tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-08-26 03:58:17 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,038 Commits 275 Branches 124 Tags
Commit Graph

1737 Commits

Author SHA1 Message Date
Noah Hilverling
2cb995e937
Merge pull request from GHSA-pcmr-2p2f-r7j6 
Verify certificates against CRL before renewing them (2.12)
 2020-12-15 12:30:19 +01:00
Julian Brost
cae22a89da Verify certificates against CRL before renewing them 
When a CRL is specified in the ApiListener configuration, Icinga 2 only
used it when connections were established so far, but not when a
certificate is requested. This allows a node to automatically renew a
revoked certificate if it meets the other conditions for auto-renewal
(issued before 2017 or expires in less than 30 days).
 2020-12-15 10:33:38 +01:00
Julian Brost
c868010884 Use ERR_error_string_n() instead of ERR_error_string() 
Explicitly pass the actual length of the buffer to avoid overflows.
 2020-12-15 08:29:37 +01:00
Julian Brost
1f945add50 Increase size of buffer for OpenSSL error messages 
According to man 3 ERR_error_string, "buf must be at least 256 bytes
long", therefore increase the buffer size to 256 everywhere.
 2020-12-15 08:29:37 +01:00
Julian Brost
159ccced65 Remove std::string to_string(const errinfo_openssl_error& e) 
The function was never used and it's implementation contains a bug where
a buffer of too small size is used as a paramter to ERR_error_string.
According to the `man 3 ERR_error_info`, the buffer has to be at least
256 bytes in size.

Also the function seems of limited use as it allows to output the tag
object used with additional error information for exceptions in Boost.
However, you boost::get_error_info<>() just returns the value type but
not the full tag object from the exception.
 2020-12-15 08:29:37 +01:00
Julian Brost
e7d9c5138b Remove SpinLock 
No longer needed as its only user now uses std::mutex.
 2020-11-27 11:32:11 +01:00
Julian Brost
867a3c0216 Add Process::WaitForResult to allow waiting for the process to finish 2020-11-27 11:32:10 +01:00
Noah Hilverling
47a6daf341
Merge pull request #8293 from Icinga/bugfix/icinga2-doesn-t-close-connections-7203 
Add timeout for boost::asio::ssl::stream#async_shutdown()
 2020-10-14 09:44:12 +02:00
Alexander A. Klimov
639c426cf3 Introduce SpinLock 2020-10-13 17:45:37 +02:00
Henrik Triem
38eb2b6bc8 WorkQueue: Allow choosing stats log level 2020-09-22 14:41:11 +02:00
Alexander A. Klimov
d69c6879fa Application#RunEventLoop(): don't wait for the thread pool to stop on shutdown 
refs #8173
 2020-09-03 14:04:42 +02:00
Noah Hilverling
97fc70ccb2
Merge pull request #7836 from Icinga/bugfix/jsonrpcconnection-m_seen 
Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message
 2020-07-29 15:02:48 +02:00
Alexander A. Klimov
647f1547a9 Generalize I/O timeout emulation 2020-06-17 10:31:40 +02:00
Noah Hilverling
df43cf573c
Merge pull request #8053 from Icinga/bugfix/segfault-map-reduce-filter-null-8047 
Ensure the custom function is not null in Array#{sort,map,reduce,filter,any,all}()
 2020-06-16 15:25:11 +02:00
Alexander A. Klimov
9c85401914 Ensure the custom function is not null in Array#{sort,map,reduce,filter,any,all}() 
refs #8047
 2020-06-09 12:35:04 +02:00
Alexander A. Klimov
f21b60e390 StreamLogger#Flush(): lock self 
... just to be sure.
 2020-05-15 15:33:37 +02:00
Noah Hilverling
4c9e4959f3
Merge pull request #7823 from Icinga/bugfix/unify-application-start-times 
Fix timing point for Application::GetStartTime() (related to command endpoint grace period)
 2020-03-09 09:45:57 +01:00
Noah Hilverling
6e3c928205
Merge pull request #7837 from Icinga/bugfix/coroutine-exception 
IoEngine#SpawnCoroutine(): always terminate coroutines cleanly
 2020-03-03 11:19:18 +01:00
Michael Friedrich
06d0c3ea4e
Merge pull request #7843 from Icinga/feature/cli-pki-verify 
CLI: Add `pki verify` command for better TLS certificate troubleshooting
 2020-02-25 09:07:24 +01:00
Michael Friedrich
fdb13d1b7d TlsUtility: Replace deprecated OpenSSL function with ASN1_STRING_get0_data() 2020-02-21 13:02:58 +01:00
Alexander A. Klimov
0f84ce0470 Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message 2020-02-19 11:11:53 +01:00
Alexander A. Klimov
b65aed1dd3 IoEngine#SpawnCoroutine(): always terminate coroutines cleanly 2020-02-19 10:51:26 +01:00
Michael Friedrich
548eb933c9 TlsUtility: Add getters for version, signature algorithm, SANs 2020-02-17 17:42:20 +01:00
Henrik Triem
099cc5d8df
Merge pull request #7833 from Icinga/feature/version-build-info-openssl 
CLI: Add OpenSSL version to 'Build' section in --version
 2020-02-17 17:07:51 +01:00
Michael Friedrich
71c7eebe4e CLI: Add OpenSSL version to 'Build' section in --version 
This helps to see against which OpenSSL version Icinga was built.
Inspired by #5572
 2020-02-14 08:55:39 +01:00
Michael Friedrich
a7436394cd TlsUtility: Add IsCa() function to verify given certificate being a CA certificate 2020-02-13 16:03:43 +01:00
Michael Friedrich
d53eb34520 Unify Application::GetStartTime() and drop GetMainTime() 
This essentially moves the start time into the scope when main
starts to "do something", after the reload and configuration handling
is done.
 2020-02-11 17:26:15 +01:00
Michael Friedrich
ae8a0b6a64 Introduce Application::GetUptime() 2020-02-11 16:47:50 +01:00
Michael Friedrich
04edda531c
Merge pull request #7788 from Icinga/bugfix/windows-timeout-unknown-state 
Terminate windows check processes with UNKNOWN state on timeout
 2020-02-10 15:34:28 +01:00
Alexander A. Klimov
0ed0f73d9d IoEngine#SpawnCoroutine(): remove redundand overload 2020-02-05 15:31:57 +01:00
Alexander A. Klimov
d98493c90f IoEngine#SpawnCoroutine(): don't copy parameter 2020-02-05 15:30:03 +01:00
Michael Insel
d7dfa6f1df Terminate windows check processes with UNKNOWN state on timeout 
On Windows this terminates checks that reached the timeout with the UNKNOWN
state instead the WARNING state.

