Commit Graph

880 Commits

Author SHA1 Message Date
Alexander A. Klimov 7bcbd9b497 Rename Zone#GetAllParents() to Zone#GetAllParentsRaw() 2018-08-08 14:38:02 +02:00
Markus Frosch 9fbc40615a Improve path handling in cmake and daemon 2018-08-07 14:10:26 +02:00
Michael Friedrich 1d22b6e176
Merge pull request #6410 from Icinga/remove-dead-code
Remove unused code
2018-07-27 15:56:52 +02:00
Markus Frosch ddc5b951b3
Revert "Implement support for the --env command-line argument" 2018-07-26 17:09:06 +02:00
Michael Friedrich 46e71a83dc
Merge pull request #6414 from Icinga/feature/icinga-envs
Implement support for the --env command-line argument
2018-07-26 10:09:42 +02:00
Michael Friedrich 038b2fb94c
Merge pull request #6379 from Icinga/global-zone-validation
Throw config error when using global zones as parent
2018-07-26 10:01:46 +02:00
Jean Flach 2b44eff8da Fix "Discard" message being warning 2018-07-26 09:39:03 +02:00
Alexander A. Klimov ac6afadb5a Make HttpServerConnection#m_DataHandlerMutex a boost::recursive_mutex
refs #6428
2018-07-09 14:40:32 +02:00
Gunnar Beutner c577554073 Implement support for the --env command-line argument 2018-06-27 13:15:52 +02:00
Jean Flach 4159682cf8 Remove unused code
These methods and types were used only by the Icinga Studio
2018-06-25 10:09:30 +02:00
Michael Friedrich a1c2eb3d87 Ensure to _unlink before renaming replay log on Windows 2018-06-22 11:12:09 +02:00
Michael Friedrich 0ffb8af8e3 Conform to RFC for CRLF in HTTP requests
refs #6242
2018-06-21 16:53:44 +02:00
Michael Friedrich cfd6c79a03
Merge pull request #6387 from Icinga/fix/remove-broken-api-user-hash
Remove ApiUser password_hash functionality
2018-06-19 14:26:32 +02:00
Michael Friedrich 2fd6709952 Remove ApiUser password_hash functionality
This affects and fixes

- Windows reload
- Config validation
- RHEL 7.5 OpenSSL memory corruption
- Hash algorithm, requested changes

refs #6378
refs #6279
refs #6278
2018-06-19 11:32:03 +02:00
Alexander A. Klimov a0fca599da HttpRequest#ParseBody(): indicate success on complete body
refs #6184
2018-06-18 16:02:22 +02:00
Jean Flach ee9be90fa7 Throw config error when using global zones as parent 2018-06-15 14:40:09 +02:00
Michael Friedrich 8c3c4704d2
Merge pull request #6371 from Icinga/bugfix/socket-io-handling-with-http-json-rpc-6361
ApiListener#NewClientHandlerInternal(): Explicitly close the TLS stream on any failure
2018-06-15 14:35:48 +02:00
Michael Friedrich b9bfe70444 Fix missing name for workqueue while creating runtime objects via API
fixes #6364
2018-06-15 14:25:03 +02:00
Alexander A. Klimov 7741517df7 ApiListener#NewClientHandlerInternal(): Explicitly close the TLS stream on any failure
refs #6361
2018-06-14 15:03:04 +02:00
Michael Friedrich 447dad91c0 Increase header size to 8KB for HTTP requests
This is the default for Tomcat and Apache too
and avoids problems with cookies and long URLs.

fixes #6355
2018-06-06 20:25:36 +02:00
Michael Friedrich f788878f79 Update log message for skipped certificate renewal
Users kept asking about it, still it is just an "information"
that this isn't needed yet.
2018-05-18 17:04:03 +02:00
Michael Friedrich 7f579db9af
Merge pull request #6305 from gunnarbeutner/feature/environment-variable
Introduce the 'Environment' variable
2018-05-15 14:04:50 +02:00
Gunnar Beutner 9c1e00eb94 Introduce the 'Environment' variable 2018-05-15 12:02:15 +02:00
Michael Friedrich f070d2136a Ensure that user input for groups is unique on API object creation
refs #4732
2018-05-09 17:26:10 +02:00
Jean Flach c54e042942 Add activation priorities for config object types
This patch ensures that specific configuration types
are pre-activated and post-activated. In general,
logging is first, then common configuration objects
like host/service, downtimes, etc.
In the end, all features are activated after to ensure
that notifications are only sent once downtimes are applied.
A similar thing happens for starting with checks too early.
The ApiListener feature runs first to allow cluster connections
at first glance.

fixes #6057
fixes #6231
2018-05-04 11:25:47 +02:00
Michael Friedrich a8b5d8e64a
Merge pull request #6205 from Icinga/feature/api-verbose-errors
API: Unify verbose error messages
2018-04-17 16:40:11 +02:00
Jan Beich 106be295eb Explicitly use long with boost::posix_time
In file included from lib/base/base_unity.cpp:61:
lib/base/timer.cpp:295:31: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
                        l_TimerCV.timed_wait(lock, boost::posix_time::milliseconds(wait * 1000));
                                                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from lib/remote/remote_unity.cpp:19:
lib/remote/eventqueue.cpp:111:30: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
                if (!m_CV.timed_wait(lock, boost::posix_time::milliseconds(timeout * 1000)))
                                           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from lib/checker/checker_unity.cpp:1:
lib/checker/checkercomponent.cpp:128:26: error: no matching conversion for functional-style cast from 'double' to 'boost::posix_time::milliseconds' (aka 'subsecond_duration<boost::posix_time::time_duration, 1000>')
                        m_CV.timed_wait(lock, boost::posix_time::milliseconds(wait * 1000));
                                              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/local/include/boost/date_time/time_duration.hpp:270:30: note: candidate constructor (the implicit copy constructor) not viable: no known conversion from 'double' to 'const boost::date_time::subsecond_duration<boost::posix_time::time_duration, 1000>' for 1st argument
  class BOOST_SYMBOL_VISIBLE subsecond_duration : public base_duration
                             ^
/usr/local/include/boost/date_time/time_duration.hpp:270:30: note: candidate constructor (the implicit move constructor) not viable: no known conversion from 'double' to 'boost::date_time::subsecond_duration<boost::posix_time::time_duration, 1000>' for 1st argument
/usr/local/include/boost/date_time/time_duration.hpp:286:59: note: candidate template ignored: disabled by 'enable_if' [with T = double]
                                typename boost::enable_if<boost::is_integral<T>, void>::type* = 0) :
                                                          ^
2018-04-15 04:06:11 +00:00
Michael Friedrich b53685db59 Fix error handling on config package delete 2018-04-12 19:24:08 +02:00
Michael Friedrich 194c99a86e Allow to disable brackets for the Url class and Format()
This commit also adds unit tests.

refs #5706
2018-04-06 15:22:17 +02:00
Michael Friedrich 1b31ec8378 Fix verbose errors in config files handler 2018-04-06 12:55:03 +02:00
Michael Friedrich 17846e04d8 Fix verbose error message in modify object handler 2018-04-06 12:52:17 +02:00
Michael Friedrich 6b2decb44b Fix verbose error handling in variable and template query handlers 2018-04-06 12:50:06 +02:00
Noah Hilverling 24752f3733
Merge pull request #6204 from Icinga/fix/api-create-object-exists-errors
API: Check if objects exists and return proper error message
2018-04-06 12:47:31 +02:00
Michael Friedrich 3e83e94c15 Fix object and status query verbose errors 2018-04-06 12:47:20 +02:00
Michael Friedrich bd7598cb1b API: Check if objects exists and return proper error message 2018-04-06 12:32:27 +02:00
Michael Friedrich c4a6ab0211 Add diagnostic_information as verbose error to config object handlers 2018-04-06 12:26:49 +02:00
Jean Flach 6d81c5c34f
Merge pull request #6199 from Icinga/fix/action-http-code
Return 500 when no api action is successful
2018-04-06 11:20:43 +02:00
Jean Flach f133c7914e Build fix 2018-04-06 10:43:33 +02:00
Michael Friedrich a00197e919 Refactor actions error messages 2018-04-06 10:30:27 +02:00
Michael Friedrich 4bf731fc16 More config stages refactoring 2018-04-06 10:13:08 +02:00
Noah Hilverling 22c3a7933e Fix API action status codes 2018-04-06 10:06:15 +02:00
Michael Friedrich 36cdf8a0d2 More refactoring of config packages errors 2018-04-06 09:53:54 +02:00
Michael Friedrich de2d18d85d Enhance error handling in type query handler 2018-04-05 17:23:26 +02:00
Michael Friedrich 7f015c0d2f Enhance error handling in config packages handler 2018-04-05 17:21:14 +02:00
Michael Friedrich 75c5e6f6b0 Enhance error handling in config stages handler 2018-04-05 17:17:30 +02:00
Michael Friedrich 1dd8409691 Check for verbose error handling in SendJsonError() 2018-04-05 17:17:06 +02:00
Jean Flach 9b291be989 Return 500 when no api action is successful
fixes #5095
2018-04-05 15:56:06 +02:00
Jean Flach 69ea2f3a64 Fix crash in remote api console 2018-04-04 12:23:45 +02:00
Michael Friedrich b11ab95f41 Fix crash without CORS config settings
fixes #6173
refs #6098
2018-03-21 20:42:31 +01:00
Michael Friedrich 064fc80cc3
Merge pull request #6098 from Icinga/fix/improve-cors-implementation
Clean up CORS implementation
2018-03-19 16:00:36 +01:00
Michael Friedrich 429f518b49 Improve error handling for empty packages in /v1/config/packages
- If there is no package main directory, assume "empty packages".
- Catch exceptions thrown through GlobRecursive() and present a better http 500
to the user.

The packages directory tree is automatically created with the first
package creation, either from the user, or by the `_api` package.

