From: Ethan G. <ega...@us...> - 2003-01-29 05:08:24
|
Update of /cvsroot/nagios/nrpe/src In directory sc8-pr-cvs1:/tmp/cvs-serv5154/src Modified Files: check_nrpe.c nrpe.c utils.c utils.h Log Message: Initial support for command arguments (no native encryption yet) Index: check_nrpe.c =================================================================== RCS file: /cvsroot/nagios/nrpe/src/check_nrpe.c,v retrieving revision 1.11 retrieving revision 1.12 diff -C2 -r1.11 -r1.12 *** check_nrpe.c 17 Jan 2003 05:13:51 -0000 1.11 --- check_nrpe.c 29 Jan 2003 05:08:21 -0000 1.12 *************** *** 5,9 **** * License: GPL * ! * Last Modified: 01-16-2003 * * Command line: CHECK_NRPE -H <host_address> [-p port] [-c command] [-to to_sec] --- 5,9 ---- * License: GPL * ! * Last Modified: 01-28-2003 * * Command line: CHECK_NRPE -H <host_address> [-p port] [-c command] [-to to_sec] *************** *** 42,48 **** int main(int argc, char **argv){ int sd; int rc; - int result; packet send_packet; packet receive_packet; --- 42,50 ---- int main(int argc, char **argv){ + u_int32_t long packet_crc32; + u_int32_t calculated_crc32; + int16_t result; int sd; int rc; packet send_packet; packet receive_packet; *************** *** 94,97 **** --- 96,102 ---- + /* generate the CRC 32 table */ + generate_crc32_table(); + /* initialize alarm signal handling */ signal(SIGALRM,alarm_handler); *************** *** 106,119 **** if(result==STATE_OK){ ! /* send the query packet */ bzero(&send_packet,sizeof(send_packet)); - send_packet.packet_type=htonl(QUERY_PACKET); - send_packet.packet_version=htonl(NRPE_PACKET_VERSION_1); - send_packet.buffer_length=htonl(strlen(query_string)); - strcpy(&send_packet.buffer[0],query_string); bytes_to_send=sizeof(send_packet); rc=sendall(sd,(char *)&send_packet,&bytes_to_send); - if(rc==-1){ printf("CHECK_NRPE: Error sending query to host.\n"); --- 111,138 ---- if(result==STATE_OK){ ! /* clear the packet buffer */ bzero(&send_packet,sizeof(send_packet)); + /* fill the packet with semi-random data */ + randomize_buffer((char *)&send_packet,sizeof(send_packet)); + + /* initialize packet data */ + send_packet.packet_version=(int16_t)htons(NRPE_PACKET_VERSION_2); + send_packet.packet_type=(int16_t)htons(QUERY_PACKET); + strncpy(&send_packet.buffer[0],query_string,MAX_PACKETBUFFER_LENGTH); + send_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0'; + + /* calculate the crc 32 value of the packet */ + send_packet.crc32_value=(u_int32_t)0L; + calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet)); + send_packet.crc32_value=(u_int32_t)htonl(calculated_crc32); + + + /***** ENCRYPT REQUEST *****/ + + + /* send the packet */ bytes_to_send=sizeof(send_packet); rc=sendall(sd,(char *)&send_packet,&bytes_to_send); if(rc==-1){ printf("CHECK_NRPE: Error sending query to host.\n"); *************** *** 126,134 **** rc=recvall(sd,(char *)&receive_packet,&bytes_to_recv,socket_timeout); /* recv() error */ if(rc<0){ ! printf("CHECK_NRPE: Error receiving data from host.\n"); ! close(sd); ! alarm(0); return STATE_UNKNOWN; } --- 145,155 ---- rc=recvall(sd,(char *)&receive_packet,&bytes_to_recv,socket_timeout); + /* reset timeout and close the connection */ + alarm(0); + close(sd); + /* recv() error */ if(rc<0){ ! printf("CHECK_NRPE: Error receiving data from daemon.\n"); return STATE_UNKNOWN; } *************** *** 136,142 **** /* server disconnected */ else if(rc==0){ ! printf("CHECK_NRPE: Received 0 bytes. Are we allowed to connect to the host?\n"); ! close(sd); ! alarm(0); return STATE_UNKNOWN; } --- 157,161 ---- /* server disconnected */ else if(rc==0){ ! printf("CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.