Submiting patch for nrpe
Stephen Strudwick
sas at pipex.net
Wed Jan 14 16:33:20 CET 2004
Hi all,
attached is a patch for nrpe that enables blowfish encryption as a
compile time option.
This is a large patch, so I also have an html document attached
describing the patch and how to apply/use it.
The patch should be applied to the latest CVS tree for nrpe, not the
released tar.gz.
I would really appreciate it if it could be considered for addition to the
cvs tree, and any criticisms etc welcome.
On a related note, I am also preparing a similar patch for nrpe_nt, and I
also have a load of C plugins almost ready for release for nrpe_nt,
hopefully they will be ready by the end of the week.
-
Stephen Strudwick
Advanced Development Engineer
Development Group, Product Development
PIPEX Communications
http://www.pipexcommunications.net/
-------------- next part --------------
diff -rpN -U 3 nrpe/configure gx-nrpe/configure
--- nrpe/configure Wed Nov 12 23:37:48 2003
+++ gx-nrpe/configure Wed Jan 14 14:58:20 2004
@@ -15,6 +15,8 @@ ac_default_prefix=/usr/local/nagios
ac_help="$ac_help
--enable-ssl enables native SSL support"
ac_help="$ac_help
+--enable-blowfish enables Blowfish support"
+ac_help="$ac_help
--with-ssl-lib=DIR sets location of the SSL library"
ac_help="$ac_help
--with-ssl-inc=DIR sets location of the SSL include files"
@@ -571,7 +573,7 @@ ac_configure=$ac_aux_dir/configure # Thi
# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
# ./install, which can be erroneously created by make from ./install.sh.
echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
-echo "configure:575: checking for a BSD compatible install" >&5
+echo "configure:577: checking for a BSD compatible install" >&5
if test -z "$INSTALL"; then
if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -628,7 +630,7 @@ test -z "$INSTALL_DATA" && INSTALL_DATA=
# Extract the first word of "gcc", so it can be a program name with args.
set dummy gcc; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:632: checking for $ac_word" >&5
+echo "configure:634: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -658,7 +660,7 @@ if test -z "$CC"; then
# Extract the first word of "cc", so it can be a program name with args.
set dummy cc; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:662: checking for $ac_word" >&5
+echo "configure:664: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -709,7 +711,7 @@ fi
# Extract the first word of "cl", so it can be a program name with args.
set dummy cl; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:713: checking for $ac_word" >&5
+echo "configure:715: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -741,7 +743,7 @@ fi
fi
echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:745: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
+echo "configure:747: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
ac_ext=c
# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
@@ -752,12 +754,12 @@ cross_compiling=$ac_cv_prog_cc_cross
cat > conftest.$ac_ext << EOF
-#line 756 "configure"
+#line 758 "configure"
#include "confdefs.h"
main(){return(0);}
EOF
-if { (eval echo configure:761: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:763: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
ac_cv_prog_cc_works=yes
# If we can't run a trivial program, we are probably using a cross compiler.
if (./conftest; exit) 2>/dev/null; then
@@ -783,12 +785,12 @@ if test $ac_cv_prog_cc_works = no; then
{ echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
fi
echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:787: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
+echo "configure:789: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
cross_compiling=$ac_cv_prog_cc_cross
echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:792: checking whether we are using GNU C" >&5
+echo "configure:794: checking whether we are using GNU C" >&5
if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -797,7 +799,7 @@ else
yes;
#endif
EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:801: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:803: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
ac_cv_prog_gcc=yes
else
ac_cv_prog_gcc=no
@@ -816,7 +818,7 @@ ac_test_CFLAGS="${CFLAGS+set}"
ac_save_CFLAGS="$CFLAGS"
CFLAGS=
echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:820: checking whether ${CC-cc} accepts -g" >&5
+echo "configure:822: checking whether ${CC-cc} accepts -g" >&5
if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -848,7 +850,7 @@ else
fi
echo $ac_n "checking whether ${MAKE-make} sets \${MAKE}""... $ac_c" 1>&6
-echo "configure:852: checking whether ${MAKE-make} sets \${MAKE}" >&5
+echo "configure:854: checking whether ${MAKE-make} sets \${MAKE}" >&5
set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_prog_make_${ac_make}_set'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -876,7 +878,7 @@ fi
echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:880: checking how to run the C preprocessor" >&5
+echo "configure:882: checking how to run the C preprocessor" >&5
# On Suns, sometimes $CPP names a directory.
if test -n "$CPP" && test -d "$CPP"; then
CPP=
@@ -891,13 +893,13 @@ else
# On the NeXT, cc -E runs the code through the compiler's parser,
# not just through cpp.
cat > conftest.$ac_ext <<EOF
-#line 895 "configure"
+#line 897 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:901: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:903: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -908,13 +910,13 @@ else
rm -rf conftest*
CPP="${CC-cc} -E -traditional-cpp"
cat > conftest.$ac_ext <<EOF
-#line 912 "configure"
+#line 914 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:918: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:920: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -925,13 +927,13 @@ else
rm -rf conftest*
CPP="${CC-cc} -nologo -E"
cat > conftest.$ac_ext <<EOF
-#line 929 "configure"
+#line 931 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:935: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:937: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -956,12 +958,12 @@ fi
echo "$ac_t""$CPP" 1>&6
echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
-echo "configure:960: checking for ANSI C header files" >&5
+echo "configure:962: checking for ANSI C header files" >&5
if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 965 "configure"
+#line 967 "configure"
#include "confdefs.h"
#include <stdlib.h>
#include <stdarg.h>
@@ -969,7 +971,7 @@ else
#include <float.h>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:973: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:975: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -986,7 +988,7 @@ rm -f conftest*
if test $ac_cv_header_stdc = yes; then
# SunOS 4.x string.h does not declare mem*, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 990 "configure"
+#line 992 "configure"
#include "confdefs.h"
#include <string.h>
EOF
@@ -1004,7 +1006,7 @@ fi
if test $ac_cv_header_stdc = yes; then
# ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 1008 "configure"
+#line 1010 "configure"
#include "confdefs.h"
#include <stdlib.h>
EOF
@@ -1025,7 +1027,7 @@ if test "$cross_compiling" = yes; then
:
else
cat > conftest.$ac_ext <<EOF
-#line 1029 "configure"
+#line 1031 "configure"
#include "confdefs.h"
#include <ctype.h>
#define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
@@ -1036,7 +1038,7 @@ if (XOR (islower (i), ISLOWER (i)) || to
exit (0); }
EOF
-if { (eval echo configure:1040: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:1042: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
:
else
@@ -1060,12 +1062,12 @@ EOF
fi
echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6
-echo "configure:1064: checking whether time.h and sys/time.h may both be included" >&5
+echo "configure:1066: checking whether time.h and sys/time.h may both be included" >&5
if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1069 "configure"
+#line 1071 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/time.h>
@@ -1074,7 +1076,7 @@ int main() {
struct tm *tp;
; return 0; }
EOF
-if { (eval echo configure:1078: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1080: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_header_time=yes
else
@@ -1095,12 +1097,12 @@ EOF
fi
echo $ac_n "checking for sys/wait.h that is POSIX.1 compatible""... $ac_c" 1>&6
-echo "configure:1099: checking for sys/wait.h that is POSIX.1 compatible" >&5
+echo "configure:1101: checking for sys/wait.h that is POSIX.1 compatible" >&5
if eval "test \"`echo '$''{'ac_cv_header_sys_wait_h'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1104 "configure"
+#line 1106 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/wait.h>
@@ -1116,7 +1118,7 @@ wait (&s);
s = WIFEXITED (s) ? WEXITSTATUS (s) : 1;
; return 0; }
EOF
-if { (eval echo configure:1120: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1122: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_header_sys_wait_h=yes
else
@@ -1140,17 +1142,17 @@ for ac_hdr in ctype.h dirent.h errno.h f
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:1144: checking for $ac_hdr" >&5
+echo "configure:1146: checking for $ac_hdr" >&5
if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1149 "configure"
+#line 1151 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:1154: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:1156: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -1178,12 +1180,12 @@ done
echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:1182: checking for working const" >&5
+echo "configure:1184: checking for working const" >&5
if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1187 "configure"
+#line 1189 "configure"
#include "confdefs.h"
int main() {
@@ -1232,7 +1234,7 @@ ccp = (char const *const *) p;
; return 0; }
EOF
-if { (eval echo configure:1236: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1238: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_c_const=yes
else
@@ -1253,12 +1255,12 @@ EOF
fi
echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6
-echo "configure:1257: checking whether struct tm is in sys/time.h or time.h" >&5
+echo "configure:1259: checking whether struct tm is in sys/time.h or time.h" >&5
if eval "test \"`echo '$''{'ac_cv_struct_tm'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1262 "configure"
+#line 1264 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <time.h>
@@ -1266,7 +1268,7 @@ int main() {
struct tm *tp; tp->tm_sec;
; return 0; }
EOF
-if { (eval echo configure:1270: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1272: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_struct_tm=time.h
else
@@ -1287,12 +1289,12 @@ EOF
fi
echo $ac_n "checking for mode_t""... $ac_c" 1>&6
-echo "configure:1291: checking for mode_t" >&5
+echo "configure:1293: checking for mode_t" >&5
if eval "test \"`echo '$''{'ac_cv_type_mode_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1296 "configure"
+#line 1298 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -1320,12 +1322,12 @@ EOF
fi
echo $ac_n "checking for pid_t""... $ac_c" 1>&6
-echo "configure:1324: checking for pid_t" >&5
+echo "configure:1326: checking for pid_t" >&5
if eval "test \"`echo '$''{'ac_cv_type_pid_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1329 "configure"
+#line 1331 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -1353,12 +1355,12 @@ EOF
fi
echo $ac_n "checking for size_t""... $ac_c" 1>&6
-echo "configure:1357: checking for size_t" >&5
+echo "configure:1359: checking for size_t" >&5
if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1362 "configure"
+#line 1364 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -1386,12 +1388,12 @@ EOF
fi
echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6
-echo "configure:1390: checking return type of signal handlers" >&5
+echo "configure:1392: checking return type of signal handlers" >&5
if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1395 "configure"
