Menu
▾
▴
[Nagios-checkins] CVS: nrpe/src check_nrpe.c,1.11,1.12 nrpe.c,1.13,1.14 utils.c,1.2,1.3 utils.h,1.1,1.2
|
From: Ethan G. <ega...@us...> - 2003-01-29 05:08:24
|
Update of /cvsroot/nagios/nrpe/src
In directory sc8-pr-cvs1:/tmp/cvs-serv5154/src
Modified Files:
check_nrpe.c nrpe.c utils.c utils.h
Log Message:
Initial support for command arguments (no native encryption yet)
Index: check_nrpe.c
===================================================================
RCS file: /cvsroot/nagios/nrpe/src/check_nrpe.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -r1.11 -r1.12
*** check_nrpe.c 17 Jan 2003 05:13:51 -0000 1.11
--- check_nrpe.c 29 Jan 2003 05:08:21 -0000 1.12
***************
*** 5,9 ****
* License: GPL
*
! * Last Modified: 01-16-2003
*
* Command line: CHECK_NRPE -H <host_address> [-p port] [-c command] [-to to_sec]
--- 5,9 ----
* License: GPL
*
! * Last Modified: 01-28-2003
*
* Command line: CHECK_NRPE -H <host_address> [-p port] [-c command] [-to to_sec]
***************
*** 42,48 ****
int main(int argc, char **argv){
int sd;
int rc;
- int result;
packet send_packet;
packet receive_packet;
--- 42,50 ----
int main(int argc, char **argv){
+ u_int32_t long packet_crc32;
+ u_int32_t calculated_crc32;
+ int16_t result;
int sd;
int rc;
packet send_packet;
packet receive_packet;
***************
*** 94,97 ****
--- 96,102 ----
+ /* generate the CRC 32 table */
+ generate_crc32_table();
+
/* initialize alarm signal handling */
signal(SIGALRM,alarm_handler);
***************
*** 106,119 ****
if(result==STATE_OK){
! /* send the query packet */
bzero(&send_packet,sizeof(send_packet));
- send_packet.packet_type=htonl(QUERY_PACKET);
- send_packet.packet_version=htonl(NRPE_PACKET_VERSION_1);
- send_packet.buffer_length=htonl(strlen(query_string));
- strcpy(&send_packet.buffer[0],query_string);
bytes_to_send=sizeof(send_packet);
rc=sendall(sd,(char *)&send_packet,&bytes_to_send);
-
if(rc==-1){
printf("CHECK_NRPE: Error sending query to host.\n");
--- 111,138 ----
if(result==STATE_OK){
! /* clear the packet buffer */
bzero(&send_packet,sizeof(send_packet));
+ /* fill the packet with semi-random data */
+ randomize_buffer((char *)&send_packet,sizeof(send_packet));
+
+ /* initialize packet data */
+ send_packet.packet_version=(int16_t)htons(NRPE_PACKET_VERSION_2);
+ send_packet.packet_type=(int16_t)htons(QUERY_PACKET);
+ strncpy(&send_packet.buffer[0],query_string,MAX_PACKETBUFFER_LENGTH);
+ send_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0';
+
+ /* calculate the crc 32 value of the packet */
+ send_packet.crc32_value=(u_int32_t)0L;
+ calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet));
+ send_packet.crc32_value=(u_int32_t)htonl(calculated_crc32);
+
+
+ /***** ENCRYPT REQUEST *****/
+
+
+ /* send the packet */
bytes_to_send=sizeof(send_packet);
rc=sendall(sd,(char *)&send_packet,&bytes_to_send);
if(rc==-1){
printf("CHECK_NRPE: Error sending query to host.\n");
***************
*** 126,134 ****
rc=recvall(sd,(char *)&receive_packet,&bytes_to_recv,socket_timeout);
/* recv() error */
if(rc<0){
! printf("CHECK_NRPE: Error receiving data from host.\n");
! close(sd);
! alarm(0);
return STATE_UNKNOWN;
}
--- 145,155 ----
rc=recvall(sd,(char *)&receive_packet,&bytes_to_recv,socket_timeout);
+ /* reset timeout and close the connection */
+ alarm(0);
+ close(sd);
+
