bool GenericAgentCheckPolicy(GenericAgentConfig *config, bool force_validation, bool write_validated_file)
{
if (!MissingInputFile(config->input_file))
{
{
if (config->agent_type == AGENT_TYPE_SERVER ||
config->agent_type == AGENT_TYPE_MONITOR ||
config->agent_type == AGENT_TYPE_EXECUTOR)
{
time_t validated_at = ReadTimestampFromPolicyValidatedFile(config, NULL);
config->agent_specific.daemon.last_validated_at = validated_at;
}
}
if (IsPolicyPrecheckNeeded(config, force_validation))
{
bool policy_check_ok = GenericAgentArePromisesValid(config);
if (policy_check_ok && write_validated_file)
{
GenericAgentTagReleaseDirectory(config,
NULL, // use GetAutotagDir
write_validated_file, // true
GetAmPolicyHub(GetWorkDir())); // write release ID?
}
if (config->agent_specific.agent.bootstrap_policy_server && !policy_check_ok)
{
Log(LOG_LEVEL_VERBOSE, "Policy is not valid, but proceeding with bootstrap");
return true;
}
return policy_check_ok;
}
else
{
Log(LOG_LEVEL_VERBOSE, "Policy is already validated");
return true;
}
}
return false;
}
bool GenericAgentCheckPolicy(GenericAgentConfig *config, bool force_validation)
{
if (!MissingInputFile(config->input_file))
{
if (IsPolicyPrecheckNeeded(config, force_validation))
{
bool policy_check_ok = GenericAgentCheckPromises(config);
if (config->agent_specific.agent.bootstrap_policy_server && !policy_check_ok)
{
Log(LOG_LEVEL_VERBOSE, "Policy is not valid, but proceeding with bootstrap");
return true;
}
return policy_check_ok;
}
else
{
Log(LOG_LEVEL_VERBOSE, "Policy is already validated");
return true;
}
}
return false;
}
void GenericInitialize(int argc,char **argv,char *agents)
{ enum cfagenttype ag = Agent2Type(agents);
char vbuff[CF_BUFSIZE];
int ok = false;
#ifdef HAVE_NOVA
CF_DEFAULT_DIGEST = cf_sha256;
CF_DEFAULT_DIGEST_LEN = CF_SHA256_LEN;
#else
CF_DEFAULT_DIGEST = cf_md5;
CF_DEFAULT_DIGEST_LEN = CF_MD5_LEN;
#endif
InitializeGA(argc,argv);
SetReferenceTime(true);
SetStartTime(false);
SetSignals();
SanitizeEnvironment();
strcpy(THIS_AGENT,CF_AGENTTYPES[ag]);
NewClass(THIS_AGENT);
THIS_AGENT_TYPE = ag;
// need scope sys to set vars in expiry function
SetNewScope("sys");
if (EnterpriseExpiry())
{
CfOut(cf_error,"","Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
exit(1);
}
if (AM_NOVA)
{
CfOut(cf_verbose,""," -> This is CFE Nova\n");
}
if (AM_CONSTELLATION)
{
CfOut(cf_verbose,""," -> This is CFE Constellation\n");
}
NewScope("const");
NewScope("match");
NewScope("mon");
GetNameInfo3();
CfGetInterfaceInfo(ag);
if (ag != cf_know)
{
Get3Environment();
BuiltinClasses();
OSClasses();
}
LoadPersistentContext();
LoadSystemConstants();
snprintf(vbuff,CF_BUFSIZE,"control_%s",THIS_AGENT);
SetNewScope(vbuff);
NewScope("this");
NewScope("match");
if (BOOTSTRAP)
{
CheckAutoBootstrap();
}
else
{
if (strlen(POLICY_SERVER) > 0)
{
CfOut(cf_verbose,""," -> Found a policy server (hub) on %s",POLICY_SERVER);
}
else
{
CfOut(cf_verbose,""," -> No policy server (hub) watch yet registered");
}
}
SetPolicyServer(POLICY_SERVER);
if (ag != cf_keygen)
{
if (!MissingInputFile())
{
bool check_promises = false;
if (SHOWREPORTS)
{
check_promises = true;
CfOut(cf_verbose, "", " -> Reports mode is enabled, force-validating policy");
}
if (IsFileOutsideDefaultRepository(VINPUTFILE))
{
check_promises = true;
CfOut(cf_verbose, "", " -> Input file is outside default repository, validating it");
}
if (NewPromiseProposals())
{
check_promises = true;
CfOut(cf_verbose, "", " -> Input file is changed since last validation, validating it");
}
if (check_promises)
{
ok = CheckPromises(ag);
if (BOOTSTRAP && !ok)
{
CfOut(cf_verbose, "", " -> Policy is not valid, but proceeding with bootstrap");
ok = true;
}
}
else
{
CfOut(cf_verbose, "", " -> Policy is already validated");
ok = true;
}
}
if (ok)
{
ReadPromises(ag,agents);
}
else
{
CfOut(cf_error,"","cf-agent was not able to get confirmation of promises from cf-promises, so going to failsafe\n");
snprintf(VINPUTFILE,CF_BUFSIZE-1,"failsafe.cf");
ReadPromises(ag,agents);
}
if (SHOWREPORTS)
{
CompilationReport(VINPUTFILE);
}
CheckLicenses();
}
XML = 0;
}