+#line 1397 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <signal.h>
@@ -1408,7 +1410,7 @@ int main() {
int i;
; return 0; }
EOF
-if { (eval echo configure:1412: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:1414: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_type_signal=void
else
@@ -1427,12 +1429,12 @@ EOF
echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6
-echo "configure:1431: checking for uid_t in sys/types.h" >&5
+echo "configure:1433: checking for uid_t in sys/types.h" >&5
if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1436 "configure"
+#line 1438 "configure"
#include "confdefs.h"
#include <sys/types.h>
EOF
@@ -1461,7 +1463,7 @@ EOF
fi
echo $ac_n "checking type of array argument to getgroups""... $ac_c" 1>&6
-echo "configure:1465: checking type of array argument to getgroups" >&5
+echo "configure:1467: checking type of array argument to getgroups" >&5
if eval "test \"`echo '$''{'ac_cv_type_getgroups'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -1469,7 +1471,7 @@ else
ac_cv_type_getgroups=cross
else
cat > conftest.$ac_ext <<EOF
-#line 1473 "configure"
+#line 1475 "configure"
#include "confdefs.h"
/* Thanks to Mike Rendell for this test. */
@@ -1494,7 +1496,7 @@ main()
}
EOF
-if { (eval echo configure:1498: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:1500: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ac_cv_type_getgroups=gid_t
else
@@ -1508,7 +1510,7 @@ fi
if test $ac_cv_type_getgroups = cross; then
cat > conftest.$ac_ext <<EOF
-#line 1512 "configure"
+#line 1514 "configure"
#include "confdefs.h"
#include <unistd.h>
EOF
@@ -1533,7 +1535,7 @@ EOF
echo $ac_n "checking size of int""... $ac_c" 1>&6
-echo "configure:1537: checking size of int" >&5
+echo "configure:1539: checking size of int" >&5
if eval "test \"`echo '$''{'ac_cv_sizeof_int'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -1541,7 +1543,7 @@ else
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 1545 "configure"
+#line 1547 "configure"
#include "confdefs.h"
#include <stdio.h>
int main()
@@ -1552,7 +1554,7 @@ int main()
return(0);
}
EOF
-if { (eval echo configure:1556: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:1558: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ac_cv_sizeof_int=`cat conftestval`
else
@@ -1572,7 +1574,7 @@ EOF
echo $ac_n "checking size of short""... $ac_c" 1>&6
-echo "configure:1576: checking size of short" >&5
+echo "configure:1578: checking size of short" >&5
if eval "test \"`echo '$''{'ac_cv_sizeof_short'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -1580,7 +1582,7 @@ else
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 1584 "configure"
+#line 1586 "configure"
#include "confdefs.h"
#include <stdio.h>
int main()
@@ -1591,7 +1593,7 @@ int main()
return(0);
}
EOF
-if { (eval echo configure:1595: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:1597: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ac_cv_sizeof_short=`cat conftestval`
else
@@ -1611,7 +1613,7 @@ EOF
echo $ac_n "checking size of long""... $ac_c" 1>&6
-echo "configure:1615: checking size of long" >&5
+echo "configure:1617: checking size of long" >&5
if eval "test \"`echo '$''{'ac_cv_sizeof_long'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -1619,7 +1621,7 @@ else
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 1623 "configure"
+#line 1625 "configure"
#include "confdefs.h"
#include <stdio.h>
int main()
@@ -1630,7 +1632,7 @@ int main()
return(0);
}
EOF
-if { (eval echo configure:1634: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:1636: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ac_cv_sizeof_long=`cat conftestval`
else
@@ -1651,12 +1653,12 @@ EOF
echo $ac_n "checking for uint32_t""... $ac_c" 1>&6
-echo "configure:1655: checking for uint32_t" >&5
+echo "configure:1657: checking for uint32_t" >&5
if eval "test \"`echo '$''{'ac_cv_type_uint32_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1660 "configure"
+#line 1662 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -1684,12 +1686,12 @@ EOF
fi
echo $ac_n "checking for u_int32_t""... $ac_c" 1>&6
-echo "configure:1688: checking for u_int32_t" >&5
+echo "configure:1690: checking for u_int32_t" >&5
if eval "test \"`echo '$''{'ac_cv_type_u_int32_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1693 "configure"
+#line 1695 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -1747,12 +1749,12 @@ EOF
fi
echo $ac_n "checking for int32_t""... $ac_c" 1>&6
-echo "configure:1751: checking for int32_t" >&5
+echo "configure:1753: checking for int32_t" >&5
if eval "test \"`echo '$''{'ac_cv_type_int32_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1756 "configure"
+#line 1758 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -1806,12 +1808,12 @@ fi
for ac_func in getopt_long
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:1810: checking for $ac_func" >&5
+echo "configure:1812: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 1815 "configure"
+#line 1817 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -1834,7 +1836,7 @@ $ac_func();
; return 0; }
EOF
-if { (eval echo configure:1838: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1840: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -1856,7 +1858,7 @@ EOF
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for getopt_long in -liberty""... $ac_c" 1>&6
-echo "configure:1860: checking for getopt_long in -liberty" >&5
+echo "configure:1862: checking for getopt_long in -liberty" >&5
ac_lib_var=`echo iberty'_'getopt_long | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -1864,7 +1866,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-liberty $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 1868 "configure"
+#line 1870 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -1875,7 +1877,7 @@ int main() {
getopt_long()
; return 0; }
EOF
-if { (eval echo configure:1879: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1881: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -1901,7 +1903,7 @@ done
echo $ac_n "checking for main in -lnsl""... $ac_c" 1>&6
-echo "configure:1905: checking for main in -lnsl" >&5
+echo "configure:1907: checking for main in -lnsl" >&5
ac_lib_var=`echo nsl'_'main | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -1909,14 +1911,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lnsl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 1913 "configure"
+#line 1915 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:1920: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1922: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -1937,7 +1939,7 @@ else
fi
echo $ac_n "checking for socket in -lsocket""... $ac_c" 1>&6
-echo "configure:1941: checking for socket in -lsocket" >&5
+echo "configure:1943: checking for socket in -lsocket" >&5
ac_lib_var=`echo socket'_'socket | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -1945,7 +1947,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lsocket $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 1949 "configure"
+#line 1951 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -1956,7 +1958,7 @@ int main() {
socket()
; return 0; }
EOF
-if { (eval echo configure:1960: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:1962: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -1976,9 +1978,49 @@ else
echo "$ac_t""no" 1>&6
fi
+echo $ac_n "checking for floor in -lm""... $ac_c" 1>&6
+echo "configure:1983: checking for floor in -lm" >&5
+ac_lib_var=`echo m'_'floor | sed 'y%./+-%__p_%'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+else
+ ac_save_LIBS="$LIBS"
+LIBS="-lm $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 1991 "configure"
+#include "confdefs.h"
+/* Override any gcc2 internal prototype to avoid an error. */
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char floor();
+
+int main() {
+floor()
+; return 0; }
+EOF
+if { (eval echo configure:2002: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+ rm -rf conftest*
+ eval "ac_cv_lib_$ac_lib_var=yes"
+else
+ echo "configure: failed program was:" >&5
+ cat conftest.$ac_ext >&5
+ rm -rf conftest*
+ eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+ echo "$ac_t""yes" 1>&6
+ LDFLAGS="$LDFLAGS -lm"
+else
+ echo "$ac_t""no" 1>&6
+fi
+
echo $ac_n "checking for main in -lwrap""... $ac_c" 1>&6
-echo "configure:1982: checking for main in -lwrap" >&5
+echo "configure:2024: checking for main in -lwrap" >&5
ac_lib_var=`echo wrap'_'main | sed 'y%./+-%__p_%'`
if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -1986,14 +2028,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lwrap $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 1990 "configure"
+#line 2032 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:1997: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:2039: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -2023,12 +2065,12 @@ fi
for ac_func in strdup strstr strtoul initgroups
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:2027: checking for $ac_func" >&5
+echo "configure:2069: checking for $ac_func" >&5
if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 2032 "configure"
+#line 2074 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -2051,7 +2093,7 @@ $ac_func();
; return 0; }
EOF
-if { (eval echo configure:2055: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:2097: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -2077,9 +2119,9 @@ done
echo $ac_n "checking for type of socket size""... $ac_c" 1>&6
-echo "configure:2081: checking for type of socket size" >&5
+echo "configure:2123: checking for type of socket size" >&5
cat > conftest.$ac_ext <<EOF
-#line 2083 "configure"
+#line 2125 "configure"
#include "confdefs.h"
#include <stdlib.h>
#include <sys/types.h>
@@ -2089,7 +2131,7 @@ int main() {
int a = send(1, (const void *)0, (size_t *) 0, (int *) 0);
; return 0; }
EOF
-if { (eval echo configure:2093: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:2135: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
cat >> confdefs.h <<\EOF
#define SOCKET_SIZE_TYPE size_t
@@ -2107,12 +2149,12 @@ fi
rm -f conftest*
echo $ac_n "checking for socklen_t""... $ac_c" 1>&6
-echo "configure:2111: checking for socklen_t" >&5
+echo "configure:2153: checking for socklen_t" >&5
if eval "test \"`echo '$''{'ac_cv_type_socklen_t'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 2116 "configure"
+#line 2158 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -2155,6 +2197,21 @@ else
fi
+# Check whether --enable-blowfish or --disable-blowfish was given.
+if test "${enable_blowfish+set}" = set; then
+ enableval="$enable_blowfish"
+
+ if test x$enableval = xyes; then
+ check_for_ssl=no
+ cat >> confdefs.h <<EOF
+#define HAVE_BF 1
+EOF
+
+ fi
+
+fi
+
+
ssl_lib_dir=
ssl_inc_dir=
# Check whether --with-ssl-lib or --without-ssl-lib was given.
@@ -2184,7 +2241,7 @@ fi
if test x$check_for_ssl = xyes; then
echo $ac_n "checking for SSL""... $ac_c" 1>&6
-echo "configure:2188: checking for SSL" >&5
+echo "configure:2245: checking for SSL" >&5
found_ssl=no
for dir in $ssl_inc_dir /usr/local/openssl /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr; do
ssldir="$dir"
@@ -2227,7 +2284,7 @@ EOF
fi
echo $ac_n "checking for Kerberos include files""... $ac_c" 1>&6
-echo "configure:2231: checking for Kerberos include files" >&5
+echo "configure:2288: checking for Kerberos include files" >&5
found_kerberos=no
for dir in $kerberos_inc_dir /usr/kerberos/include; do
kerbdir="$dir"
@@ -2297,7 +2354,7 @@ fi
# Extract the first word of "perl", so it can be a program name with args.
set dummy perl; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2301: checking for $ac_word" >&5
+echo "configure:2358: checking for $ac_word" >&5
if eval "test \"`echo '$''{'ac_cv_path_PERL'+set}'`\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
diff -rpN -U 3 nrpe/configure.in gx-nrpe/configure.in
--- nrpe/configure.in Wed Nov 12 23:37:48 2003
+++ gx-nrpe/configure.in Wed Jan 14 14:58:20 2004
@@ -87,6 +87,7 @@ AC_SUBST(OTHERLIBS)
dnl Checks for library functions.
