Commit Graph

4586 Commits

Author SHA1 Message Date
Peter Eckel 5d59863725 Avoid duplicating non-zero count message replay messages in the debug log 2019-02-11 13:54:17 +01:00
Michael Friedrich d1fb1a8eda Refactor conditions and add debug log messages for future crs and skipped crs 2019-02-08 13:32:13 +01:00
Jean Flach c97f3c80f5 Fix checkresults from the future breaking checks 2019-02-08 12:08:40 +01:00
Michael Friedrich 7ce30a86b8 Enhance notification logging
- More details from the local context (notification, user, checkable, command names)
- Notice logs for when this notification object is paused in HA enabled zones
- Notice logs for interval=0 reminder notifications
- Object name for skipping recovery notifications when problem hasn't been notified before
2019-02-07 15:42:09 +01:00
Alexander A. Klimov 8ad1717055 Respect activation priority also on deactivation 2019-02-06 11:17:45 +01:00
Michael Friedrich 4339240b46
Merge pull request #6858 from Icinga/feature/string-builder
Make string builder reusable
2019-02-04 16:05:20 +01:00
Michael Friedrich 77572c4424
Merge pull request #6901 from Icinga/bugfix/so_reuseport-6898
TcpSocket#Bind(): also set SO_REUSEPORT
2019-02-04 14:21:20 +01:00
Michael Friedrich 04de273405
Merge pull request #6914 from Icinga/bugfix/clusterevents-missing-persistent-ack
ClusterEvents::AcknowledgementSet event should forward 'persistent' attribute
2019-02-04 13:52:44 +01:00
Michael Friedrich 5a8729fddd
Merge pull request #6853 from Icinga/bugfix/incorrect-command_endpoint-6666
Checkable: require zone to be set if command_endpoint is set
2019-02-04 13:51:31 +01:00
Michael Friedrich eb155495f7
Merge pull request #6916 from Icinga/bugfix/retry-interval-zero
Don't allow retry_interval <= 0
2019-01-30 15:28:26 +01:00
Michael Friedrich b58cb17e4b Fix Convert::ToLong(double val) 2019-01-30 14:47:59 +01:00
Michael Friedrich 530f890cab
Merge pull request #6917 from Icinga/bugfix/cluster-message-delete-object
Cluster: Delete object message should log that
2019-01-29 13:37:50 +01:00
Alexander A. Klimov ce847324bc Downtime::AddDowntime(): place Downtimes in the same zone as the origin ScheduledDowntimes 2019-01-28 18:29:57 +01:00
Michael Friedrich b16c22448e Cluster: Delete object message should log that
Atm it is a copy-paste error and irritates during debugging.
Coming from my analysis of existing cluster messages.
2019-01-28 17:39:22 +01:00
Michael Friedrich 8cbd482072 Don't allow retry_interval <= 0 2019-01-28 17:33:05 +01:00
Michael Friedrich 9f2ccfbaa0 ClusterEvents::AcknowledgementSet event should forward 'persistent' attribute 2019-01-28 17:29:46 +01:00
Michael Friedrich b1442645ce
Merge pull request #6897 from Icinga/bugfix/getlocalzone-null
Validate Zone::GetLocalZone() before using
2019-01-25 08:31:57 +01:00
Alexander A. Klimov 1eaad0637b CheckerComponent#Stop(): wait for all running checks 2019-01-24 15:09:39 +01:00
Alexander A. Klimov b81aa6af3a CheckerComponent#Stop(): log after actually being stopped 2019-01-24 13:55:17 +01:00
Alexander A. Klimov f0e12ff63c Deactivate perfdata writers after checker 2019-01-24 13:50:26 +01:00
Michael Friedrich 6b7f651478
Merge pull request #6899 from Icinga/bugfix/localtime-zero-windows
Log: Ensure not to pass negative values to localtime()
2019-01-24 10:58:43 +01:00
Alexander A. Klimov 984f7be030 TcpSocket#Bind(): also set SO_REUSEPORT
refs #6898
2019-01-17 12:13:44 +01:00
Michael Friedrich 2fc33996b6 Log: Ensure not to pass negative values to localtime()
refs #6887
2019-01-16 17:27:38 +01:00
Michael Friedrich 21a592acdd
Merge pull request #6883 from Icinga/bugfix/retry-interval-zero-6871
Allow Checkable#retry_interval to be 0
2019-01-16 15:00:03 +01:00
Alexander A. Klimov b09e7b287e Validate Zone::GetLocalZone() before using 2019-01-15 19:23:20 +01:00
Alexander A. Klimov 3b2054761a Notification#BeginExecuteNotification(): SetNextNotification() correctly
refs #5561
2019-01-11 18:25:12 +01:00
Jean Flach 2aff6a5887 Don't run UpdateObjectAuthority for Comments and Downtimes 2019-01-10 11:44:14 +01:00
Alexander A. Klimov 9ae738d17f Allow Checkable#retry_interval to be 0
refs #6871
2019-01-09 11:27:33 +01:00
Michael Friedrich e1a941e5c7
Merge pull request #6880 from Icinga/bugfix/pki-requestcertificate-no-cert
pki::RequestCertificate: handle missing certificate/CSR
2019-01-09 09:30:27 +01:00
Alexander A. Klimov 8470facfe2 InfluxdbWriter#Stop(): flush buffer
refs #6841
2019-01-08 18:15:32 +01:00
Alexander A. Klimov 4a7960f21b pki::RequestCertificate: handle missing certificate/CSR 2019-01-08 11:49:44 +01:00
Alexander A. Klimov f4ab0737d1 HttpServerConnection#DataAvailableHandler(): reduce log spam 2019-01-07 15:32:19 +01:00
Alexander A. Klimov 61860563a6 Make string builder reusable 2018-12-21 12:43:04 +01:00
Alexander A. Klimov eeb609d4ae Url#m_Query: preserve order
refs #6536
2018-12-21 11:52:37 +01:00
Alexander A. Klimov 17e86f98a2 Make UnameHelper() efficient
refs #6452
2018-12-20 16:37:04 +01:00
Alexander A. Klimov 12f3149eef Checkable: require zone to be set if command_endpoint is set
refs #6666
2018-12-20 13:59:28 +01:00
Michael Friedrich c4d57afa3d
Merge pull request #6821 from Icinga/bugfix/downtimes-disappear-satellite-6542
Don't delete downtimes in satellite zones
2018-12-18 16:13:36 +01:00
Michael Friedrich b40400e79f
Merge pull request #6826 from Icinga/bugfix/downtimes-recreate-satellite-6542
Downtime#HasValidConfigOwner(): wait for ScheduledDowntimes
2018-12-18 16:12:34 +01:00
Alexander A. Klimov c98d6a5254 Downtime#HasValidConfigOwner(): respect Downtime#authoritative_zone
refs #6542
2018-12-17 15:54:31 +01:00
Alexander A. Klimov 5431eae116 Add and populate Downtime#authoritative_zone
refs #6542
2018-12-17 15:54:23 +01:00
Michael Friedrich ba8d79f3c5 API Event Streams: Add 'command' for Notification events
fixes #6824
2018-12-07 09:37:03 +01:00
Alexander A. Klimov 39e0d787e8 Downtime#HasValidConfigOwner(): wait for ScheduledDowntimes
refs #6542
2018-12-06 15:44:57 +01:00
Alexander A. Klimov bbcf469af1 Implement ScheduledDowntime::AllConfigIsLoaded()
refs #6542
2018-12-06 15:44:51 +01:00
Michael Friedrich bf4ecbed69 Revert "ThreadPool#Stop(): discard non-processed queue items"
This reverts commit 30e6d0f809.

refs #6815
2018-12-06 09:56:49 +01:00
Michael Insel 1352b15220 Fix string comparison on edge cases
This fixes a few edge cases where the string comparison failed before.
2018-12-05 20:12:06 +01:00
Michael Friedrich b58ce84b0e
Merge pull request #6817 from Icinga/bugfix/stalled-tls-connections-6816
HttpServerConnection#DataAvailableHandler(): be aware of being called multiple times concurrently
2018-12-05 11:35:35 +01:00
Michael Friedrich 0cc559b775
Merge pull request #6820 from Icinga/bugfix/scheduled-downtime-ha-duplicates
Only create downtimes from non-paused ScheduledDowntime objects in HA enabled cluster zones
2018-12-05 11:33:29 +01:00
Michael Friedrich 08c1539561
Merge pull request #6815 from Icinga/bugfix/reload-while-api-dos
ThreadPool#Stop(): discard non-processed queue items
2018-12-05 11:11:49 +01:00
Michael Friedrich 26f411638f
Merge pull request #6757 from Icinga/bugfix/no-more-notifications-recovery-filtered
Fix that no_more_notifications gets reset when Recovery notifications are filtered away
2018-12-05 11:05:44 +01:00
Michael Friedrich b6212e92fb
Merge pull request #6750 from davidtek/master
#6749 Wrong operator on stride variable causing incorrect behaviour
2018-12-05 11:05:05 +01:00
Michael Friedrich 15e3aa1762
Merge pull request #6786 from Icinga/feature/dsl-getenv
DSL: Implement getenv()
2018-12-04 16:08:37 +01:00
Michael Friedrich fd9b2dece1 Only create downtimes from non-paused ScheduledDowntime objects in HA enabled cluster zones 2018-12-04 15:20:37 +01:00
Alexander A. Klimov 7e630c7732 HttpServerConnection#DataAvailableHandler(): be aware of being called multiple times concurrently
refs #6816
2018-12-03 19:05:41 +01:00
Alexander A. Klimov 30e6d0f809 ThreadPool#Stop(): discard non-processed queue items 2018-12-03 16:38:52 +01:00
Michael Friedrich 5f25eb6b2d Add a code comment for connection: close handling 2018-12-03 14:40:50 +01:00
Sven Wegener a83dbc9de5 Restore 'Connection: close' behaviour in HTTP responses
Actually the `corked` functionality caused problems with
not closing connections properly.

