Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[dev.icinga.com #12913] icinga2 pki request should not crash on DNS/network error #4731

Closed
icinga-migration opened this issue Oct 13, 2016 · 2 comments
Closed

[dev.icinga.com #12913] icinga2 pki request should not crash on DNS/network error #4731

icinga-migration opened this issue Oct 13, 2016 · 2 comments
Labels
bug Something isn't working core/crash Shouldn't happen, requires attention help wanted Extra attention is needed

Comments

@icinga-migration
Copy link

This issue has been migrated from Redmine: https://dev.icinga.com/issues/12913

Created by tgelf on 2016-10-13 10:46:58 +00:00

Assignee: (none)
Status: New
Target Version: (none)
Last Update: 2016-10-13 10:46:58 +00:00 (in Redmine)

Icinga Version: 2.5.4
Backport?: Not yet backported
Include in Changelog: 1

Command:

icinga2 pki request --host my-icinga.master.node --port 5665 ...

Expected outcome when DNS lookup fails

information/base: Writing private key to '/etc/icinga2/pki/new-icinga.agent.node.key'.
information/base: Writing X509 certificate to '/etc/icinga2/pki/new-icinga.agent.node.crt'.
information/base: Writing certificate signing request to '/etc/icinga2/pki/new-icinga.agent.node.csr'.
critical/TcpSocket: getaddrinfo() failed with error code -2, "Name or service not known"
critical/pki: Cannot connect to host 'my-icinga.master.node' on port '5665'
critical/cli: Failed to fetch certificate from host

Actual output

information/base: Writing private key to '/etc/icinga2/pki/new-icinga.agent.node.key'.
information/base: Writing X509 certificate to '/etc/icinga2/pki/new-icinga.agent.node.crt'.
information/base: Writing certificate signing request to '/etc/icinga2/pki/new-icinga.agent.node.csr'.
critical/TcpSocket: getaddrinfo() failed with error code -2, "Name or service not known"
critical/pki: Cannot connect to host 'my-icinga.master.node' on port '5665'
critical/cli: Failed to fetch certificate from host
critical/SSL: Error on bio X509 AUX reading pem file '/etc/icinga2/pki/trusted-master.crt': 33558530, "error:02001002:lib(2):func(1):reason(2)"
critical/Application: Error: std::exception

Thrown exception

Error: std::exception

        (0) libbase.so: void boost::throw_exception(icinga::openssl_error const&) (+0xc9) [0x7f9e974eeaf9]
        (1) libbase.so: void boost::exception_detail::throw_exception_(icinga::openssl_error const&, char const*, char const*, int) (+0x4e) [0x7f9e974eebae]
        (2) libbase.so: icinga::GetX509Certificate(icinga::String const&) (+0x3da) [0x7f9e9748114a]
        (3) libcli.so: icinga::PKIRequestCommand::Run(boost::program_options::variables_map const&, std::vector, std::allocator >, std::allocator, std::allocator > > > const&) const (+0x551) [0x7f9e97b166d1]
        (4) /usr/lib/x86_64-linux-gnu/icinga2/sbin/icinga2() [0x414251]
        (5) /usr/lib/x86_64-linux-gnu/icinga2/sbin/icinga2() [0x4107fa]
        (6) libc.so.6: __libc_start_main (+0xf0) [0x7f9e96a49830]
        (7) /usr/lib/x86_64-linux-gnu/icinga2/sbin/icinga2() [0x410929]

Cheers,
Thomas
@icinga-migration icinga-migration added the bug Something isn't working label Jan 17, 2017
@gunnarbeutner gunnarbeutner added the core/crash Shouldn't happen, requires attention label Feb 7, 2017
@dnsmichi dnsmichi added the help wanted Extra attention is needed label Apr 26, 2017
@mcktr
Copy link
Member

mcktr commented Dec 4, 2017

Tested with v2.8.0-45-g1f52e39 and seems to be fixed:

[root@icinga2 ~]# icinga2 pki request --host icinga.master.node --port 5665 ...
critical/TcpSocket: getaddrinfo() failed with error code -2, "Name or service not known"
critical/cli: Cannot connect to host 'icinga.master.node' on port '5665'

@Crunsher
Copy link
Contributor

Nice 👌

If this happens again, they will have to make a new ticket

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working core/crash Shouldn't happen, requires attention help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@dnsmichi @gunnarbeutner @Crunsher @mcktr @icinga-migration