\n"); return STATE_UNKNOWN; } *************** *** 145,168 **** else if(bytes_to_recv<sizeof(receive_packet)){ printf("CHECK_NRPE: Receive underflow - only %d bytes received (%d expected).\n",bytes_to_recv,sizeof(receive_packet)); - close(sd); - alarm(0); return STATE_UNKNOWN; } /* get the return code from the remote plugin */ ! result=ntohl(receive_packet.result_code); ! /* make sure there is something in the plugin output buffer */ if(!strcmp(receive_packet.buffer,"")) ! printf("CHECK_NRPE: No output returned from NRPE daemon.\n"); else printf("%s\n",receive_packet.buffer); - - /* close the connection */ - close(sd); } /* reset the alarm */ ! alarm(0); return result; --- 164,198 ---- else if(bytes_to_recv<sizeof(receive_packet)){ printf("CHECK_NRPE: Receive underflow - only %d bytes received (%d expected).\n",bytes_to_recv,sizeof(receive_packet)); return STATE_UNKNOWN; } + + /***** DECRYPT RESPONSE *****/ + + + /* check the crc 32 value */ + packet_crc32=ntohl(receive_packet.crc32_value); + receive_packet.crc32_value=0L; + calculated_crc32=calculate_crc32((char *)&receive_packet,sizeof(receive_packet)); + if(packet_crc32!=calculated_crc32){ + printf("CHECK_NRPE: Response packet had invalid CRC32.\n"); + close(sd); + return STATE_UNKNOWN; + } + /* get the return code from the remote plugin */ ! result=(int16_t)ntohl(receive_packet.result_code); ! /* print the output returned by the daemon */ ! receive_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0'; if(!strcmp(receive_packet.buffer,"")) ! printf("CHECK_NRPE: No output returned from daemon.\n"); else printf("%s\n",receive_packet.buffer); } /* reset the alarm */ ! else ! alarm(0); return result; Index: nrpe.c =================================================================== RCS file: /cvsroot/nagios/nrpe/src/nrpe.c,v retrieving revision 1.13 retrieving revision 1.14 diff -C2 -r1.13 -r1.14 *** nrpe.c 17 Jan 2003 05:13:51 -0000 1.13 --- nrpe.c 29 Jan 2003 05:08:21 -0000 1.14 *************** *** 5,9 **** * License: GPL * ! * Last Modified: 01-16-2003 * * Command line: nrpe -c <config_file> [--inetd | --daemon] --- 5,9 ---- * License: GPL * ! * Last Modified: 01-28-2003 * * Command line: nrpe -c <config_file> [--inetd | --daemon] *************** *** 26,33 **** #define DEFAULT_COMMAND_TIMEOUT 60 /* default timeout for execution of plugins */ #define MAXFD 64 int process_arguments(int,char **); - void wait_for_connections(void); void handle_connection(int); --- 26,34 ---- #define DEFAULT_COMMAND_TIMEOUT 60 /* default timeout for execution of plugins */ #define MAXFD 64 + #define MAX_COMMAND_ARGUMENTS 16 + #define NASTY_METACHARS "|`&><'\"\\[]{}" int process_arguments(int,char **); void wait_for_connections(void); void handle_connection(int); *************** *** 37,47 **** void sighandler(int); int drop_privileges(char *,char *); void free_memory(void); int is_an_allowed_host(char *); ! int my_system(char *,int,int *,char *,int); /* executes a command via popen(), but also protects against timeouts */ void my_system_sighandler(int); /* handles timeouts when executing commands via my_system() */ char config_file[MAX_INPUT_BUFFER]="nrpe.cfg"; char allowed_hosts[MAX_INPUT_BUFFER]; --- 38,56 ---- void sighandler(int); int drop_privileges(char *,char *); + int check_privileges(void); void free_memory(void); int is_an_allowed_host(char *); ! int validate_request(packet *); ! int contains_nasty_metachars(char *); ! int process_macros(char *,char *,int); int my_system(char *,int,int *,char *,int); /* executes a command via popen(), but also protects against timeouts */ void my_system_sighandler(int); /* handles timeouts when executing commands via my_system() */ + static unsigned long max_packet_age=30; + + char *command_name=NULL; + char *macro_argv[MAX_COMMAND_ARGUMENTS]; + char config_file[MAX_INPUT_BUFFER]="nrpe.cfg"; char allowed_hosts[MAX_INPUT_BUFFER]; *************** *** 56,59 **** --- 65,70 ---- char *nrpe_group=NULL; + int allow_arguments=FALSE; + int show_help=FALSE; int show_license=FALSE; *************** *** 67,71 **** int error=FALSE; int result; ! int i; char buffer[MAX_INPUT_BUFFER]; --- 78,82 ---- int error=FALSE; int result; ! int x; char buffer[MAX_INPUT_BUFFER]; *************** *** 81,87 **** printf("License: GPL\n"); printf("\n"); } ! if(result!=OK || show_help==TRUE){ printf("Usage: %s -c <config_file> [mode]\n",argv[0]); --- 92,108 ---- printf("License: GPL\n"); printf("\n"); + #ifdef ENABLE_COMMAND_ARGUMENTS + printf("***************************************************************\n"); + printf("** POSSIBLE SECURITY RISK - COMMAND ARGUMENTS ARE SUPPORTED! **\n"); + printf("** Read the NRPE SECURITY file for more information **\n"); + printf("***************************************************************\n"); + printf("\n"); + #endif } ! if(show_license==TRUE) ! display_license(); ! ! else if(result!=OK || show_help==TRUE){ printf("Usage: %s -c <config_file> [mode]\n",argv[0]); *************** *** 104,110 **** } - if(show_license==TRUE) - display_license(); - if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE) exit(STATE_UNKNOWN); --- 125,128 ---- *************** *** 143,149 **** } /* if we're running under inetd... */ ! if(use_inetd==TRUE) handle_connection(0); /* else daemonize and start listening for requests... */ --- 161,180 ---- } + /* initialize macros */ + for(x=0;x<MAX_COMMAND_ARGUMENTS;x++) + macro_argv[x]=NULL; + + /* generate the CRC 32 table */ + generate_crc32_table(); + /* if we're running under inetd... */ ! if(use_inetd==TRUE){ ! ! /* make sure we're not root */ ! check_privileges(); ! ! /* handle the connection */ handle_connection(0); + } /* else daemonize and start listening for requests... */ *************** *** 172,175 **** --- 203,209 ---- drop_privileges(nrpe_user,nrpe_group); + /* make sure we're not root */ + check_privileges(); + /* wait for connections */ wait_for_connections(); *************** *** 192,195 **** --- 226,230 ---- char *varvalue; int line; + int x; *************** *** 238,242 **** } ! else if(!strcmp(varname,"server_address")){ strncpy(server_address,varvalue,sizeof(server_address) - 1); server_address[sizeof(server_address) - 1] = '\0'; --- 273,277 ---- } ! else if(!strcmp(varname,"server_address")){ strncpy(server_address,varvalue,sizeof(server_address) - 1); server_address[sizeof(server_address) - 1] = '\0'; *************** *** 276,280 **** nrpe_group=strdup(varvalue); ! else if(!strcmp(varname,"command_timeout")){ command_timeout=atoi(varvalue); if(command_timeout<1){ --- 311,322 ---- nrpe_group=strdup(varvalue); ! else if(!strcmp(varname,"dont_blame_nrpe")){ ! if(atoi(varvalue)==1) ! allow_arguments=TRUE; ! else ! allow_arguments=FALSE; ! } ! ! else if(!strcmp(varname,"command_timeout")){ command_timeout=atoi(varvalue); if(command_timeout<1){ *************** *** 355,359 **** if(sock<0){ syslog(LOG_ERR,"Network server socket failure (%d: %s)",errno,strerror(errno)); ! exit (STATE_CRITICAL); } --- 397,401 ---- if(sock<0){ syslog(LOG_ERR,"Network server socket failure (%d: %s)",errno,strerror(errno)); ! exit(STATE_CRITICAL); } *************** *** 