b6874cc8d4
HttpServerConnection: log request processing time as well
2024-01-16 17:52:07 +01:00
6a4cb5c12c
HttpServerConnection: remove duplicate ")" from a log message
...
The commit 5c32a5a7dc
2024-01-16 16:31:00 +01:00
cc9db3756f
Revert "Influx DB: don't unneccessarily truncate timestamps to whole seconds"
...
This reverts commit eaa3cd83ad
2024-01-16 12:19:48 +01:00
fc5b1178c6
Revert "Remove no-op InfluxDB URL param"
...
This reverts commit 21f548d3c0
2024-01-16 12:19:47 +01:00
28b2db8446
Merge pull request #9851 from Icinga/Al2Klimov-patch-3
...
Make ObjectImpl<Logger>#GetSeverity() non-virtual
2023-12-22 12:44:51 +01:00
6c03598678
Merge pull request #9896 from Icinga/provide-cancel_time-where-has_been_cancelled-may-be-1
...
Disallow triggering a cancelled downtime, but provide cancel_time in Icinga DB downtime history where has_been_cancelled may be 1
2023-12-20 10:03:09 +01:00
949d983a76
Merge pull request #9895 from Icinga/targeted-api-filter
...
FilterUtility::GetFilterTargets(): don't run filter for specific object(s) for all objects
2023-12-19 15:18:41 +01:00
8b2e28a869
Merge pull request #9891 from Icinga/renew-the-ca-9890
...
ApiListener#Start(): auto-renew CA on its owner
2023-12-19 14:57:47 +01:00
96cfc4abe8
Merge pull request #9887 from Icinga/argument-list-too-long-9340
...
PluginNotificationTask::ScriptFunc(): on Linux truncate output and comment
2023-12-19 14:36:57 +01:00
175153ce6a
PluginNotificationTask::ScriptFunc(): on Linux truncate output and comment
...
not to run into an exec(3) error E2BIG due to a too long argument.
This sends a notification with truncated output instead of not sending.
2023-12-19 12:21:03 +01:00
966216f4ba
RequestCertificateHandler(): also renew if CA needs a renewal
...
and a newer one is available.
2023-12-18 15:28:11 +01:00
551c3afa60
CertificateToString(): allow raw pointer input
2023-12-18 15:28:11 +01:00
bc778116e9
ApiListener#Start(): auto-renew CA on its owner
...
otherwise it would expire.
2023-12-18 15:28:11 +01:00
36a08b0497
ApiListener#RenewCert(): enable optional CA creation
2023-12-18 15:28:11 +01:00
7b55df6f11
CreateCertIcingaCA(EVP_PKEY*, X509_NAME*): enable optional CA creation
2023-12-18 15:28:11 +01:00
953eeba061
Merge pull request #9893 from Icinga/do-not-re-notify-if-filtered-states-don-t-change-4503
...
Discard likely duplicate problem notifications via Notification#last_notified_state_per_user
2023-12-13 16:13:28 +01:00
ecfc9033b0
FilterUtility::GetFilterTargets(): don't run filter for specific object(s) for all objects
2023-12-13 16:02:50 +01:00
15191bcd74
ApplyRule::GetTarget*s(): support constant strings from variables
...
in addition to literal strings. This is for sandboxed filters with some
variables pre-set by the caller. They're "constant" in that scope, too.
2023-12-13 16:02:50 +01:00
a04cef1890
Introduce DictExpression#GetExpressions()
2023-12-13 16:02:50 +01:00
8bcae97ecc
Introduce Dictionary#GetRef()
2023-12-13 16:02:50 +01:00
97cd05db7a
Notification#BeginExecuteNotification(): on recovery clear last_notified_state_per_user
2023-12-13 13:21:22 +01:00
44e9c6f40d
Notification#BeginExecuteNotification(): discard likely duplicate problem notifications
2023-12-13 13:21:19 +01:00
74f52c6fcd
Introduce IsCaUptodate() by splitting IsCertUptodate()
2023-12-13 12:08:34 +01:00
871fa67b52
Merge pull request #9885 from Icinga/renegotiation
2023-12-12 17:38:09 +01:00
2cff763295
Cluster-sync Notification#last_notified_state_per_user
2023-12-12 15:29:50 +01:00
b25ba7a316
Notification#BeginExecuteNotification(): track state change notifications
2023-12-07 12:43:30 +01:00
d2a7117007
Merge pull request #9899 from Icinga/icinga2-crashes-silently-9897
...
