Kea 3.1.1
ca_process.cc
Go to the documentation of this file.
1// Copyright (C) 2016-2025 Internet Systems Consortium, Inc. ("ISC")
2//
3// This Source Code Form is subject to the terms of the Mozilla Public
4// License, v. 2.0. If a copy of the MPL was not distributed with this
5// file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
7#include <config.h>
8#include <asiolink/asio_wrapper.h>
9#include <asiolink/io_service_mgr.h>
10#include <agent/ca_process.h>
11#include <agent/ca_controller.h>
12#include <agent/ca_response_creator_factory.h>
13#include <agent/ca_log.h>
14#include <asiolink/io_address.h>
15#include <asiolink/io_error.h>
16#include <cc/command_interpreter.h>
17#include <config/timeouts.h>
18#include <util/filesystem.h>
19#include <boost/pointer_cast.hpp>
20
21using namespace isc::asiolink;
22using namespace isc::config;
23using namespace isc::data;
24using namespace isc::http;
25using namespace isc::process;
26using namespace isc::util::file;
27
28namespace isc {
29namespace agent {
30
31CtrlAgentProcess::CtrlAgentProcess(const char* name,
32 const asiolink::IOServicePtr& io_service)
33 : DProcessBase(name, io_service, DCfgMgrBasePtr(new CtrlAgentCfgMgr())) {
34}
35
38
39void
42
43void
44CtrlAgentProcess::run() {
45 LOG_INFO(agent_logger, CTRL_AGENT_STARTED).arg(VERSION);
46
47 LOG_WARN(agent_logger, CTRL_AGENT_IS_DEPRECATED);
48
49 if (!PathChecker::shouldEnforceSecurity()) {
50 LOG_WARN(agent_logger, CTRL_AGENT_SECURITY_CHECKS_DISABLED);
51 }
52
53 try {
54 // Register commands.
55 CtrlAgentControllerPtr controller =
56 boost::dynamic_pointer_cast<CtrlAgentController>(
57 CtrlAgentController::instance());
58 controller->registerCommands();
59
60 // Let's process incoming data or expiring timers in a loop until
61 // shutdown condition is detected.
62 while (!shouldShutdown()) {
63 runIO();
64 }
65 // Done so removing all listeners.
66 closeCommandSockets();
67 stopIOService();
68 } catch (const std::exception& ex) {
69 LOG_FATAL(agent_logger, CTRL_AGENT_FAILED).arg(ex.what());
70 try {
71 stopIOService();
72 } catch (...) {
73 // Ignore double errors
74 }
75 isc_throw(DProcessBaseError,
76 "Process run method failed: " << ex.what());
77 }
78
79 try {
80 // Deregister commands.
81 CtrlAgentControllerPtr controller =
82 boost::dynamic_pointer_cast<CtrlAgentController>(
83 CtrlAgentController::instance());
84 controller->deregisterCommands();
85 } catch (const std::exception&) {
86 // What to do? Simply ignore...
87 }
88
89 LOG_DEBUG(agent_logger, isc::log::DBGLVL_START_SHUT, CTRL_AGENT_RUN_EXIT);
90}
91
92size_t
93CtrlAgentProcess::runIO() {
94 // Handle events registered by hooks using external IOService objects.
95 IOServiceMgr::instance().pollIOServices();
96 size_t cnt = getIOService()->poll();
97 if (!cnt) {
98 cnt = getIOService()->runOne();
99 }
100 return (cnt);
101}
102
103isc::data::ConstElementPtr
104CtrlAgentProcess::shutdown(isc::data::ConstElementPtr /*args*/) {
105 setShutdownFlag(true);
106 return (isc::config::createAnswer(CONTROL_RESULT_SUCCESS,
107 "Control Agent is shutting down"));
108}
109
110isc::data::ConstElementPtr
111CtrlAgentProcess::configure(isc::data::ConstElementPtr config_set,
112 bool check_only) {
113 // System reconfiguration often poses an interesting issue whereby the
114 // configuration parsing is successful, but an attempt to use a new
115 // configuration is not. This will leave us in the inconsistent state
116 // when the configuration is in fact only partially applied and the
117 // system's ability to operate is impaired. The use of C++ lambda is
118 // a way to resolve this problem by injecting the code to the
119 // simpleParseConfig which performs an attempt to open new instance
120 // of the listener (if required). The lambda code will throw an
121 // exception if it fails and cause the simpleParseConfig to rollback
122 // configuration changes and report an error.
