1 // Copyright (C) 2016-2021 Internet Systems Consortium, Inc. ("ISC")
2 //
3 // This Source Code Form is subject to the terms of the Mozilla Public
4 // License, v. 2.0. If a copy of the MPL was not distributed with this
5 // file, You can obtain one at http://mozilla.org/MPL/2.0/.
6 
7 #ifndef CTRL_AGENT_CFG_MGR_H
8 #define CTRL_AGENT_CFG_MGR_H
9 
10 #include <cc/data.h>
11 #include <hooks/hooks_config.h>
12 #include <http/auth_config.h>
13 #include <process/d_cfg_mgr.h>
14 #include <boost/pointer_cast.hpp>
15 #include <map>
16 #include <string>
17 
18 namespace isc {
19 namespace agent {
20 
21 class CtrlAgentCfgContext;
22 /// @brief Pointer to a configuration context.
23 typedef boost::shared_ptr<CtrlAgentCfgContext> CtrlAgentCfgContextPtr;
24 
25 /// @brief Control Agent Configuration Context.
26 ///
27 /// Implement the storage container for configuration context.
28 /// It provides a single enclosure for the storage of configuration parameters
29 /// and any other Control Agent specific information that needs to be accessible
30 /// during configuration parsing as well as to the application as a whole.
31 /// It is derived from the context base class, ConfigBase.
32 class CtrlAgentCfgContext : public process::ConfigBase {
33 public:
34 
35     /// @brief Default constructor
36     CtrlAgentCfgContext();
37 
38     /// @brief Creates a clone of this context object.
39     ///
40     /// Note this method does not do deep copy the information about control sockets.
41     /// That data is stored as ConstElementPtr (a shared pointer) to the actual data.
42     ///
43     /// @return A pointer to the new clone.
clone()44     virtual process::ConfigPtr clone() {
45         return (process::ConfigPtr(new CtrlAgentCfgContext(*this)));
46     }
47 
48     /// @brief Returns information about control socket
49     ///
50     /// This method returns Element tree structure that describes the control
51     /// socket (or null pointer if the socket is not defined for a particular
52     /// server type). This information is expected to be compatible with
53     /// data passed to @ref isc::config::CommandMgr::openCommandSocket.
54     ///
55     /// @param service server being controlled
56     /// @return pointer to the Element that holds control-socket map (or NULL)
57     isc::data::ConstElementPtr
58     getControlSocketInfo(const std::string& service) const;
59 
60     /// @brief Sets information about the control socket
61     ///
62     /// This method stores Element tree structure that describes the control
63     /// socket. This information is expected to be compatible with
64     /// data passed to @ref isc::config::CommandMgr::openCommandSocket.
65     ///
66     /// @param control_socket Element that holds control-socket map
67     /// @param service server being controlled
68     void setControlSocketInfo(const isc::data::ConstElementPtr& control_socket,
69                               const std::string& service);
70 
71     /// @brief Returns socket configuration summary in a textual format.
72     std::string getControlSocketInfoSummary() const;
73 
74     /// @brief Sets http-host parameter
75     ///
76     /// @param host Hostname or IP address where the agent's HTTP service
77     /// will be available.
setHttpHost(const std::string & host)78     void setHttpHost(const std::string& host) {
79         http_host_ = host;
80     }
81 
82     /// @brief Returns http-host parameter
83     ///
84     /// @return Hostname or IP address where the agent's HTTP service is
85     /// available.
getHttpHost()86     std::string getHttpHost() const {
87         return (http_host_);
88     }
89 
90     /// @brief Sets http port
91     ///
92     /// @param port sets the TCP port the HTTP server will listen on
setHttpPort(const uint16_t port)93     void setHttpPort(const uint16_t port) {
94         http_port_ = port;
95     }
96 
97     /// @brief Returns the TCP post the HTTP server will listen on
getHttpPort()98     uint16_t getHttpPort() const {
99         return (http_port_);
100     }
101 
102     /// @brief Sets HTTP authentication configuration.
