mir/kea
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/kea synced 2025-08-28 12:37:55 +00:00
Code Issues Releases Wiki Activity
37,462 Commits 2,665 Branches 726 Tags
Commit Graph

37462 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andrei Pavel
a7477f6ee2
[#3833] Add table in the security section 2025-05-20 13:03:17 +03:00
Francis Dupont
853f7093f5 [#3833] Added client before MySQL TLS settings 2025-05-20 09:50:23 +02:00
Francis Dupont
feab9b7711 [#3833] Added comma 2025-05-20 09:43:46 +02:00
Razvan Becheriu
5e21953fb9 [#3833] addressed review comments 2025-05-20 07:48:32 +03:00
Razvan Becheriu
0d2ff4ff5e [#3833] remove references to /tmp/ 2025-05-20 00:04:12 +03:00
Razvan Becheriu
f99b23a406 [#3833] updated security doc 2025-05-19 16:47:01 +03:00
Thomas Markwalder
8a3683dc9b [#3831] Removed /tmp example conf and .pre 
Changes to be committed:
    modified:   kea4/dhcpv4-over-dhcpv6.json
    modified:   netconf/simple-dhcp4.json
    modified:   netconf/simple-dhcp6.json
    modified:   ../../src/bin/keactrl/kea-ctrl-agent.conf.pre
    modified:   ../../src/bin/keactrl/kea-dhcp-ddns.conf.pre
    modified:   ../../src/bin/keactrl/kea-dhcp4.conf.pre
    modified:   ../../src/bin/keactrl/kea-dhcp6.conf.pre
    modified:   ../../src/bin/keactrl/kea-netconf.conf.pre
 2025-05-19 08:44:57 -04:00
Thomas Markwalder
2cb74fc0f8 [#3831] Fixed changelog 2025-05-19 08:38:55 -04:00
Thomas Markwalder
3eff752e56 [#3831] Added ChangeLog 2025-05-19 08:35:48 -04:00
Razvan Becheriu
5cf1a06cef [#3831] fix fuzz and permissions mask 2025-05-19 12:12:55 +00:00
Thomas Markwalder
3a5d4ea663 [#3831] Unrelated nit fixes 
modified:   doc/sphinx/arm/hooks.rst
modified:   doc/sphinx/arm/logging.rst
 2025-05-19 12:12:55 +00:00
Thomas Markwalder
37ae2585c0 [#3831] ARM Updates 
modified:   doc/sphinx/arm/agent.rst
modified:   doc/sphinx/arm/ddns.rst
modified:   doc/sphinx/arm/dhcp4-srv.rst
 2025-05-19 12:12:55 +00:00
Thomas Markwalder
6dd20109cc [#3831] Agent uses restricted socket paths 
modified:   ../../../doc/examples/agent/comments.json
modified:   ../../../doc/examples/agent/simple.json
modified:   ca_cfg_mgr.cc
modified:   ca_command_mgr.cc
modified:   simple_parser.cc
modified:   tests/ca_cfg_mgr_unittests.cc
modified:   tests/ca_command_mgr_unittests.cc
modified:   tests/ca_controller_unittests.cc
modified:   tests/get_config_unittest.cc
modified:   tests/parser_unittests.cc
modified:   tests/testdata/get_config.json
 2025-05-19 12:12:55 +00:00
Thomas Markwalder
17ebfa908c [#3831] Add UT for env override 
modified:   Makefile.am
modified:   meson.build
modified:   unix_command_config_unittests.cc
 2025-05-19 12:12:55 +00:00
Thomas Markwalder
6b721c4d3a [#3831] Update ARM 
modified:   ../../sphinx/arm/ddns.rst
modified:   ../../sphinx/arm/dhcp4-srv.rst
modified:   ../../sphinx/arm/dhcp6-srv.rst
 2025-05-19 12:12:55 +00:00
Thomas Markwalder
cc07755a2d [#3831] More UT fixes 
modified:   doc/examples/ddns/all-keys-netconf.json
modified:   doc/examples/ddns/all-keys.json
modified:   doc/examples/ddns/comments.json
modified:   doc/examples/ddns/sample1.json
modified:   doc/examples/ddns/template.json
modified:   src/bin/d2/tests/d2_cfg_mgr_unittests.cc
modified:   src/bin/d2/tests/d2_command_unittest.cc
modified:   src/bin/d2/tests/get_config_unittest.cc
modified:   src/bin/d2/tests/testdata/get_config.json
 2025-05-19 12:12:55 +00:00
Thomas Markwalder
3a5f553bd8 [#3831] Fix UTs 
modified:   src/bin/dhcp4/tests/config_parser_unittest.cc
modified:   src/bin/dhcp4/tests/ctrl_dhcp4_srv_unittest.cc
modified:   src/bin/dhcp4/tests/dhcp4_test_utils.h
modified:   src/bin/dhcp4/tests/get_config_unittest.cc
modified:   src/bin/dhcp6/tests/dhcp6_test_utils.h
modified:   src/bin/dhcp6/tests/get_config_unittest.cc
 2025-05-19 12:12:55 +00:00
Thomas Markwalder
16acf248d0 [#3831] Initial impl of restricted ctl sockets 
Working, have some UTs that still need to be fixed

