diff options
| author | Carl Hetherington <cth@carlh.net> | 2018-03-09 00:55:49 +0000 |
|---|---|---|
| committer | Carl Hetherington <cth@carlh.net> | 2018-03-09 00:55:49 +0000 |
| commit | 6d770c4c8c79569871edc20253f29f9ea00539e6 (patch) | |
| tree | ee21cd67d784084cef98c0dfb3b8c4319dc1935f /src/lib | |
| parent | 67ff21a970b9c680e243eec9e7129a256898e156 (diff) | |
Check for signer chains containing UTF8-marked strings and offer
to fix them on startup (#1218).
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/config.cc | 31 | ||||
| -rw-r--r-- | src/lib/config.h | 5 |
2 files changed, 30 insertions, 6 deletions
diff --git a/src/lib/config.cc b/src/lib/config.cc index ec5b05afa..2ae7939a9 100644 --- a/src/lib/config.cc +++ b/src/lib/config.cc @@ -67,6 +67,7 @@ Config* Config::_instance = 0; int const Config::_current_version = 3; boost::signals2::signal<void ()> Config::FailedToLoad; boost::signals2::signal<void (string)> Config::Warning; +boost::signals2::signal<bool (void)> Config::BadSignerChain; boost::optional<boost::filesystem::path> Config::test_path; /** Construct default configuration */ @@ -349,6 +350,30 @@ try _signer_chain = create_certificate_chain (); } + /* These must be done before we call BadSignerChain as that might set one + of the nags. + */ + BOOST_FOREACH (cxml::NodePtr i, f.node_children("Nagged")) { + int const id = i->number_attribute<int>("Id"); + if (id >= 0 && id < NAG_COUNT) { + _nagged[id] = raw_convert<int>(i->content()); + } + } + + bool bad_signer_chain = false; + BOOST_FOREACH (dcp::Certificate const & i, _signer_chain->unordered()) { + if (i.has_utf8_strings()) { + bad_signer_chain = true; + } + } + + if (bad_signer_chain) { + optional<bool> const remake = BadSignerChain(); + if (remake && *remake) { + _signer_chain = create_certificate_chain (); + } + } + cxml::NodePtr decryption = f.optional_node_child ("Decryption"); if (decryption) { shared_ptr<dcp::CertificateChain> c (new dcp::CertificateChain ()); @@ -379,12 +404,6 @@ try _dcp_metadata_filename_format = dcp::NameFormat (f.optional_string_child("DCPMetadataFilenameFormat").get_value_or ("%t")); _dcp_asset_filename_format = dcp::NameFormat (f.optional_string_child("DCPAssetFilenameFormat").get_value_or ("%t")); _jump_to_selected = f.optional_bool_child("JumpToSelected").get_value_or (true); - BOOST_FOREACH (cxml::NodePtr i, f.node_children("Nagged")) { - int const id = i->number_attribute<int>("Id"); - if (id >= 0 && id < NAG_COUNT) { - _nagged[id] = raw_convert<int>(i->content()); - } - } /* The variable was renamed but not the XML tag */ _sound = f.optional_bool_child("PreviewSound").get_value_or (true); _sound_output = f.optional_string_child("PreviewSoundOutput"); diff --git a/src/lib/config.h b/src/lib/config.h index 90ebb0b33..2fca9699c 100644 --- a/src/lib/config.h +++ b/src/lib/config.h @@ -330,6 +330,7 @@ public: NAG_DKDM_CONFIG, NAG_ENCRYPTED_METADATA, NAG_REMAKE_DECRYPTION_CHAIN, + NAG_BAD_SIGNER_CHAIN, NAG_COUNT }; @@ -696,6 +697,10 @@ public: static boost::signals2::signal<void ()> FailedToLoad; /** Emitted if read() issued a warning which the user might want to know about */ static boost::signals2::signal<void (std::string)> Warning; + /** Emitted if there is a bad certificate in the signer chain. Handler can call + * true to ask Config to re-create the chain. + */ + static boost::signals2::signal<bool (void)> BadSignerChain; void write () const; void write_config () const; |