375,379 **** else if(!my_inet_aton(server_address,&myname.sin_addr)){ syslog(LOG_ERR,"Server address is not a valid IP address\n"); ! exit (STATE_CRITICAL); } --- 417,421 ---- else if(!my_inet_aton(server_address,&myname.sin_addr)){ syslog(LOG_ERR,"Server address is not a valid IP address\n"); ! exit(STATE_CRITICAL); } *************** *** 382,386 **** if(bind(sock,(struct sockaddr *)&myname,sizeof(myname))<0){ syslog(LOG_ERR,"Network server bind failure (%d: %s)\n",errno,strerror(errno)); ! exit (STATE_CRITICAL); } --- 424,428 ---- if(bind(sock,(struct sockaddr *)&myname,sizeof(myname))<0){ syslog(LOG_ERR,"Network server bind failure (%d: %s)\n",errno,strerror(errno)); ! exit(STATE_CRITICAL); } *************** *** 388,392 **** if(listen(sock,5)<0){ syslog(LOG_ERR,"Network server listen failure (%d: %s)\n",errno,strerror(errno)); ! exit (STATE_CRITICAL); } --- 430,434 ---- if(listen(sock,5)<0){ syslog(LOG_ERR,"Network server listen failure (%d: %s)\n",errno,strerror(errno)); ! exit(STATE_CRITICAL); } *************** *** 394,397 **** --- 436,445 ---- syslog(LOG_NOTICE,"Starting up daemon"); + /* log warning about command arguments */ + #ifdef ENABLE_COMMAND_ARGUMENTS + if(allow_arguments==TRUE) + syslog(LOG_NOTICE,"Warning: Daemon is configured to accept command arguments from clients!"); + #endif + /* Trap signals */ signal(SIGQUIT,sighandler); *************** *** 512,515 **** --- 560,564 ---- /* handles a client connection */ void handle_connection(int sock){ + u_int32_t calculated_crc32; command *temp_command; packet receive_packet; *************** *** 518,524 **** --- 567,577 ---- int bytes_to_recv; char buffer[MAX_INPUT_BUFFER]; + char raw_command[MAX_INPUT_BUFFER]; + char processed_command[MAX_INPUT_BUFFER]; int result=STATE_OK; int early_timeout=FALSE; int rc; + int x; + FILE *fp; *************** *** 551,559 **** } ! /* make sure this is the right type of packet */ ! if(ntohl(receive_packet.packet_type)!=QUERY_PACKET || ntohl(receive_packet.packet_version)!=NRPE_PACKET_VERSION_1){ ! /* log error to syslog facility */ ! syslog(LOG_ERR,"Received invalid packet from client, bailing out..."); return; --- 604,626 ---- } ! fp=fopen("/tmp/packet","w"); ! if(fp){ ! fwrite(&receive_packet,1,sizeof(receive_packet),fp); ! fclose(fp); ! } ! /* make sure the request is valid */ ! if(validate_request(&receive_packet)==ERROR){ ! ! /* log an error */ ! syslog(LOG_ERR,"Client request was invalid, bailing out..."); ! ! /* free memory */ ! free(command_name); ! command_name=NULL; ! for(x=0;x<MAX_COMMAND_ARGUMENTS;x++){ ! free(macro_argv[x]); ! macro_argv[x]=NULL; ! } return; *************** *** 565,569 **** /* if this is the version check command, just spew it out */ ! if(!strcmp(&receive_packet.buffer[0],NRPE_HELLO_COMMAND)){ snprintf(buffer,sizeof(buffer),"NRPE v%s",PROGRAM_VERSION); --- 632,636 ---- /* if this is the version check command, just spew it out */ ! if(!strcmp(command_name,NRPE_HELLO_COMMAND)){ snprintf(buffer,sizeof(buffer),"NRPE v%s",PROGRAM_VERSION); *************** *** 579,586 **** /* find the command we're supposed to run */ else{ ! temp_command=find_command(receive_packet.buffer); if(temp_command==NULL){ ! snprintf(buffer,sizeof(buffer),"NRPE: Command '%s' not defined",receive_packet.buffer); buffer[sizeof(buffer)-1]='\x0'; --- 646,653 ---- /* find the command we're supposed to run */ else{ ! temp_command=find_command(command_name); if(temp_command==NULL){ ! snprintf(buffer,sizeof(buffer),"NRPE: Command '%s' not defined",command_name); buffer[sizeof(buffer)-1]='\x0'; *************** *** 594,604 **** else{ /* log info to syslog facility */ if(debug==TRUE) ! syslog(LOG_DEBUG,"Running command: %s",temp_command->command_line); /* run the command */ strcpy(buffer,""); ! result=my_system(temp_command->command_line,command_timeout,&early_timeout,buffer,sizeof(buffer)); /* see if the command timed out */ --- 661,676 ---- else{ + /* process command line */ + strncpy(raw_command,temp_command->command_line,sizeof(raw_command)-1); + raw_command[sizeof(raw_command)-1]='\x0'; + process_macros(raw_command,processed_command,sizeof(processed_command)); + /* log info to syslog facility */ if(debug==TRUE) ! syslog(LOG_DEBUG,"Running command: %s",processed_command); /* run the command */ strcpy(buffer,""); ! result=my_system(processed_command,command_timeout,&early_timeout,buffer,sizeof(buffer)); /* see if the command timed out */ *************** *** 621,624 **** --- 693,704 ---- } + /* free memory */ + free(command_name); + command_name=NULL; + for(x=0;x<MAX_COMMAND_ARGUMENTS;x++){ + free(macro_argv[x]); + macro_argv[x]=NULL; + } + /* strip newline character from end of output buffer */ if(buffer[strlen(buffer)-1]=='\n') *************** *** 628,639 **** bzero(&send_packet,sizeof(send_packet)); ! /* fill the response packet with data */ ! send_packet.packet_type=htonl(RESPONSE_PACKET); ! send_packet.packet_version=htonl(NRPE_PACKET_VERSION_1); ! send_packet.result_code=htonl(result); ! send_packet.buffer_length=htonl(strlen(buffer)); ! strncpy(&send_packet.buffer[0],buffer,sizeof(send_packet.buffer)); ! send_packet.buffer[sizeof(send_packet.buffer)-1]='\x0'; /* send the response back to the client */ bytes_to_send=sizeof(send_packet); --- 708,730 ---- bzero(&send_packet,sizeof(send_packet)); ! /* fill the packet with semi-random data */ ! randomize_buffer((char *)&send_packet,sizeof(send_packet)); ! ! /* initialize response packet data */ ! send_packet.packet_version=(int16_t)htons(NRPE_PACKET_VERSION_2); ! send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET); ! send_packet.result_code=(int16_t)htons(result); ! strncpy(&send_packet.buffer[0],buffer,MAX_PACKETBUFFER_LENGTH); ! send_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0'; + /* calculate the crc 32 value of the packet */ + send_packet.crc32_value=(u_int32_t)0L; + calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet)); + send_packet.crc32_value=(u_int32_t)htonl(calculated_crc32); + + + /***** ENCRYPT RESPONSE *****/ + + /* send the response back to the client */ bytes_to_send=sizeof(send_packet); *************** *** 941,944 **** --- 1032,1227 ---- return OK; } + + + + + /* bail if daemon is running as root */ + int check_privileges(void){ + uid_t uid=-1; + gid_t gid=-1; + + uid=geteuid(); + gid=getegid(); + + if(uid==0 || gid==0){ + syslog(LOG_ERR,"Error: NRPE daemon cannot be run as user/group root!"); + exit(STATE_CRITICAL); + } + + return OK; + } + + + + /* tests whether or not a client request is valid */ + int validate_request(packet *pkt){ + u_int32_t long packet_crc32; + u_int32_t calculated_crc32; + char *ptr; + int x; + + + /***** DECRYPT REQUEST ******/ + + + /* check the crc 32 value */ + packet_crc32=ntohl(pkt->crc32_value); + pkt->crc32_value=0L; + calculated_crc32=calculate_crc32((char *)pkt,sizeof(packet)); + if(packet_crc32!=calculated_crc32){ + syslog(LOG_ERR,"Error: Request packet had invalid CRC32."); + return ERROR; + } + + /* make sure this is the right type of packet */ + if(ntohs(pkt->packet_type)!=QUERY_PACKET || ntohs(pkt->packet_version)!