103     ///
104     /// @note Only the basic HTTP authentication is supported.
105     ///
106     /// @param auth_config HTTP authentication configuration.
setAuthConfig(const isc::http::HttpAuthConfigPtr & auth_config)107     void setAuthConfig(const isc::http::HttpAuthConfigPtr& auth_config) {
108         auth_config_ = auth_config;
109     }
110 
111     /// @brief Returns HTTP authentication configuration
112     ///
113     /// @note Only the basic HTTP authentication is supported.
114     ///
115     /// @return HTTP authentication configuration.
getAuthConfig()116     const isc::http::HttpAuthConfigPtr& getAuthConfig() const {
117         return (auth_config_);
118     }
119 
120     /// @brief Sets trust-anchor parameter
121     ///
122     /// @param ca Trust anchor aka Certificate Authority (can be a file name
123     /// or a directory path).
setTrustAnchor(const std::string & ca)124     void setTrustAnchor(const std::string& ca) {
125         trust_anchor_ = ca;
126     }
127 
128     /// @brief Returns trust-anchor parameter
129     ///
130     /// @return Trust anchor aka Certificate Authority
getTrustAnchor()131     std::string getTrustAnchor() const {
132         return (trust_anchor_);
133     }
134 
135     /// @brief Sets cert-file parameter
136     ///
137     /// @param cert Server certificate file name
setCertFile(const std::string & cert)138     void setCertFile(const std::string& cert) {
139         cert_file_ = cert;
140     }
141 
142     /// @brief Returns cert-file parameter
143     ///
144     /// @return Server certificate file name
getCertFile()145     std::string getCertFile() const {
146         return (cert_file_);
147     }
148 
149     /// @brief Sets key-file parameter
150     ///
151     /// @param key Server private key file name
setKeyFile(const std::string & key)152     void setKeyFile(const std::string& key) {
153         key_file_ = key;
154     }
155 
156     /// @brief Returns key-file parameter
157     ///
158     /// @return Server private key file name
getKeyFile()159     std::string getKeyFile() const {
160         return (key_file_);
161     }
162 
163     /// @brief Sets cert-required parameter
164     ///
165     /// @param required Client certificates are required when true
166     /// (the default) or optional when false
setCertRequired(bool required)167     void setCertRequired(bool required) {
168         cert_required_ = required;
169     }
170 
171     /// @brief Returns cert-required parameter
172     ///
173     /// @return True when client certificates are required, false when they
174     /// are optional, the default is to require them (true).
getCertRequired()175     bool getCertRequired() const {
176         return (cert_required_);
177     }
178 
179     /// @brief Returns non-const reference to configured hooks libraries.
180     ///
181     /// @return non-const reference to configured hooks libraries.
getHooksConfig()182     isc::hooks::HooksConfig& getHooksConfig() {
183         return (hooks_config_);
184     }
185 
186     /// @brief Returns const reference to configured hooks libraries.
187     ///
188     /// @return const reference to configured hooks libraries.
getHooksConfig()189     const isc::hooks::HooksConfig& getHooksConfig() const {
190         return (hooks_config_);
191     }
192 
193     /// @brief Unparse a configuration object
194     ///
195     /// Returns an element which must parse into the same object, i.e.
196     /// @code
197     /// for all valid config C parse(parse(C)->toElement()) == parse(C)
198     /// @endcode
199     ///
200     /// @return a pointer to a configuration which can be parsed into
201     /// the initial configuration object
202     virtual isc::data::ElementPtr toElement() const;
203 
204 private:
205 
206     /// @brief Private copy constructor
207     ///
208     /// It is private to forbid anyone outside of this class to make copies.
209     /// The only legal way to copy a context is to call @ref clone().
210     ///
211     /// @param orig the original context to copy from
212     CtrlAgentCfgContext(const CtrlAgentCfgContext& orig);
213 
214     /// @brief Private assignment operator to avoid potential for slicing.
