From a0c8f41d58c25d2ad60fbb6044276b2cba0b7b06 Mon Sep 17 00:00:00 2001
From: Michael Friedrich <michael.friedrich@icinga.com>
Date: Fri, 5 Apr 2019 09:30:26 +0200
Subject: [PATCH] Debug Console: Use our new I/O engine for HTTP requests
refs #7041
---
lib/cli/consolecommand.cpp | 363 ++++++++++++++++++++++++++-----------
lib/cli/consolecommand.hpp | 16 +-
2 files changed, 272 insertions(+), 107 deletions(-)
diff --git a/lib/cli/consolecommand.cpp b/lib/cli/consolecommand.cpp
index e35aa3567..868c66cd4 100644
--- a/lib/cli/consolecommand.cpp
+++ b/lib/cli/consolecommand.cpp
@@ -14,9 +14,26 @@
#include "base/unixsocket.hpp"
#include "base/utility.hpp"
#include "base/networkstream.hpp"
+#include "base/defer.hpp"
+#include "base/io-engine.hpp"
+#include "base/stream.hpp"
+#include "base/tcpsocket.hpp" /* include global icinga::Connect */
+#include <base/base64.hpp>
#include "base/exception.hpp"
+#include <boost/asio/ssl/context.hpp>
+#include <boost/beast/core/flat_buffer.hpp>
+#include <boost/beast/http/field.hpp>
+#include <boost/beast/http/message.hpp>
+#include <boost/beast/http/parser.hpp>
+#include <boost/beast/http/read.hpp>
+#include <boost/beast/http/status.hpp>
+#include <boost/beast/http/string_body.hpp>
+#include <boost/beast/http/verb.hpp>
+#include <boost/beast/http/write.hpp>
#include <iostream>
#include <fstream>
+
+
#ifdef HAVE_EDITLINE
#include "cli/editline.hpp"
#endif /* HAVE_EDITLINE */
@@ -25,7 +42,8 @@ using namespace icinga;
namespace po = boost::program_options;
static ScriptFrame *l_ScriptFrame;
-static ApiClient::Ptr l_ApiClient;
+static Url::Ptr l_Url;
+static std::shared_ptr<AsioTlsStream> l_TlsStream;
static String l_Session;
REGISTER_CLICOMMAND("console", ConsoleCommand);
@@ -167,24 +185,16 @@ char *ConsoleCommand::ConsoleCompleteHelper(const char *word, int state)
static std::vector<String> matches;
if (state == 0) {
- if (!l_ApiClient)
+ if (!l_Url)
matches = ConsoleHandler::GetAutocompletionSuggestions(word, *l_ScriptFrame);
else {
- boost::mutex mutex;
- boost::condition_variable cv;
- bool ready = false;
Array::Ptr suggestions;
- l_ApiClient->AutocompleteScript(l_Session, word, l_ScriptFrame->Sandboxed,
- std::bind(&ConsoleCommand::AutocompleteScriptCompletionHandler,
- std::ref(mutex), std::ref(cv), std::ref(ready),
- _1, _2,
- std::ref(suggestions)));
-
- {
- boost::mutex::scoped_lock lock(mutex);
- while (!ready)
- cv.wait(lock);
+ /* Remote debug console. */
+ try {
+ suggestions = AutoCompleteScript(l_Session, word, l_ScriptFrame->Sandboxed);
+ } catch (...) {
+ return nullptr; //Errors are just ignored here.
