featureenablecommand.cpp featuredisablecommand.cpp featurelistcommand.cpp featureutility.cpp
objectlistcommand.cpp objectlistutility.cpp
pkinewcacommand.cpp pkinewcertcommand.cpp pkisigncsrcommand.cpp pkirequestcommand.cpp pkisavecertcommand.cpp pkiticketcommand.cpp
- pkiutility.cpp
repositoryclearchangescommand.cpp repositorycommitcommand.cpp repositoryobjectcommand.cpp repositoryutility.cpp
variablegetcommand.cpp variablelistcommand.cpp variableutility.cpp
troubleshootcommand.cpp
******************************************************************************/
#include "cli/apisetuputility.hpp"
-#include "cli/pkiutility.hpp"
#include "cli/nodeutility.hpp"
#include "cli/featureutility.hpp"
#include "remote/apilistener.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
#include "base/console.hpp"
#include "base/application.hpp"
#include "cli/calistcommand.hpp"
#include "remote/apilistener.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
#include "base/application.hpp"
#include "base/tlsutility.hpp"
("json", "encode output as JSON")
;
}
-static void CollectRequestHandler(const Dictionary::Ptr& requests, const String& requestFile)
-{
- Dictionary::Ptr request = Utility::LoadJsonFile(requestFile);
-
- if (!request)
- return;
-
- Dictionary::Ptr result = new Dictionary();
-
- String fingerprint = Utility::BaseName(requestFile);
- fingerprint = fingerprint.SubStr(0, fingerprint.GetLength() - 5);
-
- String certRequestText = request->Get("cert_request");
- result->Set("cert_request", certRequestText);
-
- Value vcertResponseText;
-
- if (request->Get("cert_response", &vcertResponseText)) {
- String certResponseText = vcertResponseText;
- result->Set("cert_response", certResponseText);
- }
-
- boost::shared_ptr<X509> certRequest = StringToCertificate(certRequestText);
-
- time_t now;
- time(&now);
- ASN1_TIME *tm = ASN1_TIME_adj(NULL, now, 0, 0);
-
- int day, sec;
- ASN1_TIME_diff(&day, &sec, tm, X509_get_notBefore(certRequest.get()));
-
- result->Set("timestamp", static_cast<double>(now) + day * 24 * 60 * 60 + sec);
-
- BIO *out = BIO_new(BIO_s_mem());
- X509_NAME_print_ex(out, X509_get_subject_name(certRequest.get()), 0, XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB);
-
- char *data;
- long length;
- length = BIO_get_mem_data(out, &data);
-
- result->Set("subject", String(data, data + length));
- BIO_free(out);
-
- requests->Set(fingerprint, result);
-}
/**
* The entry point for the "ca list" CLI command.
*/
int CAListCommand::Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const
{
- Dictionary::Ptr requests = new Dictionary();
-
- String requestDir = ApiListener::GetPkiRequestsDir();
-
- if (Utility::PathExists(requestDir))
- Utility::Glob(requestDir + "/*.json", boost::bind(&CollectRequestHandler, requests, _1), GlobFile);
+ Dictionary::Ptr requests = PkiUtility::GetCertificateRequests();
if (vm.count("json"))
std::cout << JsonEncode(requests);
#include "cli/nodesetupcommand.hpp"
#include "cli/nodeutility.hpp"
#include "cli/featureutility.hpp"
-#include "cli/pkiutility.hpp"
#include "cli/apisetuputility.hpp"
#include "remote/apilistener.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
#include "base/console.hpp"
#include "base/application.hpp"
#include "cli/nodewizardcommand.hpp"
#include "cli/nodeutility.hpp"
-#include "cli/pkiutility.hpp"
#include "cli/featureutility.hpp"
#include "cli/apisetuputility.hpp"
#include "remote/apilistener.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
#include "base/console.hpp"
#include "base/application.hpp"
******************************************************************************/
#include "cli/pkinewcacommand.hpp"
-#include "cli/pkiutility.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
using namespace icinga;
******************************************************************************/
#include "cli/pkinewcertcommand.hpp"
-#include "cli/pkiutility.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
using namespace icinga;
******************************************************************************/
#include "cli/pkirequestcommand.hpp"
-#include "cli/pkiutility.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
#include "base/tlsutility.hpp"
#include <iostream>
******************************************************************************/
#include "cli/pkisavecertcommand.hpp"
-#include "cli/pkiutility.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
#include "base/tlsutility.hpp"
******************************************************************************/
#include "cli/pkisigncsrcommand.hpp"
-#include "cli/pkiutility.hpp"
+#include "remote/pkiutility.hpp"
#include "base/logger.hpp"
using namespace icinga;
******************************************************************************/
#include "cli/pkiticketcommand.hpp"
-#include "cli/pkiutility.hpp"
+#include "remote/pkiutility.hpp"
#include "cli/variableutility.hpp"
#include "base/logger.hpp"
#include <iostream>
#include "icinga/notificationcommand.hpp"
#include "remote/apiaction.hpp"
#include "remote/apilistener.hpp"