123 ConstElementPtr answer = getCfgMgr()->simpleParseConfig(config_set,
124 check_only,
125 [this]() {
126 ConfigPtr base_ctx = getCfgMgr()->getContext();
127 CtrlAgentCfgContextPtr
128 ctx = boost::dynamic_pointer_cast<CtrlAgentCfgContext>(base_ctx);
129
130 if (!ctx) {
131 isc_throw(Unexpected, "Internal logic error: bad context type");
132 }
133
135 IOAddress server_address("::");
136 try {
137 server_address = IOAddress(ctx->getHttpHost());
138
139 } catch (const IOError& e) {
140 isc_throw(BadValue, "Failed to convert " << ctx->getHttpHost()
141 << " to IP address:" << e.what());
142 }
143
144 uint16_t server_port = ctx->getHttpPort();
145
146 // Search for the specific connection and reuse the existing one if found.
147 auto it = sockets_.find(std::make_pair(server_address, server_port));
148 if (it != sockets_.end()) {
149 auto listener = it->second->listener_;
150 if (listener) {
151 // Reconfig keeping the same address and port.
152 if (listener->getTlsContext()) {
153 if (ctx->getTrustAnchor().empty()) {
154 // Can not switch from HTTPS to HTTP
155 LOG_ERROR(agent_logger, CTRL_AGENT_HTTPS_SERVICE_REUSE_FAILED)
156 .arg(server_address.toText())
157 .arg(server_port);
158 isc_throw(BadValue,
159 "Can not switch from HTTPS to HTTP sockets using the same address and port.");
160 } else {
161 // Apply TLS settings each time.
162 TlsContextPtr tls_context;
163 TlsContext::configure(tls_context,
164 TlsRole::SERVER,
165 ctx->getTrustAnchor(),
166 ctx->getCertFile(),
167 ctx->getKeyFile(),
168 ctx->getCertRequired());
169 // Overwrite the authentication setup and the http headers in the response creator config.
170 it->second->config_->setAuthConfig(ctx->getAuthConfig());
171 it->second->config_->setHttpHeaders(ctx->getHttpHeaders());
172 listener->setTlsContext(tls_context);
173 LOG_INFO(agent_logger, CTRL_AGENT_HTTPS_SERVICE_UPDATED)
174 .arg(server_address.toText())
175 .arg(server_port);
176 }
177 } else {
178 if (!ctx->getTrustAnchor().empty()) {
179 // Can not switch from HTTP to HTTPS
180 LOG_ERROR(agent_logger, CTRL_AGENT_HTTP_SERVICE_REUSE_FAILED)
181 .arg(server_address.toText())
182 .arg(server_port);
183 isc_throw(BadValue,
184 "Can not switch from HTTP to HTTPS sockets using the same address and port.");
185 } else {
186 // Overwrite the authentication setup and the http headers in the response creator config.
187 it->second->config_->setAuthConfig(ctx->getAuthConfig());
188 it->second->config_->setHttpHeaders(ctx->getHttpHeaders());
189 LOG_INFO(agent_logger, CTRL_AGENT_HTTP_SERVICE_UPDATED)
190 .arg(server_address.toText())
191 .arg(server_port);
192 }
193 }
194 }
195 // If the connection can be reused, mark it as usable.
196 it->second->usable_ = true;
197 } else {
198
199 // Connection not found so it needs to be created.
200 // When TLS is enabled configure it.
