From 8040bda2e16d21dce0b9e5b2e32a93aa20ef2896 Mon Sep 17 00:00:00 2001 From: Michael Friedrich Date: Wed, 6 Sep 2017 12:11:48 +0200 Subject: [PATCH] Change directory layout to /var/lib/icinga2/{ca,certs,certificate_requests} refs #5450 --- lib/cli/apisetuputility.cpp | 2 +- lib/cli/casigncommand.cpp | 2 +- lib/cli/nodesetupcommand.cpp | 6 +++--- lib/cli/nodewizardcommand.cpp | 4 ++-- lib/remote/apilistener.cpp | 12 ++++++------ lib/remote/apilistener.hpp | 4 ++-- lib/remote/jsonrpcconnection-pki.cpp | 4 ++-- lib/remote/pkiutility.cpp | 2 +- 8 files changed, 18 insertions(+), 18 deletions(-) diff --git a/lib/cli/apisetuputility.cpp b/lib/cli/apisetuputility.cpp index 35b63a2b1..b658f9339 100644 --- a/lib/cli/apisetuputility.cpp +++ b/lib/cli/apisetuputility.cpp @@ -69,7 +69,7 @@ bool ApiSetupUtility::SetupMasterCertificates(const String& cn) if (PkiUtility::NewCa() > 0) Log(LogWarning, "cli", "Found CA, skipping and using the existing one."); - String pki_path = ApiListener::GetPkiDir(); + String pki_path = ApiListener::GetCertsDir(); Utility::MkDirP(pki_path, 0700); String user = ScriptGlobal::Get("RunAsUser"); diff --git a/lib/cli/casigncommand.cpp b/lib/cli/casigncommand.cpp index a61bb2cc7..e26061238 100644 --- a/lib/cli/casigncommand.cpp +++ b/lib/cli/casigncommand.cpp @@ -54,7 +54,7 @@ ImpersonationLevel CASignCommand::GetImpersonationLevel(void) const */ int CASignCommand::Run(const boost::program_options::variables_map& vm, const std::vector& ap) const { - String requestFile = ApiListener::GetPkiRequestsDir() + "/" + ap[0] + ".json"; + String requestFile = ApiListener::GetCertificateRequestsDir() + "/" + ap[0] + ".json"; if (!Utility::PathExists(requestFile)) { Log(LogCritical, "cli") diff --git a/lib/cli/nodesetupcommand.cpp b/lib/cli/nodesetupcommand.cpp index e02e9f6da..895815d99 100644 --- a/lib/cli/nodesetupcommand.cpp +++ b/lib/cli/nodesetupcommand.cpp @@ -131,7 +131,7 @@ int NodeSetupCommand::SetupMaster(const boost::program_options::variables_map& v cn = vm["cn"].as(); /* check whether the user wants to generate a new certificate or not */ - String existing_path = ApiListener::GetPkiDir() + "/" + cn + ".crt"; + String existing_path = ApiListener::GetCertsDir() + "/" + cn + ".crt"; Log(LogInformation, "cli") << "Checking for existing certificates for common name '" << cn << "'..."; @@ -306,7 +306,7 @@ int NodeSetupCommand::SetupNode(const boost::program_options::variables_map& vm, /* pki request a signed certificate from the master */ - String pki_path = ApiListener::GetPkiDir(); + String pki_path = ApiListener::GetCertsDir(); Utility::MkDirP(pki_path, 0700); String user = ScriptGlobal::Get("RunAsUser"); @@ -441,7 +441,7 @@ int NodeSetupCommand::SetupNode(const boost::program_options::variables_map& vm, NodeUtility::UpdateConstant("NodeName", cn); NodeUtility::UpdateConstant("ZoneName", vm["zone"].as()); - String ticketPath = ApiListener::GetPkiDir() + "/ticket"; + String ticketPath = ApiListener::GetCertsDir() + "/ticket"; String tempTicketPath = Utility::CreateTempFile(ticketPath + ".XXXXXX", 0600, fp); diff --git a/lib/cli/nodewizardcommand.cpp b/lib/cli/nodewizardcommand.cpp index fd841af21..91e89b621 100644 --- a/lib/cli/nodewizardcommand.cpp +++ b/lib/cli/nodewizardcommand.cpp @@ -230,7 +230,7 @@ wizard_endpoint_loop_start: } /* workaround for fetching the master cert */ - String pki_path = ApiListener::GetPkiDir(); + String pki_path = ApiListener::GetCertsDir(); Utility::MkDirP(pki_path, 0700); String user = ScriptGlobal::Get("RunAsUser"); @@ -498,7 +498,7 @@ wizard_ticket: cn = cn.Trim(); /* check whether the user wants to generate a new certificate or not */ - String existing_path = ApiListener::GetPkiDir() + "/" + cn + ".crt"; + String existing_path = ApiListener::GetCertsDir() + "/" + cn + ".crt"; std::cout << ConsoleColorTag(Console_Normal) << "Checking for existing certificates for common name '" << cn << "'...