tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve error messages for CLI commands 

fixes #7395
This commit is contained in:
Gunnar Beutner 2014-10-20 13:16:22 +02:00
parent 06ba435cdd
commit b96e9d26a9
4 changed files with 83 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
lib/base/tlsutility.cpp
View File

@ -247,6 +247,8 @@ shared_ptr<X509> GetX509Certificate(const String& pemfile)
int MakeX509CSR(const String& cn, const String& keyfile, const String& csrfile, const String& certfile, bool ca)
{
char errbuf[120];
InitializeOpenSSL();
RSA *rsa = RSA_generate_key(4096, RSA_F4, NULL, NULL);
@ -255,7 +257,25 @@ int MakeX509CSR(const String& cn, const String& keyfile, const String& csrfile,
<< "Writing private key to '" << keyfile << "'.";
BIO *bio = BIO_new_file(const_cast<char *>(keyfile.CStr()), "w");
PEM_write_bio_RSAPrivateKey(bio, rsa, NULL, NULL, 0, NULL, NULL);
if (!bio) {
Log(LogCritical, "SSL")
<< "Error while opening private RSA key file '" << keyfile << "': " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
BOOST_THROW_EXCEPTION(openssl_error()
<< boost::errinfo_api_function("BIO_new_file")
<< errinfo_openssl_error(ERR_peek_error())
<< boost::errinfo_file_name(keyfile));
}
if (!PEM_write_bio_RSAPrivateKey(bio, rsa, NULL, NULL, 0, NULL, NULL)) {
Log(LogCritical, "SSL")
<< "Error while writing private RSA key to file '" << keyfile << "': " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
BOOST_THROW_EXCEPTION(openssl_error()
<< boost::errinfo_api_function("PEM_write_bio_RSAPrivateKey")
<< errinfo_openssl_error(ERR_peek_error())
<< boost::errinfo_file_name(keyfile));
}
BIO_free(bio);
#ifndef _WIN32
@ -276,9 +296,26 @@ int MakeX509CSR(const String& cn, const String& keyfile, const String& csrfile,
Log(LogInformation, "base")
<< "Writing X509 certificate to '" << certfile << "'.";
bio = BIO_new(BIO_s_file());
BIO_write_filename(bio, const_cast<char *>(certfile.CStr()));
PEM_write_bio_X509(bio, cert.get());
bio = BIO_new_file(const_cast<char *>(certfile.CStr()), "w");
if (!bio) {
Log(LogCritical, "SSL")
<< "Error while opening certificate file '" << certfile << "': " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
BOOST_THROW_EXCEPTION(openssl_error()
<< boost::errinfo_api_function("BIO_new_file")
<< errinfo_openssl_error(ERR_peek_error())
<< boost::errinfo_file_name(certfile));
}
if (!PEM_write_bio_X509(bio, cert.get())) {
Log(LogCritical, "SSL")
<< "Error while writing certificate to file '" << certfile << "': " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
BOOST_THROW_EXCEPTION(openssl_error()
<< boost::errinfo_api_function("PEM_write_bio_X509")
<< errinfo_openssl_error(ERR_peek_error())
<< boost::errinfo_file_name(certfile));
}
BIO_free(bio);
}
@ -299,9 +336,26 @@ int MakeX509CSR(const String& cn, const String& keyfile, const String& csrfile,
Log(LogInformation, "base")
<< "Writing certificate signing request to '" << csrfile << "'.";
bio = BIO_new(BIO_s_file());
BIO_write_filename(bio, const_cast<char *>(csrfile.CStr()));
PEM_write_bio_X509_REQ(bio, req);
bio = BIO_new_file(const_cast<char *>(csrfile.CStr()), "w");
if (!bio) {
Log(LogCritical, "SSL")
<< "Error while opening CSR file '" << csrfile << "': " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
BOOST_THROW_EXCEPTION(openssl_error()
<< boost::errinfo_api_function("BIO_new_file")
<< errinfo_openssl_error(ERR_peek_error())
<< boost::errinfo_file_name(csrfile));
}
if (!PEM_write_bio_X509_REQ(bio, req)) {
Log(LogCritical, "SSL")
<< "Error while writing CSR to file '" << csrfile << "': " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
BOOST_THROW_EXCEPTION(openssl_error()
<< boost::errinfo_api_function("PEM_write_bio_X509")
<< errinfo_openssl_error(ERR_peek_error())
<< boost::errinfo_file_name(csrfile));
}
BIO_free(bio);
X509_REQ_free(req);

13
lib/cli/featureenablecommand.cpp
View File

@ -96,6 +96,9 @@ int FeatureEnableCommand::Run(const boost::program_options::variables_map& vm, c
continue;
}
std::cout << "Enabling feature " << ConsoleColorTag(Console_ForegroundMagenta | Console_Bold) << feature
<< ConsoleColorTag(Console_Normal) << ". Make sure to restart Icinga 2 for these changes to take effect.\n";
#ifndef _WIN32
if (symlink(source.CStr(), target.CStr()) < 0) {
Log(LogCritical, "cli")
@ -107,18 +110,16 @@ int FeatureEnableCommand::Run(const boost::program_options::variables_map& vm, c
#else /* _WIN32 */
std::ofstream fp;
fp.open(target.CStr());
if (!fp) {
fp << "include \"../features-available/" << feature << ".conf\"" << std::endl;
fp.close();
if (fp.fail()) {
Log(LogCritical, "cli")
<< "Cannot enable feature '" << feature << "'. Failed to open file '" << target << "'.";
errors.push_back(feature);
continue;
}
fp << "include \"../features-available/" << feature << ".conf\"" << std::endl;
fp.close();
#endif /* _WIN32 */
std::cout << "Enabling feature " << ConsoleColorTag(Console_ForegroundMagenta | Console_Bold) << feature
<< ConsoleColorTag(Console_Normal) << ". Make sure to restart Icinga 2 for these changes to take effect.\n";
}
if (!errors.empty()) {

6
lib/cli/pkinewcacommand.cpp
View File

@ -71,5 +71,11 @@ int PKINewCACommand::Run(const boost::program_options::variables_map& vm, const
fp << "01";
fp.close();
if (fp.fail()) {
Log(LogCritical, "cli")
<< "Could not create serial file '" << serialpath << "'";
return 1;
}
return 0;
}

20
lib/cli/pkirequestcommand.cpp
View File

@ -153,27 +153,25 @@ int PKIRequestCommand::Run(const boost::program_options::variables_map& vm, cons
std::ofstream fpcert;
fpcert.open(certfile.CStr());
if (!fpcert) {
Log(LogCritical, "cli")
<< "Could not open certificate file '" << certfile << "' for writing.";
return 1;
}
fpcert << result->Get("cert");
fpcert.close();
if (fpcert.fail()) {
Log(LogCritical, "cli")
<< "Could not write certificate to file '" << certfile << "'.";
return 1;
}
std::ofstream fpca;
fpca.open(cafile.CStr());
fpca << result->Get("ca");
fpca.close();
if (!fpcert) {
if (fpca.fail()) {
Log(LogCritical, "cli")
<< "Could not open CA certificate file '" << cafile << "' for writing.";
return 1;
}
fpca << result->Get("ca");
fpca.close();
return 0;
}