Roxen.git / server / base_server / roxen.pike

version» Context lines:

Roxen.git/server/base_server/roxen.pike:6423:    foreach(({ "testca.pem", "demo_certificate.pem" }), string file_name) {    if (!sizeof(roxenloader.package_directories)) break;    string cert;    if (lfile_path(file_name) == file_name) {    file_name = roxen_path (roxenloader.package_directories[-1] + "/" +    file_name);    report_notice("Generating a new certificate %s...\n", file_name);    cert = Roxen.generate_self_signed_certificate("*");   #if constant(Standards.X509)    } else { -  file_name = lfile_path(file_name); +  file_name = roxen_path (lfile_path(file_name));       // Check if we need to upgrade the cert.    //    // Certificates generated by old versions of Pike were    // plain X.509v1, while certificates generated by Pike 8.0    // and later are X.509v3 with some required extensions.    -  +  string old_cert = Stdio.read_bytes(file_name); +  if (!old_cert) { +  report_error("Failed to read certificate %s.\n", file_name); +  continue; +  } +     // Note: set_u_and_gid() hasn't been called yet,    // so there's no need for Privs. -  Standards.PEM.Messages msgs = -  Standards.PEM.Messages(Stdio.read_bytes(file_name)); +  Standards.PEM.Messages msgs = Standards.PEM.Messages(old_cert);       int upgrade_needed;       foreach(msgs->parts; string part; Standards.PEM.Message msg) {    if (!has_suffix(part, "CERTIFICATE")) continue;    Standards.X509.TBSCertificate tbs =    Standards.X509.decode_certificate(msg->body);    upgrade_needed = (tbs->version < 3);    break;    }