tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-07-29 08:34:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,454 Commits 274 Branches 124 Tags
Commit Graph

11454 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Bas Couwenberg
92cc5ecb5a Fix building with Boost 1.71. 
The CMake file that detects Boost.Test version uses an older version
format, and incorrectly thinks that the available Boost version is
very old. This patch removes the version check, since Debian already
has a sufficiently recent Boost version.
 2021-05-25 14:42:50 +02:00
Noah Hilverling
72e33d6300
Merge pull request #8789 from Icinga/bugfix/2.11-fix-non-unity-builds 
Fix non-unity builds in support/2.11
 2021-05-21 15:41:00 +02:00
Julian Brost
398a5baf70 Remove unused function declarations in tlsutility.hpp 
These were introduced in c510fe4dfed0f65824bb259433faa0988caa2447, probably
when resolving a merge conflict. However, these functions do not exist in 2.11,
but refer to the Array type which is not included in the header, leading to
non-unity build failing.

This commit simply removes these declarations and thus restores non-unity
builds in 2.11.
 2021-05-20 14:25:59 +02:00
Alexander Aleksandrovič Klimov
ff2001d7a1
Merge pull request #8783 from Icinga/probot/sync-changelog/bc63b653a427f283c9a1f475108d069f28c4b62c 
CHANGELOG.md: add v2.10.7
 2021-05-20 13:51:24 +02:00
Michael Friedrich
5247558156 CHANGELOG.md: add v2.10.7 2021-05-20 11:42:25 +00:00
Alexander Aleksandrovič Klimov
bc63b653a4
Merge pull request #8781 from Icinga/probot/sync-changelog/2c23a7e94f981b74a831a6535542710d6c048b84 
CHANGELOG.md: add v2.10.6
 2021-05-20 13:42:12 +02:00
Michael Friedrich
86a3209130 CHANGELOG.md: add v2.10.6 2021-05-20 11:36:32 +00:00
Alexander Aleksandrovič Klimov
2c23a7e94f
Merge pull request #8779 from Icinga/probot/sync-changelog/d17b4ecc4bfeb94611e4e8f5c52865540a9bb46b 
CHANGELOG.md: add v2.9.3
 2021-05-20 13:36:20 +02:00
Michael Friedrich
e35719f78e CHANGELOG.md: add v2.9.3 2021-05-20 11:30:26 +00:00
Noah Hilverling
d17b4ecc4b
Merge pull request #8560 from Icinga/bugfix/children-recover-too-late 
On recovery: re-check children
v2.11.8 		2020-12-15 13:11:46 +01:00
Alexander Aleksandrovič Klimov
7c7f549900
Merge pull request #8567 from Icinga/bugfix/fix-shared-ptr-2.11.8 
Build fix: Use correct shared pointer implementation
 2020-12-15 13:11:27 +01:00
Noah Hilverling
9c433044cc Build fix: Use correct shared pointer implementation 2020-12-15 13:00:23 +01:00
Noah Hilverling
1cf1e3f6ab
Merge pull request from GHSA-pcmr-2p2f-r7j6 
Verify certificates against CRL before renewing them (2.11)
 2020-12-15 12:30:18 +01:00
Noah Hilverling
221417d2e0 Add security fix to CHANGELOG 2020-12-15 10:49:24 +01:00
Julian Brost
c510fe4dfe Verify certificates against CRL before renewing them 
When a CRL is specified in the ApiListener configuration, Icinga 2 only
used it when connections were established so far, but not when a
certificate is requested. This allows a node to automatically renew a
revoked certificate if it meets the other conditions for auto-renewal
(issued before 2017 or expires in less than 30 days).
 2020-12-15 10:38:37 +01:00
Alexander Aleksandrovič Klimov
73c085a9b0
Merge pull request #8564 from Icinga/feature/changelog-2.11.8 
Add 2.11.8 changelog & change VERSION file
 2020-12-15 10:30:01 +01:00
Noah Hilverling
1966680c75 Add 2.11.8 changelog & change VERSION file 2020-12-15 10:27:16 +01:00
Alexander A. Klimov
4b0313d3f3 On recovery: re-check children 2020-12-11 16:40:29 +01:00
Alexander A. Klimov
3c15e71e19 Don't fire suppressed notifications if last parent recovery >= last check result 2020-12-11 16:40:29 +01:00
Noah Hilverling
7772022da5
Merge pull request #8550 from Icinga/bugfix/unable-to-toggle-notifications-from-icingaweb2-8533-2.11 
Fix runtime config updates not working for objects without zone
 2020-12-11 09:26:28 +01:00
Noah Hilverling
03b728b83e Fix runtime config updates not working for objects without zone 
refs #8533
 2020-12-10 17:07:04 +01:00
Noah Hilverling
46708bc055
Merge pull request #8543 from Icinga/bugfix/openssl-error-buffer-2.11 
Use proper buffer size for OpenSSL error messages (support/2.11)
 2020-12-09 15:53:39 +01:00
Julian Brost
905cf5aa65 Use ERR_error_string_n() instead of ERR_error_string() 
Explicitly pass the actual length of the buffer to avoid overflows.
 2020-12-09 12:23:07 +01:00
Julian Brost
3b37867d2e Increase size of buffer for OpenSSL error messages 
According to man 3 ERR_error_string, "buf must be at least 256 bytes
long", therefore increase the buffer size to 256 everywhere.
 2020-12-09 12:23:07 +01:00
Julian Brost
64a49ee3a1 Remove std::string to_string(const errinfo_openssl_error& e) 
The function was never used and it's implementation contains a bug where
a buffer of too small size is used as a paramter to ERR_error_string.
According to the `man 3 ERR_error_info`, the buffer has to be at least
256 bytes in size.

Also the function seems of limited use as it allows to output the tag
object used with additional error information for exceptions in Boost.
However, you boost::get_error_info<>() just returns the value type but
not the full tag object from the exception.
 2020-12-09 12:22:52 +01:00
Alexander Aleksandrovič Klimov
c0ad8bdb9a
Merge pull request #8510 from Icinga/feature/improve-config-sync-locking-2.11 
Improve config sync locking (support/2.11)
 2020-11-27 17:53:21 +01:00
Julian Brost
072434f3f3 Remove SpinLock 
No longer needed as its only user now uses std::mutex.
 2020-11-27 11:24:17 +01:00
Julian Brost
7d546aa2d8 ApiListener: merge new config validation and actication functions 
Merge AsyncTryActivateZonesStage and TryActivateZonesStageCallback and
name the result TryActivateZonesStage. The old split was a leftover from
the one being a callback function with no actual meaningful separation.
 2020-11-27 11:24:17 +01:00
Julian Brost
a96e6c3861 Use std::mutex instead of Spinlock 2020-11-27 11:24:17 +01:00
Julian Brost
3081d9942d API filesync: wait for validation process to exit 
This avoid having to pass a lock implictly using the captured variables
of a lambda.
 2020-11-27 11:24:17 +01:00
Julian Brost
fde51ed9f7 Add Process::WaitForResult to allow waiting for the process to finish 2020-11-27 11:24:17 +01:00
Julian Brost
b413f343c8
Merge pull request #8487 from Icinga/bugfix/2.11.7-changelog-fix 
Add #8486 to changelog
v2.11.7 		2020-11-16 17:43:17 +01:00
Noah Hilverling
8fea79b856 Add #8486 to changelog 2020-11-16 17:39:33 +01:00
Julian Brost
6b8a018afb
Merge pull request #8486 from Icinga/bugfix/config-sync-only-remove-files-if-timestamp-changed 
Config sync: Only remove files, if timestamp changed
 2020-11-16 17:36:42 +01:00
Noah Hilverling
f184c1bc57 Config sync: Only remove files, if timestamp changed 2020-11-16 17:33:20 +01:00
Noah Hilverling
6749b9aff5
Merge pull request #8485 from Icinga/feature/icinga-2.11.7 
Release version 2.11.7
 2020-11-16 15:25:22 +01:00
Julian Brost
d5d412362f Release version 2.11.7 2020-11-16 15:15:58 +01:00
Noah Hilverling
c40a4c5cbc
Merge pull request #8475 from Icinga/bugfix/replay-log-blocks 
Start ApiListener#SyncClient() in the thread pool
 2020-11-16 14:34:40 +01:00
Noah Hilverling
cd819e3801
Merge pull request #8473 from Icinga/bugfix/message-routing-for-global-zones-2.11 
Fix cluster message routing for global zones
 2020-11-16 14:32:52 +01:00
Noah Hilverling
42d9fb10cf
Merge pull request #8482 from Icinga/bugfix/close-anonymous-connections-2.11 
Close anonymous connections after 10 seconds
 2020-11-16 10:56:54 +01:00
Julian Brost
de44bf5e71 Close anonymous connections after 10 seconds 
Anonymous connections are normally only used for requesting a
certificate and are closed after this request is received. However, the
request is only sent if the child has successfully verified the
certificate of its parent so that it is an authenticated connection from
its perspective. In case this verification fails, both ends view it as
an anonymous connection and never actually use it but attempt a
reconnect after 10 seconds leaking the connection. Therefore close it
after a timeout.
 2020-11-13 16:33:04 +01:00
Alexander A. Klimov
ba87ae8109 Start ApiListener#SyncClient() in the thread pool 
... not hosting the coroutines not to block them.

Otherwise a large replay log would block messages sending
until the peer disconnects us.
 2020-11-12 14:14:20 +01:00
Julian Brost
1adfe851b1 Fix cluster message routing for global zones 
RelayMessageOne used to relay the message only to one other endpoint for
other zones, which is fine, as long as the target zone is a child/parent
zone but breaks if the target zone is a global one. In this case, the
message has to be forwarded within the local zone as well as to one node
in each child zone.
 2020-11-12 09:49:56 +01:00
Noah Hilverling
d80eb89908
Merge pull request #8457 from Icinga/bugfix/replay-object-deletion-2.11 
Log config object deletions to replay log
 2020-11-10 11:31:49 +01:00
Alexander Aleksandrovič Klimov
e4d7f4c63e
Merge pull request #8464 from Icinga/probot/update-authors/support/2.11/97cda44e7d96d537de5235414c70c8ad14ed39da 
Update AUTHORS
 2020-11-10 11:21:43 +01:00
icinga-probot[bot]
4072ee5f5e
Update AUTHORS 2020-11-10 10:17:27 +00:00
Alexander Aleksandrovič Klimov
97cda44e7d
Merge pull request #8399 from Icinga/feature/one-connection 
ApiListener#NewClientHandlerInternal(): reject connections from already connected endpoints
 2020-11-10 11:17:21 +01:00
Alexander Aleksandrovič Klimov
3c97ab6d47
Merge pull request #8454 from Icinga/feature/http-status-codes-in-icinga-mainlog-7053 
Include HTTP status codes in log
 2020-11-10 11:13:26 +01:00
Alexander Aleksandrovič Klimov
820e7eed3c
Merge pull request #8459 from Icinga/bugfix/do-not-accept-api-updates-for-unknown-zone-2.11.7 
API: Don't accept object updates for unknown global zone
 2020-11-10 10:20:46 +01:00
Noah Hilverling
b2a235c54a API: Don't accept object updates for unknown zone 2020-11-09 16:21:40 +01:00