/* recv() error */
if(rc<0){
! printf("CHECK_NRPE: Error receiving data from daemon.\n");
return STATE_UNKNOWN;
}
***************
*** 136,142 ****
/* server disconnected */
else if(rc==0){
! printf("CHECK_NRPE: Received 0 bytes. Are we allowed to connect to the host?\n");
! close(sd);
! alarm(0);
return STATE_UNKNOWN;
}
--- 157,161 ----
/* server disconnected */
else if(rc==0){
! printf("CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.\n");
return STATE_UNKNOWN;
}
***************
*** 145,168 ****
else if(bytes_to_recv<sizeof(receive_packet)){
printf("CHECK_NRPE: Receive underflow - only %d bytes received (%d expected).\n",bytes_to_recv,sizeof(receive_packet));
- close(sd);
- alarm(0);
return STATE_UNKNOWN;
}
/* get the return code from the remote plugin */
! result=ntohl(receive_packet.result_code);
! /* make sure there is something in the plugin output buffer */
if(!strcmp(receive_packet.buffer,""))
! printf("CHECK_NRPE: No output returned from NRPE daemon.\n");
else
printf("%s\n",receive_packet.buffer);
-
- /* close the connection */
- close(sd);
}
/* reset the alarm */
! alarm(0);
return result;
--- 164,198 ----
else if(bytes_to_recv<sizeof(receive_packet)){
printf("CHECK_NRPE: Receive underflow - only %d bytes received (%d expected).\n",bytes_to_recv,sizeof(receive_packet));
return STATE_UNKNOWN;
}
+
+ /***** DECRYPT RESPONSE *****/
+
+
+ /* check the crc 32 value */
+ packet_crc32=ntohl(receive_packet.crc32_value);
+ receive_packet.crc32_value=0L;
+ calculated_crc32=calculate_crc32((char *)&receive_packet,sizeof(receive_packet));
+ if(packet_crc32!=calculated_crc32){
+ printf("CHECK_NRPE: Response packet had invalid CRC32.\n");
+ close(sd);
+ return STATE_UNKNOWN;
+ }
+
/* get the return code from the remote plugin */
! result=(int16_t)ntohl(receive_packet.result_code);
! /* print the output returned by the daemon */
! receive_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0';
if(!strcmp(receive_packet.buffer,""))
! printf("CHECK_NRPE: No output returned from daemon.\n");
else
printf("%s\n",receive_packet.buffer);
}
/* reset the alarm */
! else
! alarm(0);
return result;
Index: nrpe.c
===================================================================
RCS file: /cvsroot/nagios/nrpe/src/nrpe.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -r1.13 -r1.14
*** nrpe.c 17 Jan 2003 05:13:51 -0000 1.13
--- nrpe.c 29 Jan 2003 05:08:21 -0000 1.14
***************
*** 5,9 ****
* License: GPL
*
! * Last Modified: 01-16-2003
*
* Command line: nrpe -c <config_file> [--inetd | --daemon]
--- 5,9 ----
* License: GPL
*
! * Last Modified: 01-28-2003
*
* Command line: nrpe -c <config_file> [--inetd | --daemon]
***************
*** 26,33 ****
#define DEFAULT_COMMAND_TIMEOUT 60 /* default timeout for execution of plugins */
#define MAXFD 64
int process_arguments(int,char **);
-
void wait_for_connections(void);
void handle_connection(int);
--- 26,34 ----
#define DEFAULT_COMMAND_TIMEOUT 60 /* default timeout for execution of plugins */
#define MAXFD 64
+ #define MAX_COMMAND_ARGUMENTS 16
+ #define NASTY_METACHARS "|`&><'\"\\[]{}"
int process_arguments(int,char **);
void wait_for_connections(void);
void handle_connection(int);
***************
*** 37,47 ****
void sighandler(int);
int drop_privileges(char *,char *);
void free_memory(void);
int is_an_allowed_host(char *);
!
