std::list<std::string> socket_helpers::connection_info::validate_ssl() {
std::list<std::string> list;
if (!ssl.enabled)
return list;
#ifndef USE_SSL
list.push_back("SSL is not supported (not compiled with openssl)");
#endif
#ifdef USE_SSL
if (!ssl.certificate.empty() && !boost::filesystem::is_regular(ssl.certificate)) {
if (boost::algorithm::ends_with(ssl.certificate, "/certificate.pem")) {
list.push_back("Certificate not found: " + ssl.certificate + " (generating a default certificate)");
write_certs(ssl.certificate);
} else
list.push_back("Certificate not found: " + ssl.certificate);
}
if (!ssl.ca_path.empty() && !boost::filesystem::is_regular(ssl.ca_path)) {
if (boost::algorithm::ends_with(ssl.ca_path, "/ca.pem")) {
list.push_back("CA not found: " + ssl.ca_path + " (generating a default CA)");
write_certs(ssl.ca_path);
} else
list.push_back("CA Certificate not found: " + ssl.ca_path);
}
if (!ssl.certificate_key.empty() && !boost::filesystem::is_regular(ssl.certificate_key))
list.push_back("Certificate key not found: " + ssl.certificate_key);
if (!ssl.dh_key.empty() && !boost::filesystem::is_regular(ssl.dh_key))
list.push_back("DH key not found: " + ssl.dh_key);
#endif
return list;
}
void socket_helpers::validate_certificate(const std::string &certificate, std::list<std::string> &list) {
#ifdef USE_SSL
if (!certificate.empty() && !boost::filesystem::is_regular(certificate)) {
if (boost::algorithm::ends_with(certificate, "/certificate.pem")) {
list.push_back("Certificate not found: " + certificate + " (generating a default certificate)");
write_certs(certificate, false);
} else if (boost::algorithm::ends_with(certificate, "/ca.pem")) {
list.push_back("CA not found: " + certificate + " (generating a default CA)");
write_certs(certificate, true);
} else
list.push_back("Certificate not found: " + certificate);
}
#else
list.push_back("SSL is not supported (not compiled with openssl)");
#endif
}
