tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,863 Commits 347 Branches 117 Tags 197 MiB
Commit Graph

805 Commits

Author SHA1 Message Date
Michael Friedrich fd9887c5af API: Harden default cipher list 
According to https://www.acunetix.com/blog/articles/tls-ssl-cipher-hardening/
 2019-06-05 09:55:43 +02:00
Michael Friedrich 146b337d4d
Merge pull request #7211 from Icinga/feature/asio-tls-version 
Require TLS 1.2 for Cluster & REST API
 2019-06-03 16:19:22 +02:00
Michael Friedrich d82c067555 Require TLS 1.2 for Cluster & REST API 
refs #7041
 2019-05-29 17:08:36 +02:00
Michael Friedrich 438da67209
Merge pull request #7210 from Icinga/bugfix/boost-asio-deprecated 
Quality: Replace deprecated get_io_service() with get_executor().context() for Boost ASIO
 2019-05-29 15:40:19 +02:00
Michael Friedrich 59b95ed1f0 Quality: Replace deprecated get_io_service() with get_executor().context() for Boost ASIO 
refs #7041
 2019-05-29 14:36:10 +02:00
Michael Friedrich 120aba3919 Quality: Removed unused HttpChunkedEncoding class 2019-05-28 13:46:19 +02:00
Michael Friedrich e606d14705 Quality: Clean JsonRPC class and add function docs 2019-05-24 15:50:43 +02:00
Michael Friedrich f933aafd29 Quality: Purge old HTTP code in lib/remote 2019-05-24 15:50:43 +02:00
Michael Friedrich af42e2dfc0
Merge pull request #7178 from Icinga/bugfix/api-package-repair 
API: Automatically repair broken _api package
 2019-05-10 14:40:48 +02:00
Michael Friedrich 6c9c65323e Workaround for boost::filesystem and Visual Studio on Windows 2019-05-10 13:38:12 +02:00
Michael Friedrich 6cce9c0fdd API: Automatically repair broken packages 
This partially reverts #7150 and avoids exceptions
inside the flow. Each time an empty active stage
is detected, Icinga tries to repair it from the
the given directory tree.

Also, the code now takes into account that it should
create the package storage on startup, whether within
the API object, or if disabled, inside the application.

Caching the active stages for packages in memory
only is in effect with the API feature being enabled.
This is useful for other deployed config packages,
not only the internal one.

