Alexander A. Klimov
7e630c7732
HttpServerConnection#DataAvailableHandler(): be aware of being called multiple times concurrently
...
refs #6816
2018-12-03 19:05:41 +01:00
Michael Friedrich
5f25eb6b2d
Add a code comment for connection: close handling
2018-12-03 14:40:50 +01:00
Sven Wegener
a83dbc9de5
Restore 'Connection: close' behaviour in HTTP responses
...
Actually the `corked` functionality caused problems with
not closing connections properly.
Full Analysis: https://github.com/Icinga/icinga2/issues/6799#issuecomment-443710338
Full credits to @swegener :)
fixes #6799
2018-12-03 14:27:37 +01:00
Alexander A. Klimov
8de5326d23
Remove redundand check for object existence on creation via API
...
refs #3937
2018-11-29 17:51:53 +01:00
Michael Friedrich
5406ce6540
Ensure that API/JSON-RPC messages in the same session are processed and not stalled
...
This basically drops the "corked" implementation which just stalled the
TLS IO polling after some requests. If you need sort of rate limiting
for these events, use an external TLS proxy which terminates that in front
of Icinga.
fixes #6635
2018-10-29 12:57:24 +01:00
Michael Friedrich
6de4cef3ae
Merge pull request #6719 from Icinga/fix/finished-reconnect-message
...
Do not send 'finished reconnecting...' if failed
2018-10-24 11:51:34 +02:00
Michael Friedrich
bd8e9f55da
Merge pull request #6662 from Icinga/bugfix/keep-http-connection-open-until-stream-eof
...
Keep the HTTP server connection open until the stream is EOF
2018-10-24 11:31:06 +02:00
Michael Friedrich
3cb2c1d143
icinga.com: Update everything else
2018-10-18 09:50:53 +02:00
Michael Friedrich
dea5ec614e
icinga.com: Update CMakeLists.txt
2018-10-18 09:35:18 +02:00
Michael Friedrich
44c3b83769
icinga.com: Update '*.ti'
2018-10-18 09:30:00 +02:00
Michael Friedrich
dab53448bc
icinga.com: Update *.{h,c}pp
2018-10-18 09:27:04 +02:00
Michael Friedrich
34de8104b8
Fix regression with API permission filters and namespaces in v2.10
...
fixes #6682
2018-10-15 15:47:11 +02:00
Michael Friedrich
85e161ea1e
Silence config compiler logging for runtime created objects
...
This is especially problematic with many single creation requests,
e.g. many downtimes created via Icinga Web 2 & the REST API.
In addition to the config compiler messages, apply rule matches are
also in there which are removed by this patch.
2018-10-09 16:41:17 +02:00
Michael Friedrich
83a428c1ba
Keep the HTTP server connection open until the stream is EOF
...
fixes #4968
2018-10-09 16:01:43 +02:00
Michael Friedrich
e6eb703b36
Merge pull request #6661 from Icinga/bugfix/cache-http-peer-address
...
Cache the peer address in the HTTP server
2018-10-09 16:00:27 +02:00
Michael Friedrich
5c32a5a7dc
Cache the peer address in the HTTP server
...
Later socket calls are expensive and might lead
into a race condition on close when logging it.
refs #6655
2018-10-09 15:40:16 +02:00
Michael Friedrich
58cfc3955d
Merge pull request #6658 from Icinga/bugfix/api-connection-close-req-by-client
...
Ensure that HTTP/1.0 or 'Connection: close' headers are properly disconnecting the client
2018-10-09 13:49:22 +02:00
Michael Friedrich
9352f4bfb3
Merge pull request #6657 from Icinga/feature/api-debug-log-request-body
...
Enable the HTTP request body debug log entry for release builds
2018-10-09 13:29:00 +02:00
Michael Friedrich
13239c3172
Ensure that HTTP/1.0 or Connection: close headers are properly disconnecting the client
...
Test results: https://github.com/Icinga/icinga2/issues/6514#issuecomment-428155731
fixes #6514
2018-10-09 13:23:23 +02:00
Michael Friedrich
73263b7702
Enable the HTTP request body debug log entry for release builds
...
fixes #4282
2018-10-09 12:55:53 +02:00
Michael Friedrich
57081176de
Improve logging for disconnected HTTP clients
...
Previously this was inside the debug log, with the
new socket printers we can enhance checking for proper
connects and disconnects.
refs #6514
2018-10-09 12:22:19 +02:00
Michael Friedrich
82178e3b33
Don't inherit daemonize parameter from parent process
2018-09-27 20:30:19 +02:00
Thomas Forrer
816cae98fa
Fix config validation problem (startup.log) during /v1/config/stages API call
...
copy all arguments of parent process in AsyncTryActivateStage
2018-09-27 20:27:09 +02:00
Michael Friedrich
64e273afdd
Merge pull request #6639 from Icinga/fix/windows-api-log-rename
...
Ensure to _unlink before renaming replay log on Windows
2018-09-27 08:02:00 +02:00
Michael Friedrich
c979f86e4e
Merge pull request #6632 from Icinga/feature/cluster-faster-reconnect
...
Increase the cluster reconnect frequency to 10s
2018-09-25 17:07:01 +02:00
Michael Friedrich
cbde35ff22
Use a dynamic thread pool for API connections
...
