Commit e18a25ec authored by Benoit Mortier's avatar Benoit Mortier
Browse files

Fixes: #943 argonaut should work on ssl mode https

parent 33b2e698
......@@ -20,7 +20,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>
#
#######################################################################
use strict;
use warnings;
......@@ -36,11 +36,13 @@ use Argonaut::Common qw(:ldap :file);
use Argonaut::ClientDaemon ();
my ($client_port,$logdir);
my ($client_port,$logdir,$protocol);
my $configfile = "/etc/argonaut/argonaut.conf";
my $logfile = "argonaut-client-management.log";
my $piddir = "/var/run/argonaut";
my $pidfile = "argonaut-client-management.pid";
my $keyfile = '/usr/share/argonaut/cert/server.key';
my $crtfile = '/usr/share/argonaut/cert/server.crt';
$SIG{TERM}=\&sig_int_handler;
......@@ -51,7 +53,7 @@ readConfig();
argonaut_create_dir($logdir);
my $log = Log::Handler->create_logger("argonaut-client-management");
$log->add(
file => {
filename => "$logdir/$logfile",
......@@ -80,7 +82,13 @@ $pid->write;
=pod
This just launch a JSONRPC server with ClientDaemon.pm methods.
=cut
my $server = JSON::RPC::Server::Daemon->new(LocalPort => $client_port);
my $server = JSON::RPC::Server::Daemon->new(
LocalPort => $client_port,
($protocol eq 'https') ? (SSL_server => 1,
SSL_key_file => $keyfile,
SSL_cert_file => $crtfile,)
: ()
);
$log->notice("argonaut-client-management started on port $client_port");
......@@ -96,15 +104,18 @@ No parameters needed
sub readConfig {
my $config = Config::IniFiles->new( -file => $configfile, -allowempty => 1, -nocase => 1);
my $client_ip = $config->val( client => "client_ip" ,"");
my $ldap_configfile = $config->val( ldap => "config" ,"/etc/ldap/ldap.conf");
my $ldap_dn = $config->val( ldap => "dn" ,"");
my $ldap_password = $config->val( ldap => "password" ,"");
my $settings = argonaut_get_client_settings($ldap_configfile,$ldap_dn,$ldap_password,$client_ip);
my $client_ip = $config->val( client => "client_ip" ,"");
my $server_ip = $config->val( server => "server_ip" ,"");
my $ldap_configfile = $config->val( ldap => "config" ,"/etc/ldap/ldap.conf");
my $ldap_dn = $config->val( ldap => "dn" ,"");
my $ldap_password = $config->val( ldap => "password" ,"");
my $server_settings = argonaut_get_server_settings($ldap_configfile,$ldap_dn,$ldap_password,$server_ip);
my $settings = argonaut_get_client_settings($ldap_configfile,$ldap_dn,$ldap_password,$client_ip);
$client_port = $settings->{'port'};
$logdir = $settings->{'logdir'};
$protocol = $server_settings->{'protocol'}
}
=pod
......
......@@ -197,7 +197,7 @@ sub do_action { # if ip pings, send the request
params => [$params],
};
my $res = $client->call($protocol.$ip.":".$client_port, $callobj);
my $res = $client->call($protocol."://".$ip.":".$client_port, $callobj);
if($res) {
if ($res->is_error) {
......@@ -416,6 +416,9 @@ POE::Session->create(
'set_error' => 'set_error',
'get_packages' => 'get_packages'
},
($protocol eq 'https') ? ( SslKey => '/usr/share/argonaut/cert/server.key',
SslCert => '/usr/share/argonaut/cert/server.crt')
: ()
);
$_[HEAP]{handlers} = {
"trigger_action_reinstall" => \&handler_fai,
......
......@@ -62,7 +62,7 @@ sub poe_init_server {
'PORT' => $self->{Port},
$self->{Address} ? ('ADDRESS' => $self->{Address} ) : (),
$self->{Hostname} ? ('HOSTNAME' => $self->{Hostname} ) : (),
$self->{SslKey} ? ('SSLKEYCERT' => ($self->{SslKey}, $self->{SslCert})) : (),
$self->{SslKey} ? ('SSLKEYCERT' => [$self->{SslKey}, $self->{SslCert}]) : (),
$self->{SslCacert} ? ('SSLINTERMEDIATECACERT' => $self->{SslCacert} ) : (),
'HANDLERS' => [
{
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment