Imported Debian patch 3.1.1-1
This commit is contained in:
commit
4fa3978984
53
Changelog
53
Changelog
@ -2,6 +2,59 @@
|
|||||||
NRPE Changelog
|
NRPE Changelog
|
||||||
**************
|
**************
|
||||||
|
|
||||||
|
3.1.1 - 2017-05-24
|
||||||
|
------------------
|
||||||
|
FIXES
|
||||||
|
- The '--log-file=' or '-g' option is missing from the help (John Frickson)
|
||||||
|
- check_nrpe = segfault when specifying a config file (John Frickson)
|
||||||
|
- Alternate log file not being used soon enough (John Frickson)
|
||||||
|
- Unable to compile v3.1.0rc1 with new SSL checks on rh5 (John Frickson)
|
||||||
|
- Unable to compile nrpe-3.1.0 - undefined references to va_start, va_end (John Frickson)
|
||||||
|
- Can't build on Debian Stretch, openssl 1.1.0c (John Frickson)
|
||||||
|
- Fix build failure with -Werror=format-security (Bas Couwenberg)
|
||||||
|
- Fixed a typo in `nrpe.spec.in` (John Frickson)
|
||||||
|
- More detailed error logging for SSL (John Frickson)
|
||||||
|
- Fix infinite loop when unresolvable host is in allowed_hosts (Nick / John Frickson)
|
||||||
|
|
||||||
|
|
||||||
|
3.1.0 - 2017-04-17
|
||||||
|
------------------
|
||||||
|
ENHANCEMENTS
|
||||||
|
- Added option to nrpe.cfg.in that can override hard-coded NASTY_METACHARS (John Frickson)
|
||||||
|
- While processing 'include_dir' statement, sort the files (Philippe Kueck / John Frickson)
|
||||||
|
- nrpe can now write to a log file using 'log_file=' in nrpe.cfg (John Frickson)
|
||||||
|
- check_nrpe can now write to a log file using '--log-file=' or '-g' options (John Frickson)
|
||||||
|
|
||||||
|
FIXES
|
||||||
|
- Added missing debugging syslog entries, and changed printf()'s to syslog()'s. (Jobst Schmalenbach)
|
||||||
|
- Fix help output for ssl option (configure) (Ruben Kerkhof)
|
||||||
|
- Fixes to README.SSL.md and SECURITY.md (Elan Ruusamäe)
|
||||||
|
- Changed the 'check_load' command in nrpe.cfg.in (minusdavid)
|
||||||
|
- Cleanup of config.h.in suggested by Ruben Kerkhof
|
||||||
|
- Minor change to logging in check_nrpe (John Frickson)
|
||||||
|
- Solaris 11 detection is broken in configure (John Frickson)
|
||||||
|
- Removed function `b64_decode` which wasn't being used (John Frickson)
|
||||||
|
- check_nrpe ignores -a option when -f option is specified (John Frickson)
|
||||||
|
- Added missing LICENSE file (John Frickson)
|
||||||
|
- Off-by-one BO in my_system() (John Frickson)
|
||||||
|
- Got rid of some compiler warnings (Stefan Krüger / John Frickson)
|
||||||
|
- Add SOURCE_DATE_EPOCH specification support for reproducible builds. (Bas Couwenberg)
|
||||||
|
- nrpe 3.0.1 allows TLSv1 and TLSv1.1 when I configure for TLSv1.2+ (John Frickson)
|
||||||
|
- "Remote %s accepted a Version %s Packet", please add to debug (John Frickson)
|
||||||
|
- nrpe 3.0.1 segfaults when key and/or cert are broken symlinks (John Frickson)
|
||||||
|
- Fixed a couple of typos in docs/NRPE.* files (Ludmil Meltchev)
|
||||||
|
- Changed release date to ISO format (yyyy-mm-dd) (John Frickson)
|
||||||
|
- Fix systemd unit description (Bas Couwenberg)
|
||||||
|
- Add reload command to systemd service file (Bas Couwenberg)
|
||||||
|
- fix file not found error when updating version (Sven Nierlein)
|
||||||
|
- Spelling fixes (Josh Soref)
|
||||||
|
- Return UNKNOWN when check_nrpe cannot communicate with nrpe and -u set (John Frickson)
|
||||||
|
- xinetd.d parameter causes many messages in log file (John Frickson)
|
||||||
|
- Fixes for openssl 1.1.x (Stephen Smoogen / John Frickson)
|
||||||
|
- PATH and other environment variables not set with numeric nrpe_user (John Frickson)
|
||||||
|
- rpmbuild -ta nrpe-3.0.1.tar.gz failed File not found: /etc/init.d/nrpe (bvandi / John Frickson)
|
||||||
|
|
||||||
|
|
||||||
3.0.1 - 2016-09-08
|
3.0.1 - 2016-09-08
|
||||||
------------------
|
------------------
|
||||||
FIXES
|
FIXES
|
||||||
|
339
LICENSE
Normal file
339
LICENSE
Normal file
@ -0,0 +1,339 @@
|
|||||||
|
GNU GENERAL PUBLIC LICENSE
|
||||||
|
Version 2, June 1991
|
||||||
|
|
||||||
|
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
|
||||||
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
Everyone is permitted to copy and distribute verbatim copies
|
||||||
|
of this license document, but changing it is not allowed.
|
||||||
|
|
||||||
|
Preamble
|
||||||
|
|
||||||
|
The licenses for most software are designed to take away your
|
||||||
|
freedom to share and change it. By contrast, the GNU General Public
|
||||||
|
License is intended to guarantee your freedom to share and change free
|
||||||
|
software--to make sure the software is free for all its users. This
|
||||||
|
General Public License applies to most of the Free Software
|
||||||
|
Foundation's software and to any other program whose authors commit to
|
||||||
|
using it. (Some other Free Software Foundation software is covered by
|
||||||
|
the GNU Lesser General Public License instead.) You can apply it to
|
||||||
|
your programs, too.
|
||||||
|
|
||||||
|
When we speak of free software, we are referring to freedom, not
|
||||||
|
price. Our General Public Licenses are designed to make sure that you
|
||||||
|
have the freedom to distribute copies of free software (and charge for
|
||||||
|
this service if you wish), that you receive source code or can get it
|
||||||
|
if you want it, that you can change the software or use pieces of it
|
||||||
|
in new free programs; and that you know you can do these things.
|
||||||
|
|
||||||
|
To protect your rights, we need to make restrictions that forbid
|
||||||
|
anyone to deny you these rights or to ask you to surrender the rights.
|
||||||
|
These restrictions translate to certain responsibilities for you if you
|
||||||
|
distribute copies of the software, or if you modify it.
|
||||||
|
|
||||||
|
For example, if you distribute copies of such a program, whether
|
||||||
|
gratis or for a fee, you must give the recipients all the rights that
|
||||||
|
you have. You must make sure that they, too, receive or can get the
|
||||||
|
source code. And you must show them these terms so they know their
|
||||||
|
rights.
|
||||||
|
|
||||||
|
We protect your rights with two steps: (1) copyright the software, and
|
||||||
|
(2) offer you this license which gives you legal permission to copy,
|
||||||
|
distribute and/or modify the software.
|
||||||
|
|
||||||
|
Also, for each author's protection and ours, we want to make certain
|
||||||
|
that everyone understands that there is no warranty for this free
|
||||||
|
software. If the software is modified by someone else and passed on, we
|
||||||
|
want its recipients to know that what they have is not the original, so
|
||||||
|
that any problems introduced by others will not reflect on the original
|
||||||
|
authors' reputations.
|
||||||
|
|
||||||
|
Finally, any free program is threatened constantly by software
|
||||||
|
patents. We wish to avoid the danger that redistributors of a free
|
||||||
|
program will individually obtain patent licenses, in effect making the
|
||||||
|
program proprietary. To prevent this, we have made it clear that any
|
||||||
|
patent must be licensed for everyone's free use or not licensed at all.
|
||||||
|
|
||||||
|
The precise terms and conditions for copying, distribution and
|
||||||
|
modification follow.
|
||||||
|
|
||||||
|
GNU GENERAL PUBLIC LICENSE
|
||||||
|
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||||
|
|
||||||
|
0. This License applies to any program or other work which contains
|
||||||
|
a notice placed by the copyright holder saying it may be distributed
|
||||||
|
under the terms of this General Public License. The "Program", below,
|
||||||
|
refers to any such program or work, and a "work based on the Program"
|
||||||
|
means either the Program or any derivative work under copyright law:
|
||||||
|
that is to say, a work containing the Program or a portion of it,
|
||||||
|
either verbatim or with modifications and/or translated into another
|
||||||
|
language. (Hereinafter, translation is included without limitation in
|
||||||
|
the term "modification".) Each licensee is addressed as "you".
|
||||||
|
|
||||||
|
Activities other than copying, distribution and modification are not
|
||||||
|
covered by this License; they are outside its scope. The act of
|
||||||
|
running the Program is not restricted, and the output from the Program
|
||||||
|
is covered only if its contents constitute a work based on the
|
||||||
|
Program (independent of having been made by running the Program).
|
||||||
|
Whether that is true depends on what the Program does.
|
||||||
|
|
||||||
|
1. You may copy and distribute verbatim copies of the Program's
|
||||||
|
source code as you receive it, in any medium, provided that you
|
||||||
|
conspicuously and appropriately publish on each copy an appropriate
|
||||||
|
copyright notice and disclaimer of warranty; keep intact all the
|
||||||
|
notices that refer to this License and to the absence of any warranty;
|
||||||
|
and give any other recipients of the Program a copy of this License
|
||||||
|
along with the Program.
|
||||||
|
|
||||||
|
You may charge a fee for the physical act of transferring a copy, and
|
||||||
|
you may at your option offer warranty protection in exchange for a fee.
|
||||||
|
|
||||||
|
2. You may modify your copy or copies of the Program or any portion
|
||||||
|
of it, thus forming a work based on the Program, and copy and
|
||||||
|
distribute such modifications or work under the terms of Section 1
|
||||||
|
above, provided that you also meet all of these conditions:
|
||||||
|
|
||||||
|
a) You must cause the modified files to carry prominent notices
|
||||||
|
stating that you changed the files and the date of any change.
|
||||||
|
|
||||||
|
b) You must cause any work that you distribute or publish, that in
|
||||||
|
whole or in part contains or is derived from the Program or any
|
||||||
|
part thereof, to be licensed as a whole at no charge to all third
|
||||||
|
parties under the terms of this License.
|
||||||
|
|
||||||
|
c) If the modified program normally reads commands interactively
|
||||||
|
when run, you must cause it, when started running for such
|
||||||
|
interactive use in the most ordinary way, to print or display an
|
||||||
|
announcement including an appropriate copyright notice and a
|
||||||
|
notice that there is no warranty (or else, saying that you provide
|
||||||
|
a warranty) and that users may redistribute the program under
|
||||||
|
these conditions, and telling the user how to view a copy of this
|
||||||
|
License. (Exception: if the Program itself is interactive but
|
||||||
|
does not normally print such an announcement, your work based on
|
||||||
|
the Program is not required to print an announcement.)
|
||||||
|
|
||||||
|
These requirements apply to the modified work as a whole. If
|
||||||
|
identifiable sections of that work are not derived from the Program,
|
||||||
|
and can be reasonably considered independent and separate works in
|
||||||
|
themselves, then this License, and its terms, do not apply to those
|
||||||
|
sections when you distribute them as separate works. But when you
|
||||||
|
distribute the same sections as part of a whole which is a work based
|
||||||
|
on the Program, the distribution of the whole must be on the terms of
|
||||||
|
this License, whose permissions for other licensees extend to the
|
||||||
|
entire whole, and thus to each and every part regardless of who wrote it.
|
||||||
|
|
||||||
|
Thus, it is not the intent of this section to claim rights or contest
|
||||||
|
your rights to work written entirely by you; rather, the intent is to
|
||||||
|
exercise the right to control the distribution of derivative or
|
||||||
|
collective works based on the Program.
|
||||||
|
|
||||||
|
In addition, mere aggregation of another work not based on the Program
|
||||||
|
with the Program (or with a work based on the Program) on a volume of
|
||||||
|
a storage or distribution medium does not bring the other work under
|
||||||
|
the scope of this License.
|
||||||
|
|
||||||
|
3. You may copy and distribute the Program (or a work based on it,
|
||||||
|
under Section 2) in object code or executable form under the terms of
|
||||||
|
Sections 1 and 2 above provided that you also do one of the following:
|
||||||
|
|
||||||
|
a) Accompany it with the complete corresponding machine-readable
|
||||||
|
source code, which must be distributed under the terms of Sections
|
||||||
|
1 and 2 above on a medium customarily used for software interchange; or,
|
||||||
|
|
||||||
|
b) Accompany it with a written offer, valid for at least three
|
||||||
|
years, to give any third party, for a charge no more than your
|
||||||
|
cost of physically performing source distribution, a complete
|
||||||
|
machine-readable copy of the corresponding source code, to be
|
||||||
|
distributed under the terms of Sections 1 and 2 above on a medium
|
||||||
|
customarily used for software interchange; or,
|
||||||
|
|
||||||
|
c) Accompany it with the information you received as to the offer
|
||||||
|
to distribute corresponding source code. (This alternative is
|
||||||
|
allowed only for noncommercial distribution and only if you
|
||||||
|
received the program in object code or executable form with such
|
||||||
|
an offer, in accord with Subsection b above.)
|
||||||
|
|
||||||
|
The source code for a work means the preferred form of the work for
|
||||||
|
making modifications to it. For an executable work, complete source
|
||||||
|
code means all the source code for all modules it contains, plus any
|
||||||
|
associated interface definition files, plus the scripts used to
|
||||||
|
control compilation and installation of the executable. However, as a
|
||||||
|
special exception, the source code distributed need not include
|
||||||
|
anything that is normally distributed (in either source or binary
|
||||||
|
form) with the major components (compiler, kernel, and so on) of the
|
||||||
|
operating system on which the executable runs, unless that component
|
||||||
|
itself accompanies the executable.
|
||||||
|
|
||||||
|
If distribution of executable or object code is made by offering
|
||||||
|
access to copy from a designated place, then offering equivalent
|
||||||
|
access to copy the source code from the same place counts as
|
||||||
|
distribution of the source code, even though third parties are not
|
||||||
|
compelled to copy the source along with the object code.
|
||||||
|
|
||||||
|
4. You may not copy, modify, sublicense, or distribute the Program
|
||||||
|
except as expressly provided under this License. Any attempt
|
||||||
|
otherwise to copy, modify, sublicense or distribute the Program is
|
||||||
|
void, and will automatically terminate your rights under this License.
|
||||||
|
However, parties who have received copies, or rights, from you under
|
||||||
|
this License will not have their licenses terminated so long as such
|
||||||
|
parties remain in full compliance.
|
||||||
|
|
||||||
|
5. You are not required to accept this License, since you have not
|
||||||
|
signed it. However, nothing else grants you permission to modify or
|
||||||
|
distribute the Program or its derivative works. These actions are
|
||||||
|
prohibited by law if you do not accept this License. Therefore, by
|
||||||
|
modifying or distributing the Program (or any work based on the
|
||||||
|
Program), you indicate your acceptance of this License to do so, and
|
||||||
|
all its terms and conditions for copying, distributing or modifying
|
||||||
|
the Program or works based on it.
|
||||||
|
|
||||||
|
6. Each time you redistribute the Program (or any work based on the
|
||||||
|
Program), the recipient automatically receives a license from the
|
||||||
|
original licensor to copy, distribute or modify the Program subject to
|
||||||
|
these terms and conditions. You may not impose any further
|
||||||
|
restrictions on the recipients' exercise of the rights granted herein.
|
||||||
|
You are not responsible for enforcing compliance by third parties to
|
||||||
|
this License.
|
||||||
|
|
||||||
|
7. If, as a consequence of a court judgment or allegation of patent
|
||||||
|
infringement or for any other reason (not limited to patent issues),
|
||||||
|
conditions are imposed on you (whether by court order, agreement or
|
||||||
|
otherwise) that contradict the conditions of this License, they do not
|
||||||
|
excuse you from the conditions of this License. If you cannot
|
||||||
|
distribute so as to satisfy simultaneously your obligations under this
|
||||||
|
License and any other pertinent obligations, then as a consequence you
|
||||||
|
may not distribute the Program at all. For example, if a patent
|
||||||
|
license would not permit royalty-free redistribution of the Program by
|
||||||
|
all those who receive copies directly or indirectly through you, then
|
||||||
|
the only way you could satisfy both it and this License would be to
|
||||||
|
refrain entirely from distribution of the Program.
|
||||||
|
|
||||||
|
If any portion of this section is held invalid or unenforceable under
|
||||||
|
any particular circumstance, the balance of the section is intended to
|
||||||
|
apply and the section as a whole is intended to apply in other
|
||||||
|
circumstances.
|
||||||
|
|
||||||
|
It is not the purpose of this section to induce you to infringe any
|
||||||
|
patents or other property right claims or to contest validity of any
|
||||||
|
such claims; this section has the sole purpose of protecting the
|
||||||
|
integrity of the free software distribution system, which is
|
||||||
|
implemented by public license practices. Many people have made
|
||||||
|
generous contributions to the wide range of software distributed
|
||||||
|
through that system in reliance on consistent application of that
|
||||||
|
system; it is up to the author/donor to decide if he or she is willing
|
||||||
|
to distribute software through any other system and a licensee cannot
|
||||||
|
impose that choice.
|
||||||
|
|
||||||
|
This section is intended to make thoroughly clear what is believed to
|
||||||
|
be a consequence of the rest of this License.
|
||||||
|
|
||||||
|
8. If the distribution and/or use of the Program is restricted in
|
||||||
|
certain countries either by patents or by copyrighted interfaces, the
|
||||||
|
original copyright holder who places the Program under this License
|
||||||
|
may add an explicit geographical distribution limitation excluding
|
||||||
|
those countries, so that distribution is permitted only in or among
|
||||||
|
countries not thus excluded. In such case, this License incorporates
|
||||||
|
the limitation as if written in the body of this License.
|
||||||
|
|
||||||
|
9. The Free Software Foundation may publish revised and/or new versions
|
||||||
|
of the General Public License from time to time. Such new versions will
|
||||||
|
be similar in spirit to the present version, but may differ in detail to
|
||||||
|
address new problems or concerns.
|
||||||
|
|
||||||
|
Each version is given a distinguishing version number. If the Program
|
||||||
|
specifies a version number of this License which applies to it and "any
|
||||||
|
later version", you have the option of following the terms and conditions
|
||||||
|
either of that version or of any later version published by the Free
|
||||||
|
Software Foundation. If the Program does not specify a version number of
|
||||||
|
this License, you may choose any version ever published by the Free Software
|
||||||
|
Foundation.
|
||||||
|
|
||||||
|
10. If you wish to incorporate parts of the Program into other free
|
||||||
|
programs whose distribution conditions are different, write to the author
|
||||||
|
to ask for permission. For software which is copyrighted by the Free
|
||||||
|
Software Foundation, write to the Free Software Foundation; we sometimes
|
||||||
|
make exceptions for this. Our decision will be guided by the two goals
|
||||||
|
of preserving the free status of all derivatives of our free software and
|
||||||
|
of promoting the sharing and reuse of software generally.
|
||||||
|
|
||||||
|
NO WARRANTY
|
||||||
|
|
||||||
|
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
|
||||||
|
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
|
||||||
|
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
|
||||||
|
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
|
||||||
|
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||||
|
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
|
||||||
|
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
|
||||||
|
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
|
||||||
|
REPAIR OR CORRECTION.
|
||||||
|
|
||||||
|
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||||
|
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
|
||||||
|
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
|
||||||
|
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
|
||||||
|
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
|
||||||
|
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
|
||||||
|
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
|
||||||
|
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
|
||||||
|
POSSIBILITY OF SUCH DAMAGES.
|
||||||
|
|
||||||
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
How to Apply These Terms to Your New Programs
|
||||||
|
|
||||||
|
If you develop a new program, and you want it to be of the greatest
|
||||||
|
possible use to the public, the best way to achieve this is to make it
|
||||||
|
free software which everyone can redistribute and change under these terms.
|
||||||
|
|
||||||
|
To do so, attach the following notices to the program. It is safest
|
||||||
|
to attach them to the start of each source file to most effectively
|
||||||
|
convey the exclusion of warranty; and each file should have at least
|
||||||
|
the "copyright" line and a pointer to where the full notice is found.
|
||||||
|
|
||||||
|
<one line to give the program's name and a brief idea of what it does.>
|
||||||
|
Copyright (C) <year> <name of author>
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation; either version 2 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License along
|
||||||
|
with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||||
|
|
||||||
|
Also add information on how to contact you by electronic and paper mail.
|
||||||
|
|
||||||
|
If the program is interactive, make it output a short notice like this
|
||||||
|
when it starts in an interactive mode:
|
||||||
|
|
||||||
|
Gnomovision version 69, Copyright (C) year name of author
|
||||||
|
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||||
|
This is free software, and you are welcome to redistribute it
|
||||||
|
under certain conditions; type `show c' for details.
|
||||||
|
|
||||||
|
The hypothetical commands `show w' and `show c' should show the appropriate
|
||||||
|
parts of the General Public License. Of course, the commands you use may
|
||||||
|
be called something other than `show w' and `show c'; they could even be
|
||||||
|
mouse-clicks or menu items--whatever suits your program.
|
||||||
|
|
||||||
|
You should also get your employer (if you work as a programmer) or your
|
||||||
|
school, if any, to sign a "copyright disclaimer" for the program, if
|
||||||
|
necessary. Here is a sample; alter the names:
|
||||||
|
|
||||||
|
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
|
||||||
|
`Gnomovision' (which makes passes at compilers) written by James Hacker.
|
||||||
|
|
||||||
|
<signature of Ty Coon>, 1 April 1989
|
||||||
|
Ty Coon, President of Vice
|
||||||
|
|
||||||
|
This General Public License does not permit incorporating your program into
|
||||||
|
proprietary programs. If your program is a subroutine library, you may
|
||||||
|
consider it more useful to permit linking proprietary applications with the
|
||||||
|
library. If this is what you want to do, use the GNU Lesser General
|
||||||
|
Public License instead of this License.
|
@ -70,7 +70,7 @@ all:
|
|||||||
echo "";\
|
echo "";\
|
||||||
echo "You can now continue with the installation or upgrade process.";\
|
echo "You can now continue with the installation or upgrade process.";\
|
||||||
echo "";\
|
echo "";\
|
||||||
echo "Read the PDF documentation (NRPE.pdf) for information on the next";\
|
echo "Read the PDF documentation (docs/NRPE.pdf) for information on the next";\
|
||||||
echo "steps you should take to complete the installation or upgrade.";\
|
echo "steps you should take to complete the installation or upgrade.";\
|
||||||
echo ""
|
echo ""
|
||||||
|
|
||||||
@ -126,7 +126,9 @@ install-init:
|
|||||||
launchctl load $(INIT_DIR)/$(INIT_FILE); \
|
launchctl load $(INIT_DIR)/$(INIT_FILE); \
|
||||||
else\
|
else\
|
||||||
if test -f /sbin/chkconfig ; then \
|
if test -f /sbin/chkconfig ; then \
|
||||||
/sbin/chkconfig nrpe on;\
|
case "$(DESTDIR)" in */rpmbuild/*) break;; \
|
||||||
|
*)/sbin/chkconfig nrpe on;; \
|
||||||
|
esac; \
|
||||||
else\
|
else\
|
||||||
echo "Make sure to enable the nrpe daemon";\
|
echo "Make sure to enable the nrpe daemon";\
|
||||||
fi;\
|
fi;\
|
||||||
|
@ -171,14 +171,14 @@ run the nrpe daemon: `db_server` and `bobs_workstation`.
|
|||||||
As root, do the following:
|
As root, do the following:
|
||||||
|
|
||||||
mkdir -p -m 750 /usr/local/nagios/etc/ssl
|
mkdir -p -m 750 /usr/local/nagios/etc/ssl
|
||||||
chown root.nagios /usr/local/nagios/etc/ssl
|
chown root:nagios /usr/local/nagios/etc/ssl
|
||||||
cd /usr/local/nagios/etc/ssl
|
cd /usr/local/nagios/etc/ssl
|
||||||
mkdir -m 750 ca
|
mkdir -m 750 ca
|
||||||
chown root.root ca
|
chown root:root ca
|
||||||
mkdir -m 750 server_certs
|
mkdir -m 750 server_certs
|
||||||
chown root.nagios server_certs
|
chown root:nagios server_certs
|
||||||
mkdir -m 750 client_certs
|
mkdir -m 750 client_certs
|
||||||
chown root.nagios client_certs
|
chown root:nagios client_certs
|
||||||
|
|
||||||
|
|
||||||
####Create Certificate Authority
|
####Create Certificate Authority
|
||||||
@ -229,7 +229,7 @@ If you have the default `/etc/openssl.cnf`, either change it, or as root, do:
|
|||||||
mkdir demoCA/newcerts
|
mkdir demoCA/newcerts
|
||||||
touch demoCA/index.txt
|
touch demoCA/index.txt
|
||||||
echo "01" > demoCA/serial
|
echo "01" > demoCA/serial
|
||||||
chown -R root.root demoCA
|
chown -R root:root demoCA
|
||||||
chmod 700 demoCA
|
chmod 700 demoCA
|
||||||
chmod 700 demoCA/newcerts
|
chmod 700 demoCA/newcerts
|
||||||
chmod 600 demoCA/serial
|
chmod 600 demoCA/serial
|
||||||
@ -242,13 +242,13 @@ Now, sign the CSRs. As root, do the following:
|
|||||||
-keyfile ca/ca_key.pem -cert ca/ca_cert.pem \
|
-keyfile ca/ca_key.pem -cert ca/ca_cert.pem \
|
||||||
-in server_certs/db_server.csr \
|
-in server_certs/db_server.csr \
|
||||||
-out server_certs/db_server.pem
|
-out server_certs/db_server.pem
|
||||||
chown root.nagios server_certs/db_server.pem
|
chown root:nagios server_certs/db_server.pem
|
||||||
chmod 440 server_certs/db_server.pem
|
chmod 440 server_certs/db_server.pem
|
||||||
openssl ca -days 365 -notext -md sha256 \
|
openssl ca -days 365 -notext -md sha256 \
|
||||||
-keyfile ca/ca_key.pem -cert ca/ca_cert.pem \
|
-keyfile ca/ca_key.pem -cert ca/ca_cert.pem \
|
||||||
-in server_certs/bobs_workstation.csr \
|
-in server_certs/bobs_workstation.csr \
|
||||||
-out server_certs/bobs_workstation.pem
|
-out server_certs/bobs_workstation.pem
|
||||||
chown root.nagios server_certs/bobs_workstation.pem
|
chown root:nagios server_certs/bobs_workstation.pem
|
||||||
chmod 440 server_certs/bobs_workstation.pem
|
chmod 440 server_certs/bobs_workstation.pem
|
||||||
|
|
||||||
Now, copy the `db_server.pem` and `db_server.key` files to the
|
Now, copy the `db_server.pem` and `db_server.key` files to the
|
||||||
@ -271,7 +271,7 @@ running the check_nrpe program.
|
|||||||
-keyfile ca/ca_key.pem -cert ca/ca_cert.pem \
|
-keyfile ca/ca_key.pem -cert ca/ca_cert.pem \
|
||||||
-in client_certs/nag_serv.csr \
|
-in client_certs/nag_serv.csr \
|
||||||
-out client_certs/nag_serv.pem
|
-out client_certs/nag_serv.pem
|
||||||
chown root.nagios client_certs/nag_serv.pem
|
chown root:nagios client_certs/nag_serv.pem
|
||||||
chmod 440 client_certs/nag_serv.pem
|
chmod 440 client_certs/nag_serv.pem
|
||||||
|
|
||||||
Now, copy the `nag_serv.pem`, `nag_serv.key` and `ca/ca_cert.pem`
|
Now, copy the `nag_serv.pem`, `nag_serv.key` and `ca/ca_cert.pem`
|
||||||
|
@ -46,7 +46,7 @@ do two things:
|
|||||||
|
|
||||||
#### ENABLING BASH COMMAND SUBSTITUTION ####
|
#### ENABLING BASH COMMAND SUBSTITUTION ####
|
||||||
|
|
||||||
To enable support for arguments containing bash command substitions,
|
To enable support for arguments containing bash command substitutions,
|
||||||
you must do two things:
|
you must do two things:
|
||||||
|
|
||||||
1. Enable arguments as described above
|
1. Enable arguments as described above
|
||||||
@ -64,7 +64,7 @@ To help prevent some nasty things from being done by evil
|
|||||||
clients, the following metacharacters are not allowed
|
clients, the following metacharacters are not allowed
|
||||||
in client command arguments:
|
in client command arguments:
|
||||||
|
|
||||||
| ` & > < ' " \ [ ] { } ; !
|
| ` & > < ' \ [ ] { } ; ! \r \n
|
||||||
|
|
||||||
Any client request which contains the above mentioned metachars
|
Any client request which contains the above mentioned metachars
|
||||||
is discarded.
|
is discarded.
|
||||||
|
9
THANKS
9
THANKS
@ -4,10 +4,12 @@ Andrew Boyce-Lewis
|
|||||||
Andrew Ryder
|
Andrew Ryder
|
||||||
Andrew Widdersheim
|
Andrew Widdersheim
|
||||||
Bartosz Woronicz
|
Bartosz Woronicz
|
||||||
|
Bas Couwenberg
|
||||||
Bill Mitchell
|
Bill Mitchell
|
||||||
Bjoern Beutel
|
Bjoern Beutel
|
||||||
Brian Seklecki
|
Brian Seklecki
|
||||||
Derrick Bennett
|
Derrick Bennett
|
||||||
|
Elan Ruusamäe
|
||||||
Eric Mislivec
|
Eric Mislivec
|
||||||
Eric Stanley
|
Eric Stanley
|
||||||
Gerhard Lausser
|
Gerhard Lausser
|
||||||
@ -17,8 +19,10 @@ Grégory Starck
|
|||||||
James Peterson
|
James Peterson
|
||||||
Jari Takkala
|
Jari Takkala
|
||||||
Jason Cook
|
Jason Cook
|
||||||
|
Jobst Schmalenbach
|
||||||
John Maag
|
John Maag
|
||||||
Jon Andrews
|
Jon Andrews
|
||||||
|
Josh Soref
|
||||||
Kaspersky Lab
|
Kaspersky Lab
|
||||||
Kevin Pendleton
|
Kevin Pendleton
|
||||||
Konstantin Malov
|
Konstantin Malov
|
||||||
@ -30,13 +34,18 @@ Matthias Flacke
|
|||||||
Niels Endres
|
Niels Endres
|
||||||
Patric Wust
|
Patric Wust
|
||||||
Peter Palfrader
|
Peter Palfrader
|
||||||
|
Philippe Kueck
|
||||||
Rene Klootwijk
|
Rene Klootwijk
|
||||||
Robert Peaslee
|
Robert Peaslee
|
||||||
|
Ruben Kerkhof
|
||||||
Ryan McGarry
|
Ryan McGarry
|
||||||
Ryan Ordway
|
Ryan Ordway
|
||||||
Sean Finney
|
Sean Finney
|
||||||
Spenser Reinhardt
|
Spenser Reinhardt
|
||||||
|
Stefan Krüger
|
||||||
|
Stephen Smoogen
|
||||||
Subhendu Ghosh
|
Subhendu Ghosh
|
||||||
|
Sven Nierlein
|
||||||
Thierry Bertaud
|
Thierry Bertaud
|
||||||
Ton Voon
|
Ton Voon
|
||||||
Vadim Antipov
|
Vadim Antipov
|
||||||
|
203
configure
vendored
203
configure
vendored
@ -1,6 +1,6 @@
|
|||||||
#! /bin/sh
|
#! /bin/sh
|
||||||
# Guess values for system-dependent variables and create Makefiles.
|
# Guess values for system-dependent variables and create Makefiles.
|
||||||
# Generated by GNU Autoconf 2.69 for nrpe 3.0.1.
|
# Generated by GNU Autoconf 2.69 for nrpe 3.1.1.
|
||||||
#
|
#
|
||||||
# Report bugs to <nagios-users@lists.sourceforge.net>.
|
# Report bugs to <nagios-users@lists.sourceforge.net>.
|
||||||
#
|
#
|
||||||
@ -580,8 +580,8 @@ MAKEFLAGS=
|
|||||||
# Identity of this package.
|
# Identity of this package.
|
||||||
PACKAGE_NAME='nrpe'
|
PACKAGE_NAME='nrpe'
|
||||||
PACKAGE_TARNAME='nrpe'
|
PACKAGE_TARNAME='nrpe'
|
||||||
PACKAGE_VERSION='3.0.1'
|
PACKAGE_VERSION='3.1.1'
|
||||||
PACKAGE_STRING='nrpe 3.0.1'
|
PACKAGE_STRING='nrpe 3.1.1'
|
||||||
PACKAGE_BUGREPORT='nagios-users@lists.sourceforge.net'
|
PACKAGE_BUGREPORT='nagios-users@lists.sourceforge.net'
|
||||||
PACKAGE_URL='https://www.nagios.org/downloads/nagios-core-addons/'
|
PACKAGE_URL='https://www.nagios.org/downloads/nagios-core-addons/'
|
||||||
|
|
||||||
@ -630,6 +630,7 @@ SSL_LIB_DIR
|
|||||||
SSL_INC_PREFIX
|
SSL_INC_PREFIX
|
||||||
SSL_HDR
|
SSL_HDR
|
||||||
SSL_INC_DIR
|
SSL_INC_DIR
|
||||||
|
SSL_TYPE
|
||||||
HAVE_SSL
|
HAVE_SSL
|
||||||
EGREP
|
EGREP
|
||||||
GREP
|
GREP
|
||||||
@ -756,6 +757,7 @@ with_logdir
|
|||||||
with_piddir
|
with_piddir
|
||||||
with_pipedir
|
with_pipedir
|
||||||
enable_ssl
|
enable_ssl
|
||||||
|
with_need_dh
|
||||||
with_ssl
|
with_ssl
|
||||||
with_ssl_inc
|
with_ssl_inc
|
||||||
with_ssl_lib
|
with_ssl_lib
|
||||||
@ -1318,7 +1320,7 @@ if test "$ac_init_help" = "long"; then
|
|||||||
# Omit some internal or obsolete options to make the list less imposing.
|
# Omit some internal or obsolete options to make the list less imposing.
|
||||||
# This message is too long to be a string in the A/UX 3.1 sh.
|
# This message is too long to be a string in the A/UX 3.1 sh.
|
||||||
cat <<_ACEOF
|
cat <<_ACEOF
|
||||||
\`configure' configures nrpe 3.0.1 to adapt to many kinds of systems.
|
\`configure' configures nrpe 3.1.1 to adapt to many kinds of systems.
|
||||||
|
|
||||||
Usage: $0 [OPTION]... [VAR=VALUE]...
|
Usage: $0 [OPTION]... [VAR=VALUE]...
|
||||||
|
|
||||||
@ -1368,7 +1370,7 @@ fi
|
|||||||
|
|
||||||
if test -n "$ac_init_help"; then
|
if test -n "$ac_init_help"; then
|
||||||
case $ac_init_help in
|
case $ac_init_help in
|
||||||
short | recursive ) echo "Configuration of nrpe 3.0.1:";;
|
short | recursive ) echo "Configuration of nrpe 3.1.1:";;
|
||||||
esac
|
esac
|
||||||
cat <<\_ACEOF
|
cat <<\_ACEOF
|
||||||
|
|
||||||
@ -1388,7 +1390,7 @@ Optional Features:
|
|||||||
'--enable-install-method', so you can see the
|
'--enable-install-method', so you can see the
|
||||||
destinations before a full './configure', 'make',
|
destinations before a full './configure', 'make',
|
||||||
'make install' process.
|
'make install' process.
|
||||||
--enable-ssl enables native SSL support
|
--disable-ssl disables native SSL support [default=check]
|
||||||
--enable-command-args allows clients to specify command arguments. ***
|
--enable-command-args allows clients to specify command arguments. ***
|
||||||
THIS IS A SECURITY RISK! *** Read the SECURITY file
|
THIS IS A SECURITY RISK! *** Read the SECURITY file
|
||||||
before using this option!
|
before using this option!
|
||||||
@ -1421,6 +1423,7 @@ Optional Packages:
|
|||||||
--with-logdir=DIR where log files should be placed
|
--with-logdir=DIR where log files should be placed
|
||||||
--with-piddir=DIR where the PID file should be placed
|
--with-piddir=DIR where the PID file should be placed
|
||||||
--with-pipedir=DIR where socket and pipe files should be placed
|
--with-pipedir=DIR where socket and pipe files should be placed
|
||||||
|
--with-need-dh set to 'no' to not include Diffie-Hellman SSL logic
|
||||||
--with-ssl=DIR sets location of the SSL installation
|
--with-ssl=DIR sets location of the SSL installation
|
||||||
--with-ssl-inc=DIR sets location of the SSL include files
|
--with-ssl-inc=DIR sets location of the SSL include files
|
||||||
--with-ssl-lib=DIR sets location of the SSL libraries
|
--with-ssl-lib=DIR sets location of the SSL libraries
|
||||||
@ -1513,7 +1516,7 @@ fi
|
|||||||
test -n "$ac_init_help" && exit $ac_status
|
test -n "$ac_init_help" && exit $ac_status
|
||||||
if $ac_init_version; then
|
if $ac_init_version; then
|
||||||
cat <<\_ACEOF
|
cat <<\_ACEOF
|
||||||
nrpe configure 3.0.1
|
nrpe configure 3.1.1
|
||||||
generated by GNU Autoconf 2.69
|
generated by GNU Autoconf 2.69
|
||||||
|
|
||||||
Copyright (C) 2012 Free Software Foundation, Inc.
|
Copyright (C) 2012 Free Software Foundation, Inc.
|
||||||
@ -2119,7 +2122,7 @@ cat >config.log <<_ACEOF
|
|||||||
This file contains any messages produced by compilers while
|
This file contains any messages produced by compilers while
|
||||||
running configure, to aid debugging if configure makes a mistake.
|
running configure, to aid debugging if configure makes a mistake.