\n"; diff --git a/lib/remote/apilistener.cpp b/lib/remote/apilistener.cpp index e3a25b8f4..2f00d6da6 100644 --- a/lib/remote/apilistener.cpp +++ b/lib/remote/apilistener.cpp @@ -60,9 +60,9 @@ String ApiListener::GetApiDir(void) return Application::GetLocalStateDir() + "/lib/icinga2/api/"; } -String ApiListener::GetPkiDir(void) +String ApiListener::GetCertsDir(void) { - return Application::GetLocalStateDir() + "/lib/icinga2/pki/"; + return Application::GetLocalStateDir() + "/lib/icinga2/certs/"; } String ApiListener::GetCaDir(void) @@ -70,9 +70,9 @@ String ApiListener::GetCaDir(void) return Application::GetLocalStateDir() + "/lib/icinga2/ca/"; } -String ApiListener::GetPkiRequestsDir(void) +String ApiListener::GetCertificateRequestsDir(void) { - return Application::GetLocalStateDir() + "/lib/icinga2/pki-requests/"; + return Application::GetLocalStateDir() + "/lib/icinga2/certificate-requests/"; } void ApiListener::OnConfigLoaded(void) @@ -519,8 +519,8 @@ void ApiListener::SyncClient(const JsonRpcConnection::Ptr& aclient, const Endpoi JsonRpcConnection::SendCertificateRequest(aclient, MessageOrigin::Ptr(), String()); - if (Utility::PathExists(ApiListener::GetPkiRequestsDir())) - Utility::Glob(ApiListener::GetPkiRequestsDir() + "/*.json", boost::bind(&JsonRpcConnection::SendCertificateRequest, aclient, MessageOrigin::Ptr(), _1), GlobFile); + if (Utility::PathExists(ApiListener::GetCertificateRequestsDir())) + Utility::Glob(ApiListener::GetCertificateRequestsDir() + "/*.json", boost::bind(&JsonRpcConnection::SendCertificateRequest, aclient, MessageOrigin::Ptr(), _1), GlobFile); } /* Make sure that the config updates are synced diff --git a/lib/remote/apilistener.hpp b/lib/remote/apilistener.hpp index 57e9db267..72861f980 100644 --- a/lib/remote/apilistener.hpp +++ b/lib/remote/apilistener.hpp @@ -60,9 +60,9 @@ public: ApiListener(void); static String GetApiDir(void); - static String GetPkiDir(void); + static String GetCertsDir(void); static String GetCaDir(void); - static String GetPkiRequestsDir(void); + static String GetCertificateRequestsDir(void); void UpdateSSLContext(void); diff --git a/lib/remote/jsonrpcconnection-pki.cpp b/lib/remote/jsonrpcconnection-pki.cpp index 1bd68633f..e14be3feb 100644 --- a/lib/remote/jsonrpcconnection-pki.cpp +++ b/lib/remote/jsonrpcconnection-pki.cpp @@ -91,7 +91,7 @@ Value RequestCertificateHandler(const MessageOrigin::Ptr& origin, const Dictiona result->Set("fingerprint_request", certFingerprint); - String requestDir = ApiListener::GetPkiRequestsDir(); + String requestDir = ApiListener::GetCertificateRequestsDir(); String requestPath = requestDir + "/" + certFingerprint + ".json"; result->Set("ca", CertificateToString(cacert)); @@ -271,7 +271,7 @@ Value UpdateCertificateHandler(const MessageOrigin::Ptr& origin, const Dictionar return Empty; } - String requestDir = ApiListener::GetPkiRequestsDir(); + String requestDir = ApiListener::GetCertificateRequestsDir(); String requestPath = requestDir + "/" + certFingerprint + ".json"; std::cout << requestPath << "\n"; diff --git a/lib/remote/pkiutility.cpp b/lib/remote/pkiutility.cpp index f3eef9d36..c3d991755 100644 --- a/lib/remote/pkiutility.cpp +++ b/lib/remote/pkiutility.cpp @@ -419,7 +419,7 @@ Dictionary::Ptr PkiUtility::GetCertificateRequests(void) { Dictionary::Ptr requests = new Dictionary(); - String requestDir = ApiListener::GetPkiRequestsDir(); + String requestDir = ApiListener::GetCertificateRequestsDir(); if (Utility::PathExists(requestDir)) Utility::Glob(requestDir + "/*.json", boost::bind(&CollectRequestHandler, requests, _1), GlobFile);