/doc/examples/kea4/advanced.json
/doc/examples/kea4/all-keys-netconf.json
/doc/examples/kea4/all-keys-netconf.json
/doc/examples/kea4/all-keys.json
/doc/examples/kea4/comments.json
/doc/examples/kea4/config-backend.json
/doc/examples/kea4/ha-load-balancing-server1-mt-with-tls.json
/doc/examples/kea4/ha-load-balancing-server2-mt.json
/doc/examples/kea6/advanced.json
/doc/examples/kea6/all-keys-netconf.json
/doc/examples/kea6/all-keys.json
/doc/examples/kea6/comments.json
/doc/examples/kea6/config-backend.json
/doc/examples/kea6/ha-hot-standby-server1-with-tls.json
/doc/examples/kea6/ha-hot-standby-server2.json
    removed /tmp path from socket-name

/src/bin/dhcp4/tests/config_parser_unittest.cc
/src/bin/dhcp4/tests/ctrl_dhcp4_srv_unittest.cc
/src/bin/dhcp4/tests/dhcp4_srv_unittest.cc
/src/bin/dhcp4/tests/dhcp4_test_utils.cc
/src/bin/dhcp4/tests/dhcp4_test_utils.h
/src/bin/dhcp6/tests/config_parser_unittest.cc
/src/bin/dhcp6/tests/ctrl_dhcp6_srv_unittest.cc
/src/bin/dhcp6/tests/dhcp6_srv_unittest.cc
/src/bin/dhcp6/tests/dhcp6_test_utils.cc
/src/bin/dhcp6/tests/dhcp6_test_utils.h
    updated tests

/src/lib/config/Makefile.am
/src/lib/config/meson.build
    defined CONTROL_SOCKET_DIR

/src/lib/config/tests/unix_command_config_unittests.cc
/src/lib/config/tests/unix_command_mgr_unittests.cc
    updated tests

/src/lib/config/unix_command_config.*
    UnixCommandConfig - added PathChecker singleton and methods
    to set and validate socket path/permissions

/src/lib/util/filesystem.*
    Added getPermsissions() and hasPermsission()

/src/lib/util/tests/filesystem_unittests.cc
    new permissions tests
 2025-05-19 12:12:55 +00:00
Andrei Pavel
bdacdf235f
[#3831] Adapt Hammer to the /etc/kea-api-password change in kea-ctrl-agent 2025-05-19 11:53:04 +03:00
Francis Dupont
86f826d238 [#3831] Applied kea-ctrl-agent.conf.pre update 2025-05-16 23:08:03 +02:00
Francis Dupont
e07ad3d1a5 [#3831] Finished UTs 2025-05-16 23:08:03 +02:00
Francis Dupont
f82e83c826 [#3831] Checkpoint: did dhcp4 UTs 2025-05-16 23:08:02 +02:00
Francis Dupont
78c0cd0de3 [#3831] Checkpoint: fixes, still UTs to add 2025-05-16 23:08:02 +02:00
Francis Dupont
da3fc824be [#3831] Fixed KEA_DHCP_DATA_DIR already set 2025-05-16 23:08:02 +02:00
Francis Dupont
e8d9560f43 [#3831] Checkpoint: fixes 2025-05-16 23:08:02 +02:00
Francis Dupont
01dc6e538c [#3831] Checkpoint: code done, UTs to be updated 2025-05-16 23:08:02 +02:00
Francis Dupont
0e25831cf8 [#3831] Restricted cache-write 2025-05-16 12:13:31 +02:00
Razvan Becheriu
fdc2b1c5f9
[#3831] update CA default config and fix dhcp examples 2025-05-16 12:20:44 +03:00
Francis Dupont
97c2226aa9
[#3831] Spelling 2025-05-16 12:20:44 +03:00
Thomas Markwalder
dcd07a42aa
[#3831] Fixed UT build and minor nits 
modified:   doc/sphinx/arm/dhcp6-srv.rst
modified:   doc/sphinx/arm/logging.rst
modified:   src/bin/d2/tests/d2_process_tests.sh.in
modified:   src/bin/dhcp4/tests/dhcp4_process_tests.sh.in
modified:   src/bin/dhcp6/json_config_parser.cc
modified:   src/bin/dhcp6/tests/dhcp6_process_tests.sh.in
modified:   src/hooks/dhcp/forensic_log/libloadtests/load_unload_unittests.cc
modified:   src/lib/dhcpsrv/tests/cfgmgr_unittest.cc
modified:   src/lib/hooks/hooks_parser.cc
modified:   src/lib/process/log_parser.cc
modified:   src/lib/process/log_parser.h
modified:   src/lib/testutils/env_var_wrapper.h
modified:   src/lib/util/filesystem.cc
 2025-05-16 12:20:44 +03:00
Thomas Markwalder
36972ffcb7
[#3831] Added path validation, updated tests 
/src/hooks/dhcp/forensic_log/libloadtests/load_unload_unittests.cc
    Updated tests