|
||||||
|
|
||||||
It was created by nrpe $as_me 3.0.1, which was
|
It was created by nrpe $as_me 3.1.1, which was
|
||||||
generated by GNU Autoconf 2.69. Invocation command line was
|
generated by GNU Autoconf 2.69. Invocation command line was
|
||||||
|
|
||||||
$ $0 $@
|
$ $0 $@
|
||||||
@ -2484,9 +2487,9 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
|
|||||||
|
|
||||||
|
|
||||||
PKG_NAME=nrpe
|
PKG_NAME=nrpe
|
||||||
PKG_VERSION="3.0.1"
|
PKG_VERSION="3.1.1"
|
||||||
PKG_HOME_URL="http://www.nagios.org/"
|
PKG_HOME_URL="http://www.nagios.org/"
|
||||||
PKG_REL_DATE="09-08-2016"
|
PKG_REL_DATE="2017-05-24"
|
||||||
RPM_RELEASE=1
|
RPM_RELEASE=1
|
||||||
|
|
||||||
LANG=C
|
LANG=C
|
||||||
@ -2751,10 +2754,12 @@ fi
|
|||||||
bsd) :
|
bsd) :
|
||||||
dist_type=`uname -s | tr "A-Z" "a-z"`
|
dist_type=`uname -s | tr "A-Z" "a-z"`
|
||||||
dist_ver=`uname -r` ;; #(
|
dist_ver=`uname -r` ;; #(
|
||||||
aix|hp-ux) :
|
aix) :
|
||||||
dist_ver=$OSTYPE ;; #(
|
dist_ver="`uname -v`.`uname -r`" ;; #(
|
||||||
|
hp-ux) :
|
||||||
|
dist_ver=`uname -r | cut -d'.' -f1-3` ;; #(
|
||||||
solaris) :
|
solaris) :
|
||||||
dist_ver=`echo $OSTYPE | cut -d'.' -f2` ;; #(
|
dist_ver=`uname -r | cut -d'.' -f2` ;; #(
|
||||||
*) :
|
*) :
|
||||||
dist_ver=$OSTYPE
|
dist_ver=$OSTYPE
|
||||||
;; #(
|
;; #(
|
||||||
@ -2888,20 +2893,19 @@ fi
|
|||||||
elif test "$dist_type" = "slackware"; then
|
elif test "$dist_type" = "slackware"; then
|
||||||
init_type="bsd"
|
init_type="bsd"
|
||||||
init_type_wanted=no
|
init_type_wanted=no
|
||||||
|
elif test "$dist_type" = "aix"; then
|
||||||
|
init_type="bsd"
|
||||||
|
init_type_wanted=no
|
||||||
|
elif test "$dist_type" = "hp-ux"; then
|
||||||
|
init_type="unknown"
|
||||||
|
init_type_wanted=no
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
PSCMD="ps -p1 -o args"
|
PSCMD="ps -p1 -o args"
|
||||||
case $dist_type in #(
|
if test $dist_type = solaris; then
|
||||||
aix) :
|
PSCMD="env UNIX95=1; ps -p1 -o args"
|
||||||
PSCMD="env UNIX95=1; ps -p1 -o args" ;; #(
|
fi
|
||||||
solaris) :
|
|
||||||
PSCMD="env UNIX95=1; ps -p1 -o args" ;; #(
|
|
||||||
hp-ux) :
|
|
||||||
PSCMD="env UNIX95=1; ps -p1 -o args" ;; #(
|
|
||||||
*) :
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
if test "$init_type_wanted" = yes; then
|
if test "$init_type_wanted" = yes; then
|
||||||
pid1=`$PSCMD | grep -vi COMMAND | cut -d' ' -f1`
|
pid1=`$PSCMD | grep -vi COMMAND | cut -d' ' -f1`
|
||||||
@ -2948,7 +2952,7 @@ esac
|
|||||||
|
|
||||||
if test "$init_type_wanted" = yes; then
|
if test "$init_type_wanted" = yes; then
|
||||||
if test "$pid1" = "/sbin/init" -o "$pid1" = "/usr/sbin/init"; then
|
if test "$pid1" = "/sbin/init" -o "$pid1" = "/usr/sbin/init"; then
|
||||||
if `/sbin/init --version 2>/dev/null | grep "upstart" >/dev/null`; then
|
if `$pid1 --version 2>/dev/null | grep "upstart" >/dev/null`; then
|
||||||
init_type="upstart"
|
init_type="upstart"
|
||||||
init_type_wanted=no
|
init_type_wanted=no
|
||||||
elif test -f "/etc/rc" -a ! -L "/etc/rc"; then
|
elif test -f "/etc/rc" -a ! -L "/etc/rc"; then
|
||||||
@ -3018,13 +3022,6 @@ fi
|
|||||||
|
|
||||||
inetd_disabled=""
|
inetd_disabled=""
|
||||||
|
|
||||||
if test x"$init_type" = "xupstart"; then
|
|
||||||
inetd_type="upstart"
|
|
||||||
elif test "$opsys" = "osx"; then
|
|
||||||
inetd_type="launchd"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test x"$inetd_type" = x; then
|
|
||||||
case $dist_type in #(
|
case $dist_type in #(
|
||||||
solaris) :
|
solaris) :
|
||||||
if test x"$init_type" = "xsmf10" -o x"$init_type" = "xsmf11"; then
|
if test x"$init_type" = "xsmf10" -o x"$init_type" = "xsmf11"; then
|
||||||
@ -3034,13 +3031,20 @@ fi
|
|||||||
fi ;; #(
|
fi ;; #(
|
||||||
*bsd*) :
|
*bsd*) :
|
||||||
inetd_type=`ps -A -o comm -c | grep inetd` ;; #(
|
inetd_type=`ps -A -o comm -c | grep inetd` ;; #(
|
||||||
|
osx) :
|
||||||
|
inetd_type=`launchd` ;; #(
|
||||||
aix|hp-ux) :
|
aix|hp-ux) :
|
||||||
inetd_type=`UNIX95= ps -A -o comm | grep inetd | head -1` ;; #(
|
inetd_type=`UNIX95= ps -A -o comm | grep inetd | head -1` ;; #(
|
||||||
*) :
|
*) :
|
||||||
inetd_type=`ps -C "inetd,xinetd" -o fname | grep -vi COMMAND` ;; #(
|
inetd_type=`ps -C "inetd,xinetd" -o fname | grep -vi COMMAND | head -1` ;; #(
|
||||||
*) :
|
*) :
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
if test x"$inetd_type" = x; then
|
||||||
|
if test x"$init_type" = "xupstart"; then
|
||||||
|
inetd_type="upstart"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if test x"$inetd_type" = x; then
|
if test x"$inetd_type" = x; then
|
||||||
@ -3154,16 +3158,21 @@ case $dist_type in #(
|
|||||||
esac
|
esac
|
||||||
|
|
||||||
|
|
||||||
need_cgi=no
|
# Does this package need to know:
|
||||||
need_web=no
|
need_cgi=no # where the cgi-bin directory is
|
||||||
need_brk=no
|
need_web=no # where the website directory is
|
||||||
need_plg=no
|
need_brk=no # where the event broker modules directory is
|
||||||
need_pipe=no
|
need_plg=no # where the plugins directory is
|
||||||
need_spl=no
|
need_pipe=no # where the pipe directory is
|
||||||
need_loc=no
|
need_spl=no # where the spool directory is
|
||||||
need_log_subdir=no
|
need_loc=no # where the locale directory is
|
||||||
need_etc_subdir=no
|
need_log_subdir=no # where the loc sub-directory is
|
||||||
need_pls_dir=no
|
need_etc_subdir=no # where the etc sub-directory is
|
||||||
|
need_pls_dir=no # where the package locate state directory is
|
||||||
|
|
||||||
|
if test x"$INIT_PROG" = x; then
|
||||||
|
INIT_PROG="$PKG_NAME"
|
||||||
|
fi
|
||||||
|
|
||||||
case $PKG_NAME in #(
|
case $PKG_NAME in #(
|
||||||
nagios) :
|
nagios) :
|
||||||
@ -3177,6 +3186,7 @@ case $PKG_NAME in #(
|
|||||||
need_cgi=yes
|
need_cgi=yes
|
||||||
need_web=yes ;; #(
|
need_web=yes ;; #(
|
||||||
ndoutils) :
|
ndoutils) :
|
||||||
|
need_brk=yes
|
||||||
need_spl=yes ;; #(
|
need_spl=yes ;; #(
|
||||||
nrpe) :
|
nrpe) :
|
||||||
need_plg=yes ;; #(
|
need_plg=yes ;; #(
|
||||||
@ -3348,14 +3358,14 @@ tmpfilesd=${tmpfilesd="/usr/lib/tmpfiles.d"}
|
|||||||
if test ! -d "$tmpfilesd"; then
|
if test ! -d "$tmpfilesd"; then
|
||||||
tmpfilesd="N/A"
|
tmpfilesd="N/A"
|
||||||
else
|
else
|
||||||
tmpfilesd="$tmpfilesd/$PKG_NAME.conf"
|
tmpfilesd="$tmpfilesd/$INIT_PROG.conf"
|
||||||
fi
|
fi
|
||||||
subsyslockdir=${subsyslockdir="/var/lock/subsys"}
|
subsyslockdir=${subsyslockdir="/var/lock/subsys"}
|
||||||
if test ! -d "$subsyslockdir"; then
|
if test ! -d "$subsyslockdir"; then
|
||||||
subsyslockdir="N/A"
|
subsyslockdir="N/A"
|
||||||
subsyslockfile="N/A"
|
subsyslockfile="N/A"
|
||||||
else
|
else
|
||||||
subsyslockfile="$subsyslockdir/$PKG_NAME"
|
subsyslockfile="$subsyslockdir/$INIT_PROG"
|
||||||
fi
|
fi
|
||||||
if test "$need_loc" = no; then
|
if test "$need_loc" = no; then
|
||||||
localedir="N/A"
|
localedir="N/A"
|
||||||
@ -3436,23 +3446,23 @@ elif test $opsys = "linux"; then
|
|||||||
fi
|
fi
|
||||||
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
||||||
if test $need_log_subdir = yes; then
