diff --git a/agents/bakery/curl.py b/agents/bakery/curl.py
index 3da404260b72dd2feba4c41ad31777db467ab5b1..048a2bdede3917118f1675d1381bbfe788896fcc 100755
--- a/agents/bakery/curl.py
+++ b/agents/bakery/curl.py
@@ -43,7 +43,8 @@
# 2022-03-20: added dns_options, ftp_options
# 2022-03-21: fixed handling of limits and sub directories from wato
# 2022-03-24: added options --hostpubmd5, --hostpubsha256, --pubkey
-# #
+# 2022-03-24: added options --key --passs
+#
from pathlib import Path
from typing import List, Tuple, Dict
@@ -59,7 +60,7 @@ from cmk.base.cee.plugins.bakery.bakery_api.v1 import (
)
-bakery_version = '20220323.v0.0.6'
+bakery_version = '20220324.v0.0.6'
def get_curl_files(conf: Tuple[str, Dict[str, List[any]]]) -> FileGenerator:
@@ -161,8 +162,7 @@ def get_curl_files(conf: Tuple[str, Dict[str, List[any]]]) -> FileGenerator:
'speed_time',
'connect_timeout',
'api_key_header',
- 'user_auth',
-
+ # 'user_auth',
]:
if type(url_settings.get(key)) == tuple:
if url_settings[key][0] == key:
@@ -194,13 +194,29 @@ def get_curl_files(conf: Tuple[str, Dict[str, List[any]]]) -> FileGenerator:
url_settings.pop('http_proxy')
if url_settings.get('user_auth'):
- user, user_password, user_auth = url_settings['user_auth']
- if user_password[0] == 'store':
- pw = password_store.extract(user_password[1])
- else:
- pw = user_password[1]
- options_array.append(f'--user {user}:{pw}')
- options_array.append(user_auth)
+ if url_settings['user_auth'][0] == 'user_auth':
+ user, user_password, user_auth = url_settings['user_auth'][1]
+ if user_password[0] == 'store':
+ pw = password_store.extract(user_password[1])
+ else:
+ pw = user_password[1]
+ options_array.append(f'--user {user}:{pw}')
+ options_array.append(user_auth)
+ elif url_settings['user_auth'][0] == 'priv_key_auth':
+ user, pass_phrase, priv_key = url_settings['user_auth'][1]
+ options_array.append(f'--user {user}:')
+ options_array.append(f'--key {_conf_path}curl/curl_item_{curl_item}.priv_key')
+ if pass_phrase[0] == 'store':
+ pw = password_store.extract(pass_phrase[1])
+ else:
+ pw = pass_phrase[1]
+ options_array.append(f'--pass {pw}')
+ yield PluginConfig(
+ base_os=_os,
+ lines=[priv_key],
+ target=Path(f'curl/curl_item_{curl_item}.priv_key'),
+ include_header=False,
+ )
url_settings.pop('user_auth')
if url_settings.get('expected_strings'):
diff --git a/curl.mkp b/curl.mkp
index 531c43b4fae4ccb20cd9d15a9a498b3e7bbeda49..3b74d44ce4876c7f8f6965c781178d49acbf3179 100644
Binary files a/curl.mkp and b/curl.mkp differ
diff --git a/packages/curl b/packages/curl
index 1874db69d908c650a77b6c3a13e278d7d91240ce..d589b44c81b24bdacf6b12fe1e009c1809331d87 100644
--- a/packages/curl
+++ b/packages/curl
@@ -21,7 +21,7 @@
'name': 'curl',
'num_files': 6,
'title': 'cURL agent plugin',
- 'version': '20220323.v0.1.3',
+ 'version': '20220324.v0.1.3',
'version.min_required': '2.0.0',
'version.packaged': '2021.09.20',
'version.usable_until': None}
\ No newline at end of file
diff --git a/web/plugins/wato/curl.py b/web/plugins/wato/curl.py