fixes #6129
2018-03-07 13:35:09 +01:00
Gunnar Beutner 9cd5298d8b Ensure that SetCorked() works properly 2018-03-06 09:03:35 +01:00
Gunnar Beutner b172a67867 Fix incorrect argument type for JsonRpc::SendMessage 2018-03-06 08:58:19 +01:00
Jean Flach 1bdd14b428 Limit anonymous connections to 25 2018-03-05 13:22:43 +01:00
Noah Hilverling 54ff60cd8c Limit JSON-RPC message size 2018-03-05 10:29:05 +01:00
Noah Hilverling 186cad9872 Clean up CORS implementation 2018-03-01 14:04:56 +01:00
Gunnar Beutner d23c03bfa5
Merge pull request #6134 from gunnarbeutner/fix/incorrect-content-length-limits
Fix incorrect HTTP content length limits
2018-02-28 14:16:15 +01:00
Gunnar Beutner a3bf8cd26e
Merge pull request #6133 from Icinga/fix/cork-socket
Limit the number of HTTP/JSON-RPC requests we read in parallel
2018-02-28 12:48:06 +01:00
Gunnar Beutner 45c2803f3e Fix incorrect HTTP content length limits 2018-02-28 12:28:02 +01:00
Gunnar Beutner c1837ea90b
Merge pull request #6131 from Icinga/feature/log-master-ticket-invalid
Log which ticket was invalid on the master
2018-02-28 12:22:34 +01:00
Gunnar Beutner 6848af50ff Add SetCorked() calls to the JsonRpcConnection class 2018-02-28 11:42:05 +01:00
Jean Flach d0cf7c654e Use cork in tlsstream and HTTP connection 2018-02-28 11:40:58 +01:00
Gunnar Beutner a4a73fa67c Fix null ptr dereference in HttpServerConnection::ProcessMessageAsync 2018-02-28 11:07:19 +01:00
Gunnar Beutner 6d01808adf Fix incorrect return value 2018-02-28 10:50:33 +01:00
Michael Friedrich ad31e0d118 Log which ticket was invalid on the master
This helps debugging a lot, especially to reproduce the issue
why the ticket is invalid.
2018-02-28 10:18:29 +01:00
Jean Flach ef5e7e8510 Fix incorrect size of request limits
refs #6103
2018-02-23 14:29:18 +01:00
Jean Flach 6bb2ed4258 Merge branch 'feature/security-features' 2018-02-21 16:19:54 +01:00
Jean Flach 184580f705
Merge pull request #6103 from Icinga/fix/http-security-fixes
HTTP Security fixes
2018-02-21 15:04:02 +01:00
Jean Flach 85f45d9b94 Minor codestyle and doc changes 2018-02-21 14:52:44 +01:00
Noah Hilverling 64ffe4f840 Fix nullptr posibility in ProcessEvent 2018-02-21 13:47:46 +01:00
Noah Hilverling 948333225d Fix nullptr deref in cluster events 2018-02-21 13:47:46 +01:00
Noah Hilverling 2823ebb831 Limit HTTP body size 2018-02-20 13:32:04 +01:00
Noah Hilverling 817415f6a5 Fix requests not being closed correctly 2018-02-20 13:32:04 +01:00
Jean Flach 8ffa4f04a7 Add timeout for TLS handshakes 2018-02-20 13:32:04 +01:00
Jean Flach ee5954726d Authenticate API user before parsing body 2018-02-20 13:32:04 +01:00
Jean Flach 73b85bcccb Only read body from authenticated connections
This means we are not allowing unauthenticated requests anymore
2018-02-20 13:32:04 +01:00
Jean Flach 81c4004894 Fix nullptr deref 2018-02-20 13:32:04 +01:00
Gunnar Beutner a9f2a8de19 Add HTTP Header size limits 2018-02-20 13:32:04 +01:00
Gunnar Beutner 2789d1a859 Add validation for HTTP connection sizes 2018-02-20 13:32:04 +01:00
Gunnar Beutner 8a8d42b154 Remove redundant 'this->' 2018-02-19 08:08:16 +01:00
Jean Flach 0a0795f09d Code style 2018-02-16 11:47:13 +01:00
Jean Flach df86245fe8 Fix crash when using incorrectly formatted password hash 2018-02-15 13:09:22 +01:00
Jean Flach 65a806f5dc Move new password functions into tlsutility 2018-02-15 13:09:22 +01:00
Jean Flach 92e2faaa08 Hash API password and comparison
fixes #4920
2018-02-15 13:09:22 +01:00
Michael Friedrich ad7e801db9 Fix crash with anonymous clients on certificate signing request and storing sent bytes
refs #5753
2018-02-09 17:18:20 +01:00
Jean Flach cc73eed2af
Merge pull request #5992 from Icinga/feature/remove-includes
Remove unused includes
2018-01-25 09:13:02 +01:00
Gunnar Beutner 0cc9af6bee Remove duplicate semicolons 2018-01-24 12:07:52 +01:00
Gunnar Beutner 94e6be1a65 Remove unused includes 2018-01-22 09:52:29 +01:00
Jean Flach 1da6b2c883 Fix whitespaces in CMakeLists files
Uses 2 space indentation as standard
2018-01-19 09:19:40 +01:00
Gunnar Beutner 9d436605f0 Fix compatibility with CMake < 3.1 2018-01-18 15:12:46 +01:00
Gunnar Beutner 71a032579b
Merge pull request #5995 from Icinga/fix/influxdb-requests
Fix InfluxDB requests
2018-01-17 10:28:15 +01:00
Noah Hilverling e19ae4e052 Fix HTTP response parsing for HTTP 1.1
refs #5987
2018-01-17 10:25:00 +01:00
Gunnar Beutner 2a9dceb367 Use CMake object libraries for our libs 2018-01-17 04:28:21 +01:00
Gunnar Beutner c2fb9fe226 Use initializer lists for arrays and dictionaries 2018-01-16 12:27:44 +01:00
Gunnar Beutner 21254fb610 Avoid accessing attributes for validators where not necessary 2018-01-11 08:20:16 +01:00
Michael Friedrich d073a807b0 API: Add 'pretty' parameter for beautified JSON response bodies
fixes #5877
2018-01-08 20:55:36 +01:00
Gunnar Beutner 91c256261a Apply clang-tidy fix 'modernize-use-default-member-init' 2018-01-04 12:24:58 +01:00
Gunnar Beutner becfa85094 Apply clang-tidy fix 'modernize-use-emplace' 2018-01-04 12:24:57 +01:00
