tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
9,908 Commits 347 Branches 117 Tags 201 MiB
Commit Graph

659 Commits

Author SHA1 Message Date
Michael Friedrich 13239c3172 Ensure that HTTP/1.0 or Connection: close headers are properly disconnecting the client 
Test results: https://github.com/Icinga/icinga2/issues/6514#issuecomment-428155731

fixes #6514
 2018-10-09 13:23:23 +02:00
Michael Friedrich 82178e3b33 Don't inherit daemonize parameter from parent process 2018-09-27 20:30:19 +02:00
Thomas Forrer 816cae98fa Fix config validation problem (startup.log) during /v1/config/stages API call 
copy all arguments of parent process in AsyncTryActivateStage
 2018-09-27 20:27:09 +02:00
Michael Friedrich 64e273afdd
Merge pull request #6639 from Icinga/fix/windows-api-log-rename 
Ensure to _unlink before renaming replay log on Windows
 2018-09-27 08:02:00 +02:00
Michael Friedrich c979f86e4e
Merge pull request #6632 from Icinga/feature/cluster-faster-reconnect 
Increase the cluster reconnect frequency to 10s
 2018-09-25 17:07:01 +02:00
Michael Friedrich cbde35ff22 Use a dynamic thread pool for API connections 
The full analysis is located in #6517.

fixes #6517
 2018-09-25 12:43:10 +02:00
Michael Friedrich cd819f74f4 Increase the cluster reconnect frequency to 10s 
This is blocked by #6517.

refs #6234
 2018-09-25 12:36:30 +02:00
Michael Friedrich 29701b4db5 Add ApiListener#tls_handshake_timeout option 
This allows to specify the previously hardcoded
timeout of 10s.

refs #6517
 2018-09-14 09:20:09 +02:00
Michael Friedrich dd59964702
Merge pull request #6596 from Icinga/bugfix/gcc-8-f28-hardening-crash 
Fix crash on API queries with Fedora 28 hardening and GCC 8
 2018-09-11 20:44:12 +02:00
Noah Hilverling 3854ed683b Improve TLS handshake exception logging 2018-09-06 15:58:42 +02:00
Michael Friedrich 1f4f6282c7 Fix crash on API queries with Fedora 28 hardening and GCC 8 
The actual fix is to handle nullptr references differently
for an empty filter expression. The other changes include
oob checks not necesarily involved.

fixes #6533
 2018-09-06 09:56:04 +02:00
Michael Friedrich 9a75f47fc5 Allow to configure anonymous clients limit inside the ApiListener object 
Previously this was hardcoded, and for security reasons users might want
to adjust this value. This affects CSR signing requests as well as
clients which have not yet been configured as endpoints on the current
node.

refs #6566
 2018-09-05 17:45:35 +02:00
Michael Friedrich a1ec919f5b Raise the message size for anonymous client and pki request calls to 1MB 
If one sends the full certificate chain, this previous limit of 64KB
could be hit.
 2018-09-05 17:44:05 +02:00
Michael Friedrich 237fd520db
Merge pull request #6509 from gunnarbeutner/feature/real-constants 
Implement support for namespaces
 2018-08-24 12:10:10 +02:00
Michael Friedrich 7a22113f86
Merge pull request #6570 from Icinga/bugfix/tls-anonymous-clients-limit 
Increase limit for simultaneously connected anonymous TLS clients
 2018-08-23 17:13:41 +02:00
Michael Friedrich 0dd168fe80 Increase limit for simultaneously connected anonymous TLS clients 2018-08-23 17:10:51 +02:00
Michael Friedrich 6a71b75f63 ApiListener: Dump the state file port detail as number 
refs #6511
 2018-08-22 12:57:47 +02:00
Gunnar Beutner e678fa1aa5 Refactor Application::*Const() 2018-08-13 15:27:05 +02:00
Gunnar Beutner 8fda8d72ac Implement support for the namespace and using keywords 2018-08-13 13:44:31 +02:00
Gunnar Beutner 1a8692d972 Implement support for namespaces 2018-08-13 13:44:31 +02:00
Michael Friedrich 060a1ebbd9
Merge pull request #6512 from Icinga/feature/sni-environment 
Refactor environment for API connections
 2018-08-10 13:15:48 +02:00
Michael Friedrich 97513965e6 Introduce IcingaApplication#environment 
Precedence as follows:

- DEnvironment=...
- const Environment = ...
- object IcingaApplication "app" { environment = "..." }