AC_CHECK_LIB(nsl,main,SOCKETLIBS="$SOCKETLIBS -lnsl")
AC_CHECK_LIB(socket,socket,SOCKETLIBS="$SOCKETLIBS -lsocket")
+AC_CHECK_LIB(m,floor,LDFLAGS="$LDFLAGS -lm")
AC_SUBST(SOCKETLIBS)
AC_CHECK_LIB(wrap,main,[
LIBWRAPLIBS="$LIBWRAPLIBS -lwrap"
@@ -125,6 +126,14 @@ AC_ARG_ENABLE(ssl,--enable-ssl enables n
fi
],check_for_ssl=yes)
+dnl Does user want to enable Blowfish? If so dont check for SSL
+AC_ARG_ENABLE(blowfish,--enable-blowfish enables Blowfish support,[
+ if test x$enableval = xyes; then
+ check_for_ssl=no
+ AC_DEFINE_UNQUOTED(HAVE_BF)
+ fi
+ ])
+
dnl Optional SSL library and include paths
ssl_lib_dir=
ssl_inc_dir=
diff -rpN -U 3 nrpe/include/bf_crypt.h gx-nrpe/include/bf_crypt.h
--- nrpe/include/bf_crypt.h Thu Jan 1 01:00:00 1970
+++ gx-nrpe/include/bf_crypt.h Wed Jan 14 14:58:20 2004
@@ -0,0 +1,23 @@
+#include <math.h>
+
+#ifndef HAVE_SYSLOG_H
+#include <syslog.h>
+#endif
+
+#include "../include/config.h"
+#include "../include/blowfish.h"
+
+#define NUL '\0'
+
+struct c_string
+{
+ char *c_string;
+ int len;
+};
+
+typedef struct c_string c_string;
+
+BFkey_type *blowfish_init(char *key);
+void blowfish_destroy(BFkey_type *ks);
+void blowfish_crypt(BFkey_type *ks, char *input, c_string *output, int len);
+char *blowfish_decrypt(BFkey_type *ks, char *input, int len);
diff -rpN -U 3 nrpe/include/bf_utils.h gx-nrpe/include/bf_utils.h
--- nrpe/include/bf_utils.h Thu Jan 1 01:00:00 1970
+++ gx-nrpe/include/bf_utils.h Wed Jan 14 14:58:20 2004
@@ -0,0 +1,54 @@
+#ifndef HAVE_SYSLOG_H
+#include <syslog.h>
+#endif
+
+#include <string.h>
+#include <strings.h>
+#include <alloca.h>
+#include <ctype.h>
+#include <time.h>
+
+#include "../include/config.h"
+#include "../include/bf_crypt.h"
+
+/* Generic Settings */
+
+#define MAX_STREAM_CHUNK 8 /* Must be mod 8 */
+#define TIMEOUT 600
+#define HANDSHAKE_SIZE 32
+
+/* Errors */
+
+#define ERROR_UNKNOWN -800
+#define ERROR_INIT_KEY -801
+#define ERROR_HANDSHAKE -802
+#define ERROR_READLINE -803
+#define ERROR_ENCRYPTION -804
+
+/* General */
+
+#define NL 012
+#define SPACE 040
+
+int bf_init(char *key, BFkey_type *ks); /* intitialised keystring for blowfish */
+
+int bf_client_handshake(int socket, BFkey_type *ks);
+int bf_server_handshake(int socket, BFkey_type *ks);
+
+int bf_client_disconnect(int socket, BFkey_type *ks);
+void bf_noop(int socket, BFkey_type *ks);
+
+int bf_sendall(int socket, BFkey_type *ks, char *buf, size_t bytes);
+ssize_t bf_recvall(int socket, BFkey_type *ks, char *vptr, size_t maxlen);
+ssize_t Read(int socket, BFkey_type *ks, char *buf);
+
+int handshake(int socket, BFkey_type *ks);
+void make_random_line(char *line, int len);
+
+/* Redfinition of malloc etc */
+void *Realloc(void *ptr, size_t size);
+void *Malloc(size_t size);
+
+void strstriptail(char *str);
+char *getstrdate();
+void strrev(char *str);
diff -rpN -U 3 nrpe/include/blowfish.h gx-nrpe/include/blowfish.h
--- nrpe/include/blowfish.h Thu Jan 1 01:00:00 1970
+++ gx-nrpe/include/blowfish.h Wed Jan 14 14:58:20 2004
@@ -0,0 +1,21 @@
+#include "../include/config.h"
+
+/* Define IntU32 to be an unsigned in 32 bits long */
+typedef unsigned int IntU32 ;
+typedef unsigned char IntU8 ;
+#define NROUNDS 16
+
+/* Define IntP to be an integer which
+ is the same size as a pointer. */
+typedef unsigned long IntP ;
+
+typedef struct
+{
+ IntU32 p[2][NROUNDS+2],
+ sbox[4][256] ;
+} BFkey_type;
+
+typedef unsigned char bf_cblock[8];
+
+int blowfish_make_bfkey(unsigned char * key_string, int keylength, BFkey_type *bfkey);
+void blowfish_crypt_8bytes(bf_cblock source, bf_cblock dest, BFkey_type *bfkey, short direction);
diff -rpN -U 3 nrpe/include/config.h.in gx-nrpe/include/config.h.in
--- nrpe/include/config.h.in Wed Nov 12 23:37:48 2003
+++ gx-nrpe/include/config.h.in Wed Jan 14 14:58:20 2004
@@ -32,6 +32,8 @@
#undef ENABLE_COMMAND_ARGUMENTS
+#undef HAVE_BF
+
#undef HAVE_LIBWRAP
#undef STDC_HEADERS
diff -rpN -U 3 nrpe/src/Makefile.in gx-nrpe/src/Makefile.in
--- nrpe/src/Makefile.in Thu Oct 16 00:14:26 2003
+++ gx-nrpe/src/Makefile.in Wed Jan 14 14:58:20 2004
@@ -20,11 +20,11 @@ CP=@CP@
all: nrpe check_nrpe
-nrpe: nrpe.c utils.c $(SRC_INCLUDE)/nrpe.h $(SRC_INCLUDE)/utils.h $(SRC_INCLUDE)/common.h $(SRC_INCLUDE)/config.h
- $(CC) $(CFLAGS) -o $@ nrpe.c utils.c $(LDFLAGS) $(SOCKETLIBS) $(LIBWRAPLIBS) $(OTHERLIBS)
+nrpe: nrpe.c utils.c bf_utils.c bf_crypt.c blowfish.c $(SRC_INCLUDE)/utils.h $(SRC_INCLUDE)/nrpe.h $(SRC_INCLUDE)/bf_utils.h $(SRC_INCLUDE)/bf_crypt.h $(SRC_INCLUDE)/blowfish.h $(SRC_INCLUDE)/common.h $(SRC_INCLUDE)/config.h
+ $(CC) $(CFLAGS) -o $@ nrpe.c utils.c bf_utils.c bf_crypt.c blowfish.c $(LDFLAGS) $(SOCKETLIBS) $(LIBWRAPLIBS) $(OTHERLIBS)
-check_nrpe: check_nrpe.c utils.c $(SRC_INCLUDE)/utils.h $(SRC_INCLUDE)/common.h $(SRC_INCLUDE)/config.h
- $(CC) $(CFLAGS) -o $@ check_nrpe.c utils.c $(LDFLAGS) $(SOCKETLIBS) $(OTHERLIBS)
+check_nrpe: check_nrpe.c utils.c bf_utils.c bf_crypt.c blowfish.c $(SRC_INCLUDE)/utils.h $(SRC_INCLUDE)/bf_utils.h $(SRC_INCLUDE)/bf_crypt.h $(SRC_INCLUDE)/blowfish.h $(SRC_INCLUDE)/common.h $(SRC_INCLUDE)/config.h
+ $(CC) $(CFLAGS) -o $@ check_nrpe.c utils.c bf_utils.c bf_crypt.c blowfish.c $(LDFLAGS) $(SOCKETLIBS) $(OTHERLIBS)
clean:
rm -f core nrpe check_nrpe
diff -rpN -U 3 nrpe/src/bf_crypt.c gx-nrpe/src/bf_crypt.c
--- nrpe/src/bf_crypt.c Thu Jan 1 01:00:00 1970
+++ gx-nrpe/src/bf_crypt.c Wed Jan 14 15:17:06 2004
@@ -0,0 +1,119 @@
+/*****************************************************************************
+ Author: Stephen Strudwick
+ Department: Unix Programming Group
+ Modify Date: 09/01/2004
+ Company: Pipex Communications
+
+ Description: API for blowfish
+
+ This is basically an API for the blowfish code.
+
+******************************************************************************/
+
+#include "../include/bf_crypt.h"
+
+/*****************************************************************************
+ Description: Initialise a Blowfish key.
+ Inputs: char *key
+ Output: 0 on success
+ Negative on error
+******************************************************************************/
+
+BFkey_type *blowfish_init(char *key)
+{
+ int key_len;
+ BFkey_type * ks;
+ ks = (BFkey_type *)Malloc(8192);
+
+ if (key)
+ key_len = strlen(key);
+ else
+ return NULL;
+
+ if (key_len <8 || key_len > 56)
+ return NULL;
+
+ if (blowfish_make_bfkey(key, key_len, ks) != 0 ) {
+ return NULL;
+ }
+ return ks;
+}
+
+/*****************************************************************************
+ Description: Destroys a Blowfish key.
+ Inputs: void
+ Output: void
+******************************************************************************/
+
+void blowfish_destroy(BFkey_type *ks)
+{
+ free(ks);
+}
+
+/*****************************************************************************
+ Description: Encrypts a string of any length, the encrypted result is always
+ mod 8. If the input is not mod 8 it is padded to that length
+ before encryption.
+
+ Input is char* but output is a struct containing char* and the
+ length of the encrypted string, this is done because it is
+ possible to have NULL characters in the encrypted string, hence
+ we cant just use strlen to work out length of string.
+
+ Inputs: char *input, c_string *output
+ Output: void
+******************************************************************************/
+
+void blowfish_crypt(BFkey_type *ks, char *input, c_string *output, int len) {
+ char *ptr, buf[9];
+ int n;
+
+ if (!input)
+ return;
+
+ if ((len % 8) != 0) {
+ output->len = (floor(len / 8)+1)*8;
+ } else {
+ output->len = len;
+ }
+
+ output->c_string = (char *)Malloc(output->len+1);
+ ptr = output->c_string;
+
+ for (n=0;n<(output->len / 8);n++) {
+ memset(buf, '\0', 9); /* Set all mem space to NULL */
+ memcpy(buf, input+(n*8), 8); /* copy 8 bytes from buf into space */
+ blowfish_crypt_8bytes((unsigned char*)buf, (unsigned char*)ptr, ks, 0);
+ ptr = &output->c_string[(n+1)*8];
+ }
+ *ptr = NUL;
+}
+
+/*****************************************************************************
+ Description: Decrypts an encrypted string. The input must be mod 8 of the
+ function fails and returns NULL.