Full Analysis: https://github.com/Icinga/icinga2/issues/6799#issuecomment-443710338

Full credits to @swegener :)

fixes #6799
2018-12-03 14:27:37 +01:00
Alexander A. Klimov 8de5326d23 Remove redundand check for object existence on creation via API
refs #3937
2018-11-29 17:51:53 +01:00
Michael Friedrich f3cd3eb870 DSL: Implement getenv()
This patch also restores Utility::GetFromEnvironment()
and replaces the hardcoded `getenv()` calls.
2018-11-19 18:11:16 +01:00
Michael Insel b0cf92fd17 Fix deadlock in GraphiteWriter
This fixes a deadlock in the GraphiteWriter feature, which is visible
during the reload process. The reload thread waits for the
GraphiteWriter to finish, but the GraphiteWriter can't finish because
it's stuck in `SendMetric()` waiting for a lock which is hold by the
reload thread.
2018-11-12 20:12:40 +01:00
Michael Friedrich 90de216cbb
Merge pull request #6479 from Icinga/feature/socketevents-inherit-object-6477
SocketEvents: inherit from Stream
2018-11-12 17:06:37 +01:00
Michael Friedrich 1f5555e1d6 Fix possible double free in StreamLogger::BindStream()
refs #6737
2018-11-08 15:51:58 +01:00
Michael Friedrich d082e8c1b1 Fix that no_more_notifications gets reset when Recovery notifications are filtered away
Hello from the OSMC hackathon :)
2018-11-08 12:13:32 +01:00
David Lublink a02b7ac155 * BugFix : Wrong operator on stride variable causing incorrect behaviour ( #6749 ) 2018-11-01 18:51:42 -04:00
Michael Insel b785674ab2 Fix api setup to automatically create the conf.d directory
This patch creates the conf.d directory automatically when it is not present during api setup.
2018-11-01 19:16:26 +01:00
Alexander A. Klimov a2ae01e64b Socket engine: drop life support objects
refs #6477
2018-10-30 13:46:20 +01:00
Alexander A. Klimov 5134ccaf56 Make SocketEventDescriptor#EventInterface a SocketEvents::Ptr
refs #6477
2018-10-30 13:46:20 +01:00
Alexander A. Klimov a9a9469868 SocketEvents: inherit from Stream
refs #6477
2018-10-30 13:46:20 +01:00
Michael Friedrich c0c6ea545b DB IDO: Don't enqueue queries when the feature is paused (HA)
fixes #5876
refs #6739
2018-10-30 13:17:28 +01:00
Michael Friedrich 680103f111
Merge pull request #6709 from ekeih/bugfix/icinga2-version-check-6703
Fix the Icinga2 version check for versions with more than 5 characters
2018-10-29 13:46:36 +01:00
Michael Friedrich 3d45d0bcf6 Minor styleguide 2018-10-29 13:45:18 +01:00
Michael Friedrich 5406ce6540 Ensure that API/JSON-RPC messages in the same session are processed and not stalled
This basically drops the "corked" implementation which just stalled the
TLS IO polling after some requests. If you need sort of rate limiting
for these events, use an external TLS proxy which terminates that in front
of Icinga.