}
matches.clear();
@@ -227,14 +237,42 @@ int ConsoleCommand::Run(const po::variables_map& vm, const std::vector<std::stri
std::cout << "Icinga 2 (version: " << Application::GetAppVersion() << ")\n"
<< "Type $help to view available commands.\n";
-
String addrEnv = Utility::GetFromEnvironment("ICINGA2_API_URL");
if (!addrEnv.IsEmpty())
addr = addrEnv;
- if (vm.count("connect"))
+ /* Initialize remote connect parameters. */
+ if (vm.count("connect")) {
addr = vm["connect"].as<std::string>();
+ try {
+ l_Url = new Url(addr);
+ } catch (const std::exception& ex) {
+ Log(LogCritical, "ConsoleCommand", ex.what());
+ return EXIT_FAILURE;
+ }
+
+ String usernameEnv = Utility::GetFromEnvironment("ICINGA2_API_USERNAME");
+ String passwordEnv = Utility::GetFromEnvironment("ICINGA2_API_PASSWORD");
+
+ if (!usernameEnv.IsEmpty())
+ l_Url->SetUsername(usernameEnv);
+ if (!passwordEnv.IsEmpty())
+ l_Url->SetPassword(passwordEnv);
+
+ if (l_Url->GetPort().IsEmpty())
+ l_Url->SetPort("5665");
+
+ /* User passed --connect and wants to run the expression via REST API.
+ * Evaluate this now before any user input happens.
+ */
+ try {
+ l_TlsStream = ConsoleCommand::Connect();
+ } catch (const std::exception& ex) {
+ return EXIT_FAILURE;
+ }
+ }
+
String command;
bool syntaxOnly = false;
@@ -267,7 +305,8 @@ int ConsoleCommand::Run(const po::variables_map& vm, const std::vector<std::stri
return RunScriptConsole(scriptFrame, addr, session, command, commandFileName, syntaxOnly);
}
-int ConsoleCommand::RunScriptConsole(ScriptFrame& scriptFrame, const String& addr, const String& session, const String& commandOnce, const String& commandOnceFileName, bool syntaxOnly)
+int ConsoleCommand::RunScriptConsole(ScriptFrame& scriptFrame, const String& connectAddr, const String& session,
+ const String& commandOnce, const String& commandOnceFileName, bool syntaxOnly)
{
std::map<String, String> lines;
int next_line = 1;
@@ -294,30 +333,6 @@ int ConsoleCommand::RunScriptConsole(ScriptFrame& scriptFrame, const String& add
l_ScriptFrame = &scriptFrame;
l_Session = session;
- if (!addr.IsEmpty()) {
- Url::Ptr url;
-
- try {
- url = new Url(addr);
- } catch (const std::exception& ex) {
- Log(LogCritical, "ConsoleCommand", ex.what());
- return EXIT_FAILURE;
- }
-
- String usernameEnv = Utility::GetFromEnvironment("ICINGA2_API_USERNAME");
- String passwordEnv = Utility::GetFromEnvironment("ICINGA2_API_PASSWORD");
-
- if (!usernameEnv.IsEmpty())
- url->SetUsername(usernameEnv);
- if (!passwordEnv.IsEmpty())
- url->SetPassword(passwordEnv);
-
- if (url->GetPort().IsEmpty())
- url->SetPort("5665");
-
- l_ApiClient = new ApiClient(url->GetHost(), url->GetPort(), url->GetUsername(), url->GetPassword());
- }
-
while (std::cin.good()) {
String fileName;
@@ -405,7 +420,8 @@ incomplete:
Value result;
- if (!l_ApiClient) {
+ /* Local debug console. */
+ if (connectAddr.IsEmpty()) {
expr = ConfigCompiler::CompileText(fileName, command);
/* This relies on the fact that - for syntax errors - CompileText()
@@ -417,25 +433,23 @@ incomplete:
} else
result = true;
} else {
- boost::mutex mutex;
- boost::condition_variable cv;
- bool ready = false;
- boost::exception_ptr eptr;
-
- l_ApiClient->ExecuteScript(l_Session, command, scriptFrame.Sandboxed,