/src/hooks/dhcp/forensic_log/rotating_file.cc
    RotatingFile::apply{) - fetch default from singleton

/src/hooks/dhcp/forensic_log/tests/legal_log_mgr_unittests.cc
    TEST_F(LegalLogMgrTest, pathValidation)
    TEST_F(LegalLogMgrTest, pathEnvVarOverride) - new tests

/src/lib/dhcpsrv/legal_log_mgr.*
    LegalLogMgr::parseFile() - validate path

Updated the ARM.
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
5eee7d180e
[#3831] Initial pieces for legal log restriction 
/src/lib/dhcpsrv/Makefile.am
   Changed LEGAL_LOG_DIR to use log vs lib

/src/lib/dhcpsrv/legal_log_mgr.*
    LegalLogMgr - added PathChecker singleton and funcs

/src/lib/dhcpsrv/meson.build
   Defined LEGAL_LOG_DIR

/src/lib/util/filesystem.*
    PathChecker::validateDirectory() - new func

/src/lib/util/tests/filesystem_unittests.cc
    TEST(PathChecker, validateDirectoryEnforcePath)
    TEST(PathChecker, validateDirectoryEnforcePathFalse) - new tests
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
0a61f4a9ee
[#3831] leaseX-write restricted to supported path 
modified:   hooks-lease-cmds.rst
modified:   ../../../src/hooks/dhcp/lease_cmds/lease_cmds.cc
modified:   ../../../src/hooks/dhcp/lease_cmds/libloadtests/lease_cmds4_unittest.cc
modified:   ../../../src/hooks/dhcp/lease_cmds/libloadtests/lease_cmds6_unittest.cc
 2025-05-16 12:20:43 +03:00
Francis Dupont
c871f5e97e
[#3831] C++17 clang fixes 2025-05-16 12:20:43 +03:00
Francis Dupont
f22c691a1f
[#3831] Spelling 2025-05-16 12:20:43 +03:00
Thomas Markwalder
c8183c4ad7
[#3831] Remove paths from output in conf files 
modified:   src/bin/keactrl/kea-ctrl-agent.conf.pre
modified:   src/bin/keactrl/kea-dhcp-ddns.conf.pre
modified:   src/bin/keactrl/kea-dhcp4.conf.pre
modified:   src/bin/keactrl/kea-dhcp6.conf.pre
modified:   src/bin/keactrl/kea-netconf.conf.pre
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
0f3d314a79
[#3831] Fix netconf UT test 
/src/bin/netconf/tests/shtests/netconf_tests.sh.in
- export KEA_LOG_FILE_DIR
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
1984ece9c6
[#3831] Fix log path in UTs 
/doc/sphinx/arm/logging.rst
    Updated logging section

/src/bin/admin/tests/memfile_tests.sh.in
/src/bin/shell/tests/shell_dhcp4_process_tests.sh.in
/src/bin/shell/tests/shell_dhcp6_process_tests.sh.in
    export KEA_LOG_FILE_DIR

/src/lib/dhcpsrv/memfile_lease_mgr.cc
    Memfile_LeaseMgr::factory() - fix throw to preserve error txt

