From 1cbbca8dcfc3e763a7a4b5f4369e09ec7a32c622 Mon Sep 17 00:00:00 2001 From: Nicolas Williams Date: Fri, 10 Jan 2020 11:39:56 -0600 Subject: [PATCH] bx509: Add /, /health for load balancer checking A HEAD or GET of / or /health will now produce a 200 instead of a 404. Ideally we should add configuration arguments that would allow /health to get a token, make a CSR, and test the /bx509 (and/or /bnegotiate) functionality, that way we'd have a real health check. For now we defer that work, as external health monitoring can be done using a simple script anyways. --- kdc/bx509d.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/kdc/bx509d.c b/kdc/bx509d.c index 6a38acd75..2c973268b 100644 --- a/kdc/bx509d.c +++ b/kdc/bx509d.c @@ -1554,6 +1554,19 @@ bnegotiate(struct bx509_request_desc *r) return ret; } +static krb5_error_code +health(const char *method, struct bx509_request_desc *r) +{ + if (strcmp(method, "HEAD") == 0) + return resp(r, MHD_HTTP_OK, MHD_RESPMEM_PERSISTENT, "", 0, NULL); + return resp(r, MHD_HTTP_OK, MHD_RESPMEM_PERSISTENT, + "To determine the health of the service, use the /bx509 " + "end-point.\n", + sizeof("To determine the health of the service, use the " + "/bx509 end-point.\n") - 1, NULL); + +} + /* Implements the entirety of this REST service */ static int route(void *cls, @@ -1588,7 +1601,10 @@ route(void *cls, if ((ret = set_req_desc(connection, url, &r))) return bad_503(&r, ret, "Could not initialize request state"); - if (strcmp(method, "GET") != 0) + if ((strcmp(method, "HEAD") == 0 || strcmp(method, "GET") == 0) && + (strcmp(url, "/health") == 0 || strcmp(url, "/") == 0)) + ret = health(method, &r); + else if (strcmp(method, "GET") != 0) ret = bad_405(&r, method); else if (strcmp(url, "/bx509") == 0) ret = bx509(&r);