+ Inputs: char *input
+ Output: char *
+******************************************************************************/
+
+char *blowfish_decrypt(BFkey_type *ks, char *input, int len) {
+ int n;
+ char *ptr, *output, buf[9];
+
+ if ((len % 8) != 0) {
+ return NULL;
+ }
+
+ output = (char *)Malloc(len+1);
+ ptr = output;
+
+ for (n=0;n<(len / 8);n++) {
+ memcpy(buf, input+(n*8), 8);
+ buf[8] = NUL;
+ blowfish_crypt_8bytes((unsigned char*)buf, (unsigned char*)ptr, ks, 1);
+ ptr = &output[(n+1)*8];
+ }
+ *ptr = NUL;
+
+ return output;
+}
diff -rpN -U 3 nrpe/src/bf_utils.c gx-nrpe/src/bf_utils.c
--- nrpe/src/bf_utils.c Thu Jan 1 01:00:00 1970
+++ gx-nrpe/src/bf_utils.c Wed Jan 14 14:58:20 2004
@@ -0,0 +1,361 @@
+/******************************************************************************
+ Author: Stephen Strudwick
+ Department: Unix Programming Group
+ Modify Date: 09/01/2004
+ Company: Pipex Communications
+
+ Description: Blowfish util functions.
+
+ Provides functionality for an encrypted connection over a
+ TCP/IP socket using blowfish.
+
+ Provides shared keys on a per user basis.
+
+ username/password authentication has been removed to keep
+ it simple.
+
+ int bf_client_handshake(int socket, BFkey_type *ks);
+ int bf_server_handshake(int socket, BFkey_type *ks);
+
+ int bf_sendall(int socket, BFkey_type *ks, char *buf, size_t bytes);
+ ssize_t bf_recvcall(int socket, BFkey_type *ks, char *vptr, size_t bytes);
+
+******************************************************************************/
+
+#include "../include/bf_utils.h"
+
+/*****************************************************************************
+ Functions
+******************************************************************************/
+
+/*****************************************************************************
+ Function name : bf_client_handshake
+ Description : Client Performs a hanshake using the default key
+ Input Values :
+ Return Values : 0 on success
+ Negative on error
+******************************************************************************/
+
+int bf_client_handshake(int socket, BFkey_type *ks) {
+ char buf[HANDSHAKE_SIZE+1];
+
+ /* Handshake */
+ if (bf_recvall(socket, ks, buf, HANDSHAKE_SIZE) <= 0)
+ return ERROR_READLINE;
+
+ /* NULL terminate it */
+ buf[HANDSHAKE_SIZE] = '\0';
+
+ strrev(buf);
+ bf_sendall(socket, ks, buf, HANDSHAKE_SIZE);
+
+ return 0;
+}
+
+/*****************************************************************************
+ Function name : bf_server_handshake
+ Description : server side handshake
+ Inputs : int socket, BFkey_type *ks
+ Output : int (0 success or negative failure)
+******************************************************************************/
+
+int bf_server_handshake(int socket, BFkey_type *ks) {
+ if (!handshake(socket, ks)) {
+ syslog(LOG_CRIT, "CRIT: bad blowfish handshake");
+ return ERROR_HANDSHAKE;
+ } else {
+ return 0;
+ }
+}
+
+/*****************************************************************************
+ Function name : Read
+ Description : Re-implementation of read to work with encryption.
+ In encrypted mode reads MAX_STREAM_CHUNK bytes at a time,
+ blocking otherwise and decrypts the received blocks.
+ Inputs :
+ Output : ssize_t
+******************************************************************************/
+
+ssize_t Read(int socket, BFkey_type *ks, char *buf) {
+ int rc;
+ fd_set fds;
+ struct timeval tv;
+ int read_cnt = 0;
+
+ char *decrypted;
+
+ tv.tv_sec = TIMEOUT;
+ tv.tv_usec = 0;
+ FD_ZERO( &fds );
+ FD_SET( socket, &fds );
+
+ if (read_cnt <= 0) {
+ again:
+ rc = select( socket+1, &fds, 0, 0, &tv );
+ if( rc < 0 ) {
+ return -1;
+ } else if (rc ==0) {
+ return ERROR_READLINE;
+ } else {
+ if ((read_cnt = recv(socket, buf, MAX_STREAM_CHUNK, MSG_WAITALL)) < 0) {
+ if(errno == EINTR)
+ goto again;
+ return -1;
+ } else if (read_cnt == 0)
+ return 0;
+ }
+ }
+
+ buf[read_cnt] = NUL;
+
+ decrypted = blowfish_decrypt(ks, buf, read_cnt);
+ if (decrypted) {
+ memcpy(buf,decrypted,MAX_STREAM_CHUNK);
+ free(decrypted);
+ } else {
+ return ERROR_ENCRYPTION;
+ }
+
+ return read_cnt;
+}
+
+/*****************************************************************************
+ Function name : bf_recvall
+ Description : Reads a line of encrypted data from a socket. This functions
+ reads in data until len bytes are read, it breaks on nothing
+ else.
+
+ buf is populated with data read.
+
+ The data can be of any format.
+
+ Inputs : int socket, BFkey_type *ks, char *buf, size_t len
+ Output : int (Number of chars read)
+******************************************************************************/
+
+ssize_t bf_recvall(int socket, BFkey_type *ks, char *buf, size_t len) {
+ char *ptr;
+ char vptr[MAX_STREAM_CHUNK+1];
+ int tc = 0;
+ int rc = 0;
+ buf[0] = '\0';
+ ptr = buf;
+
+ /* clear the receive buffer */
+ bzero(buf,len);
+
+ while(tc < len) {
+ if ((rc = Read(socket, ks, vptr)) >= 1) {
+
+ tc += rc;
+ if (tc <= len) {
+ memcpy(ptr,vptr,MAX_STREAM_CHUNK);
+ ptr += MAX_STREAM_CHUNK;
+ } else {
+ tc = tc - (tc-len);
+ memcpy(ptr,vptr,MAX_STREAM_CHUNK - (tc-len));
+ break;
+ }
+
+ } else if (rc == 0) {
+ if (tc == 1)
+ return 0;
+ else
+ break;
+ } else
+ return -1;
+ }
+
+ return (tc);
+}
+
+/*****************************************************************************
+ Function name : bf_sendall
+ Description : Send a line of encrypted data to the client.
+ Inputs : int socket, BFkey_type *ks, char *buf, size_t bytes
+ Output : int (0 on success, negative on failure)
+******************************************************************************/
+
+int bf_sendall(int socket, BFkey_type *ks, char *buf, size_t bytes) {
+ int total=0;
+ int bytesleft=0;
+ int n=0;
+ c_string *result;
+
+ /* Encrypt it */
+ result = (c_string *)Malloc(sizeof(*result));
+ blowfish_crypt(ks, buf, result, bytes);
+ bytesleft=result->len;
+
+ /* send all the data */
+ while(total<result->len){
+
+ /* send some data */
+ n=send(socket,result->c_string+total,bytesleft,0);
+
+ /* break on error */
+ if(n==-1)
+ break;
+
+ /* apply bytes we sent */
+ total+=n;
+ bytesleft-=n;
+ }
+
+ free(result->c_string);
+ free(result);
+
+ /* return -1 on failure, 0 on success */
+ return n==-1?-1:0;
+}
+
+/*****************************************************************************
+ Function name : handshake
+ Description : creates a random string, sends it to client and waits for
+ for it to be sent back reversed. All this is done encrypted
+ with a shared key.
+ Return Values : true or false
+******************************************************************************/
+
+int handshake(int socket, BFkey_type *ks) {
+ char handshake[HANDSHAKE_SIZE+1];
+ char response[HANDSHAKE_SIZE+1];
+ int len;
+
+ /* Generate random character line of text */
+ make_random_line(handshake, HANDSHAKE_SIZE);
+
+ /* Send to client (client reverses it and sends back) */
+ bf_sendall(socket, ks, handshake, HANDSHAKE_SIZE);
+
+ /* Get it back */
+ len = bf_recvall(socket, ks, response, HANDSHAKE_SIZE);
+ if(len <= 0) {
+ syslog(LOG_WARNING, "WARNING: Error getting line from connection");
+ return(0);
+ }
+
+ /* NULL terminate it */
+ response[HANDSHAKE_SIZE] = '\0';
+
+ /* Reverse it */
+ strrev(response);
+
+ /* Verify */
+ if(strncmp(handshake, response, HANDSHAKE_SIZE) == 0)
+ return 1;
+ else
+ return 0;
+}
+
+/*****************************************************************************
+ Function name : make_random_line
+ Description : makes a random string of alphanumeric chars
+ Return Values : void, result returned in input string
+******************************************************************************/
+
+void make_random_line(char *line, int len) {
+ int n,j;
+ char salt_list[1024];
+ strncpy(salt_list, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789", 62);
+
+ srand(getpid());
+ for(n=0;n<len;n++) {
+ j=1+(int) (61.0*rand()/(RAND_MAX+1.0));
+ line[n] = salt_list[j];
+ }
+ line[n] = '\0';
+}
+
+/*****************************************************************************
+ Misc functions
+******************************************************************************/
+
+/*****************************************************************************
+ Description: Redefinition of realloc to handle errors.
+ Inputs: void *ptr, size_t size
+ Output: void
+******************************************************************************/
+
+void *Realloc(void *ptr, size_t size) {
+ void *ptr2;
+ ptr2 = realloc(ptr,size);
+ if (!ptr2) {
+ free(ptr);
+ syslog(LOG_CRIT, "CRIT: Realloc error");
+ } else {
+ ptr = ptr2;
+ return ptr;
+ }
+ return NULL;
+}
+
+/*****************************************************************************
+ Description: Redefinition of malloc to handle errors.
+ Inputs: size_t size
+ Output: void
+******************************************************************************/
+
+void *Malloc(size_t size) {
+ void *ptr;
+ ptr = malloc(size);
+ if (!ptr) {
+ syslog(LOG_CRIT, "CRIT: Malloc error");
+ } else
+ return ptr;
+ return NULL;
+}
+
+/*****************************************************************************
+ Description: Strips spaces and newlines from the end of a string.