201 bool use_https = false;
202 TlsContextPtr tls_context;
203 if (!ctx->getCertFile().empty()) {
204 TlsContext::configure(tls_context,
205 TlsRole::SERVER,
206 ctx->getTrustAnchor(),
207 ctx->getCertFile(),
208 ctx->getKeyFile(),
209 ctx->getCertRequired());
210 use_https = true;
211 }
212
213 // Create response creator factory first. It will be used to
214 // generate response creators. Each response creator will be
215 // used to generate answer to specific request.
216 HttpResponseCreatorFactoryPtr rcf(new CtrlAgentResponseCreatorFactory());
217
218 // Create HTTP listener. It will open up a TCP socket and be
219 // prepared to accept incoming connection.
220 HttpListenerPtr http_listener
221 (new HttpListener(getIOService(),
222 server_address,
223 server_port,
224 tls_context,
225 rcf,
226 HttpListener::RequestTimeout(TIMEOUT_AGENT_RECEIVE_COMMAND),
227 HttpListener::IdleTimeout(TIMEOUT_AGENT_IDLE_CONNECTION_TIMEOUT)));
228
229 // Instruct the HTTP listener to actually open socket, install
230 // callback and start listening.
231 http_listener->start();
232
233 HttpSocketInfoPtr socket_info(new HttpSocketInfo());
234 socket_info->config_ = ctx;
235 socket_info->listener_ = http_listener;
236
237 sockets_[std::make_pair(server_address, server_port)] = socket_info;
238
239 // Ok, seems we're good to go.
240 if (use_https) {
241 LOG_INFO(agent_logger, CTRL_AGENT_HTTPS_SERVICE_STARTED)
242 .arg(server_address.toText())
243 .arg(server_port);
244 } else {
245 LOG_INFO(agent_logger, CTRL_AGENT_HTTP_SERVICE_STARTED)
246 .arg(server_address.toText())
247 .arg(server_port);
248 }
249 }
250
251 auto copy = sockets_;
252 for (auto const& data : copy) {
253 if (data.second->usable_) {
254 // If the connection can be used (just created) or reused, keep it
255 // in the list and clear the flag. It will be marked again on next
256 // configuration event if needed.
257 data.second->usable_ = false;
258 } else {
259 // If the connection can not be reused, stop it and remove it from the list.
260 data.second->listener_->stop();
261 auto it2 = sockets_.find(std::make_pair(data.second->config_->getHttpHost(),
262 data.second->config_->getHttpPort()));
263 if (it2 != sockets_.end()) {
264 sockets_.erase(it2);
265 }
266 }
267 }
268 });
269
270 int rcode = 0;
271 config::parseAnswer(rcode, answer);
272
274 try {
275 // Handle events registered by hooks using external IOService objects.
276 IOServiceMgr::instance().pollIOServices();
277 } catch (const std::exception& ex) {
278 std::ostringstream err;
279 err << "Error initializing hooks: "
280 << ex.what();
281 return (isc::config::createAnswer(CONTROL_RESULT_ERROR, err.str()));
282 }
283
284 return (answer);
285}
286
287void
288CtrlAgentProcess::closeCommandSockets() {
289 for (auto const& data : sockets_) {
290 data.second->listener_->stop();
291 }
292 sockets_.clear();
293 // We have stopped listeners but there may be some pending handlers
294 // related to these listeners. Need to invoke these handlers.
295 try {
296 getIOService()->poll();
297 } catch (...) {
298 }
299}
300
301CtrlAgentCfgMgrPtr
302CtrlAgentProcess::getCtrlAgentCfgMgr() {
303 return (boost::dynamic_pointer_cast<CtrlAgentCfgMgr>(getCfgMgr()));
304}
305
306ConstHttpListenerPtr
307CtrlAgentProcess::getHttpListener(HttpSocketInfoPtr info) const {
308 // Return the most recent listener or null.