int my_system(char *,int,int *,char *,int); /* executes a command via popen(), but also protects against timeouts */
void my_system_sighandler(int); /* handles timeouts when executing commands via my_system() */
char config_file[MAX_INPUT_BUFFER]="nrpe.cfg";
char allowed_hosts[MAX_INPUT_BUFFER];
--- 38,56 ----
void sighandler(int);
int drop_privileges(char *,char *);
+ int check_privileges(void);
void free_memory(void);
int is_an_allowed_host(char *);
! int validate_request(packet *);
! int contains_nasty_metachars(char *);
! int process_macros(char *,char *,int);
int my_system(char *,int,int *,char *,int); /* executes a command via popen(), but also protects against timeouts */
void my_system_sighandler(int); /* handles timeouts when executing commands via my_system() */
+ static unsigned long max_packet_age=30;
+
+ char *command_name=NULL;
+ char *macro_argv[MAX_COMMAND_ARGUMENTS];
+
char config_file[MAX_INPUT_BUFFER]="nrpe.cfg";
char allowed_hosts[MAX_INPUT_BUFFER];
***************
*** 56,59 ****
--- 65,70 ----
char *nrpe_group=NULL;
+ int allow_arguments=FALSE;
+
int show_help=FALSE;
int show_license=FALSE;
***************
*** 67,71 ****
int error=FALSE;
int result;
! int i;
char buffer[MAX_INPUT_BUFFER];
--- 78,82 ----
int error=FALSE;
int result;
! int x;
char buffer[MAX_INPUT_BUFFER];
***************
*** 81,87 ****
printf("License: GPL\n");
printf("\n");
}
! if(result!=OK || show_help==TRUE){
printf("Usage: %s -c <config_file> [mode]\n",argv[0]);
--- 92,108 ----
printf("License: GPL\n");
printf("\n");
+ #ifdef ENABLE_COMMAND_ARGUMENTS
+ printf("***************************************************************\n");
+ printf("** POSSIBLE SECURITY RISK - COMMAND ARGUMENTS ARE SUPPORTED! **\n");
+ printf("** Read the NRPE SECURITY file for more information **\n");
+ printf("***************************************************************\n");
+ printf("\n");
+ #endif
}
! if(show_license==TRUE)
! display_license();
!
! else if(result!=OK || show_help==TRUE){
printf("Usage: %s -c <config_file> [mode]\n",argv[0]);
***************
*** 104,110 ****
}
- if(show_license==TRUE)
- display_license();
-
if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE)
exit(STATE_UNKNOWN);
--- 125,128 ----
***************
*** 143,149 ****
}
/* if we're running under inetd... */
! if(use_inetd==TRUE)
handle_connection(0);
/* else daemonize and start listening for requests... */
--- 161,180 ----
}
+ /* initialize macros */
+ for(x=0;x<MAX_COMMAND_ARGUMENTS;x++)
+ macro_argv[x]=NULL;
+
+ /* generate the CRC 32 table */
+ generate_crc32_table();
+
/* if we're running under inetd... */
! if(use_inetd==TRUE){
!
! /* make sure we're not root */
! check_privileges();
!
