tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,032 Commits 347 Branches 117 Tags 190 MiB
Commit Graph

59 Commits

Author SHA1 Message Date
Tobias von der Krone ce3062904f Use the server's preferred cipher for the API connection 
When using SSL_OP_CIPHER_SERVER_PREFERENCE the server's preferred cipher
is used instead of the client preference, see
https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_options.html

fixes #11290
 2016-03-04 14:57:06 +01:00
Gunnar Beutner 23edd6cb8f Add missing comment 
refs #10988
 2016-01-26 08:35:29 +01:00
Michael Friedrich a4562fb433 Only set SSL_OP_NO_COMPRESSION if supported 
OpenSSL 0.9.8 does not support this flag.

fixes #10988
 2016-01-25 14:53:26 +01:00
Tobias von der Krone 1c67bf394c Support TLSv1.1 and TLSv1.2 for the cluster transport encryption 
From https://wiki.openssl.org/index.php/SSL/TLS_Client:
SSLv23_method specifies the protocols used and behavior of the handshake.
The method essentially means SSLv2 or above, and includes the TLS protocols.
The protocols are further tuned through SSL/TLS options. By using
SSLv23_method (and removing the SSL protocols with SSL_OP_NO_SSLv2 and
SSL_OP_NO_SSLv3), then you will use TLS v1.0 and above, including TLS v1.2.
You will also use a TLS handshake in the TLS Record.

If you use TLSv1_method, then you will only use TLS v1.0.

fixes #10988
 2016-01-20 16:48:00 +01:00
Jean Flach cb70d97dcf Plug two memory leaks 
refs #10963
 2016-01-15 10:11:52 +01:00
Gunnar Beutner 599929b0f6 Update copyright headers for 2016 2016-01-12 08:29:59 +01:00
Michael Friedrich f0a5a0c23c Fix openssl certificate not after overflow on rhel5 
refs #10266
 2015-10-02 12:11:21 +02:00
Michael Friedrich 9a2ae6e58f Fix missing zero padding for generated CA serial 
fixes #10074
 2015-09-03 17:12:01 +02:00
Gunnar Beutner c37a23ccba Implement the Icinga Studio application 
fixes #10042
 2015-08-31 07:50:01 +02:00
Gunnar Beutner 5a72eaa768 Make sure the serial number field is always initialized 
fixes #9947
 2015-08-18 15:05:53 +02:00
Gunnar Beutner 0b495d1858 Set correct X509 version for certificates 
fixes #9769
 2015-07-29 12:59:12 +02:00
Gunnar Beutner b357012ded Implement HTTP support 
refs #9447
 2015-07-09 11:42:34 +02:00
Gunnar Beutner c08aa37c99 Fix crash in MakeX509CSR when using ancient versions of OpenSSL 
fixes #8844
 2015-03-26 08:23:24 +01:00
Gunnar Beutner bb393a9d4f Remove unused variables 2015-03-02 12:52:37 +01:00
Michael Friedrich 78bfd0204c Update copyright year 2015-01-22 12:00:23 +01:00
Gunnar Beutner 55b7f00382 Remove unnecessary includes 2014-12-15 10:16:06 +01:00
Gunnar Beutner a8b7710800 Fix crash in CreateCert 
fixes #7862
 2014-11-27 09:35:24 +01:00
Gunnar Beutner 478f03b49a Replace boost::shared_ptr with boost::intrusive_ptr 
refs #7622
 2014-11-09 16:54:41 +01:00
Gunnar Beutner 196bd89c7a Use OpenSSL's default algorithms for certificate signatures 
fixes #7434
 2014-10-27 11:32:39 +01:00
Gunnar Beutner 8ce4b3f122 Implement support for serial files 
fixes #7393
 2014-10-27 10:52:07 +01:00
Gunnar Beutner e80fd0fbfa Update the constants.conf file for "agent setup" 
refs #7423
 2014-10-23 15:05:25 +02:00
Gunnar Beutner b96e9d26a9 Improve error messages for CLI commands 
fixes #7395
 2014-10-20 13:40:17 +02:00
Gunnar Beutner 2d5e9514a5 Refactor logging code 2014-10-19 17:52:17 +02:00
Gunnar Beutner b18f57a745 Remove logger_fwd.hpp 2014-10-19 14:50:39 +02:00
Gunnar Beutner 97cf93089b Build fix for FreeBSD 2014-10-16 13:36:25 +02:00
Gunnar Beutner f433679b13 Implement the "pki request" and "pki ticket" commands 
refs #7244
 2014-10-16 12:27:34 +02:00
Gunnar Beutner 575a9eb849 Implement error handling for the "pki sign-csr" command 
refs #7247
 2014-10-15 18:23:49 +02:00
Gunnar Beutner c1b92756b5 Implement the "pki sign-csr" command 
refs #7274
 2014-10-15 16:01:15 +02:00
Gunnar Beutner fab9d7eedf Set CA flag for new CA certificates 
refs #7247
 2014-10-13 13:58:18 +02:00
Gunnar Beutner a01fb6d6e6 Make sure we're using the right user/group for CLI commands 
refs #7246
 2014-10-13 13:44:45 +02:00
Gunnar Beutner 4ba3d74c0e Implement the "pki new-csr" command 
refs #7247
 2014-10-13 12:34:31 +02:00
Gunnar Beutner 39248dad42 Build fix for Windows 2014-08-07 14:23:20 +02:00
Michael Friedrich 87e63edb93 Use a local buffer for ERR_error_string() 
refs #6724
refs #6682
 2014-08-05 11:30:06 +02:00
Michael Friedrich 9ae37bf109 Add verbose SSL error messages 
refs #6682
 2014-08-04 17:23:41 +02:00
Gunnar Beutner 541dacb636 Build fix for Linux (oops) 2014-08-04 09:50:30 +02:00
Gunnar Beutner 0de728db64 Build fix for OS X. 2014-08-01 17:05:51 +02:00
Gunnar Beutner 3f647bb779 Fix OpenSSL errors during (re-)negotiation 
fixes #6724
 2014-08-01 15:23:07 +02:00
Gunnar Beutner 61ba2e647e Add some missing SSL flags 
refs #6368
 2014-06-30 15:44:08 +02:00
Gunnar Beutner 632026cd9f Rename C++ header files. 
Fixes #6291
 2014-05-25 16:27:14 +02:00
Gunnar Beutner 12c8814bd8 Fix some more compiler warnings. 
Refs #5823
 2014-05-11 06:43:01 +02:00
Gunnar Beutner 0fb55f3404 Fix NSIS installer and Windows service. 
Refs #4865
 2014-04-18 12:15:01 +02:00
Gunnar Beutner 0ea144a64d Set OpenSSL locking callback. 
Refs #4865
 2014-04-12 21:22:59 +02:00
Michael Friedrich ce737ff2f3 Change copyright header (again). 
Fixes #5424
 2014-03-19 11:42:47 +01:00
Michael Friedrich 555d72150a Update copyright header. 
Fixes #5424
 2014-01-09 00:32:11 +01:00
Gunnar Beutner f5f8de8137 Fix compatibility with OpenSSL <1.0.0. 
Refs #3657
 2013-11-13 10:36:57 +01:00
Gunnar Beutner a5e3c70bcc Implement support for CRLs. 
Fixes #3657
 2013-11-13 10:30:40 +01:00
Gunnar Beutner 5647694c2a Build fix. 2013-10-17 15:52:26 +02:00
Gunnar Beutner 492aed030e Improve the error message for GetX509Certificate(). 2013-10-17 15:46:50 +02:00
Gunnar Beutner a03c58f27e MakeSSLContext: Check if keys match. 2013-10-15 21:24:55 +02:00
Gunnar Beutner bf1a800e39 Update copyright information. 2013-09-25 07:45:56 +02:00