Commit Graph

1821 Commits

Author SHA1 Message Date
Alexander A. Klimov c3388e9af6 Use std::mutex, not boost::mutex 2021-02-03 09:54:57 +01:00
Alexander Aleksandrovič Klimov dbdfe189c0
Merge pull request #7092 from Icinga/bugfix/command-escape-windows-4849
Fix Windows command escape for \"
2021-02-01 11:20:44 +01:00
Alexander Aleksandrovič Klimov 91ffa89dad
Merge pull request #7918 from Icinga/feature/check-timeouts-sigterm-6162
On check_timeout first send SIGTERM
2021-01-21 16:11:07 +01:00
Alexander Aleksandrovič Klimov 4063e39d5f
Merge pull request #8515 from Icinga/feature/update-ssl-context-after-accepting-new-connection-8501
API: Update the ssl context after each accepting incoming connection
2021-01-15 11:21:36 +01:00
Yonas Habteab 057254695d Utility: Introduce new helper function Utility::GetFileCreationTime() 2021-01-14 18:39:14 +01:00
Alexander Aleksandrovič Klimov 70b438a2bf
Merge pull request #8104 from Icinga/bugfix/remove-downtime-returns-wrong-status-7408
API: Display a correct status when removing a downtime
2021-01-14 17:49:00 +01:00
Alexander A. Klimov e1bc4d474f On check_timeout first send SIGTERM
... to allow check plugins to terminate gracefully.

refs #6162
2021-01-14 12:00:11 +01:00
Julian Brost f12666c166
Merge pull request #8157 from Icinga/bugfix/temporary-files-5124
Clean up temp files
2021-01-13 15:45:29 +01:00
Alexander A. Klimov 450b2117d2 Add ".tmp" to state and modified attributes temp files
refs #5124
2021-01-12 17:35:29 +01:00
Alexander A. Klimov 18c2dae941 Clean up temp files
refs #5124
2021-01-12 17:35:29 +01:00
Alexander A. Klimov 26c944125b Close FDs based on /proc/self/fd
... not to waste time with close(2)ing RLIMIT_NOFILE-3 non-existing FDs.

Newer kernel = higher RLIMIT_NOFILE = more time wasted

refs #8437
2021-01-12 17:32:28 +01:00
Benedikt Heine 8a455e8150 Fix typo seemless -> seamless 2020-12-25 23:27:08 +01:00
Julian Brost 00d8703aad
Merge pull request #7847 from Icinga/feature/log-trim-trailing-newlines-7828
Log: trim trailing newlines
2020-12-23 14:20:43 +01:00
Julian Brost eab07a7318 Provide a conversion function from icinga::String to boost::string_view
Boost.Beast changed the signature of
boost::beast::http::basic_fields::set in version 1.74 so that no longer
allows passing an icinga::String instance as value. This adds a
conversion function so that it works again.
2020-12-22 16:27:38 +01:00
Noah Hilverling f7e368564f
Merge pull request from GHSA-pcmr-2p2f-r7j6
Verify certificates against CRL before renewing them (2.13)
2020-12-15 12:30:19 +01:00
Alexander Aleksandrovič Klimov 6b04ef6e5d
Merge pull request #7871 from Icinga/feature/more-uoms-for-perfdata-7225
PerfdataValue: add UoMs
2020-12-14 18:42:49 +01:00
Alexander Aleksandrovič Klimov 366a97bf19
Merge pull request #8541 from Icinga/bugfix/openssl-error-buffer
Use proper buffer size for OpenSSL error messages
2020-12-09 16:08:19 +01:00
Julian Brost e86bd24348 Verify certificates against CRL before renewing them
When a CRL is specified in the ApiListener configuration, Icinga 2 only
used it when connections were established so far, but not when a
certificate is requested. This allows a node to automatically renew a
revoked certificate if it meets the other conditions for auto-renewal
(issued before 2017 or expires in less than 30 days).
2020-12-09 12:10:59 +01:00
Julian Brost bbfd1ecfc8 Use ERR_error_string_n() instead of ERR_error_string()
Explicitly pass the actual length of the buffer to avoid overflows.
2020-12-08 13:08:18 +01:00
Julian Brost c0fc9a86c5 Increase size of buffer for OpenSSL error messages
According to man 3 ERR_error_string, "buf must be at least 256 bytes
long", therefore increase the buffer size to 256 everywhere.
2020-12-08 13:08:18 +01:00
Julian Brost 61d7ec4bf7 Remove std::string to_string(const errinfo_openssl_error& e)
The function was never used and it's implementation contains a bug where
a buffer of too small size is used as a paramter to ERR_error_string.
According to the `man 3 ERR_error_info`, the buffer has to be at least
256 bytes in size.