Gunnar Beutner e3ad0be769 Apply clang-tidy fix 'modernize-use-auto' 2018-01-04 12:24:57 +01:00
Gunnar Beutner d6062eefbf Apply clang-tidy fix 'modernize-raw-string-literal' 2018-01-04 12:24:57 +01:00
Gunnar Beutner 621eed3f13 Apply clang-tidy fix 'modernize-pass-by-value' 2018-01-04 12:24:57 +01:00
Gunnar Beutner 9ca682496c Apply clang-tidy fix 'modernize-use-override' 2018-01-04 12:24:57 +01:00
Gunnar Beutner ac155d1dda Apply clang-tidy fix 'modernize-redundant-void-arg' 2018-01-04 12:24:57 +01:00
Gunnar Beutner efe99a3e5e Add the final keyword to classes 2018-01-04 05:20:20 +00:00
Michael Friedrich cd33b8b508
Merge pull request #5936 from Icinga/feature/source-lists
Clean up source lists in the CMakeLists.txt files
2018-01-03 11:59:35 +01:00
Gunnar Beutner 75e2473616 Clean up source lists in the CMakeLists.txt files 2018-01-03 11:47:46 +01:00
Michael Friedrich 0e6f4b1966
Merge pull request #5939 from Icinga/fix/build-fix-wheezy
Build fix for Debian wheezy
2018-01-03 11:28:57 +01:00
Gunnar Beutner abe3f8a959 Build fix for Debian wheezy 2018-01-03 10:32:33 +01:00
Gunnar Beutner 90496b5456 Build libraries as static libraries 2018-01-02 23:29:48 +01:00
Michael Friedrich 1a7e7be6a4
Merge pull request #5925 from Icinga/fix/missing-variable-name
Fix missing variable name in ApiListener::Start
2018-01-02 13:48:30 +01:00
Michael Insel 158ae2188e Change copyright header for 2018 2018-01-02 12:08:55 +01:00
Gunnar Beutner 4ed19d5cf6 Fix missing variable name in ApiListener::Start
fixes #5924
refs #5807
2017-12-31 19:12:33 +01:00
Jean Flach 2636e6a77a Whitespace fix
What does this change?
* Remove use of spaces for formatting
These could be found by using `grep -r -l -P '^\t+ +[^*]'
* Removal of training whitespaces
* A few lines longer than 120 chars
2017-12-20 14:53:52 +01:00
Jean Flach e0bd3d183f Fix package error message
fixes #5879
2017-12-18 11:04:40 +01:00
Gunnar Beutner ab8386cf5c Use std::unique_ptr for Expression objects 2017-12-15 10:44:54 +01:00
Gunnar Beutner 1ad83886ac Replace a few more NULLs with nullptr 2017-12-14 15:37:20 +01:00
Gunnar Beutner 3c5af89d5f Fix compiler warnings 2017-12-14 09:15:37 +01:00
Gunnar Beutner 42744fde5b Remove extraneous whitespace 2017-12-14 08:50:09 +01:00
Gunnar Beutner 96e214221d Remove unused variables 2017-12-14 08:50:09 +01:00
Gunnar Beutner d42f81ed11 Fix compiler warning introduced by #5753 2017-12-12 11:55:30 +01:00
Gunnar Beutner 75def4b074
Merge pull request #5753 from Icinga/fix/ringbuffer-does-not-get-updated-if-nothing-is-written-5750
Fix that RingBuffer does not get updated and add metrics about communication between endpoints
2017-12-12 11:32:18 +01:00
Noah Hilverling 5519626f84 Add metrics about communication between endpoints
refs #5509
2017-12-11 10:20:25 +01:00
Michael Friedrich a72a7b7c89
Merge pull request #5760 from Icinga/fix/http-client-bugs
Fix incorrect socket handling for the HTTP client
2017-12-08 12:51:50 +01:00
Michael Friedrich da056b052b
Merge pull request #5827 from Icinga/feature/replace-statsfunction-with-function
Replace StatsFunction with Function
2017-11-30 21:28:32 +01:00
Michael Friedrich a238613fdc
Merge pull request #5825 from Icinga/feature/boost-assign
Replace boost::assign::list_of with initializer lists
2017-11-30 21:20:46 +01:00
Gunnar Beutner a344f11e6c Replace StatsFunction with Function 2017-11-30 19:02:25 +01:00
Gunnar Beutner 83f17b5bfa Replace boost::assign::list_of with initializer lists 2017-11-30 18:09:38 +01:00
Gunnar Beutner 325e4a2fb9 Use nullptr instead of <Type>::Ptr() 2017-11-30 17:47:09 +01:00
Gunnar Beutner 3c60fbf75d Use std::vector::emplace_back instead of std::vector::push_back 2017-11-30 17:47:09 +01:00
Gunnar Beutner 2e87c280ed Use initializer lists instead of std::vector::push_back 2017-11-30 17:47:09 +01:00
Gunnar Beutner 9ce950b0f1 Replace boost::ref/boost::cref with std::ref/std::cref 2017-11-30 17:47:09 +01:00
Gunnar Beutner 6739023678 Dynamically create and destroy the timer thread 2017-11-30 17:41:02 +01:00
Gunnar Beutner 6d09efc907 Use std::shared_ptr instead of boost::shared_ptr 2017-11-30 17:41:00 +01:00
Gunnar Beutner 7d7eaa8dd3 Replace boost::thread with std::thread 2017-11-30 17:39:20 +01:00
Gunnar Beutner f3c825cb86
Merge pull request #5803 from Icinga/feature/cxx11-std-bind
Replace boost::bind/boost::function with std::bind/std::function
2017-11-29 08:28:44 +01:00
Michael Friedrich 8e65aa0677
Merge pull request #5804 from Icinga/fix/update-repository-message-error
Silence UpdateRepository message errors
2017-11-28 11:27:12 +01:00
Gunnar Beutner 1006ea0433 Fix missing variable name which can lead to segfaults 2017-11-27 16:06:59 +01:00
Gunnar Beutner 858873b940 Replace boost::bind/boost::function with std::bind/std::function 2017-11-27 15:15:11 +01:00
Michael Friedrich cf16324320 Silence UpdateRepository message errors
Mixed setups with 2.8 and 2.7 will log this error every time
a new message is received. While this is truly an error,
it just fills the log to infinity. Should be used for debug only.

fixes #5776
2017-11-27 12:09:42 +01:00
Gunnar Beutner 52692a008e Fix incorrect socket handling for the HTTP client 2017-11-15 09:53:38 +01:00
Noah Hilverling 054faa54d5 Return bytes sent/written in SendMessage() and WriteStringToStream()
refs #5509
2017-11-14 08:18:23 +01:00
Gunnar Beutner 2bbb5366fd Merge pull request #5620 from Icinga/fix/api-staging-3668
WIP: Ensure that the REST API config package/stage creation is atomic
2017-10-24 12:51:09 +02:00
Gunnar Beutner f2d437e96c Implement support for migrating certificates to /var/lib/icinga2/certs
This commit includes documentation too.

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-10-20 14:06:02 +02:00
Jean Flach aad96d6b09 Improve error message for unknow functions
refs #5686
2017-10-18 11:25:38 +02:00
Michael Friedrich 77ecdbd85c Merge pull request #5581 from Icinga/fix/api-crash-race-condition
Fix possible race condition in ApiListener locking
2017-10-12 13:40:59 +02:00
Michael Friedrich a521f49803 Fix debug builds on Apple Clang 9.0.0 (macOS High Sierra) 2017-10-02 13:49:42 +02:00
Gunnar Beutner 92727d13c7 Fix a build warning
refs #5443
2017-09-25 12:15:59 +02:00
Michael Friedrich 953d840cc1 Fix certificate paths for installers
refs #5450
2017-09-22 15:00:45 +02:00
Michael Friedrich 601c10b997 Remove bottom-up CLI commands
refs #4799
2017-09-22 14:04:43 +02:00
Jean Flach 79166a31d4 Revert "Add Log Warning in case active-stage is empty"
This reverts commit 287f72b0a0.
2017-09-21 13:54:29 +02:00
Jean Flach 287f72b0a0 Add Log Warning in case active-stage is empty
Maybe Critical instead? Throwing an exception seems unnecessary.

refs #3668
2017-09-20 17:57:14 +02:00
Jean Flach ef5013b903 Use locks in api config staging
refs #3668
2017-09-20 16:45:09 +02:00
ryanohnemus 1cb39994a5 API: Add optional reload parameter to config stage upload
You can now specify a boolean `reload` attribute that
will allow you to skip the icinga2 reload after config
validation. By default this is set to true.

The response text has been updated to show if icinga2
will reload or if it was requested to be skipped.

fixes #4769
2017-09-20 14:16:55 +02:00
Michael Friedrich 7bdeeeadcf Silence log level for configuration file updates
This only helps with debugging the configuration sync, but seems
to be highlighted quite often in default configurations (where
the timestamp is equal).

refs #5566
2017-09-20 13:30:02 +02:00
Noah Hilverling 94fe1b2292 HttpServerConnection: Implement CORS support
fixes #4326
2017-09-20 13:18:29 +02:00
Michael Friedrich 9948bee51c Fix API crash with race condition on locks
This was split from #5416 and #5419.

More patches from #5419 are pending.

refs #5419
refs #5418
refs #5416

refs #5408
refs #5148
refs #5007
refs #4968
refs #4910
2017-09-18 15:25:29 +02:00
Gunnar Beutner 80421e4619 Build fix for OpenSSL < 1.0.2
refs #5450
2017-09-12 13:09:16 +02:00
Michael Friedrich 578dcbe861 Add some more verbose logging details
refs #5450
2017-09-12 12:52:50 +02:00
Michael Friedrich 501ade374c Remove debug logging, fix ticket path, enhance logging
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 88e57f7fd4 Implement support for cleaning up certificate requests
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 2fec16952d Remove unused code
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich 181b91b759 Enhance logging for certificate requests
Examples:
https://github.com/Icinga/icinga2/issues/5450#issuecomment-327479874

This also adds code comments where applicable.

refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich ce88e89cc0 Fix wrong cert path for CLI commands
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich 8040bda2e1 Change directory layout to /var/lib/icinga2/{ca,certs,certificate_requests}
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich 88b4a54e6b Fix ticket hash calculation for indirectly connected clients
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner c02742925e Refactor PkiUtility class
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich 1e7860f2b1 Implement ApiListener::Get*Dir() functions
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 6a533796e5 Update output format for the new CLI commands
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 774936bfe8 Implement support for pki::UpdateCertificate messages
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 623208d617 Implement support for forwarding certificate requests
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 03f5ccd252 Implement support for cleaning up expired API callbacks
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner cc43dc734b Refuse to sign certificate if it already has the correct chain and doesn’t expire soon
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 440f848c7c Improve error handling for JSON-RPC calls
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner a8cc0a601b Add missing _unlink() calls for Windows
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner cb49ac1264 Delete ticket file once we have a signed certificate
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 4cfbf6eb17 Disconnect all clients when we update our own certificate
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 439251532e Implement support for saving client tickets
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 192502f9e5 Implement support for reloading SSL certificates without a restart
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 0ec07bce51 Implement support for updating client certificates
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner a4684d1bfd Implement support for sending pki::RequestCertificate messages in the cluster
refs #5450
2017-09-12 12:52:49 +02:00
Gunnar Beutner 510e2d622a Implement support for ticket-less certificate requests
refs #5450
2017-09-12 12:52:49 +02:00
Michael Friedrich 344b047ea0 Move Base64 class into libbase
refs #5538
2017-09-12 12:52:49 +02:00
Michael Friedrich 9e17ff874b Logs: Change config sync update to highlight an information, not an error
fixes #5484
2017-09-12 12:52:49 +02:00
Gunnar Beutner b316de8aea Implement additional logging for the JsonRpc class 2017-09-12 12:52:49 +02:00
Jean Flach de51966f52 Don't sent scheme and hostname in request 2017-09-06 16:01:02 +02:00
Michael Friedrich 873a553a4f Enhance client connect/sync logging and include bytes/zone in logs
refs #5513
2017-08-21 11:31:24 +02:00
Stefar77 6b66e332fb API: Fix requested attrs/joins/meta type errors in object query response
fixes #5377

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-08-11 16:23:29 +02:00
Jean Flach 39c24e9ec9 Add check_nscp_api plugin for NSClient++ API checks
refs #4721
2017-06-13 21:17:16 +02:00
Gunnar Beutner 1fd2695e02 Fix compiler warnings
refs #5287
2017-05-29 09:13:19 +02:00
Michael Friedrich d0dcb8a658 ApiListener: Handle zero JSON-RPC WQs gracefully for stats
refs #5266
refs #5133
2017-05-26 17:02:36 +02:00
Michael Friedrich d366a63510 Add API & Cluster stats to /v1/status & icinga check performance metrics
refs #5133
2017-05-24 16:21:05 +02:00
Michael Friedrich 3753f53a67 Fix cluster crash w/ config sync
refs #5212
2017-05-12 10:48:11 +02:00
Gunnar Beutner 1c255140b5 Merge pull request #5242 from Icinga/feature/object-decl-expr
Allow expressions for the type in object/template declarations

fixes #5242
2017-05-11 14:30:29 +02:00
Gunnar Beutner d05b7c4178 Allow expressions for the type in object/template declarations 2017-05-11 14:21:30 +02:00
Simon Murray fc2c2d9a29 Verbose InfluxDB Error Logging
On a non 204 response we parse the HTTP response until complete e.g. do the headers
and body, not just the header.  A new interface is added to the response to allow us
to determine the body size so that it may be read out and buffered.  The body is
parsed and any error message printed out.  In the event that the parsing fails the
raw body is dumped out; better than nothing!

