Branch: refs/heads/master
Home: https://github.com/Checkmk/checkmk
Commit: 9c435ed8c74912c2a3edd491c568ac9214865ecb
https://github.com/Checkmk/checkmk/commit/9c435ed8c74912c2a3edd491c568ac921…
Author: Christoph Rauch <christoph.rauch(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
M Pipfile
M Pipfile.lock
M cmk/gui/wsgi/app.py
M cmk/gui/wsgi/dev_server.py
R cmk/gui/wsgi/profiling.py
A cmk/utils/profile_switcher.py
M tests/code_quality/test_pipfile.py
M tests/unit/cmk/gui/wsgi/test_profile_switcher.py
M web/app/index.wsgi
Log Message:
-----------
Profiling middleware: allow for profiling the application startup phase
* Introduce ProfileSwitcher middleware
* Adapt profiling tests to reflect new calling convention
* Adapt index.wsgi to use the new structure
* Remove old middleware from Flask app
* Update Pipfile: remove no longer necessary repoze.profile
middleware, make pyprof2calltree am explicit dependency.
The ProfileSwitcher middleware can now import the wrapped app
at runtime, so that importing and initialization can be profiled
as well. To achieve this, a default "config" is used for the
very first request, when no config could have been loaded yet.
For the first request, it is intentional that triggering the
profiling middleware via a "_profile" GET query-string parameter
is possible.
The subsequent requests will honor the configured profiling behavior.
CMK-14511
Change-Id: I33514e6395bcfb4849c421daa9647c944fffe319
Branch: refs/heads/master
Home: https://github.com/Checkmk/checkmk
Commit: e7973e78ad0bdfb42671b3dcd326bcbd6a6b4b4d
https://github.com/Checkmk/checkmk/commit/e7973e78ad0bdfb42671b3dcd326bcbd6…
Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
A .werks/15195
M cmk/gui/auth.py
M cmk/utils/crypto/secrets.py
M tests/unit/cmk/utils/crypto/test_secrets.py
Log Message:
-----------
15195 SEC Protect automation user secret against timing attacks
This Werks improves how the secret of an automation user is validated during login.
Prior to the Werk, the automation user's password was not checked in a way that is safe against (theoretical) timing attacks.
This is fixed now.
Even though this Werk improves security, it does not address an exploitable vulnerability.
To aid automated scanning we assign a CVSS score of 0.0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N).
CMK-15066
Change-Id: I23aebf47b235fecd5eb83fba15384f90f8a68625
Branch: refs/heads/2.2.0
Home: https://github.com/Checkmk/checkmk
Commit: ef4250614402cb7c48975cf53b8ffb8775281818
https://github.com/Checkmk/checkmk/commit/ef4250614402cb7c48975cf53b8ffb877…
Author: Hannes Rantzsch <hannes.rantzsch(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
A .werks/15195
M cmk/gui/auth.py
Log Message:
-----------
15195 SEC Protect automation user secret against timing attacks
This Werks improves how the secret of an automation user is validated during login.
Prior to the Werk, the automation user's password was not checked in a way that is safe against (theoretical) timing attacks.
This is fixed now.
Even though this Werk improves security, it does not address an exploitable vulnerability.
To aid automated scanning we assign a CVSS score of 0.0 (None) (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N).
