From 470d8a3c789dc57ec97a62dc410a28a3a3605283 Mon Sep 17 00:00:00 2001
From: Josh Yelon <jyelon@gmail.com>
Date: Mon, 23 Jan 2023 16:24:40 -0500
Subject: [PATCH] Added path_to_plain_ascii for use by driver-ssl

---
 luprex/core/cpp/driver-linux.cpp | 10 ++++++++++
 luprex/core/cpp/driver-mingw.cpp | 16 +++++++++++++++-
 luprex/core/cpp/driver-ssl.cpp   | 19 ++++++++++++-------
 3 files changed, 37 insertions(+), 8 deletions(-)

diff --git a/luprex/core/cpp/driver-linux.cpp b/luprex/core/cpp/driver-linux.cpp
index 4bdecbbd..668a763e 100644
--- a/luprex/core/cpp/driver-linux.cpp
+++ b/luprex/core/cpp/driver-linux.cpp
@@ -32,6 +32,16 @@ const int INVALID_SOCKET = -1;
 
 struct termios orig_termios;
 
+// OpenSSL requires plain ascii pathnames.  Returns empty string
+// if the path cannot be converted to plain ascii.
+std::string path_to_plain_ascii(const std::filesystem::path &path) {
+	std::string s = path.native();
+	for (char c : s) {
+		if ((c < 1) || (c > 127)) return "";
+	}
+	return s;
+}
+
 std::string strerror_str(int err) {
     char errbuf[256];
     return strerror_r(err, errbuf, 256);
diff --git a/luprex/core/cpp/driver-mingw.cpp b/luprex/core/cpp/driver-mingw.cpp
index b025ec67..c42f7d5a 100644
--- a/luprex/core/cpp/driver-mingw.cpp
+++ b/luprex/core/cpp/driver-mingw.cpp
@@ -8,13 +8,13 @@
 #include "driver-util.hpp"
 #include "driver-ssl.hpp"
 #include "drivenengine.hpp"
-#include "util.hpp"
 #include "source.hpp"
 
 #include <iostream>
 #include <cstdio>
 #include <cstring>
 #include <cassert>
+#include <filesystem>
 
 #include <winsock2.h>
 #include <ws2tcpip.h>
@@ -29,6 +29,20 @@
 #include <openssl/bio.h>
 #include <openssl/pem.h>
 
+// OpenSSL requires plain ascii pathnames.  Returns empty string
+// if the path cannot be converted to plain ascii.
+std::string path_to_plain_ascii(const std::filesystem::path &path) {
+	std::wstring s = path.native();
+	for (wchar_t c : s) {
+		if ((c < 1) || (c > 127)) return "";
+	}
+	std::ostringstream oss;
+	for (wchar_t c : s) {
+		oss << ((char)c);
+	}
+	return oss.str();
+}
+	
 static void set_nonblocking(SOCKET sock) {
     u_long mode = 1;  // 1 to enable non-blocking socket
     int status = ioctlsocket(sock, FIONBIO, &mode);
diff --git a/luprex/core/cpp/driver-ssl.cpp b/luprex/core/cpp/driver-ssl.cpp
index fddf19e9..a181e350 100644
--- a/luprex/core/cpp/driver-ssl.cpp
+++ b/luprex/core/cpp/driver-ssl.cpp
@@ -5,6 +5,7 @@
 #include <filesystem>
 
 extern std::string strerror_str(int err);
+extern std::string path_to_plain_ascii(const std::filesystem::path &path);
 
 namespace drvssl {
 
@@ -163,13 +164,17 @@ void ctx_load_cert_from_directory(SSL_CTX *ctx, const std::string &dir) {
     std::vector<std::string> cert_paths;
 
     for (const auto & entry : std::filesystem::directory_iterator(dir)) {
-        std::string fn = entry.path();
-        if (count_certificates(fn.c_str()) >= 1) {
-            cert_paths.push_back(fn);
-        }
-        if (contains_privatekey(fn.c_str())) {
-            key_paths.push_back(fn);
-        }
+		std::string fn = path_to_plain_ascii(entry.path());
+		if (fn.empty()) {
+			std::cerr << "Ignoring file with non-ascii filename: " << entry.path() << std::endl;
+		} else {
+			if (count_certificates(fn.c_str()) >= 1) {
+				cert_paths.push_back(fn);
+			}
+			if (contains_privatekey(fn.c_str())) {
+				key_paths.push_back(fn);
+			}
+		}
     }
 
     if (cert_paths.size() > 1) {