The full analysis is located in #6517 .
fixes #6517
2018-09-25 12:43:10 +02:00
Michael Friedrich
cd819f74f4
Increase the cluster reconnect frequency to 10s
...
This is blocked by #6517 .
refs #6234
2018-09-25 12:36:30 +02:00
Michael Friedrich
29701b4db5
Add ApiListener#tls_handshake_timeout option
...
This allows to specify the previously hardcoded
timeout of 10s.
refs #6517
2018-09-14 09:20:09 +02:00
Michael Friedrich
dd59964702
Merge pull request #6596 from Icinga/bugfix/gcc-8-f28-hardening-crash
...
Fix crash on API queries with Fedora 28 hardening and GCC 8
2018-09-11 20:44:12 +02:00
Noah Hilverling
3854ed683b
Improve TLS handshake exception logging
2018-09-06 15:58:42 +02:00
Michael Friedrich
1f4f6282c7
Fix crash on API queries with Fedora 28 hardening and GCC 8
...
The actual fix is to handle nullptr references differently
for an empty filter expression. The other changes include
oob checks not necesarily involved.
fixes #6533
2018-09-06 09:56:04 +02:00
Michael Friedrich
9a75f47fc5
Allow to configure anonymous clients limit inside the ApiListener object
...
Previously this was hardcoded, and for security reasons users might want
to adjust this value. This affects CSR signing requests as well as
clients which have not yet been configured as endpoints on the current
node.
refs #6566
2018-09-05 17:45:35 +02:00
Michael Friedrich
a1ec919f5b
Raise the message size for anonymous client and pki request calls to 1MB
...
If one sends the full certificate chain, this previous limit of 64KB
could be hit.
2018-09-05 17:44:05 +02:00
Michael Friedrich
237fd520db
Merge pull request #6509 from gunnarbeutner/feature/real-constants
...
Implement support for namespaces
2018-08-24 12:10:10 +02:00
Michael Friedrich
7a22113f86
Merge pull request #6570 from Icinga/bugfix/tls-anonymous-clients-limit
...
Increase limit for simultaneously connected anonymous TLS clients
2018-08-23 17:13:41 +02:00
Michael Friedrich
0dd168fe80
Increase limit for simultaneously connected anonymous TLS clients
2018-08-23 17:10:51 +02:00
Michael Friedrich
6a71b75f63
ApiListener: Dump the state file port detail as number
...
refs #6511
2018-08-22 12:57:47 +02:00
Gunnar Beutner
e678fa1aa5
Refactor Application::*Const()
2018-08-13 15:27:05 +02:00
Gunnar Beutner
8fda8d72ac
Implement support for the namespace and using keywords
2018-08-13 13:44:31 +02:00
Gunnar Beutner
1a8692d972
Implement support for namespaces
2018-08-13 13:44:31 +02:00
Michael Friedrich
060a1ebbd9
Merge pull request #6512 from Icinga/feature/sni-environment
...
Refactor environment for API connections
2018-08-10 13:15:48 +02:00
Michael Friedrich
97513965e6
Introduce IcingaApplication#environment
...
Precedence as follows:
- DEnvironment=...
- const Environment = ...
- object IcingaApplication "app" { environment = "..." }
The wrapped script constant handling is required
since we cannot directly link from libremote (SNI handling)
to libicinga where the object resides. Instead we'll
use the Application class helpers for hiding the ScriptGlobal
calls.
2018-08-10 12:49:48 +02:00
Michael Friedrich
a4c689e5cf
Build fix for CentOS 7 and non-unity builds
2018-08-09 16:23:24 +02:00
Michael Friedrich
b350512b11
Rename to Environment constant
2018-08-09 13:19:33 +02:00
Markus Frosch
eb02d9041d
Refactor environment for API connections
...
* Const renamed to `ApiEnvironment`
* Handling moved to ApiListener
* Now a property of ApiListener
2018-08-09 13:19:33 +02:00
Michael Friedrich
f1e7e635a2
Merge pull request #6531 from Icinga/feature/zone-all_parents
...
Expose Zone#all_parents via API
2018-08-09 13:11:23 +02:00
Michael Friedrich
ecb73e08ed
Implement ApiListener status file removal on shutdown
2018-08-09 11:54:34 +02:00
Noah Hilverling
7b977b2c52
Do not send 'finished reconnecting...' if failed
2018-08-09 08:29:27 +02:00
Markus Frosch
20269a89d0
ApiListener: Add support for dynamic port handling
2018-08-08 17:42:57 +02:00
Alexander A. Klimov
ea5614f7df
Expose Zone#all_parents via API
2018-08-08 14:38:02 +02:00
Alexander A. Klimov
7bcbd9b497
Rename Zone#GetAllParents() to Zone#GetAllParentsRaw()
2018-08-08 14:38:02 +02:00
Markus Frosch
9fbc40615a
Improve path handling in cmake and daemon
2018-08-07 14:10:26 +02:00
Michael Friedrich
1d22b6e176
Merge pull request #6410 from Icinga/remove-dead-code
...