+ Inputs: char *str
+ Output: void
+******************************************************************************/
+
+void strstriptail(char *str)
+{
+ char *p;
+
+ p = str + strlen( str ) - 1;
+
+ while( p >= str )
+ {
+ if( *p != SPACE && *p != NL)
+ {
+ p++;
+ *p = NUL;
+ break;
+ }
+ p--;
+ }
+}
+
+/*****************************************************************************
+ Description: Returns date and time into a 28 char string
+ Inputs: char *date
+ Output: void
+******************************************************************************/
+
+char *getstrdate(void) {
+ struct tm *ptr;
+ time_t now;
+ time(&now);
+
+ /* Get the time and date */
+ ptr = localtime(&now);
+ return asctime(ptr);
+}
+
+void strrev(char *str)
+{
+ char *p1, *p2;
+
+ if (! str || ! *str)
+ return;
+ for (p1 = str, p2 = str + strlen(str) - 1; p2 > p1; ++p1, --p2) {
+ *p1 ^= *p2;
+ *p2 ^= *p1;
+ *p1 ^= *p2;
+ }
+}
diff -rpN -U 3 nrpe/src/blowfish.c gx-nrpe/src/blowfish.c
--- nrpe/src/blowfish.c Thu Jan 1 01:00:00 1970
+++ gx-nrpe/src/blowfish.c Wed Jan 14 14:58:20 2004
@@ -0,0 +1,460 @@
+#include "../include/blowfish.h"
+
+/*
+ * blowfish.c : Source code for the Blowfish block cipher
+ *
+ * Part of the Python Cryptography Toolkit, version 1.0.0
+ *
+ * Copyright (C) 1995, A.M. Kuchling
+ *
+ * Distribute and use freely; there are no restrictions on further
+ * dissemination and usage except those imposed by the laws of your
+ * country of residence.
+ *
+ */
+
+/*************************************************************************/
+/* File: bf.c
+ Blowfish cipher by Bruce Schneier,
+ Code by Bryan Olson, based partly on Schneier's.
+*/
+
+/* File bfinit.h
+ Data to initialize P and S in BlowFish.
+*/
+
+static IntU32 p_init[NROUNDS+2] =
+{
+ 608135816UL, 2242054355UL, 320440878UL, 57701188UL,
+ 2752067618UL, 698298832UL, 137296536UL, 3964562569UL,
+ 1160258022UL, 953160567UL, 3193202383UL, 887688300UL,
+ 3232508343UL, 3380367581UL, 1065670069UL, 3041331479UL,
+ 2450970073UL, 2306472731UL
+} ;
+
+static IntU32 s_init[4][256] = {
+ {3509652390UL, 2564797868UL, 805139163UL, 3491422135UL,
+ 3101798381UL, 1780907670UL, 3128725573UL, 4046225305UL,
+ 614570311UL, 3012652279UL, 134345442UL, 2240740374UL,
+ 1667834072UL, 1901547113UL, 2757295779UL, 4103290238UL,
+ 227898511UL, 1921955416UL, 1904987480UL, 2182433518UL,
+ 2069144605UL, 3260701109UL, 2620446009UL, 720527379UL,
+ 3318853667UL, 677414384UL, 3393288472UL, 3101374703UL,
+ 2390351024UL, 1614419982UL, 1822297739UL, 2954791486UL,
+ 3608508353UL, 3174124327UL, 2024746970UL, 1432378464UL,
+ 3864339955UL, 2857741204UL, 1464375394UL, 1676153920UL,
+ 1439316330UL, 715854006UL, 3033291828UL, 289532110UL,
+ 2706671279UL, 2087905683UL, 3018724369UL, 1668267050UL,
+ 732546397UL, 1947742710UL, 3462151702UL, 2609353502UL,
+ 2950085171UL, 1814351708UL, 2050118529UL, 680887927UL,
+ 999245976UL, 1800124847UL, 3300911131UL, 1713906067UL,
+ 1641548236UL, 4213287313UL, 1216130144UL, 1575780402UL,
+ 4018429277UL, 3917837745UL, 3693486850UL, 3949271944UL,
+ 596196993UL, 3549867205UL, 258830323UL, 2213823033UL,
+ 772490370UL, 2760122372UL, 1774776394UL, 2652871518UL,
+ 566650946UL, 4142492826UL, 1728879713UL, 2882767088UL,
+ 1783734482UL, 3629395816UL, 2517608232UL, 2874225571UL,
+ 1861159788UL, 326777828UL, 3124490320UL, 2130389656UL,
+ 2716951837UL, 967770486UL, 1724537150UL, 2185432712UL,
+ 2364442137UL, 1164943284UL, 2105845187UL, 998989502UL,
+ 3765401048UL, 2244026483UL, 1075463327UL, 1455516326UL,
+ 1322494562UL, 910128902UL, 469688178UL, 1117454909UL,
+ 936433444UL, 3490320968UL, 3675253459UL, 1240580251UL,
+ 122909385UL, 2157517691UL, 634681816UL, 4142456567UL,
+ 3825094682UL, 3061402683UL, 2540495037UL, 79693498UL,
+ 3249098678UL, 1084186820UL, 1583128258UL, 426386531UL,
+ 1761308591UL, 1047286709UL, 322548459UL, 995290223UL,
+ 1845252383UL, 2603652396UL, 3431023940UL, 2942221577UL,
+ 3202600964UL, 3727903485UL, 1712269319UL, 422464435UL,
+ 3234572375UL, 1170764815UL, 3523960633UL, 3117677531UL,
+ 1434042557UL, 442511882UL, 3600875718UL, 1076654713UL,
+ 1738483198UL, 4213154764UL, 2393238008UL, 3677496056UL,
+ 1014306527UL, 4251020053UL, 793779912UL, 2902807211UL,
+ 842905082UL, 4246964064UL, 1395751752UL, 1040244610UL,
+ 2656851899UL, 3396308128UL, 445077038UL, 3742853595UL,
+ 3577915638UL, 679411651UL, 2892444358UL, 2354009459UL,
+ 1767581616UL, 3150600392UL, 3791627101UL, 3102740896UL,
+ 284835224UL, 4246832056UL, 1258075500UL, 768725851UL,
+ 2589189241UL, 3069724005UL, 3532540348UL, 1274779536UL,
+ 3789419226UL, 2764799539UL, 1660621633UL, 3471099624UL,
+ 4011903706UL, 913787905UL, 3497959166UL, 737222580UL,
+ 2514213453UL, 2928710040UL, 3937242737UL, 1804850592UL,
+ 3499020752UL, 2949064160UL, 2386320175UL, 2390070455UL,
+ 2415321851UL, 4061277028UL, 2290661394UL, 2416832540UL,
+ 1336762016UL, 1754252060UL, 3520065937UL, 3014181293UL,
+ 791618072UL, 3188594551UL, 3933548030UL, 2332172193UL,
+ 3852520463UL, 3043980520UL, 413987798UL, 3465142937UL,
+ 3030929376UL, 4245938359UL, 2093235073UL, 3534596313UL,
+ 375366246UL, 2157278981UL, 2479649556UL, 555357303UL,
+ 3870105701UL, 2008414854UL, 3344188149UL, 4221384143UL,
+ 3956125452UL, 2067696032UL, 3594591187UL, 2921233993UL,
+ 2428461UL, 544322398UL, 577241275UL, 1471733935UL,
+ 610547355UL, 4027169054UL, 1432588573UL, 1507829418UL,
+ 2025931657UL, 3646575487UL, 545086370UL, 48609733UL,
+ 2200306550UL, 1653985193UL, 298326376UL, 1316178497UL,
+ 3007786442UL, 2064951626UL, 458293330UL, 2589141269UL,
+ 3591329599UL, 3164325604UL, 727753846UL, 2179363840UL,
+ 146436021UL, 1461446943UL, 4069977195UL, 705550613UL,
+ 3059967265UL, 3887724982UL, 4281599278UL, 3313849956UL,
+ 1404054877UL, 2845806497UL, 146425753UL, 1854211946UL},
+
+{ 1266315497UL, 3048417604UL, 3681880366UL, 3289982499UL,
+ 2909710000UL, 1235738493UL, 2632868024UL, 2414719590UL,
+ 3970600049UL, 1771706367UL, 1449415276UL, 3266420449UL,
+ 422970021UL, 1963543593UL, 2690192192UL, 3826793022UL,
+ 1062508698UL, 1531092325UL, 1804592342UL, 2583117782UL,
+ 2714934279UL, 4024971509UL, 1294809318UL, 4028980673UL,
+ 1289560198UL, 2221992742UL, 1669523910UL, 35572830UL,
+ 157838143UL, 1052438473UL, 1016535060UL, 1802137761UL,
+ 1753167236UL, 1386275462UL, 3080475397UL, 2857371447UL,
+ 1040679964UL, 2145300060UL, 2390574316UL, 1461121720UL,
+ 2956646967UL, 4031777805UL, 4028374788UL, 33600511UL,
+ 2920084762UL, 1018524850UL, 629373528UL, 3691585981UL,
+ 3515945977UL, 2091462646UL, 2486323059UL, 586499841UL,
+ 988145025UL, 935516892UL, 3367335476UL, 2599673255UL,
+ 2839830854UL, 265290510UL, 3972581182UL, 2759138881UL,
+ 3795373465UL, 1005194799UL, 847297441UL, 406762289UL,
+ 1314163512UL, 1332590856UL, 1866599683UL, 4127851711UL,
+ 750260880UL, 613907577UL, 1450815602UL, 3165620655UL,
+ 3734664991UL, 3650291728UL, 3012275730UL, 3704569646UL,
+ 1427272223UL, 778793252UL, 1343938022UL, 2676280711UL,
+ 2052605720UL, 1946737175UL, 3164576444UL, 3914038668UL,
+ 3967478842UL, 3682934266UL, 1661551462UL, 3294938066UL,
+ 4011595847UL, 840292616UL, 3712170807UL, 616741398UL,
+ 312560963UL, 711312465UL, 1351876610UL, 322626781UL,
+ 1910503582UL, 271666773UL, 2175563734UL, 1594956187UL,
+ 70604529UL, 3617834859UL, 1007753275UL, 1495573769UL,
+ 4069517037UL, 2549218298UL, 2663038764UL, 504708206UL,
+ 2263041392UL, 3941167025UL, 2249088522UL, 1514023603UL,
+ 1998579484UL, 1312622330UL, 694541497UL, 2582060303UL,
+ 2151582166UL, 1382467621UL, 776784248UL, 2618340202UL,
+ 3323268794UL, 2497899128UL, 2784771155UL, 503983604UL,
+ 4076293799UL, 907881277UL, 423175695UL, 432175456UL,
+ 1378068232UL, 4145222326UL, 3954048622UL, 3938656102UL,
+ 3820766613UL, 2793130115UL, 2977904593UL, 26017576UL,
+ 3274890735UL, 3194772133UL, 1700274565UL, 1756076034UL,
+ 4006520079UL, 3677328699UL, 720338349UL, 1533947780UL,
+ 354530856UL, 688349552UL, 3973924725UL, 1637815568UL,
+ 332179504UL, 3949051286UL, 53804574UL, 2852348879UL,
+ 3044236432UL, 1282449977UL, 3583942155UL, 3416972820UL,
+ 4006381244UL, 1617046695UL, 2628476075UL, 3002303598UL,
+ 1686838959UL, 431878346UL, 2686675385UL, 1700445008UL,
+ 1080580658UL, 1009431731UL, 832498133UL, 3223435511UL,
+ 2605976345UL, 2271191193UL, 2516031870UL, 1648197032UL,
+ 4164389018UL, 2548247927UL, 300782431UL, 375919233UL,
+ 238389289UL, 3353747414UL, 2531188641UL, 2019080857UL,
+ 1475708069UL, 455242339UL, 2609103871UL, 448939670UL,
+ 3451063019UL, 1395535956UL, 2413381860UL, 1841049896UL,