IcingaDB#SendConfigDelete(): fix missing nullptr check before deref
2023-11-21 11:03:28 +01:00
7fc7d054af
Merge pull request #9841 from WuerthPhoenix/fix-9840-lock-console-api-during-reload
2023-11-21 10:36:26 +01:00
7174dc864d
IcingaDB#SendConfigDelete(): fix missing nullptr check before deref
2023-11-10 17:43:33 +01:00
9aaa9901bd
Icinga DB downtime history: provide cancel_time where has_been_cancelled may be 1
...
The table sla_history_downtime requires a downtime_end.
The Go daemon takes the cancel_time if has_been_cancelled is 1.
So we must supply a cancel_time whereever has_been_cancelled is 1.
Otherwise the Go daemon can't process some entries.
2023-11-08 15:22:39 +01:00
7ce9457a4a
Disable TLS renegotiation
...
The API doesn't need it and a customer's security scanner
is afraid of a potential DoS attack vector.
2023-11-06 18:46:37 +01:00
1f06589f7a
Remove dead code in GetSignatureAlgorithm()
...
This code was added in commit 548eb93
2023-10-20 18:55:44 +02:00
bba6a76f4a
Merge pull request #9853 from Icinga/GelfWriter-m_StreamMutex
...
GelfWriter: protect m_Stream via m_WorkQueue, not ObjectLock(this)
2023-09-07 11:46:38 +02:00
e5d988a2fe
Merge pull request #7799 from Icinga/bugfix/file-end
...
Fix file endings
2023-08-25 11:06:19 +02:00
4ee10a6c20
GelfWriter: protect m_Stream via m_WorkQueue, not ObjectLock(this)
...
On shutdown or HA re-connect ConfigObject#SetAuthority(false) is called which
does ObjectLock(this) and ConfigObject#Pause(). GelfWriter#Pause(), with the
above ObjectLock, calls m_WorkQueue.Join(). But items inside that also doing
ObjectLock(this) cause a deadlock.
2023-08-24 17:48:09 +02:00
993c9b742d
Make ObjectImpl<Logger>#GetSeverity() non-virtual
...
After all it's not overridden.
2023-08-15 13:03:31 +02:00
41e21cb8cf
Prevent calls to command API while the configuration is reloading.
...
Fixes #9840
2023-08-09 08:45:04 +02:00
1308ad62af
Stream#Read(): remove de facto unused param allow_partial
...
The only caller passes true, so no one forbids partial reads (even implicitly).
All usages in the implementation just assert it being true (allowed).
2023-07-13 16:55:48 +02:00
1af5109ad3
Merge pull request #9734 from Icinga/remove-unused-stream-peek-
...
Remove unused Stream#Peek()
2023-07-13 16:52:29 +02:00
8f8a6ee2a0
Application::m_LastReloadFailed: if double isn't always lock free, use uint32_t
...
which will overflow in 2106, not 2038.
This fixes a compile failure on 32-bit Raspbian.
2023-07-10 10:51:02 +02:00
000a776dfb
Built-in check command: ifw-api ( #9062 )
2023-07-06 14:18:21 +02:00
26a75f8a6f
Merge pull request #9812 from Icinga/support-elasticsearch-8-0-9251
...
ElasticsearchWriter: switch to v7+ URL schema to support v8
2023-07-05 10:15:10 +02:00
fe13b96226
Merge pull request #9809 from Icinga/reevaluate-and-update-default-tls-cipher-list-9808
...
Copy and paste global default TLS cipher set from ssl-config.mozilla.org
2023-07-03 19:13:10 +02:00
617dda61fb
Re-order global default TLS cipher list to prefer AES256 over AES128
2023-07-03 15:36:11 +02:00
4c2e59a690
ElasticsearchWriter: switch to v7+ URL schema to support v8
...
and OpenSearch 2. This breaks the EOL v5 and v6.
2023-07-03 14:43:45 +02:00
70d6b6e424
Merge pull request #9810 from Icinga/Al2Klimov-patch-8
...