The wrapped script constant handling is required
since we cannot directly link from libremote (SNI handling)
to libicinga where the object resides. Instead we'll
use the Application class helpers for hiding the ScriptGlobal
calls.
 2018-08-10 12:49:48 +02:00
Michael Friedrich a4c689e5cf Build fix for CentOS 7 and non-unity builds 2018-08-09 16:23:24 +02:00
Michael Friedrich b350512b11 Rename to Environment constant 2018-08-09 13:19:33 +02:00
Markus Frosch eb02d9041d Refactor environment for API connections 
* Const renamed to `ApiEnvironment`
* Handling moved to ApiListener
* Now a property of ApiListener
 2018-08-09 13:19:33 +02:00
Michael Friedrich f1e7e635a2
Merge pull request #6531 from Icinga/feature/zone-all_parents 
Expose Zone#all_parents via API
 2018-08-09 13:11:23 +02:00
Michael Friedrich ecb73e08ed Implement ApiListener status file removal on shutdown 2018-08-09 11:54:34 +02:00
Markus Frosch 20269a89d0 ApiListener: Add support for dynamic port handling 2018-08-08 17:42:57 +02:00
Alexander A. Klimov ea5614f7df Expose Zone#all_parents via API 2018-08-08 14:38:02 +02:00
Alexander A. Klimov 7bcbd9b497 Rename Zone#GetAllParents() to Zone#GetAllParentsRaw() 2018-08-08 14:38:02 +02:00
Markus Frosch 9fbc40615a Improve path handling in cmake and daemon 2018-08-07 14:10:26 +02:00
Michael Friedrich 1d22b6e176
Merge pull request #6410 from Icinga/remove-dead-code 
Remove unused code
 2018-07-27 15:56:52 +02:00
Markus Frosch ddc5b951b3
Revert "Implement support for the --env command-line argument" 2018-07-26 17:09:06 +02:00
Michael Friedrich 46e71a83dc
Merge pull request #6414 from Icinga/feature/icinga-envs 
Implement support for the --env command-line argument
 2018-07-26 10:09:42 +02:00
Michael Friedrich 038b2fb94c
Merge pull request #6379 from Icinga/global-zone-validation 
Throw config error when using global zones as parent
 2018-07-26 10:01:46 +02:00
Jean Flach 2b44eff8da Fix "Discard" message being warning 2018-07-26 09:39:03 +02:00
Alexander A. Klimov ac6afadb5a Make HttpServerConnection#m_DataHandlerMutex a boost::recursive_mutex 
refs #6428
 2018-07-09 14:40:32 +02:00
Gunnar Beutner c577554073 Implement support for the --env command-line argument 2018-06-27 13:15:52 +02:00
Jean Flach 4159682cf8 Remove unused code 
These methods and types were used only by the Icinga Studio
 2018-06-25 10:09:30 +02:00
Michael Friedrich a1c2eb3d87 Ensure to _unlink before renaming replay log on Windows 2018-06-22 11:12:09 +02:00
Michael Friedrich 0ffb8af8e3 Conform to RFC for CRLF in HTTP requests 
refs #6242
 2018-06-21 16:53:44 +02:00
Michael Friedrich cfd6c79a03
Merge pull request #6387 from Icinga/fix/remove-broken-api-user-hash 
Remove ApiUser password_hash functionality
 2018-06-19 14:26:32 +02:00
Michael Friedrich 2fd6709952 Remove ApiUser password_hash functionality 
This affects and fixes

- Windows reload
- Config validation
- RHEL 7.5 OpenSSL memory corruption
- Hash algorithm, requested changes

refs #6378
refs #6279
refs #6278
 2018-06-19 11:32:03 +02:00
Alexander A. Klimov a0fca599da HttpRequest#ParseBody(): indicate success on complete body 
refs #6184
 2018-06-18 16:02:22 +02:00
Jean Flach ee9be90fa7 Throw config error when using global zones as parent 2018-06-15 14:40:09 +02:00
Michael Friedrich 8c3c4704d2
Merge pull request #6371 from Icinga/bugfix/socket-io-handling-with-http-json-rpc-6361 
ApiListener#NewClientHandlerInternal(): Explicitly close the TLS stream on any failure
 2018-06-15 14:35:48 +02:00
Michael Friedrich b9bfe70444 Fix missing name for workqueue while creating runtime objects via API 
fixes #6364
 2018-06-15 14:25:03 +02:00
Alexander A. Klimov 7741517df7 ApiListener#NewClientHandlerInternal(): Explicitly close the TLS stream on any failure 
refs #6361
 2018-06-14 15:03:04 +02:00
Michael Friedrich 447dad91c0 Increase header size to 8KB for HTTP requests 
This is the default for Tomcat and Apache too
and avoids problems with cookies and long URLs.

fixes #6355
 2018-06-06 20:25:36 +02:00
Michael Friedrich f788878f79 Update log message for skipped certificate renewal 
Users kept asking about it, still it is just an "information"
that this isn't needed yet.
 2018-05-18 17:04:03 +02:00