309 if (info) {
310 auto it = sockets_.find(std::make_pair(info->config_->getHttpHost(), info->config_->getHttpPort()));
311 if (it != sockets_.end()) {
312 return (it->second->listener_);
313 }
314 } else if (sockets_.size()) {
315 return (sockets_.begin()->second->listener_);
316 }
317 return (ConstHttpListenerPtr());
318}
319
320bool
321CtrlAgentProcess::isListening() const {
322 // If there are is a listener, we're listening.
323 return (static_cast<bool>(getHttpListener()));
324}
325
326} // namespace isc::agent
327} // namespace isc
asio_wrapper.h
ca_controller.h
ca_log.h
ca_process.h
ca_response_creator_factory.h
isc::BadValue
A generic exception that is thrown if a parameter given to a method is considered invalid in that con...
Definition exceptions/exceptions.h:132
isc::Exception::what
virtual const char * what() const
Returns a C-style character string of the cause of the exception.
Definition exceptions/exceptions.cc:32
isc::Unexpected
A generic exception that is thrown when an unexpected error condition occurs.
Definition exceptions/exceptions.h:153
isc::agent::CtrlAgentCfgMgr
Ctrl Agent Configuration Manager.
Definition ca_cfg_mgr.h:271
isc::agent::CtrlAgentController::instance
static process::DControllerBasePtr & instance()
Static singleton instance method.
Definition ca_controller.cc:30
isc::agent::CtrlAgentProcess::isListening
bool isListening() const
Checks if the process is listening to the HTTP requests.
Definition ca_process.cc:321
isc::agent::CtrlAgentProcess::getHttpListener
isc::http::ConstHttpListenerPtr getHttpListener(HttpSocketInfoPtr info=HttpSocketInfoPtr()) const
Returns a const pointer to the HTTP listener.
Definition ca_process.cc:307
isc::agent::CtrlAgentProcess::shutdown
virtual isc::data::ConstElementPtr shutdown(isc::data::ConstElementPtr args)
Initiates the process's shutdown process.
Definition ca_process.cc:104
isc::agent::CtrlAgentProcess::~CtrlAgentProcess
virtual ~CtrlAgentProcess()
Destructor.
Definition ca_process.cc:36
isc::agent::CtrlAgentProcess::CtrlAgentProcess
CtrlAgentProcess(const char *name, const asiolink::IOServicePtr &io_service)
Constructor.
Definition ca_process.cc:31
isc::agent::CtrlAgentProcess::init
virtual void init()
Initialize the Control Agent process.
Definition ca_process.cc:40
isc::agent::CtrlAgentProcess::getCtrlAgentCfgMgr
CtrlAgentCfgMgrPtr getCtrlAgentCfgMgr()
Returns a pointer to the configuration manager.
Definition ca_process.cc:302
isc::agent::CtrlAgentProcess::configure
virtual isc::data::ConstElementPtr configure(isc::data::ConstElementPtr config_set, bool check_only=false)
Processes the given configuration.
Definition ca_process.cc:111
isc::agent::CtrlAgentProcess::closeCommandSockets
void closeCommandSockets()
Close http control sockets.
Definition ca_process.cc:288
isc::agent::CtrlAgentProcess::run
virtual void run()
Implements the process's event loop.
Definition ca_process.cc:44
isc::agent::CtrlAgentResponseCreatorFactory
HTTP response creator factory for Control Agent.
Definition ca_response_creator_factory.h:26
isc::http::HttpListener
HTTP listener.
Definition listener.h:52
isc::process::DProcessBaseError
Exception thrown if the process encountered an operational error.
Definition d_process.h:24
isc::process::DProcessBase::setShutdownFlag
void setShutdownFlag(bool value)
Sets the process shut down flag to the given value.
Definition d_process.h:162
isc::process::DProcessBase::DProcessBase
DProcessBase(const char *app_name, asiolink::IOServicePtr io_service, DCfgMgrBasePtr cfg_mgr)
Constructor.
Definition d_process.h:87
isc::process::DProcessBase::stopIOService
void stopIOService()
Convenience method for stopping IOservice processing.
Definition d_process.h:184
isc::process::DProcessBase::shouldShutdown
bool shouldShutdown() const
Checks if the process has been instructed to shut down.
