tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix client not closing connections 

fixes #11122
This commit is contained in:
Jean Flach 2016-02-09 15:55:12 +01:00
parent fa1d633484
commit 19134f41cf
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/remote/apilistener.cpp
View File

@ -321,16 +321,24 @@ void ApiListener::NewClientHandlerInternal(const Socket::Ptr& client, const Stri
return; return;
} }
if (!hostname.IsEmpty() && identity != hostname) { verify_ok = tlsStream->IsVerifyOK();
Log(LogInformation, "ApiListener") if (!hostname.IsEmpty()) {
<< "Unexpected certificate common name while connecting to endpoint '" << hostname << "': got '" << identity << "'"; if (identity != hostname) {
return; Log(LogWarning, "ApiListener")
<< "Unexpected certificate common name while connecting to endpoint '"
<< hostname << "': got '" << identity << "'";
return;
} else if (!verify_ok) {
Log(LogWarning, "ApiListener")
<< "Peer certificate for endpoint '" << hostname
<< "' is not signed by the certificate authority.";
return;
}
} }
verify_ok = tlsStream->IsVerifyOK();
Log(LogInformation, "ApiListener") Log(LogInformation, "ApiListener")
<< "New client connection for identity '" << identity << "'" << (verify_ok ? "" : " (unauthenticated)"); << "New client connection for identity '" << identity << "'"
<< (verify_ok ? "" : " (client certificate not signed by CA)");
if (verify_ok) if (verify_ok)
endpoint = Endpoint::GetByName(identity); endpoint = Endpoint::GetByName(identity);