Also the function seems of limited use as it allows to output the tag
object used with additional error information for exceptions in Boost.
However, you boost::get_error_info<>() just returns the value type but
not the full tag object from the exception.
2020-12-08 13:05:38 +01:00
Yonas Habteab dd02e3b6d8 API: Display a correct status code when removing a scheduled downtime 2020-12-07 13:19:41 +01:00
Alexander A. Klimov b8bb8cb946 Configuration.ApiBindHost: default to ::
refs #8183
2020-12-04 16:52:58 +01:00
Alexander Aleksandrovič Klimov bee4ac7f7c
Merge pull request #8040 from Icinga/feature/v1-actions-execute-command-8034
Add API endpoint: /v1/actions/execute-command
2020-12-02 10:53:24 +01:00
Michael Insel b9c6abc38c Fix perfdata parser not recognize scientific notation
The scientific notation is basically allowed in our performance data
parser. In an edge case where scientific notation is delivered with
an upercas E letter our parser does not recognize it and drops it as
false performance data.

The wrong interpretation as false performance data affects all parts of
the performance data, the value itself, the warning value, the critical
value, the minimum value and the maximum value.
2020-11-26 18:56:41 +01:00
Julian Brost 3f15963651 Remove SpinLock
No longer needed as its only user now uses std::mutex.
2020-11-17 09:40:34 +01:00
Julian Brost 4c8c4c75ec Add Process::WaitForResult to allow waiting for the process to finish 2020-11-16 17:10:26 +01:00
Alexander Aleksandrovič Klimov 5f3b5934fa
Merge pull request #8195 from Icinga/feature/terminate-pretty-json-output-w-n-8194
JsonEncode(): suffix pretty JSON w/ \n
2020-11-13 17:08:46 +01:00
Alexander Aleksandrovič Klimov 9c232e942b
Merge pull request #8085 from Icinga/bugfix/not-set-lcnumeric-twice-7563
Fix LC_NUMERIC set twice and use a wrong value
2020-10-29 16:47:43 +01:00
Alexander Aleksandrovič Klimov b5b1ee715b
Merge pull request #8184 from sbraz/boost
Fix ‘fs::copy_option’ has not been declared with boost 1.74.0
2020-10-29 16:19:07 +01:00
Alexander A. Klimov bb851b0558 Merge branch 'master' into feature/v1-actions-execute-command-8034 2020-10-28 18:37:08 +01:00
Julian Brost c30d8ff373 Remove Utility::GetEnv from header
It is never used and not even implemented anywhere, probably a leftover.
2020-10-20 12:19:15 +02:00
Alexander Aleksandrovič Klimov a32c1bf910
Merge pull request #7864 from Icinga/bugfix/icinga2-doesn-t-close-connections-7203
Add timeout for boost::asio::ssl::stream#async_shutdown()
2020-10-19 15:25:12 +02:00
Alexander Aleksandrovič Klimov 72c67fc065
Merge pull request #8370 from Icinga/bugfix/reload-hang-8173
Application#RunEventLoop(): don't wait for the thread pool to stop on shutdown
2020-10-14 18:11:23 +02:00
Alexander A. Klimov 4af450141b Introduce SpinLock 2020-10-14 10:47:08 +02:00
Henrik Triem 3c556350c8 WorkQueue: Allow choosing stats log level 2020-09-22 13:44:02 +02:00
Alexander A. Klimov d69c6879fa Application#RunEventLoop(): don't wait for the thread pool to stop on shutdown
refs #8173
2020-09-03 14:04:42 +02:00
Alexander A. Klimov 3adba5c542 JsonEncode(): suffix pretty JSON w/ \n
refs #8194
2020-09-02 16:11:43 +02:00
Louis Sautier c30bae2994
Fix ‘fs::copy_option’ has not been declared with boost 1.74.0
It was deprecated in
f199152b7d
2020-08-20 18:35:51 +02:00
Noah Hilverling 97fc70ccb2
Merge pull request #7836 from Icinga/bugfix/jsonrpcconnection-m_seen
Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message
2020-07-29 15:02:48 +02:00
Alexander A. Klimov bbe0f2d8c4 mkclass: make .ti class members atomic if possible
... not to have to lock the objects while setting attributes.
2020-07-07 18:24:06 +02:00
Yonas Habteab 24c6210ef2 Fix don't set LC_NUMERIC twice 2020-07-06 13:12:56 +02:00
Alexander A. Klimov 647f1547a9 Generalize I/O timeout emulation 2020-06-17 10:31:40 +02:00
Noah Hilverling df43cf573c
Merge pull request #8053 from Icinga/bugfix/segfault-map-reduce-filter-null-8047
Ensure the custom function is not null in Array#{sort,map,reduce,filter,any,all}()
2020-06-16 15:25:11 +02:00
Alexander A. Klimov 9c85401914 Ensure the custom function is not null in Array#{sort,map,reduce,filter,any,all}()
refs #8047
2020-06-09 12:35:04 +02:00
Alexander A. Klimov f21b60e390 StreamLogger#Flush(): lock self
... just to be sure.
2020-05-15 15:33:37 +02:00
Alexander A. Klimov 720a88c29a PerfdataValue: add UoMs
* {,{K,M,G,T,P,E,Z,Y}{,i}}B
  => bytes
* {,{k,m,g,t,p,e,z,y}{,i}}b
  => bits
* packets
* {n,u,m,}s m h d
  => seconds
* {n,u,m,,k,M,G,T,P,E,Z,Y}{{A,O,V,W},{A,W}{s,m,h}}
  => amperes, ohms, volts, watts, ampere-seconds, watt-hours
* lm dBm
  => lumens decibel-milliwatts
* {n,u,m,,k}g t
  => grams
* C F K
  => degrees-celsius, degrees-fahrenheit, degrees-kelvin
* {m,,h}l
  => liters

