From dbfb1fb3705f7d1f562f28ed0126933dd423f814 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Sun, 30 Apr 2017 22:22:13 -0400 Subject: [PATCH 1/3] add support for cert with password --- Emby.Server.Core/ApplicationHost.cs | 45 +++++++++++++------ MediaBrowser.Server.Mac/MacAppHost.cs | 2 +- MediaBrowser.Server.Mono/MonoAppHost.cs | 2 +- MediaBrowser.Server.Mono/Program.cs | 4 +- .../Cryptography/CertificateGenerator.cs | 1 + MediaBrowser.ServerApplication/MainStartup.cs | 4 +- .../WindowsAppHost.cs | 2 +- 7 files changed, 40 insertions(+), 20 deletions(-) diff --git a/Emby.Server.Core/ApplicationHost.cs b/Emby.Server.Core/ApplicationHost.cs index b7309de66..05f6c4309 100644 --- a/Emby.Server.Core/ApplicationHost.cs +++ b/Emby.Server.Core/ApplicationHost.cs @@ -257,7 +257,7 @@ namespace Emby.Server.Core internal IPowerManagement PowerManagement { get; private set; } internal IImageEncoder ImageEncoder { get; private set; } - private readonly Action _certificateGenerator; + private readonly Action _certificateGenerator; private readonly Func _defaultUserNameFactory; /// @@ -274,7 +274,7 @@ namespace Emby.Server.Core ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, INetworkManager networkManager, - Action certificateGenerator, + Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, @@ -609,8 +609,8 @@ namespace Emby.Server.Core RegisterSingleInstance(() => new SearchEngine(LogManager, LibraryManager, UserManager)); - CertificatePath = GetCertificatePath(true); - Certificate = GetCertificate(CertificatePath); + CertificateInfo = GetCertificateInfo(true); + Certificate = GetCertificate(CertificateInfo); HttpServer = HttpServerFactory.CreateServer(this, LogManager, ServerConfigurationManager, NetworkManager, MemoryStreamFactory, "Emby", "web/index.html", textEncoding, SocketFactory, CryptographyProvider, JsonSerializer, XmlSerializer, EnvironmentInfo, Certificate, FileSystemManager, SupportsDualModeSockets); HttpServer.GlobalResponse = LocalizationManager.GetLocalizedString("StartupEmbyServerIsLoading"); @@ -745,8 +745,10 @@ namespace Emby.Server.Core } } - private ICertificate GetCertificate(string certificateLocation) + private ICertificate GetCertificate(CertificateInfo info) { + var certificateLocation = info == null ? null : info.Path; + if (string.IsNullOrWhiteSpace(certificateLocation)) { return null; @@ -759,7 +761,7 @@ namespace Emby.Server.Core return null; } - X509Certificate2 localCert = new X509Certificate2(certificateLocation); + X509Certificate2 localCert = new X509Certificate2(certificateLocation, info.Password); //localCert.PrivateKey = PrivateKey.CreateFromFile(pvk_file).RSA; if (!localCert.HasPrivateKey) { @@ -1064,7 +1066,7 @@ namespace Emby.Server.Core SyncManager.AddParts(GetExports()); } - private string CertificatePath { get; set; } + private CertificateInfo CertificateInfo { get; set; } private ICertificate Certificate { get; set; } private IEnumerable GetUrlPrefixes() @@ -1080,7 +1082,7 @@ namespace Emby.Server.Core "http://"+i+":" + HttpPort + "/" }; - if (!string.IsNullOrWhiteSpace(CertificatePath)) + if (CertificateInfo != null) { prefixes.Add("https://" + i + ":" + HttpsPort + "/"); } @@ -1123,17 +1125,21 @@ namespace Emby.Server.Core } } - private string GetCertificatePath(bool generateCertificate) + private CertificateInfo GetCertificateInfo(bool generateCertificate) { if (!string.IsNullOrWhiteSpace(ServerConfigurationManager.Configuration.CertificatePath)) { // Custom