From e80fd0fbfa90ee9acd703040a5dc6489165963e0 Mon Sep 17 00:00:00 2001
From: Gunnar Beutner <gunnar@beutner.name>
Date: Thu, 23 Oct 2014 15:05:12 +0200
Subject: [PATCH] Update the constants.conf file for "agent setup"

refs #7423
---
 lib/base/tlsutility.cpp       | 26 ++++++++++++++++++++++++
 lib/base/tlsutility.hpp       |  2 ++
 lib/cli/agentsetupcommand.cpp | 28 +++++++++++++++-----------
 lib/cli/agentutility.cpp      | 38 +++++++++++++++++++++++++++++++++++
 lib/cli/agentutility.hpp      |  1 +
 5 files changed, 83 insertions(+), 12 deletions(-)

diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
index ff8737f8e..ac9adf1f9 100644
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -503,4 +503,30 @@ String SHA256(const String& s)
 	return output;
 }
 
+String RandomString(int length)
+{
+	unsigned char *bytes = new unsigned char[length];
+
+	if (!RAND_bytes(bytes, length)) {
+		delete [] bytes;
+
+		char errbuf[120];
+
+		Log(LogCritical, "SSL")
+			<< "Error for RAND_bytes: " << ERR_peek_error() << ", \"" << ERR_error_string(ERR_peek_error(), errbuf) << "\"";
+		BOOST_THROW_EXCEPTION(openssl_error()
+			<< boost::errinfo_api_function("RAND_bytes")
+			<< errinfo_openssl_error(ERR_peek_error()));
+	}
+
+	char *output = new char[length * 2 + 1];
+	for (int i = 0; i < length; i++)
+		sprintf(output + 2 * i, "%02x", bytes[i]);
+
+	String result = output;
+	delete [] output;
+
+	return result;
+}
+
 }
diff --git a/lib/base/tlsutility.hpp b/lib/base/tlsutility.hpp
index c5f11f93d..fcd6af422 100644
--- a/lib/base/tlsutility.hpp
+++ b/lib/base/tlsutility.hpp
@@ -31,6 +31,7 @@
 #include <openssl/sha.h>
 #include <openssl/x509v3.h>
 #include <openssl/evp.h>
+#include <openssl/rand.h>
 
 namespace icinga
 {
@@ -47,6 +48,7 @@ String I2_BASE_API CertificateToString(const shared_ptr<X509>& cert);
 shared_ptr<X509> I2_BASE_API CreateCertIcingaCA(EVP_PKEY *pubkey, X509_NAME *subject);
 String I2_BASE_API PBKDF2_SHA1(const String& password, const String& salt, int iterations);
 String I2_BASE_API SHA256(const String& s);
+String I2_BASE_API RandomString(int length);
 
 class I2_BASE_API openssl_error : virtual public std::exception, virtual public boost::exception { };
 
diff --git a/lib/cli/agentsetupcommand.cpp b/lib/cli/agentsetupcommand.cpp
index 6034934e5..a31d7d0fe 100644
--- a/lib/cli/agentsetupcommand.cpp
+++ b/lib/cli/agentsetupcommand.cpp
@@ -21,13 +21,10 @@
 #include "cli/agentutility.hpp"
 #include "cli/featureutility.hpp"
 #include "cli/pkiutility.hpp"
-#include "config/configcompilercontext.hpp"
-#include "config/configcompiler.hpp"
-#include "config/configitembuilder.hpp"
 #include "base/logger.hpp"
 #include "base/console.hpp"
 #include "base/application.hpp"
-#include "base/dynamictype.hpp"
+#include "base/tlsutility.hpp"
 #include <boost/foreach.hpp>
 #include <boost/algorithm/string/classification.hpp>
 #include <boost/algorithm/string/join.hpp>
@@ -189,10 +186,16 @@ int AgentSetupCommand::SetupMaster(const boost::program_options::variables_map&
 		Log(LogWarning, "cli")
 			<< "CN '" << cn << "' does not match the default FQDN '" << Utility::GetFQDN() << "'. Requires update for NodeName constant in constants.conf!";
 	}
-	//Log(LogInformation, "cli")
-	//    << "Updating configuration with NodeName constant.";
 