fixes #6635
2018-10-29 12:57:24 +01:00
Michael Friedrich b40a568cd9
Merge pull request #6726 from Icinga/bugfix/ido-debug-log
Silence the debug log a bit for IDO events
2018-10-24 16:11:38 +02:00
Michael Friedrich 108b85427c Silence the debug log a bit for IDO events
They're actually not processed when the feature is paused,
and I have already seen them in user's logs when analysing why
objects are not updated or notifications sent. 'DbEvents' isn't
related to rather 'DB IDO' and is confusing.
2018-10-24 16:01:57 +02:00
Michael Friedrich 028946a1cc Implement HA functionality for Perfdata feature 2018-10-24 14:42:52 +02:00
Michael Friedrich 97c1296e99 Implement HA functionality for OpenTsdb feature 2018-10-24 14:42:46 +02:00
Michael Friedrich b905999f4b Implement HA functionality for Gelf feature 2018-10-24 13:50:10 +02:00
Michael Friedrich 5e241dc815 Implement HA functionality for InfluxDB feature 2018-10-24 13:44:56 +02:00
Michael Friedrich 37ccffc7e5 Implement HA functionality for Graphite feature 2018-10-24 13:44:52 +02:00
Michael Friedrich 59389f564c Implement HA functionality for Elasticsearch feature 2018-10-24 13:20:03 +02:00
Michael Friedrich 001ffda61c Revert code from icinga.com update 2018-10-24 12:34:23 +02:00
Michael Friedrich 7da88c0001
Merge pull request #6717 from Icinga/bugfix/api-downtimes-child-options
Improve error handling for invalid child_options for API downtime actions
2018-10-24 11:54:24 +02:00
Michael Friedrich 6de4cef3ae
Merge pull request #6719 from Icinga/fix/finished-reconnect-message
Do not send 'finished reconnecting...' if failed
2018-10-24 11:51:34 +02:00
Michael Friedrich 7e1942e8e7
Merge pull request #6718 from Icinga/bugfix/ssl-shutdown
Call SSL_shutdown() at least twice
2018-10-24 11:46:32 +02:00
Michael Friedrich bd8e9f55da
Merge pull request #6662 from Icinga/bugfix/keep-http-connection-open-until-stream-eof
Keep the HTTP server connection open until the stream is EOF
2018-10-24 11:31:06 +02:00
Michael Friedrich e480eb785e Improve error handling for invalid child_options for API downtime actions
fixes #6712
2018-10-24 11:00:24 +02:00
Michael Friedrich c5e7459fb8
Merge pull request #6667 from Icinga/feature/dependency-recursion-limit
Increase dependency recursion limit to 256
2018-10-24 10:30:46 +02:00
Michael Friedrich 09fbdb846b Increase dependency recursion limit to 256
fixes #5762
2018-10-24 08:56:29 +02:00
Jean Flach 6777255f60 Fix typo 2018-10-22 14:43:59 +02:00
Max Rosin 2366df6057 Fix the Icinga2 version check for versions with more than 5 characters
The previous implementation assumed that every version number will have
5 characters. With the release of 2.10.0 this does not work anymore.
The new implementation extracts everything from the second character to
the first dash. This should work as long as the version string is in a
format like 'v2.10.1-8-gaebe6da'.

fixes Icinga#6703
2018-10-19 15:37:32 +02:00
Michael Friedrich aebe6da168
Merge pull request #6707 from Icinga/bugfix/compat-objects-path
Fix regression for wrong objects.cache path overwriting icinga2.debug file
2018-10-19 12:30:53 +02:00
Michael Friedrich acd0ad681b
Merge pull request #6704 from efuss/fix/scheduleddowntime1
Put newly configured already running ScheduledDowntime immediately in effect
2018-10-19 12:29:51 +02:00
Michael Friedrich 9f6c66c41a Fix regression for wrong objects.cache path overwriting icinga2.debug file
The 'statusdata' feature is deprecated, although it affects 'object list'.

fixes #6705
2018-10-19 10:42:54 +02:00
Edgar Fuß 9c1e9f4264
Put running downtimes in effect
If Icinga2 was restarted with a newly configured downtime that should
be in effect at the time of restart, the should-be-running segment of
it was not put into effect.

Add new LegacyTimePeriod::FindRunningSegment() and
ScheduledDowntime::FindRunningSegment() functions, call the latter in
ScheduledDowntime::CreateNextDowntime() before trying the old
ScheduledDowntime::FindNextSegment().
2018-10-18 18:42:21 +02:00
Edgar Fuß f1597ca5bd
Remove spurious string in debug message
Remove a spurious " at " in the "Evaluating segment" debug message in ScheduledDowntime::FindNextSegment().
2018-10-18 18:35:14 +02:00
Edgar Fuß fa3e5c8c31
Remove dead code
Remove some dead code in ScheduledDowntime::CreateNextDowntime().
2018-10-18 18:09:20 +02:00
Michael Friedrich 3cb2c1d143 icinga.com: Update everything else 2018-10-18 09:50:53 +02:00
Michael Friedrich a2cb542a2e icinga.com: Update '*.sql' 2018-10-18 09:41:54 +02:00
Michael Friedrich eabea68c56 icinga.com: Update config files (ITL, etc.) 2018-10-18 09:37:59 +02:00
Michael Friedrich dea5ec614e icinga.com: Update CMakeLists.txt 2018-10-18 09:35:18 +02:00
Michael Friedrich 44c3b83769 icinga.com: Update '*.ti' 2018-10-18 09:30:00 +02:00
Michael Friedrich dab53448bc icinga.com: Update *.{h,c}pp 2018-10-18 09:27:04 +02:00
Michael Friedrich af6c8a1f50 Add missing shutdown/program state dumps for SIGUSR2 reload handler
Credits to @west0rmann finding the issue and providing the initial fix.

fixes #6689
fixes #6592
2018-10-16 12:36:43 +02:00
Michael Friedrich 34de8104b8 Fix regression with API permission filters and namespaces in v2.10
fixes #6682
2018-10-15 15:47:11 +02:00
Michael Friedrich 43a571e013 Don't throw an error when namespace indexers don't find a valid key
Examples:

```
globals["abc"]
globals.def
```

The patch for the Icinga Director unfortunately only solves the
master, and as discussed with @lippserd we need to ensure that
satellites and clients with 2.10 can be restarted without any errors
from deployed configuration.

refs #6509
refs icinga/icingaweb2-module-director#1654
2018-10-11 12:42:56 +02:00
Michael Friedrich 4be9f418a9 Revert "Initialize Socket Event Engine on application startup"
This reverts commit c8dcd1297f.