cert - return ServerConfigurationManager.Configuration.CertificatePath; + return new CertificateInfo + { + Path = ServerConfigurationManager.Configuration.CertificatePath + }; } // Generate self-signed cert var certHost = GetHostnameFromExternalDns(ServerConfigurationManager.Configuration.WanDdns); var certPath = Path.Combine(ServerConfigurationManager.ApplicationPaths.ProgramDataPath, "ssl", "cert_" + (certHost + "1").GetMD5().ToString("N") + ".pfx"); + var password = "embycert"; if (generateCertificate) { @@ -1143,7 +1149,7 @@ namespace Emby.Server.Core try { - _certificateGenerator(certPath, certHost); + _certificateGenerator(certPath, certHost, password); } catch (Exception ex) { @@ -1153,7 +1159,11 @@ namespace Emby.Server.Core } } - return certPath; + return new CertificateInfo + { + Path = certPath, + Password = password + }; } /// @@ -1189,7 +1199,11 @@ namespace Emby.Server.Core requiresRestart = true; } - if (!string.Equals(CertificatePath, GetCertificatePath(false), StringComparison.OrdinalIgnoreCase)) + var currentCertPath = CertificateInfo == null ? null : CertificateInfo.Path; + var newCertInfo = GetCertificateInfo(false); + var newCertPath = newCertInfo == null ? null : newCertInfo.Path; + + if (!string.Equals(currentCertPath, newCertPath, StringComparison.OrdinalIgnoreCase)) { requiresRestart = true; } @@ -1779,6 +1793,11 @@ namespace Emby.Server.Core { Container.Register(typeInterface, typeImplementation); } + } + internal class CertificateInfo + { + public string Path { get; set; } + public string Password { get; set; } } } diff --git a/MediaBrowser.Server.Mac/MacAppHost.cs b/MediaBrowser.Server.Mac/MacAppHost.cs index 304472529..4b29ba3a7 100644 --- a/MediaBrowser.Server.Mac/MacAppHost.cs +++ b/MediaBrowser.Server.Mac/MacAppHost.cs @@ -18,7 +18,7 @@ namespace MediaBrowser.Server.Mac { public class MacAppHost : ApplicationHost { - public MacAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) + public MacAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) { } diff --git a/MediaBrowser.Server.Mono/MonoAppHost.cs b/MediaBrowser.Server.Mono/MonoAppHost.cs index 54fd45019..09c409a2c 100644 --- a/MediaBrowser.Server.Mono/MonoAppHost.cs +++ b/MediaBrowser.Server.Mono/MonoAppHost.cs @@ -19,7 +19,7 @@ namespace MediaBrowser.Server.Mono { public class MonoAppHost : ApplicationHost { - public MonoAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) + public MonoAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) { } diff --git a/MediaBrowser.Server.Mono/Program.cs b/MediaBrowser.Server.Mono/Program.cs index dcd2dcaa6..b79c8c1f7 100644 --- a/MediaBrowser.Server.Mono/Program.cs +++ b/MediaBrowser.Server.Mono/Program.cs @@ -159,9 +159,9 @@ namespace MediaBrowser.Server.Mono Task.WaitAll(task); } - private static void GenerateCertificate(string certPath, string certHost) + private static void GenerateCertificate(string certPath, string certHost, string certPassword) { - CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, _logger); + CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, certPassword, _logger); } private static MonoEnvironmentInfo GetEnvironmentInfo() diff --git a/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs b/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs index 9e14b7713..a362045d0 100644 --- a/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs +++ b/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs @@ -12,6 +12,7 @@ namespace Emby.Common.Implementations.Security public static void CreateSelfSignCertificatePfx( string fileName, string hostname, + string password, ILogger logger) { if (string.IsNullOrWhiteSpace(fileName)) diff --git a/MediaBrowser.ServerApplication/MainStartup.cs b/MediaBrowser.ServerApplication/MainStartup.cs index 3643aab48..8e38c9a98 100644 --- a/MediaBrowser.ServerApplication/MainStartup.cs +++ b/MediaBrowser.ServerApplication/MainStartup.cs @@ -391,9 +391,9 @@ namespace MediaBrowser.ServerApplication } } - private static void GenerateCertificate(string certPath, string certHost) + private static void GenerateCertificate(string certPath, string certHost, string certPassword) { - CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, _logger); + CertificateGenerator.CreateSelfSignCertificatePfx(certPath, certHost, certPassword, _logger); } private static ServerNotifyIcon _serverNotifyIcon; diff --git a/MediaBrowser.ServerApplication/WindowsAppHost.cs b/MediaBrowser.ServerApplication/WindowsAppHost.cs index cd293fddf..537c8b323 100644 --- a/MediaBrowser.ServerApplication/WindowsAppHost.cs +++ b/MediaBrowser.ServerApplication/WindowsAppHost.cs @@ -25,7 +25,7 @@ namespace MediaBrowser.ServerApplication { public class WindowsAppHost : ApplicationHost { - public WindowsAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) + public WindowsAppHost(ServerApplicationPaths applicationPaths, ILogManager logManager, StartupOptions options, IFileSystem fileSystem, IPowerManagement powerManagement, string releaseAssetFilename, IEnvironmentInfo environmentInfo, MediaBrowser.Controller.Drawing.IImageEncoder imageEncoder, ISystemEvents systemEvents, IMemoryStreamFactory memoryStreamFactory, MediaBrowser.Common.Net.INetworkManager networkManager, Action certificateGenerator, Func defaultUsernameFactory) : base(applicationPaths, logManager, options, fileSystem, powerManagement, releaseAssetFilename, environmentInfo, imageEncoder, systemEvents, memoryStreamFactory, networkManager, certificateGenerator, defaultUsernameFactory) { } From fc788efa49e129eadbcc64a1b4fd7797e020d854 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Mon, 1 May 2017 16:03:27 -0400 Subject: [PATCH 2/3] add password to self signed cert --- Emby.Server.Core/ApplicationHost.cs | 2 +- Emby.Server.Implementations/Library/SearchEngine.cs | 5 ++++- MediaBrowser.Api/SearchService.cs | 5 ++++- MediaBrowser.Model/Search/SearchQuery.cs | 1 + .../Cryptography/CertificateGenerator.cs | 3 ++- 5 files changed, 12 insertions(+), 4 deletions(-) diff --git a/Emby.Server.Core/ApplicationHost.cs b/Emby.Server.Core/ApplicationHost.cs index 05f6c4309..994b942e9 100644 --- a/Emby.Server.Core/ApplicationHost.cs +++ b/Emby.Server.Core/ApplicationHost.cs @@ -1138,7 +1138,7 @@ namespace Emby.Server.Core // Generate self-signed cert var certHost = GetHostnameFromExternalDns(ServerConfigurationManager.Configuration.WanDdns); - var certPath = Path.Combine(ServerConfigurationManager.ApplicationPaths.ProgramDataPath, "ssl", "cert_" + (certHost + "1").GetMD5().ToString("N") + ".pfx"); + var certPath = Path.Combine(ServerConfigurationManager.ApplicationPaths.ProgramDataPath, "ssl", "cert_" + (certHost + "2").GetMD5().ToString("N") + ".pfx"); var password = "embycert"; if (generateCertificate) diff --git a/Emby.Server.Implementations/Library/SearchEngine.cs b/Emby.Server.Implementations/Library/SearchEngine.cs