CLI: Allow to list removed CSRs with 'ca list'

author Michael Friedrich <michael.friedrich@icinga.com>

Fri, 10 May 2019 15:57:42 +0000 (17:57 +0200)

committer Michael Friedrich <michael.friedrich@icinga.com>

Fri, 7 Jun 2019 08:33:55 +0000 (10:33 +0200)
author Michael Friedrich <michael.friedrich@icinga.com>
Fri, 10 May 2019 15:57:42 +0000 (17:57 +0200)
committer Michael Friedrich <michael.friedrich@icinga.com>
Fri, 7 Jun 2019 08:33:55 +0000 (10:33 +0200)
diff --git a/doc/11-cli-commands.md b/doc/11-cli-commands.md

index ca5e227c4a78a231bea97544e81fccb4bc435b7b..d05079a0821c192b3bd0d9f9c910b8fffab8679d 100644 (file)
--- a/doc/11-cli-commands.md
+++ b/doc/11-cli-commands.md
@@ -236,6 +236,7 @@ Command options:
    --all                     List all certificate signing requests, including
                              signed. Note: Old requests are automatically
                              cleaned by Icinga after 1 week.
+  --removed                 List all removed CSRs (for use with 'ca restore')
    --json                    encode output as JSON
  
  Report bugs at <https://github.com/Icinga/icinga2>
diff --git a/lib/cli/calistcommand.cpp b/lib/cli/calistcommand.cpp

index 829086b98235c40f83d67c7baf47d00187ffe070..64962ca5d14784c922648581a0dfcb5a58ec5923 100644 (file)
--- a/lib/cli/calistcommand.cpp
+++ b/lib/cli/calistcommand.cpp
@@ -29,6 +29,7 @@ void CAListCommand::InitParameters(boost::program_options::options_description&
  {
         visibleDesc.add_options()
                 ("all", "List all certificate signing requests, including signed. Note: Old requests are automatically cleaned by Icinga after 1 week.")
+               ("removed", "List all removed CSRs (for use with 'ca restore')")
                 ("json", "encode output as JSON");
  }
  
@@ -39,7 +40,7 @@ void CAListCommand::InitParameters(boost::program_options::options_description&
   */
  int CAListCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const
  {
-       Dictionary::Ptr requests = PkiUtility::GetCertificateRequests();
+       Dictionary::Ptr requests = PkiUtility::GetCertificateRequests(vm.count("removed"));
  
         if (vm.count("json"))
                 std::cout << JsonEncode(requests);
diff --git a/lib/remote/pkiutility.cpp b/lib/remote/pkiutility.cpp

index 350b993619c0ca8a89479769512be106a456997d..3fddd1a67a2cbee1ee8213af0df9389e223c66ac 100644 (file)
--- a/lib/remote/pkiutility.cpp
+++ b/lib/remote/pkiutility.cpp
@@ -18,6 +18,7 @@
  #include <fstream>
  #include <iostream>
  #include <boost/asio/ssl/context.hpp>
+#include <boost/filesystem/path.hpp>
  
  using namespace icinga;
  
@@ -368,8 +369,9 @@ static void CollectRequestHandler(const Dictionary::Ptr& requests, const String&
  
         Dictionary::Ptr result = new Dictionary();
  
-       String fingerprint = Utility::BaseName(requestFile);
-       fingerprint = fingerprint.SubStr(0, fingerprint.GetLength() - 5);
+       namespace fs = boost::filesystem;
+       fs::path file(requestFile.Begin(), requestFile.End());
+       String fingerprint = file.stem().string();
  
         String certRequestText = request->Get("cert_request");
         result->Set("cert_request", certRequestText);
@@ -414,14 +416,19 @@ static void CollectRequestHandler(const Dictionary::Ptr& requests, const String&
         requests->Set(fingerprint, result);
  }
  
-Dictionary::Ptr PkiUtility::GetCertificateRequests()
+Dictionary::Ptr PkiUtility::GetCertificateRequests(bool removed)
  {
         Dictionary::Ptr requests = new Dictionary();
  
         String requestDir = ApiListener::GetCertificateRequestsDir();
+       String ext = "json";
+
+       if (removed)
+               ext = "removed";
  
         if (Utility::PathExists(requestDir))
-               Utility::Glob(requestDir + "/*.json", std::bind(&CollectRequestHandler, requests, _1), GlobFile);
+               Utility::Glob(requestDir + "/*." + ext, std::bind(&CollectRequestHandler, requests, _1), GlobFile);
  
         return requests;
  }
+
diff --git a/lib/remote/pkiutility.hpp b/lib/remote/pkiutility.hpp

index cc5e67061a39919a453651c432662994c278d2e9..50d47e01a7420a81e271f34c1a22e01553491873 100644 (file)
--- a/lib/remote/pkiutility.hpp
+++ b/lib/remote/pkiutility.hpp
@@ -29,7 +29,7 @@ public:
                 const String& certfile, const String& cafile, const std::shared_ptr<X509>& trustedcert,
                 const String& ticket = String());
         static String GetCertificateInformation(const std::shared_ptr<X509>& certificate);
-       static Dictionary::Ptr GetCertificateRequests();
+       static Dictionary::Ptr GetCertificateRequests(bool removed = false);
  
  private:
         PkiUtility();
author	Michael Friedrich <michael.friedrich@icinga.com>
	Fri, 10 May 2019 15:57:42 +0000 (17:57 +0200)
committer	Michael Friedrich <michael.friedrich@icinga.com>
	Fri, 7 Jun 2019 08:33:55 +0000 (10:33 +0200)
doc/11-cli-commands.md		patch \| blob \| history
lib/cli/calistcommand.cpp		patch \| blob \| history
lib/remote/pkiutility.cpp		patch \| blob \| history
lib/remote/pkiutility.hpp		patch \| blob \| history