mir/kea
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/kea synced 2025-08-30 21:45:37 +00:00
Code Issues Releases Wiki Activity
37,388 Commits 2,673 Branches 726 Tags
e8d9560f436ec1a2e6eefbc5ad795c2080804a1e
Commit Graph

37388 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Francis Dupont
e8d9560f43 [#3831] Checkpoint: fixes 2025-05-16 23:08:02 +02:00
Francis Dupont
01dc6e538c [#3831] Checkpoint: code done, UTs to be updated 2025-05-16 23:08:02 +02:00
Francis Dupont
0e25831cf8 [#3831] Restricted cache-write 2025-05-16 12:13:31 +02:00
Razvan Becheriu
fdc2b1c5f9 [#3831] update CA default config and fix dhcp examples 2025-05-16 12:20:44 +03:00
Francis Dupont
97c2226aa9 [#3831] Spelling 2025-05-16 12:20:44 +03:00
Thomas Markwalder
dcd07a42aa [#3831] Fixed UT build and minor nits 
modified:   doc/sphinx/arm/dhcp6-srv.rst
modified:   doc/sphinx/arm/logging.rst
modified:   src/bin/d2/tests/d2_process_tests.sh.in
modified:   src/bin/dhcp4/tests/dhcp4_process_tests.sh.in
modified:   src/bin/dhcp6/json_config_parser.cc
modified:   src/bin/dhcp6/tests/dhcp6_process_tests.sh.in
modified:   src/hooks/dhcp/forensic_log/libloadtests/load_unload_unittests.cc
modified:   src/lib/dhcpsrv/tests/cfgmgr_unittest.cc
modified:   src/lib/hooks/hooks_parser.cc
modified:   src/lib/process/log_parser.cc
modified:   src/lib/process/log_parser.h
modified:   src/lib/testutils/env_var_wrapper.h
modified:   src/lib/util/filesystem.cc
 2025-05-16 12:20:44 +03:00
Thomas Markwalder
36972ffcb7 [#3831] Added path validation, updated tests 
/src/hooks/dhcp/forensic_log/libloadtests/load_unload_unittests.cc
    Updated tests

/src/hooks/dhcp/forensic_log/rotating_file.cc
    RotatingFile::apply{) - fetch default from singleton

/src/hooks/dhcp/forensic_log/tests/legal_log_mgr_unittests.cc
    TEST_F(LegalLogMgrTest, pathValidation)
    TEST_F(LegalLogMgrTest, pathEnvVarOverride) - new tests

/src/lib/dhcpsrv/legal_log_mgr.*
    LegalLogMgr::parseFile() - validate path

Updated the ARM.
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
5eee7d180e [#3831] Initial pieces for legal log restriction 
/src/lib/dhcpsrv/Makefile.am
   Changed LEGAL_LOG_DIR to use log vs lib

/src/lib/dhcpsrv/legal_log_mgr.*
    LegalLogMgr - added PathChecker singleton and funcs

/src/lib/dhcpsrv/meson.build
   Defined LEGAL_LOG_DIR

/src/lib/util/filesystem.*
    PathChecker::validateDirectory() - new func

/src/lib/util/tests/filesystem_unittests.cc
    TEST(PathChecker, validateDirectoryEnforcePath)
    TEST(PathChecker, validateDirectoryEnforcePathFalse) - new tests
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
0a61f4a9ee [#3831] leaseX-write restricted to supported path 
modified:   hooks-lease-cmds.rst
modified:   ../../../src/hooks/dhcp/lease_cmds/lease_cmds.cc
modified:   ../../../src/hooks/dhcp/lease_cmds/libloadtests/lease_cmds4_unittest.cc
modified:   ../../../src/hooks/dhcp/lease_cmds/libloadtests/lease_cmds6_unittest.cc
 2025-05-16 12:20:43 +03:00
Francis Dupont
c871f5e97e [#3831] C++17 clang fixes 2025-05-16 12:20:43 +03:00
Francis Dupont
f22c691a1f [#3831] Spelling 2025-05-16 12:20:43 +03:00
Thomas Markwalder
c8183c4ad7 [#3831] Remove paths from output in conf files 
modified:   src/bin/keactrl/kea-ctrl-agent.conf.pre
modified:   src/bin/keactrl/kea-dhcp-ddns.conf.pre
modified:   src/bin/keactrl/kea-dhcp4.conf.pre
modified:   src/bin/keactrl/kea-dhcp6.conf.pre
modified:   src/bin/keactrl/kea-netconf.conf.pre
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
0f3d314a79 [#3831] Fix netconf UT test 
/src/bin/netconf/tests/shtests/netconf_tests.sh.in
- export KEA_LOG_FILE_DIR
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
1984ece9c6 [#3831] Fix log path in UTs 
/doc/sphinx/arm/logging.rst
    Updated logging section