CMK-15066
Change-Id: I23aebf47b235fecd5eb83fba15384f90f8a68625
Branch: refs/heads/master
Home: https://github.com/Checkmk/checkmk
Commit: 1a16ab2d5e245bb1daaf200075c466bc8bd7b90a
https://github.com/Checkmk/checkmk/commit/1a16ab2d5e245bb1daaf200075c466bc8…
Author: Sergey Kipnis <sergey.kipnis(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
M packages/check-sql/src/ms_sql/api.rs
M packages/check-sql/src/ms_sql/queries.rs
Log Message:
-----------
add clusters section
NOTE: no testing here due to lack of info how to do it
Change-Id: Ibd08d0034b25b9298cc7622d49a3858937ccabf9
Commit: f25d7faf4a5f01cde12acd7e6862ae04b8cffa94
https://github.com/Checkmk/checkmk/commit/f25d7faf4a5f01cde12acd7e6862ae04b…
Author: Matteo Stifano <matteo.stifano(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
M tests/testlib/site.py
M tests/update/conftest.py
Log Message:
-----------
site.py: Fix expected return-code when target-version not supported
Change-Id: I4239d8a1197fca60029961df34c41f290abd3dc0
Compare: https://github.com/Checkmk/checkmk/compare/a52daca561d2...f25d7faf4a5f
Branch: refs/heads/master
Home: https://github.com/Checkmk/checkmk
Commit: 578d9870daea5dd7e1ce7a1676060309c21cbfc2
https://github.com/Checkmk/checkmk/commit/578d9870daea5dd7e1ce7a1676060309c…
Author: Benedikt Seidl <benedikt.seidl(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
M .werks/15307
Log Message:
-----------
fix werk version
Change-Id: I7c5e9579ee1d5d310246fea1a80e708858f40abb
Commit: a52daca561d2da8ade6a36d3ee3ff97e279d4fe4
https://github.com/Checkmk/checkmk/commit/a52daca561d2da8ade6a36d3ee3ff97e2…
Author: Benedikt Seidl <benedikt.seidl(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
A .werks/15310
M cmk/base/plugins/agent_based/oracle_crs_res.py
M tests/unit/cmk/base/plugins/agent_based/test_oracle_crs_res.py
Log Message:
-----------
15310 FIX oracle_crs_res: TypeError: Resource.__init__() got an unexpected keyword argument 'enabled'
Agent output changed with newer oracle databases, it now includes
"enabled" data. Previous version of this check could not handle this and
crashed with the following error:
<tt>TypeError: Resource.<strong>init</strong>() got an unexpected keyword argument 'enabled'</tt>
oracle_crs_res now ignores all additional data.
Change-Id: I7c25ceb273c7a42e8bee8b96d9914354ece956dc
Compare: https://github.com/Checkmk/checkmk/compare/ea1d42188214...a52daca561d2
Branch: refs/heads/2.2.0
Home: https://github.com/Checkmk/checkmk
Commit: 15a568b3f79cf63910e0b3e0510b76ae2c79d798
https://github.com/Checkmk/checkmk/commit/15a568b3f79cf63910e0b3e0510b76ae2…
Author: Benedikt Seidl <benedikt.seidl(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
A .werks/15310
M cmk/base/plugins/agent_based/oracle_crs_res.py
M tests/unit/cmk/base/plugins/agent_based/test_oracle_crs_res.py
Log Message:
-----------
15310 FIX oracle_crs_res: TypeError: Resource.__init__() got an unexpected keyword argument 'enabled'
Agent output changed with newer oracle databases, it now includes "enabled"
data. Previous version of this check could not handle this and crashed with
the following error:
<tt>TypeError: Resource.__init__() got an unexpected keyword argument 'enabled'</tt>
oracle_crs_res now ignores all additional data.
Change-Id: I7c25ceb273c7a42e8bee8b96d9914354ece956dc
Branch: refs/heads/master
Home: https://github.com/Checkmk/checkmk
Commit: 909b15f33c6568d753936e0d499105dc7f52384f
https://github.com/Checkmk/checkmk/commit/909b15f33c6568d753936e0d499105dc7…
Author: Mathias Laurin <mathias.laurin(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
M packages/check-cert/src/check.rs
Log Message:
-----------
check-cert: Remove Into<f64> bound from metric
It's noisy and we should find a better solution anyway.
