diff --git a/doc/11-cli-commands.md b/doc/11-cli-commands.md index ca5e227c4..d05079a08 100644 --- a/doc/11-cli-commands.md +++ b/doc/11-cli-commands.md @@ -236,6 +236,7 @@ Command options: --all List all certificate signing requests, including signed. Note: Old requests are automatically cleaned by Icinga after 1 week. + --removed List all removed CSRs (for use with 'ca restore') --json encode output as JSON Report bugs at diff --git a/lib/cli/calistcommand.cpp b/lib/cli/calistcommand.cpp index 829086b98..64962ca5d 100644 --- a/lib/cli/calistcommand.cpp +++ b/lib/cli/calistcommand.cpp @@ -29,6 +29,7 @@ void CAListCommand::InitParameters(boost::program_options::options_description& { visibleDesc.add_options() ("all", "List all certificate signing requests, including signed. Note: Old requests are automatically cleaned by Icinga after 1 week.") + ("removed", "List all removed CSRs (for use with 'ca restore')") ("json", "encode output as JSON"); } @@ -39,7 +40,7 @@ void CAListCommand::InitParameters(boost::program_options::options_description& */ int CAListCommand::Run(const boost::program_options::variables_map& vm, const std::vector& ap) const { - Dictionary::Ptr requests = PkiUtility::GetCertificateRequests(); + Dictionary::Ptr requests = PkiUtility::GetCertificateRequests(vm.count("removed")); if (vm.count("json")) std::cout << JsonEncode(requests); diff --git a/lib/remote/pkiutility.cpp b/lib/remote/pkiutility.cpp index 350b99361..3fddd1a67 100644 --- a/lib/remote/pkiutility.cpp +++ b/lib/remote/pkiutility.cpp @@ -18,6 +18,7 @@ #include #include #include +#include using namespace icinga; @@ -368,8 +369,9 @@ static void CollectRequestHandler(const Dictionary::Ptr& requests, const String& Dictionary::Ptr result = new Dictionary(); - String fingerprint = Utility::BaseName(requestFile); - fingerprint = fingerprint.SubStr(0, fingerprint.GetLength() - 5); + namespace fs = boost::filesystem; + fs::path file(requestFile.Begin(), requestFile.End()); + String fingerprint = file.stem().string(); String certRequestText = request->Get("cert_request"); result->Set("cert_request", certRequestText); @@ -414,14 +416,19 @@ static void CollectRequestHandler(const Dictionary::Ptr& requests, const String& requests->Set(fingerprint, result); } -Dictionary::Ptr PkiUtility::GetCertificateRequests() +Dictionary::Ptr PkiUtility::GetCertificateRequests(bool removed) { Dictionary::Ptr requests = new Dictionary(); String requestDir = ApiListener::GetCertificateRequestsDir(); + String ext = "json"; + + if (removed) + ext = "removed"; if (Utility::PathExists(requestDir)) - Utility::Glob(requestDir + "/*.json", std::bind(&CollectRequestHandler, requests, _1), GlobFile); + Utility::Glob(requestDir + "/*." + ext, std::bind(&CollectRequestHandler, requests, _1), GlobFile); return requests; } + diff --git a/lib/remote/pkiutility.hpp b/lib/remote/pkiutility.hpp index cc5e67061..50d47e01a 100644 --- a/lib/remote/pkiutility.hpp +++ b/lib/remote/pkiutility.hpp @@ -29,7 +29,7 @@ public: const String& certfile, const String& cafile, const std::shared_ptr& trustedcert, const String& ticket = String()); static String GetCertificateInformation(const std::shared_ptr& certificate); - static Dictionary::Ptr GetCertificateRequests(); + static Dictionary::Ptr GetCertificateRequests(bool removed = false); private: PkiUtility();