/src/bin/admin/tests/memfile_tests.sh.in
/src/bin/shell/tests/shell_dhcp4_process_tests.sh.in
/src/bin/shell/tests/shell_dhcp6_process_tests.sh.in
    export KEA_LOG_FILE_DIR

/src/lib/dhcpsrv/memfile_lease_mgr.cc
    Memfile_LeaseMgr::factory() - fix throw to preserve error txt

/src/lib/process/Makefile.am
    Define LOGFILE_DIR
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
a2f4cc4520 {3831] Logger output path restricted 
Initial implementaion, still need docs and
autotools changes

meson.build
    Appended "kea" to LOGDIR

/src/bin/agent/tests/ca_process_tests.sh.in
/src/bin/d2/tests/d2_process_tests.sh.in
/src/bin/dhcp4/tests/dhcp4_process_tests.sh.in
/src/bin/dhcp6/tests/dhcp6_process_tests.sh.in
    export KEA_LOG_FILE_DIR

/src/bin/dhcp4/tests/ctrl_dhcp4_srv_unittest.cc
/src/bin/dhcp4/tests/http_control_socket_unittest.cc
/src/bin/dhcp6/tests/ctrl_dhcp6_srv_unittest.cc
/src/bin/dhcp6/tests/http_control_socket_unittest.cc
    Updated tests

/src/bin/dhcp6/tests/dhcp6_test_utils.*
    Added log path stuff to BaseServerTest

/src/bin/keactrl/tests/keactrl_tests.sh.in
/src/bin/shell/tests/ca_basic_auth_tests.sh.in
/src/bin/shell/tests/d2_basic_auth_tests.sh.in
/src/bin/shell/tests/dhcp4_basic_auth_tests.sh.in
/src/bin/shell/tests/dhcp6_basic_auth_tests.sh.in
/src/bin/shell/tests/shell_ca_process_tests.sh.in
/src/bin/shell/tests/shell_d2_process_tests.sh.in
/src/bin/shell/tests/tls_ca_process_tests.sh.in
/src/bin/shell/tests/tls_d2_process_tests.sh.in
/src/bin/shell/tests/tls_dhcp4_process_tests.sh.in
/src/bin/shell/tests/tls_dhcp6_process_tests.sh.in

/src/lib/process/log_parser.*
    Added  PathChecker singleton,
    LogConfigParser::getLogPath()
    LogConfigParser::validatePath()
    LogConfigParser::parseOutputOptions() - throws if
    output uses an invalid path

/src/lib/process/meson.build
    Defines LOGFILE_DIR

/src/lib/process/tests/log_parser_unittests.cc
    Updated tests
 2025-05-16 12:20:43 +03:00
Francis Dupont
66865e832f [#3831] Added data-directory in sample keywords 2025-05-16 12:20:43 +03:00
Thomas Markwalder
3245560140 [#3831] Nits 2025-05-16 12:20:43 +03:00
Thomas Markwalder
f9fdca89ad [#3831] Minor nits 2025-05-16 12:20:43 +03:00
Thomas Markwalder
c745954d52 [#3831] Addressed further comments 
/doc/examples/kea6/all-keys-netconf.json
/doc/examples/kea6/all-keys.json
    removed data-directory

/doc/sphinx/arm/dhcp6-srv.rst
    Updated ARM

/src/bin/dhcp6/dhcp6_messages.*
    Changed DHCP6_DATA_DIRECTORY_DEPRECATED

/src/bin/dhcp6/json_config_parser.cc
    Removed dirExists() function
    parsing logic errors on invalid data-directory

