tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix wrong cert path for CLI commands 

refs #5450
This commit is contained in:
Michael Friedrich 2017-09-06 14:38:35 +02:00 committed by Gunnar Beutner
parent a7fe6467ba
commit ce88e89cc0
3 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/cli/nodesetupcommand.cpp
View File

@ -176,9 +176,9 @@ int NodeSetupCommand::SetupMaster(const boost::program_options::variables_map& v
<< " * The API listener is used for distributed monitoring setups.\n" << " * The API listener is used for distributed monitoring setups.\n"
<< " */\n" << " */\n"
<< "object ApiListener \"api\" {\n" << "object ApiListener \"api\" {\n"
<< " cert_path = LocalStateDir + \"/lib/icinga2/pki/\" + NodeName + \".crt\"\n" << " cert_path = LocalStateDir + \"/lib/icinga2/certs/\" + NodeName + \".crt\"\n"
<< " key_path = LocalStateDir + \"/lib/icinga2/pki/\" + NodeName + \".key\"\n" << " key_path = LocalStateDir + \"/lib/icinga2/certs/\" + NodeName + \".key\"\n"
<< " ca_path = LocalStateDir + \"/lib/icinga2/pki/ca.crt\"\n"; << " ca_path = LocalStateDir + \"/lib/icinga2/certs/ca.crt\"\n";
if (vm.count("listen")) { if (vm.count("listen")) {
std::vector<String> tokens; std::vector<String> tokens;
@ -380,9 +380,9 @@ int NodeSetupCommand::SetupNode(const boost::program_options::variables_map& vm,
<< " * The API listener is used for distributed monitoring setups.\n" << " * The API listener is used for distributed monitoring setups.\n"
<< " */\n" << " */\n"
<< "object ApiListener \"api\" {\n" << "object ApiListener \"api\" {\n"
<< " cert_path = LocalStateDir + \"/lib/icinga2/pki/\" + NodeName + \".crt\"\n" << " cert_path = LocalStateDir + \"/lib/icinga2/certs/\" + NodeName + \".crt\"\n"
<< " key_path = LocalStateDir + \"/lib/icinga2/pki/\" + NodeName + \".key\"\n" << " key_path = LocalStateDir + \"/lib/icinga2/certs/\" + NodeName + \".key\"\n"
<< " ca_path = LocalStateDir + \"/lib/icinga2/pki/ca.crt\"\n"; << " ca_path = LocalStateDir + \"/lib/icinga2/certs/ca.crt\"\n";
if (vm.count("listen")) { if (vm.count("listen")) {
std::vector<String> tokens; std::vector<String> tokens;

16
lib/cli/nodewizardcommand.cpp
View File

@ -92,7 +92,7 @@ int NodeWizardCommand::Run(const boost::program_options::variables_map& vm,
* 5. Local CA * 5. Local CA
* 6. New self signed certificate * 6. New self signed certificate
* 7. Request signed certificate from master * 7. Request signed certificate from master
* 8. copy key information to /var/lib/icinga2/pki * 8. copy key information to /var/lib/icinga2/certs
* 9. enable ApiListener feature * 9. enable ApiListener feature
* 10. generate zones.conf with endpoints and zone objects * 10. generate zones.conf with endpoints and zone objects
* 11. set NodeName = cn in constants.conf * 11. set NodeName = cn in constants.conf
@ -407,9 +407,9 @@ wizard_ticket:
<< " * The API listener is used for distributed monitoring setups.\n" << " * The API listener is used for distributed monitoring setups.\n"
<< " */\n" << " */\n"
<< "object ApiListener \"api\" {\n" << "object ApiListener \"api\" {\n"
<< " cert_path = LocalStateDir + \"/lib/icinga2/pki/\" + NodeName + \".crt\"\n" << " cert_path = LocalStateDir + \"/lib/icinga2/certs/\" + NodeName + \".crt\"\n"
<< " key_path = LocalStateDir + \"/lib/icinga2/pki/\" + NodeName + \".key\"\n" << " key_path = LocalStateDir + \"/lib/icinga2/certs/\" + NodeName + \".key\"\n"
<< " ca_path = LocalStateDir + \"/lib/icinga2/pki/ca.crt\"\n" << " ca_path = LocalStateDir + \"/lib/icinga2/certs/ca.crt\"\n"
<< "\n" << "\n"
<< " accept_config = " << accept_config << "\n" << " accept_config = " << accept_config << "\n"
<< " accept_commands = " << accept_commands << "\n"; << " accept_commands = " << accept_commands << "\n";
@ -455,7 +455,7 @@ wizard_ticket:
NodeUtility::UpdateConstant("NodeName", cn); NodeUtility::UpdateConstant("NodeName", cn);
NodeUtility::UpdateConstant("ZoneName", cn); NodeUtility::UpdateConstant("ZoneName", cn);
String ticketPath = Application::GetLocalStateDir() + "/lib/icinga2/pki/ticket"; String ticketPath = ApiListener::GetCertsDir() + "/ticket";
String tempTicketPath = Utility::CreateTempFile(ticketPath + ".XXXXXX", 0600, fp); String tempTicketPath = Utility::CreateTempFile(ticketPath + ".XXXXXX", 0600, fp);
@ -553,9 +553,9 @@ wizard_ticket:
<< " * The API listener is used for distributed monitoring setups.\n" << " * The API listener is used for distributed monitoring setups.\n"
<< " */\n" << " */\n"
<< "object ApiListener \"api\" {\n" << "object ApiListener \"api\" {\n"
<< " cert_path = LocalStateDir + \"/lib/icinga2/pki/\" + NodeName + \".crt\"\n" << " cert_path = LocalStateDir + \"/lib/icinga2/certs/\" + NodeName + \".crt\"\n"
<< " key_path = LocalStateDir + \"/lib/icinga2/pki/\" + NodeName + \".key\"\n" << " key_path = LocalStateDir + \"/lib/icinga2/certs/\" + NodeName + \".key\"\n"
<< " ca_path = LocalStateDir + \"/lib/icinga2/pki/ca.crt\"\n"; << " ca_path = LocalStateDir + \"/lib/icinga2/certs/ca.crt\"\n";
if (!bind_host.IsEmpty()) if (!bind_host.IsEmpty())
fp << " bind_host = \"" << bind_host << "\"\n"; fp << " bind_host = \"" << bind_host << "\"\n";

3
lib/remote/jsonrpcconnection-pki.cpp
View File

@ -324,7 +324,8 @@ Value UpdateCertificateHandler(const MessageOrigin::Ptr& origin, const Dictionar
<< boost::errinfo_file_name(tempCertPath)); << boost::errinfo_file_name(tempCertPath));
} }
String ticketPath = Application::GetLocalStateDir() + "/lib/icinga2/pki/ticket"; /* Remove ticket for successful signing request. */
String ticketPath = ApiListener::GetCertsDir() + "/ticket";
if (unlink(ticketPath.CStr()) < 0 && errno != ENOENT) { if (unlink(ticketPath.CStr()) < 0 && errno != ENOENT) {
BOOST_THROW_EXCEPTION(posix_error() BOOST_THROW_EXCEPTION(posix_error()