index c5d4b68b3a8be969e30e51207e60dcf276591066..78ec3d0b3698654919edda75a3a9eef82b5579d6 100644
--- a/web/plugins/wato/curl.py
+++ b/web/plugins/wato/curl.py
@@ -60,6 +60,8 @@
# to "limits" sub Directory
# 2022-03-22: added curl_error_code_to_ignore and http_error_code_to_ignore options
# 2022-03-24: added options --hostpubmd5, --hostpubsha256, --pubkey
+# 2022-03-24: added options --key --passs
+# reworked user_auth section
#
import ipaddress
from cmk.gui.i18n import _
@@ -99,7 +101,7 @@ from cmk.gui.cee.plugins.wato.agent_bakery.rulespecs.utils import (
RulespecGroupMonitoringAgentsAgentPlugins,
)
-bakery_plugin_version = '20220323.v0.0.6'
+bakery_plugin_version = '20220324.v0.0.6'
# unsafe characters https://www.tutorialspoint.com/html/html_url_encoding.htm
forbidden_chars = '"<>#%{}|\^~[]` \''
@@ -414,7 +416,8 @@ _url_get_header_only = ('get_header_only',
],
))
-_option_user_auth = ('user_auth',
+_option_auth_user = ('user_auth',
+ _('Username/Password'),
Tuple(
title=_('Configure user authentication'),
help=_(
@@ -436,6 +439,7 @@ _option_user_auth = ('user_auth',
DropdownChoice(
title=_('Authentication method'),
choices=[
+ ('', _('Use cURL default')),
('--basic', _('Basic authentication')),
('--digest', _('Digest authentication')),
('--ntlm', _('NTLM authentication')),
@@ -445,15 +449,34 @@ _option_user_auth = ('user_auth',
]),
],
))
-_url_user_auth = ('user_auth',
- CascadingDropdown(
- title=_('Configure user authentication'),
- sorted=False,
- choices=[
- ('user_auth', _('Authenticate user'), _option_user_auth[1],),
- ('', _('Don\'t authenticate user')),
- ],
- ))
+_option_auth_priv_key = ('priv_key_auth',
+ _('Private/public key'),
+ Tuple(
+ elements=[
+ TextUnicode(
+ title=_('Username'),
+ allow_empty=False,
+ forbidden_chars=forbidden_chars,
+ placeholder='username',
+ ),
+ PasswordFromStore(
+ title=_('Pass phrase'),
+ allow_empty=False,
+ ),
+ Foldable(UploadOrPasteTextFile(title='Private key', file_title='Private key (PEM)'),
+ title='Private key'),
+ ]
+ ))
+_option_auth = ('user_auth',
+ CascadingDropdown(
+ title=_('Configure authentication'),
+ sorted=False,
+ choices=[
+ _option_auth_user,
+ _option_auth_priv_key,
+ (None, _('No authentication')),
+ ],
+ ))
_option_proxy_server = ('proxy_server',
Tuple(
@@ -944,7 +967,6 @@ _url_connect_timeout = ('connect_timeout',
],
))
-
_option_limits = ('limits',
Foldable(
Dictionary(
@@ -976,7 +998,6 @@ _url_limits = ('limits',
title=_('Set connection limits')
))
-
_option_user_agent = ('user_agent',
TextUnicode(
title=_('Set user agent'),
@@ -1074,7 +1095,7 @@ _option_url_settings = ('url_settings',
_option_verify_remote_host,
_options_proxy,
_option_redirects,
- _url_user_auth,
+ _option_auth,
_url_get_header_only,
_option_regex_response,
_url_compressed,
@@ -1156,7 +1177,7 @@ _option_default_settings = ('default_settings',
_option_verify_remote_host,
_options_proxy,
_option_redirects,
- _option_user_auth,
+ _option_auth,
_options_get_header_only,
_option_regex_response,
_options_compressed,