tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,926 Commits 347 Branches 117 Tags 190 MiB
Commit Graph

44 Commits

Author SHA1 Message Date
Noah Hilverling d5d89b7f39
Merge pull request #7970 from Icinga/bugfix/reconnect-loop 
RequestCertificateHandler(): don't disconnect nodes already integrated into the cluster
 2020-04-27 13:05:22 +02:00
Alexander A. Klimov 5a5cf1a2eb RequestCertificateHandler(): don't disconnect nodes already integrated into the cluster 
... not to cause a reconnect loop.
 2020-04-08 13:29:55 +02:00
Michael Insel 51e534ff4c Fix CA verification regression 
Uninitialized bool values may evaluate to true while it should be false.
 2020-03-29 16:05:29 +02:00
Michael Friedrich 13d2416e29 Fix regression from JsonRPC PKI CA verification checks 
refs #7835
 2020-02-27 12:31:02 +01:00
Michael Friedrich 456b0779bb JsonRpcConnection PKI: Document swalled exception 2020-02-20 15:15:54 +01:00
Michael Friedrich 24397fbee8 CA Proxy: Catch exceptions from VerifyCertificate() 2020-02-17 17:43:11 +01:00
Michael Insel 9d55a8264d Fix open connections when agent waits for CA approval 
This closes the agent connection when the certificate sign requests
waits for CA approval.

refs #7680
 2019-12-03 21:19:39 +01:00
Michael Friedrich eddb40a913 CSR Auto-signing: Add debug logging for skipped signing 2019-09-18 11:53:58 +02:00
Andrew Jaffie 429f1ed317 Ignore repeated requests from client after using ca remove command 2019-06-07 10:33:55 +02:00
Alexander A. Klimov 5afef1015d Replace unlink() with boost::filesystem::remove() 
refs #7101
 2019-04-25 09:53:02 +02:00
Alexander A. Klimov 5a17722c1f Replace _unlink() + rename() with boost::filesystem::rename() 
refs #7101
 2019-04-25 09:53:02 +02:00
Alexander A. Klimov f2d9d91e83 Introduce UnbufferedAsioTlsStream#GetPeerCertificate() 2019-04-01 17:11:09 +02:00
Alexander A. Klimov 6c86c127f1 Port JsonRpcConnection to Boost ASIO 2019-04-01 11:40:14 +02:00
Michael Friedrich d14a88235d Replace Copyright header with a short version, part I 
CLion -> replace in path
 2019-02-25 14:48:22 +01:00
Alexander A. Klimov 4a7960f21b pki::RequestCertificate: handle missing certificate/CSR 2019-01-08 11:49:44 +01:00
Michael Friedrich dab53448bc icinga.com: Update *.{h,c}pp 2018-10-18 09:27:04 +02:00
Michael Friedrich f788878f79 Update log message for skipped certificate renewal 
Users kept asking about it, still it is just an "information"
that this isn't needed yet.
 2018-05-18 17:04:03 +02:00
Michael Friedrich ad31e0d118 Log which ticket was invalid on the master 
This helps debugging a lot, especially to reproduce the issue
why the ticket is invalid.
 2018-02-28 10:18:29 +01:00
Noah Hilverling 948333225d Fix nullptr deref in cluster events 2018-02-21 13:47:46 +01:00
Gunnar Beutner c2fb9fe226 Use initializer lists for arrays and dictionaries 2018-01-16 12:27:44 +01:00
Michael Insel 158ae2188e Change copyright header for 2018 2018-01-02 12:08:55 +01:00
Jean Flach 2636e6a77a Whitespace fix 
What does this change?
* Remove use of spaces for formatting
These could be found by using `grep -r -l -P '^\t+ +[^*]'
* Removal of training whitespaces
* A few lines longer than 120 chars
 2017-12-20 14:53:52 +01:00
Gunnar Beutner 325e4a2fb9 Use nullptr instead of <Type>::Ptr() 2017-11-30 17:47:09 +01:00
Gunnar Beutner 6d09efc907 Use std::shared_ptr instead of boost::shared_ptr 2017-11-30 17:41:00 +01:00
Gunnar Beutner f2d437e96c Implement support for migrating certificates to /var/lib/icinga2/certs 
This commit includes documentation too.

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
 2017-10-20 14:06:02 +02:00
Michael Friedrich 578dcbe861 Add some more verbose logging details 
refs #5450
 2017-09-12 12:52:50 +02:00
Michael Friedrich 501ade374c Remove debug logging, fix ticket path, enhance logging 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 88e57f7fd4 Implement support for cleaning up certificate requests 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 181b91b759 Enhance logging for certificate requests 
Examples:
https://github.com/Icinga/icinga2/issues/5450#issuecomment-327479874

This also adds code comments where applicable.

refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich ce88e89cc0 Fix wrong cert path for CLI commands 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 8040bda2e1 Change directory layout to /var/lib/icinga2/{ca,certs,certificate_requests} 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 88b4a54e6b Fix ticket hash calculation for indirectly connected clients 
refs #5450
 2017-09-12 12:52:49 +02:00
Michael Friedrich 1e7860f2b1 Implement ApiListener::Get*Dir() functions 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 6a533796e5 Update output format for the new CLI commands 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 774936bfe8 Implement support for pki::UpdateCertificate messages 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 623208d617 Implement support for forwarding certificate requests 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner cc43dc734b Refuse to sign certificate if it already has the correct chain and doesn’t expire soon 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner a8cc0a601b Add missing _unlink() calls for Windows 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner cb49ac1264 Delete ticket file once we have a signed certificate 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 439251532e Implement support for saving client tickets 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 192502f9e5 Implement support for reloading SSL certificates without a restart 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 0ec07bce51 Implement support for updating client certificates 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner a4684d1bfd Implement support for sending pki::RequestCertificate messages in the cluster 
refs #5450
 2017-09-12 12:52:49 +02:00
Gunnar Beutner 510e2d622a Implement support for ticket-less certificate requests 
refs #5450
 2017-09-12 12:52:49 +02:00