d5/db4/ca__cfg__mgr_8cc_source.html

// Copyright (C) 2016-2024 Internet Systems Consortium, Inc. ("ISC")

//

// This Source Code Form is subject to the terms of the Mozilla Public

// License, v. 2.0. If a copy of the MPL was not distributed with this

// file, You can obtain one at http://mozilla.org/MPL/2.0/.


#include <config.h>


#include <agent/ca_cfg_mgr.h>

#include <agent/ca_log.h>

#include <agent/simple_parser.h>

#include <cc/simple_parser.h>

#include <cc/command_interpreter.h>

#include <http/basic_auth_config.h>

#include <exceptions/exceptions.h>


using namespace isc::config;

using namespace isc::dhcp;

using namespace isc::process;

using namespace isc::data;


namespace isc {

namespace agent {


CtrlAgentCfgContext::CtrlAgentCfgContext()

    : http_host_(""), http_port_(0),

      trust_anchor_(""), cert_file_(""), key_file_(""), cert_required_(true) {

}


CtrlAgentCfgContext::CtrlAgentCfgContext(const CtrlAgentCfgContext& orig)

    : ConfigBase(), ctrl_sockets_(orig.ctrl_sockets_),

      http_host_(orig.http_host_), http_port_(orig.http_port_),

      trust_anchor_(orig.trust_anchor_), cert_file_(orig.cert_file_),

      key_file_(orig.key_file_), cert_required_(orig.cert_required_),

      hooks_config_(orig.hooks_config_), auth_config_(orig.auth_config_) {

}


CtrlAgentCfgMgr::CtrlAgentCfgMgr()

    : DCfgMgrBase(ConfigPtr(new CtrlAgentCfgContext())) {

}


CtrlAgentCfgMgr::~CtrlAgentCfgMgr() {

}


std::string

CtrlAgentCfgMgr::getConfigSummary(const uint32_t /*selection*/) {


    CtrlAgentCfgContextPtr ctx = getCtrlAgentCfgContext();


    // First print the http stuff.

    std::ostringstream s;

    s << "listening on " << ctx->getHttpHost() << ", port "

      << ctx->getHttpPort();


    // When TLS is setup print its config.

    if (!ctx->getTrustAnchor().empty()) {

        s << ", trust anchor " << ctx->getTrustAnchor()

          << ", cert file " << ctx->getCertFile()

          << ", key file " << ctx->getKeyFile();

        if (ctx->getCertRequired()) {

            s << ", client certs are required";

        } else {

            s << ", client certs are optional";

        }

    }

    s << ", control sockets: ";


    // Then print the control-sockets

    s << ctx->getControlSocketInfoSummary();


    // Add something if authentication is required.

    const isc::http::HttpAuthConfigPtr& auth = ctx->getAuthConfig();

    if (auth && !auth->empty()) {

        s << ", requires basic HTTP authentication";

    }


    // Finally, print the hook libraries names

    const isc::hooks::HookLibsCollection libs = ctx->getHooksConfig().get();

    s << ", " << libs.size() << " lib(s):";

    for (auto const& lib : libs) {

        s << lib.first << " ";

    }


    return (s.str());

}


ConfigPtr

CtrlAgentCfgMgr::createNewContext() {

    return (ConfigPtr(new CtrlAgentCfgContext()));

}


ConstElementPtr

CtrlAgentCfgMgr::parse(ConstElementPtr config_set, bool check_only) {

    // Do a sanity check first.

    if (!config_set) {

        isc_throw(DhcpConfigError, "Mandatory config parameter not provided");

    }


    CtrlAgentCfgContextPtr ctx = getCtrlAgentCfgContext();


    // Set the defaults

    ElementPtr cfg = boost::const_pointer_cast<Element>(config_set);

    AgentSimpleParser::setAllDefaults(cfg);


    // And parse the configuration.

    ConstElementPtr answer;

    std::string excuse;

    try {

        // Do the actual parsing

        AgentSimpleParser parser;

        parser.checkTlsSetup(cfg);

        parser.parse(ctx, cfg, check_only);

    } catch (const isc::Exception& ex) {

        excuse = ex.what();

        answer = createAnswer(CONTROL_RESULT_ERROR, excuse);

    } catch (...) {

        excuse = "undefined configuration parsing error";

        answer = createAnswer(CONTROL_RESULT_ERROR, excuse);

    }


    // At this stage the answer was created only in case of exception.

    if (answer) {

        if (check_only) {

            LOG_ERROR(agent_logger, CTRL_AGENT_CONFIG_CHECK_FAIL).arg(excuse);

        } else {

            LOG_ERROR(agent_logger, CTRL_AGENT_CONFIG_FAIL).arg(excuse);

        }

        return (answer);

    }


    if (check_only) {

        answer = createAnswer(CONTROL_RESULT_SUCCESS,

                              "Configuration check successful");

    } else {

        answer = createAnswer(CONTROL_RESULT_SUCCESS,

                              "Configuration applied successfully.");

    }


    return (answer);