fixes #4411

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-05-11 12:13:41 +02:00
Michael Friedrich f9e0fd2e3e Beautify some log message for cluster config sync
refs #5212
2017-05-04 15:21:32 +02:00
Jean Flach 7c70d51b27 Add a few extra log messages
fixes #5212
2017-05-02 10:54:06 +02:00
Jean Flach e29e25aefd Fix timestamp path
fixes #5211
2017-05-02 10:30:42 +02:00
Andreas Scherbaum 775bee8fe1 Replace http:// links with https:// links where a secure website exists
Leave out tests and third party tools, and license strings

fixes #5151

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-04-20 11:33:27 +02:00
Jean Flach 1459970986 Add missing header
fixes #5135
2017-04-05 10:26:54 +02:00
Gunnar Beutner 2d9be77260 Clean up the code a bit
refs #4991
2017-03-29 10:17:03 +02:00
Gunnar Beutner 2d6434e96a Improve log message in ConfigObjectUtility::DeleteObjectHelper
refs #5094
2017-03-27 10:46:35 +02:00
Michael Friedrich d3a1f53647 API: Fix error code for invalid 'attrs' type for POST requests
fixes #5043
2017-03-01 11:33:43 +01:00
Gunnar Beutner a75d7d69ec Fix incorrect argument for Application::GetExePath
fixes #4709
2017-02-21 11:00:18 +01:00
Alexander A. Klimov 3cc8982053 Unify the JSON structures of responses to authorized and unauthorized requests
refs #4984
fixes #4988

Signed-off-by: Michael Friedrich <michael.friedrich@icinga.com>
2017-02-09 13:51:40 +01:00
Michael Friedrich 363a7f9dac Fix unauthorized response in REST API when header requests JSON
fixes #4984
2017-02-09 09:13:58 +01:00
Michael Friedrich 905f208332 Log a warning for missing API permissions
fixes #4945
2017-02-08 17:05:53 +01:00
Michael Friedrich e5f5284838 Add logging for started/stopped features
fixes #3557
2017-02-08 15:40:27 +01:00
Michael Friedrich 336deea02f Ensure that api/log is created before attempting to write the current replay log
fixes #4977
2017-02-08 13:06:31 +01:00
Michael Friedrich 4658cb391e Fix logging for discarded cluster messages
fixes #4930
fixes #4969
2017-02-02 13:47:18 +01:00
Michael Friedrich b7caf0820d Ensure that *.icinga.com is used everywhere
fixes #13897
fixes #13277
2017-01-10 17:19:12 +01:00
Michael Friedrich b10a6b75a8 API: Change log level for console endpoint
fixes #11329
2016-12-08 00:59:24 +01:00
Gunnar Beutner fe12a10c89 Remove redundant check
refs #13409
2016-12-06 08:57:27 +01:00
Michael Friedrich 338f5c0be8 Fix crash in CreateObjectHandler::HandleRequest()
fixes #13409
refs #11684
2016-12-05 16:37:31 +01:00
Michael Friedrich ca7f195165 Remove debug log message
refs #11541
2016-11-18 14:00:41 +01:00
Gunnar Beutner f58d3a1838 Fix crash in HttpRequest::Parse
fixes #12667
2016-11-17 09:08:22 +01:00
Michael Friedrich 40d68fcce2 Fix object sync for objects in a global zone
fixes #11541
2016-11-14 14:42:47 +01:00
Michael Friedrich 4b86f69c96 Ensure that runtime created objects are synced on (re)connect
refs #11684
2016-11-11 16:29:37 +01:00
Michael Friedrich 2e2de7c340 Enhance log messages for cluster config sync
refs #11684
2016-11-10 17:44:05 +01:00
Michael Friedrich 72bf538c29 API: Set zone attribute for local zone if not specified
This allows to sync the object to other nodes in the same
zone on reconnect.

