Commit Graph

635 Commits

Author SHA1 Message Date
Alexander A. Klimov 3617f05836 icinga2 pki save-cert: allow to specify --key and --cert
refs #7992
2020-04-28 17:34:00 +02:00
Michael Friedrich 06d0c3ea4e
Merge pull request #7843 from Icinga/feature/cli-pki-verify
CLI: Add `pki verify` command for better TLS certificate troubleshooting
2020-02-25 09:07:24 +01:00
Michael Friedrich 12b6c1aab9 CLI: Improve error handling for 'pki verify' command 2020-02-20 15:10:57 +01:00
Michael Friedrich e4e26d66a6 Build fix 2020-02-17 18:40:28 +01:00
Michael Friedrich 6f263a4922 Add `pki verify` CLI command: print, signed by CA, valid CA, CN match 2020-02-17 18:10:51 +01:00
Michael Friedrich cfd9b80027
Merge pull request #7838 from Icinga/bugfix/catch-exception-in-node-setup
Catch exception when trusted cert is not readable during node setup on agent/satellite
2020-02-14 09:51:17 +01:00
Michael Insel e4f25269fe
Fix Build
I have no idea how this got lost.
2020-02-14 07:56:23 +01:00
Michael Insel 90ac6cd9a1 CLI: Catch exception when trusted cert is not readable
This catches an exception when the trusted cert is not readable during
node setup.
2020-02-13 20:03:17 +01:00
Michael Friedrich 82e055bfb6 CLI: Clean up 'pki save-cert' command and remove deprecated params
This got obsoleted 4 years ago in a monster commit.
b297e8cfa7
2020-02-13 16:14:01 +01:00
Michael Friedrich e1557def94 CLI: Verify --trustedcert being a client, non CA certificate in 'node setup'
This commit also cleans some shell output with master vs. parent.
2020-02-13 16:09:16 +01:00
Michael Friedrich 5812dae55b Dev: Allow to delay main worker process in order to attach with LLDB
Introduce `-DInternal.DebugWorkerDelay=120` and sleep inside `RunWorker()`.

Rationale: With 2.11 we've introduced a real umbrella process where the
main process is spawned as child fork. Running icinga2 in foreground on
a macOS shell with LLDB will now exit, and not follow the child process.

LLDB doesn't support `follow-fork-mode child` like GDB and therefore we
need to:

- Print the child process PID
- Sleep for X seconds to allow the developer to run `lldb -p <PID>`, set breakpoints, etc.

This commit also documents all available debug build enabled internal constants.
2020-01-29 13:21:05 +01:00
Stuart Henderson 6744b1af54 cope with OS which don't fill in si_pid in siginfo
Icinga processes check si_pid on IPC signals to ensure that the signal
comes from an expected process. OpenBSD doesn't currently fill in si_pid
in siginfo (leaving it 0) so signals never pass this check, resulting
in startup failing to complete (the worker doesn't see the umbrella's
signal and vice-versa) - issue #7505.

Relax the requirement so that either 0 or the wanted pid is accepted.
2020-01-07 22:08:38 +00:00
Michael Friedrich 7e369c0443
Merge pull request #7546 from Icinga/feature/zone-in-zone-7530
DaemonUtility#ValidateConfigFiles(): re-try unknown zones once they may have become known
2019-10-31 16:34:08 +01:00
Alexander A. Klimov ba1ce9c853 Replace std::shared_ptr<boost::asio::ssl::context> with Shared<boost::asio::ssl::context>::Ptr 2019-10-21 16:12:46 +02:00
Alexander A. Klimov a1683568a1 Replace std::shared_ptr<AsioTlsStream> with Shared<AsioTlsStream>::Ptr 2019-10-21 16:12:35 +02:00
Alexander A. Klimov eacdb3dac7 DaemonUtility#ValidateConfigFiles(): re-try unknown zones once they may have become known
refs #7530
2019-09-30 10:26:13 +02:00
Michael Friedrich 5fa7331cc9 Quality: Replace deprecated Boost IO service code
https://github.com/boostorg/asio/issues/110
https://www.boost.org/doc/libs/1_66_0/doc/html/boost_asio/example/cpp03/services/logger_service.hpp
2019-09-09 15:27:57 +02:00
Michael Friedrich 9d6ee44e71
Merge pull request #7346 from Icinga/feature/check-plugins-code-page-7110
DaemonCommand#Run(): set code page to UTF-8
2019-08-27 14:51:30 +02:00
Michael Friedrich 01fe243f23 Log a hint after failed config validation for systemd users 2019-08-07 12:03:17 +02:00
Alexander A. Klimov 6418c2ebb7 icinga2 daemon --close-stdio: keep console log open during first config validation
refs #7394
2019-08-05 18:30:45 +02:00
Michael Friedrich 647348fbca CLI: Rename client -> agent 2019-07-20 12:53:19 +02:00
Alexander A. Klimov d7e52824c8 DaemonCommand#Run(): set code page to UTF-8
refs #7110
2019-07-19 18:00:46 +02:00
Alexander A. Klimov 31e5394fe9 Fix style
refs #5230
2019-07-16 11:45:23 +02:00
Alexander A. Klimov c385355c38 DaemonCommand: make the atomics a bit more atomic
Just to be sure.

refs #5230
2019-07-16 11:39:09 +02:00
Alexander A. Klimov 4ee9ac16b4 Fix missing comments
refs #5230
2019-07-16 11:11:10 +02:00
Alexander A. Klimov 372ecd8a72 Forward SIGUSR1
refs #5230
2019-07-15 18:36:34 +02:00
Alexander A. Klimov 3584ad97d8 Fix missing log messages
refs #5230
2019-07-15 18:29:15 +02:00
Alexander A. Klimov ac29b3b93a Adjust sd_notify()
refs #5230
2019-07-15 17:04:55 +02:00
Alexander A. Klimov 06b504f291 Adjust PID file management
refs #5230
2019-07-15 17:04:53 +02:00
Alexander A. Klimov 368ebf4fbf Catch programming errors
refs #5230
2019-07-15 15:24:07 +02:00
Alexander A. Klimov 37a3e7e4d5 Application::RunEventLoop(): forward restart requests to umbrella process
refs #5230
2019-07-15 15:23:37 +02:00
Alexander A. Klimov 249408209d Reload on SIGHUP
refs #5230
2019-07-15 15:23:34 +02:00
Alexander A. Klimov c303d08c24 Do the actual work in a separate process on *nix
refs #5230
2019-07-15 15:18:31 +02:00
Alexander A. Klimov d6bc5a1a18 Remove old signal handlers
refs #5230
2019-07-15 15:06:29 +02:00
Michael Friedrich 86108e6a1e Improve logging and code quality 2019-06-19 14:46:11 +02:00
Michael Friedrich a91bbe8acd Fix constant value for zone var override 2019-06-19 14:46:11 +02:00
Michael Friedrich e545884952 Improve logging for staged config sync 2019-06-19 14:46:11 +02:00
Michael Friedrich 1853254201 Pass the zonesVar override around 2019-06-19 14:46:11 +02:00
Michael Friedrich c2d7063ae7 Better signal for checking the cluster config sync stage (ignore production) 2019-06-19 14:46:11 +02:00
Michael Friedrich 65c8d43157 Add function docs for CA CLI commands 2019-06-07 10:33:55 +02:00
Michael Friedrich b32d818d1b CLI: Allow to list removed CSRs with 'ca list' 2019-06-07 10:33:55 +02:00
Michael Friedrich a35828a6ff CLI: Update ca remove/restore commands from my review 2019-06-07 10:33:55 +02:00
Andrew Jaffie d95feb4950 Log messages now use CN, file permissions fixed, ca remove now will not remove CSR's that have already been signed. 2019-06-07 10:33:55 +02:00
Andrew Jaffie 6aa2e0c36b Added ca restore command+docs to undo effects of ca remove 2019-06-07 10:33:55 +02:00
Andrew Jaffie 429f1ed317 Ignore repeated requests from client after using ca remove command 2019-06-07 10:33:55 +02:00
Andrew Jaffie a970f7dcf9 Implemented cli command + documentation. 2019-06-07 10:33:55 +02:00
Michael Friedrich 99bb7fa99c
Merge pull request #7196 from Icinga/feature/network-cleanup
Cleanup old code (HTTP, Cluster)
2019-05-29 14:50:40 +02:00
Michael Friedrich e72721b62f CLI: Remove broken troubleshoot command
It wasn't finished nor have we used it for support questions.

Issue templates, troubleshooting docs and external scripts
serve a better purpose here, especially with distributed systems.
2019-05-28 12:31:38 +02:00
Michael Friedrich c77d6eb869 Quality: Drop unused boost/tuple header include 2019-05-24 15:50:43 +02:00
Michael Friedrich f933aafd29 Quality: Purge old HTTP code in lib/remote 2019-05-24 15:50:43 +02:00