Definition d_process.h:155
isc::process::DProcessBase::getIOService
asiolink::IOServicePtr & getIOService()
Fetches the controller's IOService.
Definition d_process.h:176
isc::process::DProcessBase::getCfgMgr
DCfgMgrBasePtr & getCfgMgr()
Fetches the process's configuration manager.
Definition d_process.h:191
isc::util::file::PathChecker::shouldEnforceSecurity
static bool shouldEnforceSecurity()
Indicates security checks should be enforced.
Definition filesystem.cc:351
command_interpreter.h
This file contains several functions and constants that are used for handling commands and responses ...
isc_throw
#define isc_throw(type, stream)
A shortcut macro to insert known values into exception arguments.
Definition exceptions/exceptions.h:210
io_address.h
io_error.h
io_service_mgr.h
LOG_ERROR
#define LOG_ERROR(LOGGER, MESSAGE)
Macro to conveniently test error output and log it.
Definition macros.h:32
LOG_INFO
#define LOG_INFO(LOGGER, MESSAGE)
Macro to conveniently test info output and log it.
Definition macros.h:20
LOG_WARN
#define LOG_WARN(LOGGER, MESSAGE)
Macro to conveniently test warn output and log it.
Definition macros.h:26
LOG_FATAL
#define LOG_FATAL(LOGGER, MESSAGE)
Macro to conveniently test fatal output and log it.
Definition macros.h:38
LOG_DEBUG
#define LOG_DEBUG(LOGGER, LEVEL, MESSAGE)
Macro to conveniently test debug output and log it.
Definition macros.h:14
isc::agent::CTRL_AGENT_HTTPS_SERVICE_UPDATED
const isc::log::MessageID CTRL_AGENT_HTTPS_SERVICE_UPDATED
Definition ca_messages.h:21
isc::agent::CtrlAgentCfgContextPtr
boost::shared_ptr< CtrlAgentCfgContext > CtrlAgentCfgContextPtr
Pointer to a configuration context.
Definition ca_cfg_mgr.h:24
isc::agent::CTRL_AGENT_HTTP_SERVICE_REUSE_FAILED
const isc::log::MessageID CTRL_AGENT_HTTP_SERVICE_REUSE_FAILED
Definition ca_messages.h:22
isc::agent::CTRL_AGENT_HTTP_SERVICE_UPDATED
const isc::log::MessageID CTRL_AGENT_HTTP_SERVICE_UPDATED
Definition ca_messages.h:24
isc::agent::CTRL_AGENT_HTTP_SERVICE_STARTED
const isc::log::MessageID CTRL_AGENT_HTTP_SERVICE_STARTED
Definition ca_messages.h:23
isc::agent::CTRL_AGENT_STARTED
const isc::log::MessageID CTRL_AGENT_STARTED
Definition ca_messages.h:28
isc::agent::agent_logger
isc::log::Logger agent_logger("ctrl-agent")
Control Agent logger.
Definition ca_log.h:18
isc::agent::CtrlAgentCfgMgrPtr
boost::shared_ptr< CtrlAgentCfgMgr > CtrlAgentCfgMgrPtr
Defines a shared pointer to CtrlAgentCfgMgr.
Definition ca_cfg_mgr.h:329
isc::agent::CtrlAgentControllerPtr
boost::shared_ptr< CtrlAgentController > CtrlAgentControllerPtr
Definition ca_controller.h:80
isc::agent::HttpSocketInfoPtr
boost::shared_ptr< HttpSocketInfo > HttpSocketInfoPtr
Pointer to a HttpSocketInfo object.