CMK-14583
Change-Id: I8fad3bb3d4061316166f08703b80048cf8496609
Commit: 3f5f41b403fd548cfdef04609f59a17ac92883be
https://github.com/Checkmk/checkmk/commit/3f5f41b403fd548cfdef04609f59a17ac…
Author: Benedikt Seidl <benedikt.seidl(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
M tests/unit/cmk/base/plugins/agent_based/test_logwatch_ec.py
Log Message:
-----------
add test to show current (buggy) behavior
Change-Id: Ia6c7fc55fb852bb1dfe07183242cb640c65b3e87
Commit: 6456814f3d81fe0bffd8e415a3a77471b69d706a
https://github.com/Checkmk/checkmk/commit/6456814f3d81fe0bffd8e415a3a77471b…
Author: Benedikt Seidl <benedikt.seidl(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
A .werks/15303
M cmk/base/plugins/agent_based/logwatch_ec.py
M tests/unit/cmk/base/plugins/agent_based/test_logwatch_ec.py
Log Message:
-----------
15303 FIX logwatch_ec: remove spool files after reading them
Before this fix spool files were only removed when they were too old or if
there were too many of them.
Spool files that got deleted after reading will be recreated if there was
an error while sending a message.
Change-Id: I7962a77ff83848e915651a6c054b4808e8438412
Commit: 39d6ac79482b4683a0a482cc1532d5250ff6a983
https://github.com/Checkmk/checkmk/commit/39d6ac79482b4683a0a482cc1532d5250…
Author: Benedikt Seidl <benedikt.seidl(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
M cmk/base/plugins/agent_based/logwatch_ec.py
Log Message:
-----------
simplify code
variable filename already contains an absolute path:
>>> Path("/some/path") / Path("/absolute/path")
PosixPath('/absolute/path')
Change-Id: I64362498c83bd4ffb343c0fb5c0c1681fdaf9d48
Commit: 7acd581c36f58c1427b90e34d4bc376c7590899c
https://github.com/Checkmk/checkmk/commit/7acd581c36f58c1427b90e34d4bc376c7…
Author: Benedikt Seidl <benedikt.seidl(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
A .werks/15307
M cmk/base/plugins/agent_based/logwatch_ec.py
M tests/unit/cmk/base/plugins/agent_based/test_logwatch_ec.py
Log Message:
-----------
15307 FIX logwatch_ec: tcp remote forwarding: create one spool file per service
This Werk affects you if you have a logwatch_ec check which forwards
events to a remote syslog hosts and if you activated the option "Create
a separate check for each logfile".
In this case all separate services shared one spoolfile. This lead to
the problem, that one event in the spoolfile was displayed as one event
for each separate service (but it was only sent out once, when the
remote was reachable again).
In some conditions events might been unnoticeable dropped, because the
spoolfile was overwritten by another logwatch service.
Now each logwatch service will have their own spoolfile.
The spoolfiles will be automatically assigned to their logwatch service.
After all your logwatch_ec services sent all their spoolfiles out, you
may manually consult the following folder for <tt>spoolfile.*</tt>
files:
<tt>./var/check_mk/logwatch_spool/<hostname></tt>
If there are any spoolfiles in this folder, they could not be assigned
to a logwatch service. If you still want them to be forwarded, move them
to one of the folders, otherwise they can be deleted.
<tt>./var/check_mk/logwatch_spool/<hostname>/item_<url_encode(item)></tt>
SUP-16197
Change-Id: Ia5b55076d8ba292d0cc2329e638b42fe0b2d2f8c
Commit: 4c255464c2a4dcff772c2495dc8b097a2ec9ae86
https://github.com/Checkmk/checkmk/commit/4c255464c2a4dcff772c2495dc8b097a2…
Author: Gavin McGuigan <gavin.mcguigan(a)checkmk.com>
Date: 2023-11-21 (Tue, 21 Nov 2023)
Changed paths:
R .werks/16279
M cmk/gui/openapi/endpoints/activate_changes/__init__.py
M cmk/gui/openapi/endpoints/service_discovery/__init__.py
M tests/testlib/openapi_session.py
M tests/unit/cmk/gui/openapi/test_openapi_service_discovery.py
Log Message:
-----------
Revert "16279 FIX service_discovery: redirect response header incorrectly configured to an absolute URI"
This reverts commit 567ad1ba4aef14c63071003701806c817a7f2ad8.
Reason for revert: <Failing integration tests>
Change-Id: I927dc577367f4879fcdaa302dc036ad0f09d9be3
Compare: https://github.com/Checkmk/checkmk/compare/31fca9bbb163...4c255464c2a4