We cannot do this during application startup, since Daemonize()
kills the threads again.

refs #6514
refs #6630
2018-10-09 19:38:29 +02:00
Michael Friedrich 85e161ea1e Silence config compiler logging for runtime created objects
This is especially problematic with many single creation requests,
e.g. many downtimes created via Icinga Web 2 & the REST API.

In addition to the config compiler messages, apply rule matches are
also in there which are removed by this patch.
2018-10-09 16:41:17 +02:00
Michael Friedrich 83a428c1ba Keep the HTTP server connection open until the stream is EOF
fixes #4968
2018-10-09 16:01:43 +02:00
Michael Friedrich e6eb703b36
Merge pull request #6661 from Icinga/bugfix/cache-http-peer-address
Cache the peer address in the HTTP server
2018-10-09 16:00:27 +02:00
Michael Friedrich 5c32a5a7dc Cache the peer address in the HTTP server
Later socket calls are expensive and might lead
into a race condition on close when logging it.

refs #6655
2018-10-09 15:40:16 +02:00
Michael Friedrich 58cfc3955d
Merge pull request #6658 from Icinga/bugfix/api-connection-close-req-by-client
Ensure that HTTP/1.0 or 'Connection: close' headers are properly disconnecting the client
2018-10-09 13:49:22 +02:00
Michael Friedrich 9352f4bfb3
Merge pull request #6657 from Icinga/feature/api-debug-log-request-body
Enable the HTTP request body debug log entry for release builds
2018-10-09 13:29:00 +02:00
Michael Friedrich 13239c3172 Ensure that HTTP/1.0 or Connection: close headers are properly disconnecting the client
Test results: https://github.com/Icinga/icinga2/issues/6514#issuecomment-428155731

fixes #6514
2018-10-09 13:23:23 +02:00
Michael Friedrich 73263b7702 Enable the HTTP request body debug log entry for release builds
fixes #4282
2018-10-09 12:55:53 +02:00
Michael Friedrich 57081176de Improve logging for disconnected HTTP clients
Previously this was inside the debug log, with the
new socket printers we can enhance checking for proper
connects and disconnects.

refs #6514
2018-10-09 12:22:19 +02:00
Michael Friedrich 051b3ba9b7
Merge pull request #6503 from peteeckel/fix/reduce-loglevel-plugin-env-6460
Reduce the log level for missing env macros to debug
2018-10-08 14:09:18 +02:00
Alexander A. Klimov 6d114b16e4 node setup: always respect --accept-config and --accept-commands 2018-10-01 16:33:50 +02:00
Michael Friedrich 617925374b Fix that check_timeout was used for Event/Notification commands too
We may add specific timeouts for event/notification commands
later, for now the original timeout inside the EventCommand/NotificationCommand
is used.

fixes #6304
2018-09-28 14:32:57 +02:00
Michael Friedrich 7acf3689a7
Merge pull request #6642 from Icinga/bugfix/concurrent-checks-constant
Allow to override MaxConcurrentChecks constant
2018-09-28 09:34:53 +02:00
Michael Friedrich 82178e3b33 Don't inherit daemonize parameter from parent process 2018-09-27 20:30:19 +02:00
Thomas Forrer 816cae98fa Fix config validation problem (startup.log) during /v1/config/stages API call
copy all arguments of parent process in AsyncTryActivateStage
2018-09-27 20:27:09 +02:00
Michael Friedrich 96c0de9bea Allow to override MaxConcurrentChecks constant 2018-09-27 20:23:00 +02:00
Michael Friedrich 64e273afdd
Merge pull request #6639 from Icinga/fix/windows-api-log-rename
Ensure to _unlink before renaming replay log on Windows
2018-09-27 08:02:00 +02:00
Jordi van Scheijen bc1dc9c7a7 Fix issue 5022 2018-09-27 07:52:37 +02:00
Michael Friedrich c979f86e4e
Merge pull request #6632 from Icinga/feature/cluster-faster-reconnect
Increase the cluster reconnect frequency to 10s
2018-09-25 17:07:01 +02:00
Michael Friedrich cbde35ff22 Use a dynamic thread pool for API connections
The full analysis is located in #6517.

fixes #6517
2018-09-25 12:43:10 +02:00
Michael Friedrich cd819f74f4 Increase the cluster reconnect frequency to 10s
This is blocked by #6517.

refs #6234
2018-09-25 12:36:30 +02:00
Michael Friedrich c8dcd1297f Initialize Socket Event Engine on application startup
Previously this happened inside the TlsStream constructor
during the first connection attempt.
2018-09-24 15:50:59 +02:00
Michael Friedrich eee4426dcb
Merge pull request #6622 from Icinga/bugfix/ido-pgsql-cleanup-timestamp-utc
Ensure to use UTC timestamps for IDO PgSQL cleanup queries
2018-09-17 11:20:49 +02:00
Michael Friedrich 3038b150a9
Merge pull request #6616 from Icinga/feature/tls-handshake-timeout-config
Add ApiListener#tls_handshake_timeout option
2018-09-17 11:20:12 +02:00
Michael Friedrich 05f7e0dae8
Merge pull request #6621 from Icinga/bugfix/ido-remove-unused-timestamp-function
Remove unused timestamp function in DB IDO
2018-09-17 11:16:47 +02:00
Michael Friedrich 5d36546a99 Ensure to use UTC timestamps for IDO PgSQL cleanup queries
refs #6584
2018-09-17 11:06:54 +02:00
Michael Friedrich c0c17fc340 Remove unused timestamp function in DB IDO
refs #6584
2018-09-17 10:06:30 +02:00
Michael Friedrich b81ac972b9 Silence compiler warning for nice() 2018-09-14 14:29:52 +02:00
Michael Friedrich 29701b4db5 Add ApiListener#tls_handshake_timeout option
This allows to specify the previously hardcoded
timeout of 10s.

refs #6517
2018-09-14 09:20:09 +02:00
Michael Friedrich c8d4e785a1
Merge pull request #6519 from Icinga/fix/erroneous-console-exit
Reset terminal on erroneous console exit
2018-09-13 13:34:58 +02:00
Michael Friedrich af1f2e0c55 Only check for Problem types in user filers for Recovery/Acknowledgement notifications
refs #6047
2018-09-12 17:09:15 +02:00
Noah Hilverling 834e37d3e2 Still notify on acknowledgement and recovery if user does not get problem notifications at all
refs #6047
2018-09-12 14:54:45 +02:00
Noah Hilverling bfe7d46a68 Only send acknowledgement notification if user received a problem notification
refs #6047
2018-09-12 14:54:45 +02:00
Michael Friedrich dd59964702
Merge pull request #6596 from Icinga/bugfix/gcc-8-f28-hardening-crash
Fix crash on API queries with Fedora 28 hardening and GCC 8
2018-09-11 20:44:12 +02:00
Michael Friedrich f297881e23 Call SSL_shutdown() at least twice 2018-09-10 16:10:16 +02:00
Noah Hilverling 3854ed683b Improve TLS handshake exception logging 2018-09-06 15:58:42 +02:00
Michael Friedrich 1f4f6282c7 Fix crash on API queries with Fedora 28 hardening and GCC 8
The actual fix is to handle nullptr references differently
for an empty filter expression. The other changes include
oob checks not necesarily involved.

fixes #6533
2018-09-06 09:56:04 +02:00
Michael Friedrich 9a75f47fc5 Allow to configure anonymous clients limit inside the ApiListener object
Previously this was hardcoded, and for security reasons users might want
to adjust this value. This affects CSR signing requests as well as
clients which have not yet been configured as endpoints on the current
node.

refs #6566
2018-09-05 17:45:35 +02:00
Michael Friedrich a1ec919f5b Raise the message size for anonymous client and pki request calls to 1MB
If one sends the full certificate chain, this previous limit of 64KB
could be hit.
2018-09-05 17:44:05 +02:00
Michael Insel cc417ca176 Fix CI builds 2018-09-04 18:56:54 +02:00
Michael Insel 46163700b4 Include api user configuration file during api setup
refs #6557
2018-09-04 18:38:38 +02:00
Michael Friedrich 1c2a59bf63
Merge pull request #6591 from Icinga/bugfix/lto-builds-static-initialize-namespaces
Fix static initializer priority for namespaces in LTO builds
2018-09-04 16:54:30 +02:00
Michael Friedrich 19993df380 Fix static initializer priority for namespaces in LTO builds
fixes #6575
2018-09-04 16:36:22 +02:00
Jean Flach 72cc41d14e
Merge pull request #6356 from sourcejedi/fix/systemd
Fix logging under systemd
2018-09-04 15:24:43 +02:00
Jean Flach 8fe490f945 Update variable names 2018-09-04 11:45:35 +02:00
Markus Frosch 13a8fa20f9 Ensure that config object types are committed in dependent load order 2018-09-04 11:45:35 +02:00
Jean Flach c721c302cd Shuffle items before config validation 2018-09-04 11:10:27 +02:00
Michael Friedrich bc844aca06 Fix non-unity builds on CentOS 7 with std::shared_ptr
refs #6509
2018-09-03 15:32:28 +02:00
Gunnar Beutner 17c7131177 Move new downtime constants into the Icinga namespace 2018-08-25 19:35:01 +02:00
Alan Jenkins a21166dcf8 Fix logging under systemd
icinga2.service used `-e ${ICINGA2_ERROR_LOG}`, but this is documented
as having no effect without `-d`.  Furthermore, icinga2 under systemd
unconditionally logged everything to the system log (but without setting
the log level etc), which contradicted the documentation.  (Issue #6339)

Stop icinga2 on systemd from logging to stdout - and hence the system log -
once it has finished starting up.  Just like when you start icinga2 from a
terminal using `-d`.  And just like -d, we stop logging fatal errors to
stderr, and instead write to the log file passed with `-e`.