=NRPE_PACKET_VERSION_2){ + syslog(LOG_ERR,"Error: Request packet type/version was invalid!"); + return ERROR; + } + + /* make sure buffer is terminated */ + pkt->buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0'; + + /* client must send some kind of request */ + if(!strcmp(pkt->buffer,"")){ + syslog(LOG_ERR,"Error: Request contained no query!"); + return ERROR; + } + + /* make sure request doesn't contain nasties */ + if(contains_nasty_metachars(pkt->buffer)==TRUE){ + syslog(LOG_ERR,"Error: Request contained illegal metachars!"); + return ERROR; + } + + /* make sure the request doesn't contain arguments */ + if(strchr(pkt->buffer,'!')){ + #ifdef ENABLE_COMMAND_ARGUMENTS + if(allow_arguments==FALSE){ + syslog(LOG_ERR,"Error: Request contained command arguments, but argument option is not enabled!"); + return ERROR; + } + #else + syslog(LOG_ERR,"Error: Request contained command arguments!"); + return ERROR; + #endif + } + + /* get command name */ + #ifdef ENABLE_COMMAND_ARGUMENTS + ptr=strtok(pkt->buffer,"!"); + #else + ptr=pkt->buffer; + #endif + command_name=strdup(ptr); + if(command_name==NULL){ + syslog(LOG_ERR,"Error: Memory allocation failed"); + return ERROR; + } + + #ifdef ENABLE_COMMAND_ARGUMENTS + /* get command arguments */ + if(allow_arguments==TRUE){ + + for(x=0;x<MAX_COMMAND_ARGUMENTS;x++){ + ptr=strtok(NULL,"!"); + if(ptr==NULL) + break; + macro_argv[x]=strdup(ptr); + if(macro_argv[x]==NULL){ + syslog(LOG_ERR,"Error: Memory allocation failed"); + return ERROR; + } + if(!strcmp(macro_argv[x],"")){ + syslog(LOG_ERR,"Error: Request contained an empty command argument"); + return ERROR; + } + } + } + #endif + + return OK; + } + + + + /* tests whether a buffer contains illegal metachars */ + int contains_nasty_metachars(char *str){ + int result; + + if(str==NULL) + return FALSE; + + result=strcspn(str,NASTY_METACHARS); + if(result!=strlen(str)) + return TRUE; + + return FALSE; + } + + + + /* replace macros in buffer */ + int process_macros(char *input_buffer,char *output_buffer,int buffer_length){ + char *temp_buffer; + int in_macro; + int arg_index=0; + char *selected_macro=NULL; + + strcpy(output_buffer,""); + + in_macro=FALSE; + + for(temp_buffer=strsep(&input_buffer,"$");temp_buffer!=NULL;temp_buffer=strsep(&input_buffer,"$")){ + + selected_macro=NULL; + + if(in_macro==FALSE){ + if(strlen(output_buffer)+strlen(temp_buffer)<buffer_length-1){ + strncat(output_buffer,temp_buffer,buffer_length-strlen(output_buffer)-1); + output_buffer[buffer_length-1]='\x0'; + } + in_macro=TRUE; + } + else{ + + if(strlen(output_buffer)+strlen(temp_buffer)<buffer_length-1){ + + /* argument macro */ + if(strstr(temp_buffer,"ARG")==temp_buffer){ + arg_index=atoi(temp_buffer+3); + if(arg_index>=1 && arg_index<=MAX_COMMAND_ARGUMENTS) + selected_macro=macro_argv[arg_index-1]; + } + + /* an escaped $ is done by specifying two $$ next to each other */ + else if(!strcmp(temp_buffer,"")){ + strncat(output_buffer,"$",buffer_length-strlen(output_buffer)-1); + } + + /* a non-macro, just some user-defined string between two $s */ + else{ + strncat(output_buffer,"$",buffer_length-strlen(output_buffer)-1); + output_buffer[buffer_length-1]='\x0'; + strncat(output_buffer,temp_buffer,buffer_length-strlen(output_buffer)-1); + output_buffer[buffer_length-1]='\x0'; + strncat(output_buffer,"$",buffer_length-strlen(output_buffer)-1); + } + + + /* insert macro */ + if(selected_macro!