From dbfb1fb3705f7d1f562f28ed0126933dd423f814 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Sun, 30 Apr 2017 22:22:13 -0400 Subject: [PATCH] add support for cert with password --- Emby.Server.Core/ApplicationHost.cs | 45 +++++++++++++------ MediaBrowser.Server.Mac/MacAppHost.cs | 2 +- MediaBrowser.Server.Mono/MonoAppHost.cs | 2 +- MediaBrowser.Server.Mono/Program.cs | 4 +- .../Cryptography/CertificateGenerator.cs | 1 + MediaBrowser.ServerApplication/MainStartup.cs | 4 +- .../WindowsAppHost.cs | 2 +- 7 files changed, 40 insertions(+), 20 deletions(-) diff --git a/Emby.Server.Core/ApplicationHost.cs b/Emby.Server.Core/ApplicationHost.cs index b7309de66..05f6c4309 100644 --- a/Emby.Server.Core/ApplicationHost.cs +++ b/Emby.Server.Core/ApplicationHost.cs @@ -257,7 +257,7 @@ namespace Emby.Server.Core internal IPowerManagement PowerManagement { get; private set; } internal IImageEncoder ImageEncoder { get; private set; } - private readonly Action _certificateGenerator; + private readonly Action _certificateGenerator; private readonly Func _defaultUserNameFactory; /// @@ -274,7 +274,7 @@ namespace Emby.Server.Core ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, INetworkManager networkManager, - Action certificateGenerator, + Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, @@ -609,8 +609,8 @@ namespace Emby.Server.Core RegisterSingleInstance(() => new SearchEngine(LogManager, LibraryManager, UserManager)); - CertificatePath = GetCertificatePath(true); - Certificate = GetCertificate(CertificatePath); + CertificateInfo = GetCertificateInfo(true); + Certificate = GetCertificate(CertificateInfo); HttpServer = HttpServerFactory.CreateServer(this, LogManager, ServerConfigurationManager, NetworkManager, MemoryStreamFactory, "Emby", "web/index.html", textEncoding, SocketFactory, CryptographyProvider, JsonSerializer, XmlSerializer, EnvironmentInfo, Certificate, FileSystemManager, SupportsDualModeSockets); HttpServer.GlobalResponse = LocalizationManager.GetLocalizedString("StartupEmbyServerIsLoading"); @@ -745,8 +745,10 @@ namespace Emby.Server.Core } } - private ICertificate GetCertificate(string certificateLocation) + private ICertificate GetCertificate(CertificateInfo info) { + var certificateLocation = info == null ? null : info.Path; + if (string.IsNullOrWhiteSpace(certificateLocation)) { return null; @@ -759,7 +761,7 @@ namespace Emby.Server.Core return null; } - X509Certificate2 localCert = new X509Certificate2(certificateLocation); + X509Certificate2 localCert = new X509Certificate2(certificateLocation, info.Password); //localCert.PrivateKey = PrivateKey.CreateFromFile(pvk_file).RSA; if (!localCert.HasPrivateKey) { @@ -1064,7 +1066,7 @@ namespace Emby.Server.Core SyncManager.AddParts(GetExports()); } - private string CertificatePath { get; set; } + private CertificateInfo CertificateInfo { get; set; } private ICertificate Certificate { get; set; } private IEnumerable GetUrlPrefixes() @@ -1080,7 +1082,7 @@ namespace Emby.Server.Core "http://"+i+":" + HttpPort + "/" }; - if (!string.IsNullOrWhiteSpace(CertificatePath)) + if (CertificateInfo != null) { prefixes.Add("https://" + i + ":" + HttpsPort + "/"); } @@ -1123,17 +1125,21 @@ namespace Emby.Server.Core } } - private string GetCertificatePath(bool generateCertificate) + private CertificateInfo GetCertificateInfo(bool generateCertificate) { if (!string.IsNullOrWhiteSpace(ServerConfigurationManager.Configuration.CertificatePath)) { // Custom cert - return ServerConfigurationManager.Configuration.CertificatePath; + return new CertificateInfo + { + Path = ServerConfigurationManager.Configuration.CertificatePath + }; } // Generate self-signed cert var certHost = GetHostnameFromExternalDns(ServerConfigurationManager.Configuration.WanDdns); var certPath = Path.Combine(ServerConfigurationManager.ApplicationPaths.ProgramDataPath, "ssl", "cert_" + (certHost + "1").GetMD5().ToString("N") + ".pfx"); + var password = "embycert"; if (generateCertificate) { @@ -1143,7 +1149,7 @@ namespace Emby.Server.Core try { - _certificateGenerator(certPath, certHost); + _certificateGenerator(certPath, certHost, password); } catch (Exception ex) { @@ -1153,7 +1159,11 @@ namespace Emby.Server.Core } } - return certPath; + return new CertificateInfo + { + Path = certPath, + Password = password + }; } /// @@ -1189,7 +1199,11 @@ namespace Emby.Server.Core requiresRestart = true; } - if (!string.Equals(CertificatePath, GetCertificatePath(false), StringComparison.OrdinalIgnoreCase)) + var currentCertPath = CertificateInfo == null ? null : CertificateInfo.Path; + var newCertInfo = GetCertificateInfo(false); + var newCertPath = newCertInfo == null ? null : newCertInfo.Path; + + if (!string.Equals(currentCertPath, newCertPath, StringComparison.OrdinalIgnoreCase)) { requiresRestart = true; } @@ -1779,6 +1793,11 @@ namespace Emby.Server.Core { Container.Register(typeInterface, typeImplementation); } + } + internal class CertificateInfo + { + public string Path { get; set; } + public string Password { get; set; } } } diff --git a/MediaBrowser.Server.Mac/MacAppHost.cs b/MediaBrowser.Server.Mac/MacAppHost.cs index 304472529..4b29ba3a7 100644 --- a/MediaBrowser.Server.Mac/MacAppHost.cs +++ b/MediaBrowser.Server.Mac/MacAppHost.cs @@ -18,7 +18,7 @@ namespace MediaBrowser.Server.Mac { public class MacAppHost : ApplicationHost { - public MacAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) + public MacAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) { } diff --git a/MediaBrowser.Server.Mono/MonoAppHost.cs b/MediaBrowser.Server.Mono/MonoAppHost.cs index 54fd45019..09c409a2c 100644 --- a/MediaBrowser.Server.Mono/MonoAppHost.cs +++ b/MediaBrowser.Server.Mono/MonoAppHost.cs @@ -19,7 +19,7 @@ namespace MediaBrowser.Server.Mono { public class MonoAppHost : ApplicationHost { - public MonoAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) + public MonoAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) { } diff --git a/MediaBrowser.Server.Mono/Program.cs b/MediaBrowser.Server.Mono/Program.cs index dcd2dcaa6..b79c8c1f7 100644 --- a/MediaBrowser.Server.Mono/Program.cs +++ b/MediaBrowser.Server.Mono/Program.cs @@ -159,9 +159,9 @@ namespace MediaBrowser.Server.Mono Task.WaitAll(task); } - private static void GenerateCertificate(string certPath, string certHost) + private static void GenerateCertificate(string certPath, string certHost, string certPassword) { - CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, _logger); + CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, certPassword, _logger); } private static MonoEnvironmentInfo GetEnvironmentInfo() diff --git a/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs b/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs index 9e14b7713..a362045d0 100644 --- a/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs +++ b/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs @@ -12,6 +12,7 @@ namespace Emby.Common.Implementations.Security public static void CreateSelfSignCertificatePfx( string fileName, string hostname, + string password, ILogger logger) { if (string.IsNullOrWhiteSpace(fileName)) diff --git a/MediaBrowser.ServerApplication/MainStartup.cs b/MediaBrowser.ServerApplication/MainStartup.cs index 3643aab48..8e38c9a98 100644 --- a/MediaBrowser.ServerApplication/MainStartup.cs +++ b/MediaBrowser.ServerApplication/MainStartup.cs @@ -391,9 +391,9 @@ namespace MediaBrowser.ServerApplication } } - private static void GenerateCertificate(string certPath, string certHost) + private static void GenerateCertificate(string certPath, string certHost, string certPassword) { - CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, _logger); + CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, certPassword, _logger); } private static ServerNotifyIcon _serverNotifyIcon; diff --git a/MediaBrowser.ServerApplication/WindowsAppHost.cs b/MediaBrowser.ServerApplication/WindowsAppHost.cs index cd293fddf..537c8b323 100644 --- a/MediaBrowser.ServerApplication/WindowsAppHost.cs +++ b/MediaBrowser.ServerApplication/WindowsAppHost.cs @@ -25,7 +25,7 @@ namespace MediaBrowser.ServerApplication { public class WindowsAppHost : ApplicationHost { - public WindowsAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) + public WindowsAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) { }