- std::bind(&ConsoleCommand::ExecuteScriptCompletionHandler,
- std::ref(mutex), std::ref(cv), std::ref(ready),
- _1, _2,
- std::ref(result), std::ref(eptr)));
-
- {
- boost::mutex::scoped_lock lock(mutex);
- while (!ready)
- cv.wait(lock);
- }
+ /* Remote debug console. */
+ try {
+ result = ExecuteScript(l_Session, command, scriptFrame.Sandboxed);
+ } catch (const ScriptError&) {
+ /* Re-throw the exception for the outside try-catch block. */
+ boost::rethrow_exception(boost::current_exception());
+ } catch (const std::exception& ex) {
+ Log(LogCritical, "ConsoleCommand")
+ << "HTTP query failed: " << ex.what();
- if (eptr)
- boost::rethrow_exception(eptr);
+#ifdef HAVE_EDITLINE
+ /* Ensures that the terminal state is reset */
+ rl_deprep_terminal();
+#endif /* HAVE_EDITLINE */
+
+ return EXIT_FAILURE;
+ }
}
if (commandOnce.IsEmpty()) {
@@ -504,60 +518,207 @@ incomplete:
return EXIT_SUCCESS;
}
-void ConsoleCommand::ExecuteScriptCompletionHandler(boost::mutex& mutex, boost::condition_variable& cv,
- bool& ready, const boost::exception_ptr& eptr, const Value& result, Value& resultOut, boost::exception_ptr& eptrOut)
+/**
+ * Connects to host:port and performs a TLS shandshake
+ *
+ * @returns AsioTlsStream pointer for future HTTP connections.
+ */
+std::shared_ptr<AsioTlsStream> ConsoleCommand::Connect()
{
- if (eptr) {
- try {
- boost::rethrow_exception(eptr);
- } catch (const ScriptError&) {
- eptrOut = boost::current_exception();
- } catch (const std::exception& ex) {
- Log(LogCritical, "ConsoleCommand")
- << "HTTP query failed: " << ex.what();
+ std::shared_ptr<boost::asio::ssl::context> sslContext;
-#ifdef HAVE_EDITLINE
- /* Ensures that the terminal state is resetted */
- rl_deprep_terminal();
-#endif /* HAVE_EDITLINE */
+ try {
+ sslContext = MakeAsioSslContext(Empty, Empty, Empty); //TODO: Add support for cert, key, ca parameters
+ } catch(const std::exception& ex) {
+ Log(LogCritical, "DebugConsole")
+ << "Cannot make SSL context: " << ex.what();
+ throw;
+ }
- Application::Exit(EXIT_FAILURE);
- }
+ String host = l_Url->GetHost();
+ String port = l_Url->GetPort();
+
+ std::shared_ptr<AsioTlsStream> stream = std::make_shared<AsioTlsStream>(IoEngine::Get().GetIoService(), *sslContext, host);
+
+ try {
+ icinga::Connect(stream->lowest_layer(), host, port);
+ } catch (const std::exception& ex) {
+ Log(LogWarning, "DebugConsole")
+ << "Cannot connect to REST API on host '" << host << "' port '" << port << "': " << ex.what();
+ throw;
}
- resultOut = result;
+ auto& tlsStream (stream->next_layer());
- {
- boost::mutex::scoped_lock lock(mutex);
- ready = true;
- cv.notify_all();
+ try {
+ tlsStream.handshake(tlsStream.client);
+ } catch (const std::exception& ex) {
+ Log(LogWarning, "DebugConsole")
+ << "TLS handshake with host '" << host << "' failed: " << ex.what();
+ throw;
}
+
+ return std::move(stream);
}
-void ConsoleCommand::AutocompleteScriptCompletionHandler(boost::mutex& mutex, boost::condition_variable& cv,
- bool& ready, const boost::exception_ptr& eptr, const Array::Ptr& result, Array::Ptr& resultOut)
+/**
+ * Sends the request via REST API and returns the parsed response.
+ *
+ * @param tlsStream Caller must prepare TLS stream/handshake.
+ * @param url Fully prepared Url object.
+ * @return A dictionary decoded from JSON.