|
if test $need_log_subdir = yes; then
|
||||||
logdir=${logdir="$localstatedir/log/$PKG_NAME"}
|
logdir=${logdir="$localstatedir/log/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
logdir=${logdir="$localstatedir/log"}
|
logdir=${logdir="$localstatedir/log"}
|
||||||
fi
|
fi
|
||||||
piddir=${piddir="$localstatedir/run/${PKG_NAME}"}
|
piddir=${piddir="$localstatedir/run/${INIT_PROG}"}
|
||||||
if test "$need_pipe" = yes; then
|
if test "$need_pipe" = yes; then
|
||||||
pipedir=${pipedir="$localstatedir/run/${PKG_NAME}"}
|
pipedir=${pipedir="$localstatedir/run/${INIT_PROG}"}
|
||||||
else
|
else
|
||||||
pipedir="N/A"
|
pipedir="N/A"
|
||||||
fi
|
fi
|
||||||
if test "$need_pls_dir" = yes; then
|
if test "$need_pls_dir" = yes; then
|
||||||
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$PKG_NAME"}
|
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
pkglocalstatedir="N/A"
|
pkglocalstatedir="N/A"
|
||||||
fi
|
fi
|
||||||
if test "$need_spl" = yes; then
|
if test "$need_spl" = yes; then
|
||||||
spooldir=${spooldir="$localstatedir/spool/$PKG_NAME"}
|
spooldir=${spooldir="$localstatedir/spool/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
spooldir="N/A"
|
spooldir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -3501,7 +3511,7 @@ elif test $opsys = "unix"; then
|
|||||||
fi
|
fi
|
||||||
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
||||||
if test "$need_pls_dir" = yes; then
|
if test "$need_pls_dir" = yes; then
|
||||||
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$PKG_NAME"}
|
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
pkglocalstatedir="N/A"
|
pkglocalstatedir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -3509,7 +3519,7 @@ elif test $opsys = "unix"; then
|
|||||||
localedir=${localedir="/usr/local/share/locale/<lang>/LC_MESSAGES/nagios-plugins.mo"}
|
localedir=${localedir="/usr/local/share/locale/<lang>/LC_MESSAGES/nagios-plugins.mo"}
|
||||||
fi
|
fi
|
||||||
if test "$need_spl" = yes; then
|
if test "$need_spl" = yes; then
|
||||||
spooldir=${spooldir="$localstatedir/spool/$PKG_NAME"}
|
spooldir=${spooldir="$localstatedir/spool/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
spooldir="N/A"
|
spooldir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -3534,14 +3544,14 @@ elif test $opsys = "unix"; then
|
|||||||
pipedir=${pipedir="$pkglocalstatedir"}
|
pipedir=${pipedir="$pkglocalstatedir"}
|
||||||
logdir=${logdir="$pkglocalstatedir/log"} ;; #(
|
logdir=${logdir="$pkglocalstatedir/log"} ;; #(
|
||||||
*) :
|
*) :
|
||||||
piddir=${piddir="$localstatedir/run/${PKG_NAME}"}
|
piddir=${piddir="$localstatedir/run/${INIT_PROG}"}
|
||||||
if test "$need_pipe" = yes; then
|
if test "$need_pipe" = yes; then
|
||||||
pipedir=${pipedir="$localstatedir/run/${PKG_NAME}"}
|
pipedir=${pipedir="$localstatedir/run/${INIT_PROG}"}
|
||||||
else
|
else
|
||||||
pipedir="N/A"
|
pipedir="N/A"
|
||||||
fi
|
fi
|
||||||
if test $need_log_subdir = yes; then
|
if test $need_log_subdir = yes; then
|
||||||
logdir=${logdir="$localstatedir/log/$PKG_NAME"}
|
logdir=${logdir="$localstatedir/log/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
logdir=${logdir="$localstatedir/log"}
|
logdir=${logdir="$localstatedir/log"}
|
||||||
fi
|
fi
|
||||||
@ -3594,7 +3604,7 @@ elif test $opsys = "bsd"; then
|
|||||||
fi
|
fi
|
||||||
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
||||||
if test "$need_pls_dir" = yes; then
|
if test "$need_pls_dir" = yes; then
|
||||||
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$PKG_NAME"}
|
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
pkglocalstatedir="N/A"
|
pkglocalstatedir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -3602,7 +3612,7 @@ elif test $opsys = "bsd"; then
|
|||||||
localedir=${localedir="/usr/local/share/locale/<lang>/LC_MESSAGES/nagios-plugins.mo"}
|
localedir=${localedir="/usr/local/share/locale/<lang>/LC_MESSAGES/nagios-plugins.mo"}
|
||||||
fi
|
fi
|
||||||
if test "$need_spl" = yes; then
|
if test "$need_spl" = yes; then
|
||||||
spooldir=${spooldir="$localstatedir/spool/$PKG_NAME"}
|
spooldir=${spooldir="$localstatedir/spool/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
spooldir="N/A"
|
spooldir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -3627,14 +3637,14 @@ elif test $opsys = "bsd"; then
|
|||||||
else
|
else
|
||||||
cgibindir="N/A"
|
cgibindir="N/A"
|
||||||
fi
|
fi
|
||||||
piddir=${piddir="$localstatedir/run/${PKG_NAME}"}
|
piddir=${piddir="$localstatedir/run/${INIT_PROG}"}
|
||||||
if test "$need_pipe" = yes; then
|
if test "$need_pipe" = yes; then
|
||||||
pipedir=${pipedir="$localstatedir/run/${PKG_NAME}"}
|
pipedir=${pipedir="$localstatedir/run/${INIT_PROG}"}
|
||||||
else
|
else
|
||||||
pipedir="N/A"
|
pipedir="N/A"
|
||||||
fi
|
fi
|
||||||
if test $need_log_subdir = yes; then
|
if test $need_log_subdir = yes; then
|
||||||
logdir=${logdir="$localstatedir/log/$PKG_NAME"}
|
logdir=${logdir="$localstatedir/log/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
logdir=${logdir="$localstatedir/log"}
|
logdir=${logdir="$localstatedir/log"}
|
||||||
fi
|
fi
|
||||||
@ -3670,6 +3680,7 @@ eval libexecdir=$libexecdir
|
|||||||
eval brokersdir=$brokersdir
|
eval brokersdir=$brokersdir
|
||||||
eval pluginsdir=$pluginsdir
|
eval pluginsdir=$pluginsdir
|
||||||
eval cgibindir=$cgibindir
|
eval cgibindir=$cgibindir
|
||||||
|
eval localstatedir=$localstatedir
|
||||||
eval pkglocalstatedir=$pkglocalstatedir
|
eval pkglocalstatedir=$pkglocalstatedir
|
||||||
eval webdir=$webdir
|
eval webdir=$webdir
|
||||||
eval localedir=$localedir
|
eval localedir=$localedir
|
||||||
@ -3687,51 +3698,56 @@ case $init_type in #(
|
|||||||
else
|
else
|
||||||
initdir=${initdir="/etc/init.d"}
|
initdir=${initdir="/etc/init.d"}
|
||||||
fi
|
fi
|
||||||
initname=${initname="$PKG_NAME"}
|
initname=${initname="$INIT_PROG"}
|
||||||
initconfdir=${initconfdir="/etc/conf.d"}
|
initconfdir=${initconfdir="/etc/conf.d"}
|
||||||
initconf=${initconf="$initconfdir/$PKG_NAME"} ;; #(
|
initconf=${initconf="$initconfdir/$INIT_PROG"} ;; #(
|
||||||
systemd) :
|
systemd) :
|
||||||
if test $dist_type = "debian"; then
|
if test $dist_type = "debian"; then
|
||||||
initdir=${initdir="/lib/systemd/system"}
|
initdir=${initdir="/lib/systemd/system"}
|
||||||
else
|
else
|
||||||
initdir=${initdir="/usr/lib/systemd/system"}
|
initdir=${initdir="/usr/lib/systemd/system"}
|
||||||
fi
|
fi
|
||||||
initname=${initname="$PKG_NAME.service"} ;; #(
|
initname=${initname="$INIT_PROG.service"} ;; #(
|
||||||
bsd) :
|
bsd) :
|
||||||
|
if test $dist_type = "aix"; then
|
||||||
|
initdir=${initdir="/sbin/rc.d/init.d"}
|
||||||
|
initname=${initname="$INIT_PROG"}
|
||||||
|
else
|
||||||
initdir=${initdir="/etc/rc.d"}
|
initdir=${initdir="/etc/rc.d"}
|
||||||
initname=${initname="rc.$PKG_NAME"} ;; #(
|
initname=${initname="rc.$INIT_PROG"}
|
||||||
|
fi ;; #(
|
||||||
newbsd) :
|
newbsd) :
|
||||||
initdir=${initdir="/etc/rc.d"}
|
initdir=${initdir="/etc/rc.d"}
|
||||||
initname=${initname="$PKG_NAME"} ;; #(