}


std::list<std::list<std::string>>

CtrlAgentCfgMgr::jsonPathsToRedact() const {

    static std::list<std::list<std::string>> const list({

        {"authentication", "clients", "[]"},

        {"hooks-libraries", "[]", "parameters", "*"},

    });

    return list;

}


data::ConstElementPtr

CtrlAgentCfgContext::getControlSocketInfo(const std::string& service) const {

    auto si = ctrl_sockets_.find(service);

    return ((si != ctrl_sockets_.end()) ? si->second : ConstElementPtr());

}


void

CtrlAgentCfgContext::setControlSocketInfo(const ConstElementPtr& control_socket,

                                          const std::string& service) {

    ctrl_sockets_[service] = control_socket;

}


std::string

CtrlAgentCfgContext::getControlSocketInfoSummary() const {

    std::ostringstream s;

    for (auto const& si : ctrl_sockets_) {

        if (s.tellp() != 0) {

            s << " ";

        }

        s << si.first;

    }


    if (s.tellp() == 0) {

        s << "none";

    }


    return (s.str());

}


ElementPtr

CtrlAgentCfgContext::toElement() const {

    ElementPtr ca = ConfigBase::toElement();

    // Set user-context

    contextToElement(ca);

    // Set http-host

    ca->set("http-host", Element::create(http_host_));

    // Set http-port

    ca->set("http-port", Element::create(static_cast<int64_t>(http_port_)));

    // Set TLS setup when enabled

    if (!trust_anchor_.empty()) {

        ca->set("trust-anchor", Element::create(trust_anchor_));

        ca->set("cert-file", Element::create(cert_file_));

        ca->set("key-file", Element::create(key_file_));

        ca->set("cert-required", Element::create(cert_required_));

    }

    // Set authentication

    if (auth_config_) {

        ca->set("authentication", auth_config_->toElement());

    }

    ca->set("hooks-libraries", hooks_config_.toElement());

    // Set control-sockets

    ElementPtr control_sockets = Element::createMap();

    for (auto const& si : ctrl_sockets_) {

        ConstElementPtr socket = UserContext::toElement(si.second);

        control_sockets->set(si.first, socket);

    }

    ca->set("control-sockets", control_sockets);

    // Set Control-agent

    ElementPtr result = Element::createMap();

    result->set("Control-agent", ca);


    return (result);

}


} // namespace isc::agent

} // namespace isc

basic_auth_config.h

simple_parser.h

ca_cfg_mgr.h

ca_log.h

isc::Exception
This is a base class for exceptions thrown from the DNS library module.
Definition: exceptions/exceptions.h:23

isc::Exception::what
virtual const char * what() const
Returns a C-style character string of the cause of the exception.
Definition: exceptions/exceptions.cc:32

isc::agent::AgentSimpleParser
Definition: bin/agent/simple_parser.h:23

isc::agent::AgentSimpleParser::checkTlsSetup
void checkTlsSetup(const isc::data::ConstElementPtr &config)
Check TLS setup consistency i.e.
Definition: bin/agent/simple_parser.cc:106

isc::agent::AgentSimpleParser::parse
void parse(const CtrlAgentCfgContextPtr &ctx, const isc::data::ConstElementPtr &config, bool check_only)
Parses the control agent configuration.
Definition: bin/agent/simple_parser.cc:133

isc::agent::AgentSimpleParser::setAllDefaults
static size_t setAllDefaults(const isc::data::ElementPtr &global)
Sets all defaults for Control Agent configuration.
Definition: bin/agent/simple_parser.cc:68

isc::agent::CtrlAgentCfgContext
Control Agent Configuration Context.
Definition: ca_cfg_mgr.h:32

isc::agent::CtrlAgentCfgContext::setControlSocketInfo
void setControlSocketInfo(const isc::data::ConstElementPtr &control_socket, const std::string &service)
Sets information about the control socket.
Definition: ca_cfg_mgr.cc:158

isc::agent::CtrlAgentCfgContext::toElement
virtual isc::data::ElementPtr toElement() const
Unparse a configuration object.
Definition: ca_cfg_mgr.cc:181

isc::agent::CtrlAgentCfgContext::CtrlAgentCfgContext
CtrlAgentCfgContext()
Default constructor.
Definition: ca_cfg_mgr.cc:25

isc::agent::CtrlAgentCfgContext::getControlSocketInfo
isc::data::ConstElementPtr getControlSocketInfo(const std::string &service) const
Returns information about control socket.
Definition: ca_cfg_mgr.cc:152

isc::agent::CtrlAgentCfgContext::getControlSocketInfoSummary
std::string getControlSocketInfoSummary() const
Returns socket configuration summary in a textual format.
Definition: ca_cfg_mgr.cc:164

isc::agent::CtrlAgentCfgMgr::jsonPathsToRedact
std::list< std::list< std::string > > jsonPathsToRedact() const final override
Return a list of all paths that contain passwords or secrets.
Definition: ca_cfg_mgr.cc:143

isc::agent::CtrlAgentCfgMgr::CtrlAgentCfgMgr
CtrlAgentCfgMgr()
Constructor.
Definition: ca_cfg_mgr.cc:38

