEmpty().WithMessage("Branch name is required, 'master' is the default");
@ -68,21 +67,6 @@ namespace Readarr.Api.V1.Config
            SharedValidator.RuleFor(c => c.BackupRetention).InclusiveBetween(1, 90);
        }

-        private bool IsValidSslCertificate(HostConfigResource resource)
-        {
-            X509Certificate2 cert;
-            try
-            {
-                cert = new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
-            }
-            catch
-            {
-                return false;
-            }
-
-            return cert != null;
-        }
-
        private bool IsMatchingPassword(HostConfigResource resource)
        {
            var user = _userService.FindUser();
--- a/src/Sonarr.Api.V3/Config/CertificateValidator.cs
+++ b/src/Sonarr.Api.V3/Config/CertificateValidator.cs
@ -0,0 +1,52 @@
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using FluentValidation;
+using FluentValidation.Validators;
+using NLog;
+using NzbDrone.Common.Instrumentation;
+
+namespace Sonarr.Api.V3.Config
+{
+    public static class CertificateValidation
+    {
+        public static IRuleBuilderOptions<T, string> IsValidCertificate<T>(this IRuleBuilder<T, string> ruleBuilder)
+        {
+            return ruleBuilder.SetValidator(new CertificateValidator());
+        }
+    }
+
+    public class CertificateValidator : PropertyValidator
+    {
+        protected override string GetDefaultMessageTemplate() => "Invalid SSL certificate file or password. {message}";
+
+        private static readonly Logger Logger = NzbDroneLogger.GetLogger(typeof(CertificateValidator));
+
+        protected override bool IsValid(PropertyValidatorContext context)
+        {
+            if (context.PropertyValue == null)
+            {
+                return false;
+            }
+
+            if (context.InstanceToValidate is not HostConfigResource resource)
+            {
+                return true;
+            }
+
+            try
+            {
+                new X509Certificate2(resource.SslCertPath, resource.SslCertPassword, X509KeyStorageFlags.DefaultKeySet);
+
+                return true;
+            }
+            catch (CryptographicException ex)
+            {
+                Logger.Debug(ex, "Invalid SSL certificate file or password. {0}", ex.Message);
+
+                context.MessageFormatter.AppendArgument("message", ex.Message);
+
+                return false;
+            }
+        }
+    }
+}