ElasticsearchWriter#Pause(): call Flush() only once
2023-06-30 17:21:16 +02:00
076eb59443
ElasticsearchWriter#Pause(): lock m_DataBufferMutex during Flush()
...
just to be sure regarding race conditions.
2023-06-30 14:57:18 +02:00
a2e05f89e8
Enable built-in OpenSSL DH parameters to allow DHE TLS ciphers
...
Non-ECC DHE ciphers in the `cipher_list` attribute of `ApiListener` (the
default value includes these) had no effect as no DH parameters were available
and therefore the server wouldn't offer these ciphers. OpenSSL provides
built-in DH parameters starting from version 1.1.0, however, these have to be
enables explicitly using the `SSL_CTX_set_dh_auto()` function. This commit does
so and thereby makes it possible to establish a connection to an Icinga 2
server using a DHE cipher.
2023-06-29 12:06:26 +02:00
d5e6ecec8a
ElasticsearchWriter#Pause(): call Flush() only once
...
The first Flush() is redundant and may access m_DataBuffer at the same time as some Flush() in m_WorkQueue (race condition) which isn't joined, yet.
2023-06-29 10:42:12 +02:00
2e053b0e06
Copy and paste global default TLS cipher set from ssl-config.mozilla.org
...
which got more secure by now, but still overlaps with v2.13.x' set.
2023-06-28 14:49:08 +02:00
a2926b8604
Merge pull request #9794 from Icinga/round-notification-times-begin-end-not-to-crash-go-daemon
...
IcingaDB::PrepareObject(): round Notification#times.{begin,end} not to crash Go daemon
2023-06-27 17:08:41 +02:00
dccb678882
IcingaDB::PrepareObject(): cut off (null) negative Notification#times.{begin,end} not to crash Go daemon
...
At least our PostgreSQL schema enforces positive values.
2023-06-27 12:58:08 +02:00
415b810abf
IcingaDB::PrepareObject(): round Notification#times.{begin,end} not to crash Go daemon
...
The latter expects ints, not floats - not to mention strings.
Luckily Icinga already enforces numeric strings so that we can cast it to number.
2023-06-27 12:53:08 +02:00
9cf519316e
Merge pull request #9805 from Icinga/checkcommand-timeout-0-crashes-icinga-db-daemon-9804
...
IcingaDB::PrepareObject(): cut off (0) negative Command#timeout for Redis
2023-06-27 10:45:02 +02:00
c08d3beeb1
Merge pull request #9785 from Icinga/Al2Klimov-patch-8
...
Icinga DB: also write ConfigObject#original_attributes into Redis
2023-06-27 10:24:41 +02:00
bd11bc2eb4
Merge pull request #9793 from Icinga/unmarshal-number-42-5-into-go-struct-field-notification-notification_interval
...
IcingaDB::PrepareObject(): round Notification#interval and limit it to >=0
2023-06-27 10:12:13 +02:00
d641a3c799
IcingaDB::PrepareObject(): cut off (0) negative Command#timeout for Redis
...
not to crash the Go daemon which expects positive values there.
2023-06-26 15:36:47 +02:00
5350aa3c72
Merge pull request #9792 from Icinga/icingadb-conversion-of-strings-to-number-types-to-avoid-crashes-9791
...
IcingaDB::PrepareObject(): convert non-null Checkable#check_timeout to number
2023-06-26 15:03:21 +02:00
273aa6f997
IcingaDB::PrepareObject(): round Notification#interval and limit it to >=0
...
otherwise, e.g. with -42.5, the Go daemon crashes. It expects uints there.
2023-06-19 12:46:40 +02:00
9f08bad395
IcingaDB::PrepareObject(): convert non-null Checkable#check_timeout to number
...
and, in case of null, fall back to Checkable#check_command.timeout, just like
IcingaDB#SerializeState(). Otherwise the Go daemon crashes. It expects a number.
2023-06-15 12:29:42 +02:00
1587431945
POST /v1/objects: allow array of attrs to undo modifications of
2023-06-13 16:40:33 +02:00
385fe2fd76
Icinga DB: also write ConfigObject#original_attributes into Redis
...
for the case the Go daemon decides to sync them into DB.
