mirror of https://github.com/Icinga/icinga2.git
Merge pull request #7391 from Icinga/feature/cluster-sync-avoid-non-utf-8
Cluster sync: Only sync valid UTF8 content (text config, no binaries)
This commit is contained in:
commit
ac4f92ca69
|
@ -172,6 +172,15 @@ Since the config sync change detection now uses checksums, this may fail
|
||||||
with anything else than syncing configuration text files. Syncing binary
|
with anything else than syncing configuration text files. Syncing binary
|
||||||
files were never supported, but rumors say that some users do so.
|
files were never supported, but rumors say that some users do so.
|
||||||
|
|
||||||
|
This is now prohibited and logged.
|
||||||
|
|
||||||
|
```
|
||||||
|
[2019-08-02 16:03:19 +0200] critical/ApiListener: Ignoring file '/etc/icinga2/zones.d/global-templates/forbidden.exe' for cluster config sync: Does not contain valid UTF8. Binary files are not supported.
|
||||||
|
Context:
|
||||||
|
(0) Creating config update for file '/etc/icinga2/zones.d/global-templates/forbidden.exe'
|
||||||
|
(1) Activating object 'api' of type 'ApiListener'
|
||||||
|
```
|
||||||
|
|
||||||
Such binaries wrapped into JSON-RPC cluster messages may always cause changes
|
Such binaries wrapped into JSON-RPC cluster messages may always cause changes
|
||||||
and trigger reload loops. In order to prevent such harm in production,
|
and trigger reload loops. In order to prevent such harm in production,
|
||||||
use infrastructure tools such as Foreman, Puppet, Ansible, etc. to install
|
use infrastructure tools such as Foreman, Puppet, Ansible, etc. to install
|
||||||
|
|
|
@ -794,12 +794,29 @@ void ApiListener::ConfigGlobHandler(ConfigDirInformation& config, const String&
|
||||||
*
|
*
|
||||||
* **Keep this intact to stay compatible with older clients.**
|
* **Keep this intact to stay compatible with older clients.**
|
||||||
*/
|
*/
|
||||||
if (Utility::Match("*.conf", file))
|
String sanitizedContent = Utility::ValidateUTF8(content);
|
||||||
|
|
||||||
|
if (Utility::Match("*.conf", file)) {
|
||||||
update = config.UpdateV1;
|
update = config.UpdateV1;
|
||||||
else
|
|
||||||
|
// Configuration files should be automatically sanitized with UTF8.
|
||||||
|
update->Set(relativePath, sanitizedContent);
|
||||||
|
} else {
|
||||||
update = config.UpdateV2;
|
update = config.UpdateV2;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Ensure that only valid UTF8 content is being read for the cluster config sync.
|
||||||
|
* Binary files are not supported when wrapped into JSON encoded messages.
|
||||||
|
* Rationale: https://github.com/Icinga/icinga2/issues/7382
|
||||||
|
*/
|
||||||
|
if (content != sanitizedContent) {
|
||||||
|
Log(LogCritical, "ApiListener")
|
||||||
|
<< "Ignoring file '" << file << "' for cluster config sync: Does not contain valid UTF8. Binary files are not supported.";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
update->Set(relativePath, content);
|
update->Set(relativePath, content);
|
||||||
|
}
|
||||||
|
|
||||||
/* Calculate a checksum for each file (and a global one later).
|
/* Calculate a checksum for each file (and a global one later).
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in New Issue