tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,937 Commits 347 Branches 117 Tags 190 MiB
Commit Graph

113 Commits

Author SHA1 Message Date
Michael Friedrich c7a2fc556c Quality: Purge old TlsStream functionality 2019-05-24 15:50:43 +02:00
Elias Ohm 4c86c370bb fixup errbuf length in the other files and avoid using the static buffer in one place (for thread safety and code consistency reasons) 2019-05-09 09:30:12 +02:00
Alexander A. Klimov f2d9d91e83 Introduce UnbufferedAsioTlsStream#GetPeerCertificate() 2019-04-01 17:11:09 +02:00
Alexander A. Klimov d428bdf384 Add missing includes 2019-04-01 13:31:16 +02:00
Alexander A. Klimov e6d78bf361 Move some TCP/TLS logic out of ApiListener 
... for re-using it
 2019-04-01 13:31:16 +02:00
Alexander A. Klimov 2615967e7f Make ApiListener#m_SSLContext a Boost ASIO SSL context 2019-04-01 11:40:14 +02:00
Michael Friedrich d14a88235d Replace Copyright header with a short version, part I 
CLion -> replace in path
 2019-02-25 14:48:22 +01:00
Alexander A. Klimov a2ae01e64b Socket engine: drop life support objects 
refs #6477
 2018-10-30 13:46:20 +01:00
Michael Friedrich 5406ce6540 Ensure that API/JSON-RPC messages in the same session are processed and not stalled 
This basically drops the "corked" implementation which just stalled the
TLS IO polling after some requests. If you need sort of rate limiting
for these events, use an external TLS proxy which terminates that in front
of Icinga.

fixes #6635
 2018-10-29 12:57:24 +01:00
Michael Friedrich 7e1942e8e7
Merge pull request #6718 from Icinga/bugfix/ssl-shutdown 
Call SSL_shutdown() at least twice
 2018-10-24 11:46:32 +02:00
Michael Friedrich dab53448bc icinga.com: Update *.{h,c}pp 2018-10-18 09:27:04 +02:00
Michael Friedrich 29701b4db5 Add ApiListener#tls_handshake_timeout option 
This allows to specify the previously hardcoded
timeout of 10s.

refs #6517
 2018-09-14 09:20:09 +02:00
Michael Friedrich f297881e23 Call SSL_shutdown() at least twice 2018-09-10 16:10:16 +02:00
Michael Friedrich 257ad12646 Use SSL_pending() for remaining TLS stream data 
We've used this previously, and according to the OpenSSL
docs we should just use it. From our experience everything
done different to the API functions from OpenSSL causes
undefined behaviour in the worst case.

This commit also breaks the packet size limit into a more
readable version, including logs for development debug builds.

refs #6242
 2018-06-21 15:58:05 +02:00
Alexander A. Klimov 3c7851107c TlsStream#IsEof(): fix false positive EOF indicator 
refs #6242
 2018-06-20 16:55:33 +02:00
Gunnar Beutner 9cd5298d8b Ensure that SetCorked() works properly 2018-03-06 09:03:35 +01:00
Jean Flach d0cf7c654e Use cork in tlsstream and HTTP connection 2018-02-28 11:40:58 +01:00
Jean Flach 85f45d9b94 Minor codestyle and doc changes 2018-02-21 14:52:44 +01:00
Jean Flach 8ffa4f04a7 Add timeout for TLS handshakes 2018-02-20 13:32:04 +01:00
Gunnar Beutner e3ad0be769 Apply clang-tidy fix 'modernize-use-auto' 2018-01-04 12:24:57 +01:00
Gunnar Beutner ac155d1dda Apply clang-tidy fix 'modernize-redundant-void-arg' 2018-01-04 12:24:57 +01:00
Gunnar Beutner 90496b5456 Build libraries as static libraries 2018-01-02 23:29:48 +01:00
Michael Insel 158ae2188e Change copyright header for 2018 2018-01-02 12:08:55 +01:00
Jean Flach 2636e6a77a Whitespace fix 
What does this change?
* Remove use of spaces for formatting
These could be found by using `grep -r -l -P '^\t+ +[^*]'
* Removal of training whitespaces
* A few lines longer than 120 chars
 2017-12-20 14:53:52 +01:00
Gunnar Beutner 1ad83886ac Replace a few more NULLs with nullptr 2017-12-14 15:37:20 +01:00
Gunnar Beutner 6d09efc907 Use std::shared_ptr instead of boost::shared_ptr 2017-11-30 17:41:00 +01:00
Gunnar Beutner 858873b940 Replace boost::bind/boost::function with std::bind/std::function 2017-11-27 15:15:11 +01:00
Michael Friedrich b7caf0820d Ensure that *.icinga.com is used everywhere 
fixes #13897
fixes #13277
 2017-01-10 17:19:12 +01:00
Gunnar Beutner cdda3bad8c Include client IP address and port in HTTP requests 
fixes #11706
 2016-07-25 09:43:13 +02:00
Stephan Tesch 431c110056 Improve error reporting for the client certificate check 
Until now, client certificates that have failed verification were reported as not being signed by the CA. That is not true for all cases. This patch adds an explanation in the debug log why verification failed.

fixes #12201
 2016-07-25 09:22:35 +02:00
Michael Friedrich 9b873d60c2 Ensure to clear the SSL error queue before calling SSL_{read,write,do_handshake} 
fixes #12100
 2016-07-05 15:25:02 +02:00
Gunnar Beutner 2adfcb56fe Improve error handling for TlsStream::Handshake 
fixes #11046
 2016-05-11 10:09:54 +02:00
Michael Friedrich 5dd685cef9 Fix socket exceptions while querying the API 
fixes #11224
 2016-03-29 13:52:37 +02:00
Gunnar Beutner 2dc385e31b Fix memory/thread leak in the HttpServerConnection class 
fixes #10655
 2016-02-03 09:54:31 +01:00
Gunnar Beutner fabf37e79c Improve performance for TlsStream::OnEvent 
refs #11014
 2016-02-02 13:51:17 +01:00
Gunnar Beutner 83889dcbb0 Increase the buffer size in TlsStream::OnEvent to avoid unnecessary poll() calls 
refs #11014
 2016-02-02 08:28:54 +01:00
Gunnar Beutner e4b7111577 Check the certificate name when reconnecting to an instance 
refs #10963
 2016-01-19 16:24:12 +01:00
Gunnar Beutner 7f4af89a56 Ensure that HttpServerConnections are properly closed 
fixes #10655
 2016-01-13 10:30:38 +01:00
Gunnar Beutner 599929b0f6 Update copyright headers for 2016 2016-01-12 08:29:59 +01:00
Gunnar Beutner 5a74f69819 Fix memory leak for JSON-RPC/HTTP connections 
fixes #10517
 2015-11-09 10:22:52 +01:00
Michael Friedrich 286538c17e Implement api event streams 
Documentation is not yet complete.

refs #9078
 2015-10-21 15:34:26 +02:00
Gunnar Beutner 0e40c3ee1d Fix deadlock in TlsStream::Close 
fixes #10235
 2015-09-29 10:31:16 +02:00
Gunnar Beutner c37a23ccba Implement the Icinga Studio application 
fixes #10042
 2015-08-31 07:50:01 +02:00
Gunnar Beutner b357012ded Implement HTTP support 
refs #9447
 2015-07-09 11:42:34 +02:00
Gunnar Beutner fd9dc32a3d Implement SNI support for the TlsStream class 
fixes #8610
 2015-03-05 14:15:42 +01:00
Gunnar Beutner bb393a9d4f Remove unused variables 2015-03-02 12:52:37 +01:00
Gunnar Beutner 9567cd663b Fix another potential hang in TlsStream::Handshake 
refs #8550
 2015-02-27 09:03:23 +01:00
Gunnar Beutner 4e8c5706e1 Don't send heartbeats during log replay 
fixes #8461
refs #8485
 2015-02-26 14:59:39 +01:00
Gunnar Beutner 0c51857084 Fix another crash in SocketEvents::Register 
fixes #8547
 2015-02-26 13:11:50 +01:00
Gunnar Beutner aef5bc2f3a Fix a crash in TlsStream::Close 
fixes #8537
 2015-02-25 14:41:23 +01:00