tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Build fix

This commit is contained in:
Gunnar Beutner 2014-10-21 13:54:56 +02:00
parent e293092bdc
commit 01e2646fd4
3 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/cli/CMakeLists.txt
View File

@ -22,7 +22,7 @@ set(cli_SOURCES
daemoncommand.cpp
featureenablecommand.cpp featuredisablecommand.cpp featurelistcommand.cpp featureutility.cpp
objectlistcommand.cpp
pkinewcacommand.cpp pkinewcertcommand.cpp pkisigncsrcommand.cpp pkirequestcommand.cpp pkiticketcommand.cpp
pkinewcacommand.cpp pkinewcertcommand.cpp pkisigncsrcommand.cpp pkirequestcommand.cpp pkisavecertcommand.cpp pkiticketcommand.cpp
repositoryobjectcommand.cpp
variablegetcommand.cpp variablelistcommand.cpp
)

1
lib/cli/agentutility.hpp
View File

@ -23,6 +23,7 @@
#include "base/i2-base.hpp"
#include "base/dictionary.hpp"
#include "base/string.hpp"
#include <vector>
namespace icinga
{

18
lib/cli/pkirequestcommand.cpp
View File

@ -46,9 +46,10 @@ void PKIRequestCommand::InitParameters(boost::program_options::options_descripti
boost::program_options::options_description& hiddenDesc) const
{
visibleDesc.add_options()
("keyfile", po::value<std::string>(), "Key file path")
("keyfile", po::value<std::string>(), "Key file path (input)")
("certfile", po::value<std::string>(), "Certificate file path (input + output)")
("cafile", po::value<std::string>(), "CA file path (output)")
("trustedfile", po::value<std::string>(), "Trusted certificate file path (input)")
("host", po::value<std::string>(), "Icinga 2 host")
("port", po::value<std::string>(), "Icinga 2 port")
("ticket", po::value<std::string>(), "Icinga 2 PKI ticket");
@ -56,7 +57,7 @@ void PKIRequestCommand::InitParameters(boost::program_options::options_descripti
std::vector<String> PKIRequestCommand::GetArgumentSuggestions(const String& argument, const String& word) const
{
if (argument == "keyfile" || argument == "certfile" || argument == "cafile")
if (argument == "keyfile" || argument == "certfile" || argument == "cafile" || argument == "trustedfile")
return GetBashCompletionSuggestions("file", word);
else if (argument == "host")
return GetBashCompletionSuggestions("hostname", word);
@ -93,6 +94,11 @@ int PKIRequestCommand::Run(const boost::program_options::variables_map& vm, cons
return 1;
}
if (!vm.count("trustedfile")) {
Log(LogCritical, "cli", "Trusted certificate file path (--trustedfile) must be specified.");
return 1;
}
if (!vm.count("ticket")) {
Log(LogCritical, "cli", "Ticket (--ticket) must be specified.");
return 1;
@ -115,6 +121,14 @@ int PKIRequestCommand::Run(const boost::program_options::variables_map& vm, cons
stream->Handshake();
shared_ptr<X509> peerCert = stream->GetPeerCertificate();
shared_ptr<X509> trustedCert = GetX509Certificate(vm["trustedfile"].as<std::string>());
if (CertificateToString(peerCert) != CertificateToString(trustedCert)) {
Log(LogCritical, "cli", "Peer certificate does not match trusted certificate.");
return 1;
}
Dictionary::Ptr request = make_shared<Dictionary>();
String msgid = Utility::NewUniqueID();