index a47a3322e..51c9504c2 100644 --- a/Emby.Server.Implementations/Library/SearchEngine.cs +++ b/Emby.Server.Implementations/Library/SearchEngine.cs @@ -165,7 +165,10 @@ namespace Emby.Server.Implementations.Library ExcludeItemTypes = excludeItemTypes.ToArray(), IncludeItemTypes = includeItemTypes.ToArray(), Limit = query.Limit, - IncludeItemsByName = true + IncludeItemsByName = string.IsNullOrWhiteSpace(query.ParentId), + ParentId = string.IsNullOrWhiteSpace(query.ParentId) ? (Guid?)null : new Guid(query.ParentId), + SortBy = new[] { ItemSortBy.SortName }, + Recursive = true }); // Add search hints based on item name diff --git a/MediaBrowser.Api/SearchService.cs b/MediaBrowser.Api/SearchService.cs index d6fa4030d..b4ee92365 100644 --- a/MediaBrowser.Api/SearchService.cs +++ b/MediaBrowser.Api/SearchService.cs @@ -66,6 +66,8 @@ namespace MediaBrowser.Api [ApiMember(Name = "IncludeItemTypes", Description = "Optional. If specified, results will be filtered based on item type. This allows multiple, comma delimeted.", IsRequired = false, DataType = "string", ParameterType = "query", Verb = "GET", AllowMultiple = true)] public string IncludeItemTypes { get; set; } + public string ParentId { get; set; } + public GetSearchHints() { IncludeArtists = true; @@ -135,7 +137,8 @@ namespace MediaBrowser.Api IncludeStudios = request.IncludeStudios, StartIndex = request.StartIndex, UserId = request.UserId, - IncludeItemTypes = (request.IncludeItemTypes ?? string.Empty).Split(',').Where(i => !string.IsNullOrWhiteSpace(i)).ToArray() + IncludeItemTypes = (request.IncludeItemTypes ?? string.Empty).Split(',').Where(i => !string.IsNullOrWhiteSpace(i)).ToArray(), + ParentId = request.ParentId }).ConfigureAwait(false); diff --git a/MediaBrowser.Model/Search/SearchQuery.cs b/MediaBrowser.Model/Search/SearchQuery.cs index 678dfd39d..11d2d97f7 100644 --- a/MediaBrowser.Model/Search/SearchQuery.cs +++ b/MediaBrowser.Model/Search/SearchQuery.cs @@ -34,6 +34,7 @@ namespace MediaBrowser.Model.Search public bool IncludeArtists { get; set; } public string[] IncludeItemTypes { get; set; } + public string ParentId { get; set; } public SearchQuery() { diff --git a/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs b/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs index a362045d0..4f5b3d004 100644 --- a/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs +++ b/MediaBrowser.Server.Startup.Common/Cryptography/CertificateGenerator.cs @@ -44,7 +44,7 @@ namespace Emby.Common.Implementations.Security cb.NotAfter = notAfter; cb.SubjectName = subject; cb.SubjectPublicKey = subjectKey; - + // signature cb.Hash = "SHA256"; byte[] rawcert = cb.Sign(issuerKey); @@ -60,6 +60,7 @@ namespace Emby.Common.Implementations.Security attributes.Add(PKCS9.localKeyId, list); p12.AddCertificate(new X509Certificate(rawcert), attributes); + p12.Password = password; p12.AddPkcs8ShroudedKeyBag(subjectKey, attributes); p12.SaveToFile(fileName); From f0ebe1cac87c59dd2d86c6582d0760afe1182191 Mon Sep 17 00:00:00 2001 From: Luke Pulverenti Date: Mon, 1 May 2017 16:05:15 -0400 Subject: [PATCH 3/3] 3.2.13.10 --- SharedVersion.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SharedVersion.cs b/SharedVersion.cs index 12a8aeaab..58ac3ebe6 100644 --- a/SharedVersion.cs +++ b/SharedVersion.cs @@ -1,3 +1,3 @@ using System.Reflection; -[assembly: AssemblyVersion("3.2.13.9")] +[assembly: AssemblyVersion("3.2.13.10")]