+ 1491858159UL, 885456874UL, 4264095073UL, 4001119347UL,
+ 1565136089UL, 3898914787UL, 1108368660UL, 540939232UL,
+ 1173283510UL, 2745871338UL, 3681308437UL, 4207628240UL,
+ 3343053890UL, 4016749493UL, 1699691293UL, 1103962373UL,
+ 3625875870UL, 2256883143UL, 3830138730UL, 1031889488UL,
+ 3479347698UL, 1535977030UL, 4236805024UL, 3251091107UL,
+ 2132092099UL, 1774941330UL, 1199868427UL, 1452454533UL,
+ 157007616UL, 2904115357UL, 342012276UL, 595725824UL,
+ 1480756522UL, 206960106UL, 497939518UL, 591360097UL,
+ 863170706UL, 2375253569UL, 3596610801UL, 1814182875UL,
+ 2094937945UL, 3421402208UL, 1082520231UL, 3463918190UL,
+ 2785509508UL, 435703966UL, 3908032597UL, 1641649973UL,
+ 2842273706UL, 3305899714UL, 1510255612UL, 2148256476UL,
+ 2655287854UL, 3276092548UL, 4258621189UL, 236887753UL,
+ 3681803219UL, 274041037UL, 1734335097UL, 3815195456UL,
+ 3317970021UL, 1899903192UL, 1026095262UL, 4050517792UL,
+ 356393447UL, 2410691914UL, 3873677099UL, 3682840055UL},
+
+{ 3913112168UL, 2491498743UL, 4132185628UL, 2489919796UL,
+ 1091903735UL, 1979897079UL, 3170134830UL, 3567386728UL,
+ 3557303409UL, 857797738UL, 1136121015UL, 1342202287UL,
+ 507115054UL, 2535736646UL, 337727348UL, 3213592640UL,
+ 1301675037UL, 2528481711UL, 1895095763UL, 1721773893UL,
+ 3216771564UL, 62756741UL, 2142006736UL, 835421444UL,
+ 2531993523UL, 1442658625UL, 3659876326UL, 2882144922UL,
+ 676362277UL, 1392781812UL, 170690266UL, 3921047035UL,
+ 1759253602UL, 3611846912UL, 1745797284UL, 664899054UL,
+ 1329594018UL, 3901205900UL, 3045908486UL, 2062866102UL,
+ 2865634940UL, 3543621612UL, 3464012697UL, 1080764994UL,
+ 553557557UL, 3656615353UL, 3996768171UL, 991055499UL,
+ 499776247UL, 1265440854UL, 648242737UL, 3940784050UL,
+ 980351604UL, 3713745714UL, 1749149687UL, 3396870395UL,
+ 4211799374UL, 3640570775UL, 1161844396UL, 3125318951UL,
+ 1431517754UL, 545492359UL, 4268468663UL, 3499529547UL,
+ 1437099964UL, 2702547544UL, 3433638243UL, 2581715763UL,
+ 2787789398UL, 1060185593UL, 1593081372UL, 2418618748UL,
+ 4260947970UL, 69676912UL, 2159744348UL, 86519011UL,
+ 2512459080UL, 3838209314UL, 1220612927UL, 3339683548UL,
+ 133810670UL, 1090789135UL, 1078426020UL, 1569222167UL,
+ 845107691UL, 3583754449UL, 4072456591UL, 1091646820UL,
+ 628848692UL, 1613405280UL, 3757631651UL, 526609435UL,
+ 236106946UL, 48312990UL, 2942717905UL, 3402727701UL,
+ 1797494240UL, 859738849UL, 992217954UL, 4005476642UL,
+ 2243076622UL, 3870952857UL, 3732016268UL, 765654824UL,
+ 3490871365UL, 2511836413UL, 1685915746UL, 3888969200UL,
+ 1414112111UL, 2273134842UL, 3281911079UL, 4080962846UL,
+ 172450625UL, 2569994100UL, 980381355UL, 4109958455UL,
+ 2819808352UL, 2716589560UL, 2568741196UL, 3681446669UL,
+ 3329971472UL, 1835478071UL, 660984891UL, 3704678404UL,
+ 4045999559UL, 3422617507UL, 3040415634UL, 1762651403UL,
+ 1719377915UL, 3470491036UL, 2693910283UL, 3642056355UL,
+ 3138596744UL, 1364962596UL, 2073328063UL, 1983633131UL,
+ 926494387UL, 3423689081UL, 2150032023UL, 4096667949UL,
+ 1749200295UL, 3328846651UL, 309677260UL, 2016342300UL,
+ 1779581495UL, 3079819751UL, 111262694UL, 1274766160UL,
+ 443224088UL, 298511866UL, 1025883608UL, 3806446537UL,
+ 1145181785UL, 168956806UL, 3641502830UL, 3584813610UL,
+ 1689216846UL, 3666258015UL, 3200248200UL, 1692713982UL,
+ 2646376535UL, 4042768518UL, 1618508792UL, 1610833997UL,
+ 3523052358UL, 4130873264UL, 2001055236UL, 3610705100UL,
+ 2202168115UL, 4028541809UL, 2961195399UL, 1006657119UL,
+ 2006996926UL, 3186142756UL, 1430667929UL, 3210227297UL,
+ 1314452623UL, 4074634658UL, 4101304120UL, 2273951170UL,
+ 1399257539UL, 3367210612UL, 3027628629UL, 1190975929UL,
+ 2062231137UL, 2333990788UL, 2221543033UL, 2438960610UL,
+ 1181637006UL, 548689776UL, 2362791313UL, 3372408396UL,
+ 3104550113UL, 3145860560UL, 296247880UL, 1970579870UL,
+ 3078560182UL, 3769228297UL, 1714227617UL, 3291629107UL,
+ 3898220290UL, 166772364UL, 1251581989UL, 493813264UL,
+ 448347421UL, 195405023UL, 2709975567UL, 677966185UL,
+ 3703036547UL, 1463355134UL, 2715995803UL, 1338867538UL,
+ 1343315457UL, 2802222074UL, 2684532164UL, 233230375UL,
+ 2599980071UL, 2000651841UL, 3277868038UL, 1638401717UL,
+ 4028070440UL, 3237316320UL, 6314154UL, 819756386UL,
+ 300326615UL, 590932579UL, 1405279636UL, 3267499572UL,
+ 3150704214UL, 2428286686UL, 3959192993UL, 3461946742UL,
+ 1862657033UL, 1266418056UL, 963775037UL, 2089974820UL,
+ 2263052895UL, 1917689273UL, 448879540UL, 3550394620UL,
+ 3981727096UL, 150775221UL, 3627908307UL, 1303187396UL,
+ 508620638UL, 2975983352UL, 2726630617UL, 1817252668UL,
+ 1876281319UL, 1457606340UL, 908771278UL, 3720792119UL,
+ 3617206836UL, 2455994898UL, 1729034894UL, 1080033504UL},
+
+{ 976866871UL, 3556439503UL, 2881648439UL, 1522871579UL,
+ 1555064734UL, 1336096578UL, 3548522304UL, 2579274686UL,
+ 3574697629UL, 3205460757UL, 3593280638UL, 3338716283UL,
+ 3079412587UL, 564236357UL, 2993598910UL, 1781952180UL,
+ 1464380207UL, 3163844217UL, 3332601554UL, 1699332808UL,
+ 1393555694UL, 1183702653UL, 3581086237UL, 1288719814UL,
+ 691649499UL, 2847557200UL, 2895455976UL, 3193889540UL,
+ 2717570544UL, 1781354906UL, 1676643554UL, 2592534050UL,
+ 3230253752UL, 1126444790UL, 2770207658UL, 2633158820UL,
+ 2210423226UL, 2615765581UL, 2414155088UL, 3127139286UL,
+ 673620729UL, 2805611233UL, 1269405062UL, 4015350505UL,
+ 3341807571UL, 4149409754UL, 1057255273UL, 2012875353UL,
+ 2162469141UL, 2276492801UL, 2601117357UL, 993977747UL,
+ 3918593370UL, 2654263191UL, 753973209UL, 36408145UL,
+ 2530585658UL, 25011837UL, 3520020182UL, 2088578344UL,
+ 530523599UL, 2918365339UL, 1524020338UL, 1518925132UL,
+ 3760827505UL, 3759777254UL, 1202760957UL, 3985898139UL,
+ 3906192525UL, 674977740UL, 4174734889UL, 2031300136UL,
+ 2019492241UL, 3983892565UL, 4153806404UL, 3822280332UL,
+ 352677332UL, 2297720250UL, 60907813UL, 90501309UL,
+ 3286998549UL, 1016092578UL, 2535922412UL, 2839152426UL,
+ 457141659UL, 509813237UL, 4120667899UL, 652014361UL,
+ 1966332200UL, 2975202805UL, 55981186UL, 2327461051UL,
+ 676427537UL, 3255491064UL, 2882294119UL, 3433927263UL,
+ 1307055953UL, 942726286UL, 933058658UL, 2468411793UL,
+ 3933900994UL, 4215176142UL, 1361170020UL, 2001714738UL,
+ 2830558078UL, 3274259782UL, 1222529897UL, 1679025792UL,
+ 2729314320UL, 3714953764UL, 1770335741UL, 151462246UL,
+ 3013232138UL, 1682292957UL, 1483529935UL, 471910574UL,
+ 1539241949UL, 458788160UL, 3436315007UL, 1807016891UL,
+ 3718408830UL, 978976581UL, 1043663428UL, 3165965781UL,
+ 1927990952UL, 4200891579UL, 2372276910UL, 3208408903UL,
+ 3533431907UL, 1412390302UL, 2931980059UL, 4132332400UL,
+ 1947078029UL, 3881505623UL, 4168226417UL, 2941484381UL,
+ 1077988104UL, 1320477388UL, 886195818UL, 18198404UL,
+ 3786409000UL, 2509781533UL, 112762804UL, 3463356488UL,
+ 1866414978UL, 891333506UL, 18488651UL, 661792760UL,
+ 1628790961UL, 3885187036UL, 3141171499UL, 876946877UL,
+ 2693282273UL, 1372485963UL, 791857591UL, 2686433993UL,
+ 3759982718UL, 3167212022UL, 3472953795UL, 2716379847UL,
+ 445679433UL, 3561995674UL, 3504004811UL, 3574258232UL,
+ 54117162UL, 3331405415UL, 2381918588UL, 3769707343UL,
+ 4154350007UL, 1140177722UL, 4074052095UL, 668550556UL,
+ 3214352940UL, 367459370UL, 261225585UL, 2610173221UL,
+ 4209349473UL, 3468074219UL, 3265815641UL, 314222801UL,
+ 3066103646UL, 3808782860UL, 282218597UL, 3406013506UL,
+ 3773591054UL, 379116347UL, 1285071038UL, 846784868UL,
+ 2669647154UL, 3771962079UL, 3550491691UL, 2305946142UL,
+ 453669953UL, 1268987020UL, 3317592352UL, 3279303384UL,
+ 3744833421UL, 2610507566UL, 3859509063UL, 266596637UL,
+ 3847019092UL, 517658769UL, 3462560207UL, 3443424879UL,
+ 370717030UL, 4247526661UL, 2224018117UL, 4143653529UL,
+ 4112773975UL, 2788324899UL, 2477274417UL, 1456262402UL,
+ 2901442914UL, 1517677493UL, 1846949527UL, 2295493580UL,
+ 3734397586UL, 2176403920UL, 1280348187UL, 1908823572UL,
+ 3871786941UL, 846861322UL, 1172426758UL, 3287448474UL,
+ 3383383037UL, 1655181056UL, 3139813346UL, 901632758UL,
+ 1897031941UL, 2986607138UL, 3066810236UL, 3447102507UL,
+ 1393639104UL, 373351379UL, 950779232UL, 625454576UL,
+ 3124240540UL, 4148612726UL, 2007998917UL, 544563296UL,
+ 2244738638UL, 2330496472UL, 2058025392UL, 1291430526UL,
+ 424198748UL, 50039436UL, 29584100UL, 3605783033UL,
+ 2429876329UL, 2791104160UL, 1057563949UL, 3255363231UL,
+ 3075367218UL, 3463963227UL, 1469046755UL, 985887462UL}
+} ;
+
+/* sLb(s,n) allows us to subsript s by byte offsets, which
+ allows us to avoid a subscript scaling.
