diff options
author | Jeffrey Ryan <jeffreyryan@tutanota.com> | 2022-05-05 21:23:51 -0500 |
---|---|---|
committer | Jeffrey Ryan <jeffreyryan@tutanota.com> | 2022-05-05 21:48:19 -0500 |
commit | 1ddb1ee8191daa9d778099c079acb9f172e33f49 (patch) | |
tree | 6f81301091d0dd635ef3f343376553047c2e2159 /src/rpc | |
parent | Merge pull request #8275 (diff) | |
download | monero-1ddb1ee8191daa9d778099c079acb9f172e33f49.tar.xz |
Give better error messages when missing SSL files
While copying my data dir to another drive, I missed copying the rpc_ssl.key file b/c of the file permissions.
This change will give a much more clear, descriptive error in that scenario.
Diffstat (limited to 'src/rpc')
-rw-r--r-- | src/rpc/core_rpc_server.cpp | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/src/rpc/core_rpc_server.cpp b/src/rpc/core_rpc_server.cpp index 869040657..0fe28465f 100644 --- a/src/rpc/core_rpc_server.cpp +++ b/src/rpc/core_rpc_server.cpp @@ -350,12 +350,23 @@ namespace cryptonote bool store_ssl_key = !restricted && rpc_config->ssl_options && rpc_config->ssl_options.auth.certificate_path.empty(); const auto ssl_base_path = (boost::filesystem::path{data_dir} / "rpc_ssl").string(); - if (store_ssl_key && boost::filesystem::exists(ssl_base_path + ".crt")) + const bool ssl_cert_file_exists = boost::filesystem::exists(ssl_base_path + ".crt"); + const bool ssl_pkey_file_exists = boost::filesystem::exists(ssl_base_path + ".key"); + if (store_ssl_key) { - // load key from previous run, password prompted by OpenSSL - store_ssl_key = false; - rpc_config->ssl_options.auth = - epee::net_utils::ssl_authentication_t{ssl_base_path + ".key", ssl_base_path + ".crt"}; + // .key files are often given different read permissions as their corresponding .crt files. + // Consequently, sometimes the .key file wont't get copied, while the .crt file will. + if (ssl_cert_file_exists != ssl_pkey_file_exists) + { + MFATAL("Certificate (.crt) and private key (.key) files must both exist or both not exist at path: " << ssl_base_path); + return false; + } + else if (ssl_cert_file_exists) { // and ssl_pkey_file_exists + // load key from previous run, password prompted by OpenSSL + store_ssl_key = false; + rpc_config->ssl_options.auth = + epee::net_utils::ssl_authentication_t{ssl_base_path + ".key", ssl_base_path + ".crt"}; + } } auto rng = [](size_t len, uint8_t *ptr){ return crypto::rand(len, ptr); }; |