fixes #7173
refs #7150
refs #7119
fixes #6959
 2019-05-10 12:48:34 +02:00
Elias Ohm 4c86c370bb fixup errbuf length in the other files and avoid using the static buffer in one place (for thread safety and code consistency reasons) 2019-05-09 09:30:12 +02:00
Michael Friedrich 03324b2fb6 Config packages: Catch active stage exceptions in rare cases 
Typically this already is detected on startup.
 2019-05-08 16:43:27 +02:00
Michael Friedrich 704aabcb63 Avoid dead-lock with config packages and active stages 2019-05-08 16:06:46 +02:00
Elias Ohm c10ff9dd72 try without initialization of frame Locals which are not used for permissions filter and as far as I can see also not for query filters 2019-05-02 09:03:30 +02:00
Elias Ohm 53febdea81 use current frame scope for permission filter function calls 2019-05-02 07:35:19 +02:00
Michael Friedrich 502c43fb12 Active packages: Don't try to fix broken config packages which are not cached yet 2019-04-30 12:19:35 +02:00
Michael Friedrich 2bca7a5bb5 Repair broken API config packages at runtime 
This means a new timer which checks every 5m whether the
active-stage can be read, and if not, it overwrites the
file on disk with the details from memory.
 2019-04-26 14:53:36 +02:00
Michael Friedrich f92c134b0a Cluster: Don't try to sync objects from broken _api package 2019-04-26 14:43:38 +02:00
Michael Friedrich c821e73364 Cache the API package stage name with a active-stage fallback 
This prevents reading the file everytime the stageName is required
for when creating a runtime object via REST API.
 2019-04-26 13:40:27 +02:00
Michael Friedrich 37de1a919b
Merge pull request #7088 from Icinga/feature/asio-event-queue 
Implement new event queue for ASIO consumers
 2019-04-25 16:54:43 +02:00
Michael Friedrich a7873da89d Eventqueue: Remove unused code 2019-04-25 16:21:07 +02:00
Alexander A. Klimov e86e3cc234 EventsFilter#Push(): ensure not to modify the global namespace 2019-04-25 15:56:38 +02:00
Alexander A. Klimov c209cf830b /v1/events: don't over-consume CPU-bound threads 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 5e8b4280bc New event queue: handle empty filter 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 94db282fd1 /v1/events: remove anti-deadlock hack 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 81713d0509 /v1/events: use new event queue 2019-04-25 15:56:38 +02:00
Alexander A. Klimov 7688994601 Implement new event queue for ASIO consumers 2019-04-25 15:56:38 +02:00
Michael Friedrich 0438c866f8
Merge pull request #7102 from Icinga/feature/boost-fs-7101 
Replace self-written filesystem ops with boost.filesystem
 2019-04-25 15:53:55 +02:00
Alexander A. Klimov 5afef1015d Replace unlink() with boost::filesystem::remove() 
refs #7101
 2019-04-25 09:53:02 +02:00
Alexander A. Klimov 5a17722c1f Replace _unlink() + rename() with boost::filesystem::rename() 
refs #7101
 2019-04-25 09:53:02 +02:00
Alexander A. Klimov ba842403ce Fix circular #include 
refs #6985
 2019-04-25 08:25:28 +02:00
Michael Friedrich 1ac693bf13
Merge pull request #7137 from Icinga/bugfix/disconnect-log-more-spam 
JsonRpcConnection: reduce log spam on disconnect
 2019-04-23 14:50:18 +02:00
Michael Friedrich 0f804d126b
Merge pull request #7133 from Icinga/feature/boost-asio-pki 
Use new I/O engine in PkiUtility::FetchCert() and PkiUtility::RequestCertificate()
 2019-04-23 14:27:48 +02:00
Alexander A. Klimov a6cd3e65cb JsonRpcConnection: reduce log spam on disconnect 2019-04-23 14:09:07 +02:00
Michael Friedrich 20d51d21dc
Merge pull request #7127 from Icinga/bugfix/replay-log 
ApiListener#RotateLogFile(): don't overwrite previous log
 2019-04-23 12:08:12 +02:00
Michael Friedrich 5fb191bbeb
Merge pull request #7126 from Icinga/bugfix/replay-logs-6932 
ApiListener#ApiTimerHandler(): delete all replayed logs
 2019-04-23 12:07:02 +02:00
Alexander A. Klimov 407e77883c ApiListener#ReplayLog(): read current log file too instead of rotating 2019-04-18 17:22:36 +02:00
Alexander A. Klimov 997d84bfa0 ApiListener#RotateLogFile(): don't overwrite previous log 2019-04-18 17:22:33 +02:00
Alexander A. Klimov 9b489cf9b9 ApiListener#ApiTimerHandler(): delete all replayed logs 
refs #6932
 2019-04-18 17:00:40 +02:00
Alexander A. Klimov f44e847717 Rotate replay log on shutdown, not on startup 2019-04-17 14:18:20 +02:00
Michael Friedrich 64568f5966
Merge pull request #7121 from Icinga/bugfix/concurrent-checks 
Fix that MaxConcurrentChecks constant is overridden from 'checker' feature
 2019-04-17 13:14:32 +02:00
Michael Friedrich ab97d606db
Merge pull request #7122 from Icinga/bugfix/evaluatefilter-change-globals 
FilterUtility::EvaluateFilter(): ensure not to modify the global namespace
 2019-04-16 17:40:20 +02:00
Alexander A. Klimov bdadb53940 FilterUtility::EvaluateFilter(): ensure not to modify the global namespace 2019-04-16 15:53:44 +02:00
Michael Friedrich b906714254 Fix that MaxConcurrentChecks constant is overridden from 'checker' feature 
Note: This drops the deprecated concurrent_checks setting from the checker feature
entirely and refactors the underlaying code handling.

Also affects ReloadTimeout which is new for 2.11.

fixes #7111
 2019-04-16 15:04:57 +02:00
Elias Ohm 1e7cd4afc8 * use dedicated permissions namespace for scriptframe in filterutility to allow proper parallel execution 
* fixes issue https://github.com/Icinga/icinga2/issues/6785 where permission checks get wrong result because permissions checks are done within a shared namespaces without using only unique keys
  * mitigates issue https://github.com/Icinga/icinga2/issues/6874 where segmentation faults occur because of concurrent access to non threadsafe parts of namespace (a fix for thread safety of namespaces which would be an alternative approach to get rid of these segfaults is out of scope of this fix as 6785 needs to be fixed anyway and this is the straight-forwards) way to fix that
* do the same for eventqueue (not certain whether events can be processed in parallel but I expect it is the case)
 2019-04-12 08:10:57 +02:00
Michael Friedrich 973b03dcb2
Merge pull request #7109 from Icinga/feature/enhance-cluster-message-send-code-docs 
Improve code docs for cluster message routing conditions
 2019-04-11 11:20:46 +02:00
Michael Friedrich b24a3be083 Improve code docs for cluster message routing conditions 
refs #6781
 2019-04-10 14:17:36 +02:00
Alexander A. Klimov de04bb13a8 JsonRpcConnection: reduce log spam on disconnect 2019-04-09 13:53:41 +02:00
Michael Friedrich f177d8786d HttpServerConnection: Log the user agent field for new requests too 
refs #7041
 2019-04-05 15:08:09 +02:00