]> granicus.if.org Git - icinga2/commitdiff
projects / icinga2 / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d94e300)
Implement TLS support for the GelfWriter
authorMichael Insel <michael@insel.email>
Fri, 30 Nov 2018 21:08:18 +0000 (22:08 +0100)
committerMichael Insel <michael@insel.email>
Thu, 16 May 2019 15:48:47 +0000 (17:48 +0200)
This implements TLS support for the GelfWriter.

lib/perfdata/gelfwriter.cpp patch | blob | history
lib/perfdata/gelfwriter.ti patch | blob | history

diff --git a/lib/perfdata/gelfwriter.cpp b/lib/perfdata/gelfwriter.cpp
index 55199d7172adf27a5bf2d30ea1848cd95fdb0c25..9623cbe873bf78c52ea6297716db891cadeedc8e 100644 (file)
--- a/lib/perfdata/gelfwriter.cpp
+++ b/lib/perfdata/gelfwriter.cpp
@@ -169,7 +169,30 @@ void GelfWriter::ReconnectInternal()
                throw ex;
        }
 
-       m_Stream = new NetworkStream(socket);
+       if (GetEnableTls()) {
+               std::shared_ptr<SSL_CTX> sslContext;
+
+               try  {
+                       sslContext = MakeSSLContext(GetCertPath(), GetKeyPath(), GetCaPath());
+               } catch (const std::exception& ex) {
+                       Log(LogWarning, "GelfWriter")
+                               << "Unable to create SSL context.";
+                       throw ex;
+               }
+
+               TlsStream::Ptr tlsStream = new TlsStream(socket, GetHost(), RoleClient, sslContext);
+
+               try {
+                       tlsStream->Handshake();
+               } catch (const std::exception& ex) {
+                       Log(LogWarning, "GelfWriter")
+                               << "TLS handshake with host'" << GetHost() << "' on port '" << GetPort() << "' failed.'";
+                       throw ex;
+               }
+
+               m_Stream = tlsStream;
+       } else
+               m_Stream = new NetworkStream(socket);
 
        SetConnected(true);
 
diff --git a/lib/perfdata/gelfwriter.ti b/lib/perfdata/gelfwriter.ti
index 1d20cc28e7545a82c67e7febd46e2a2e71711733..2176fd877e4f6c0974d88549a18209def512b414 100644 (file)
--- a/lib/perfdata/gelfwriter.ti
+++ b/lib/perfdata/gelfwriter.ti
@@ -31,6 +31,12 @@ class GelfWriter : ConfigObject
        [config] bool enable_ha {
                default {{{ return false; }}}
        };
+    [config] bool enable_tls {
+        default {{{ return false; }}}
+    };
+    [config] String ca_path;
+    [config] String cert_path;
+    [config] String key_path;
 };
 
 }
Unnamed repository; edit this file 'description' to name the repository.