tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-04-08 17:05:25 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,407 Commits 421 Branches 120 Tags
Commit Graph

114 Commits

Author SHA1 Message Date
Julian Brost
396f003c69 Enable hostname verification in UnbufferedAsioTlsStream 2021-08-13 10:58:10 +02:00
Michael Friedrich
c7a2fc556c Quality: Purge old TlsStream functionality 2019-05-24 15:50:43 +02:00
Elias Ohm
4c86c370bb fixup errbuf length in the other files and avoid using the static buffer in one place (for thread safety and code consistency reasons) 2019-05-09 09:30:12 +02:00
Alexander A. Klimov
f2d9d91e83 Introduce UnbufferedAsioTlsStream#GetPeerCertificate() 2019-04-01 17:11:09 +02:00
Alexander A. Klimov
d428bdf384 Add missing includes 2019-04-01 13:31:16 +02:00
Alexander A. Klimov
e6d78bf361 Move some TCP/TLS logic out of ApiListener 
... for re-using it
 2019-04-01 13:31:16 +02:00
Alexander A. Klimov
2615967e7f Make ApiListener#m_SSLContext a Boost ASIO SSL context 2019-04-01 11:40:14 +02:00
Michael Friedrich
d14a88235d Replace Copyright header with a short version, part I 
CLion -> replace in path
 2019-02-25 14:48:22 +01:00
Alexander A. Klimov
a2ae01e64b Socket engine: drop life support objects 
refs #6477
 2018-10-30 13:46:20 +01:00
Michael Friedrich
5406ce6540 Ensure that API/JSON-RPC messages in the same session are processed and not stalled 
This basically drops the "corked" implementation which just stalled the
TLS IO polling after some requests. If you need sort of rate limiting
for these events, use an external TLS proxy which terminates that in front
of Icinga.

fixes #6635
 2018-10-29 12:57:24 +01:00
Michael Friedrich
7e1942e8e7
Merge pull request #6718 from Icinga/bugfix/ssl-shutdown 
Call SSL_shutdown() at least twice
 2018-10-24 11:46:32 +02:00
Michael Friedrich
dab53448bc icinga.com: Update *.{h,c}pp 2018-10-18 09:27:04 +02:00
Michael Friedrich
29701b4db5 Add ApiListener#tls_handshake_timeout option 
This allows to specify the previously hardcoded
timeout of 10s.

refs #6517
 2018-09-14 09:20:09 +02:00
Michael Friedrich
f297881e23 Call SSL_shutdown() at least twice 2018-09-10 16:10:16 +02:00
Michael Friedrich
257ad12646 Use SSL_pending() for remaining TLS stream data 
We've used this previously, and according to the OpenSSL
docs we should just use it. From our experience everything
done different to the API functions from OpenSSL causes
undefined behaviour in the worst case.

This commit also breaks the packet size limit into a more
readable version, including logs for development debug builds.

refs #6242
 2018-06-21 15:58:05 +02:00
Alexander A. Klimov
3c7851107c TlsStream#IsEof(): fix false positive EOF indicator 
refs #6242
 2018-06-20 16:55:33 +02:00
Gunnar Beutner
9cd5298d8b Ensure that SetCorked() works properly 2018-03-06 09:03:35 +01:00
Jean Flach
d0cf7c654e Use cork in tlsstream and HTTP connection 2018-02-28 11:40:58 +01:00
Jean Flach
85f45d9b94 Minor codestyle and doc changes 2018-02-21 14:52:44 +01:00
Jean Flach
8ffa4f04a7 Add timeout for TLS handshakes 2018-02-20 13:32:04 +01:00
Gunnar Beutner
e3ad0be769 Apply clang-tidy fix 'modernize-use-auto' 2018-01-04 12:24:57 +01:00
Gunnar Beutner
ac155d1dda Apply clang-tidy fix 'modernize-redundant-void-arg' 2018-01-04 12:24:57 +01:00
Gunnar Beutner
90496b5456 Build libraries as static libraries 2018-01-02 23:29:48 +01:00
Michael Insel
158ae2188e Change copyright header for 2018 2018-01-02 12:08:55 +01:00
Jean Flach
2636e6a77a Whitespace fix 
What does this change?
* Remove use of spaces for formatting
These could be found by using `grep -r -l -P '^\t+ +[^*]'
* Removal of training whitespaces
* A few lines longer than 120 chars
 2017-12-20 14:53:52 +01:00
Gunnar Beutner
1ad83886ac Replace a few more NULLs with nullptr 2017-12-14 15:37:20 +01:00
Gunnar Beutner
6d09efc907 Use std::shared_ptr instead of boost::shared_ptr 2017-11-30 17:41:00 +01:00
Gunnar Beutner
858873b940 Replace boost::bind/boost::function with std::bind/std::function 2017-11-27 15:15:11 +01:00
Michael Friedrich
b7caf0820d Ensure that *.icinga.com is used everywhere 
fixes #13897
fixes #13277
 2017-01-10 17:19:12 +01:00
Gunnar Beutner
cdda3bad8c Include client IP address and port in HTTP requests 
fixes #11706
 2016-07-25 09:43:13 +02:00
Stephan Tesch
431c110056 Improve error reporting for the client certificate check 
Until now, client certificates that have failed verification were reported as not being signed by the CA. That is not true for all cases. This patch adds an explanation in the debug log why verification failed.