! /* handle the connection */
handle_connection(0);
+ }
/* else daemonize and start listening for requests... */
***************
*** 172,175 ****
--- 203,209 ----
drop_privileges(nrpe_user,nrpe_group);
+ /* make sure we're not root */
+ check_privileges();
+
/* wait for connections */
wait_for_connections();
***************
*** 192,195 ****
--- 226,230 ----
char *varvalue;
int line;
+ int x;
***************
*** 238,242 ****
}
! else if(!strcmp(varname,"server_address")){
strncpy(server_address,varvalue,sizeof(server_address) - 1);
server_address[sizeof(server_address) - 1] = '\0';
--- 273,277 ----
}
! else if(!strcmp(varname,"server_address")){
strncpy(server_address,varvalue,sizeof(server_address) - 1);
server_address[sizeof(server_address) - 1] = '\0';
***************
*** 276,280 ****
nrpe_group=strdup(varvalue);
! else if(!strcmp(varname,"command_timeout")){
command_timeout=atoi(varvalue);
if(command_timeout<1){
--- 311,322 ----
nrpe_group=strdup(varvalue);
! else if(!strcmp(varname,"dont_blame_nrpe")){
! if(atoi(varvalue)==1)
! allow_arguments=TRUE;
! else
! allow_arguments=FALSE;
! }
!
! else if(!strcmp(varname,"command_timeout")){
command_timeout=atoi(varvalue);
if(command_timeout<1){
***************
*** 355,359 ****
if(sock<0){
syslog(LOG_ERR,"Network server socket failure (%d: %s)",errno,strerror(errno));
! exit (STATE_CRITICAL);
}
--- 397,401 ----
if(sock<0){
syslog(LOG_ERR,"Network server socket failure (%d: %s)",errno,strerror(errno));
! exit(STATE_CRITICAL);
}
***************
*** 375,379 ****
else if(!my_inet_aton(server_address,&myname.sin_addr)){
syslog(LOG_ERR,"Server address is not a valid IP address\n");
! exit (STATE_CRITICAL);
}
--- 417,421 ----
else if(!my_inet_aton(server_address,&myname.sin_addr)){
syslog(LOG_ERR,"Server address is not a valid IP address\n");
! exit(STATE_CRITICAL);
}
***************
*** 382,386 ****
if(bind(sock,(struct sockaddr *)&myname,sizeof(myname))<0){
syslog(LOG_ERR,"Network server bind failure (%d: %s)\n",errno,strerror(errno));
! exit (STATE_CRITICAL);
}
--- 424,428 ----
if(bind(sock,(struct sockaddr *)&myname,sizeof(myname))<0){
syslog(LOG_ERR,"Network server bind failure (%d: %s)\n",errno,strerror(errno));
! exit(STATE_CRITICAL);
}
***************
*** 388,392 ****
if(listen(sock,5)<0){
syslog(LOG_ERR,"Network server listen failure (%d: %s)\n",errno,strerror(errno));
! exit (STATE_CRITICAL);
}
--- 430,434 ----
if(listen(sock,5)<0){
syslog(LOG_ERR,"Network server listen failure (%d: %s)\n",errno,strerror(errno));
! exit(STATE_CRITICAL);
}
***************
*** 394,397 ****
--- 436,445 ----
syslog(LOG_NOTICE,"Starting up daemon");
+ /* log warning about command arguments */
+ #ifdef ENABLE_COMMAND_ARGUMENTS
+ if(allow_arguments==TRUE)
+ syslog(LOG_NOTICE,"Warning: Daemon is configured to accept command arguments from clients!");
+ #endif
+
/* Trap signals */
signal(SIGQUIT,sighandler);
***************
*** 512,515 ****
--- 560,564 ----
/* handles a client connection */
void handle_connection(int sock){
+ u_int32_t calculated_crc32;
command *temp_command;
packet receive_packet;
***************
*** 518,524 ****
--- 567,577 ----
int bytes_to_recv;
char buffer[MAX_INPUT_BUFFER];
+ char raw_command[MAX_INPUT_BUFFER];
+ char processed_command[MAX_INPUT_BUFFER];
int result=STATE_OK;
int early_timeout=FALSE;
int rc;
+ int x;
+ FILE *fp;
***************
*** 551,559 ****
}
! /* make sure this is the right type of packet */
! if(ntohl(receive_packet.packet_type)!=QUERY_PACKET || ntohl(receive_packet.packet_version)!=NRPE_PACKET_VERSION_1){
! /* log error to syslog facility */
! syslog(LOG_ERR,"Received invalid packet from client, bailing out...");
return;
--- 604,626 ----
}
! fp=fopen("/tmp/packet","w");
! if(fp){
! fwrite(&receive_packet,1,sizeof(receive_packet),fp);
! fclose(fp);
! }
! /* make sure the request is valid */
! if(validate_request(&receive_packet)==ERROR){
!