+*/
+#define sub(s,n) *((IntU32 *)((IntP)s+(n)))
+
+/* Below is one BlowFish round including the F function
+*/
+#define round(l,r,n) \
+ l ^= P[n]; \
+ r ^= ( (sub(S[0],l>>22 & 0x3fc) + sub(S[1],l>>14 & 0x3fc)) \
+ ^ sub(S[2],l>>6 & 0x3fc) ) +S[3][l & 0xff]
+
+
+
+/* This function requires the block to be two 32 bit integers, in
+whatever endian form the machine uses. On little endian machines
+use crypt_8bytes() on user data. make_bfkey should call crypt_block
+on either endian machine. Pass direction 0 to encrypt, 1 to decrypt.
+*/
+static void crypt_block(block, bfkey, direction)
+ IntU32 block[2];
+ BFkey_type *bfkey;
+ short direction;
+{
+ register IntU32 left, right,
+ (*S)[256],
+ *P ;
+
+ left = block[0] ; right = block[1] ;
+
+ S = bfkey->sbox ;
+ P = bfkey->p[direction] ;
+
+ round( left, right, 0 ) ; round( right, left, 1 ) ;
+ round( left, right, 2 ) ; round( right, left, 3 ) ;
+ round( left, right, 4 ) ; round( right, left, 5 ) ;
+ round( left, right, 6 ) ; round( right, left, 7 ) ;
+ round( left, right, 8 ) ; round( right, left, 9 ) ;
+ round( left, right, 10 ) ; round( right, left, 11 ) ;
+ round( left, right, 12 ) ; round( right, left, 13 ) ;
+ round( left, right, 14 ) ; round( right, left, 15 ) ;
+
+ left = left ^ P[NROUNDS] ;
+ right = right ^ P[NROUNDS+1] ;
+ block[0] = right ;
+ block[1] = left ;
+}
+
+/* The following should be allignment and endian independent.
+ I have not tested it on a little-endian machine.
+ It takes the input block from source, and puts the output
+ in dest. They can be the same. It takes the same direction
+ parameter as crypt_block().
+*/
+void
+blowfish_crypt_8bytes(source, dest, bfkey, direction)
+ IntU8 *source, *dest;
+ BFkey_type *bfkey;
+ short direction;
+{
+ IntU32 block[2] ;
+
+ block[0] = source[3] | source[2]<<8 | source[1]<<16 | source[0]<<24 ;
+ block[1] = source[7] | source[6]<<8 | source[5]<<16 | source[4]<<24 ;
+
+ crypt_block( block, bfkey, direction ) ;
+
+ dest[0]= block[0]>>24 ;
+ dest[1]= block[0]>>16 & 0xff ;
+ dest[2]= block[0]>>8 & 0xff ;
+ dest[3]= block[0] & 0xff ;
+ dest[4]= block[1]>>24 ;
+ dest[5]= block[1]>>16 & 0xff ;
+ dest[6]= block[1]>> 8 & 0xff ;
+ dest[7]= block[1] & 0xff ;
+}
+
+/* make_bfkey() takes the address of the key data as a char*,
+ and the length of the key in bytes. It generates and returns
+ a pointer to an object of BFkey_type, which can be passed
+ to the crypt functions. It does some simple testing of the
+ init data and crypt routine, and returns 0 on error.
+*/
+int
+blowfish_make_bfkey(key_string, keylength, bfkey)
+ unsigned char *key_string;
+ int keylength;
+ BFkey_type *bfkey;
+{
+ int i, j, k ;
+ IntU32 dspace[2],
+ checksum=0 ;
+
+ /* Copy constant initial data to P vector */
+ for( i=0 ; i<NROUNDS+2 ; ++i )
+ {
+ bfkey->p[0][i] = p_init[i] ;
+ bfkey->p[1][NROUNDS+1-i] = p_init[i] ;
+ checksum = (checksum<<1 | checksum>>31)+p_init[i] ;
+ }
+
+ /* Copy constant initial data to sboxes */
+ for( i=0 ; i<4 ; ++i )
+ for( j=0 ; j<256 ; ++j )
+ {
+ bfkey->sbox[i][j] = s_init[i][j] ;
+ checksum = ((checksum*13)<<11 | (checksum*13)>>21)
+ + s_init[i][j] ;
+ }
+
+ /* Test init data. */
+ if( checksum != 0x55861a61 )
+ {
+ strcpy((char *)bfkey, "Bad initialization data");
+ return -1;
+ }
+
+ dspace[0] = 0 ;
+ dspace[1] = 0 ;
+
+ /* Test the crypt_block() routine. */
+ for( i=0 ; i<10 ; ++i )
+ crypt_block( dspace, bfkey, 0 ) ;
+ checksum = dspace[0] ;
+ for( i=0 ; i<10 ; ++i )
+ crypt_block( dspace, bfkey, 1 ) ;
+ if( (checksum!=0xaafe4ebd) || dspace[0] || dspace[1] )
+ {
+ strcpy((char *)bfkey, "Error in crypt_block routine");
+ return -1;
+ }
+
+
+ /* Xor key string into encryption key vector */
+ j = 0 ;
+ for (i=0 ; i<NROUNDS+2 ; ++i)
+ {
+ IntU32 data;
+ data = 0 ;
+ for (k=0 ; k<4 ; ++k )
+ data = (data << 8) | key_string[j++ % keylength];
+ (bfkey->p)[0][i] ^= data;
+ }
+
+
+ for (i = 0 ; i<NROUNDS+2 ; i+=2)
+ {
+ crypt_block( dspace, bfkey, 0 ) ;
+ bfkey->p[0][i] = dspace[0] ;
+ bfkey->p[1][NROUNDS+1-i] = dspace[0] ;
+ bfkey->p[0][i+1] = dspace[1] ;
+ bfkey->p[1][NROUNDS-i] = dspace[1] ;
+ }
+
+ for ( i=0 ; i<4 ; ++i )
+ for ( j=0 ; j<256 ; j+=2 )
+ {
+ crypt_block( dspace, bfkey, 0 ) ;
+ bfkey->sbox[i][j] = dspace[0] ;
+ bfkey->sbox[i][j+1] = dspace[1] ;
+ }
+
+ return 0;
+}
diff -rpN -U 3 nrpe/src/check_nrpe.c gx-nrpe/src/check_nrpe.c
--- nrpe/src/check_nrpe.c Thu Oct 16 00:14:27 2003
+++ gx-nrpe/src/check_nrpe.c Wed Jan 14 14:58:20 2004
@@ -4,7 +4,7 @@
* Copyright (c) 1999-2003 Ethan Galstad (nagios at nagios.org)
* License: GPL
*
- * Last Modified: 10-14-2003
+ * Last Modified: 09-08-2003
*
* Command line: CHECK_NRPE -H <host_address> [-p port] [-c command] [-to to_sec]
*
@@ -21,6 +21,9 @@
#include "../include/config.h"
#include "../include/utils.h"
+#ifdef HAVE_BF
+#include "../include/bf_utils.h"
+#endif
#define DEFAULT_NRPE_COMMAND "_NRPE_CHECK" /* check version of NRPE daemon */
@@ -36,22 +39,32 @@ int show_help=FALSE;
int show_license=FALSE;
int show_version=FALSE;
+#ifdef HAVE_BF
+char *blowfish_secret=NULL;
+BFkey_type *blowfish_key; /* easiest to have this global, saves changing function definitions */
+#endif
+
+/* use SSL or Blowfish, if both defined default to SSL */
+
#ifdef HAVE_SSL
SSL_METHOD *meth;
SSL_CTX *ctx;
SSL *ssl;
int use_ssl=TRUE;
+int use_bf=FALSE;
+#else
+#ifdef HAVE_BF
+int use_bf=TRUE;
#else
+int use_bf=FALSE;
+#endif
int use_ssl=FALSE;
#endif
-
int process_arguments(int,char **);
void alarm_handler(int);
-
-
int main(int argc, char **argv){
u_int32_t packet_crc32;
u_int32_t calculated_crc32;
@@ -75,20 +88,33 @@ int main(int argc, char **argv){
printf("Last Modified: %s\n",MODIFICATION_DATE);
printf("License: GPL with exemptions (-l for more info)\n");
#ifdef HAVE_SSL
- printf("SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required\n");
+ if(use_ssl==TRUE) {
+ printf("SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required\n");
+ }
+#endif
+#ifdef HAVE_BF
+ if(use_bf==TRUE) {
+ printf("Blowfish encryption Available\n");
+ }
#endif
printf("\n");
}
if(result!=OK || show_help==TRUE){
-
+#ifndef HAVE_BF
printf("Usage: check_nrpe -H <host> [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>]\n");
+#else
+ printf("Usage: check_nrpe -H <host> [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>] [-s <secret>]\n");
+#endif
printf("\n");
printf("Options:\n");
printf(" <host> = The address of the host running the NRPE daemon\n");
printf(" [port] = The port on which the daemon is running (default=%d)\n",DEFAULT_SERVER_PORT);
printf(" [timeout] = Number of seconds before connection times out (default=%d)\n",DEFAULT_SOCKET_TIMEOUT);
printf(" [command] = The name of the command that the remote daemon should run\n");
+#ifdef HAVE_BF
+ printf(" [secret] = Blowfish secret, minimum 8 chars, maximum 56\n");
+#endif
printf(" [arglist] = Optional arguments that should be passed to the command. Multiple\n");
printf(" arguments should be separated by a space. If provided, this must be\n");
printf(" the last option supplied on the command line.\n");