Remove unused code
2018-07-27 15:56:52 +02:00
Markus Frosch
ddc5b951b3
Revert "Implement support for the --env command-line argument"
2018-07-26 17:09:06 +02:00
Michael Friedrich
46e71a83dc
Merge pull request #6414 from Icinga/feature/icinga-envs
...
Implement support for the --env command-line argument
2018-07-26 10:09:42 +02:00
Michael Friedrich
038b2fb94c
Merge pull request #6379 from Icinga/global-zone-validation
...
Throw config error when using global zones as parent
2018-07-26 10:01:46 +02:00
Jean Flach
2b44eff8da
Fix "Discard" message being warning
2018-07-26 09:39:03 +02:00
Alexander A. Klimov
ac6afadb5a
Make HttpServerConnection#m_DataHandlerMutex a boost::recursive_mutex
...
refs #6428
2018-07-09 14:40:32 +02:00
Gunnar Beutner
c577554073
Implement support for the --env command-line argument
2018-06-27 13:15:52 +02:00
Jean Flach
4159682cf8
Remove unused code
...
These methods and types were used only by the Icinga Studio
2018-06-25 10:09:30 +02:00
Michael Friedrich
a1c2eb3d87
Ensure to _unlink before renaming replay log on Windows
2018-06-22 11:12:09 +02:00
Michael Friedrich
0ffb8af8e3
Conform to RFC for CRLF in HTTP requests
...
refs #6242
2018-06-21 16:53:44 +02:00
Michael Friedrich
cfd6c79a03
Merge pull request #6387 from Icinga/fix/remove-broken-api-user-hash
...
Remove ApiUser password_hash functionality
2018-06-19 14:26:32 +02:00
Michael Friedrich
2fd6709952
Remove ApiUser password_hash functionality
...
This affects and fixes
- Windows reload
- Config validation
- RHEL 7.5 OpenSSL memory corruption
- Hash algorithm, requested changes
refs #6378
refs #6279
refs #6278
2018-06-19 11:32:03 +02:00
Alexander A. Klimov
a0fca599da
HttpRequest#ParseBody(): indicate success on complete body
...
refs #6184
2018-06-18 16:02:22 +02:00
Jean Flach
ee9be90fa7
Throw config error when using global zones as parent
2018-06-15 14:40:09 +02:00
Michael Friedrich
8c3c4704d2
Merge pull request #6371 from Icinga/bugfix/socket-io-handling-with-http-json-rpc-6361
...
ApiListener#NewClientHandlerInternal(): Explicitly close the TLS stream on any failure
2018-06-15 14:35:48 +02:00
Michael Friedrich
b9bfe70444
Fix missing name for workqueue while creating runtime objects via API
...
fixes #6364
2018-06-15 14:25:03 +02:00
Alexander A. Klimov
7741517df7
ApiListener#NewClientHandlerInternal(): Explicitly close the TLS stream on any failure
...
refs #6361
2018-06-14 15:03:04 +02:00
Michael Friedrich
447dad91c0
Increase header size to 8KB for HTTP requests
...
This is the default for Tomcat and Apache too
and avoids problems with cookies and long URLs.
fixes #6355
2018-06-06 20:25:36 +02:00
Michael Friedrich
f788878f79
Update log message for skipped certificate renewal
...
Users kept asking about it, still it is just an "information"
that this isn't needed yet.
2018-05-18 17:04:03 +02:00
Michael Friedrich
7f579db9af
Merge pull request #6305 from gunnarbeutner/feature/environment-variable
...
Introduce the 'Environment' variable
2018-05-15 14:04:50 +02:00
Gunnar Beutner
9c1e00eb94
Introduce the 'Environment' variable
2018-05-15 12:02:15 +02:00
Michael Friedrich
f070d2136a
Ensure that user input for groups is unique on API object creation
...
refs #4732
2018-05-09 17:26:10 +02:00
Jean Flach
c54e042942
Add activation priorities for config object types
...
This patch ensures that specific configuration types
are pre-activated and post-activated. In general,
logging is first, then common configuration objects
like host/service, downtimes, etc.
In the end, all features are activated after to ensure
that notifications are only sent once downtimes are applied.
A similar thing happens for starting with checks too early.
The ApiListener feature runs first to allow cluster connections
at first glance.
fixes #6057
fixes #6231
2018-05-04 11:25:47 +02:00
Michael Friedrich
a8b5d8e64a
Merge pull request #6205 from Icinga/feature/api-verbose-errors
...
API: Unify verbose error messages
2018-04-17 16:40:11 +02:00
Jan Beich
106be295eb
Explicitly use long with boost::posix_time
...
