icingaweb2/library/Icinga/Protocol/Commandpipe/Transport/SecureShell.php

<?php
// {{{ICINGA_LICENSE_HEADER}}}
// {{{ICINGA_LICENSE_HEADER}}}

namespace Icinga\Protocol\Commandpipe\Transport;

use RuntimeException;
use Zend_Config;
use Icinga\Logger\Logger;

/**
 * Command pipe transport class that uses ssh for connecting to a remote filesystem with the icinga.cmd pipe
 *
 * The remote host must have KeyAuth enabled for this user
 */
class SecureShell implements Transport
{
    /**
     * The remote host to connect to
     *
     * @var string
     */
    private $host = 'localhost';

    /**
     * The location of the icinga pipe on the remote host
     *
     * @var string
     */
    private $path = "/usr/local/icinga/var/rw/icinga.cmd";

    /**
     * The SSH port of the remote host
     *
     * @var int
     */
    private $port = 22;

    /**
     * The user to authenticate with on the remote host
     *
     * @var String
     */
    private $user = null;

    /**
     * Overwrite the target file of this Transport class using the given config from instances.ini
     *
     * @param   Zend_Config $config
     *
     * @see     Transport::setEndpoint()
     */
    public function setEndpoint(Zend_Config $config)
    {
        $this->host = isset($config->host) ? $config->host : 'localhost';
        $this->port = isset($config->port) ? $config->port : 22;
        $this->user = isset($config->user) ? $config->user : null;
        $this->path = isset($config->path) ? $config->path : '/usr/local/icinga/var/rw/icinga.cmd';
    }

    /**
     * Write the given external command to the command pipe
     *
     * @param   string $command
     *
     * @throws  RuntimeException When the command could not be sent to the remote Icinga host
     * @see     Transport::send()
     */
    public function send($command)
    {
        $retCode = 0;
        $output = array();
        Logger::debug(
            'Icinga instance is on different host, attempting to send command %s via ssh to %s:%s/%s',
            $command,
            $this->host,
            $this->port,
            $this->path
        );
        $hostConnector = $this->user ? $this->user . "@" . $this->host : $this->host;
        $command = escapeshellarg('['. time() .'] ' . $command);
        $sshCommand = sprintf(
            'ssh -o BatchMode=yes -o KbdInteractiveAuthentication=no %s -p %d'
          . ' "echo %s > %s" 2>&1',
            $hostConnector,
            $this->port,
            $command,
            $this->path
        );

        exec($sshCommand, $output, $retCode);
        Logger::debug("Command '%s' exited with %d: %s", $sshCommand, $retCode, $output);

        if ($retCode != 0) {
            $msg =  'Could not send command to remote Icinga host: '
                . implode(PHP_EOL, $output)
                . " (returncode $retCode)";
            Logger::error($msg);
            throw new RuntimeException($msg);
        }
    }
}
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`<?php`
Send commands: Review fixes refs #4441 2013-08-06 09:23:00 +02:00			`// {{{ICINGA_LICENSE_HEADER}}}`
			`// {{{ICINGA_LICENSE_HEADER}}}`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00
			`namespace Icinga\Protocol\Commandpipe\Transport;`

Fix SSH CommandPipe transport. Did anyone ever test this? 2014-03-20 15:04:52 +01:00			`use RuntimeException;`
			`use Zend_Config;`
			`use Icinga\Logger\Logger;`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`/**`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`* Command pipe transport class that uses ssh for connecting to a remote filesystem with the icinga.cmd pipe`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`*`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`* The remote host must have KeyAuth enabled for this user`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`*/`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`class SecureShell implements Transport`
			`{`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`/**`
			`* The remote host to connect to`
			`*`
			`* @var string`
			`*/`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`private $host = 'localhost';`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00
			`/**`
			`* The location of the icinga pipe on the remote host`
			`*`
			`* @var string`
			`*/`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`private $path = "/usr/local/icinga/var/rw/icinga.cmd";`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00
			`/**`
			`* The SSH port of the remote host`
			`*`
			`* @var int`
			`*/`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`private $port = 22;`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00
			`/**`
			`* The user to authenticate with on the remote host`
			`*`
			`* @var String`
			`*/`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`private $user = null;`

Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`/**`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`* Overwrite the target file of this Transport class using the given config from instances.ini`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`*`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`* @param Zend_Config $config`
			`*`
			`* @see Transport::setEndpoint()`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`*/`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`public function setEndpoint(Zend_Config $config)`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`{`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`$this->host = isset($config->host) ? $config->host : 'localhost';`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`$this->port = isset($config->port) ? $config->port : 22;`
			`$this->user = isset($config->user) ? $config->user : null;`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`$this->path = isset($config->path) ? $config->path : '/usr/local/icinga/var/rw/icinga.cmd';`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`}`

Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`/**`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`* Write the given external command to the command pipe`
			`*`
			`* @param string $command`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`*`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`* @throws RuntimeException When the command could not be sent to the remote Icinga host`
			`* @see Transport::send()`
Code style and comment fixes refs #4441 2013-08-01 17:48:36 +02:00			`*/`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`public function send($command)`
			`{`
			`$retCode = 0;`
			`$output = array();`
			`Logger::debug(`
			`'Icinga instance is on different host, attempting to send command %s via ssh to %s:%s/%s',`
			`$command,`
			`$this->host,`
			`$this->port,`
			`$this->path`
			`);`
			`$hostConnector = $this->user ? $this->user . "@" . $this->host : $this->host;`
Fix SSH CommandPipe transport. Did anyone ever test this? 2014-03-20 15:04:52 +01:00			`$command = escapeshellarg('['. time() .'] ' . $command);`
			`$sshCommand = sprintf(`
			`'ssh -o BatchMode=yes -o KbdInteractiveAuthentication=no %s -p %d'`
			`. ' "echo %s > %s" 2>&1',`
			`$hostConnector,`
			`$this->port,`
			`$command,`
			`$this->path`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`);`
Fix SSH CommandPipe transport. Did anyone ever test this? 2014-03-20 15:04:52 +01:00
			`exec($sshCommand, $output, $retCode);`
			`Logger::debug("Command '%s' exited with %d: %s", $sshCommand, $retCode, $output);`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00
			`if ($retCode != 0) {`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`$msg = 'Could not send command to remote Icinga host: '`
Send commands: Review fixes refs #4441 2013-08-06 09:23:00 +02:00			`. implode(PHP_EOL, $output)`
			`. " (returncode $retCode)";`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`Logger::error($msg);`
CS: Fix viloations for touched files in branch feature/backend-configuration-ui-3776 refs #3776 2013-08-21 11:02:53 +02:00			`throw new RuntimeException($msg);`
Extract the transport functions from the CommandPipe - The CommandPipe class now delegates submission of commands to the Transport classes (LocalPipe or SecureShell) - Added SSH options for non-interactive mode - Refactored tests refs #4441 2013-07-31 14:17:40 +02:00			`}`
			`}`
Send commands: Review fixes refs #4441 2013-08-06 09:23:00 +02:00			`}`