From fbdf7331aa7747a9779930bcdac7968c6cc4b62a Mon Sep 17 00:00:00 2001
From: Danilo Del Busso <danilo.delbusso@cloud.com>
Date: Thu, 14 Mar 2024 14:27:50 +0000
Subject: [PATCH] CA-390109: Use `$PROFILE` path to store and read known cert
 list

Before these changes, the `SaveCertificates` method relied on machines having a `SpecialFolder.MyDocuments` folder. This is true in Windows and GUI versions of some Linux distros, but it's an assumption that caused the save method to fail if the folder didn't exist.

With this commit, we're storing and reading from the path where `$PROFILE` is stored, which is platform agnostic from the point of view of the SDK.

Signed-off-by: Danilo Del Busso <danilo.delbusso@cloud.com>
---
 .../autogen/Initialize-Environment.ps1        |  2 ++
 .../autogen/src/CommonCmdletFunctions.cs      | 29 +++++++++++++------
 .../autogen/src/Connect-XenServer.cs          |  8 ++---
 3 files changed, 26 insertions(+), 13 deletions(-)

diff --git a/ocaml/sdk-gen/powershell/autogen/Initialize-Environment.ps1 b/ocaml/sdk-gen/powershell/autogen/Initialize-Environment.ps1
index d418745ee39..c0d7b30dce3 100644
--- a/ocaml/sdk-gen/powershell/autogen/Initialize-Environment.ps1
+++ b/ocaml/sdk-gen/powershell/autogen/Initialize-Environment.ps1
@@ -46,4 +46,6 @@ if (Test-Path $perUserXsProfile) {
 Remove-Item variable:systemWideXsProfile
 Remove-Item variable:perUserXsProfile
 
+$global:KnownServerCertificatesFilePath = Join-Path -Path (Split-Path $PROFILE) -ChildPath "XenServer_Known_Certificates.xml"
+
 $XenServer_Environment_Initialized = $true
diff --git a/ocaml/sdk-gen/powershell/autogen/src/CommonCmdletFunctions.cs b/ocaml/sdk-gen/powershell/autogen/src/CommonCmdletFunctions.cs
index d01a03098cb..8f29ecde1f5 100644
--- a/ocaml/sdk-gen/powershell/autogen/src/CommonCmdletFunctions.cs
+++ b/ocaml/sdk-gen/powershell/autogen/src/CommonCmdletFunctions.cs
@@ -42,8 +42,10 @@ namespace Citrix.XenServer
     class CommonCmdletFunctions
     {
         private const string SessionsVariable = "global:Citrix.XenServer.Sessions";
+
         private const string DefaultSessionVariable = "global:XenServer_Default_Session";
-        private static string CertificatePath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.MyDocuments), @"WindowsPowerShell\XenServer_Known_Certificates.xml");
+
+        private const string KnownServerCertificatesFilePathVariable = "global:KnownServerCertificatesFilePath";
 
         static CommonCmdletFunctions()
         {
@@ -68,8 +70,7 @@ internal static void SetAllSessions(PSCmdlet cmdlet, Dictionary<string, Session>
 
         internal static Session GetDefaultXenSession(PSCmdlet cmdlet)
         {
-            object obj = cmdlet.SessionState.PSVariable.GetValue(DefaultSessionVariable);
-            return obj as Session;
+            return cmdlet.SessionState.PSVariable.GetValue(DefaultSessionVariable) as Session;
         }
 
         internal static void SetDefaultXenSession(PSCmdlet cmdlet, Session session)
@@ -77,19 +78,28 @@ internal static void SetDefaultXenSession(PSCmdlet cmdlet, Session session)
             cmdlet.SessionState.PSVariable.Set(DefaultSessionVariable, session);
         }
 
