Is a null username possible with check_http
Marc Powell
marc at ena.com
Wed Jul 29 22:45:59 CEST 2009
On Jul 29, 2009, at 2:09 PM, Jim McNamara wrote:
> Thanks for that help. Unfortunately it leads to some unusual
> results. Both authenticating from firefox on a windows host and on
> the CLI from the linux server show the same credentials being
> passed, as shown here:
>
> (Windows)
> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:
> 1.9.0.12) Gecko/2009070611 Firefox/3.0.12\r\n
> Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
> *;q=0.8\r\n
> Accept-Language: en-us,en;q=0.5\r\n
> Accept-Encoding: gzip,deflate\r\n
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n
> Keep-Alive: 300\r\n
> Connection: keep-alive\r\n
> Authorization: Basic OnJlYm9vdA==\r\n
> Credentials: :reboot
> \r\n
>
> (Linux)
> GET / HTTP/1.0\r\n
> User-Agent: check_http/v2053 (nagios-plugins 1.4.13)\r\n
> Connection: close\r\n
> Authorization: Basic OnJlYm9vdA==\r\n
> Credentials: :reboot
> \r\n
>
> So both agents pass the correct info to the unit, but something
> clearly doesn't behave well.
I agree. Both translate to the same string.
> I do see a fair amount of javascript in the windows capture after
> the authentication, could that be part of the issue?
No. I am presuming the javascript is being sent in response to the
successful auth.
> Also the "Connection: close\r\n sent by check_http has me wondering
> if is closing the stream before some of the authentication is
> completed?
No, that's just telling the server that it can close the connection
after sending the response. That response should be the HTML of the
page after successful auth. That's standard HTTP and they shouldn't be
bombing based on that.
> I have both captures from tshark and wireshark saved if seeing the
> full info would be any help.
Probably not. It certainly appears that this device is requiring
something more than just Basic authentication. It may be looking at
User-Agent or some other header and rejecting if it's not there or
something unexpected. You might try adding a -A to change the user-
agent to match the one above and/or one or more -k headers to see what
that extra bit might be. Other than that, your best source of what
they're really looking for is going to be the manufacturer unless they
happen to provide the source (yeah, right....).
--
Marc
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list