@@ -128,6 +154,22 @@ int main(int argc, char **argv){
}
#endif
+#ifdef HAVE_BF
+ /* initialize Blowfish */
+ if(use_bf==TRUE){
+
+ /* Setup BF key */
+ blowfish_key = (BFkey_type *)blowfish_init(blowfish_secret);
+
+ if (!blowfish_key) {
+ printf("CHECK_NRPE: Error - could not create Blowfish key. Using key: %s\n", blowfish_secret);
+ free(blowfish_key);
+ exit(STATE_CRITICAL);
+ }
+ }
+#endif
+
+
/* initialize alarm signal handling */
signal(SIGALRM,alarm_handler);
@@ -172,6 +214,23 @@ int main(int argc, char **argv){
}
#endif
+#ifdef HAVE_BF
+ /* do Blowfish handshake */
+ if(result==STATE_OK && use_bf==TRUE){
+ if (bf_client_handshake(sd, blowfish_key) != 0){
+ printf("CHECK_NRPE: Error - Could not complete Blowfish handshake.\n");
+ result=STATE_CRITICAL;
+ }
+
+ /* bail if we had errors */
+ if(result!=STATE_OK){
+ free(blowfish_key);
+ close(sd);
+ exit(result);
+ }
+ }
+#endif
+
/* we're connected and ready to go */
if(result==STATE_OK){
@@ -192,21 +251,27 @@ int main(int argc, char **argv){
calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet));
send_packet.crc32_value=(u_int32_t)htonl(calculated_crc32);
-
/***** ENCRYPT REQUEST *****/
-
/* send the packet */
bytes_to_send=sizeof(send_packet);
- if(use_ssl==FALSE)
+ if(use_ssl==FALSE && use_bf==FALSE)
rc=sendall(sd,(char *)&send_packet,&bytes_to_send);
#ifdef HAVE_SSL
- else{
+ else if (use_ssl=TRUE){
rc=SSL_write(ssl,&send_packet,bytes_to_send);
if(rc<0)
rc=-1;
}
#endif
+#ifdef HAVE_BF
+ else if (use_bf=TRUE) {
+ rc=bf_sendall(sd,blowfish_key,(char *)&send_packet,bytes_to_send);
+ if(rc<0)
+ rc=-1;
+ }
+#endif
+
if(rc==-1){
printf("CHECK_NRPE: Error sending query to host.\n");
close(sd);
@@ -215,13 +280,18 @@ int main(int argc, char **argv){
/* wait for the response packet */
bytes_to_recv=sizeof(receive_packet);
- if(use_ssl==FALSE)
+ if(use_ssl==FALSE && use_bf==FALSE)
rc=recvall(sd,(char *)&receive_packet,&bytes_to_recv,socket_timeout);
#ifdef HAVE_SSL
- else
- rc=SSL_read(ssl,&receive_packet,bytes_to_recv);
+ else if (use_ssl==TRUE)
+ rc=SSL_read(ssl,&receive_packet,bytes_to_recv);
+#endif
+#ifdef HAVE_BF
+ else if (use_bf==TRUE)
+ rc=bf_recvall(sd, blowfish_key,(char *) &receive_packet,bytes_to_recv);
#endif
+
/* reset timeout */
alarm(0);
@@ -233,6 +303,12 @@ int main(int argc, char **argv){
SSL_CTX_free(ctx);
}
#endif
+
+#ifdef HAVE_BF
+ if(use_bf==TRUE)
+ free(blowfish_key);
+#endif
+
close(sd);
/* recv() error */
@@ -327,7 +403,11 @@ int process_arguments(int argc, char **a
if(argc<2)
return ERROR;
+#ifndef HAVE_BF
snprintf(optchars,MAX_INPUT_BUFFER,"H:c:a:t:p:nhl");
+#else
+ snprintf(optchars,MAX_INPUT_BUFFER,"H:c:a:t:p:s:nhl");
+#endif
while(1){
#ifdef HAVE_GETOPT_H
@@ -373,6 +453,11 @@ int process_arguments(int argc, char **a
case 'n':
use_ssl=FALSE;
break;
+#ifdef HAVE_BF
+ case 's':
+ blowfish_secret=strdup(optarg);
+ break;
+#endif
default:
return ERROR;
break;
diff -rpN -U 3 nrpe/src/nrpe.c gx-nrpe/src/nrpe.c
--- nrpe/src/nrpe.c Sat Oct 25 00:55:14 2003
+++ gx-nrpe/src/nrpe.c Wed Jan 14 15:14:50 2004
@@ -27,6 +27,10 @@
#include "../include/dh.h"
#endif
+#ifdef HAVE_BF
+#include "../include/bf_utils.h"
+#endif
+
#ifdef HAVE_LIBWRAP
int allow_severity=LOG_INFO;
int deny_severity=LOG_WARNING;
@@ -78,11 +82,23 @@ int show_version=FALSE;
int use_inetd=TRUE;
int debug=FALSE;
+#ifdef HAVE_BF
+char *blowfish_secret=NULL;
+#endif
+
+/* use SSL or Blowfish, if both defined default to SSL */
+
#ifdef HAVE_SSL
SSL_METHOD *meth;
SSL_CTX *ctx;
int use_ssl=TRUE;
+int use_bf=FALSE;
+#else
+#ifdef HAVE_BF
+int use_bf=TRUE;
#else
+int use_bf=FALSE;
+#endif
int use_ssl=FALSE;
#endif
@@ -109,6 +125,10 @@ int main(int argc, char **argv){
#ifdef HAVE_SSL
printf("SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required\n");
#endif
+#ifdef HAVE_BF
+ if(use_bf==TRUE)
+ printf("Blowfish encryption Available\n");
+#endif
#ifdef HAVE_LIBWRAP
printf("TCP Wrappers Available\n");
#endif
@@ -377,6 +397,11 @@ int read_config_file(char *filename){
debug=FALSE;
}
+#ifdef HAVE_BF
+ else if(!strcmp(varname,"blowfish_secret"))
+ blowfish_secret=strdup(varvalue);
+#endif
+
else if(!strcmp(varname,"nrpe_user"))
nrpe_user=strdup(varvalue);
@@ -759,6 +784,9 @@ void handle_connection(int sock){
#ifdef HAVE_SSL
SSL *ssl=NULL;
#endif
+#ifdef HAVE_BF
+ BFkey_type *blowfish_key;
+#endif
/* log info to syslog facility */
@@ -797,13 +825,51 @@ void handle_connection(int sock){
}
#endif
+#ifdef HAVE_BF
+ /* initialize Blowfish */
+ if(use_bf==TRUE){
+ /* Setup BF key */
+ blowfish_key = (BFkey_type *)blowfish_init(blowfish_secret);
+
+ if (!blowfish_key) {
+ syslog(LOG_ERR,"Error: could not initialize Blowfish key
+string using: %s\n", blowfish_secret);
+ free(blowfish_key);
+ exit(STATE_CRITICAL);
+ }
+
+ if(debug==TRUE)
+ syslog(LOG_INFO,"INFO: Blowfish initialized. All network
+ traffic will be encrypted.");
+ }else{
+ if(debug==TRUE)
+ syslog(LOG_INFO,"INFO: Blowfish not initialized. Network
+ encryption using Blowfish DISABLED.");
+
+ }
+
+ /* do Blowfish handshake */
+ if(result==STATE_OK && use_bf==TRUE){
+ if (bf_server_handshake(sock, blowfish_key) != 0){
+ syslog(LOG_ERR,"Error: Could not complete Blowfish handshake.");
+ free(blowfish_key);
+ return;
+ }
+
+ }
+#endif
+
bytes_to_recv=sizeof(receive_packet);
- if(use_ssl==FALSE)
+ if(use_ssl==FALSE && use_bf==FALSE)
rc=recvall(sock,(char *)&receive_packet,&bytes_to_recv,socket_timeout);
#ifdef HAVE_SSL
- else
+ else if (use_ssl==TRUE)
rc=SSL_read(ssl,&receive_packet,bytes_to_recv);
#endif
+#ifdef HAVE_BF
+ else if (use_bf==TRUE)
+ rc=bf_recvall(sock, blowfish_key,(char *)&receive_packet,bytes_to_recv);
+#endif
/* recv() error or client disconnect */
if(rc<=0){
@@ -816,6 +882,10 @@ void handle_connection(int sock){
SSL_free(ssl);
syslog(LOG_INFO,"INFO: SSL Socket Shutdown.\n");
#endif
+#ifdef HAVE_BF
+ free(blowfish_key);
+ syslog(LOG_INFO,"INFO: Blowfish Socket Shutdown.\n");
+#endif
return;
}
@@ -830,6 +900,9 @@ void handle_connection(int sock){
SSL_shutdown(ssl);
SSL_free(ssl);
#endif
+#ifdef HAVE_BF
+ free(blowfish_key);
+#endif
return;
}
@@ -860,6 +933,9 @@ void handle_connection(int sock){
SSL_shutdown(ssl);
SSL_free(ssl);
#endif
+#ifdef HAVE_BF
+ free(blowfish_key);
+#endif
return;
}
@@ -970,17 +1046,24 @@ void handle_connection(int sock){
/* send the response back to the client */
bytes_to_send=sizeof(send_packet);
- if(use_ssl==FALSE)
+ if(use_ssl==FALSE && use_bf==FALSE)
sendall(sock,(char *)&send_packet,&bytes_to_send);
#ifdef HAVE_SSL
- else
+ else if (use_ssl=TRUE)
SSL_write(ssl,&send_packet,bytes_to_send);
#endif
+#ifdef HAVE_BF
+ else if (use_bf=TRUE)
+ bf_sendall(sock,blowfish_key,(char *) &send_packet,bytes_to_send);
+#endif
#ifdef HAVE_SSL
SSL_shutdown(ssl);
SSL_free(ssl);
#endif
+#ifdef HAVE_BF
+ free(blowfish_key);
+#endif
/* log info to syslog facility */
if(debug==TRUE)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/developers/attachments/20040114/eb598479/attachment.html>
More information about the Developers
mailing list