2023-06-12 12:53:25 +02:00
7c381ae12f
Merge pull request #9779 from Icinga/macroprocessor-resolvemacro-quasi-cv-object-icingaapplication
...
MacroProcessor::ResolveMacro(): treat quasi-CV-object IcingaApplication as real CV-object
2023-05-31 20:41:31 +02:00
a9c80ffb2e
MacroProcessor::ResolveMacro(): treat quasi-CV-object IcingaApplication as real CV-object
...
As MacroProcessor checked just for CustomVarObject base class, but
IcingaApplication provided the vars attribute by itself, it had to also
resolve CV macros by itself. That logic diverged from MacroProcessor so that
macros inside IcingaApplication CVs weren't resolved. Until now.
2023-05-31 16:35:09 +02:00
8a42c3bf18
Merge pull request #9775 from Icinga/icingadb-service-crashes-on-negative-downtime-duration-or-end-before-start-9774
...
Icinga DB: don't write negative Downtime durations into Redis
2023-05-31 11:37:42 +02:00
75eaa81c06
Icinga DB: don't write negative Downtime durations into Redis
...
via `std::max(0, x)` not to crash the Go daemon which can't handle such.
2023-05-30 17:56:03 +02:00
b0899d9ab4
Merge pull request #8429 from Icinga/bugfix/last-reload-attempt-failed-8428
...
Share "Last reload attempt failed" time across Icinga process tree on *nix
2023-05-30 11:42:21 +02:00
d871c5c837
Merge pull request #9772 from Icinga/icinga-db-feature-should-normalize-command-arguments-required-skip_key-repeat_key-to-boolean-9576
...
Icinga DB feature: normalize *Command.arguments[*].{required,skip_key…
2023-05-25 11:54:01 +02:00
ad618e9716
Icinga DB feature: normalize *Command.arguments[*].{required,skip_key,repeat_key} to boolean
...
At the moment, the Icinga DB feature will use that value as-is and
serialize it to JSON, resulting in a crash in Icinga DB down the road
because it expects a boolean.
2023-05-24 16:04:14 +02:00
2470e930eb
Merge pull request #9643 from Icinga/hardware_concurrency
...
Always use Configuration#Concurrency, not `std:🧵 :hardware_concurrency()`
2023-05-23 19:23:14 +02:00
3fae41ef22
Restart thread pool after freezing Configuration
...
The user (-D) or we could have changed Configuration.Concurrency,
so correct the thread pool's thread amount.
2023-05-23 14:41:35 +02:00
0e25644151
Merge pull request #8969 from Icinga/bugfix/perfdata-dont-get-parsed-correctly-8912
...
PluginUtility: Fix PerfData parsing for values separated with multiple spaces
2023-05-22 17:16:31 +02:00
9376a311ea
Fix file endings
...
git ls-files -z \
|grep -zEe '^lib/' \
|grep -zEe '\.[ch]pp$' \
|xargs -0 perl -p0i -e 's/\n*(?!(?:.|\n))/\n/'
2023-05-17 18:05:13 +02:00
32eb1680f7
Configuration.Concurrency: default to 1 until Configuration freeze
...
not to start many threads before the user could override their amount (-D).
2023-05-11 16:59:47 +02:00
8fb5d53118
Track Configuration.Concurrency modifications
2023-05-11 15:41:35 +02:00
5c330e9d4f
Share "Last reload attempt failed" time across Icinga process tree on *nix
...
... as only the umbrella process knows that time,
but the icinga check running in the main process also needs to know it.
refs #8428
2023-05-08 14:42:21 +02:00
eca8890d49
Merge pull request #9718 from Icinga/acknowledgement-sync-between-masters-are-not-working-9652
...
Checkable#ProcessCheckResult(): only clean up ack comments older than check result
2023-05-05 15:29:38 +02:00
af9d67b262
Merge pull request #9726 from Icinga/43624b
...
Remove -and notify- expired downtimes immediately, not every 60s II
2023-05-02 11:25:03 +02:00
58b788cd51
Downtime#Start(): trigger flexible downtimes not earlier than fixed ones
...
the last state change could be a long time ago. If it's longer than
the new downtime's duration, the downtime expires immediately.
trigger time + duration < now
2023-04-18 16:55:32 +02:00
8238ec0d96
Merge pull request #9725 from Icinga/operation_aborted-shutDownIfNeeded.Cancel
...
