1 |
idl0r 12/06/07 00:07:58 |
2 |
|
3 |
Added: nrpe-nagios3-r1 nrpe.xinetd |
4 |
nagios-nrpe-2.13-tcpd.patch |
5 |
nagios-nrpe-2.13-multiline.patch |
6 |
Log: |
7 |
Version bump, fixes bug 410891, 289733, 326367, 367257, 398175, 410171 and 418297. Thanks to all reporters/contributors. |
8 |
|
9 |
(Portage version: 2.2.0_alpha110/cvs/Linux x86_64) |
10 |
|
11 |
Revision Changes Path |
12 |
1.1 net-analyzer/nagios-nrpe/files/nrpe-nagios3-r1 |
13 |
|
14 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/nagios-nrpe/files/nrpe-nagios3-r1?rev=1.1&view=markup |
15 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/nagios-nrpe/files/nrpe-nagios3-r1?rev=1.1&content-type=text/plain |
16 |
|
17 |
Index: nrpe-nagios3-r1 |
18 |
=================================================================== |
19 |
#!/sbin/runscript |
20 |
|
21 |
extra_started_commands="reload" |
22 |
|
23 |
command="/usr/bin/nrpe" |
24 |
command_args="-c /etc/nagios/nrpe.cfg --daemon" |
25 |
pidfile="${pidfile:-/var/run/nrpe/nrpe.pid}" |
26 |
start_stop_daemon_args="--user nagios --group nagios" |
27 |
|
28 |
depend() { |
29 |
need net |
30 |
} |
31 |
|
32 |
start_pre() { |
33 |
checkpath -d -m 0750 -o nagios:nagios /var/run/nrpe |
34 |
} |
35 |
|
36 |
reload() { |
37 |
ebegin "Reloading nrpe" |
38 |
kill -HUP $(head -n1 ${pidfile}) |
39 |
eend $? "Failed to reload nrpe" |
40 |
} |
41 |
|
42 |
|
43 |
|
44 |
1.1 net-analyzer/nagios-nrpe/files/nrpe.xinetd |
45 |
|
46 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/nagios-nrpe/files/nrpe.xinetd?rev=1.1&view=markup |
47 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/nagios-nrpe/files/nrpe.xinetd?rev=1.1&content-type=text/plain |
48 |
|
49 |
Index: nrpe.xinetd |
50 |
=================================================================== |
51 |
service nrpe { |
52 |
socket_type = stream |
53 |
protocol = tcp |
54 |
wait = no |
55 |
user = nagios |
56 |
group = nagios |
57 |
server = /usr/bin/nrpe |
58 |
server_args = -c /etc/nagios/nrpe.cfg --inetd |
59 |
# only_from = 127.0.0.1 |
60 |
disabled = yes |
61 |
} |
62 |
|
63 |
|
64 |
|
65 |
1.1 net-analyzer/nagios-nrpe/files/nagios-nrpe-2.13-tcpd.patch |
66 |
|
67 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/nagios-nrpe/files/nagios-nrpe-2.13-tcpd.patch?rev=1.1&view=markup |
68 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/nagios-nrpe/files/nagios-nrpe-2.13-tcpd.patch?rev=1.1&content-type=text/plain |
69 |
|
70 |
Index: nagios-nrpe-2.13-tcpd.patch |
71 |
=================================================================== |
72 |
--- configure.in.orig 2008-03-10 22:04:41.000000000 +0100 |
73 |
+++ configure.in 2012-01-08 17:59:49.804613011 +0100 |
74 |
@@ -147,11 +147,27 @@ |
75 |
AC_CHECK_LIB(nsl,main,SOCKETLIBS="$SOCKETLIBS -lnsl") |
76 |
AC_CHECK_LIB(socket,socket,SOCKETLIBS="$SOCKETLIBS -lsocket") |
77 |
AC_SUBST(SOCKETLIBS) |
78 |
-AC_CHECK_LIB(wrap,main,[ |
79 |
- LIBWRAPLIBS="$LIBWRAPLIBS -lwrap" |
80 |
+ |
81 |
