tyler.durden/icinga2
1
0
Fork 0
mirror of https://github.com/Icinga/icinga2.git synced 2025-04-08 17:05:25 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,222 Commits 421 Branches 120 Tags
Commit Graph

13222 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander A. Klimov
b0a72ceb2f Icinga DB: clean up vanished objects from icinga:checksum:*:state 
... not to let it grow non-stop.
 2021-11-10 13:01:23 +01:00
icinga-probot[bot]
d31c2f156f
CHANGELOG.md: add v2.11.11 (#9055) 
Co-authored-by: Noah Hilverling <noah.hilverling@icinga.com>
 2021-11-04 12:21:29 +01:00
Alexander Aleksandrovič Klimov
8fb7645807
Merge pull request #9050 from Icinga/docs/centOS8-RHEL-powertools-2.13 
Change capitalization of the PowerTools command
 2021-10-29 16:22:46 +02:00
Henrik Triem
a4ea0b50ac Change capitalization of the PowerTools command 2021-10-28 10:39:51 +02:00
Noah Hilverling
9cafabcc9c
Merge pull request from GHSA-cxfm-8j5v-5qr2 
Add TLS server certificate validation to ElasticsearchWriter, GelfWriter, InfluxdbWriter and Influxdb2Writer (v2)
 2021-08-19 13:52:29 +02:00
Noah Hilverling
4951cdf561 Add security changelog for 2.13.1 v2.13.1 2021-08-19 11:17:45 +02:00
Julian Brost
b98f939c7f RedisConnection: remove now redundant setting of TLS verification parameters 
This is now done in UnbufferedAsioTlsStream.
 2021-08-19 11:06:19 +02:00
Julian Brost
f0b1195b4a GelfWriter: show error message of exceptions 2021-08-19 11:06:19 +02:00
Julian Brost
50a7980709 InfluxdbCommonWriter: actually verify TLS server certificates 
And add a new option ssl_insecure_noverify to explicitly disable it if desired.
 2021-08-19 11:06:19 +02:00
Julian Brost
4855cbc232 GelfWriter: actually verify TLS server certificates 
And add a new option insecure_noverify to explicitly disable it if desired.
 2021-08-19 11:06:19 +02:00
Julian Brost
055cdf22a8 ElasticsearchWriter: actually verify TLS server certificates 
And add a new option insecure_noverify to explicitly disable it if desired.
 2021-08-19 11:06:19 +02:00
Julian Brost
6080538223 Enable hostname verification in UnbufferedAsioTlsStream 2021-08-19 11:06:19 +02:00
Noah Hilverling
86ae1b09b7
Merge pull request #8977 from Icinga/feature/2.13.1-changelog 
Add 2.13.1 changelog and bump ICINGA2_VERSION
 2021-08-19 11:01:09 +02:00
Noah Hilverling
2843656469 Add 2.13.1 changelog and bump ICINGA2_VERSION 2021-08-18 17:39:45 +02:00
Noah Hilverling
bbf29e7504
Merge pull request #8958 from Icinga/bugfix/pgsql-escape 
IDO PgSQL: always use regular string literals (2.13)
 2021-08-12 14:25:32 +02:00
Noah Hilverling
377dbd3399
Merge pull request #8961 from Icinga/bugfix/apilistener-detect-ipv6-support 
ApiListener: Choose bind host default based on OS IPv6 support (2.13)
 2021-08-12 13:56:08 +02:00
Julian Brost
ec73b417f2 ApiListener: Choose bind host default based on OS IPv6 support 2021-08-06 12:19:08 +02:00
Julian Brost
782669f13b IDO PgSQL: always use regular string literals 
IdoPgsqlConnection::Escape() internally uses PQescapeStringConn() and its
documentation states the following:

  Furthermore, PQescapeStringConn does not generate the single quotes that must
  surround PostgreSQL string literals; they should be provided in the SQL
  command that the result is inserted into.

So it's intended to use the result in 'string' literals, not in E'string'
literals as Icinga did. This results in problems as the behavior of
PQescapeStringConn() depends on how the current connection will interpret
regular single quoted literals, namely on the value of the
standard_conforming_strings variable.