In file included from lib/base/base_unity.cpp:61:
lib/base/timer.cpp:295:31: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
l_TimerCV.timed_wait(lock, boost::posix_time::milliseconds(wait * 1000));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from lib/remote/remote_unity.cpp:19:
lib/remote/eventqueue.cpp:111:30: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
if (!m_CV.timed_wait(lock, boost::posix_time::milliseconds(timeout * 1000)))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from lib/checker/checker_unity.cpp:1:
lib/checker/checkercomponent.cpp:128:26: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
m_CV.timed_wait(lock, boost::posix_time::milliseconds(wait * 1000));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/local/include/boost/date_time/time_duration.hpp:270:30: note: candidate constructor (the implicit copy constructor) not viable: no known conversion from 'double' to 'const boost::date_time::subsecond_duration<boost::posix_time::time_duration, 1000>' for 1st argument
class BOOST_SYMBOL_VISIBLE subsecond_duration : public base_duration
^
/usr/local/include/boost/date_time/time_duration.hpp:270:30: note: candidate constructor (the implicit move constructor) not viable: no known conversion from 'double' to 'boost::date_time::subsecond_duration<boost::posix_time::time_duration, 1000>' for 1st argument
/usr/local/include/boost/date_time/time_duration.hpp:286:59: note: candidate template ignored: disabled by 'enable_if' [with T = double]
typename boost::enable_if<boost::is_integral<T>, void>::type* = 0) :
^
2018-04-15 04:06:11 +00:00
Michael Friedrich
b53685db59
Fix error handling on config package delete
2018-04-12 19:24:08 +02:00
Michael Friedrich
194c99a86e
Allow to disable brackets for the Url class and Format()
...
This commit also adds unit tests.
refs #5706
2018-04-06 15:22:17 +02:00
Michael Friedrich
1b31ec8378
Fix verbose errors in config files handler
2018-04-06 12:55:03 +02:00
Michael Friedrich
17846e04d8
Fix verbose error message in modify object handler
2018-04-06 12:52:17 +02:00
Michael Friedrich
6b2decb44b
Fix verbose error handling in variable and template query handlers
2018-04-06 12:50:06 +02:00
Noah Hilverling
24752f3733
Merge pull request #6204 from Icinga/fix/api-create-object-exists-errors
...
API: Check if objects exists and return proper error message
2018-04-06 12:47:31 +02:00
Michael Friedrich
3e83e94c15
Fix object and status query verbose errors
2018-04-06 12:47:20 +02:00
Michael Friedrich
bd7598cb1b
API: Check if objects exists and return proper error message
2018-04-06 12:32:27 +02:00
Michael Friedrich
c4a6ab0211
Add diagnostic_information as verbose error to config object handlers
2018-04-06 12:26:49 +02:00
Jean Flach
6d81c5c34f
Merge pull request #6199 from Icinga/fix/action-http-code
...
Return 500 when no api action is successful
2018-04-06 11:20:43 +02:00
Jean Flach
f133c7914e
Build fix
2018-04-06 10:43:33 +02:00
Michael Friedrich
a00197e919
Refactor actions error messages
2018-04-06 10:30:27 +02:00
Michael Friedrich
4bf731fc16
More config stages refactoring
2018-04-06 10:13:08 +02:00
Noah Hilverling
22c3a7933e
Fix API action status codes
2018-04-06 10:06:15 +02:00
Michael Friedrich
36cdf8a0d2
More refactoring of config packages errors
2018-04-06 09:53:54 +02:00
Michael Friedrich
de2d18d85d
Enhance error handling in type query handler
2018-04-05 17:23:26 +02:00
Michael Friedrich
7f015c0d2f
Enhance error handling in config packages handler
2018-04-05 17:21:14 +02:00
Michael Friedrich
75c5e6f6b0
Enhance error handling in config stages handler
2018-04-05 17:17:30 +02:00
Michael Friedrich
1dd8409691
Check for verbose error handling in SendJsonError()
2018-04-05 17:17:06 +02:00
Jean Flach
9b291be989
Return 500 when no api action is successful
...
fixes #5095
2018-04-05 15:56:06 +02:00
Jean Flach
69ea2f3a64
Fix crash in remote api console
2018-04-04 12:23:45 +02:00
Michael Friedrich
b11ab95f41
Fix crash without CORS config settings
...
fixes #6173
refs #6098
2018-03-21 20:42:31 +01:00
Michael Friedrich
064fc80cc3
Merge pull request #6098 from Icinga/fix/improve-cors-implementation
...
Clean up CORS implementation
2018-03-19 16:00:36 +01:00
Michael Friedrich
429f518b49
Improve error handling for empty packages in /v1/config/packages
...
- If there is no package main directory, assume "empty packages".
- Catch exceptions thrown through GlobRecursive() and present a better http 500
to the user.
The packages directory tree is automatically created with the first
package creation, either from the user, or by the `_api` package.
fixes #6129
2018-03-07 13:35:09 +01:00
Gunnar Beutner
9cd5298d8b
Ensure that SetCorked() works properly
2018-03-06 09:03:35 +01:00
Gunnar Beutner
b172a67867
Fix incorrect argument type for JsonRpc::SendMessage
2018-03-06 08:58:19 +01:00
Jean Flach
1bdd14b428
Limit anonymous connections to 25
2018-03-05 13:22:43 +01:00
Noah Hilverling
54ff60cd8c
Limit JSON-RPC message size
2018-03-05 10:29:05 +01:00
Noah Hilverling
186cad9872
Clean up CORS implementation
2018-03-01 14:04:56 +01:00
Gunnar Beutner
d23c03bfa5
Merge pull request #6134 from gunnarbeutner/fix/incorrect-content-length-limits
...
Fix incorrect HTTP content length limits
2018-02-28 14:16:15 +01:00
Gunnar Beutner
a3bf8cd26e
Merge pull request #6133 from Icinga/fix/cork-socket
...