+AC_ARG_ENABLE(tcp-wrapper,--enable-tcp-wrapper enables support for TCP wrappers. *** DISABLING IS A SECURITY RISK! *** Read the SECURITY file before using this option! (default: auto),[ |
82 |
+ if test x$enableval = xyes; then |
83 |
+ enable_tcp_wrapper=yes |
84 |
+ else |
85 |
+ enable_tcp_wrapper=no |
86 |
+ fi |
87 |
+ ],enable_tcp_wrapper="auto") |
88 |
+ |
89 |
+LIBWRAPLIBS="" |
90 |
+if test "x$enable_tcp_wrapper" = "xauto"; then |
91 |
+ AC_CHECK_LIB(wrap,main,[ |
92 |
+ LIBWRAPLIBS="$LIBWRAPLIBS -lwrap" |
93 |
+ AC_DEFINE(HAVE_LIBWRAP) |
94 |
+ ]) |
95 |
+elif test "x$enable_tcp_wrapper" = "xyes"; then |
96 |
+ AC_CHECK_LIB(wrap,main,LIBWRAPLIBS="$LIBWRAPLIBS -lwrap",[AC_MSG_ERROR([TCP wrapper library not found])]) |
97 |
AC_DEFINE(HAVE_LIBWRAP) |
98 |
- ]) |
99 |
+fi |
100 |
AC_SUBST(LIBWRAPLIBS) |
101 |
+ |
102 |
AC_CHECK_FUNCS(strdup strstr strtoul initgroups closesocket) |
103 |
|
104 |
dnl socklen_t check - from curl |
105 |
|
106 |
|
107 |
|
108 |
1.1 net-analyzer/nagios-nrpe/files/nagios-nrpe-2.13-multiline.patch |
109 |
|
110 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/nagios-nrpe/files/nagios-nrpe-2.13-multiline.patch?rev=1.1&view=markup |
111 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-analyzer/nagios-nrpe/files/nagios-nrpe-2.13-multiline.patch?rev=1.1&content-type=text/plain |
112 |
|
113 |
Index: nagios-nrpe-2.13-multiline.patch |
114 |
=================================================================== |
115 |
diff --git a/include/common.h b/include/common.h |
116 |
index 202dec4..86f8e32 100755 |
117 |
--- a/include/common.h |
118 |
+++ b/include/common.h |
119 |
@@ -41,7 +41,7 @@ |
120 |
#define DEFAULT_SOCKET_TIMEOUT 10 /* timeout after 10 seconds */ |
121 |
#define DEFAULT_CONNECTION_TIMEOUT 300 /* timeout if daemon is waiting for connection more than this time */ |
122 |
|
123 |
-#define MAX_INPUT_BUFFER 2048 /* max size of most buffers we use */ |
124 |
+#define MAX_INPUT_BUFFER 16384 /* max size of most buffers we use */ |
125 |
#define MAX_FILENAME_LENGTH 256 |
126 |
|
127 |
#define MAX_HOST_ADDRESS_LENGTH 256 /* max size of a host address */ |
128 |
@@ -55,12 +55,14 @@ |
129 |
|
130 |
#define QUERY_PACKET 1 /* id code for a packet containing a query */ |
131 |
#define RESPONSE_PACKET 2 /* id code for a packet containing a response */ |
132 |
+#define RESPONSE_PACKET_WITH_MORE 3 /* id code for a packet containing a response, with more data to follow */ |
133 |
|
134 |
#define NRPE_PACKET_VERSION_3 3 /* packet version identifier */ |
135 |
#define NRPE_PACKET_VERSION_2 2 |
136 |
#define NRPE_PACKET_VERSION_1 1 /* older packet version identifiers (no longer supported) */ |
137 |
|
138 |
#define MAX_PACKETBUFFER_LENGTH 1024 /* max amount of data we'll send in one query/response */ |
139 |
+ /* WARNING - do not change this as older clients/servers will not work */ |
140 |
|
141 |
typedef struct packet_struct{ |
142 |
int16_t packet_version; |
143 |
diff --git a/src/check_nrpe.c b/src/check_nrpe.c |
144 |
index 0adced1..ff4b920 100755 |