215     ///
216     /// @param rhs Context to be assigned.
217     CtrlAgentCfgContext& operator=(const CtrlAgentCfgContext& rhs);
218 
219     /// Socket information will be stored here (for all supported servers)
220     std::map<std::string, isc::data::ConstElementPtr> ctrl_sockets_;
221 
222     /// Hostname the CA should listen on.
223     std::string http_host_;
224 
225     /// TCP port the CA should listen on.
226     uint16_t http_port_;
227 
228     /// Trust anchor aka Certificate Authority (can be a file name or
229     /// a directory path).
230     std::string trust_anchor_;
231 
232     /// Server certificate file name.
233     std::string cert_file_;
234 
235     /// Server private key file name.
236     std::string key_file_;
237 
238     /// Client certificates requirement flag (default is true i.e. to
239     /// require them).
240     bool cert_required_;
241 
242     /// @brief Configured hooks libraries.
243     isc::hooks::HooksConfig hooks_config_;
244 
245     /// @brief Configured basic HTTP authentification clients.
246     isc::http::HttpAuthConfigPtr auth_config_;
247 };
248 
249 /// @brief Ctrl Agent Configuration Manager.
250 ///
251 /// Provides the mechanisms for managing the Control Agent application's
252 /// configuration.
253 class CtrlAgentCfgMgr : public process::DCfgMgrBase {
254 public:
255 
256     /// @brief Constructor.
257     CtrlAgentCfgMgr();
258 
259     /// @brief Destructor
260     virtual ~CtrlAgentCfgMgr();
261 
262     /// @brief Convenience method that returns the Control Agent configuration
263     /// context.
264     ///
265     /// @return returns a pointer to the configuration context.
getCtrlAgentCfgContext()266     CtrlAgentCfgContextPtr getCtrlAgentCfgContext() {
267         return (boost::dynamic_pointer_cast<CtrlAgentCfgContext>(getContext()));
268     }
269 
270     /// @brief Returns configuration summary in the textual format.
271     ///
272     /// @param selection Bitfield which describes the parts of the configuration
273     /// to be returned. This parameter is ignored for the Control Agent.
274     ///
275     /// @return Summary of the configuration in the textual format.
276     virtual std::string getConfigSummary(const uint32_t selection) override;
277 
278 protected:
279 
280     /// @brief Parses configuration of the Control Agent.
281     ///
282     /// @param config Pointer to a configuration specified for the agent.
283     /// @param check_only Boolean flag indicating if this method should
284     /// only verify correctness of the provided configuration.
285     /// @return Pointer to a result of configuration parsing.
286     virtual isc::data::ConstElementPtr
287     parse(isc::data::ConstElementPtr config, bool check_only) override;
288 
289     /// @brief Creates a new, blank CtrlAgentCfgContext context.
290     ///
291     ///
292     /// This method is used at the beginning of configuration process to
293     /// create a fresh, empty copy of a CtrlAgentCfgContext. This new context
294     /// will be populated during the configuration process and will replace the
295     /// existing context provided the configuration process completes without
296     /// error.
297     ///
298     /// @return Returns a ConfigPtr to the new context instance.
299     virtual process::ConfigPtr createNewContext() override;
300 
301     /// @brief Return a list of all paths that contain passwords or secrets.
302     ///
303     /// Used in @ref isc::process::DCfgMgrBase::redactConfig.
304     ///
305     /// @return the list of lists of sequential JSON map keys needed to reach
306     /// the passwords and secrets.
307     std::list<std::list<std::string>> jsonPathsToRedact() const final override;
308 };
309 
310 /// @brief Defines a shared pointer to CtrlAgentCfgMgr.
311 typedef boost::shared_ptr<CtrlAgentCfgMgr> CtrlAgentCfgMgrPtr;
312 
313 } // namespace isc::agent
314 } // namespace isc
315 
316 #endif // CTRL_AGENT_CFG_MGR_H
317