Limit the number of HTTP/JSON-RPC requests we read in parallel
2018-02-28 12:48:06 +01:00
Gunnar Beutner
45c2803f3e
Fix incorrect HTTP content length limits
2018-02-28 12:28:02 +01:00
Gunnar Beutner
c1837ea90b
Merge pull request #6131 from Icinga/feature/log-master-ticket-invalid
...
Log which ticket was invalid on the master
2018-02-28 12:22:34 +01:00
Gunnar Beutner
6848af50ff
Add SetCorked() calls to the JsonRpcConnection class
2018-02-28 11:42:05 +01:00
Jean Flach
d0cf7c654e
Use cork in tlsstream and HTTP connection
2018-02-28 11:40:58 +01:00
Gunnar Beutner
a4a73fa67c
Fix null ptr dereference in HttpServerConnection::ProcessMessageAsync
2018-02-28 11:07:19 +01:00
Gunnar Beutner
6d01808adf
Fix incorrect return value
2018-02-28 10:50:33 +01:00
Michael Friedrich
ad31e0d118
Log which ticket was invalid on the master
...
This helps debugging a lot, especially to reproduce the issue
why the ticket is invalid.
2018-02-28 10:18:29 +01:00
Jean Flach
ef5e7e8510
Fix incorrect size of request limits
...
refs #6103
2018-02-23 14:29:18 +01:00
Jean Flach
6bb2ed4258
Merge branch 'feature/security-features'
2018-02-21 16:19:54 +01:00
Jean Flach
184580f705
Merge pull request #6103 from Icinga/fix/http-security-fixes
...
HTTP Security fixes
2018-02-21 15:04:02 +01:00
Jean Flach
85f45d9b94
Minor codestyle and doc changes
2018-02-21 14:52:44 +01:00
Noah Hilverling
64ffe4f840
Fix nullptr posibility in ProcessEvent
2018-02-21 13:47:46 +01:00
Noah Hilverling
948333225d
Fix nullptr deref in cluster events
2018-02-21 13:47:46 +01:00
Noah Hilverling
2823ebb831
Limit HTTP body size
2018-02-20 13:32:04 +01:00
Noah Hilverling
817415f6a5
Fix requests not being closed correctly
2018-02-20 13:32:04 +01:00
Jean Flach
8ffa4f04a7
Add timeout for TLS handshakes
2018-02-20 13:32:04 +01:00
Jean Flach
ee5954726d
Authenticate API user before parsing body
2018-02-20 13:32:04 +01:00
Jean Flach
73b85bcccb
Only read body from authenticated connections
...
This means we are not allowing unauthenticated requests anymore
2018-02-20 13:32:04 +01:00
Jean Flach
81c4004894
Fix nullptr deref
2018-02-20 13:32:04 +01:00
Gunnar Beutner
a9f2a8de19
Add HTTP Header size limits
2018-02-20 13:32:04 +01:00
Gunnar Beutner
2789d1a859
Add validation for HTTP connection sizes
2018-02-20 13:32:04 +01:00
Gunnar Beutner
8a8d42b154
Remove redundant 'this->'
2018-02-19 08:08:16 +01:00
Jean Flach
0a0795f09d
Code style
2018-02-16 11:47:13 +01:00
Jean Flach
df86245fe8
Fix crash when using incorrectly formatted password hash
2018-02-15 13:09:22 +01:00
Jean Flach
65a806f5dc
Move new password functions into tlsutility
2018-02-15 13:09:22 +01:00
Jean Flach
92e2faaa08
Hash API password and comparison
...
fixes #4920
2018-02-15 13:09:22 +01:00
Michael Friedrich
ad7e801db9
Fix crash with anonymous clients on certificate signing request and storing sent bytes
...
refs #5753
2018-02-09 17:18:20 +01:00
Jean Flach
cc73eed2af
Merge pull request #5992 from Icinga/feature/remove-includes
...
Remove unused includes
2018-01-25 09:13:02 +01:00
Gunnar Beutner
0cc9af6bee
Remove duplicate semicolons
2018-01-24 12:07:52 +01:00
Gunnar Beutner
94e6be1a65
Remove unused includes
2018-01-22 09:52:29 +01:00
Jean Flach
1da6b2c883
Fix whitespaces in CMakeLists files
...
Uses 2 space indentation as standard
2018-01-19 09:19:40 +01:00
Gunnar Beutner
9d436605f0
Fix compatibility with CMake < 3.1
2018-01-18 15:12:46 +01:00
Gunnar Beutner
71a032579b
Merge pull request #5995 from Icinga/fix/influxdb-requests
...