145 |
--- a/src/check_nrpe.c |
146 |
+++ b/src/check_nrpe.c |
147 |
@@ -221,6 +221,11 @@ int main(int argc, char **argv){ |
148 |
return STATE_UNKNOWN; |
149 |
} |
150 |
|
151 |
+ /* Altinity patch: Allow multiple packets to be received */ |
152 |
+ /* Indentation not corrected to allow simpler patching */ |
153 |
+ /* START MULTI_PACKET LOOP */ |
154 |
+ do { |
155 |
+ |
156 |
/* wait for the response packet */ |
157 |
bytes_to_recv=sizeof(receive_packet); |
158 |
if(use_ssl==FALSE) |
159 |
@@ -233,31 +238,24 @@ int main(int argc, char **argv){ |
160 |
/* reset timeout */ |
161 |
alarm(0); |
162 |
|
163 |
- /* close the connection */ |
164 |
-#ifdef HAVE_SSL |
165 |
- if(use_ssl==TRUE){ |
166 |
- SSL_shutdown(ssl); |
167 |
- SSL_free(ssl); |
168 |
- SSL_CTX_free(ctx); |
169 |
- } |
170 |
-#endif |
171 |
- graceful_close(sd,1000); |
172 |
- |
173 |
/* recv() error */ |
174 |
if(rc<0){ |
175 |
printf("CHECK_NRPE: Error receiving data from daemon.\n"); |
176 |
+ graceful_close(sd,1000); |
177 |
return STATE_UNKNOWN; |
178 |
} |
179 |
|
180 |
/* server disconnected */ |
181 |
else if(rc==0){ |
182 |
printf("CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.\n"); |
183 |
+ graceful_close(sd,1000); |
184 |
return STATE_UNKNOWN; |
185 |
} |
186 |
|
187 |
/* receive underflow */ |
188 |
else if(bytes_to_recv<sizeof(receive_packet)){ |
189 |
printf("CHECK_NRPE: Receive underflow - only %d bytes received (%d expected).\n",bytes_to_recv,sizeof(receive_packet)); |
190 |
+ graceful_close(sd,1000); |
191 |
return STATE_UNKNOWN; |
192 |
} |
193 |
|
194 |
@@ -271,21 +269,21 @@ int main(int argc, char **argv){ |
195 |
calculated_crc32=calculate_crc32((char *)&receive_packet,sizeof(receive_packet)); |
196 |
if(packet_crc32!=calculated_crc32){ |
197 |
printf("CHECK_NRPE: Response packet had invalid CRC32.\n"); |
198 |
- close(sd); |
199 |
+ graceful_close(sd,1000); |
200 |
return STATE_UNKNOWN; |
201 |
} |
202 |
|
203 |
/* check packet version */ |
204 |
if(ntohs(receive_packet.packet_version)!=NRPE_PACKET_VERSION_2){ |
205 |
printf("CHECK_NRPE: Invalid packet version received from server.\n"); |
206 |
- close(sd); |
207 |
+ graceful_close(sd,1000); |
208 |
return STATE_UNKNOWN; |
209 |
} |
210 |
|
211 |
/* check packet type */ |
212 |
- if(ntohs(receive_packet.packet_type)!=RESPONSE_PACKET){ |
213 |
+ if(ntohs(receive_packet.packet_type)!=RESPONSE_PACKET && ntohs(receive_packet.packet_type)!=RESPONSE_PACKET_WITH_MORE){ |
214 |
printf("CHECK_NRPE: Invalid packet type received from server.\n"); |
215 |
- close(sd); |
216 |
+ graceful_close(sd,1000); |
217 |
return STATE_UNKNOWN; |
218 |
} |
219 |
|
220 |
@@ -297,8 +295,18 @@ int main(int argc, char **argv){ |
221 |
if(!strcmp(receive_packet.buffer,"")) |
222 |
printf("CHECK_NRPE: No output returned from daemon.\n"); |
223 |
else |
224 |
- printf("%s\n",receive_packet.buffer); |
225 |
- } |
226 |
+ printf("%s",receive_packet.buffer); |
227 |
+ |
228 |
+ } while (ntohs(receive_packet.packet_type)==RESPONSE_PACKET_WITH_MORE); |
