Commit daa1c2ae authored by Benoit Mortier's avatar Benoit Mortier
Browse files

Fixes: #943 argonaut should work on ssl mode https

parent 635e1a18
......@@ -822,11 +822,12 @@ sub argonaut_get_server_settings {
filter => $filter,
attrs => [ 'macAddress','argonautProtocol','argonautPort',
'argonautDeleteFinished','argonautIpTool',
'argonautWakeOnLanInterface','argonautLogDir' ]
'argonautWakeOnLanInterface','argonautLogDir',
'argonautKeyPath','argonautCertPath' ]
);
if(scalar($mesg->entries)==1) {
return {
my $settings = {
'mac' => ($mesg->entries)[0]->get_value("macAddress"),
'port' => ($mesg->entries)[0]->get_value("argonautPort"),
'protocol' => ($mesg->entries)[0]->get_value("argonautProtocol"),
......@@ -835,6 +836,14 @@ sub argonaut_get_server_settings {
'interface' => ($mesg->entries)[0]->get_value("argonautWakeOnLanInterface"),
'logdir' => ($mesg->entries)[0]->get_value("argonautLogDir")
};
if (($mesg->entries)[0]->get_value('argonautKeyPath') && ($mesg->entries)[0]->get_value('argonautCertPath')) {
$settings->{'keyfile'} = ($mesg->entries)[0]->get_value('argonautKeyPath');
$settings->{'certfile'} = ($mesg->entries)[0]->get_value('argonautCertPath');
} else {
$settings->{'keyfile'} = "";
$settings->{'certfile'} = "";
}
return $settings;
} else {
die 'Argonaut server ($ip) not found in LDAP';
}
......
......@@ -73,7 +73,12 @@ daemonize();
=pod
This just launch a JSONRPC server with ClientDaemon.pm methods.
=cut
my $server = JSON::RPC::Server::Daemon->new(LocalPort => $client_settings->{'port'});
my $server = JSON::RPC::Server::Daemon->new(
LocalPort => $client_settings->{'port'},
($client_settings->{'protocole'} eq 'https') ? (SSL_server => 1,
SSL_key_file => $client_settings->{'keyfile'},
SSL_cert_file => $client_settings->{'certfile'},)
: ());
$log->notice("argonaut-client-management started on port ".$client_settings->{'port'});
......
......@@ -53,7 +53,7 @@ use English qw(-no_match_vars);
use Socket;
my ($ldap_configfile,$ldap_dn,$ldap_password,$server_ip,
$protocol,$server_port,$iptool,$delete_finished_tasks,
$protocol,$sslkeyfile,$sslcertfile,$server_port,$iptool,$delete_finished_tasks,
$interface,$logdir,$packages_folder);
my $configfile = "/etc/argonaut/argonaut.conf";
my $logfile = "argonaut-server.log";
......@@ -122,6 +122,8 @@ sub readLdapConfig {
$delete_finished_tasks = $settings->{'delete_finished_tasks'};
$interface = $settings->{'interface'};
$logdir = $settings->{'logdir'};
$sslkeyfile = $settings->{'keyfile'};
$sslcertfile = $settings->{'certfile'};
$packages_folder = "/var/cache/argonaut/packages";
}
......@@ -408,6 +410,9 @@ POE::Session->create(
'set_error' => 'set_error',
'get_packages' => 'get_packages'
},
($protocol eq 'https') ? ( SslKey => $sslkeyfile,
SslCert => $sslcertfile)
: ()
);
$_[HEAP]{handlers} = {
"trigger_action_reinstall" => \&handler_fai,
......
......@@ -62,7 +62,7 @@ sub poe_init_server {
'PORT' => $self->{Port},
$self->{Address} ? ('ADDRESS' => $self->{Address} ) : (),
$self->{Hostname} ? ('HOSTNAME' => $self->{Hostname} ) : (),
$self->{SslKey} ? ('SSLKEYCERT' => ($self->{SslKey}, $self->{SslCert})) : (),
$self->{SslKey} ? ('SSLKEYCERT' => [$self->{SslKey}, $self->{SslCert}]) : (),
$self->{SslCacert} ? ('SSLINTERMEDIATECACERT' => $self->{SslCacert} ) : (),
'HANDLERS' => [
{
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment