tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,979 Commits 347 Branches 119 Tags 186 MiB
Commit Graph

4781 Commits

Author SHA1 Message Date
Michael Friedrich b32d818d1b CLI: Allow to list removed CSRs with 'ca list' 2019-06-07 10:33:55 +02:00
Michael Friedrich a35828a6ff CLI: Update ca remove/restore commands from my review 2019-06-07 10:33:55 +02:00
Andrew Jaffie d95feb4950 Log messages now use CN, file permissions fixed, ca remove now will not remove CSR's that have already been signed. 2019-06-07 10:33:55 +02:00
Andrew Jaffie 6aa2e0c36b Added ca restore command+docs to undo effects of ca remove 2019-06-07 10:33:55 +02:00
Andrew Jaffie 429f1ed317 Ignore repeated requests from client after using ca remove command 2019-06-07 10:33:55 +02:00
Andrew Jaffie a970f7dcf9 Implemented cli command + documentation. 2019-06-07 10:33:55 +02:00
Alexander A. Klimov ffd736f56f LegacyTimePeriod::ProcessTimeRangeRaw(): support ranges across midnight 
refs #5261
 2019-06-06 13:11:34 +02:00
Michael Friedrich 9522a2e06f
Merge pull request #7218 from Icinga/feature/api-host-downtime-all-services 
API Actions: Add downtime for all host services (child objects)
 2019-06-06 12:53:42 +02:00
Michael Friedrich f6fc81c6c3 Combine all_services with child_options for schedule-downtime API action 2019-06-06 11:37:22 +02:00
Michael Friedrich e7c4253fa3 REST API: Allow to schedule downtimes for all services for one or more matching hosts 2019-06-06 11:37:22 +02:00
Michael Friedrich f9a02fb813
Merge pull request #7208 from Icinga/bugfix/waiting-for-running-checks-6841 
Actually wait for running checks
 2019-06-06 11:16:34 +02:00
Michael Friedrich 6a8823f879 Avoid concurrent cluster config sync transactions 
fixes #6660
 2019-06-05 15:23:28 +02:00
Michael Friedrich ef72cd4442
Merge pull request #7220 from Icinga/bugfix/asio-error-handling 
Improve error handling with network connections (Boost ASIO)
 2019-06-05 14:43:31 +02:00
Michael Friedrich 18211ddd23
Merge pull request #7209 from Icinga/bugfix/immediately-close-sockets 
Close server connections and shutdown coroutines immediately on disconnect
 2019-06-05 14:40:24 +02:00
Alexander A. Klimov ad28380884 Close server connections and shutdown coroutines immediately on disconnect 2019-06-05 10:42:03 +02:00
Michael Friedrich fd9887c5af API: Harden default cipher list 
According to https://www.acunetix.com/blog/articles/tls-ssl-cipher-hardening/
 2019-06-05 09:55:43 +02:00
Michael Friedrich 3798089642 Improve error handling with network connections (Boost ASIO) 
refs #7041
 2019-06-05 09:42:51 +02:00
Michael Friedrich 146b337d4d
Merge pull request #7211 from Icinga/feature/asio-tls-version 
Require TLS 1.2 for Cluster & REST API
 2019-06-03 16:19:22 +02:00
Michael Friedrich d82c067555 Require TLS 1.2 for Cluster & REST API 
refs #7041
 2019-05-29 17:08:36 +02:00
Michael Friedrich 438da67209
Merge pull request #7210 from Icinga/bugfix/boost-asio-deprecated 
Quality: Replace deprecated get_io_service() with get_executor().context() for Boost ASIO
 2019-05-29 15:40:19 +02:00
Michael Friedrich 99bb7fa99c
Merge pull request #7196 from Icinga/feature/network-cleanup 
Cleanup old code (HTTP, Cluster)
 2019-05-29 14:50:40 +02:00
Michael Friedrich 59b95ed1f0 Quality: Replace deprecated get_io_service() with get_executor().context() for Boost ASIO 
refs #7041
 2019-05-29 14:36:10 +02:00
Michael Friedrich f5bc9b469c Quality: Mark NetworkStream, TcpSocket & UnixSocket classes as deprecated 
They're used inside the Livestatus feature which needs rework.
 2019-05-29 14:17:36 +02:00
Alexander A. Klimov 705ab87b60 Actually wait for running checks 
refs #6841
 2019-05-29 10:33:29 +02:00
Michael Friedrich 120aba3919 Quality: Removed unused HttpChunkedEncoding class 2019-05-28 13:46:19 +02:00
Michael Friedrich ba44c3921c Quality: Remove old MakeSSLContext() interface 2019-05-28 13:03:34 +02:00
Michael Friedrich e72721b62f CLI: Remove broken troubleshoot command 
It wasn't finished nor have we used it for support questions.

Issue templates, troubleshooting docs and external scripts
serve a better purpose here, especially with distributed systems.
 2019-05-28 12:31:38 +02:00
Michael Friedrich efd4e8ad40 Quality: Use Boost ASIO/IO engine in Graphite feature 
This commit changes the reconnect priority to high.

Also add function docs.
 2019-05-27 16:49:51 +02:00
Michael Friedrich 0466316019 Quality: Rewrite OpenTSDB to use Boost ASIO and I/O engine 
The connection handling and code isn't really good, but not
really actively maintained either.

Besides that, the "telnet" method doesn't allow for TLS,
this needs a general rewrite against their HTTP API.

I've also added function documentation where applicable.
 2019-05-27 15:09:26 +02:00
Michael Insel a6a0631e99 Unify copyright headers 
Update (left over) copyright headers to generic copyright headers.
 2019-05-24 16:25:32 +02:00
Michael Friedrich c77d6eb869 Quality: Drop unused boost/tuple header include 2019-05-24 15:50:43 +02:00
Michael Friedrich 5dbb6ad366 Quality: Remove old SocketEvent functionality 2019-05-24 15:50:43 +02:00
Michael Friedrich c7a2fc556c Quality: Purge old TlsStream functionality 2019-05-24 15:50:43 +02:00
Michael Friedrich e606d14705 Quality: Clean JsonRPC class and add function docs 2019-05-24 15:50:43 +02:00
Michael Friedrich f933aafd29 Quality: Purge old HTTP code in lib/remote 2019-05-24 15:50:43 +02:00
Michael Friedrich 5d0af5c879
Merge pull request #6813 from Icinga/feature/gelfwriter-tls-support 
Implement TLS support for the GelfWriter feature
 2019-05-24 15:50:18 +02:00
Michael Friedrich 2ba2134eda
Merge pull request #7156 from Icinga/feature/itl-sleep 
Implement sleep CheckCommand
 2019-05-24 15:42:46 +02:00
Alexander Stoll 471dbc79a3 Remove double whitespaces for notifications log message 
Add space to checkable debug message to unify timestamp format
 2019-05-22 14:13:14 +02:00
Michael Friedrich a0c8f41d58 Debug Console: Use our new I/O engine for HTTP requests 
refs #7041
 2019-05-22 12:51:23 +02:00
Michael Insel bb70613ed1 Fix wrong facility in GelfWriter log message 
This fixes a wrong facility in GelfWriter log message (paused message).
 2019-05-16 19:50:40 +02:00
Michael Insel bc0ab93e44 Use new I/O engine in GelfWriter 2019-05-16 19:39:06 +02:00
Michael Insel 90bb423226 Implement TLS support for the GelfWriter 
This implements TLS support for the GelfWriter.
 2019-05-16 17:48:47 +02:00
Michael Friedrich 6ba67487ea CLI: 'ca list' now lists pending CSRs by default, add '--all' parameter 
https://puppet.com/docs/puppet/5.5/man/cert.html
 2019-05-10 15:41:00 +02:00
Michael Friedrich aed88ca477 Revert "CLI: Return non-zero on unknown sub commands" 
This reverts commit 00bc0b2303.
 2019-05-10 15:16:05 +02:00
Michael Friedrich af42e2dfc0
Merge pull request #7178 from Icinga/bugfix/api-package-repair 
API: Automatically repair broken _api package
 2019-05-10 14:40:48 +02:00
Michael Friedrich 368383bedd
Merge pull request #7154 from Elias481/fix/serializer-object-locking-7003 
Lock all kind of Objects during serialization
 2019-05-10 14:39:27 +02:00
Michael Friedrich 6c9c65323e Workaround for boost::filesystem and Visual Studio on Windows 2019-05-10 13:38:12 +02:00
Michael Friedrich 6cce9c0fdd API: Automatically repair broken packages 
This partially reverts #7150 and avoids exceptions
inside the flow. Each time an empty active stage
is detected, Icinga tries to repair it from the
the given directory tree.

Also, the code now takes into account that it should
create the package storage on startup, whether within
the API object, or if disabled, inside the application.

Caching the active stages for packages in memory
only is in effect with the API feature being enabled.
This is useful for other deployed config packages,
not only the internal one.

fixes #7173
refs #7150
refs #7119
fixes #6959
 2019-05-10 12:48:34 +02:00
Elias Ohm 4c86c370bb fixup errbuf length in the other files and avoid using the static buffer in one place (for thread safety and code consistency reasons) 2019-05-09 09:30:12 +02:00
Elias Ohm e75f063552 bring some things in line 
- account for documented buffer size openssl 1.1.x for error string (>=256 bytes)
- use nullptr instead of NULL
- fix/streamline null-checks
 2019-05-09 00:22:24 +02:00
Jean Flach 9a0d894f10 Don't use deprecated RSA_generate_key 
fixes #4635
 2019-05-08 23:46:31 +02:00
Michael Friedrich 03324b2fb6 Config packages: Catch active stage exceptions in rare cases 
Typically this already is detected on startup.
 2019-05-08 16:43:27 +02:00
Michael Friedrich 704aabcb63 Avoid dead-lock with config packages and active stages 2019-05-08 16:06:46 +02:00
Michael Friedrich 736e0806d7
Merge pull request #7164 from Icinga/bugfix/notification-times-validate 
Improve validation for times.{begin,end} in notification objects
 2019-05-07 15:58:44 +02:00
Michael Friedrich 296fc06890
Merge pull request #7163 from Icinga/bugfix/db-ido-reachable 
DB IDO: Use cached reachable state
 2019-05-07 15:21:21 +02:00
Michael Friedrich 8ae206cd5d Improve validation for times.{begin,end} in notification objects 
fixes #6939
 2019-05-07 15:20:06 +02:00
Michael Friedrich 5553438249 DB IDO: Use cached reachable state 
fixes #6844
 2019-05-07 13:47:09 +02:00
Michael Friedrich 00bc0b2303 CLI: Return non-zero on unknown sub commands 
fixes #6585
 2019-05-07 12:43:53 +02:00
Michael Friedrich 4197bc9bcd CLI: Fix updates for NodeName/ZoneName constants 
fixes #7117
 2019-05-06 10:19:56 +02:00
Michael Friedrich edaaaae1e8
Merge pull request #7155 from Elias481/bugfix/evaluatefilter-assign-this-scope-6874 
use current frame scope for permission filter function calls
 2019-05-03 16:53:40 +02:00
Michael Friedrich 78e24c53f1 DB IDO: Do not deactivate objects during application reload/restart 
This follows the same principle as with the shutdown handler,
and was introduced with the changed reload handling with 2.9.
Previously IsShuttingDown() was sufficient which got set at one
location.

SigUsr2 as handler introduced a new location where m_ShuttingDown
is not necessarily set yet. Since this handler gets called when
l_Restarting is enabled, we'll use this flag to avoid config update
events resulting in object deactivation (object->IsActive() always
returns false).

refs #5996
refs #6691
refs #6970

fixes #7125
 2019-05-03 15:40:48 +02:00
htriem 75df3879f2 Implement sleep CheckCommand in memory 
Implements a check task with Utility::Sleep and custom var parameter sleep_time (default value: 1s)

refs #6964
 2019-05-02 16:24:42 +02:00
Elias Ohm c10ff9dd72 try without initialization of frame Locals which are not used for permissions filter and as far as I can see also not for query filters 2019-05-02 09:03:30 +02:00
Elias Ohm 53febdea81 use current frame scope for permission filter function calls 2019-05-02 07:35:19 +02:00
Elias Ohm cdd843a998 another small adjustment by the way just to ensure the object on stack ist the same as the one serialized further in case the object does not implement locking on mutation (besides it's mor efficient to not fetch the same value twice) 2019-05-01 12:09:24 +02:00
Elias Ohm 44ac6cf1ec add some object locking to the Dump method (which could theoreticylly suffer from same reace condition as serializer) 2019-05-01 11:49:07 +02:00
Michael Friedrich 759b090f81
Merge pull request #7150 from Icinga/bugfix/api-config-package-active-stage-name 
Ensure that runtime created API objects survive a restart
 2019-04-30 14:22:13 +02:00
Michael Friedrich f206cba394
Merge pull request #7152 from Elias481/fix/mysql8-headers-compatibility 
account for adjusted interface of mysql8
 2019-04-30 14:20:18 +02:00
Michael Friedrich 502c43fb12 Active packages: Don't try to fix broken config packages which are not cached yet 2019-04-30 12:19:35 +02:00
Michael Friedrich 8a258de9bc
Merge pull request #6734 from leeclemens/remove-redundant-indexes 
db ido: remove redundant mysql indexes
 2019-04-29 09:13:22 +02:00
Elias Ohm 615f019c2e account for adjusted interface of mysql8 (now utilizes c99 bools instead of my_bool labelled chars) 2019-04-29 00:18:15 +02:00
Elias Ohm 91296c2a25 Lock Objects during serialization 
old behaviour was to only lock arrays, dictionaries and namespaces but not other objects
 2019-04-28 22:13:19 +02:00
Michael Friedrich 2bca7a5bb5 Repair broken API config packages at runtime 
This means a new timer which checks every 5m whether the
active-stage can be read, and if not, it overwrites the
file on disk with the details from memory.
 2019-04-26 14:53:36 +02:00
Michael Friedrich f92c134b0a Cluster: Don't try to sync objects from broken _api package 2019-04-26 14:43:38 +02:00
Michael Friedrich 0d6d48fd59 Daemon: Deal with exceptions from broken _api package 2019-04-26 14:43:10 +02:00
Michael Friedrich c821e73364 Cache the API package stage name with a active-stage fallback 
This prevents reading the file everytime the stageName is required
for when creating a runtime object via REST API.
 2019-04-26 13:40:27 +02:00
Michael Friedrich 1078a0a824 Add --cn parameter to 'api setup' CLI command allowing hostname overrides 
fixes #6649
 2019-04-26 10:52:05 +02:00
Michael Friedrich 3dc9927284
Merge pull request #7124 from Icinga/bugfix/namespace-thread-safe 
Namespace: place ObjectLock in all methods
 2019-04-26 08:26:59 +02:00
Michael Friedrich 37de1a919b
Merge pull request #7088 from Icinga/feature/asio-event-queue 
Implement new event queue for ASIO consumers
 2019-04-25 16:54:43 +02:00
Michael Friedrich a7873da89d Eventqueue: Remove unused code 2019-04-25 16:21:07 +02:00
Alexander A. Klimov e86e3cc234 EventsFilter#Push(): ensure not to modify the global namespace 2019-04-25 15:56:38 +02:00
Alexander A. Klimov c209cf830b /v1/events: don't over-consume CPU-bound threads 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 5e8b4280bc New event queue: handle empty filter 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 94db282fd1 /v1/events: remove anti-deadlock hack 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 81713d0509 /v1/events: use new event queue 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 90d9cd9257 Feed new event queue with events 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 7688994601 Implement new event queue for ASIO consumers 2019-04-25 15:56:38 +02:00
Michael Friedrich a630d0185f
Merge pull request #6722 from Icinga/feature/notification-result 
Add notification result store/sync
 2019-04-25 15:56:14 +02:00
Michael Friedrich 0438c866f8
Merge pull request #7102 from Icinga/feature/boost-fs-7101 
Replace self-written filesystem ops with boost.filesystem
 2019-04-25 15:53:55 +02:00
Alexander A. Klimov 5afef1015d Replace unlink() with boost::filesystem::remove() 
refs #7101
 2019-04-25 09:53:02 +02:00
Alexander A. Klimov 5a17722c1f Replace _unlink() + rename() with boost::filesystem::rename() 
refs #7101
 2019-04-25 09:53:02 +02:00
Alexander A. Klimov f1f7d0c4d6 Work around boost::filesystem::path bug on VS 
refs #7101
 2019-04-25 09:53:01 +02:00
Alexander A. Klimov af78cd6050 Use Boost.Filesystem 
refs #7101
 2019-04-25 09:53:01 +02:00
Michael Friedrich 0d9d39c64b Fix preprocessor macro comment 2019-04-25 08:25:28 +02:00
Alexander A. Klimov ba842403ce Fix circular #include 
refs #6985
 2019-04-25 08:25:28 +02:00
Alexander A. Klimov 5151f6567e ThreadPool: use the Boost ASIO thread pool under the hood 2019-04-25 08:25:28 +02:00
Michael Friedrich 56894bea17 Buildfix 
Obviously tired.

fixes #7138
fixes #7139
 2019-04-24 12:10:57 +02:00
Michael Friedrich df25b183cb Add log message for log rotate; update docs 
refs #6737
 2019-04-24 11:53:27 +02:00
Alexander A. Klimov 7a8f8fd734 Timer::TimerThreadProc(): use C++11 lambda instead of bind() 
refs #6737
 2019-04-24 11:51:17 +02:00
Alexander A. Klimov 622f684124 StreamLogger#BindStream(): set #m_FlushLogTimer only if needed 
refs #6737
 2019-04-24 11:47:02 +02:00