refs #7225
2020-04-03 12:47:36 +02:00
Alexander A. Klimov 8050bd9e76 PerfdataValue#Parse(): don't complain on unknown UoMs
refs #7225
2020-03-25 13:05:22 +01:00
Noah Hilverling 4c9e4959f3
Merge pull request #7823 from Icinga/bugfix/unify-application-start-times
Fix timing point for Application::GetStartTime() (related to command endpoint grace period)
2020-03-09 09:45:57 +01:00
Noah Hilverling 6e3c928205
Merge pull request #7837 from Icinga/bugfix/coroutine-exception
IoEngine#SpawnCoroutine(): always terminate coroutines cleanly
2020-03-03 11:19:18 +01:00
Michael Friedrich 06d0c3ea4e
Merge pull request #7843 from Icinga/feature/cli-pki-verify
CLI: Add `pki verify` command for better TLS certificate troubleshooting
2020-02-25 09:07:24 +01:00
Michael Friedrich fdb13d1b7d TlsUtility: Replace deprecated OpenSSL function with ASN1_STRING_get0_data() 2020-02-21 13:02:58 +01:00
Alexander A. Klimov 63a8c1b7ef Log: trim trailing newlines
refs #7828
2020-02-19 11:27:58 +01:00
Alexander A. Klimov 0f84ce0470 Consider a JsonRpcConnection being seen on a single byte of TLS payload, not only a whole message 2020-02-19 11:11:53 +01:00
Alexander A. Klimov b65aed1dd3 IoEngine#SpawnCoroutine(): always terminate coroutines cleanly 2020-02-19 10:51:26 +01:00
Michael Friedrich 548eb933c9 TlsUtility: Add getters for version, signature algorithm, SANs 2020-02-17 17:42:20 +01:00
Henrik Triem 099cc5d8df
Merge pull request #7833 from Icinga/feature/version-build-info-openssl
CLI: Add OpenSSL version to 'Build' section in --version
2020-02-17 17:07:51 +01:00
Michael Friedrich 71c7eebe4e CLI: Add OpenSSL version to 'Build' section in --version
This helps to see against which OpenSSL version Icinga was built.
Inspired by #5572
2020-02-14 08:55:39 +01:00
Michael Friedrich a7436394cd TlsUtility: Add IsCa() function to verify given certificate being a CA certificate 2020-02-13 16:03:43 +01:00
Michael Friedrich d53eb34520 Unify Application::GetStartTime() and drop GetMainTime()
This essentially moves the start time into the scope when main
starts to "do something", after the reload and configuration handling
is done.
2020-02-11 17:26:15 +01:00
Michael Friedrich ae8a0b6a64 Introduce Application::GetUptime() 2020-02-11 16:47:50 +01:00
Michael Friedrich 04edda531c
Merge pull request #7788 from Icinga/bugfix/windows-timeout-unknown-state
Terminate windows check processes with UNKNOWN state on timeout
2020-02-10 15:34:28 +01:00
Alexander A. Klimov 0ed0f73d9d IoEngine#SpawnCoroutine(): remove redundand overload 2020-02-05 15:31:57 +01:00
Alexander A. Klimov d98493c90f IoEngine#SpawnCoroutine(): don't copy parameter 2020-02-05 15:30:03 +01:00
Michael Insel d7dfa6f1df Terminate windows check processes with UNKNOWN state on timeout
On Windows this terminates checks that reached the timeout with the UNKNOWN
state instead the WARNING state.