isc::agent::CtrlAgentCfgMgr::createNewContext
virtual process::ConfigPtr createNewContext() override
Creates a new, blank CtrlAgentCfgContext context.
Definition: ca_cfg_mgr.cc:88

isc::agent::CtrlAgentCfgMgr::parse
virtual isc::data::ConstElementPtr parse(isc::data::ConstElementPtr config, bool check_only) override
Parses configuration of the Control Agent.
Definition: ca_cfg_mgr.cc:93

isc::agent::CtrlAgentCfgMgr::getCtrlAgentCfgContext
CtrlAgentCfgContextPtr getCtrlAgentCfgContext()
Convenience method that returns the Control Agent configuration context.
Definition: ca_cfg_mgr.h:266

isc::agent::CtrlAgentCfgMgr::getConfigSummary
virtual std::string getConfigSummary(const uint32_t selection) override
Returns configuration summary in the textual format.
Definition: ca_cfg_mgr.cc:46

isc::agent::CtrlAgentCfgMgr::~CtrlAgentCfgMgr
virtual ~CtrlAgentCfgMgr()
Destructor.
Definition: ca_cfg_mgr.cc:42

isc::data::Element::create
static ElementPtr create(const Position &pos=ZERO_POSITION())
Definition: data.cc:249

isc::data::Element::createMap
static ElementPtr createMap(const Position &pos=ZERO_POSITION())
Creates an empty MapElement type ElementPtr.
Definition: data.cc:304

isc::dhcp::DhcpConfigError
To be removed. Please use ConfigError instead.
Definition: dhcp_config_error.h:58

isc::hooks::HooksConfig::toElement
isc::data::ElementPtr toElement() const
Unparse a configuration object.
Definition: hooks_config.cc:106

isc::process::ConfigBase
Base class for all configurations.
Definition: config_base.h:33

isc::process::ConfigBase::toElement
virtual isc::data::ElementPtr toElement() const
Converts to Element representation.
Definition: config_base.cc:118

isc::process::DCfgMgrBase
Configuration Manager.
Definition: d_cfg_mgr.h:108

command_interpreter.h
This file contains several functions and constants that are used for handling commands and responses ...

exceptions.h

isc_throw
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
Definition: exceptions/exceptions.h:210

simple_parser.h

LOG_ERROR
#define LOG_ERROR(LOGGER, MESSAGE)
Macro to conveniently test error output and log it.
Definition: macros.h:32

isc::agent::CTRL_AGENT_CONFIG_CHECK_FAIL
const isc::log::MessageID CTRL_AGENT_CONFIG_CHECK_FAIL
Definition: ca_messages.h:15

isc::agent::CtrlAgentCfgContextPtr
boost::shared_ptr< CtrlAgentCfgContext > CtrlAgentCfgContextPtr
Pointer to a configuration context.
Definition: ca_cfg_mgr.h:23

isc::agent::agent_logger
isc::log::Logger agent_logger("ctrl-agent")
Control Agent logger.
Definition: ca_log.h:18

isc::agent::CTRL_AGENT_CONFIG_FAIL
const isc::log::MessageID CTRL_AGENT_CONFIG_FAIL
Definition: ca_messages.h:16

isc::config
Definition: command_interpreter.cc:23

isc::config::CONTROL_RESULT_ERROR
const int CONTROL_RESULT_ERROR
Status code indicating a general failure.
Definition: command_interpreter.h:45

isc::config::createAnswer
ConstElementPtr createAnswer()
Creates a standard config/command level success answer message (i.e.
Definition: command_interpreter.cc:54

isc::config::CONTROL_RESULT_SUCCESS
const int CONTROL_RESULT_SUCCESS
Status code indicating a successful operation.
Definition: command_interpreter.h:42

isc::data
Definition: base_stamped_element.cc:12

isc::data::ConstElementPtr
boost::shared_ptr< const Element > ConstElementPtr
Definition: data.h:29

isc::data::ElementPtr
boost::shared_ptr< Element > ElementPtr
Definition: data.h:28

isc::dhcp
Definition: dhcp4/client_handler.cc:20

isc::hooks::HookLibsCollection
std::vector< HookLibInfo > HookLibsCollection
A storage for information about hook libraries.
Definition: libinfo.h:31

isc::http::HttpAuthConfigPtr
boost::shared_ptr< HttpAuthConfig > HttpAuthConfigPtr
Type of shared pointers to HTTP authentication configuration.
Definition: auth_config.h:97

isc::process
Definition: cb_ctl_base.h:22

isc::process::ConfigPtr
boost::shared_ptr< ConfigBase > ConfigPtr
Non-const pointer to the ConfigBase.
Definition: config_base.h:176

isc
Defines the logger used by the top-level component of kea-lfc.
Definition: agent_parser.cc:148

isc::data::UserContext::contextToElement
void contextToElement(data::ElementPtr map) const
Merge unparse a user_context object.
Definition: user_context.cc:15

isc::data::UserContext::toElement
static data::ElementPtr toElement(data::ConstElementPtr map)
Copy an Element map.
Definition: user_context.cc:24