tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

event::ExecuteCommand: add missing origin check 

Only handle messages with a trusted origin in
ClusterEvents::ExecuteCommandAPIHandler. Previously, it would not locally
execute any command but forward them to other nodes where they would then have
a trusted origin and be executed.
This commit is contained in:
Julian Brost 2021-06-07 17:15:00 +02:00
parent 0a362937b3
commit 8f585bd2ee
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
lib/icinga/clusterevents.cpp
View File

@ -736,6 +736,31 @@ Value ClusterEvents::ExecuteCommandAPIHandler(const MessageOrigin::Ptr& origin,
if (!listener)
return Empty;
if (!origin->IsLocal()) {
Endpoint::Ptr endpoint = origin->FromClient->GetEndpoint();
/* Discard messages from anonymous clients */
if (!endpoint) {
Log(LogNotice, "ClusterEvents") << "Discarding 'execute command' message from '"
<< origin->FromClient->GetIdentity() << "': Invalid endpoint origin (client not allowed).";
return Empty;
}
Zone::Ptr originZone = endpoint->GetZone();
Zone::Ptr localZone = Zone::GetLocalZone();
bool fromLocalZone = originZone == localZone;
Zone::Ptr parentZone = localZone->GetParent();
bool fromParentZone = parentZone && originZone == parentZone;
if (!fromLocalZone && !fromParentZone) {
Log(LogNotice, "ClusterEvents") << "Discarding 'execute command' message from '"
<< origin->FromClient->GetIdentity() << "': Unauthorized access.";
return Empty;
}
}
if (params->Contains("endpoint")) {
Endpoint::Ptr execEndpoint = Endpoint::GetByName(params->Get("endpoint"));