Co-authored-by: araujorm <araujorm@users.noreply.github.com>
2020-01-27 21:43:01 +01:00
Michael Friedrich f62f2eb25e Boost Coroutines: Increase the default stack size from 64 to 256KB
refs #7532
2019-12-13 17:20:06 +01:00
Michael Friedrich 1cda421bad DSL: Add get_template{,s}
Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2019-11-08 11:13:26 +01:00
Alexander A. Klimov 768044a754 Replace std::shared_ptr<NamespaceValue> with NamespaceValue::Ptr
refs #7361
2019-10-21 17:10:51 +02:00
Alexander A. Klimov 4438ccbf9e Introduce SharedObject
refs #7361
2019-10-21 17:10:51 +02:00
Alexander A. Klimov ba1ce9c853 Replace std::shared_ptr<boost::asio::ssl::context> with Shared<boost::asio::ssl::context>::Ptr 2019-10-21 16:12:46 +02:00
Alexander A. Klimov 26ce2cfb73 Replace std::shared_ptr<AsioTcpStream> with Shared<AsioTcpStream>::Ptr 2019-10-21 16:12:46 +02:00
Alexander A. Klimov a1683568a1 Replace std::shared_ptr<AsioTlsStream> with Shared<AsioTlsStream>::Ptr 2019-10-21 16:12:35 +02:00
Alexander A. Klimov b046ffe152 Introduce Shared<T> 2019-10-21 11:07:42 +02:00
Michael Friedrich 2c0e0da2d9 Introduce IoEngine::SpawnCoroutine wrapping asio::spawn and Boost exceptions
This is required to

- catch all exceptions and wrap them into Boost exceptions. They
are the only ones allowed with Boost.Coroutine.
- set a dedicated coroutine stack size for Windows.