! /* log an error */
! syslog(LOG_ERR,"Client request was invalid, bailing out...");
!
! /* free memory */
! free(command_name);
! command_name=NULL;
! for(x=0;x<MAX_COMMAND_ARGUMENTS;x++){
! free(macro_argv[x]);
! macro_argv[x]=NULL;
! }
return;
***************
*** 565,569 ****
/* if this is the version check command, just spew it out */
! if(!strcmp(&receive_packet.buffer[0],NRPE_HELLO_COMMAND)){
snprintf(buffer,sizeof(buffer),"NRPE v%s",PROGRAM_VERSION);
--- 632,636 ----
/* if this is the version check command, just spew it out */
! if(!strcmp(command_name,NRPE_HELLO_COMMAND)){
snprintf(buffer,sizeof(buffer),"NRPE v%s",PROGRAM_VERSION);
***************
*** 579,586 ****
/* find the command we're supposed to run */
else{
! temp_command=find_command(receive_packet.buffer);
if(temp_command==NULL){
! snprintf(buffer,sizeof(buffer),"NRPE: Command '%s' not defined",receive_packet.buffer);
buffer[sizeof(buffer)-1]='\x0';
--- 646,653 ----
/* find the command we're supposed to run */
else{
! temp_command=find_command(command_name);
if(temp_command==NULL){
! snprintf(buffer,sizeof(buffer),"NRPE: Command '%s' not defined",command_name);
buffer[sizeof(buffer)-1]='\x0';
***************
*** 594,604 ****
else{
/* log info to syslog facility */
if(debug==TRUE)
! syslog(LOG_DEBUG,"Running command: %s",temp_command->command_line);
/* run the command */
strcpy(buffer,"");
! result=my_system(temp_command->command_line,command_timeout,&early_timeout,buffer,sizeof(buffer));
/* see if the command timed out */
--- 661,676 ----
else{
+ /* process command line */
+ strncpy(raw_command,temp_command->command_line,sizeof(raw_command)-1);
+ raw_command[sizeof(raw_command)-1]='\x0';
+ process_macros(raw_command,processed_command,sizeof(processed_command));
+
/* log info to syslog facility */
if(debug==TRUE)
! syslog(LOG_DEBUG,"Running command: %s",processed_command);
/* run the command */
strcpy(buffer,"");
! result=my_system(processed_command,command_timeout,&early_timeout,buffer,sizeof(buffer));
/* see if the command timed out */
***************
*** 621,624 ****
--- 693,704 ----
}
+ /* free memory */
+ free(command_name);
+ command_name=NULL;
+ for(x=0;x<MAX_COMMAND_ARGUMENTS;x++){
+ free(macro_argv[x]);
+ macro_argv[x]=NULL;
+ }
+
/* strip newline character from end of output buffer */
if(buffer[strlen(buffer)-1]=='\n')
***************
*** 628,639 ****
bzero(&send_packet,sizeof(send_packet));
! /* fill the response packet with data */
! send_packet.packet_type=htonl(RESPONSE_PACKET);
! send_packet.packet_version=htonl(NRPE_PACKET_VERSION_1);
! send_packet.result_code=htonl(result);
! send_packet.buffer_length=htonl(strlen(buffer));
! strncpy(&send_packet.buffer[0],buffer,sizeof(send_packet.buffer));
! send_packet.buffer[sizeof(send_packet.buffer)-1]='\x0';
/* send the response back to the client */
bytes_to_send=sizeof(send_packet);
--- 708,730 ----
bzero(&send_packet,sizeof(send_packet));
! /* fill the packet with semi-random data */
! randomize_buffer((char *)&send_packet,sizeof(send_packet));
!