Co-authored-by: araujorm <araujorm@users.noreply.github.com>
 2020-01-27 21:43:01 +01:00
Michael Friedrich
f62f2eb25e Boost Coroutines: Increase the default stack size from 64 to 256KB 
refs #7532
 2019-12-13 17:20:06 +01:00
Michael Friedrich
1cda421bad DSL: Add get_template{,s} 
Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
 2019-11-08 11:13:26 +01:00
Alexander A. Klimov
768044a754 Replace std::shared_ptr<NamespaceValue> with NamespaceValue::Ptr 
refs #7361
 2019-10-21 17:10:51 +02:00
Alexander A. Klimov
4438ccbf9e Introduce SharedObject 
refs #7361
 2019-10-21 17:10:51 +02:00
Alexander A. Klimov
ba1ce9c853 Replace std::shared_ptr<boost::asio::ssl::context> with Shared<boost::asio::ssl::context>::Ptr 2019-10-21 16:12:46 +02:00
Alexander A. Klimov
26ce2cfb73 Replace std::shared_ptr<AsioTcpStream> with Shared<AsioTcpStream>::Ptr 2019-10-21 16:12:46 +02:00
Alexander A. Klimov
a1683568a1 Replace std::shared_ptr<AsioTlsStream> with Shared<AsioTlsStream>::Ptr 2019-10-21 16:12:35 +02:00
Alexander A. Klimov
b046ffe152 Introduce Shared<T> 2019-10-21 11:07:42 +02:00
Michael Friedrich
2c0e0da2d9 Introduce IoEngine::SpawnCoroutine wrapping asio::spawn and Boost exceptions 
This is required to

- catch all exceptions and wrap them into Boost exceptions. They
are the only ones allowed with Boost.Coroutine.
- set a dedicated coroutine stack size for Windows.

refs #7431
 2019-09-09 16:40:35 +02:00
Michael Friedrich
5fa7331cc9 Quality: Replace deprecated Boost IO service code 
https://github.com/boostorg/asio/issues/110
https://www.boost.org/doc/libs/1_66_0/doc/html/boost_asio/example/cpp03/services/logger_service.hpp
 2019-09-09 15:27:57 +02:00
Michael Friedrich
1f50a705f9 Adjust code comment for Logger->Flush() on Windows 2019-09-06 09:24:34 +02:00
Michael Friedrich
c2e1d023e2
Merge pull request #7421 from Icinga/feature/threadpool-metric 
Expose metric current_pending_callbacks
 2019-08-15 10:51:31 +02:00
Alexander A. Klimov
a58a5feee3 Introduce ThreadPool#GetPending() 2019-08-14 17:12:59 +02:00
Michael Friedrich
43ea6fb636
Merge pull request #7419 from Icinga/bugfix/downtime-loop-activate-origin 
Fix object create/delete config object cluster loop (missing message origin)
 2019-08-14 16:29:08 +02:00
Michael Friedrich
96f62d2d34 Add Utility::ParseVersion() and unit tests 
This now uses a regex to extract the short version
similar to how Icinga Web 2 does it.

Additional unit tests prove the rule.
 2019-08-14 11:22:55 +02:00
Michael Friedrich
c30edd0a34 Fix message origin for runtime created config object (create/delete events) 2019-08-13 15:05:47 +02:00
Michael Friedrich
0fd2fc0a4f Only include SSL_CTX_set_ecdh_auto for OpenSSL < 1.1.0 2019-07-23 17:39:02 +02:00
Michael Friedrich
844e821cd1
Merge pull request #7320 from Icinga/feature/foreground-5230 
Rework reload handling on *nix
 2019-07-18 18:24:22 +02:00