Fix InfluxDB requests
2018-01-17 10:28:15 +01:00
Noah Hilverling
e19ae4e052
Fix HTTP response parsing for HTTP 1.1
...
refs #5987
2018-01-17 10:25:00 +01:00
Gunnar Beutner
2a9dceb367
Use CMake object libraries for our libs
2018-01-17 04:28:21 +01:00
Gunnar Beutner
c2fb9fe226
Use initializer lists for arrays and dictionaries
2018-01-16 12:27:44 +01:00
Gunnar Beutner
21254fb610
Avoid accessing attributes for validators where not necessary
2018-01-11 08:20:16 +01:00
Michael Friedrich
d073a807b0
API: Add 'pretty' parameter for beautified JSON response bodies
...
fixes #5877
2018-01-08 20:55:36 +01:00
Gunnar Beutner
91c256261a
Apply clang-tidy fix 'modernize-use-default-member-init'
2018-01-04 12:24:58 +01:00
Gunnar Beutner
becfa85094
Apply clang-tidy fix 'modernize-use-emplace'
2018-01-04 12:24:57 +01:00
Gunnar Beutner
e3ad0be769
Apply clang-tidy fix 'modernize-use-auto'
2018-01-04 12:24:57 +01:00
Gunnar Beutner
d6062eefbf
Apply clang-tidy fix 'modernize-raw-string-literal'
2018-01-04 12:24:57 +01:00
Gunnar Beutner
621eed3f13
Apply clang-tidy fix 'modernize-pass-by-value'
2018-01-04 12:24:57 +01:00
Gunnar Beutner
9ca682496c
Apply clang-tidy fix 'modernize-use-override'
2018-01-04 12:24:57 +01:00
Gunnar Beutner
ac155d1dda
Apply clang-tidy fix 'modernize-redundant-void-arg'
2018-01-04 12:24:57 +01:00
Gunnar Beutner
efe99a3e5e
Add the final keyword to classes
2018-01-04 05:20:20 +00:00
Michael Friedrich
cd33b8b508
Merge pull request #5936 from Icinga/feature/source-lists
...
Clean up source lists in the CMakeLists.txt files
2018-01-03 11:59:35 +01:00
Gunnar Beutner
75e2473616
Clean up source lists in the CMakeLists.txt files
2018-01-03 11:47:46 +01:00
Michael Friedrich
0e6f4b1966
Merge pull request #5939 from Icinga/fix/build-fix-wheezy
...
Build fix for Debian wheezy
2018-01-03 11:28:57 +01:00
Gunnar Beutner
abe3f8a959
Build fix for Debian wheezy
2018-01-03 10:32:33 +01:00
Gunnar Beutner
90496b5456
Build libraries as static libraries
2018-01-02 23:29:48 +01:00
Michael Friedrich
1a7e7be6a4
Merge pull request #5925 from Icinga/fix/missing-variable-name
...
Fix missing variable name in ApiListener::Start
2018-01-02 13:48:30 +01:00
Michael Insel
158ae2188e
Change copyright header for 2018
2018-01-02 12:08:55 +01:00
Gunnar Beutner
4ed19d5cf6
Fix missing variable name in ApiListener::Start
...
fixes #5924
refs #5807
2017-12-31 19:12:33 +01:00
Jean Flach
2636e6a77a
Whitespace fix
...
What does this change?
* Remove use of spaces for formatting
These could be found by using `grep -r -l -P '^\t+ +[^*]'
* Removal of training whitespaces
* A few lines longer than 120 chars
2017-12-20 14:53:52 +01:00
Jean Flach
e0bd3d183f
Fix package error message
...
fixes #5879
2017-12-18 11:04:40 +01:00
Gunnar Beutner
ab8386cf5c
Use std::unique_ptr for Expression objects
2017-12-15 10:44:54 +01:00
Gunnar Beutner
1ad83886ac
Replace a few more NULLs with nullptr
2017-12-14 15:37:20 +01:00
Gunnar Beutner
3c5af89d5f
Fix compiler warnings
2017-12-14 09:15:37 +01:00
Gunnar Beutner
42744fde5b
Remove extraneous whitespace
2017-12-14 08:50:09 +01:00
Gunnar Beutner
96e214221d
Remove unused variables
2017-12-14 08:50:09 +01:00
Gunnar Beutner
d42f81ed11
Fix compiler warning introduced by #5753
2017-12-12 11:55:30 +01:00
Gunnar Beutner
75def4b074
Merge pull request #5753 from Icinga/fix/ringbuffer-does-not-get-updated-if-nothing-is-written-5750
...
Fix that RingBuffer does not get updated and add metrics about communication between endpoints
2017-12-12 11:32:18 +01:00
Noah Hilverling
5519626f84
Add metrics about communication between endpoints
...
refs #5509
2017-12-11 10:20:25 +01:00
Michael Friedrich
a72a7b7c89
Merge pull request #5760 from Icinga/fix/http-client-bugs
...
Fix incorrect socket handling for the HTTP client
2017-12-08 12:51:50 +01:00
Michael Friedrich
da056b052b
Merge pull request #5827 from Icinga/feature/replace-statsfunction-with-function
...
Replace StatsFunction with Function
2017-11-30 21:28:32 +01:00
Michael Friedrich
a238613fdc
Merge pull request #5825 from Icinga/feature/boost-assign
...
