NRPE patch
Jason Martin
jhmartin at toger.us
Thu Jul 22 23:26:41 CEST 2004
The attached patch against nrpe-cvs HEAD does the following:
- Expand wording of error messages
- Pass most error messages back to check_nrpe instead of bailing out and making check_nrpe report "0 bytes received"
- Return proper error message for plugin output of only "\n"
- Fix spelling of "Do no use SSL"
-Jason Martin
--
This message is PGP/MIME signed.
-------------- next part --------------
Only in plugins_build/nrpe-2.1/: CVS
diff -cr nrpe-cvs/Changelog plugins_build/nrpe-2.1/Changelog
*** nrpe-cvs/Changelog Sat Mar 6 15:17:42 2004
--- plugins_build/nrpe-2.1/Changelog Thu Jul 22 10:58:44 2004
***************
*** 13,18 ****
--- 13,24 ----
- SSL protocol used is now limited to TLSv1
- Any output from plugins after first line is now ignored before
plugin process is closed
+ - Close STDERR before executing plugin through inetd, reduce CRC32 errors
+ - Improve wording of error messages (Jason Martin)
+ - Return more error message through to check_nrpe if a valid
+ connection exists instead of bailing out (Jason Martin)
+ - Return error message for plugin output of only "\n" (Jason Martin)
+
2.0 - 09/08/2003
diff -cr nrpe-cvs/include/common.h plugins_build/nrpe-2.1/include/common.h
*** nrpe-cvs/include/common.h Sat Mar 6 15:17:42 2004
--- plugins_build/nrpe-2.1/include/common.h Thu Jul 22 10:42:04 2004
***************
*** 24,30 ****
#include "config.h"
#define PROGRAM_VERSION "2.1"
! #define MODIFICATION_DATE "01-19-2004"
#define OK 0
#define ERROR -1
--- 24,30 ----
#include "config.h"
#define PROGRAM_VERSION "2.1"
! #define MODIFICATION_DATE "7-22-2004"
#define OK 0
#define ERROR -1
Only in plugins_build/nrpe-2.1/include: config.h
Only in plugins_build/nrpe-2.1/: init-script
Only in plugins_build/nrpe-2.1/: init-script.debian
Only in plugins_build/nrpe-2.1/: init-script.freebsd
Only in plugins_build/nrpe-2.1/: init-script.suse
Only in plugins_build/nrpe-2.1/sample-config: CVS
Only in plugins_build/nrpe-2.1/sample-config: nrpe.cfg
Only in plugins_build/nrpe-2.1/sample-config: nrpe.xinetd
Only in plugins_build/nrpe-2.1/src: CVS
Only in plugins_build/nrpe-2.1/src: Makefile
Only in plugins_build/nrpe-2.1/src: check_nrpe
diff -cr nrpe-cvs/src/check_nrpe.c plugins_build/nrpe-2.1/src/check_nrpe.c
*** nrpe-cvs/src/check_nrpe.c Thu May 20 15:41:02 2004
--- plugins_build/nrpe-2.1/src/check_nrpe.c Thu Jul 22 10:50:00 2004
***************
*** 85,91 ****
printf("Usage: check_nrpe -H <host> [-n] [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>]\n");
printf("\n");
printf("Options:\n");
! printf(" -n = Do no use SSL\n");
printf(" <host> = The address of the host running the NRPE daemon\n");
printf(" [port] = The port on which the daemon is running (default=%d)\n",DEFAULT_SERVER_PORT);
printf(" [timeout] = Number of seconds before connection times out (default=%d)\n",DEFAULT_SOCKET_TIMEOUT);
--- 85,91 ----
printf("Usage: check_nrpe -H <host> [-n] [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>]\n");
printf("\n");
printf("Options:\n");
! printf(" -n = Do not use SSL\n");
printf(" <host> = The address of the host running the NRPE daemon\n");
printf(" [port] = The port on which the daemon is running (default=%d)\n",DEFAULT_SERVER_PORT);
printf(" [timeout] = Number of seconds before connection times out (default=%d)\n",DEFAULT_SOCKET_TIMEOUT);
***************
*** 415,421 ****
void alarm_handler(int sig){
! printf("CHECK_NRPE: Socket timeout after %d seconds.\n",socket_timeout);
exit(STATE_CRITICAL);
}
--- 415,421 ----
void alarm_handler(int sig){
! printf("CHECK_NRPE: Socket timeout after %d seconds, either host is unreachable or plugin exceeded max runtime.\n",socket_timeout);
exit(STATE_CRITICAL);
}
diff -cr nrpe-cvs/src/nrpe.c plugins_build/nrpe-2.1/src/nrpe.c
*** nrpe-cvs/src/nrpe.c Thu May 20 15:41:02 2004
--- plugins_build/nrpe-2.1/src/nrpe.c Thu Jul 22 10:33:16 2004
***************
*** 59,64 ****
--- 59,65 ----
char *command_name=NULL;
char *macro_argv[MAX_COMMAND_ARGUMENTS];
+ char *error_msg;
char config_file[MAX_INPUT_BUFFER]="nrpe.cfg";
int server_port=DEFAULT_SERVER_PORT;
char server_address[16]="0.0.0.0";
***************
*** 863,892 ****
if(validate_request(&receive_packet)==ERROR){
/* log an error */
! syslog(LOG_ERR,"Client request was invalid, bailing out...");
!