As per docs, mainlog (icinga2.log) is already enabled by default.  And
pre-startup messages including config errors will still appear in the
system log.

This uses a new option --close-stdio, which has the same effect on logging as
--daemonize, but does not fork or call setsid().

For this purpose, I moved setsid() up and into Daemonize().

Consequence of that last point: if anyone is weird enough to specify a TTY
device file as the fatal error log (-e option), that will become icinga's
controlling terminal, which you generally don't want as a daemon.  This
makes it consistent with the existing behaviour for icinga mainlog.  For
this reason you're supposed to use O_NOCTTY in Linux daemons.  But I wasn't
sure where icinga would want to put the ugly `#ifdef _WIN32 ... #else ...`.
2018-08-25 10:21:06 +01:00
Alan Jenkins 50463a6a10 Daemonize(): use one error convention, not three
Standardize on exit() / _exit() (this depends whether we are considered
to be the "main" fork, which should run anything registered with atexit()).
Exclude `return false` and throwing exceptions.

This fixes the error path for fork().  Daemonize() would return false, but
the `return false` error convention was not tested in the caller.

It also fixes the error message for fork() to show the error code.
Everyone loves `strace`, but sysadmins should not have to rerun their
daemons under it just to see an error code.

Also in case an exception is thrown, show its diagnostic information
instead of dropping it on the floor.  In the log message, I mention why we
are uninitializing and then initializing the app at this point.

For the reader, it pushes all the weirdness into the error convention of
Daemonize().  This comes back to the exit() / _exit() distinction.  Once
we have forked, we technically don't want to allow the parent process to
exit(), so we don't want to return to the caller.
2018-08-25 10:07:02 +01:00
Alan Jenkins a0fb0bbfe3 fix "Console" log to flush
It's called "Console", which would be line-buffered anyway.  But, it's
implemented as std::cout.  This might be piped to a logger, as in
daemontools or systemd.  In this case it will not be a TTY, and log lines
should be flushed without too much delay.  Let's just flush each message.

Let's not introduce a static instance of StreamLogger (flushed by interval
timer).  That's too stressful to read, because static instances are really
annoying to order.  Example citation: "Yay, our static destructors are
pretty much beyond repair at this point." -- application.cpp.

I don't know if there will be any need to optimize logging syscalls.  The
init script uses `--daemonize`.  I think the systemd service should also
avoid using the "Console" log after startup (see next commit).  The
documentation does not warn that the syslog feature is less efficient
in system calls than mainlog; deferred flusing does not seem to be a highly
prominent feature.  There's no cool comment in the code about how much the
syscalls were slowing down some use case (or qualifying that this
optimization can only eliminate syscalls on platforms with both mutexes and
clocks that can work without syscalls).
2018-08-25 09:54:55 +01:00
Noah Hilverling 01fea22c77 Add child_options to ScheduledDowntime
refs #3935
2018-08-24 14:29:39 +02:00
Michael Friedrich 237fd520db
Merge pull request #6509 from gunnarbeutner/feature/real-constants
Implement support for namespaces
2018-08-24 12:10:10 +02:00
Michael Friedrich 7a22113f86
Merge pull request #6570 from Icinga/bugfix/tls-anonymous-clients-limit
Increase limit for simultaneously connected anonymous TLS clients
2018-08-23 17:13:41 +02:00
Michael Friedrich 0dd168fe80 Increase limit for simultaneously connected anonymous TLS clients 2018-08-23 17:10:51 +02:00
Michael Friedrich 6a71b75f63 ApiListener: Dump the state file port detail as number
refs #6511
2018-08-22 12:57:47 +02:00
Gunnar Beutner e678fa1aa5 Refactor Application::*Const() 2018-08-13 15:27:05 +02:00
Gunnar Beutner 1a0311a49f Implement namespace support for the keys() function 2018-08-13 13:44:31 +02:00
Gunnar Beutner 8fda8d72ac Implement support for the namespace and using keywords 2018-08-13 13:44:31 +02:00
Gunnar Beutner 10d6f70a85 Move constants and functions into different namespaces 2018-08-13 13:44:31 +02:00
Gunnar Beutner 1a8692d972 Implement support for namespaces 2018-08-13 13:44:31 +02:00
Gunnar Beutner 9d513d8f05 Implement support for modifying frozen attributes 2018-08-13 13:44:31 +02:00
Gunnar Beutner d9c0b6f806 Refactor REGISTER_SCRIPTFUNCTION_* macros 2018-08-13 13:44:31 +02:00
Michael Friedrich 060a1ebbd9
Merge pull request #6512 from Icinga/feature/sni-environment
Refactor environment for API connections
2018-08-10 13:15:48 +02:00
Michael Friedrich 2ee6dfaf93 Re-add environment to IcingaApplication feature stats 2018-08-10 13:01:53 +02:00
Michael Friedrich 97513965e6 Introduce IcingaApplication#environment
Precedence as follows:

