6736 commits

Author	SHA1	Message	Date
Julian Brost	b671e80050	/v1/console: prevent concurrent use of the same session by multiple requests ... If there are such requests, without this change, they would all be allowed and processed, resulting in unsafe concurrent (write) access to these data structures, which can ultimately crash the daemon or lead to other unintended behavior.	2026-01-07 12:43:16 +01:00
William Calliari	c716bdd0d3	Take a mutex before accessing the l_ApiScriptFrames ... Take a mutex to avoid race conditions in the map that lead to segmentation faults. Move the ApiScriptFrame object back behind a shared pointer to avoid holding the mutex for too long. Fixes #10674	2026-01-05 10:31:33 +01:00
Julian Brost	fa3063d148	IsValidHeaderValue: use front()/back() instead of iterators ... Don't ask me why I wasn't thinking of the very basic front() and back() methods when writing this code. Does exactly the same here, but is much more straight-forward than the extra iterator detour.	2025-12-03 11:09:44 +01:00
Julian Brost	985db970bb	Allow to set extra headers in HTTP responses ... Use case: Allow settings headers like Strict-Transport-Security if one likes. How this headers would benefit the Icinga 2 API is questionable, but there are security scanners that see HTTPS and complain about it, so this gives an easy way to make them happy (with this probably being the only benefit).	2025-11-28 16:19:19 +01:00
Julian Brost	aca67f6d88	HttpUtility: add functions for validating HTTP header names and values	2025-11-28 16:19:19 +01:00
Brad Smith	bbc1859aa1	Have thread name length clamping also apply for the other OSes ... This covers macOS, *BSDs, Linux, Cygwin. NetBSD PTHREAD_MAX_NAMELEN_NP 32 macOS 64 OpenBSD 24 Linux/FreeBSD/DragonFly/Cygwin 16	2025-11-27 09:19:16 -05:00
Brad Smith	7aa777c40f	Fix usage of pthread_setname_np() on NetBSD ... NetBSD's pthread_setname_np() takes a slightly different set of parameters.	2025-11-27 07:16:34 -05:00
Alvar	8c230df3da	Merge pull request #10640 from brad0/openbsd_dlopen ... Fix dlopen()'ing libraries on OpenBSD	2025-11-27 12:13:18 +00:00
Brad Smith	d243da72e5	Fix dlopen()'ing libraries on OpenBSD	2025-11-27 04:52:28 -05:00
Brad Smith	cf8fc3d64f	Add tests for pthread_set_name_np() and pthread_setname_np() ... Looks like the conversion from autoconf to CMake dropped these tests along the way.	2025-11-27 10:48:54 +01:00
Brad Smith	77881a7e18	Enable the pthread_np.h header on OpenBSD and DragonFly ... Necessary for pthread_set_name_np().	2025-11-25 15:46:02 -05:00
Yonas Habteab	ed9014103f	Merge pull request #10609 from Icinga/fix-misc-compiler-warnings ... Fix misc compiler warnings	2025-11-19 14:26:57 +01:00
Johannes Schmidt	11e83b6274	Fix -Wunused-lambda-capture warning	2025-11-19 12:00:58 +01:00
Johannes Schmidt	a2e0ce426f	Fix -Wunused-variable warnings	2025-11-19 12:00:58 +01:00
Johannes Schmidt	8ef1604f72	Fix -Wunused-but-set-variable warnings (clang)	2025-11-19 12:00:58 +01:00
Johannes Schmidt	6bd89821cd	Fix -Wenum-compare warnings	2025-11-19 12:00:58 +01:00
Johannes Schmidt	7b4697a237	Fix -Wredundant-move warnings	2025-11-19 12:00:58 +01:00
Johannes Schmidt	93e69ed0e8	Fix -Wsign-compare warnings	2025-11-19 12:00:58 +01:00
Johannes Schmidt	758d1b6873	Fix -Wsuggest-override warnings	2025-11-19 12:00:58 +01:00
Johannes Schmidt	4f0a24f8ab	Add ABORT() macro for unconditionally failing ASSERTS ... This is necessary to stop MSVC complaining that "not all paths return a value", because it is not able to infer that the expression `false ? 0 : non_returning_function()` never returns. In the process of debugging this I've also slightly simplified the other assert macros and abort function, so they don't need compiler specific preprocessor-paths anymore.	2025-11-19 11:55:49 +01:00
Johannes Schmidt	9a69dd9a45	Use 64bit unsigned integer for Replay log timestamps	2025-11-19 09:41:13 +01:00
Yonas Habteab	017a4012f3	TimePeriod: properly validate ranges field	2025-11-14 16:38:41 +01:00
Johannes Schmidt	a9c139f5c5	Subtract inapplicable suppressed notifications at a later point ... Without this commit, every time the NotificationTimerHandler runs it will discard notifications that don't apply to the reason of the latest check result. This is probably intended to clear outdated suppressed notifications immediately when the TimePeriod resumes, but it also clears out important ones (see the test case). This commit fixes that by clearing out inapplicable notifications when the timer runs the first time after the TimePeriod resumes. By that time we can expect that no new suppressed notifications will be added and all notifications that don't conflict with the last check-result can still be run. Fixes #10575	2025-11-03 15:39:39 +01:00
Johannes Schmidt	f42510f981	Merge pull request #9411 from Icinga/compiler-warnings ... Fix compiler warnings	2025-10-21 15:23:31 +02:00
Alexander A. Klimov	d877e818db	Fix compiler warnings	2025-10-17 17:08:31 +02:00