! /* initialize response packet data */
! send_packet.packet_version=(int16_t)htons(NRPE_PACKET_VERSION_2);
! send_packet.packet_type=(int16_t)htons(RESPONSE_PACKET);
! send_packet.result_code=(int16_t)htons(result);
! strncpy(&send_packet.buffer[0],buffer,MAX_PACKETBUFFER_LENGTH);
! send_packet.buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0';
+ /* calculate the crc 32 value of the packet */
+ send_packet.crc32_value=(u_int32_t)0L;
+ calculated_crc32=calculate_crc32((char *)&send_packet,sizeof(send_packet));
+ send_packet.crc32_value=(u_int32_t)htonl(calculated_crc32);
+
+
+ /***** ENCRYPT RESPONSE *****/
+
+
/* send the response back to the client */
bytes_to_send=sizeof(send_packet);
***************
*** 941,944 ****
--- 1032,1227 ----
return OK;
}
+
+
+
+
+ /* bail if daemon is running as root */
+ int check_privileges(void){
+ uid_t uid=-1;
+ gid_t gid=-1;
+
+ uid=geteuid();
+ gid=getegid();
+
+ if(uid==0 || gid==0){
+ syslog(LOG_ERR,"Error: NRPE daemon cannot be run as user/group root!");
+ exit(STATE_CRITICAL);
+ }
+
+ return OK;
+ }
+
+
+
+ /* tests whether or not a client request is valid */
+ int validate_request(packet *pkt){
+ u_int32_t long packet_crc32;
+ u_int32_t calculated_crc32;
+ char *ptr;
+ int x;
+
+
+ /***** DECRYPT REQUEST ******/
+
+
+ /* check the crc 32 value */
+ packet_crc32=ntohl(pkt->crc32_value);
+ pkt->crc32_value=0L;
+ calculated_crc32=calculate_crc32((char *)pkt,sizeof(packet));
+ if(packet_crc32!=calculated_crc32){
+ syslog(LOG_ERR,"Error: Request packet had invalid CRC32.");
+ return ERROR;
+ }
+
+ /* make sure this is the right type of packet */
+ if(ntohs(pkt->packet_type)!=QUERY_PACKET || ntohs(pkt->packet_version)!=NRPE_PACKET_VERSION_2){
+ syslog(LOG_ERR,"Error: Request packet type/version was invalid!");
+ return ERROR;
+ }
+
+ /* make sure buffer is terminated */
+ pkt->buffer[MAX_PACKETBUFFER_LENGTH-1]='\x0';
+
+ /* client must send some kind of request */
+ if(!strcmp(pkt->buffer,"")){
+ syslog(LOG_ERR,"Error: Request contained no query!");
+ return ERROR;
+ }
+
+ /* make sure request doesn't contain nasties */
+ if(contains_nasty_metachars(pkt->buffer)==TRUE){
+ syslog(LOG_ERR,"Error: Request contained illegal metachars!");
+ return ERROR;
+ }
+
+ /* make sure the request doesn't contain arguments */
+ if(strchr(pkt->buffer,'!')){
+ #ifdef ENABLE_COMMAND_ARGUMENTS
+ if(allow_arguments==FALSE){
+ syslog(LOG_ERR,"Error: Request contained command arguments, but argument option is not enabled!");
+ return ERROR;
+ }
+ #else
+ syslog(LOG_ERR,"Error: Request contained command arguments!");
+ return ERROR;
+ #endif
+ }
+
+ /* get command name */
+ #ifdef ENABLE_COMMAND_ARGUMENTS
+ ptr=strtok(pkt->buffer,"!");
+ #else
+ ptr=pkt->buffer;
+ #endif
+ command_name=strdup(ptr);
+ if(command_name==NULL){
+ syslog(LOG_ERR,"Error: Memory allocation failed");