+ */
+Dictionary::Ptr ConsoleCommand::SendRequest()
{
- if (eptr) {
- try {
- boost::rethrow_exception(eptr);
- } catch (const std::exception& ex) {
- Log(LogCritical, "ConsoleCommand")
- << "HTTP query failed: " << ex.what();
+ namespace beast = boost::beast;
+ namespace http = beast::http;
-#ifdef HAVE_EDITLINE
- /* Ensures that the terminal state is resetted */
- rl_deprep_terminal();
-#endif /* HAVE_EDITLINE */
+ l_TlsStream = ConsoleCommand::Connect();
- Application::Exit(EXIT_FAILURE);
- }
+ Defer s ([&]() {
+ l_TlsStream->next_layer().shutdown();
+ });
+
+ http::request<http::string_body> request(http::verb::post, std::string(l_Url->Format(false)), 10);
+
+ request.set(http::field::user_agent, "Icinga/DebugConsole/" + Application::GetAppVersion());
+ request.set(http::field::host, l_Url->GetHost() + ":" + l_Url->GetPort());
+
+ request.set(http::field::accept, "application/json");
+ request.set(http::field::authorization, "Basic " + Base64::Encode(l_Url->GetUsername() + ":" + l_Url->GetPassword()));
+
+ try {
+ http::write(*l_TlsStream, request);
+ l_TlsStream->flush();
+ } catch (const std::exception &ex) {
+ Log(LogWarning, "DebugConsole")
+ << "Cannot write HTTP request to REST API at URL '" << l_Url->Format(true) << "': " << ex.what();
+ throw;
+ }
+
+ http::parser<false, http::string_body> parser;
+ beast::flat_buffer buf;
+
+ try {
+ http::read(*l_TlsStream, buf, parser);
+ } catch (const std::exception &ex) {
+ Log(LogWarning, "DebugConsole")
+ << "Failed to parse HTTP response from REST API at URL '" << l_Url->Format(true) << "': " << ex.what();
+ throw;
+ }
+
+ auto &response(parser.get());
+
+ /* Handle HTTP errors first. */
+ if (response.result() != http::status::ok) {
+ String message = "HTTP request failed; Code: " + Convert::ToString(response.result())
+ + "; Body: " + response.body();
+ BOOST_THROW_EXCEPTION(ScriptError(message));
}
- resultOut = result;
+ Dictionary::Ptr jsonResponse;
+ auto &body(response.body());
- {
- boost::mutex::scoped_lock lock(mutex);
- ready = true;
- cv.notify_all();
+ //Log(LogWarning, "Console")
+ // << "Got response: " << response.body();
+
+ try {
+ jsonResponse = JsonDecode(body);
+ } catch (...) {
+ String message = "Cannot parse JSON response body: " + response.body();
+ BOOST_THROW_EXCEPTION(ScriptError(message));
+ }
+
+ return jsonResponse;
+}
+
+/**
+ * Executes the DSL script via HTTP and returns HTTP and user errors.
+ *
+ * @param session Local session handler.
+ * @param command The DSL string.
+ * @param sandboxed Whether to run this sandboxed.
+ * @return Result value, also contains user errors.
+ */
+Value ConsoleCommand::ExecuteScript(const String& session, const String& command, bool sandboxed)
+{
+ /* Extend the url parameters for the request. */
+ l_Url->SetPath({"v1", "console", "execute-script"});
+
+ l_Url->SetQuery({
+ {"session", session},
+ {"command", command},
+ {"sandboxed", sandboxed ? "1" : "0"}
+ });
+
+ Dictionary::Ptr jsonResponse = SendRequest();
+
+ /* Extract the result, and handle user input errors too. */
+ Array::Ptr results = jsonResponse->Get("results");
+ Value result;
+
+ if (results && results->GetLength() > 0) {
+ Dictionary::Ptr resultInfo = results->Get(0);
+
+ if (resultInfo->Get("code") >= 200 && resultInfo->Get("code") <= 299) {
+ result = resultInfo->Get("result");
+ } else {
+ String errorMessage = resultInfo->Get("status");
+
+ DebugInfo di;
+ Dictionary::Ptr debugInfo = resultInfo->Get("debug_info");
+
+ if (debugInfo) {
+ di.Path = debugInfo->Get("path");
+ di.FirstLine = debugInfo->Get("first_line");
+ di.FirstColumn = debugInfo->Get("first_column");
+ di.LastLine = debugInfo->Get("last_line");
+ di.LastColumn = debugInfo->Get("last_column");
+ }
+
+ bool incompleteExpression = resultInfo->Get("incomplete_expression");
+ BOOST_THROW_EXCEPTION(ScriptError(errorMessage, di, incompleteExpression));
+ }
}
+
+ return result;
}
+
+/**
+ * Executes the auto completion script via HTTP and returns HTTP and user errors.
