mirror of https://github.com/Icinga/icinga2.git
parent
e80fd0fbfa
commit
339d0604e1
|
@ -173,16 +173,46 @@ int PkiUtility::RequestCertificate(const String& host, const String& port, const
|
|||
{
|
||||
TcpSocket::Ptr client = make_shared<TcpSocket>();
|
||||
|
||||
try {
|
||||
client->Connect(host, port);
|
||||
} catch (const std::exception& ex) {
|
||||
Log(LogCritical, "cli")
|
||||
<< "Cannot connect to host '" << host << "' on port '" << port << "'";
|
||||
Log(LogDebug, "cli")
|
||||
<< "Cannot connect to host '" << host << "' on port '" << port << "':\n" << DiagnosticInformation(ex);
|
||||
return 1;
|
||||
}
|
||||
|
||||
shared_ptr<SSL_CTX> sslContext = MakeSSLContext(certfile, keyfile);
|
||||
shared_ptr<SSL_CTX> sslContext = make_shared<SSL_CTX>();
|
||||
|
||||
try {
|
||||
sslContext = MakeSSLContext(certfile, keyfile);
|
||||
} catch (const std::exception& ex) {
|
||||
Log(LogCritical, "cli")
|
||||
<< "Cannot make SSL context for cert path: '" << certfile << "' key path: '" << keyfile << "' ca path: '" << cafile << "'.";
|
||||
return 1;
|
||||
}
|
||||
|
||||
TlsStream::Ptr stream = make_shared<TlsStream>(client, RoleClient, sslContext);
|
||||
|
||||
try {
|
||||
stream->Handshake();
|
||||
} catch (const std::exception&) {
|
||||
Log(LogCritical, "cli", "Client TLS handshake failed.");
|
||||
return 1;
|
||||
}
|
||||
|
||||
shared_ptr<X509> peerCert = stream->GetPeerCertificate();
|
||||
shared_ptr<X509> trustedCert = GetX509Certificate(trustedfile);
|
||||
|
||||
shared_ptr<X509> trustedCert = make_shared<X509>();
|
||||
|
||||
try {
|
||||
trustedCert = GetX509Certificate(trustedfile);
|
||||
} catch (const std::exception&) {
|
||||
Log(LogCritical, "cli")
|
||||
<< "Cannot get trusted from cert path: '" << trustedfile << "'.";
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (CertificateToString(peerCert) != CertificateToString(trustedCert)) {
|
||||
Log(LogCritical, "cli", "Peer certificate does not match trusted certificate.");
|
||||
|
|
|
@ -59,7 +59,7 @@ void RepositoryCommitCommand::InitParameters(boost::program_options::options_des
|
|||
}
|
||||
|
||||
/**
|
||||
* The entry point for the "object list" CLI command.
|
||||
* The entry point for the "repository commit" CLI command.
|
||||
*
|
||||
* @returns An exit status.
|
||||
*/
|
||||
|
|
|
@ -29,7 +29,7 @@ namespace icinga
|
|||
{
|
||||
|
||||
/**
|
||||
* The "object list" command.
|
||||
* The "repository commit" command.
|
||||
*
|
||||
* @ingroup cli
|
||||
*/
|
||||
|
|
|
@ -142,7 +142,7 @@ int RepositoryObjectCommand::Run(const boost::program_options::variables_map& vm
|
|||
{
|
||||
if (ap.empty()) {
|
||||
Log(LogCritical, "cli")
|
||||
<< "No object name given. Bailing out.\n";
|
||||
<< "No object name given. Bailing out.";
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -157,9 +157,9 @@ int RepositoryObjectCommand::Run(const boost::program_options::variables_map& vm
|
|||
BOOST_FOREACH(const String& kv, attrs) {
|
||||
boost::algorithm::split(tokens, kv, boost::is_any_of("="));
|
||||
|
||||
if (tokens.size() == 2)
|
||||
if (tokens.size() == 2) {
|
||||
attr->Set(tokens[0], tokens[1]);
|
||||
else
|
||||
} else
|
||||
Log(LogWarning, "cli")
|
||||
<< "Cannot parse passed attributes for object '" << name << "': " << boost::algorithm::join(tokens, "=");
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue