tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,301 Commits 347 Branches 117 Tags 201 MiB
Commit Graph

973 Commits

Author SHA1 Message Date
Julian Brost bbfd1ecfc8 Use ERR_error_string_n() instead of ERR_error_string() 
Explicitly pass the actual length of the buffer to avoid overflows.
 2020-12-08 13:08:18 +01:00
Alexander Aleksandrovič Klimov bee4ac7f7c
Merge pull request #8040 from Icinga/feature/v1-actions-execute-command-8034 
Add API endpoint: /v1/actions/execute-command
 2020-12-02 10:53:24 +01:00
Alexander Aleksandrovič Klimov 3f4b09f01c
Merge pull request #8488 from Icinga/feature/improve-config-sync-locking 
Improve config sync locking
 2020-11-27 17:55:15 +01:00
Alexander Aleksandrovič Klimov 81ed8d5629
Merge pull request #8321 from Icinga/bugfix/cant-create-api-user-w-password-8164 
Allow to create API User w/ password
 2020-11-25 15:40:07 +01:00
Alexander A. Klimov 1343fd538d Start ApiListener#SyncClient() in the thread pool 
... not hosting the coroutines not to block them.

Otherwise a large replay log would block messages sending
until the peer disconnects us.
 2020-11-24 17:25:43 +01:00
Alexander Aleksandrovič Klimov 3dcc6c32f3
Merge pull request #8479 from Icinga/bugfix/close-anonymous-connections 
Close anonymous connections after 10 seconds
 2020-11-24 16:44:09 +01:00
Julian Brost 2a2924855f
Merge pull request #7922 from Icinga/feature/http-status-codes-in-icinga-mainlog-7053 
Include HTTP status codes in log
 2020-11-24 16:35:58 +01:00
Julian Brost da407660f2
Merge pull request #8500 from Icinga/bugfix/config-sync-only-remove-files-if-timestamp-changed 
Config sync: Only remove files, if timestamp changed
 2020-11-24 16:34:12 +01:00
Julian Brost c154d4d50e
Merge pull request #8466 from Icinga/feature/one-connection 
ApiListener#NewClientHandlerInternal(): reject connections from already connected endpoints
 2020-11-24 16:33:15 +01:00
Noah Hilverling 83b4d8e69d Config sync: Only remove files, if timestamp changed 2020-11-24 10:44:38 +01:00
Alexander Aleksandrovič Klimov 39bc1590f6
Merge pull request #8440 from Icinga/bugfix/message-routing-for-global-zones 
Fix cluster message routing for global zones
 2020-11-24 10:41:17 +01:00
Alexander Aleksandrovič Klimov e84a4a290d
Merge pull request #8450 from Icinga/bugfix/do-not-accept-api-updates-for-unknown-zone 
API: Don't accept object updates for unknown global zone
 2020-11-24 10:40:20 +01:00
Julian Brost 70c9d49ebc ApiListener: merge new config validation and actication functions 
Merge AsyncTryActivateZonesStage and TryActivateZonesStageCallback and
name the result TryActivateZonesStage. The old split was a leftover from
the one being a callback function with no actual meaningful separation.
 2020-11-17 09:37:13 +01:00
Noah Hilverling 2d1980c10d
Merge pull request #8476 from Icinga/docs/api-action-api-function 
Clarify difference between API actions and functions in their docstrings
 2020-11-17 08:17:05 +01:00
Julian Brost e4610e7dbd Use std::mutex instead of Spinlock 2020-11-16 17:38:03 +01:00
Julian Brost 74b65f1642 API filesync: wait for validation process to exit 
This avoid having to pass a lock implictly using the captured variables
of a lambda.
 2020-11-16 17:10:57 +01:00
Julian Brost d1edcb909c Close anonymous connections after 10 seconds 
Anonymous connections are normally only used for requesting a
certificate and are closed after this request is received. However, the
request is only sent if the child has successfully verified the
certificate of its parent so that it is an authenticated connection from
its perspective. In case this verification fails, both ends view it as
an anonymous connection and never actually use it but attempt a
reconnect after 10 seconds leaking the connection. Therefore close it
after a timeout.
 2020-11-12 18:01:11 +01:00
Alexander Aleksandrovič Klimov 8ca765d730
Merge pull request #8455 from Icinga/bugfix/replay-object-deletion 
Log config object deletions to replay log
 2020-11-12 15:08:55 +01:00
Julian Brost 01a278bb5e Clarify difference between API actions and functions in their docstrings 2020-11-12 14:23:41 +01:00
Noah Hilverling 5f6042d92f Fix 'emoving' typo 2020-11-09 16:35:16 +01:00
Julian Brost cb476172ec Fix cluster message routing for global zones 
RelayMessageOne used to relay the message only to one other endpoint for
other zones, which is fine, as long as the target zone is a child/parent
zone but breaks if the target zone is a global one. In this case, the
message has to be forwarded within the local zone as well as to one node
in each child zone.
 2020-11-09 15:43:43 +01:00
Julian Brost be53b0af9e Log config object deletions to replay log 
The initial config object sync for each new connection (in
`ApiListener::SendRuntimeConfigObjects()`) only considers currently
existing objects and has no way to pass the information that objects
were deleted in the meantime.

This commit logs config object deletions to the replay log if required
so that there is a chance that it will be propagated to nodes that were
offline when the deletion happened.

Note that this can only be considered a workaround as the replay log
might be pruned or could even be completely disabled. Also, there still
seems to be a race-condition between the config sync and replay log of
multiple new connections at the same time.
 2020-11-09 14:09:44 +01:00
Alexander A. Klimov 29e5d7def7 Include HTTP status codes in log 
refs #7053
 2020-11-09 10:20:13 +01:00
Noah Hilverling 8ba5f72533 API: Don't accept object updates for unknown zone 2020-11-06 17:27:10 +01:00
Alexander Aleksandrovič Klimov 1450e1bb7f
Merge pull request #8108 from Icinga/bugfix/api-incorrect-response-header-6747 
API: Send Content-Type as api response header too
 2020-11-03 18:50:31 +01:00
Alexander Aleksandrovič Klimov 939f4591a4
Merge pull request #8087 from Icinga/bugfix/log-cout-permission-error-8086 
Display Logmessage if an permission error occurs
 2020-11-03 17:23:06 +01:00
Yonas Habteab 488e6bfb67 HTTP Request: Log an exception message if an error occurs 2020-11-02 15:01:48 +01:00
Alexander Aleksandrovič Klimov 1e281b060a
Merge pull request #7952 from Icinga/fix/SO_REUSEPORT-optional 
apilistener: Make SO_REUSEPORT optional
 2020-10-29 15:56:56 +01:00
Alexander A. Klimov bb851b0558 Merge branch 'master' into feature/v1-actions-execute-command-8034 2020-10-28 18:37:08 +01:00
Alexander A. Klimov 38110e55d3 ApiListener#NewClientHandlerInternal(): reject connections from already connected endpoints 2020-10-26 15:20:58 +01:00
Alexander Aleksandrovič Klimov a32c1bf910
Merge pull request #7864 from Icinga/bugfix/icinga2-doesn-t-close-connections-7203 
Add timeout for boost::asio::ssl::stream#async_shutdown()
 2020-10-19 15:25:12 +02:00
Alexander A. Klimov 40ac05c182 Introduce Endpoint#capabilities 
refs #8034
 2020-10-19 13:04:20 +02:00
Alexander Aleksandrovič Klimov f60ae93717
Merge pull request #7870 from Icinga/bugfix/last-zone-sync-stage-validation-failed-7642 
Clear ApiListener#last_failed_zones_stage_validation on config::Update if config not changed
 2020-10-19 12:31:01 +02:00
Alexander Aleksandrovič Klimov 4bb6f4c910
Merge pull request #8364 from Icinga/bugfix/configsyncstagelock-unlock-owner-213 
Make ApiListener::m_ConfigSyncStageLock a SpinLock
 2020-10-14 16:01:00 +02:00
Alexander A. Klimov fbfa931b31 Clear ApiListener#last_failed_zones_stage_validation on config::Update if config not changed 
refs #7642
 2020-10-14 12:17:14 +02:00
Alexander A. Klimov a083635de4 Make ApiListener::m_ConfigSyncStageLock a SpinLock 2020-10-14 10:47:08 +02:00
Julian Brost e04d618ede Catch exceptions in the thread running HandleConfigUpdate 
With dc3062a9b0, exceptions in this code
path were no longer caught properly. This commit restores exception
handling for this function.
 2020-10-13 14:07:44 +02:00
Yonas Habteab 3f3e04eb69 Allow to create api user w/ password 
fixes #8164
 2020-10-09 20:15:44 +02:00
mcodato 730075a177
Merge pull request #1 from Al2Klimov/version 
Introduce Endpoint#icinga_version
 2020-08-05 09:23:28 +02:00
Noah Hilverling a615b2126e
Merge pull request #8142 from Icinga/bugfix/don-not-close-connection-on-missing-heartbeat-8095 
Remove all codes related to the heartbeat timeout
 2020-07-29 15:33:22 +02:00
Noah Hilverling 97fc70ccb2
Merge pull request #7836 from Icinga/bugfix/jsonrpcconnection-m_seen 
Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message
 2020-07-29 15:02:48 +02:00
Yonas Habteab 964a90fa4b Remove all codes related to the heartbeat timeout 
until now, if the timeout is exceeded, the connection is immediately terminated.
But since we do not want to disconnect even if the timeout is exceeded, it is
better to send the messages without timeout and have deleted everything that
related to the heartbeat timeout. We also have another mechanism in
JRPC::CheckLiveness that does the disconnect.
 2020-07-29 14:27:55 +02:00
Noah Hilverling 9f57e895f1
Merge pull request #8102 from Icinga/bugfix/send-heartbeat-less-often-8098 
Send heartbeat every 20s and not 10s
 2020-07-21 09:46:33 +02:00
Yonas Habteab df2d30e6af Send Content-Type as api response header too 2020-07-10 10:42:55 +02:00
Yonas Habteab cf5ec5e341 Send heartbeat every 20s and not 10s 2020-07-09 13:22:08 +02:00
Alexander A. Klimov 645dcbdc9e Introduce Endpoint#icinga_version 
... and set it to e.g. 21200 via icinga::Hello.
 2020-07-07 18:24:06 +02:00
Mattia Codato b07471d803 AuthenticatedApiUser name refactor 2020-07-03 11:17:36 +02:00
Mattia Codato 08c6e9bc42 Make authenticatedApiUser a static property of ActionsHandler 2020-07-03 11:00:40 +02:00
Mattia Codato 27a6fd6b40 Get API user from ActionsHandler 2020-07-03 10:16:23 +02:00
Benjamin Groeber cc6fa66ba6 Allow apiactions to return sucecss http codes different from 200 2020-06-23 11:52:22 +02:00