std::list<std::string> socket_helpers::connection_info::validate_ssl() { std::list<std::string> list; if (!ssl.enabled) return list; #ifndef USE_SSL list.push_back("SSL is not supported (not compiled with openssl)"); #endif #ifdef USE_SSL if (!ssl.certificate.empty() && !boost::filesystem::is_regular(ssl.certificate)) { if (boost::algorithm::ends_with(ssl.certificate, "/certificate.pem")) { list.push_back("Certificate not found: " + ssl.certificate + " (generating a default certificate)"); write_certs(ssl.certificate); } else list.push_back("Certificate not found: " + ssl.certificate); } if (!ssl.ca_path.empty() && !boost::filesystem::is_regular(ssl.ca_path)) { if (boost::algorithm::ends_with(ssl.ca_path, "/ca.pem")) { list.push_back("CA not found: " + ssl.ca_path + " (generating a default CA)"); write_certs(ssl.ca_path); } else list.push_back("CA Certificate not found: " + ssl.ca_path); } if (!ssl.certificate_key.empty() && !boost::filesystem::is_regular(ssl.certificate_key)) list.push_back("Certificate key not found: " + ssl.certificate_key); if (!ssl.dh_key.empty() && !boost::filesystem::is_regular(ssl.dh_key)) list.push_back("DH key not found: " + ssl.dh_key); #endif return list; }
void socket_helpers::validate_certificate(const std::string &certificate, std::list<std::string> &list) { #ifdef USE_SSL if (!certificate.empty() && !boost::filesystem::is_regular(certificate)) { if (boost::algorithm::ends_with(certificate, "/certificate.pem")) { list.push_back("Certificate not found: " + certificate + " (generating a default certificate)"); write_certs(certificate, false); } else if (boost::algorithm::ends_with(certificate, "/ca.pem")) { list.push_back("CA not found: " + certificate + " (generating a default CA)"); write_certs(certificate, true); } else list.push_back("Certificate not found: " + certificate); } #else list.push_back("SSL is not supported (not compiled with openssl)"); #endif }