+ return ERROR;
+ }
+
+ #ifdef ENABLE_COMMAND_ARGUMENTS
+ /* get command arguments */
+ if(allow_arguments==TRUE){
+
+ for(x=0;x<MAX_COMMAND_ARGUMENTS;x++){
+ ptr=strtok(NULL,"!");
+ if(ptr==NULL)
+ break;
+ macro_argv[x]=strdup(ptr);
+ if(macro_argv[x]==NULL){
+ syslog(LOG_ERR,"Error: Memory allocation failed");
+ return ERROR;
+ }
+ if(!strcmp(macro_argv[x],"")){
+ syslog(LOG_ERR,"Error: Request contained an empty command argument");
+ return ERROR;
+ }
+ }
+ }
+ #endif
+
+ return OK;
+ }
+
+
+
+ /* tests whether a buffer contains illegal metachars */
+ int contains_nasty_metachars(char *str){
+ int result;
+
+ if(str==NULL)
+ return FALSE;
+
+ result=strcspn(str,NASTY_METACHARS);
+ if(result!=strlen(str))
+ return TRUE;
+
+ return FALSE;
+ }
+
+
+
+ /* replace macros in buffer */
+ int process_macros(char *input_buffer,char *output_buffer,int buffer_length){
+ char *temp_buffer;
+ int in_macro;
+ int arg_index=0;
+ char *selected_macro=NULL;
+
+ strcpy(output_buffer,"");
+
+ in_macro=FALSE;
+
+ for(temp_buffer=strsep(&input_buffer,"$");temp_buffer!=NULL;temp_buffer=strsep(&input_buffer,"$")){
+
+ selected_macro=NULL;
+
+ if(in_macro==FALSE){
+ if(strlen(output_buffer)+strlen(temp_buffer)<buffer_length-1){
+ strncat(output_buffer,temp_buffer,buffer_length-strlen(output_buffer)-1);
+ output_buffer[buffer_length-1]='\x0';
+ }
+ in_macro=TRUE;
+ }
+ else{
+
+ if(strlen(output_buffer)+strlen(temp_buffer)<buffer_length-1){
+
+ /* argument macro */
+ if(strstr(temp_buffer,"ARG")==temp_buffer){
+ arg_index=atoi(temp_buffer+3);
+ if(arg_index>=1 && arg_index<=MAX_COMMAND_ARGUMENTS)
+ selected_macro=macro_argv[arg_index-1];
+ }
+
+ /* an escaped $ is done by specifying two $$ next to each other */
+ else if(!strcmp(temp_buffer,"")){
+ strncat(output_buffer,"$",buffer_length-strlen(output_buffer)-1);
+ }
+
+ /* a non-macro, just some user-defined string between two $s */
+ else{
+ strncat(output_buffer,"$",buffer_length-strlen(output_buffer)-1);
+ output_buffer[buffer_length-1]='\x0';
+ strncat(output_buffer,temp_buffer,buffer_length-strlen(output_buffer)-1);
+ output_buffer[buffer_length-1]='\x0';
+ strncat(output_buffer,"$",buffer_length-strlen(output_buffer)-1);
+ }
+
+
+ /* insert macro */
+ if(selected_macro!=NULL)
+ strncat(output_buffer,(selected_macro==NULL)?"":selected_macro,buffer_length-strlen(output_buffer)-1);
+
+ output_buffer[buffer_length-1]='\x0';
+ }
+
+ in_macro=FALSE;
+ }
+ }
+
+ return OK;
+ }
+
Index: utils.c
===================================================================
RCS file: /cvsroot/nagios/nrpe/src/utils.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** utils.c 25 Oct 2002 03:59:28 -0000 1.2
--- utils.c 29 Jan 2003 05:08:21 -0000 1.3
***************
*** 4,10 ****
*
* License: GPL
! * Copyright (c) 1999-2002 Ethan Galstad (na...@na...)