ApiListener#NewClientHandlerInternal(): on basic_socket#cancel() (due to timeout) don't ssl::stream#async_shutdown()
2023-04-17 12:21:21 +02:00
0ac1cd1ecb
Rename Downtime::DowntimesExpireTimerHandler()
...
to actually reflect its purpose.
2023-04-14 14:52:05 +02:00
6adf2d19e4
Remove -and notify- expired downtimes immediately, not every 60s
...
Don't look for expired downtimes in a timer fired every 60s,
but fire one timer per downtime once at expire time.
2023-04-14 14:52:05 +02:00
ba7102cae3
Explicitly stop started timers and wait for them
...
before permitting their parent objects' destruction.
For the cases where the handlers have raw pointers to these objects.
2023-04-14 14:52:04 +02:00
8228fae740
Merge pull request #8627 from WuerthPhoenix/bug/agent-cannot-update-executions-8616
...
Fix update execution message discarded. refs #8616
2023-04-13 19:29:49 +02:00
f505325ff9
Merge pull request #9445 from Icinga/9365
...
Disallow config modifications via API during reload
2023-04-13 17:11:58 +02:00
c5c17928a6
Allow to exec command on endpoint where the checkable is not present but checkable has command_endpoint specified
2023-04-13 14:44:07 +02:00
2ee776b5ab
Disallow config modifications via API during reload
...
Once the new main process has read the config,
it misses subsequent modifications from the old process otherwise.
2023-04-12 14:45:40 +02:00
64e000df56
Introduce ConfigObjects*Lock
2023-04-12 13:36:48 +02:00
50018c1d2b
Merge pull request #8218 from efuss/redundancy_group
...
Introduce redundancy groups for Dependency Objects
2023-04-05 18:49:58 +02:00
24d95e1178
PluginUtility: Fix PerfData don't get parsed correctly
...
The problem was that some PerfData labels contained several whitespace characters,
not just one, and therefore it was parsed incorrectly in `SplitPerfdata()`. I.e. the condition
in line 144 checks whether the first and last character is a normal quote, but since the
label can contain spaces at the beginning and at the end respectively, this caused the problems.
This PR fixes the problem by removing all occurring whitespace from the beginning and end,
before starting to parse the actual label.
2023-04-05 15:37:54 +02:00
a66ace7245
Introduce SharedMemory
2023-04-04 13:40:27 +02:00
c41e5fd05d
Support multiple redundant Timer#Start() calls
...
so that only the first one changes l_AliveTimers (as in Timer#Stop()).
2023-04-04 10:35:22 +02:00
298f3b1973
Timer: actually support non-periodic timers
2023-04-04 10:35:22 +02:00
3933502739
Timer#Start(): don't unnecessarily unlock/lock l_TimerMutex
...
via new Timer#InternalRescheduleUnlocked()
2023-04-04 10:35:22 +02:00
13b9cfda41
Timer::TimerThreadProc(): don't unnecessarily unlock and lock l_TimerMutex
2023-04-04 10:35:22 +02:00
1badbab002
Timer::TimerThreadProc(): keep a Timer alive while it's running
...
to prevent the case: Timer callback destroys parent object -> destroys
Timer -> ~Timer() -> Stop(true) -> waits for the Timer callback to finish
-> deadlock.
2023-04-04 10:35:22 +02:00
9b00c1c4dd
Timer: drop unnecessary base class
2023-04-04 10:35:22 +02:00
24681b30f6
Make Timer::Ptr a std::shared_ptr
2023-04-04 10:35:22 +02:00
9ee4d08722
Make Timer#Timer() private to enforce Timer::Create() usage
2023-04-04 10:35:22 +02:00
21b68455ce
Use Timer::Create() instead of new Timer()
...
git ls-files -z |xargs -0 perl -pi -e 's/\bnew Timer\b/Timer::Create/g'
ex. in Timer::Create() itself.
2023-04-04 10:35:20 +02:00
Alexander A. Klimov
Julian Brost
Alexander Aleksandrovič Klimov
Theo Buehler
Mattia Codato
Yonas Habteab