+ *
+ * @param session Local session handler.
+ * @param command The auto completion string.
+ * @param sandboxed Whether to run this sandboxed.
+ * @return Result value, also contains user errors.
+ */
+Array::Ptr ConsoleCommand::AutoCompleteScript(const String& session, const String& command, bool sandboxed)
+{
+ /* Extend the url parameters for the request. */
+ l_Url->SetPath({ "v1", "console", "auto-complete-script" });
+
+ l_Url->SetQuery({
+ {"session", session},
+ {"command", command},
+ {"sandboxed", sandboxed ? "1" : "0"}
+ });
+
+ Dictionary::Ptr jsonResponse = SendRequest();
+
+ /* Extract the result, and handle user input errors too. */
+ Array::Ptr results = jsonResponse->Get("results");
+ Array::Ptr suggestions;
+
+ if (results && results->GetLength() > 0) {
+ Dictionary::Ptr resultInfo = results->Get(0);
+
+ if (resultInfo->Get("code") >= 200 && resultInfo->Get("code") <= 299) {
+ suggestions = resultInfo->Get("suggestions");
+ } else {
+ String errorMessage = resultInfo->Get("status");
+ BOOST_THROW_EXCEPTION(ScriptError(errorMessage));
+ }
+ }
+
+ return suggestions;
+}
\ No newline at end of file
diff --git a/lib/cli/consolecommand.hpp b/lib/cli/consolecommand.hpp
index f36f37cd9..95d6dce12 100644
--- a/lib/cli/consolecommand.hpp
+++ b/lib/cli/consolecommand.hpp
@@ -6,6 +6,9 @@
#include "cli/clicommand.hpp"
#include "base/exception.hpp"
#include "base/scriptframe.hpp"
+#include "base/tlsstream.hpp"
+#include "remote/url.hpp"
+
namespace icinga
{
@@ -29,7 +32,7 @@ public:
boost::program_options::options_description& hiddenDesc) const override;
int Run(const boost::program_options::variables_map& vm, const std::vector<std::string>& ap) const override;
- static int RunScriptConsole(ScriptFrame& scriptFrame, const String& addr = String(),
+ static int RunScriptConsole(ScriptFrame& scriptFrame, const String& connectAddr = String(),
const String& session = String(), const String& commandOnce = String(), const String& commandOnceFileName = String(),
bool syntaxOnly = false);
@@ -37,11 +40,12 @@ private:
mutable boost::mutex m_Mutex;
mutable boost::condition_variable m_CV;
- static void ExecuteScriptCompletionHandler(boost::mutex& mutex, boost::condition_variable& cv,
- bool& ready, const boost::exception_ptr& eptr, const Value& result, Value& resultOut,
- boost::exception_ptr& eptrOut);
- static void AutocompleteScriptCompletionHandler(boost::mutex& mutex, boost::condition_variable& cv,
- bool& ready, const boost::exception_ptr& eptr, const Array::Ptr& result, Array::Ptr& resultOut);
+ static std::shared_ptr<AsioTlsStream> Connect();
+
+ static Value ExecuteScript(const String& session, const String& command, bool sandboxed);
+ static Array::Ptr AutoCompleteScript(const String& session, const String& command, bool sandboxed);
+
+ static Dictionary::Ptr SendRequest();
#ifdef HAVE_EDITLINE
static char *ConsoleCompleteHelper(const char *word, int state);
--
2.40.0