Definition ca_process.h:39
isc::agent::CTRL_AGENT_HTTPS_SERVICE_STARTED
const isc::log::MessageID CTRL_AGENT_HTTPS_SERVICE_STARTED
Definition ca_messages.h:20
isc::agent::CTRL_AGENT_RUN_EXIT
const isc::log::MessageID CTRL_AGENT_RUN_EXIT
Definition ca_messages.h:26
isc::agent::CTRL_AGENT_SECURITY_CHECKS_DISABLED
const isc::log::MessageID CTRL_AGENT_SECURITY_CHECKS_DISABLED
Definition ca_messages.h:27
isc::agent::CTRL_AGENT_HTTPS_SERVICE_REUSE_FAILED
const isc::log::MessageID CTRL_AGENT_HTTPS_SERVICE_REUSE_FAILED
Definition ca_messages.h:19
isc::agent::CTRL_AGENT_IS_DEPRECATED
const isc::log::MessageID CTRL_AGENT_IS_DEPRECATED
Definition ca_messages.h:25
isc::agent::CTRL_AGENT_FAILED
const isc::log::MessageID CTRL_AGENT_FAILED
Definition ca_messages.h:18
isc::config::parseAnswer
ConstElementPtr parseAnswer(int &rcode, const ConstElementPtr &msg)
Parses a standard config/command level answer and returns arguments or text status code.
Definition command_interpreter.cc:96
isc::config::TIMEOUT_AGENT_IDLE_CONNECTION_TIMEOUT
constexpr long TIMEOUT_AGENT_IDLE_CONNECTION_TIMEOUT
Timeout for the idle connection to be closed.
Definition timeouts.h:24
isc::config::CONTROL_RESULT_ERROR
const int CONTROL_RESULT_ERROR
Status code indicating a general failure.
Definition command_interpreter.h:45
isc::config::createAnswer
ConstElementPtr createAnswer(const int status_code, const std::string &text, const ConstElementPtr &arg)
Creates a standard config/command level answer message.
Definition command_interpreter.cc:34
isc::config::CONTROL_RESULT_SUCCESS
const int CONTROL_RESULT_SUCCESS
Status code indicating a successful operation.
Definition command_interpreter.h:42
isc::config::TIMEOUT_AGENT_RECEIVE_COMMAND
constexpr long TIMEOUT_AGENT_RECEIVE_COMMAND
Timeout for the Control Agent to receive command over the RESTful interface.
Definition timeouts.h:21
isc::data::copy
ElementPtr copy(ConstElementPtr from, int level)
Copy the data up to a nesting level.
Definition data.cc:1420
isc::data::ConstElementPtr
boost::shared_ptr< const Element > ConstElementPtr
Definition data.h:29
isc::http::ConstHttpListenerPtr
boost::shared_ptr< const HttpListener > ConstHttpListenerPtr
Pointer to the const HttpListener.
Definition listener.h:159
isc::http::HttpListenerPtr
boost::shared_ptr< HttpListener > HttpListenerPtr
Pointer to the HttpListener.
Definition listener.h:156
isc::http::HttpResponseCreatorFactoryPtr
boost::shared_ptr< HttpResponseCreatorFactory > HttpResponseCreatorFactoryPtr
Pointer to the HttpResponseCreatorFactory.
Definition response_creator_factory.h:54
isc::log::DBGLVL_START_SHUT
const int DBGLVL_START_SHUT
This is given a value of 0 as that is the level selected if debugging is enabled without giving a lev...
Definition log_dbglevels.h:50
isc::process::DCfgMgrBasePtr
boost::shared_ptr< DCfgMgrBase > DCfgMgrBasePtr
Defines a shared pointer to DCfgMgrBase.
Definition d_cfg_mgr.h:247
isc::process::ConfigPtr
boost::shared_ptr< ConfigBase > ConfigPtr
Non-const pointer to the ConfigBase.
Definition config_base.h:176
isc
Defines the logger used by the top-level component of kea-lfc.
Definition agent_parser.cc:148
isc::agent::HttpSocketInfo
Structure used to store HTTP/HTTPS connection data.
Definition ca_process.h:20
isc::http::HttpListener::IdleTimeout
Idle connection timeout.
Definition listener.h:67
isc::http::HttpListener::RequestTimeout
HTTP request timeout value.
Definition listener.h:56