tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Build fix

This commit is contained in:
Gunnar Beutner 2014-10-21 13:54:56 +02:00
parent e293092bdc
commit 01e2646fd4
3 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/cli/CMakeLists.txt
View File

@ -22,7 +22,7 @@ set(cli_SOURCES
daemoncommand.cpp daemoncommand.cpp
featureenablecommand.cpp featuredisablecommand.cpp featurelistcommand.cpp featureutility.cpp featureenablecommand.cpp featuredisablecommand.cpp featurelistcommand.cpp featureutility.cpp
objectlistcommand.cpp objectlistcommand.cpp
pkinewcacommand.cpp pkinewcertcommand.cpp pkisigncsrcommand.cpp pkirequestcommand.cpp pkiticketcommand.cpp pkinewcacommand.cpp pkinewcertcommand.cpp pkisigncsrcommand.cpp pkirequestcommand.cpp pkisavecertcommand.cpp pkiticketcommand.cpp
repositoryobjectcommand.cpp repositoryobjectcommand.cpp
variablegetcommand.cpp variablelistcommand.cpp variablegetcommand.cpp variablelistcommand.cpp
) )

1
lib/cli/agentutility.hpp
View File

@ -23,6 +23,7 @@
#include "base/i2-base.hpp" #include "base/i2-base.hpp"
#include "base/dictionary.hpp" #include "base/dictionary.hpp"
#include "base/string.hpp" #include "base/string.hpp"
#include <vector>
namespace icinga namespace icinga
{ {

18
lib/cli/pkirequestcommand.cpp
View File

@ -46,9 +46,10 @@ void PKIRequestCommand::InitParameters(boost::program_options::options_descripti
boost::program_options::options_description& hiddenDesc) const boost::program_options::options_description& hiddenDesc) const
{ {
visibleDesc.add_options() visibleDesc.add_options()
("keyfile", po::value<std::string>(), "Key file path") ("keyfile", po::value<std::string>(), "Key file path (input)")
("certfile", po::value<std::string>(), "Certificate file path (input + output)") ("certfile", po::value<std::string>(), "Certificate file path (input + output)")
("cafile", po::value<std::string>(), "CA file path (output)") ("cafile", po::value<std::string>(), "CA file path (output)")
("trustedfile", po::value<std::string>(), "Trusted certificate file path (input)")
("host", po::value<std::string>(), "Icinga 2 host") ("host", po::value<std::string>(), "Icinga 2 host")
("port", po::value<std::string>(), "Icinga 2 port") ("port", po::value<std::string>(), "Icinga 2 port")
("ticket", po::value<std::string>(), "Icinga 2 PKI ticket"); ("ticket", po::value<std::string>(), "Icinga 2 PKI ticket");
@ -56,7 +57,7 @@ void PKIRequestCommand::InitParameters(boost::program_options::options_descripti
std::vector<String> PKIRequestCommand::GetArgumentSuggestions(const String& argument, const String& word) const std::vector<String> PKIRequestCommand::GetArgumentSuggestions(const String& argument, const String& word) const
{ {
if (argument == "keyfile" || argument == "certfile" || argument == "cafile") if (argument == "keyfile" || argument == "certfile" || argument == "cafile" || argument == "trustedfile")
return GetBashCompletionSuggestions("file", word); return GetBashCompletionSuggestions("file", word);
else if (argument == "host") else if (argument == "host")
return GetBashCompletionSuggestions("hostname", word); return GetBashCompletionSuggestions("hostname", word);
@ -93,6 +94,11 @@ int PKIRequestCommand::Run(const boost::program_options::variables_map& vm, cons
return 1; return 1;
} }
if (!vm.count("trustedfile")) {
Log(LogCritical, "cli", "Trusted certificate file path (--trustedfile) must be specified.");
return 1;
}
if (!vm.count("ticket")) { if (!vm.count("ticket")) {
Log(LogCritical, "cli", "Ticket (--ticket) must be specified."); Log(LogCritical, "cli", "Ticket (--ticket) must be specified.");
return 1; return 1;
@ -115,6 +121,14 @@ int PKIRequestCommand::Run(const boost::program_options::variables_map& vm, cons
stream->Handshake(); stream->Handshake();
shared_ptr<X509> peerCert = stream->GetPeerCertificate();
shared_ptr<X509> trustedCert = GetX509Certificate(vm["trustedfile"].as<std::string>());
if (CertificateToString(peerCert) != CertificateToString(trustedCert)) {
Log(LogCritical, "cli", "Peer certificate does not match trusted certificate.");
return 1;
}
Dictionary::Ptr request = make_shared<Dictionary>(); Dictionary::Ptr request = make_shared<Dictionary>();
String msgid = Utility::NewUniqueID(); String msgid = Utility::NewUniqueID();