Alexander A. Klimov	9612de881a	Fix compiler warnings by not std::move()ing where redundant	2025-10-17 17:08:31 +02:00
Alexander A. Klimov	78631fa319	Fix compiler warnings by ensuring variable initialization	2025-10-17 17:08:31 +02:00
Alexander A. Klimov	315c9a3692	Fix compiler warnings by replacing x&&y||z with (x&&y)||z	2025-10-17 17:08:30 +02:00
Alexander Aleksandrovič Klimov	5d46ca4f77	Merge pull request #9730 from Icinga/don-t-define-use-openssl-callback-for-in-openssl-v1-1 ... Don't define/use OpenSSL*Callback() for/in OpenSSL > v1.1	2025-10-17 16:41:07 +02:00
Alexander A. Klimov	37b5c39e20	Fix compiler warnings by re-ordering member init in constructors	2025-10-17 15:33:57 +02:00
Alexander Aleksandrovič Klimov	c25297e26a	Merge pull request #9729 from Icinga/fix-compiler-warnings-by-removing-unused-variables ... Fix compiler warnings by removing unused variables	2025-10-17 15:12:05 +02:00
Alexander A. Klimov	728d6fff3e	Don't define/use OpenSSL*Callback() for/in OpenSSL > v1.1 ... Since OpenSSL v1.1 the macros they're passed to expand to nothing creating the illusion those functions aren't used. That triggers compiler warnings.	2025-10-17 14:28:00 +02:00
Alexander A. Klimov	3d69a31043	Fix compiler warnings by removing unused variables	2025-10-17 09:56:46 +02:00
Julian Brost	d372ecc20b	AtomicOrLocked: use std::conditional_t and std::is_trivially_copyable_v ... std::conditional_t was added in C++14, is_trivially_copyable_v in C++17, both do the same as the previous implementation and are a bit more compact.	2025-10-16 16:50:03 +02:00
Julian Brost	a2dc35031c	Remove obsolete workaround for GCC 4.x ... The fallback implementation was added for GCC 4.x as that didn't yet implement std::is_trivially_copyable. However, by now we're using C++17 as our language standard and that wasn't even implemented in GCC 4.x yet[^1]: Some C++17 features are available since GCC 5, but support was experimental and the ABI of C++17 features was not stable until GCC 9. Hence, this became more or less dead code and can be removed. [^1]: https://gcc.gnu.org/projects/cxx-status.html#cxx17	2025-10-16 16:50:03 +02:00
Julian Brost	cfff82ba05	Merge commit from fork ... DerefExpression: Add missing nullptr check	2025-10-16 14:14:45 +02:00
Julian Brost	56255ac7a6	Merge commit from fork ... Check for permissions when evaluating object filters	2025-10-16 14:13:36 +02:00
Julian Brost	ce600ce01c	Merge pull request #10530 from Icinga/kill-drop-permissions ... Send signals as Icinga user in safe-reload and logrotate	2025-10-08 14:29:27 +02:00
Julian Brost	a02a4594f4	DerefExpression: Add missing nullptr check ... Due to this missing check, evaluating a DSL expression can result in a null dereference, crashing the Icinga 2 process. Given that API users can also provide DSL expression as filters, this can be triggered over the network as well. This issue was assigned CVE-2025-61908.	2025-10-08 10:04:52 +02:00
Johannes Schmidt	2378b7e121	Remove TicketSalt in VariableQueryHandler as early as possible ... This is to avoid another kind of exploit found by where TicketSalt can be accessed when the object filter is evaluated by checking its name via the local `variable` reference and then `throw`ing it to print it in the error message. Reported-by: julian.brost@icinga.com	2025-10-02 15:51:42 +02:00
Johannes Schmidt	9fed14d6fa	Filter global variables when Sandboxed	2025-10-02 15:51:42 +02:00
Johannes Schmidt	218e41aed6	Declare functions as unsafe that aren't useful in filter expressions ... + get_objects(): Has no use because in sandboxed contexts the result can't be filtered or iterated over. + get_template(): Currently this is not dangerous because the returned dictionary object does not hold any interesting information. However, someone could add more details in the future and forget to add a permission check. + get_templates(): Combines the reasons for get_objects() and get_template() + get_env(): There is no point of ever using this in a filter expression.	2025-10-02 15:51:42 +02:00
Johannes Schmidt	07216bdf77	Check for permission in get_object()	2025-10-02 15:51:42 +02:00
Johannes Schmidt	61670d5f23	Add permission checking to script frames and filter utilities	2025-10-02 15:51:38 +02:00
Julian Brost	bc7debed4f	Merge pull request #10558 from Icinga/fix-posix-error-double-free ... Fix double-free error in posix_error::what()	2025-09-23 16:14:45 +02:00
Julian Brost	be2b1a878e	Endpoint expose seconds_processing_messages attribute ... Co-authored-by: Alexander A. Klimov <alexander.klimov@icinga.com>	2025-09-23 11:05:08 +02:00
Julian Brost	e3ee07b5a0	Measure and store message processing time per endpoint ... Co-authored-by: Alexander A. Klimov <alexander.klimov@icinga.com>	2025-09-23 11:05:08 +02:00
Alexander A. Klimov	4b2b45c8a1	Introduce AtomicDuration	2025-09-23 11:04:58 +02:00
Johannes Schmidt	db4e984989	Fix double-free error in posix_error::what()	2025-09-17 10:11:37 +02:00
Yonas Habteab	5f862ce3bb	HttpServerConnection: use std::chrono for m_Seen	2025-09-12 13:40:36 +02:00