commit 83deb7d8bd399469f8167f768cd6bb641584529d
author Jonathan Doman <jonathan.doman@intel.com> Mon Nov 16 17:00:22 2020 -0800
committer Ed Tanous <ed@tanous.net> Wed Nov 18 20:29:07 2020 +0000
tree cd1c5952f08e0c8107268fecd1eb7a998d04aef1
parent 5238bd3205c61efa4ff82c0c5a4eb9d594a0865b

Avoid std::filesystem exception on trust store

Use non-throwing version of is_empty() in case the directory
(/etc/ssl/certs/authority) doesn't exist.

This directory is normally created by another certificate manager daemon
so this crash would only be encountered under unusual scenarios (which
we did encounter due to misconfigured build).

Tested:
1. Stopped phosphor-certificate-manager@authority and deleted
   /etc/ssl/certs/authority.
2. Start non-modified bmcweb and observe exception in journal.
3. Start this build of bmcweb and observe no exception.
4. Browse around in web ui and everything looks normal.

Signed-off-by: Jonathan Doman <jonathan.doman@intel.com>
Change-Id: Ife086da6d36ddeb30a9f8632d629420310625ea3

http/http_connection.hpp

diff --git a/http/http_connection.hpp b/http/http_connection.hpp
index 6610bee..506f132 100644
--- a/http/http_connection.hpp
+++ b/http/http_connection.hpp
@@ -72,8 +72,10 @@
         req.emplace(parser->get());
 
 #ifdef BMCWEB_ENABLE_MUTUAL_TLS_AUTHENTICATION
-        auto caAvailable = !std::filesystem::is_empty(
-            std::filesystem::path(ensuressl::trustStorePath));
+        std::error_code error;
+        std::filesystem::path caPath(ensuressl::trustStorePath);
+        auto caAvailable = !std::filesystem::is_empty(caPath, error);
+        caAvailable = caAvailable && !error;
         if (caAvailable && persistent_data::SessionStore::getInstance()
                                .getAuthMethodsConfig()
                                .tls)