*
! * Last Modified: 10-24-2002
*
* Description:
--- 4,10 ----
*
* License: GPL
! * Copyright (c) 1999-2003 Ethan Galstad (na...@na...)
*
! * Last Modified: 01-28-2003
*
* Description:
***************
*** 33,36 ****
--- 33,112 ----
#include "utils.h"
+ static unsigned long crc32_table[256];
+
+
+
+ /* build the crc table - must be called before calculating the crc value */
+ void generate_crc32_table(void){
+ unsigned long crc, poly;
+ int i, j;
+
+ poly=0xEDB88320L;
+ for(i=0;i<256;i++){
+ crc=i;
+ for(j=8;j>0;j--){
+ if(crc & 1)
+ crc=(crc>>1)^poly;
+ else
+ crc>>=1;
+ }
+ crc32_table[i]=crc;
+ }
+
+ return;
+ }
+
+
+ /* calculates the CRC 32 value for a buffer */
+ unsigned long calculate_crc32(char *buffer, int buffer_size){
+ register unsigned long crc;
+ int this_char;
+ int current_index;
+
+ crc=0xFFFFFFFF;
+
+ for(current_index=0;current_index<buffer_size;current_index++){
+ this_char=(int)buffer[current_index];
+ crc=((crc>>8) & 0x00FFFFFF) ^ crc32_table[(crc ^ this_char) & 0xFF];
+ }
+
+ return (crc ^ 0xFFFFFFFF);
+ }
+
+
+ /* fill a buffer with semi-random data */
+ void randomize_buffer(char *buffer,int buffer_size){
+ FILE *fp;
+ int x;
+ int seed;
+
+ /**** FILL BUFFER WITH RANDOM ALPHA-NUMERIC CHARACTERS ****/
+
+ /***************************************************************
+ Only use alpha-numeric characters becase plugins usually
+ only generate numbers and letters in their output. We
+ want the buffer to contain the same set of characters as
+ plugins, so its harder to distinguish where the real output
+ ends and the rest of the buffer (padded randomly) starts.
+ ***************************************************************/
+
+ /* try to get seed value from /dev/urandom, as its a better source of entropy */
+ fp=fopen("/dev/urandom","r");
+ if(fp!=NULL){
+ seed=fgetc(fp);
+ fclose(fp);
+ }
+
+ /* else fallback to using the current time as the seed */
+ else
+ seed=(int)time(NULL);
+
+ srand(seed);
+ for(x=0;x<buffer_size;x++)
+ buffer[x]=(int)'0'+(int)(72.0*rand()/(RAND_MAX+1.0));
+
+ return;
+ }
+
/* opens a connection to a remote host/tcp port */
***************
*** 314,315 ****
--- 390,394 ----
return;
}
+
+
+
Index: utils.h
===================================================================
RCS file: /cvsroot/nagios/nrpe/src/utils.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** utils.h 9 Jul 2002 04:42:04 -0000 1.1
--- utils.h 29 Jan 2003 05:08:21 -0000 1.2
***************
*** 4,10 ****
*
* License: GPL
! * Copyright (c) 1999-2002 Ethan Galstad (na...@na...)
*
! * Last Modified: 07-09-2002
*
* Description:
--- 4,10 ----
*
* License: GPL
! * Copyright (c) 1999-2003 Ethan Galstad (na...@na...)
*
! * Last Modified: 01-28-2003
*
* Description:
***************
*** 30,35 ****
--- 30,44 ----
************************************************************************************************/
+ #ifndef _UTILS_H
+ #define _UTILS_H
+
#include "../common/config.h"
+
+ void generate_crc32_table(void);
+ unsigned long calculate_crc32(char *, int);
+
+ void randomize_buffer(char *,int);
+
int my_tcp_connect(char *,int,int *);
int my_connect(char *,int,int *,char *);
***************
*** 43,46 ****
--- 52,57 ----
void display_license(void);
+
+ #endif
|