/* free memory */
free(command_name);
command_name=NULL;
for(x=0;x<MAX_COMMAND_ARGUMENTS;x++){
free(macro_argv[x]);
macro_argv[x]=NULL;
! }
#ifdef HAVE_SSL
SSL_shutdown(ssl);
SSL_free(ssl);
#endif
return;
! }
!
/* log info to syslog facility */
if(debug==TRUE)
syslog(LOG_DEBUG,"Host is asking for command '%s' to be run...",receive_packet.buffer);
/* if this is the version check command, just spew it out */
! if(!strcmp(command_name,NRPE_HELLO_COMMAND)){
snprintf(buffer,sizeof(buffer),"NRPE v%s",PROGRAM_VERSION);
buffer[sizeof(buffer)-1]='\x0';
--- 864,900 ----
if(validate_request(&receive_packet)==ERROR){
/* log an error */
! syslog(LOG_ERR,"Client request was invalid, skipping execution...");
/* free memory */
free(command_name);
command_name=NULL;
for(x=0;x<MAX_COMMAND_ARGUMENTS;x++){
free(macro_argv[x]);
macro_argv[x]=NULL;
! }
+ /* If we got an error code but no text then just close the connection */
+ if (error_msg == NULL) {
#ifdef HAVE_SSL
SSL_shutdown(ssl);
SSL_free(ssl);
#endif
return;
! }
! }
/* log info to syslog facility */
if(debug==TRUE)
syslog(LOG_DEBUG,"Host is asking for command '%s' to be run...",receive_packet.buffer);
+ /* If validate_request populated an error message, send just that */
+ if (error_msg != NULL) {
+ snprintf(buffer,sizeof(buffer),"%s",error_msg);
+ buffer[sizeof(buffer)-1]='\x0';
+ result=STATE_UNKNOWN;
+ }
/* if this is the version check command, just spew it out */
! else if(!strcmp(command_name,NRPE_HELLO_COMMAND)){
snprintf(buffer,sizeof(buffer),"NRPE v%s",PROGRAM_VERSION);
buffer[sizeof(buffer)-1]='\x0';
***************
*** 935,942 ****
/* see if the command timed out */
if(early_timeout==TRUE)
snprintf(buffer,sizeof(buffer)-1,"NRPE: Command timed out after %d seconds\n",command_timeout);
else if(!strcmp(buffer,""))
! snprintf(buffer,sizeof(buffer)-1,"NRPE: Unable to read output\n");
buffer[sizeof(buffer)-1]='\x0';
--- 943,952 ----
/* see if the command timed out */
if(early_timeout==TRUE)
snprintf(buffer,sizeof(buffer)-1,"NRPE: Command timed out after %d seconds\n",command_timeout);
+ else if(!strcmp(buffer,"\n"))
+ snprintf(buffer,sizeof(buffer)-1,"NRPE: Plugin returned blank line, plugin may have failed\n");
else if(!strcmp(buffer,""))
! snprintf(buffer,sizeof(buffer)-1,"NRPE: Unable to read output, plugin may be missing or have failed\n");
buffer[sizeof(buffer)-1]='\x0';
***************
*** 1355,1360 ****
--- 1365,1371 ----
/* make sure request doesn't contain nasties */
if(contains_nasty_metachars(pkt->buffer)==TRUE){
syslog(LOG_ERR,"Error: Request contained illegal metachars!");
+ error_msg="NRPE Error: Request contained illegal metachars!";
return ERROR;
}
***************
*** 1362,1372 ****
if(strchr(pkt->buffer,'!')){
#ifdef ENABLE_COMMAND_ARGUMENTS
if(allow_arguments==FALSE){
! syslog(LOG_ERR,"Error: Request contained command arguments, but argument option is not enabled!");
return ERROR;
}
#else
! syslog(LOG_ERR,"Error: Request contained command arguments!");
return ERROR;
#endif
}
--- 1373,1385 ----
if(strchr(pkt->buffer,'!')){
#ifdef ENABLE_COMMAND_ARGUMENTS
if(allow_arguments==FALSE){
! syslog(LOG_ERR,"Error: Request contained command arguments, but argument option is not enabled in configuration!");