/src/lib/process/Makefile.am
    Define LOGFILE_DIR
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
a2f4cc4520
{3831] Logger output path restricted 
Initial implementaion, still need docs and
autotools changes

meson.build
    Appended "kea" to LOGDIR

/src/bin/agent/tests/ca_process_tests.sh.in
/src/bin/d2/tests/d2_process_tests.sh.in
/src/bin/dhcp4/tests/dhcp4_process_tests.sh.in
/src/bin/dhcp6/tests/dhcp6_process_tests.sh.in
    export KEA_LOG_FILE_DIR

/src/bin/dhcp4/tests/ctrl_dhcp4_srv_unittest.cc
/src/bin/dhcp4/tests/http_control_socket_unittest.cc
/src/bin/dhcp6/tests/ctrl_dhcp6_srv_unittest.cc
/src/bin/dhcp6/tests/http_control_socket_unittest.cc
    Updated tests

/src/bin/dhcp6/tests/dhcp6_test_utils.*
    Added log path stuff to BaseServerTest

/src/bin/keactrl/tests/keactrl_tests.sh.in
/src/bin/shell/tests/ca_basic_auth_tests.sh.in
/src/bin/shell/tests/d2_basic_auth_tests.sh.in
/src/bin/shell/tests/dhcp4_basic_auth_tests.sh.in
/src/bin/shell/tests/dhcp6_basic_auth_tests.sh.in
/src/bin/shell/tests/shell_ca_process_tests.sh.in
/src/bin/shell/tests/shell_d2_process_tests.sh.in
/src/bin/shell/tests/tls_ca_process_tests.sh.in
/src/bin/shell/tests/tls_d2_process_tests.sh.in
/src/bin/shell/tests/tls_dhcp4_process_tests.sh.in
/src/bin/shell/tests/tls_dhcp6_process_tests.sh.in

/src/lib/process/log_parser.*
    Added  PathChecker singleton,
    LogConfigParser::getLogPath()
    LogConfigParser::validatePath()
    LogConfigParser::parseOutputOptions() - throws if
    output uses an invalid path

/src/lib/process/meson.build
    Defines LOGFILE_DIR

/src/lib/process/tests/log_parser_unittests.cc
    Updated tests
 2025-05-16 12:20:43 +03:00
Francis Dupont
66865e832f
[#3831] Added data-directory in sample keywords 2025-05-16 12:20:43 +03:00
Thomas Markwalder
3245560140
[#3831] Nits 2025-05-16 12:20:43 +03:00
Thomas Markwalder
f9fdca89ad
[#3831] Minor nits 2025-05-16 12:20:43 +03:00
Thomas Markwalder
c745954d52
[#3831] Addressed further comments 
/doc/examples/kea6/all-keys-netconf.json
/doc/examples/kea6/all-keys.json
    removed data-directory

/doc/sphinx/arm/dhcp6-srv.rst
    Updated ARM

/src/bin/dhcp6/dhcp6_messages.*
    Changed DHCP6_DATA_DIRECTORY_DEPRECATED

/src/bin/dhcp6/json_config_parser.cc
    Removed dirExists() function
    parsing logic errors on invalid data-directory

/src/bin/dhcp6/tests/config_parser_unittest.cc
    Updated data-directory tests

Other minor cleanups
 2025-05-16 12:20:43 +03:00
Francis Dupont
3bf21ae2f3
[#3831] Removed extra end of line 2025-05-16 12:20:43 +03:00
Francis Dupont
65d975e240
[#3831] Removed extra blank line 2025-05-16 12:20:43 +03:00
Francis Dupont
1cae2f03e6
[#3831] Added missing spaces 2025-05-16 12:20:43 +03:00
Francis Dupont
1cc999a1d2
[#3831] spelling 2025-05-16 12:20:43 +03:00
Thomas Markwalder
6cd4ec9b56
[#3831] Addressed preliminary comments 
Changes to be committed:
	modified:   src/lib/dhcpsrv/cfgmgr.h
	modified:   src/lib/hooks/tests/hooks_manager_unittest.cc
	modified:   src/lib/testutils/meson.build
	modified:   src/lib/util/tests/filesystem_unittests.cc
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
348210719b
[#3831] Updated ARM 
modified:   doc/sphinx/api-files.txt
modified:   doc/sphinx/arm/dhcp4-srv.rst
modified:   doc/sphinx/kea-messages.rst
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
cc5270c69d
[#3831] Adde env_var_wrapper.cc to meson.build 
modified:   src/lib/testutils/meson.build
 2025-05-16 12:20:43 +03:00