/src/bin/dhcp6/tests/config_parser_unittest.cc
    Updated data-directory tests

Other minor cleanups
 2025-05-16 12:20:43 +03:00
Francis Dupont
3bf21ae2f3 [#3831] Removed extra end of line 2025-05-16 12:20:43 +03:00
Francis Dupont
65d975e240 [#3831] Removed extra blank line 2025-05-16 12:20:43 +03:00
Francis Dupont
1cae2f03e6 [#3831] Added missing spaces 2025-05-16 12:20:43 +03:00
Francis Dupont
1cc999a1d2 [#3831] spelling 2025-05-16 12:20:43 +03:00
Thomas Markwalder
6cd4ec9b56 [#3831] Addressed preliminary comments 
Changes to be committed:
	modified:   src/lib/dhcpsrv/cfgmgr.h
	modified:   src/lib/hooks/tests/hooks_manager_unittest.cc
	modified:   src/lib/testutils/meson.build
	modified:   src/lib/util/tests/filesystem_unittests.cc
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
348210719b [#3831] Updated ARM 
modified:   doc/sphinx/api-files.txt
modified:   doc/sphinx/arm/dhcp4-srv.rst
modified:   doc/sphinx/kea-messages.rst
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
cc5270c69d [#3831] Adde env_var_wrapper.cc to meson.build 
modified:   src/lib/testutils/meson.build
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
36b8bfd263 [#3831] Error on bad lease file path 
/doc/examples/kea4/all-keys-netconf.json
/doc/examples/kea4/all-keys.json
/doc/examples/kea4/dhcpv4-over-dhcpv6.json
/doc/examples/kea6/all-keys-netconf.json
/doc/examples/kea6/all-keys.json
/doc/examples/kea6/dhcpv4-over-dhcpv6.json
    Remove "/tmp" from lease file names

/src/bin/admin/tests/memfile_tests.sh.in
/src/bin/dhcp4/tests/dhcp4_process_tests.sh.in
/src/bin/dhcp6/tests/dhcp6_process_tests.sh.in
    export KEA_DHCP_DATA_DIR

/src/bin/shell/tests/dhcp4_basic_auth_tests.sh.in
/src/bin/shell/tests/dhcp6_basic_auth_tests.sh.in

/src/bin/shell/tests/shell_dhcp4_process_tests.sh.in
/src/bin/shell/tests/shell_dhcp6_process_tests.sh.in

/src/bin/shell/tests/tls_dhcp4_process_tests.sh.in
/src/bin/shell/tests/tls_dhcp6_process_tests.sh.in

/src/lib/dhcpsrv/dhcpsrv_messages.*
    Replace WARN message with DHCPSRV_MEMFILE_FAILED_TO_OPEN error

/src/lib/dhcpsrv/memfile_lease_mgr.cc
    Memfile_LeaseMgr::getDefaultLeaseFilePath()
    - uses CfgMgr::getDataDir()
    Memfile_LeaseMgr::initLeaseFilePath()
     - call CfgMgr::validatePath() without try-catch
    Memfile_LeaseMgr::factory()
    - log error and rethrow

/src/lib/dhcpsrv/tests/cfgmgr_unittest.cc
    Added use of EnvVarWrapper

/src/lib/dhcpsrv/tests/memfile_lease_mgr_unittest.cc
    Updated tests
    TEST_F(MemfileLeaseMgrTest, defaultDataDir)
    TEST_F(MemfileLeaseMgrTest, dataDirEnvVarOverride)
    TEST_F(MemfileLeaseMgrTest, dataDirExplicitOveride)
    - new tests

/src/lib/testutils/Makefile.am
   Added env_var_wrapper.*
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
98ba652fbc [#3831] Fix UT Makefile.am files 2025-05-16 12:20:43 +03:00
Thomas Markwalder
26c63d4a14 [#3831] Replaced CfgMgr::data_dir_ with PathChecker 
/src/bin/dhcp4/tests/dhcp4_test_utils.cc
    UpdatedModified BaseServerTest

/src/bin/dhcp4/tests/meson.build
    Added DHCP_DATA_DIR

/src/bin/dhcp6/dhcp6_messages.*
    DHCP6_DATA_DIRECTORY_DEPRECATED - new message

/src/bin/dhcp6/dhcp6_parser.yy
    Add warning to data_dir parsing

/src/bin/dhcp6/json_config_parser.cc
    Emit a warning if config contains data-directory