! error_msg="NRPE Error: Request contained command arguments, but argument option is not enabled in configuration!";
return ERROR;
}
#else
! syslog(LOG_ERR,"Error: Request contained command arguments but NRPE is not compiled with argument support!");
! error_msg="NRPE Error: Request contained command arguments, but NRPE is not compiled with argument support!";
return ERROR;
#endif
}
***************
*** 1398,1403 ****
--- 1411,1417 ----
}
if(!strcmp(macro_argv[x],"")){
syslog(LOG_ERR,"Error: Request contained an empty command argument");
+ error_msg="NRPE Error: Request contained an empty command argument";
return ERROR;
}
}
diff -cr nrpe-cvs/src/utils.c plugins_build/nrpe-2.1/src/utils.c
*** nrpe-cvs/src/utils.c Wed Oct 15 16:14:27 2003
--- plugins_build/nrpe-2.1/src/utils.c Wed Jul 21 09:22:43 2004
***************
*** 136,142 ****
/* else do a DNS lookup */
hp=gethostbyname((const char *)host_name);
if(hp==NULL){
! printf("Invalid host name '%s'\n",host_name);
return STATE_UNKNOWN;
}
--- 136,142 ----
/* else do a DNS lookup */
hp=gethostbyname((const char *)host_name);
if(hp==NULL){
! printf("CHECK_NRPE: Error contacting remote host. Invalid host name '%s'\n",host_name);
return STATE_UNKNOWN;
}
***************
*** 145,158 ****
/* map transport protocol name to protocol number */
if(((ptrp=getprotobyname(proto)))==NULL){
! printf("Cannot map \"%s\" to protocol number\n",proto);
return STATE_UNKNOWN;
}
/* create a socket */
*sd=socket(PF_INET,(!strcmp(proto,"udp"))?SOCK_DGRAM:SOCK_STREAM,ptrp->p_proto);
if(*sd<0){
! printf("Socket creation failed\n");
return STATE_UNKNOWN;
}
--- 145,158 ----
/* map transport protocol name to protocol number */
if(((ptrp=getprotobyname(proto)))==NULL){
! printf("CHECK_NRPE: Error contacting remote host. Cannot map \"%s\" to protocol number\n",proto);
return STATE_UNKNOWN;
}
/* create a socket */
*sd=socket(PF_INET,(!strcmp(proto,"udp"))?SOCK_DGRAM:SOCK_STREAM,ptrp->p_proto);
if(*sd<0){
! printf("CHECK_NRPE: Error contacting remote host. Socket creation failed\n");
return STATE_UNKNOWN;
}
***************
*** 161,176 ****
if(result<0){
switch(errno){
case ECONNREFUSED:
! printf("Connection refused by host\n");
break;
case ETIMEDOUT:
! printf("Timeout while attempting connection\n");
break;
case ENETUNREACH:
! printf("Network is unreachable\n");
break;
default:
! printf("Connection refused or timed out\n");
}
return STATE_CRITICAL;
--- 161,176 ----
if(result<0){
switch(errno){
case ECONNREFUSED:
! printf("CHECK_NRPE: Error contacting remote host. Connection refused by host\n");
break;
case ETIMEDOUT:
! printf("CHECK_NRPE: Error contacting remote host. Timeout while attempting connection\n");
break;
case ENETUNREACH:
! printf("CHECK_NRPE: Error contacting remote host. Network is unreachable\n");
break;
default:
! printf("CHECK_NRPE: Error contacting remote host. Connection refused or timed out\n");
}
return STATE_CRITICAL;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 211 bytes
Desc: not available
URL: <https://www.monitoring-lists.org/archive/developers/attachments/20040722/326dcd91/attachment.sig>
More information about the Developers
mailing list