+        internal static string GetKnownServerCertificatesFilePathVariable(PSCmdlet cmdlet)
+        {
+            var knownCertificatesFilePathObject = cmdlet.SessionState.PSVariable.GetValue(KnownServerCertificatesFilePathVariable);
+            if (knownCertificatesFilePathObject is PSObject psObject)
+                return psObject.BaseObject as string;
+            return knownCertificatesFilePathObject?.ToString() ?? string.Empty;
+        }
+
         internal static string GetUrl(string hostname, int port)
         {
             return string.Format("{0}://{1}:{2}", port == 80 ? "http" : "https", hostname, port);
         }
 
-        public static Dictionary<string, string> LoadCertificates()
+        public static Dictionary<string, string> LoadCertificates(PSCmdlet cmdlet)
         {
             Dictionary<string, string> certificates = new Dictionary<string, string>();
+            var knownServerCertificatesFilePath = GetKnownServerCertificatesFilePathVariable(cmdlet);
 
-            if (File.Exists(CertificatePath))
+            if (File.Exists(knownServerCertificatesFilePath))
             {
                 XmlDocument doc = new XmlDocument();
-                doc.Load(CertificatePath);
+                doc.Load(knownServerCertificatesFilePath);
 
                 foreach (XmlNode node in doc.GetElementsByTagName("certificate"))
                 {
@@ -104,9 +114,10 @@ public static Dictionary<string, string> LoadCertificates()
             return certificates;
         }
 
-        public static void SaveCertificates(Dictionary<string, string> certificates)
+        public static void SaveCertificates(PSCmdlet cmdlet, Dictionary<string, string> certificates)
         {
-            string dirName = Path.GetDirectoryName(CertificatePath);
+            var knownServerCertificatesFilePath = GetKnownServerCertificatesFilePathVariable(cmdlet);
+            string dirName = Path.GetDirectoryName(knownServerCertificatesFilePath);
 
             if (!Directory.Exists(dirName))
                 Directory.CreateDirectory(dirName);
@@ -129,7 +140,7 @@ public static void SaveCertificates(Dictionary<string, string> certificates)
             }
 
             doc.AppendChild(node);
-            doc.Save(CertificatePath);
+            doc.Save(knownServerCertificatesFilePath);
         }
 
         public static string FingerprintPrettyString(string fingerprint)
diff --git a/ocaml/sdk-gen/powershell/autogen/src/Connect-XenServer.cs b/ocaml/sdk-gen/powershell/autogen/src/Connect-XenServer.cs
index 0ec80444a85..c1155f7a2a3 100644
--- a/ocaml/sdk-gen/powershell/autogen/src/Connect-XenServer.cs
+++ b/ocaml/sdk-gen/powershell/autogen/src/Connect-XenServer.cs
@@ -253,9 +253,9 @@ protected override void ProcessRecord()
 
         private void AddCertificate(string hostname, string fingerprint)
         {
-            var certificates = CommonCmdletFunctions.LoadCertificates();
+            var certificates = CommonCmdletFunctions.LoadCertificates(this);
             certificates[hostname] = fingerprint;
-            CommonCmdletFunctions.SaveCertificates(certificates);
+            CommonCmdletFunctions.SaveCertificates(this, certificates);
         }
 
         private bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
@@ -274,7 +274,7 @@ private bool ValidateServerCertificate(object sender, X509Certificate certificat
 
                 bool trusted = VerifyInAllStores(new X509Certificate2(certificate));
 
-                var certificates = CommonCmdletFunctions.LoadCertificates();
+                var certificates = CommonCmdletFunctions.LoadCertificates(this);
 
                 if (certificates.ContainsKey(hostname))
                 {
@@ -292,7 +292,7 @@ private bool ValidateServerCertificate(object sender, X509Certificate certificat
                 }
 
                 certificates[hostname] = fingerprint;
-                CommonCmdletFunctions.SaveCertificates(certificates);
+                CommonCmdletFunctions.SaveCertificates(this, certificates);
                 return true;
             }
         }