|
initname=${initname="$INIT_PROG"} ;; #(
|
||||||
gentoo) :
|
gentoo) :
|
||||||
initdir=${initdir="/etc/init.d"}
|
initdir=${initdir="/etc/init.d"}
|
||||||
initname=${initname="$PKG_NAME"}
|
initname=${initname="$INIT_PROG"}
|
||||||
initconfdir=${initconfdir="/etc/init.d"}
|
initconfdir=${initconfdir="/etc/init.d"}
|
||||||
initconf=${initconf="$initconfdir/$PKG_NAME"} ;; #(
|
initconf=${initconf="$initconfdir/$INIT_PROG"} ;; #(
|
||||||
openrc) :
|
openrc) :
|
||||||
initdir=${initdir="/etc/init.d"}
|
initdir=${initdir="/etc/init.d"}
|
||||||
initname=${initname="$PKG_NAME"}
|
initname=${initname="$INIT_PROG"}
|
||||||
initconfdir=${initconfdir="/etc/conf.d"}
|
initconfdir=${initconfdir="/etc/conf.d"}
|
||||||
initconf=${initconf="$initconfdir/$PKG_NAME"} ;; #(
|
initconf=${initconf="$initconfdir/$INIT_PROG"} ;; #(
|
||||||
smf*) :
|
smf*) :
|
||||||
if test $init_type = smf10; then
|
if test $init_type = smf10; then
|
||||||
initdir=${initdir="/var/svc/manifest/network/nagios"}
|
initdir=${initdir="/var/svc/manifest/network/nagios"}
|
||||||
else
|
else
|
||||||
initdir=${initdir="/lib/svc/manifest/network/nagios"}
|
initdir=${initdir="/lib/svc/manifest/network/nagios"}
|
||||||
fi
|
fi
|
||||||
initname=${initname="$PKG_NAME.xml"}
|
initname=${initname="$INIT_PROG.xml"}
|
||||||
initconfdir=unknown
|
initconfdir=unknown
|
||||||
initconf=unknown ;; #(
|
initconf=unknown ;; #(
|
||||||
upstart) :
|
upstart) :
|
||||||
initdir=${initdir="/etc/init"}
|
initdir=${initdir="/etc/init"}
|
||||||
initname=${initname="$PKG_NAME.conf"}
|
initname=${initname="$INIT_PROG.conf"}
|
||||||
initconfdir=${initconfdir="/etc/default"}
|
initconfdir=${initconfdir="/etc/default"}
|
||||||
initconf=${initconf="$initconfdir/$PKG_NAME"} ;; #(
|
initconf=${initconf="$initconfdir/$INIT_PROG"} ;; #(
|
||||||
launchd) :
|
launchd) :
|
||||||
initdir=${initdir="/Library/LaunchDaemons"}
|
initdir=${initdir="/Library/LaunchDaemons"}
|
||||||
initname=${initname="org.nagios.$PKG_NAME.plist"} ;; #(
|
initname=${initname="org.nagios.$INIT_PROG.plist"} ;; #(
|
||||||
# initconfdir=${initconfdir="/private/etc"}
|
# initconfdir=${initconfdir="/private/etc"}
|
||||||
# initconf=${initconf="$initconfdir/$PKG_NAME"},
|
# initconf=${initconf="$initconfdir/$INIT_PROG"},
|
||||||
|
|
||||||
|
|
||||||
*) :
|
*) :
|
||||||
@ -3750,28 +3766,28 @@ case $inetd_type in #(
|
|||||||
inetdname=${inetdname="inetd.conf"} ;; #(
|
inetdname=${inetdname="inetd.conf"} ;; #(
|
||||||
xinetd) :
|
xinetd) :
|
||||||
inetddir=${inetddir="/etc/xinetd.d"}
|
inetddir=${inetddir="/etc/xinetd.d"}
|
||||||
inetdname=${inetdname="$PKG_NAME"} ;; #(
|
inetdname=${inetdname="$INIT_PROG"} ;; #(
|
||||||
systemd) :
|
systemd) :
|
||||||
if test $dist_type = "debian"; then
|
if test $dist_type = "debian"; then
|
||||||
inetddir=${inetddir="/lib/systemd/system"}
|
inetddir=${inetddir="/lib/systemd/system"}
|
||||||
else
|
else
|
||||||
inetddir=${inetddir="/usr/lib/systemd/system"}
|
inetddir=${inetddir="/usr/lib/systemd/system"}
|
||||||
fi
|
fi
|
||||||
netdname=${inetdname="$PKG_NAME.socket"} ;; #(
|
netdname=${inetdname="$INIT_PROG.socket"} ;; #(
|
||||||
smf*) :
|
smf*) :
|
||||||
if test $init_type = smf10; then
|
if test $init_type = smf10; then
|
||||||
inetddir=${inetddir="/var/svc/manifest/network/nagios"}
|
inetddir=${inetddir="/var/svc/manifest/network/nagios"}
|
||||||
else
|
else
|
||||||
inetddir=${inetddir="/lib/svc/manifest/network/nagios"}
|
inetddir=${inetddir="/lib/svc/manifest/network/nagios"}
|
||||||
fi
|
fi
|
||||||
inetdname=${inetdname="$PKG_NAME.xml"} ;; #(
|
inetdname=${inetdname="$INIT_PROG.xml"} ;; #(
|
||||||
# [upstart],
|
# [upstart],
|
||||||
# inetddir=${inetddir="/etc/init.d"}
|
# inetddir=${inetddir="/etc/init.d"}
|
||||||
# inetdname=${inetdname="$PKG_NAME"},
|
# inetdname=${inetdname="$INIT_PROG"},
|
||||||
|
|
||||||
launchd) :
|
launchd) :
|
||||||
inetddir=${inetddir="/Library/LaunchDaemons"}
|
inetddir=${inetddir="/Library/LaunchDaemons"}
|
||||||
inetdname=${inetdname="org.nagios.$PKG_NAME.plist"} ;; #(
|
inetdname=${inetdname="org.nagios.$INIT_PROG.plist"} ;; #(
|
||||||
*) :
|
*) :
|
||||||
inetddir=${inetddir="unknown"}
|
inetddir=${inetddir="unknown"}
|
||||||
inetdname=${inetdname="unknown"} ;; #(
|
inetdname=${inetdname="unknown"} ;; #(
|
||||||
@ -3829,11 +3845,11 @@ case $init_type in #(
|
|||||||
src_init=upstart-init
|
src_init=upstart-init
|
||||||
fi ;; #(
|
fi ;; #(
|
||||||
launchd) :
|
launchd) :
|
||||||
src_init="mac-init.plist"
|
src_init="mac-init.plist" ;; #(
|
||||||
|
|
||||||
* ;; #(
|
|
||||||
*) :
|
*) :
|
||||||
src_init="unknown"
|
src_init="unknown"
|
||||||
|
;; #(
|
||||||
|
*) :
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $src_init" >&5
|
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $src_init" >&5
|
||||||
@ -3866,7 +3882,7 @@ $as_echo "$src_inetd" >&6; }
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
if test "$dist_type" = solaris -a "$dist_ver" != smf11; then
|
if test "$dist_type" = solaris -a "$dist_ver" = 10; then
|
||||||
$as_echo "#define SOLARIS_10 yes" >>confdefs.h
|
$as_echo "#define SOLARIS_10 yes" >>confdefs.h
|
||||||
|
|
||||||
fi
|
fi
|
||||||
@ -4332,7 +4348,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
|||||||
# report actual input values of CONFIG_FILES etc. instead of their
|
# report actual input values of CONFIG_FILES etc. instead of their
|
||||||
# values after options handling.
|
# values after options handling.
|
||||||
ac_log="
|
ac_log="
|
||||||
This file was extended by nrpe $as_me 3.0.1, which was
|
This file was extended by nrpe $as_me 3.1.1, which was
|
||||||
generated by GNU Autoconf 2.69. Invocation command line was
|
generated by GNU Autoconf 2.69. Invocation command line was
|
||||||
|
|
||||||
CONFIG_FILES = $CONFIG_FILES
|
CONFIG_FILES = $CONFIG_FILES
|
||||||
@ -4386,7 +4402,7 @@ _ACEOF
|
|||||||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||||
ac_cs_version="\\
|
ac_cs_version="\\
|
||||||
nrpe config.status 3.0.1
|
nrpe config.status 3.1.1
|
||||||
configured by $0, generated by GNU Autoconf 2.69,
|
configured by $0, generated by GNU Autoconf 2.69,
|
||||||
with options \\"\$ac_cs_config\\"
|
with options \\"\$ac_cs_config\\"
|
||||||
|
|
||||||
@ -7140,7 +7156,7 @@ rm -f core conftest.err conftest.$ac_objext \
|
|||||||
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
for ac_func in strdup strstr strtoul strtok_r initgroups closesocket sigaction
|
for ac_func in strdup strstr strtoul strtok_r initgroups closesocket sigaction scandir
|
||||||
do :
|
do :
|
||||||
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
|
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
|
||||||
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
|
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
|
||||||
@ -7264,9 +7280,19 @@ else
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
need_dh=yes
|
||||||
|
|
||||||
|
# Check whether --with-need_dh was given.
|
||||||
|
if test "${with_need_dh+set}" = set; then :
