upstream/icinga-powershell-framework
1
0
Fork 0
mirror of https://github.com/Icinga/icinga-powershell-framework.git synced 2025-12-20 23:00:35 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Adds error handling for SSLStreams and adds eventlog pre-defined messages

Browse source
This commit is contained in:
Christian Stein 2020-03-27 16:43:18 +01:00
parent 1993683602
commit 470e5cc036
2 changed files with 19 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
lib/core/logging/Icinga_EventLog_Enums.psm1
View file

@ -13,6 +13,18 @@
'Details' = 'The Framework or is components can issue generic debug message in case the debug log is enabled. Please ensure to disable it, if not used. You can do so with the command "Disable-IcingaFrameworkDebugMode"';
'EventId' = 1000;
};
1500 = @{
'EntryType' = 'Error';
'Message' = 'Failed to securely establish a communiation between this server and the client';
'Details' = 'The client connection could not be established between this server. This issue is mostly caused by using Self-Signed/Icinga 2 Agent certificates for the server and the client not trusting the certificate. To resolve this issue, either use trusted certificates signed by your trusted CA or setup the client to accept untrusted certificates';
'EventId' = 1500;
};
1501 = @{
'EntryType' = 'Error';
'Message' = 'Client connection was interrupted because of invalid SSL stream';
'Details' = 'A client connection was terminated by the Framework because no secure SSL handshake could be established. This issue in general is followed by EventId 1500.';
'EventId' = 1501;
};
}
};

9
lib/web/New-IcingaSSLStream.psm1
View file

@ -9,8 +9,13 @@ function New-IcingaSSLStream()
return $null;
}
$SSLStream = New-Object System.Net.Security.SslStream($Client.GetStream(), $false)
$SSLStream.AuthenticateAsServer($Certificate, $false, [System.Security.Authentication.SslProtocols]::Tls12, $true) | Out-Null;
try {
$SSLStream = New-Object System.Net.Security.SslStream($Client.GetStream(), $false)
$SSLStream.AuthenticateAsServer($Certificate, $false, [System.Security.Authentication.SslProtocols]::Tls12, $true) | Out-Null;
} catch {
Write-IcingaEventMessage -EventId 1500 -Namespace 'Framework' -Objects $Client.Client;
return $null;
}
return $SSLStream;
}