refs #11684
2016-11-10 17:16:08 +01:00
Michael Friedrich 5dd4898eb3 Ensure that UpdateConfigObject sets the target zone
refs #11684
2016-11-10 17:15:06 +01:00
Gunnar Beutner d70d7797c8 Add missing call for the base class' Stop() method
refs #11684
2016-10-24 08:40:12 +02:00
Gunnar Beutner 0145a32e58 Fix object resync issues
refs #11684
2016-10-11 10:55:13 +02:00
Jean Flach d264a0dab8 Fix Url Query formatting
fixes #12883
2016-10-10 16:16:52 +02:00
Gunnar Beutner 5cd2fadf2b Fix crash when deleting config files fails
fixes #12860
2016-10-05 14:17:26 +02:00
Gunnar Beutner 5960753015 Build fix for Windows
fixes #12614
2016-09-04 16:53:24 +02:00
Gunnar Beutner 288b354d11 Improve log message for ignored config updates
fixes #12623
2016-09-02 09:35:35 +02:00
Gunnar Beutner 58cdce8d7c Improve error handling for event filters
fixes #12621
2016-09-02 08:51:51 +02:00
Gunnar Beutner 06cb3cf875 Another build fix for Windows
refs #9182
2016-08-31 13:43:50 +02:00
Gunnar Beutner 68dceaab06 Replace boost::exception_ptr with std::exception_ptr
refs #9182
2016-08-30 20:46:23 +02:00
Gunnar Beutner e8b0797ec4 Use 'auto' keyword for iterator declarations (part 2)
refs #12561
2016-08-27 19:56:12 +02:00
Gunnar Beutner 602643b93d Provide location information for objects and templates in the API
fixes #12566
2016-08-27 19:25:38 +02:00
Gunnar Beutner b5b09216c6 Use lambda functions for INITIALIZE_ONCE
fixes #12562
2016-08-27 09:48:36 +02:00
Gunnar Beutner 5058c5d75b Use 'auto' for iterator declarations
fixes #12561
2016-08-27 08:37:19 +02:00
Gunnar Beutner dac0ff9343 Improve config validation for arrays of object names
fixes #12556
2016-08-26 10:36:53 +02:00
Gunnar Beutner 30762e5330 Set versions for all internal libraries
fixes #12552
2016-08-25 17:56:18 +02:00
Gunnar Beutner 288413f046 Replace BOOST_FOREACH with range-based for loops
fixes #12538
2016-08-25 06:46:17 +02:00
Gunnar Beutner 429d11daa8 Fix compiler warnings
fixes #12534
2016-08-24 20:33:34 +02:00
Gunnar Beutner ae1ab5f865 Implement unit tests for state changes
fixes #12530
2016-08-24 19:45:52 +02:00
Gunnar Beutner f4dce0fe72 Fix crash in JsonRpcConnection::MessageHandlerWrapper
fixes #12506
2016-08-22 17:42:59 +02:00
Gunnar Beutner b42bfc822b Fix crash in HttpServerConnection::ProcessMessageAsync
fixes #12493
2016-08-19 20:36:27 +02:00
Gunnar Beutner 8e5961f217 Fix missing permissions and update the documentation
fixes #12483
2016-08-18 19:00:14 +02:00
Gunnar Beutner 730364b600 Fix incorrect certificate validation error message
fixes #12475
2016-08-18 10:23:13 +02:00
Gunnar Beutner b26b3a4f65 Add missing lock
refs #12450
2016-08-17 09:20:05 +02:00
Michael Friedrich 87bc291a55 Fix that HA enabled objects are started before config validation has finished
fixes #12460
2016-08-17 09:19:58 +02:00
Gunnar Beutner 81974adf65 Improve performance for Endpoint config validation
fixes #12450
2016-08-16 13:55:37 +02:00
Gunnar Beutner b7a1b58069 Improve performance for type lookups
fixes #12448
2016-08-16 11:02:33 +02:00
Gunnar Beutner ebaf239d3b Replace GetType()->GetName() calls with GetReflectionType()->GetName()
fixes #12438
2016-08-15 14:42:03 +02:00
Gunnar Beutner 39ded04e1a Improve validation for the command_endpoint attribute
fixes #12432
2016-08-14 22:11:29 +02:00
Gunnar Beutner afc1b9bdc5 Move type variables into the 'Types' namespace
refs #12408
2016-08-12 17:05:19 +02:00
Gunnar Beutner b74014fa5e Fix auto-completion suggestions for "icinga2 console"
refs #12408
2016-08-12 15:36:47 +02:00
Gunnar Beutner 2a40a71ffa Change scoping mechanism for the __using keyword
refs #12408
2016-08-12 13:14:10 +02:00
Gunnar Beutner c5a170a972 Implement support for namespaces
fixes #12408
2016-08-12 11:32:16 +02:00
Gunnar Beutner 43c2ec31ef Windows build fix
fixes #12339
2016-08-09 15:41:27 +02:00
Gunnar Beutner 26d048d6c3 Add version info in /v1
fixes #12327
2016-08-09 08:48:18 +02:00
Gunnar Beutner 231fd8d38b Build fix for CentOS 5
refs #11292
2016-08-08 15:27:16 +02:00
Gunnar Beutner 905380b436 Fix duplicate notifications on HA failover
fixes #12267
2016-08-04 10:12:55 +02:00
Gunnar Beutner bd3660fe5a Build fix for Windows
refs #11292
2016-08-04 06:34:47 +02:00
Uwe Ebel b2ac05ad7d Make the minimum TLS protocol version configurable
The ApiListener accepts all TLS versions that the underlying
OpenSSL library supports. This patch give the ability to restrict
the connection to a minimum TLS version.

fixes #11292

Signed-off-by: Gunnar Beutner <gunnar.beutner@netways.de>
2016-08-03 07:46:50 +02:00
Michael Friedrich b7da28b176 Enhance TLS handshake error messages with connection information
fixes #12287
2016-08-02 12:14:03 +02:00
Gunnar Beutner 92c28548d1 Remove obsolete debug log message
fixes #12254
2016-07-29 07:09:01 +02:00
Michael Friedrich d7903ba800 Enhance client disconnect message for "No data received on new API connection."
fixes #12116

Signed-off-by: Michael Friedrich <michael.friedrich@netways.de>
2016-07-28 17:40:40 +02:00
Gunnar Beutner 55a3dc22bf Log a warning if there are more than 2 zone endpoint members
fixes #12222
2016-07-26 08:10:47 +02:00
Gunnar Beutner 22bb1f406a Fix URL encoding for '&'
fixes #12199
2016-07-25 10:54:17 +02:00
Gunnar Beutner cdda3bad8c Include client IP address and port in HTTP requests
fixes #11706
2016-07-25 09:43:13 +02:00
Gunnar Beutner 45dd027101 Include IP address and port in the "New connection" log message
fixes #12215
2016-07-25 09:31:38 +02:00
Stephan Tesch 431c110056 Improve error reporting for the client certificate check
Until now, client certificates that have failed verification were reported as not being signed by the CA. That is not true for all cases. This patch adds an explanation in the debug log why verification failed.

fixes #12201
2016-07-25 09:22:35 +02:00
Michael Friedrich 2d53cdb845 Improve log message for connecting nodes without configured Endpoint object
fixes #12194
2016-07-21 13:48:00 +02:00
Gunnar Beutner e9605168a1 Increase reconnection timer interval for cluster connections
fixes #12193
2016-07-21 12:27:18 +02:00
Uwe Ebel 1ca8b293cb Make the cipher list configurable for TLS streams
fixes #11063