+#include "remote/pkiutility.hpp"
#include "remote/httputility.hpp"
#include "base/utility.hpp"
#include "base/convert.hpp"
REGISTER_APIACTION(shutdown_process, "", &ApiActions::ShutdownProcess);
REGISTER_APIACTION(restart_process, "", &ApiActions::RestartProcess);
REGISTER_APIACTION(generate_ticket, "", &ApiActions::GenerateTicket);
+REGISTER_APIACTION(list_ca_requests, "", &ApiActions::ListCARequests);
+REGISTER_APIACTION(sign_ca_request, "", &ApiActions::SignCARequest);
Dictionary::Ptr ApiActions::CreateResult(int code, const String& status,
const Dictionary::Ptr& additional)
return ApiActions::CreateResult(200, "Generated PKI ticket '" + ticket + "' for common name '"
+ cn + "'.", additional);
}
+
+Dictionary::Ptr ApiActions::ListCARequests(const ConfigObject::Ptr&,
+ const Dictionary::Ptr& params)
+{
+ Dictionary::Ptr additional = new Dictionary();
+ additional->Set("requests", PkiUtility::GetCertificateRequests());
+
+ return ApiActions::CreateResult(200, "Listing all CA requests.", additional);
+}
+
+Dictionary::Ptr ApiActions::SignCARequest(const ConfigObject::Ptr&,
+ const Dictionary::Ptr& params)
+{
+ if (!params->Contains("fingerprint"))
+ return ApiActions::CreateResult(400, "Option 'fingerprint' is required.");
+
+
+}
static Dictionary::Ptr ShutdownProcess(const ConfigObject::Ptr& object, const Dictionary::Ptr& params);
static Dictionary::Ptr RestartProcess(const ConfigObject::Ptr& object, const Dictionary::Ptr& params);
static Dictionary::Ptr GenerateTicket(const ConfigObject::Ptr& object, const Dictionary::Ptr& params);
+ static Dictionary::Ptr ListCARequests(const ConfigObject::Ptr& object, const Dictionary::Ptr& params);
+ static Dictionary::Ptr SignCARequest(const ConfigObject::Ptr& object, const Dictionary::Ptr& params);
private:
static Dictionary::Ptr CreateResult(int code, const String& status, const Dictionary::Ptr& additional = Dictionary::Ptr());
httpchunkedencoding.cpp httpclientconnection.cpp httpserverconnection.cpp httphandler.cpp httprequest.cpp httpresponse.cpp
httputility.cpp infohandler.cpp jsonrpc.cpp jsonrpcconnection.cpp jsonrpcconnection-heartbeat.cpp jsonrpcconnection-pki.cpp
messageorigin.cpp modifyobjecthandler.cpp statushandler.cpp objectqueryhandler.cpp templatequeryhandler.cpp
+ pkiutility.cpp
typequeryhandler.cpp url.cpp variablequeryhandler.cpp zone.cpp zone.thpp
)
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. *
******************************************************************************/
-#include "cli/pkiutility.hpp"
-#include "cli/clicommand.hpp"
+#include "remote/pkiutility.hpp"
#include "remote/apilistener.hpp"
#include "base/logger.hpp"
#include "base/application.hpp"
return info.str();
}
+
+static void CollectRequestHandler(const Dictionary::Ptr& requests, const String& requestFile)
+{
+ Dictionary::Ptr request = Utility::LoadJsonFile(requestFile);
+
+ if (!request)
+ return;
+
+ Dictionary::Ptr result = new Dictionary();
+
+ String fingerprint = Utility::BaseName(requestFile);
+ fingerprint = fingerprint.SubStr(0, fingerprint.GetLength() - 5);
+
+ String certRequestText = request->Get("cert_request");
+ result->Set("cert_request", certRequestText);
+
+ Value vcertResponseText;
+
+ if (request->Get("cert_response", &vcertResponseText)) {
+ String certResponseText = vcertResponseText;
+ result->Set("cert_response", certResponseText);
+ }
+
+ boost::shared_ptr<X509> certRequest = StringToCertificate(certRequestText);
+
+ time_t now;
+ time(&now);
+ ASN1_TIME *tm = ASN1_TIME_adj(NULL, now, 0, 0);
+
+ int day, sec;
+ ASN1_TIME_diff(&day, &sec, tm, X509_get_notBefore(certRequest.get()));
+
+ result->Set("timestamp", static_cast<double>(now) + day * 24 * 60 * 60 + sec);
+
+ BIO *out = BIO_new(BIO_s_mem());
+ X509_NAME_print_ex(out, X509_get_subject_name(certRequest.get()), 0, XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB);
+
+ char *data;
+ long length;
+ length = BIO_get_mem_data(out, &data);
+
+ result->Set("subject", String(data, data + length));
+ BIO_free(out);
+
+ requests->Set(fingerprint, result);
+}
+
+Dictionary::Ptr PkiUtility::GetCertificateRequests(void)
+{
+ Dictionary::Ptr requests = new Dictionary();
+
+ String requestDir = ApiListener::GetPkiRequestsDir();
+
+ if (Utility::PathExists(requestDir))
+ Utility::Glob(requestDir + "/*.json", boost::bind(&CollectRequestHandler, requests, _1), GlobFile);
+
+ return requests;
+}
#ifndef PKIUTILITY_H
#define PKIUTILITY_H
-#include "base/i2-base.hpp"
-#include "cli/i2-cli.hpp"
+#include "remote/i2-remote.hpp"
#include "base/dictionary.hpp"
#include "base/string.hpp"
#include <openssl/x509v3.h>
{
/**
- * @ingroup cli
+ * @ingroup remote
*/
-class I2_CLI_API PkiUtility
+class I2_REMOTE_API PkiUtility
{
public:
static int NewCa(void);
const String& certfile, const String& cafile, const boost::shared_ptr<X509>& trustedcert,
const String& ticket = String());
static String GetCertificateInformation(const boost::shared_ptr<X509>& certificate);
+ static Dictionary::Ptr GetCertificateRequests(void);
private:
PkiUtility(void);
projects / icinga2 / commitdiff