refs #7431
2019-09-09 16:40:35 +02:00
Michael Friedrich 5fa7331cc9 Quality: Replace deprecated Boost IO service code
https://github.com/boostorg/asio/issues/110
https://www.boost.org/doc/libs/1_66_0/doc/html/boost_asio/example/cpp03/services/logger_service.hpp
2019-09-09 15:27:57 +02:00
Michael Friedrich 1f50a705f9 Adjust code comment for Logger->Flush() on Windows 2019-09-06 09:24:34 +02:00
Michael Friedrich c2e1d023e2
Merge pull request #7421 from Icinga/feature/threadpool-metric
Expose metric current_pending_callbacks
2019-08-15 10:51:31 +02:00
Alexander A. Klimov a58a5feee3 Introduce ThreadPool#GetPending() 2019-08-14 17:12:59 +02:00
Michael Friedrich 43ea6fb636
Merge pull request #7419 from Icinga/bugfix/downtime-loop-activate-origin
Fix object create/delete config object cluster loop (missing message origin)
2019-08-14 16:29:08 +02:00
Michael Friedrich 96f62d2d34 Add Utility::ParseVersion() and unit tests
This now uses a regex to extract the short version
similar to how Icinga Web 2 does it.

Additional unit tests prove the rule.
2019-08-14 11:22:55 +02:00
Michael Friedrich c30edd0a34 Fix message origin for runtime created config object (create/delete events) 2019-08-13 15:05:47 +02:00
Michael Friedrich 0fd2fc0a4f Only include SSL_CTX_set_ecdh_auto for OpenSSL < 1.1.0 2019-07-23 17:39:02 +02:00
Michael Friedrich 844e821cd1
Merge pull request #7320 from Icinga/feature/foreground-5230
Rework reload handling on *nix
2019-07-18 18:24:22 +02:00
Michael Friedrich 71cf491a3b
Merge pull request #7331 from Icinga/bugfix/unit-tests-packaging-7327
Shutdown timers cleanly on exit
2019-07-17 15:16:04 +02:00
Alexander A. Klimov 80d976fed6 Shutdown timers cleanly on exit
refs #7327
2019-07-17 13:53:43 +02:00
Alexander A. Klimov 31e5394fe9 Fix style
refs #5230
2019-07-16 11:45:23 +02:00
Alexander A. Klimov c385355c38 DaemonCommand: make the atomics a bit more atomic
Just to be sure.

refs #5230
2019-07-16 11:39:09 +02:00
Alexander A. Klimov 4ee9ac16b4 Fix missing comments
refs #5230
2019-07-16 11:11:10 +02:00
Alexander A. Klimov 3584ad97d8 Fix missing log messages
refs #5230
2019-07-15 18:29:15 +02:00
Alexander A. Klimov ac29b3b93a Adjust sd_notify()
refs #5230
2019-07-15 17:04:55 +02:00
Alexander A. Klimov 06b504f291 Adjust PID file management
refs #5230
2019-07-15 17:04:53 +02:00
Alexander A. Klimov 37a3e7e4d5 Application::RunEventLoop(): forward restart requests to umbrella process
refs #5230
2019-07-15 15:23:37 +02:00
Alexander A. Klimov d6bc5a1a18 Remove old signal handlers
refs #5230
2019-07-15 15:06:29 +02:00
Michael Friedrich 6682a427d4 TLS: Ensure to specify options in one place
`SetTlsProtocolminToSSLContext()` may have overridden
previous flags.

refs #7277

refs #7041
refs #7211
2019-07-15 13:29:55 +02:00
Michael Friedrich 524e2368be Respect OpenSSL 1.1.0 vs older 2019-07-12 14:56:08 +02:00
Michael Friedrich 32d288f243 TLS: Fetch the cipher list and log them for debugging 2019-07-12 14:39:17 +02:00
Michael Friedrich 38b7f10e0e Array: Move Join into the base class, available for programmers 2019-07-12 14:36:55 +02:00
Michael Friedrich 0d25ae0e08 Quality: Prefer BOOST_{,UN}LIKELY gcc optimizer macros over our own
Our macro collides with Boost::DateTime and the gregorian classes
and I don't see any reason why we shouldn't use Boost::Config
being already there.
2019-07-09 13:20:53 +02:00
Michael Friedrich 065067c8b5
Merge pull request #7281 from Icinga/bugfix/openssl-1-0-1-7280
Use SSL_CTX_set_ecdh_auto only if available
2019-07-04 14:27:45 +02:00
Alexander A. Klimov 6568017658 Use SSL_CTX_set_ecdh_auto only if available
refs #7280
2019-07-04 13:05:31 +02:00