229 |
+ /* END MULTI_PACKET LOOP */ |
230 |
+ |
231 |
+ /* Finish output with newline */ |
232 |
+ printf("\n"); |
233 |
+ |
234 |
+ /* close the connection */ |
235 |
+ graceful_close(sd,1000); |
236 |
+ |
237 |
+ } |
238 |
|
239 |
/* reset the alarm */ |
240 |
else |
241 |
@@ -434,6 +442,14 @@ int graceful_close(int sd, int timeout){ |
242 |
struct timeval tv; |
243 |
char buf[1000]; |
244 |
|
245 |
+#ifdef HAVE_SSL |
246 |
+ if(use_ssl==TRUE){ |
247 |
+ SSL_shutdown(ssl); |
248 |
+ SSL_free(ssl); |
249 |
+ SSL_CTX_free(ctx); |
250 |
+ } |
251 |
+#endif |
252 |
+ |
253 |
/* send FIN packet */ |
254 |
shutdown(sd,SHUT_WR); |
255 |
for(;;){ |
256 |
diff --git a/src/nrpe.c b/src/nrpe.c |
257 |
index f2b0164..dfa8262 100755 |
258 |
--- a/src/nrpe.c |
259 |
+++ b/src/nrpe.c |
260 |
@@ -972,6 +972,8 @@ void handle_connection(int sock){ |
261 |
char processed_command[MAX_INPUT_BUFFER]; |
262 |
int result=STATE_OK; |
263 |
int early_timeout=FALSE; |
264 |
+ int bytes_copied=0; |
265 |
+ char *pbuffer=&buffer[0]; |
266 |
int rc; |
267 |
int x; |
268 |
#ifdef DEBUG |
269 |
@@ -1188,6 +1190,14 @@ void handle_connection(int sock){ |
270 |
if(buffer[strlen(buffer)-1]=='\n') |
271 |
buffer[strlen(buffer)-1]='\x0'; |
272 |
|
273 |
+ /* Altinity patch to allow multi packet responses */ |
274 |
+ /* Loop not indented to allow easier patching */ |
275 |
+ /* START MULTI_PACKET LOOP */ |
276 |
+ do { |
277 |
+ |
278 |
+ if(debug==TRUE) |
279 |
+ syslog(LOG_DEBUG,"Sending response - bytes left: %d", strlen(pbuffer)); |
280 |
+ |
281 |
/* clear the response packet buffer */ |
282 |
bzero(&send_packet,sizeof(send_packet)); |
283 |
|
284 |
@@ -1196,11 +1206,17 @@ void handle_connection(int sock){ |
285 |
|
286 |
/* initialize response packet data */ |
287 |
send_packet.packet_version=(int16_t)htons(NRPE_PACKET_VERSION_2); |
288 |
- send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET); |
289 |
send_packet.result_code=(int16_t)htons(result); |
290 |
- strncpy(&send_packet.buffer[0],buffer,MAX_PACKETBUFFER_LENGTH); |
291 |
+ strncpy(&send_packet.buffer[0],pbuffer,MAX_PACKETBUFFER_LENGTH); |
292 |
send_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0'; |
293 |
- |
294 |
+ |
295 |
+ bytes_copied = strlen(&send_packet.buffer[0]); |
296 |
+ pbuffer = pbuffer+bytes_copied; |
297 |
+ if(strlen(pbuffer)>0) |
298 |
+ send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET_WITH_MORE); |
299 |
+ else |
300 |
+ send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET); |
301 |
+ |
302 |
/* calculate the crc 32 value of the packet */ |
303 |
send_packet.crc32_value=(u_int32_t)0L; |
304 |
calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet)); |
305 |
@@ -1219,6 +1235,9 @@ void handle_connection(int sock){ |
306 |
SSL_write(ssl,&send_packet,bytes_to_send); |
307 |
#endif |
308 |
|
309 |
+ } while (strlen(pbuffer) > 0); |
310 |
+ /* END MULTI_PACKET LOOP */ |
311 |
+ |
312 |
#ifdef HAVE_SSL |
313 |
if(ssl){ |
314 |
SSL_shutdown(ssl); |