Signed-off-by: Gunnar Beutner <gunnar.beutner@netways.de>
2016-07-18 13:40:00 +02:00
Gunnar Beutner e3f1c1ec6f Make sure timestamps are formatted as integers in macro strings
refs #11483
2016-06-21 11:29:12 +02:00
Gunnar Beutner c99fb68c2d Implement support for getting a list of global variables from the API
fixes #11955
2016-06-16 08:38:15 +02:00
Gunnar Beutner 28dee2b79b Improve filter support for /v1/templates
refs #11941
2016-06-16 08:38:15 +02:00
Michael Friedrich 2b474823f8 API: Fix that /v1 returns html if json is requested
fixes #10570
2016-06-15 17:46:09 +02:00
Gunnar Beutner 45919b4844 Fix crash in ApiListener::PersistMessage
fixes #11946
2016-06-15 11:26:35 +02:00
Gunnar Beutner ace6882b59 Implement support for retrieving a list of templates from the API
fixes #11941
2016-06-15 07:41:51 +02:00
Gunnar Beutner ff57b0ccd6 Add name attribute for the WorkQueue class
fixes #10816
2016-06-14 09:08:04 +02:00
Gunnar Beutner 9e29a3f8a0 Fix default behavior when none of the specified objects pass the user's permission filter
fixes #11926
2016-06-13 10:14:10 +02:00
Simon Murray 2e8c8809ea Add service metadata to InfluxDB Writer
Adds a new configuration variable in keeping with the graphite writer
which defaults to false to save network bandwidth.  All metrics currently
supported by graphite are now available to InfluxDB.  I added in some
formatting functions, to handle integers and booleans as we know and
control their types, and the supporting regexes in the sanity checker.

Updating to InfluxDB 0.13.X started giving 400 errors due to the missing
Host header in HTTP/1.1 requests.  HttpRequest has been updated to auto-
magically add the host and port to these requests if not explicitly
stated by the client code.

The exception code has been cleaned up to break out of the function
early if such a condition is raised, this avoids unnecessarily executing
code which will ultimately fail.

fixes #11912

Signed-off-by: Gunnar Beutner <gunnar.beutner@netways.de>
2016-06-08 13:23:52 +02:00
Gunnar Beutner de1b70cf44 Fix incorrect variable names for joined fields in filter expressions
fixes #11779
2016-05-12 10:24:15 +02:00
Gunnar Beutner 0bc139af93 Improve timing behavior for UpdateObjectAuthority calls
refs #11765
2016-05-11 13:04:39 +02:00
Gunnar Beutner fc1168ed3e Only activate HARunOnce objects once there's a cluster connection
fixes #11765
2016-05-11 12:50:40 +02:00
Michael Friedrich 9a88185b12 API: Fix error handling for invalid JSON request body
fixes #11757
2016-05-10 15:16:35 +02:00
Michael Friedrich 1c6f09f44e API: Fix error message handling for invalid attributes in PUT requests
refs #11396
2016-05-10 13:43:36 +02:00
Michael Friedrich 8a65c4a776 API: Fix error message with PUT requests for existing objects
fixes #11396
2016-05-09 15:08:35 +02:00
Simon Murray 79c1e883d1 Add InfluxDB Writer
Adds an Icinga2 object to directly interface with InfluxDB's native HTTP API.
This supports optional basic authorization, and TLS transport.  InfluxDB didn't
appear to like having the TLS stream kept open, so instead this object buffers
data points which are then flushed to InfluxDB as a batch write, either driven
by a configurable timeout or threshold.

As InfluxDB is a schema-less database the host and service templates are user
configurable allowing both the measurement field and tags to be set by the
end user via macro expansion.  This allows access to tag fields from arbitrary
data associated with host.vars or service.vars.  If a particular value is
unable to be resolved, the tag will be dropped and not transmitted to InfluxDB.

Also alters URL handling to omit array brackets when only a single value is
attached to a key, otherwise InfluxDB has a strop with non-standard syntax.

fixes #10480

Signed-off-by: Michael Friedrich <michael.friedrich@netways.de>
2016-05-03 14:12:51 +02:00
Gunnar Beutner 09165e5ca6 Only hide navigational attributes which are not config/state
fixes #11567
2016-04-13 12:02:08 +02:00
Michael Friedrich d2f5008557 API: Ensure that empty passwords w/ client_cn are properly checked
fixes #11482
2016-04-04 16:38:47 +02:00
Gunnar Beutner b621b00e3a Detect infinite recursion in the zone hierarchy graph
fixes #10937
2016-03-23 09:03:53 +01:00
Jean Flach 9cdea730a3 Fix delete object handler returning incorrect status codes
Now a 200 OK only gets returned if all objects could be deleted

fixes #10770
2016-03-01 16:53:52 +01:00
Michael Friedrich c8a9f45697 ApiListener: Bail out if object could not be created during config sync
refs #11006
2016-02-12 14:15:24 +01:00
Jean Flach 19134f41cf Fix client not closing connections
fixes #11122
2016-02-09 15:59:19 +01:00
Jean Flach fa1d633484 Rephrase some log messages
refs #11122
2016-02-09 15:59:19 +01:00
Gunnar Beutner 90e241ca85 Fix: Cluster WQ thread dies after fork()
fixes #11118
2016-02-09 12:46:46 +01:00
Gunnar Beutner 14d805e6fe Fix crash in ApiListener::ConfigUpdateObjectAPIHandler
fixes #11006
2016-02-09 09:13:43 +01:00
Jean Flach 393a6bf641 Remove unused variables
fixes #11111
2016-02-08 17:10:12 +01:00
Gunnar Beutner e224e74994 Make sure the "syncing" attribute is set to false
refs #11083
2016-02-08 13:15:24 +01:00
Michael Friedrich 3227186c7d Fix: API queries on non-existant objects cause exception
fixes #11088
2016-02-04 22:40:01 +01:00
Michael Friedrich 949b129c65 Ensure that config sync updates are always sent on reconnect
fixes #11083
2016-02-04 11:30:27 +01:00
Gunnar Beutner 2dc385e31b Fix memory/thread leak in the HttpServerConnection class
fixes #10655
2016-02-03 09:54:31 +01:00