granicus.if.org Git - icinga2/blob - lib/cli/pkirequestcommand.cpp

   1 /******************************************************************************
   2  * Icinga 2                                                                   *
   3  * Copyright (C) 2012-2018 Icinga Development Team (https://icinga.com/)      *
   4  *                                                                            *
   5  * This program is free software; you can redistribute it and/or              *
   6  * modify it under the terms of the GNU General Public License                *
   7  * as published by the Free Software Foundation; either version 2             *
   8  * of the License, or (at your option) any later version.                     *
   9  *                                                                            *
  10  * This program is distributed in the hope that it will be useful,            *
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of             *
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the              *
  13  * GNU General Public License for more details.                               *
  14  *                                                                            *
  15  * You should have received a copy of the GNU General Public License          *
  16  * along with this program; if not, write to the Free Software Foundation     *
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.             *
  18  ******************************************************************************/
  19
  20 #include "cli/pkirequestcommand.hpp"
  21 #include "remote/pkiutility.hpp"
  22 #include "base/logger.hpp"
  23 #include "base/tlsutility.hpp"
  24 #include <iostream>
  25
  26 using namespace icinga;
  27 namespace po = boost::program_options;
  28
  29 REGISTER_CLICOMMAND("pki/request", PKIRequestCommand);
  30
  31 String PKIRequestCommand::GetDescription() const
  32 {
  33         return "Sends a PKI request to Icinga 2.";
  34 }
  35
  36 String PKIRequestCommand::GetShortDescription() const
  37 {
  38         return "requests a certificate";
  39 }
  40
  41 void PKIRequestCommand::InitParameters(boost::program_options::options_description& visibleDesc,
  42         boost::program_options::options_description& hiddenDesc) const
  43 {
  44         visibleDesc.add_options()
  45                 ("key", po::value<std::string>(), "Key file path (input)")
  46                 ("cert", po::value<std::string>(), "Certificate file path (input + output)")
  47                 ("ca", po::value<std::string>(), "CA file path (output)")
  48                 ("trustedcert", po::value<std::string>(), "Trusted certificate file path (input)")
  49                 ("host", po::value<std::string>(), "Icinga 2 host")
  50                 ("port", po::value<std::string>(), "Icinga 2 port")
  51                 ("ticket", po::value<std::string>(), "Icinga 2 PKI ticket");
  52 }
  53
  54 std::vector<String> PKIRequestCommand::GetArgumentSuggestions(const String& argument, const String& word) const
  55 {
  56         if (argument == "key" || argument == "cert" || argument == "ca" || argument == "trustedcert")
  57                 return GetBashCompletionSuggestions("file", word);
  58         else if (argument == "host")
  59                 return GetBashCompletionSuggestions("hostname", word);
  60         else if (argument == "port")
  61                 return GetBashCompletionSuggestions("service", word);
  62         else
  63                 return CLICommand::GetArgumentSuggestions(argument, word);
  64 }
  65
  66 /**
  67  * The entry point for the "pki request" CLI command.
  68  *
  69  * @returns An exit status.
  70  */
  71 int PKIRequestCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const
  72 {
  73         if (!vm.count("host")) {
  74                 Log(LogCritical, "cli", "Icinga 2 host (--host) must be specified.");
  75                 return 1;
  76         }
  77
  78         if (!vm.count("key")) {
  79                 Log(LogCritical, "cli", "Key input file path (--key) must be specified.");
  80                 return 1;
  81         }
  82
  83         if (!vm.count("cert")) {
  84                 Log(LogCritical, "cli", "Certificate output file path (--cert) must be specified.");
  85                 return 1;
  86         }
  87
  88         if (!vm.count("ca")) {
  89                 Log(LogCritical, "cli", "CA certificate output file path (--ca) must be specified.");
  90                 return 1;
  91         }
  92
  93         if (!vm.count("trustedcert")) {
  94                 Log(LogCritical, "cli", "Trusted certificate input file path (--trustedcert) must be specified.");
  95                 return 1;
  96         }
  97
  98         String port = "5665";
  99         String ticket;
 100
 101         if (vm.count("port"))
 102                 port = vm["port"].as<std::string>();
 103
 104         if (vm.count("ticket"))
 105                 ticket = vm["ticket"].as<std::string>();
 106
 107         return PkiUtility::RequestCertificate(vm["host"].as<std::string>(), port, vm["key"].as<std::string>(),
 108                 vm["cert"].as<std::string>(), vm["ca"].as<std::string>(), GetX509Certificate(vm["trustedcert"].as<std::string>()),
 109                 ticket);
 110 }