-	//TODO requires parsing of constants.conf, editing the entry and dumping it again?
+	Log(LogInformation, "cli", "Updating constants.conf.");
+
+	AgentUtility::CreateBackupFile(Application::GetSysconfDir() + "/icinga2/constants.conf");
+
+	AgentUtility::UpdateConstant("NodeName", cn);
+
+	String salt = RandomString(16);
+
+	AgentUtility::UpdateConstant("TicketSalt", salt);
 
 	Log(LogInformation, "cli")
 	    << "Edit the api feature config file '" << api_path << "' and set a secure 'ticket_salt' attribute.";
@@ -228,8 +231,7 @@ int AgentSetupCommand::SetupAgent(const boost::program_options::variables_map& v
 	/* require master host information for auto-signing requests */
 
 	if (!vm.count("master_host")) {
-		Log(LogCritical, "cli")
-		    << "Please pass the master host connection information for auto-signing using '--master_host <host>'";
+		Log(LogCritical, "cli", "Please pass the master host connection information for auto-signing using '--master_host <host>'");
 		return 1;
 	}
 
@@ -327,10 +329,12 @@ int AgentSetupCommand::SetupAgent(const boost::program_options::variables_map& v
 		Log(LogWarning, "cli")
 		    << "CN '" << cn << "' does not match the default FQDN '" << Utility::GetFQDN() << "'. Requires update for NodeName constant in constants.conf!";
 	}
-	//Log(LogInformation, "cli")
-	//    << "Updating configuration with NodeName constant.";
 
-	//TODO requires parsing of constants.conf, editing the entry and dumping it again?
+	Log(LogInformation, "cli", "Updating constants.conf.");
+
+	AgentUtility::CreateBackupFile(Application::GetSysconfDir() + "/icinga2/constants.conf");
+
+	AgentUtility::UpdateConstant("NodeName", cn);
 
 	/* tell the user to reload icinga2 */
 
diff --git a/lib/cli/agentutility.cpp b/lib/cli/agentutility.cpp
index af49ff1ae..dcd37b5c4 100644
--- a/lib/cli/agentutility.cpp
+++ b/lib/cli/agentutility.cpp
@@ -151,6 +151,7 @@ bool AgentUtility::RemoveAgent(const String& name)
 		    << "Cannot remove agent repo. '" << GetAgentRepositoryFile(name) << "' does not exist.\n";
 		return false;
 	}
+
 	if (Utility::PathExists(GetAgentSettingsFile(name))) {
 		if (!RemoveAgentFile(GetAgentSettingsFile(name))) {
 			Log(LogWarning, "cli")
@@ -489,3 +490,40 @@ void AgentUtility::FormatArray(std::ostream& fp, const Array::Ptr& arr)
 
         fp << "]";
 }
+
+void AgentUtility::UpdateConstant(const String& name, const String& value)
+{
+	String constantsFile = Application::GetSysconfDir() + "/icinga2/constants.conf";
+	String tempFile = constantsFile + ".tmp";
+
+	std::ifstream ifp(constantsFile.CStr());
+	std::ofstream ofp(tempFile.CStr());
+
+	bool found = false;
+
+	std::string line;
+	while (std::getline(ifp, line)) {
+		if (line.find("const " + name + " = ") != std::string::npos) {
+			ofp << "const " + name + " = \"" + value + "\"\n";
+			found = true;
+		} else
+			ofp << line << "\n";
+	}
+
+	if (!found)
+		ofp << "const " + name + " = \"" + value + "\"\n";
+
+	ifp.close();
+	ofp.close();
+
+#ifdef _WIN32
+	_unlink(constantsFile.CStr());
+#endif /* _WIN32 */
+
+	if (rename(tempFile.CStr(), constantsFile.CStr()) < 0) {
+		BOOST_THROW_EXCEPTION(posix_error()
+			<< boost::errinfo_api_function("rename")
+			<< boost::errinfo_errno(errno)
+			<< boost::errinfo_file_name(constantsFile));
+	}
+}
diff --git a/lib/cli/agentutility.hpp b/lib/cli/agentutility.hpp
index 649ad6a0d..d15ae95b5 100644
--- a/lib/cli/agentutility.hpp
+++ b/lib/cli/agentutility.hpp
@@ -58,6 +58,7 @@ public:
 
 	static bool WriteAgentConfigObjects(const String& filename, const Array::Ptr& objects);
 
+	static void UpdateConstant(const String& name, const String& value);
 
 	/* agent setup helpers */
 	static int GenerateAgentIcingaConfig(const std::vector<std::string>& endpoints, const String& nodename);
-- 
2.40.0