=NULL) + strncat(output_buffer,(selected_macro==NULL)?"":selected_macro,buffer_length-strlen(output_buffer)-1); + + output_buffer[buffer_length-1]='\x0'; + } + + in_macro=FALSE; + } + } + + return OK; + } + Index: utils.c =================================================================== RCS file: /cvsroot/nagios/nrpe/src/utils.c,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -r1.2 -r1.3 *** utils.c 25 Oct 2002 03:59:28 -0000 1.2 --- utils.c 29 Jan 2003 05:08:21 -0000 1.3 *************** *** 4,10 **** * * License: GPL ! * Copyright (c) 1999-2002 Ethan Galstad (na...@na...) * ! * Last Modified: 10-24-2002 * * Description: --- 4,10 ---- * * License: GPL ! * Copyright (c) 1999-2003 Ethan Galstad (na...@na...) * ! * Last Modified: 01-28-2003 * * Description: *************** *** 33,36 **** --- 33,112 ---- #include "utils.h" + static unsigned long crc32_table[256]; + + + + /* build the crc table - must be called before calculating the crc value */ + void generate_crc32_table(void){ + unsigned long crc, poly; + int i, j; + + poly=0xEDB88320L; + for(i=0;i<256;i++){ + crc=i; + for(j=8;j>0;j--){ + if(crc & 1) + crc=(crc>>1)^poly; + else + crc>>=1; + } + crc32_table[i]=crc; + } + + return; + } + + + /* calculates the CRC 32 value for a buffer */ + unsigned long calculate_crc32(char *buffer, int buffer_size){ + register unsigned long crc; + int this_char; + int current_index; + + crc=0xFFFFFFFF; + + for(current_index=0;current_index<buffer_size;current_index++){ + this_char=(int)buffer[current_index]; + crc=((crc>>8) & 0x00FFFFFF) ^ crc32_table[(crc ^ this_char) & 0xFF]; + } + + return (crc ^ 0xFFFFFFFF); + } + + + /* fill a buffer with semi-random data */ + void randomize_buffer(char *buffer,int buffer_size){ + FILE *fp; + int x; + int seed; + + /**** FILL BUFFER WITH RANDOM ALPHA-NUMERIC CHARACTERS ****/ + + /*************************************************************** + Only use alpha-numeric characters becase plugins usually + only generate numbers and letters in their output. We + want the buffer to contain the same set of characters as + plugins, so its harder to distinguish where the real output + ends and the rest of the buffer (padded randomly) starts. + ***************************************************************/ + + /* try to get seed value from /dev/urandom, as its a better source of entropy */ + fp=fopen("/dev/urandom","r"); + if(fp!=NULL){ + seed=fgetc(fp); + fclose(fp); + } + + /* else fallback to using the current time as the seed */ + else + seed=(int)time(NULL); + + srand(seed); + for(x=0;x<buffer_size;x++) + buffer[x]=(int)'0'+(int)(72.0*rand()/(RAND_MAX+1.0)); + + return; + } + /* opens a connection to a remote host/tcp port */ *************** *** 314,315 **** --- 390,394 ---- return; } + + + Index: utils.h =================================================================== RCS file: /cvsroot/nagios/nrpe/src/utils.h,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -r1.1 -r1.2 *** utils.h 9 Jul 2002 04:42:04 -0000 1.1 --- utils.h 29 Jan 2003 05:08:21 -0000 1.2 *************** *** 4,10 **** * * License: GPL ! * Copyright (c) 1999-2002 Ethan Galstad (na...@na...) * ! * Last Modified: 07-09-2002 * * Description: --- 4,10 ---- * * License: GPL ! * Copyright (c) 1999-2003 Ethan Galstad (na...@na...) * ! * Last Modified: 01-28-2003 * * Description: *************** *** 30,35 **** --- 30,44 ---- ************************************************************************************************/ + #ifndef _UTILS_H + #define _UTILS_H + #include "../common/config.h" + + void generate_crc32_table(void); + unsigned long calculate_crc32(char *, int); + + void randomize_buffer(char *,int); + int my_tcp_connect(char *,int,int *); int my_connect(char *,int,int *,char *); *************** *** 43,46 **** --- 52,57 ---- void display_license(void); + + #endif |