The E'string' literals were initially introduced in
ac6f3f8acf4f52adedc7908db6452ed6da273ad7 to fix #1206 where PostgreSQL started
warning about escape sequences in string literals not supported by the SQL
standard (but by PostgreSQL depending on the value of
standard_conforming_strings). In the meantime the oldest PostgreSQL version on
any platform supported by Icinga increased to 9.2 (CentOS 7) and starting with
9.1, standard_conforming_strings is enabled by default, so there will be no
warnings about escape sequences (as the warning is only issued if the escape
sequence is actually interpreted by PostgreSQL).
 2021-08-05 11:39:32 +02:00
Alexander Aleksandrovič Klimov
aaccd0448f
Merge pull request #8944 from Icinga/feature/2.13-changelog 
2.13.0: Changelog, Upgrading, VERSION
v2.13.0 		2021-08-02 22:10:37 +02:00
Alexander Aleksandrovič Klimov
3aa2289c59
Merge pull request #8946 from Icinga/bugfix/old-packages 
ConfigPackageUtility::ValidatePackageName(): always tolerate already existing packages
 2021-08-02 20:27:27 +02:00
Noah Hilverling
30149c5027 Docs: Add 2.13 upgrading documentation 2021-08-02 16:51:45 +02:00
Noah Hilverling
27963025bf CHANGELOG: Add 2.13 changelog 2021-08-02 16:51:45 +02:00
Alexander Aleksandrovič Klimov
b28bd7f757
Merge pull request #8945 from Icinga/Al2Klimov-patch-1 
GHA: drop EOL Ubuntu groovy
 2021-08-02 16:15:29 +02:00
Alexander A. Klimov
57df803e35 ConfigPackageUtility::ValidatePackageName(): always tolerate already existing packages 
... not to require migrating invalid ones.
 2021-08-02 15:40:14 +02:00
Alexander A. Klimov
c1df4b70f5 ConfigPackageUtility::PackageExists(): accept invalid package names, too 2021-08-02 15:40:14 +02:00
Alexander A. Klimov
c666f81361 De-couple package and stage name validation 2021-08-02 15:40:14 +02:00
Alexander Aleksandrovič Klimov
4b46f363e2
GHA: drop EOL Ubuntu groovy 2021-08-02 11:42:44 +02:00
Noah Hilverling
d392d36596 Increase VERSION file 2021-07-30 14:52:58 +02:00
Julian Brost
4c90709fc6
Merge pull request #8943 from Icinga/bugfix/api-add-comment-expiry-docs 
Docs: Describe parameter 'expiry' in 'add-comment' API action
 2021-07-30 09:03:42 +02:00
Alexander Aleksandrovič Klimov
40c186515b
Merge pull request #8942 from Icinga/bugfix/idb-hashes 
Icinga DB: keep state checksums consistent
 2021-07-29 21:54:58 +02:00
Noah Hilverling
3bc90e83e5 Docs: Describe parameter 'expiry' in 'add-comment' API action 2021-07-29 18:03:46 +02:00
Julian Brost
6fa44c8e4e
Merge pull request #8941 from Icinga/bugfix/icingadb-init-all-connections-before-sync 
Icinga DB: ensure all connections are ready on first use
 2021-07-29 17:33:29 +02:00
Alexander Aleksandrovič Klimov
afca6c001e
Merge pull request #8916 from Icinga/feature/icingadb-last_comment_id 
Icinga DB: introduce Checkable#last_comment_id
 2021-07-29 17:29:51 +02:00
Alexander A. Klimov
8476627e91 Icinga DB: keep state checksums consistent 
I.e. make hashes in hashmaps and stream the same.
 2021-07-29 12:43:40 +02:00
Alexander A. Klimov
5c10fffa3b Icinga DB: introduce Checkable#last_comment_id 2021-07-29 12:22:12 +02:00
Alexander A. Klimov
173a93c487 Split IcingaDB#SendStatusUpdate(), separate stream and history 2021-07-29 12:22:12 +02:00
Alexander A. Klimov
2818245e01 Introduce Checkable#GetLastComment() 2021-07-29 12:10:42 +02:00
Alexander Aleksandrovič Klimov
5923950e61
Merge pull request #8919 from Icinga/bugfix/idb-del-state-chksm 
Icinga DB: HDEL also icinga:checksum:*:state, not only icinga:*:state
 2021-07-29 11:08:33 +02:00
Julian Brost
929ebd0f6c IcingaDB: start initial sync after all child connections are established 
Icinga started the initial config sync right after the first Redis connection
was established. If any other connections would take longer to connect than
when it's first needed, queries were discarded.
 2021-07-28 15:27:32 +02:00
Julian Brost
a50120c399 IcingaDB: start parent connection after children are initialized 
The loop in the connected callback of the parent connection uses m_Rcons which
previously was only initialized after that connection was already started.
 2021-07-28 15:27:20 +02:00
Julian Brost
f4b2bbc7af
Merge pull request #8940 from Icinga/bugfix/redisconnection-reset-callback 
RedisConnection: copy callback before calling it
 2021-07-28 15:19:26 +02:00
Julian Brost
9d5ae0f6fa
Merge pull request #8899 from Icinga/feature/icingadb-connect_timeout 
Introduce IcingaDB#connect_timeout
 2021-07-28 13:52:00 +02:00
Julian Brost
cc8d3fbedd
Merge pull request #8937 from Icinga/bugfix/timeout-always-unknown 
Override exit code on process timeout
 2021-07-28 11:56:42 +02:00
Julian Brost
4c7199fd7d RedisConnection: copy callback before calling it 
This allows the callback to call RedisConnection::SetConnectedCallback() to set
another callback for this connection. This sets m_ConnectedCallback and thereby
destroys the std::function while it's running resulting in undefined behavior.
By operating on a copy, m_ConnectedCallback can be set without affecting the
currently running callback.
 2021-07-28 11:34:17 +02:00
Noah Hilverling
ff2abaa687
Merge pull request #8917 from Icinga/bugfix/idb-state-del-prio 
Icinga DB: HDEL from *:state with same prio as HSET
 2021-07-28 11:08:10 +02:00
Alexander A. Klimov
0919df5aa1 Introduce IcingaDB#connect_timeout 2021-07-27 21:59:09 +02:00
Alexander A. Klimov
504fdda76c Introduce DEFAULT_CONNECT_TIMEOUT 2021-07-27 21:57:02 +02:00
Alexander Aleksandrovič Klimov
9169c805a8
Merge pull request #8933 from Icinga/bugfix/icinga-db-only-start-multiple-redis-connections-after-the-first-one-succeeded-8920 
Icinga DB: only start multiple Redis connections after the first one succeeded
 2021-07-27 21:52:21 +02:00
Alexander Aleksandrovič Klimov
4d2f694805
Merge pull request #8897 from Icinga/feature/icingadb-pass-db 
RedisConnection: AUTH and SELECT
 2021-07-27 21:51:46 +02:00
Alexander Aleksandrovič Klimov
2d75bbd8ed
Merge pull request #8915 from Icinga/bugfix/icingadb-prio-state 
Icinga DB: priorize state > config
 2021-07-27 20:22:26 +02:00