fixes #12201
 2016-07-25 09:22:35 +02:00
Michael Friedrich
9b873d60c2 Ensure to clear the SSL error queue before calling SSL_{read,write,do_handshake} 
fixes #12100
 2016-07-05 15:25:02 +02:00
Gunnar Beutner
2adfcb56fe Improve error handling for TlsStream::Handshake 
fixes #11046
 2016-05-11 10:09:54 +02:00
Michael Friedrich
5dd685cef9 Fix socket exceptions while querying the API 
fixes #11224
 2016-03-29 13:52:37 +02:00
Gunnar Beutner
2dc385e31b Fix memory/thread leak in the HttpServerConnection class 
fixes #10655
 2016-02-03 09:54:31 +01:00
Gunnar Beutner
fabf37e79c Improve performance for TlsStream::OnEvent 
refs #11014
 2016-02-02 13:51:17 +01:00
Gunnar Beutner
83889dcbb0 Increase the buffer size in TlsStream::OnEvent to avoid unnecessary poll() calls 
refs #11014
 2016-02-02 08:28:54 +01:00
Gunnar Beutner
e4b7111577 Check the certificate name when reconnecting to an instance 
refs #10963
 2016-01-19 16:24:12 +01:00
Gunnar Beutner
7f4af89a56 Ensure that HttpServerConnections are properly closed 
fixes #10655
 2016-01-13 10:30:38 +01:00
Gunnar Beutner
599929b0f6 Update copyright headers for 2016 2016-01-12 08:29:59 +01:00
Gunnar Beutner
5a74f69819 Fix memory leak for JSON-RPC/HTTP connections 
fixes #10517
 2015-11-09 10:22:52 +01:00
Michael Friedrich
286538c17e Implement api event streams 
Documentation is not yet complete.

refs #9078
 2015-10-21 15:34:26 +02:00
Gunnar Beutner
0e40c3ee1d Fix deadlock in TlsStream::Close 
fixes #10235
 2015-09-29 10:31:16 +02:00
Gunnar Beutner
c37a23ccba Implement the Icinga Studio application 
fixes #10042
 2015-08-31 07:50:01 +02:00
Gunnar Beutner
b357012ded Implement HTTP support 
refs #9447
 2015-07-09 11:42:34 +02:00
Gunnar Beutner
fd9dc32a3d Implement SNI support for the TlsStream class 
fixes #8610
 2015-03-05 14:15:42 +01:00
Gunnar Beutner
bb393a9d4f Remove unused variables 2015-03-02 12:52:37 +01:00
Gunnar Beutner
9567cd663b Fix another potential hang in TlsStream::Handshake 
refs #8550
 2015-02-27 09:03:23 +01:00
Gunnar Beutner
4e8c5706e1 Don't send heartbeats during log replay 
fixes #8461
refs #8485
 2015-02-26 14:59:39 +01:00
Gunnar Beutner
0c51857084 Fix another crash in SocketEvents::Register 
fixes #8547
 2015-02-26 13:11:50 +01:00