Replace boost::assign::list_of with initializer lists
2017-11-30 21:20:46 +01:00
Gunnar Beutner
a344f11e6c
Replace StatsFunction with Function
2017-11-30 19:02:25 +01:00
Gunnar Beutner
83f17b5bfa
Replace boost::assign::list_of with initializer lists
2017-11-30 18:09:38 +01:00
Gunnar Beutner
325e4a2fb9
Use nullptr instead of <Type>::Ptr()
2017-11-30 17:47:09 +01:00
Gunnar Beutner
3c60fbf75d
Use std::vector::emplace_back instead of std::vector::push_back
2017-11-30 17:47:09 +01:00
Gunnar Beutner
2e87c280ed
Use initializer lists instead of std::vector::push_back
2017-11-30 17:47:09 +01:00
Gunnar Beutner
9ce950b0f1
Replace boost::ref/boost::cref with std::ref/std::cref
2017-11-30 17:47:09 +01:00
Gunnar Beutner
6739023678
Dynamically create and destroy the timer thread
2017-11-30 17:41:02 +01:00
Gunnar Beutner
6d09efc907
Use std::shared_ptr instead of boost::shared_ptr
2017-11-30 17:41:00 +01:00
Gunnar Beutner
7d7eaa8dd3
Replace boost::thread with std::thread
2017-11-30 17:39:20 +01:00
Gunnar Beutner
f3c825cb86
Merge pull request #5803 from Icinga/feature/cxx11-std-bind
...
Replace boost::bind/boost::function with std::bind/std::function
2017-11-29 08:28:44 +01:00
Michael Friedrich
8e65aa0677
Merge pull request #5804 from Icinga/fix/update-repository-message-error
...
Silence UpdateRepository message errors
2017-11-28 11:27:12 +01:00
Gunnar Beutner
1006ea0433
Fix missing variable name which can lead to segfaults
2017-11-27 16:06:59 +01:00
Gunnar Beutner
858873b940
Replace boost::bind/boost::function with std::bind/std::function
2017-11-27 15:15:11 +01:00
Michael Friedrich
cf16324320
Silence UpdateRepository message errors
...
Mixed setups with 2.8 and 2.7 will log this error every time
a new message is received. While this is truly an error,
it just fills the log to infinity. Should be used for debug only.
fixes #5776
2017-11-27 12:09:42 +01:00
Gunnar Beutner
52692a008e
Fix incorrect socket handling for the HTTP client
2017-11-15 09:53:38 +01:00
Noah Hilverling
054faa54d5
Return bytes sent/written in SendMessage() and WriteStringToStream()
...
refs #5509
2017-11-14 08:18:23 +01:00
Gunnar Beutner
2bbb5366fd
Merge pull request #5620 from Icinga/fix/api-staging-3668
...
WIP: Ensure that the REST API config package/stage creation is atomic
2017-10-24 12:51:09 +02:00
Gunnar Beutner
f2d437e96c
Implement support for migrating certificates to /var/lib/icinga2/certs
...
This commit includes documentation too.
Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-10-20 14:06:02 +02:00
Jean Flach
aad96d6b09
Improve error message for unknow functions
...
refs #5686
2017-10-18 11:25:38 +02:00
Michael Friedrich
77ecdbd85c
Merge pull request #5581 from Icinga/fix/api-crash-race-condition
...
Fix possible race condition in ApiListener locking
2017-10-12 13:40:59 +02:00
Michael Friedrich
a521f49803
Fix debug builds on Apple Clang 9.0.0 (macOS High Sierra)
2017-10-02 13:49:42 +02:00
Gunnar Beutner
92727d13c7
Fix a build warning
...
refs #5443
2017-09-25 12:15:59 +02:00
Michael Friedrich
953d840cc1
Fix certificate paths for installers
...
refs #5450
2017-09-22 15:00:45 +02:00
Michael Friedrich
601c10b997
Remove bottom-up CLI commands
...
refs #4799
2017-09-22 14:04:43 +02:00
Jean Flach
79166a31d4
Revert "Add Log Warning in case active-stage is empty"
...
This reverts commit 287f72b0a0
.
2017-09-21 13:54:29 +02:00
Jean Flach
287f72b0a0
Add Log Warning in case active-stage is empty
...
Maybe Critical instead? Throwing an exception seems unnecessary.
refs #3668
2017-09-20 17:57:14 +02:00
Jean Flach
ef5013b903
Use locks in api config staging
...
refs #3668
2017-09-20 16:45:09 +02:00
ryanohnemus
1cb39994a5
API: Add optional reload parameter to config stage upload
...
You can now specify a boolean `reload` attribute that
will allow you to skip the icinga2 reload after config
validation. By default this is set to true.
The response text has been updated to show if icinga2
will reload or if it was requested to be skipped.
fixes #4769
2017-09-20 14:16:55 +02:00
Michael Friedrich
7bdeeeadcf
Silence log level for configuration file updates
...
This only helps with debugging the configuration sync, but seems
to be highlighted quite often in default configurations (where
the timestamp is equal).
refs #5566
2017-09-20 13:30:02 +02:00
Noah Hilverling
94fe1b2292
HttpServerConnection: Implement CORS support
...
fixes #4326
2017-09-20 13:18:29 +02:00
Michael Friedrich
9948bee51c
Fix API crash with race condition on locks
...
This was split from #5416 and #5419 .
