diff options
| author | Ola Aunronning <olaa@yahooinc.com> | 2023-05-04 13:39:14 +0200 |
|---|---|---|
| committer | Ola Aunronning <olaa@yahooinc.com> | 2023-05-04 13:58:00 +0200 |
| commit | c1f3c9b22e44aeef9f6916ca0917caa95085c5f9 (patch) | |
| tree | 28be8ff6829ed928294ad8ff59335abbe79c505c /logforwarder | |
| parent | 5595b5cc462458e923d1873512967c1caa043d47 (diff) | |
vespa-logforwarder-start concatenates cert/key/ca
Diffstat (limited to 'logforwarder')
3 files changed, 33 insertions, 3 deletions
diff --git a/logforwarder/src/apps/vespa-logforwarder-start/cf-handler.cpp b/logforwarder/src/apps/vespa-logforwarder-start/cf-handler.cpp index 849c8311bd0..7a9ef50ce20 100644 --- a/logforwarder/src/apps/vespa-logforwarder-start/cf-handler.cpp +++ b/logforwarder/src/apps/vespa-logforwarder-start/cf-handler.cpp @@ -56,7 +56,15 @@ void CfHandler::doConfigure() { vespalib::string CfHandler::clientCertFile() const { static const vespalib::string certDir = "/var/lib/sia/certs/"; if (_lastConfig && !_lastConfig->role.empty()) { - return certDir + _lastConfig->role + ".pem"; + return certDir + _lastConfig->role + ".cert.pem"; + } + return ""; +} + +vespalib::string CfHandler::clientKeyFile() const { + static const vespalib::string certDir = "/var/lib/sia/keys/"; + if (_lastConfig && !_lastConfig->role.empty()) { + return certDir + _lastConfig->role + ".key.pem"; } return ""; } diff --git a/logforwarder/src/apps/vespa-logforwarder-start/cf-handler.h b/logforwarder/src/apps/vespa-logforwarder-start/cf-handler.h index ceaa0db1011..beca68b52ec 100644 --- a/logforwarder/src/apps/vespa-logforwarder-start/cf-handler.h +++ b/logforwarder/src/apps/vespa-logforwarder-start/cf-handler.h @@ -19,6 +19,7 @@ public: CfHandler(); virtual ~CfHandler(); vespalib::string clientCertFile() const; + vespalib::string clientKeyFile() const; void start(const char *configId); void check(); diff --git a/logforwarder/src/apps/vespa-logforwarder-start/splunk-starter.cpp b/logforwarder/src/apps/vespa-logforwarder-start/splunk-starter.cpp index 9c09a426ea7..23c2565b0af 100644 --- a/logforwarder/src/apps/vespa-logforwarder-start/splunk-starter.cpp +++ b/logforwarder/src/apps/vespa-logforwarder-start/splunk-starter.cpp @@ -36,6 +36,17 @@ cfFilePath(const vespalib::string &parent, const vespalib::string &filename) { return path + "/" + filename; } +void appendFile(FILE *target, const vespalib::string &filename) { + FILE *fp = fopen(filename.c_str(), "r"); + if (fp != NULL) { + int c; + while (EOF != (c = fgetc(fp))) { + fputc(c, target); + } + fclose(fp); + } +} + } // namespace <unnamed> void SplunkStarter::gotConfig(const LogforwarderConfig& config) { @@ -82,13 +93,23 @@ void SplunkStarter::gotConfig(const LogforwarderConfig& config) { } } vespalib::string clientCert = clientCertFile(); - if (! clientCert.empty()) { + vespalib::string clientKey = clientKeyFile(); + if (!clientCert.empty() && !clientKey.empty()) { + vespalib::string certPath = cfFilePath(config.splunkHome, "clientcert.pem"); + tmpPath = certPath + ".new"; + fp = fopen(tmpPath.c_str(), "w"); + appendFile(fp, clientCert); + appendFile(fp, clientKey); + appendFile(fp, "/etc/ssl/certs/ca-bundle.crt"); + fclose(fp); + rename(tmpPath.c_str(), certPath.c_str()); + path = cfFilePath(config.splunkHome, "outputs.conf"); tmpPath = path + ".new"; fp = fopen(tmpPath.c_str(), "w"); if (fp != NULL) { fprintf(fp, "[tcpout]\n"); - fprintf(fp, "clientCert = %s\n", clientCert.c_str()); + fprintf(fp, "clientCert = %s\n", certPath.c_str()); fclose(fp); rename(tmpPath.c_str(), path.c_str()); } |