/src/bin/dhcp6/tests/Makefile.am
    Added DHCP_DATA_DIR

/src/bin/dhcp6/tests/config_parser_unittest.cc
    TEST_F(Dhcp6ParserTest, testDataDir) - updated test

/src/bin/dhcp6/tests/dhcp6_test_utils.cc
    UpdatedModified BaseServerTest

/src/bin/dhcp6/tests/hooks_unittest.cc
    LoadUnloadDhcpv6SrvTest now derives from BaseServerTest

/src/bin/dhcp6/tests/meson.build
    Added DHCP_DATA_DIR

/src/lib/dhcpsrv/cfgmgr.*
    Replace Optional<string> datadir_ with PathChecker
    data_dir_checker_

    CfgMgr::getDataDir() - updated
    CfgMgr::validatePath() - added

/src/lib/dhcpsrv/srv_config.cc
    SrvConfig::toElement() - remove output of  data-directory

/src/lib/dhcpsrv/tests/Makefile.am
    Added DHCP_DATA_DIR

/src/lib/dhcpsrv/tests/cfg_duid_unittest.cc
    Updated absolutePath()

/src/lib/dhcpsrv/tests/cfgmgr_unittest.cc
    Updated tests

/src/lib/dhcpsrv/tests/csv_lease_file4_unittest.cc
/src/lib/dhcpsrv/tests/csv_lease_file6_unittest.cc
/src/lib/dhcpsrv/tests/lease_file_loader_unittest.cc
/src/lib/dhcpsrv/tests/memfile_lease_mgr_unittest.cc
    Updated absolutePath()

/src/lib/dhcpsrv/tests/meson.build
    Added DHCP_DATA_DIR
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
2f304f6ca7 [#3831] Refactored FileManager into PathChecker 
Refactored to internally support env variable and explicit paths
modified:
    src/lib/hooks/hooks_parser.cc
    src/lib/hooks/hooks_parser.h
    src/lib/util/filesystem.cc
    src/lib/util/filesystem.h
    src/lib/util/tests/filesystem_unittests.cc
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
f42a77238d [#3830] Fixed netconf UT tests 
/src/bin/netconf/tests/Makefile.am
/src/bin/netconf/tests/meson.build
    Added NETCONF_HOOKS_TEST_PATH

/src/bin/netconf/tests/netconf_cfg_mgr_unittests.cc
    NetconfParserTest - added set and reset of hooks path
    TEST_F(NetconfParserTest, configParseHooks) - call setHooksTestPath()
 2025-05-16 12:20:43 +03:00
Andrei Pavel
707981812e [#3832] Meson: Add install_umask=0027 
This makes directories 750 and files 640 by default.
 2025-05-16 12:20:43 +03:00
Francis Dupont
03aac8f424 [#3832] Reindented 2025-05-16 12:20:43 +03:00
Francis Dupont
919d3cbbb6 [#3832] Extra fix 2025-05-16 12:20:43 +03:00
Francis Dupont
e214d62395 [#3832] Added umask to admin and keactrl 2025-05-16 12:20:43 +03:00
Francis Dupont
d91aa4203c [#3832] Added umask 0027 setting 2025-05-16 12:20:43 +03:00
Francis Dupont
923990b389 [#3832] Checkpoint: removed #3050 and fixes 2025-05-16 12:20:43 +03:00
Thomas Markwalder
3403f15dc7 [#3830] Removed obsolete UT 
modified:   dhcp_parsers_unittest.cc
 2025-05-16 12:20:43 +03:00
Thomas Markwalder
8121c96c1a [#3830] Fix release mention in ARM 
modified:   hooks.rst
 2025-05-16 12:20:42 +03:00
Thomas Markwalder
5caceadf72 [#3830] Addressed further review comments 
Minor cleanup and fixed hooks partesr UTs
	modified:   src/lib/hooks/hooks_parser.h
	modified:   src/lib/hooks/tests/hooks_manager_unittest.cc
 2025-05-16 12:20:42 +03:00
Francis Dupont
8196e0cadf [#3830] Small fixes 2025-05-16 12:20:42 +03:00
Thomas Markwalder
dd87e1d30f [#3830] Updated the ARM 2025-05-16 12:20:42 +03:00
Thomas Markwalder
e4fad9f2bf [#3830] Addressed review comments 
src/lib/util/filesystem.cc
    Replaced use of std::filesystem with isc:util::Path

src/lib/hooks/hooks_parser.cc
src/lib/hooks/hooks_parser.h
    HooksLibrariesParser::getHooksPath() - provides the
    ability to set it to an explicit value

Updated A LOT of UTs:

src/bin/agent/tests/ca_cfg_mgr_unittests.cc
src/bin/agent/tests/ca_process_tests.sh.in
src/bin/agent/tests/get_config_unittest.cc
src/bin/agent/tests/test_callout_libraries.h.in
src/bin/d2/tests/d2_cfg_mgr_unittests.cc
src/bin/d2/tests/d2_process_tests.sh.in
src/bin/d2/tests/d2_process_unittests.cc
src/bin/d2/tests/get_config_unittest.cc
src/bin/d2/tests/test_callout_libraries.h.in
src/bin/d2/tests/test_configured_libraries.h.in
src/bin/dhcp4/tests/config_parser_unittest.cc
src/bin/dhcp4/tests/ctrl_dhcp4_srv_unittest.cc
src/bin/dhcp4/tests/dhcp4_process_tests.sh.in
src/bin/dhcp4/tests/hooks_unittest.cc
src/bin/dhcp4/tests/http_control_socket_unittest.cc
src/bin/dhcp4/tests/test_libraries.h.in
src/bin/dhcp6/tests/config_parser_unittest.cc
src/bin/dhcp6/tests/ctrl_dhcp6_srv_unittest.cc
src/bin/dhcp6/tests/dhcp6_process_tests.sh.in
src/bin/dhcp6/tests/hooks_unittest.cc
src/bin/dhcp6/tests/http_control_socket_unittest.cc
src/bin/dhcp6/tests/test_libraries.h.in
src/lib/dhcpsrv/tests/dhcp_parsers_unittest.cc
src/lib/dhcpsrv/tests/test_libraries.h.in
src/lib/hooks/tests/Makefile.am
src/lib/hooks/tests/hooks_manager_unittest.cc
src/lib/hooks/tests/test_libraries.h.in
src/lib/process/cfgrpt/tests/config_report_unittests.cc
src/lib/util/tests/filesystem_unittests.cc
 2025-05-16 12:20:42 +03:00
Thomas Markwalder
ad245f5f7a [#3830] Updated ChangeLog 2025-05-16 12:20:42 +03:00
Thomas Markwalder
73e50310d6 [#3830] Fix ChangeLog spaces 2025-05-16 12:20:42 +03:00
Thomas Markwalder
4f8b1dc282 [#3830] Added ChangeLog entry file 
new file:   3830-CVE-2025-32801-Allow-loading-hook--ibraries-only-from-default-path
 2025-05-16 12:20:42 +03:00
Thomas Markwalder
433593f231 [#3830] Updated ARM 
modified:   doc/sphinx/arm/hooks.rst
modified:   src/lib/hooks/tests/hooks_manager_unittest.cc
modified:   src/lib/util/tests/filesystem_unittests.cc
 2025-05-16 12:20:42 +03:00
Thomas Markwalder
4afdeb7719 [#3830] Hook libraries must load from default hook dir 
/src/lib/util/filesystem.*
    FileManager::validatePath() - new class and function

/src/lib/hooks/hooks_parser.*
    HooksLibrariesParser::validatePath() - new wrapper around FileManager::validatePath()
    HooksLibrariesParser::parse() - now uses validatePath()

/src/lib/hooks/tests/hooks_manager_unittest.cc
    TEST(HooksParser, validatePathEnforcePath)
    TEST(HooksParser, validatePathEnforcePathFalse) - new tests

/src/lib/util/tests/filesystem_unittests.cc
    TEST(FileManager, validatePathEnforcePath)
    TEST(FileManager, validatePathEnforcePathFalse) - new tests
 2025-05-16 12:20:42 +03:00
Andrei Pavel
121b71ae2f [#3789] Extend the change to upgrade scripts down to Kea 2.6 2025-05-16 11:20:13 +03:00
Andrei Pavel
5683641bf3 [#3789] Extend the change to upgrade scripts down to Kea 2.6 2025-05-14 09:46:40 +03:00