More patches from #5419 are pending.
refs #5419
refs #5418
refs #5416
refs #5408
refs #5148
refs #5007
refs #4968
refs #4910
2017-09-18 15:25:29 +02:00
Gunnar Beutner
80421e4619
Build fix for OpenSSL < 1.0.2
...
refs #5450
2017-09-12 13:09:16 +02:00
Michael Friedrich
578dcbe861
Add some more verbose logging details
...
refs #5450
2017-09-12 12:52:50 +02:00
Michael Friedrich
501ade374c
Remove debug logging, fix ticket path, enhance logging
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
88e57f7fd4
Implement support for cleaning up certificate requests
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
2fec16952d
Remove unused code
...
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich
181b91b759
Enhance logging for certificate requests
...
Examples:
https://github.com/Icinga/icinga2/issues/5450#issuecomment-327479874
This also adds code comments where applicable.
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich
ce88e89cc0
Fix wrong cert path for CLI commands
...
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich
8040bda2e1
Change directory layout to /var/lib/icinga2/{ca,certs,certificate_requests}
...
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich
88b4a54e6b
Fix ticket hash calculation for indirectly connected clients
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
c02742925e
Refactor PkiUtility class
...
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich
1e7860f2b1
Implement ApiListener::Get*Dir() functions
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
6a533796e5
Update output format for the new CLI commands
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
774936bfe8
Implement support for pki::UpdateCertificate messages
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
623208d617
Implement support for forwarding certificate requests
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
03f5ccd252
Implement support for cleaning up expired API callbacks
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
cc43dc734b
Refuse to sign certificate if it already has the correct chain and doesn’t expire soon
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
440f848c7c
Improve error handling for JSON-RPC calls
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
a8cc0a601b
Add missing _unlink() calls for Windows
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
cb49ac1264
Delete ticket file once we have a signed certificate
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
4cfbf6eb17
Disconnect all clients when we update our own certificate
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
439251532e
Implement support for saving client tickets
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
192502f9e5
Implement support for reloading SSL certificates without a restart
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
0ec07bce51
Implement support for updating client certificates
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
a4684d1bfd
Implement support for sending pki::RequestCertificate messages in the cluster
...
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner
510e2d622a
Implement support for ticket-less certificate requests
...
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich
344b047ea0
Move Base64 class into libbase
...
refs #5538
2017-09-12 12:52:49 +02:00
Michael Friedrich
9e17ff874b
Logs: Change config sync update to highlight an information, not an error
...
fixes #5484
2017-09-12 12:52:49 +02:00
Gunnar Beutner
b316de8aea
Implement additional logging for the JsonRpc class
2017-09-12 12:52:49 +02:00
Jean Flach
de51966f52
Don't sent scheme and hostname in request
2017-09-06 16:01:02 +02:00
Michael Friedrich
873a553a4f
Enhance client connect/sync logging and include bytes/zone in logs
...
refs #5513
2017-08-21 11:31:24 +02:00
Stefar77
6b66e332fb
API: Fix requested attrs/joins/meta type errors in object query response
...
fixes #5377
Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-08-11 16:23:29 +02:00
Jean Flach
39c24e9ec9
Add check_nscp_api plugin for NSClient++ API checks
...
refs #4721
2017-06-13 21:17:16 +02:00
Gunnar Beutner
1fd2695e02
Fix compiler warnings
...
refs #5287
2017-05-29 09:13:19 +02:00
Michael Friedrich
d0dcb8a658
ApiListener: Handle zero JSON-RPC WQs gracefully for stats
...
refs #5266
refs #5133
2017-05-26 17:02:36 +02:00
Michael Friedrich
d366a63510
Add API & Cluster stats to /v1/status & icinga check performance metrics
...
refs #5133
2017-05-24 16:21:05 +02:00
Michael Friedrich
3753f53a67
Fix cluster crash w/ config sync
...
refs #5212
2017-05-12 10:48:11 +02:00
Gunnar Beutner
1c255140b5
Merge pull request #5242 from Icinga/feature/object-decl-expr
...
Allow expressions for the type in object/template declarations
fixes #5242
2017-05-11 14:30:29 +02:00
Gunnar Beutner
d05b7c4178
Allow expressions for the type in object/template declarations
2017-05-11 14:21:30 +02:00
Simon Murray
fc2c2d9a29
Verbose InfluxDB Error Logging
...
On a non 204 response we parse the HTTP response until complete e.g. do the headers
and body, not just the header. A new interface is added to the response to allow us
to determine the body size so that it may be read out and buffered. The body is
parsed and any error message printed out. In the event that the parsing fails the
raw body is dumped out; better than nothing!
fixes #4411
Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-05-11 12:13:41 +02:00
Michael Friedrich
f9e0fd2e3e
Beautify some log message for cluster config sync
...
refs #5212
2017-05-04 15:21:32 +02:00
Jean Flach
7c70d51b27
Add a few extra log messages
...
fixes #5212
2017-05-02 10:54:06 +02:00
Jean Flach
e29e25aefd
Fix timestamp path
...
fixes #5211
2017-05-02 10:30:42 +02:00
Andreas Scherbaum
775bee8fe1
Replace http:// links with https:// links where a secure website exists
...
Leave out tests and third party tools, and license strings
fixes #5151
Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-04-20 11:33:27 +02:00
Jean Flach
1459970986
Add missing header
...
fixes #5135
2017-04-05 10:26:54 +02:00