- DEnvironment=...
- const Environment = ...
- object IcingaApplication "app" { environment = "..." }

The wrapped script constant handling is required
since we cannot directly link from libremote (SNI handling)
to libicinga where the object resides. Instead we'll
use the Application class helpers for hiding the ScriptGlobal
calls.
2018-08-10 12:49:48 +02:00
Michael Friedrich a4c689e5cf Build fix for CentOS 7 and non-unity builds 2018-08-09 16:23:24 +02:00
Michael Friedrich b350512b11 Rename to Environment constant 2018-08-09 13:19:33 +02:00
Markus Frosch eb02d9041d Refactor environment for API connections
* Const renamed to `ApiEnvironment`
* Handling moved to ApiListener
* Now a property of ApiListener
2018-08-09 13:19:33 +02:00
Michael Friedrich f1e7e635a2
Merge pull request #6531 from Icinga/feature/zone-all_parents
Expose Zone#all_parents via API
2018-08-09 13:11:23 +02:00
Michael Friedrich 3cc8bd2fcc
Merge pull request #6511 from Icinga/feature/apilistener-dynamic-port
ApiListener: Add support for dynamic port handling
2018-08-09 12:09:23 +02:00
Michael Friedrich ecb73e08ed Implement ApiListener status file removal on shutdown 2018-08-09 11:54:34 +02:00
Noah Hilverling 7b977b2c52 Do not send 'finished reconnecting...' if failed 2018-08-09 08:29:27 +02:00
Markus Frosch 20269a89d0 ApiListener: Add support for dynamic port handling 2018-08-08 17:42:57 +02:00
Michael Friedrich ba21a54443
Merge pull request #6530 from Icinga/bugfix/query-was-empty
IDO/MySQL: avoid empty queries
2018-08-08 14:41:57 +02:00
Alexander A. Klimov ea5614f7df Expose Zone#all_parents via API 2018-08-08 14:38:02 +02:00
Alexander A. Klimov 7bcbd9b497 Rename Zone#GetAllParents() to Zone#GetAllParentsRaw() 2018-08-08 14:38:02 +02:00
Alexander A. Klimov 7a31cd4fe7 IDO/MySQL: avoid empty queries 2018-08-08 12:11:37 +02:00
Michael Friedrich 9be3ee1a1a Update output for `--version`
This moves the system and build information before
the application paths which are normally not that important.
2018-08-07 18:46:18 +02:00
Michael Friedrich a2a1f5c8d2 Take a note why the explicit configDir variable is needed on Windows 2018-08-07 18:33:59 +02:00
Markus Frosch 9fbc40615a Improve path handling in cmake and daemon 2018-08-07 14:10:26 +02:00
Michael Friedrich 8bac1dc99e
Merge pull request #6521 from gunnarbeutner/feature/references
Implement references
2018-08-07 12:00:19 +02:00
Gunnar Beutner 24de1963b1
Merge pull request #6526 from Icinga/bugfix/wpessimizing-move-6524
icinga::PackObject(): shorten conversion to string
2018-08-07 10:05:18 +02:00
Alexander A. Klimov 137f5363c4 icinga::PackObject(): shorten conversion to string
refs #6524
2018-08-07 09:57:08 +02:00
Gunnar Beutner 8bfd419702 Implement references 2018-08-07 07:44:48 +02:00
Michael Insel eea42c6807 Fix windows build 2018-08-05 20:17:43 +02:00
Michael Insel 51b900b307 Reset terminal on erroneous console exit
This ensures that the terminal is resetted on an erroneous exit when using the Icinga 2 console.

refs #6382
2018-08-05 16:30:36 +02:00
Michael Friedrich 33492420f3
Merge pull request #6427 from gunnarbeutner/fix/recursive-serialize
Improve error message for serializing objects with recursive references
2018-08-03 11:03:42 +02:00
Gunnar Beutner 56cf64f590 Improve error message for serializing objects with recursive references 2018-08-02 11:06:24 +02:00
Jean Flach 065bc23d9a
Merge pull request #6508 from gunnarbeutner/feature/dictionary-clear
Implement the Dictionary#clear script function
2018-08-02 10:30:08 +02:00
Gunnar Beutner a5a0119799 Implement the Dictionary#clear script function 2018-08-02 08:45:19 +02:00
Christopher Schirner b870e84904 Only check lag if connected 2018-07-31 10:41:14 +02:00
Christopher Schirner 35038f72d6 Invert connected check 2018-07-31 10:40:54 +02:00
Peter Eckel b5a7af126d Fixed indentation 2018-07-29 15:39:02 +02:00