|
||||||
|
withval=$with_need_dh; need_dh=$withval
|
||||||
|
else
|
||||||
|
nrpe_group=need_dh
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
if test x$check_for_ssl = xyes; then
|
if test x$check_for_ssl = xyes; then
|
||||||
# need_dh should only be set for NRPE
|
# need_dh should only be set for NRPE
|
||||||
need_dh=yes
|
# need_dh=yes
|
||||||
|
|
||||||
|
|
||||||
# -------------------------------
|
# -------------------------------
|
||||||
@ -7290,6 +7316,7 @@ SSL_LIB_DIR=
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# gnutls/openssl.h
|
# gnutls/openssl.h
|
||||||
# nss_compat_ossl/nss_compat_ossl.h
|
# nss_compat_ossl/nss_compat_ossl.h
|
||||||
|
|
||||||
@ -8257,7 +8284,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
|
|||||||
# report actual input values of CONFIG_FILES etc. instead of their
|
# report actual input values of CONFIG_FILES etc. instead of their
|
||||||
# values after options handling.
|
# values after options handling.
|
||||||
ac_log="
|
ac_log="
|
||||||
This file was extended by nrpe $as_me 3.0.1, which was
|
This file was extended by nrpe $as_me 3.1.1, which was
|
||||||
generated by GNU Autoconf 2.69. Invocation command line was
|
generated by GNU Autoconf 2.69. Invocation command line was
|
||||||
|
|
||||||
CONFIG_FILES = $CONFIG_FILES
|
CONFIG_FILES = $CONFIG_FILES
|
||||||
@ -8320,7 +8347,7 @@ _ACEOF
|
|||||||
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
|
||||||
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
|
||||||
ac_cs_version="\\
|
ac_cs_version="\\
|
||||||
nrpe config.status 3.0.1
|
nrpe config.status 3.1.1
|
||||||
configured by $0, generated by GNU Autoconf 2.69,
|
configured by $0, generated by GNU Autoconf 2.69,
|
||||||
with options \\"\$ac_cs_config\\"
|
with options \\"\$ac_cs_config\\"
|
||||||
|
|
||||||
|
20
configure.ac
20
configure.ac
@ -5,15 +5,15 @@ define([AC_CACHE_LOAD],)
|
|||||||
define([AC_CACHE_SAVE],)
|
define([AC_CACHE_SAVE],)
|
||||||
|
|
||||||
m4_include([build-aux/custom_help.m4])
|
m4_include([build-aux/custom_help.m4])
|
||||||
AC_INIT([nrpe],[3.0.1],[nagios-users@lists.sourceforge.net],[nrpe],[https://www.nagios.org/downloads/nagios-core-addons/])
|
AC_INIT([nrpe],[3.1.1],[nagios-users@lists.sourceforge.net],[nrpe],[https://www.nagios.org/downloads/nagios-core-addons/])
|
||||||
AC_CONFIG_SRCDIR([src/nrpe.c])
|
AC_CONFIG_SRCDIR([src/nrpe.c])
|
||||||
AC_CONFIG_AUX_DIR([build-aux])
|
AC_CONFIG_AUX_DIR([build-aux])
|
||||||
AC_PREFIX_DEFAULT(/usr/local/nagios)
|
AC_PREFIX_DEFAULT(/usr/local/nagios)
|
||||||
|
|
||||||
PKG_NAME=nrpe
|
PKG_NAME=nrpe
|
||||||
PKG_VERSION="3.0.1"
|
PKG_VERSION="3.1.1"
|
||||||
PKG_HOME_URL="http://www.nagios.org/"
|
PKG_HOME_URL="http://www.nagios.org/"
|
||||||
PKG_REL_DATE="09-08-2016"
|
PKG_REL_DATE="2017-05-24"
|
||||||
RPM_RELEASE=1
|
RPM_RELEASE=1
|
||||||
|
|
||||||
LANG=C
|
LANG=C
|
||||||
@ -60,7 +60,7 @@ AC_NAGIOS_GET_INETD
|
|||||||
AC_NAGIOS_GET_PATHS
|
AC_NAGIOS_GET_PATHS
|
||||||
AC_NAGIOS_GET_FILES
|
AC_NAGIOS_GET_FILES
|
||||||
|
|
||||||
if test "$dist_type" = solaris -a "$dist_ver" != smf11; then
|
if test "$dist_type" = solaris -a "$dist_ver" = 10; then
|
||||||
AC_DEFINE(SOLARIS_10,yes)
|
AC_DEFINE(SOLARIS_10,yes)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -243,7 +243,7 @@ AC_CHECK_LIB(wrap,main,[
|
|||||||
AC_TRY_LINK([#include <tcpd.h>
|
AC_TRY_LINK([#include <tcpd.h>
|
||||||
],[int a = rfc931_timeout;],AC_DEFINE(HAVE_RFC931_TIMEOUT))
|
],[int a = rfc931_timeout;],AC_DEFINE(HAVE_RFC931_TIMEOUT))
|
||||||
])
|
])
|
||||||
AC_CHECK_FUNCS(strdup strstr strtoul strtok_r initgroups closesocket sigaction)
|
AC_CHECK_FUNCS(strdup strstr strtoul strtok_r initgroups closesocket sigaction scandir)
|
||||||
|
|
||||||
dnl socklen_t check - from curl
|
dnl socklen_t check - from curl
|
||||||
AC_CHECK_TYPE([socklen_t], ,[
|
AC_CHECK_TYPE([socklen_t], ,[
|
||||||
@ -296,7 +296,7 @@ AC_TRY_COMPILE([#include <stdlib.h>
|
|||||||
|
|
||||||
dnl Does user want to check for SSL?
|
dnl Does user want to check for SSL?
|
||||||
AC_ARG_ENABLE([ssl],
|
AC_ARG_ENABLE([ssl],
|
||||||
AS_HELP_STRING([--enable-ssl],[enables native SSL support]),[
|
AS_HELP_STRING([--disable-ssl],[disables native SSL support @<:@default=check@:>@]),[
|
||||||
if test x$enableval = xyes; then
|
if test x$enableval = xyes; then
|
||||||
check_for_ssl=yes
|
check_for_ssl=yes
|
||||||
else
|
else
|
||||||
@ -304,10 +304,16 @@ AC_ARG_ENABLE([ssl],
|
|||||||
fi
|
fi
|
||||||
],check_for_ssl=yes)
|
],check_for_ssl=yes)
|
||||||
|
|
||||||
|
need_dh=yes
|
||||||
|
AC_ARG_WITH([need_dh],
|
||||||
|
AS_HELP_STRING([--with-need-dh],[set to 'no' to not include Diffie-Hellman SSL logic]),
|
||||||
|
[need_dh=$withval],
|
||||||
|
[nrpe_group=need_dh])
|
||||||
|
|
||||||
dnl Optional SSL library and include paths
|
dnl Optional SSL library and include paths
|
||||||
if test x$check_for_ssl = xyes; then
|
if test x$check_for_ssl = xyes; then
|
||||||
# need_dh should only be set for NRPE
|
# need_dh should only be set for NRPE
|
||||||
need_dh=yes
|
# need_dh=yes
|
||||||
AC_NAGIOS_GET_SSL
|
AC_NAGIOS_GET_SSL
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
4
debian/README.Debian
vendored
4
debian/README.Debian
vendored
@ -1,9 +1,9 @@
|
|||||||
nrpe
|
NRPE
|
||||||
----
|
----
|
||||||
|
|
||||||
Put any local check command you need into /etc/nagios/nrpe_local.cfg or
|
Put any local check command you need into /etc/nagios/nrpe_local.cfg or
|
||||||
as a *.cfg file in /etc/nagios/nrpe.d/
|
as a *.cfg file in /etc/nagios/nrpe.d/
|
||||||
This files are included from the /etc/nagios/nrpe.cfg
|
These files are included from the /etc/nagios/nrpe.cfg
|
||||||
|
|
||||||
This package is built without support for command argument processing. If you
|
This package is built without support for command argument processing. If you
|
||||||
want to enable it, you will have to rebuild this package with
|
want to enable it, you will have to rebuild this package with
|
||||||
|
28
debian/changelog
vendored
28
debian/changelog
vendored
@ -1,3 +1,31 @@
|
|||||||
|
nagios-nrpe (3.1.1-1) unstable; urgency=medium
|
||||||
|
|
||||||
|
* Move from experimental to unstable.
|
||||||
|
|
||||||
|
-- Bas Couwenberg <sebastic@debian.org> Sun, 18 Jun 2017 13:39:05 +0200
|
||||||
|
|
||||||
|
nagios-nrpe (3.1.1-1~exp1) experimental; urgency=medium
|
||||||
|
|
||||||
|
* New upstream release.
|
||||||
|
* Drop format-security.patch, applied upstream.
|
||||||
|
* Use --with-need-dh=no configure option instead of patch.
|
||||||
|
|
||||||
|
-- Bas Couwenberg <sebastic@debian.org> Sat, 27 May 2017 10:57:03 +0200
|
||||||
|
|
||||||
|
nagios-nrpe (3.1.0-1~exp1) experimental; urgency=medium
|
||||||
|
|
||||||
|
* New upstream release.
|
||||||
|
(closes: #849417, #445976, #691328)
|
||||||
|
* Fix typo in manpage.
|
||||||
|
(closes: #856658)
|
||||||
|
* Drop 10_reproducible_build.patch, applied upstream.
|
||||||
|
Refresh remaining patches.
|
||||||
|
* Update build dependency for OpenSSL 1.1.0.
|
||||||
|
(closes: #859223)
|
||||||
|
* Add patch to fix FTBFS with -Werror=format-security.
|
||||||
|
|
||||||
|
-- Bas Couwenberg <sebastic@debian.org> Wed, 19 Apr 2017 19:28:05 +0200
|
||||||
|
|
||||||
nagios-nrpe (3.0.1-3) unstable; urgency=medium
|
nagios-nrpe (3.0.1-3) unstable; urgency=medium
|
||||||
|
|
||||||
* Add reload command to systemd service file.
|
* Add reload command to systemd service file.
|
||||||
|
2
debian/control
vendored
2
debian/control
vendored
@ -6,7 +6,7 @@ Priority: optional
|
|||||||
Build-Depends: debhelper (>= 9),
|
Build-Depends: debhelper (>= 9),
|
||||||
dh-autoreconf,
|
dh-autoreconf,
|
||||||
dh-systemd,
|
dh-systemd,
|
||||||
libssl1.0-dev | libssl-dev,
|
libssl-dev,
|
||||||
libwrap0-dev,
|
libwrap0-dev,
|
||||||
openssl
|
openssl
|
||||||
Standards-Version: 3.9.8
|
Standards-Version: 3.9.8
|
||||||
|
2
debian/nrpe.8
vendored
2
debian/nrpe.8
vendored
@ -45,7 +45,7 @@ command execution requests from the check_nrpe plugin on the Nagios host.
|
|||||||
.TP
|
.TP
|
||||||
\fB\-d \-s\fR = Run as a subsystem under AIX
|
\fB\-d \-s\fR = Run as a subsystem under AIX
|
||||||
.TP
|
.TP
|
||||||
\fB\-d\fR = Don't fork() for systemd, launchd, etc.
|
\fB\-f\fR = Don't fork() for systemd, launchd, etc.
|
||||||
.PP
|
.PP
|
||||||
Notes:
|
Notes:
|
||||||
This program is designed to process requests from the check_nrpe
|
This program is designed to process requests from the check_nrpe
|
||||||
|
@ -5,7 +5,7 @@ Forwarded: not-needed
|
|||||||
|
|
||||||
--- a/sample-config/nrpe.cfg.in
|
--- a/sample-config/nrpe.cfg.in
|
||||||
+++ b/sample-config/nrpe.cfg.in
|
+++ b/sample-config/nrpe.cfg.in
|
||||||
@@ -301,3 +301,14 @@ command[check_total_procs]=@pluginsdir@/
|
@@ -317,3 +317,14 @@ command[check_total_procs]=@pluginsdir@/
|
||||||
#command[check_load]=@pluginsdir@/check_load -w $ARG1$ -c $ARG2$
|
#command[check_load]=@pluginsdir@/check_load -w $ARG1$ -c $ARG2$
|
||||||
#command[check_disk]=@pluginsdir@/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
|
#command[check_disk]=@pluginsdir@/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
|
||||||
#command[check_procs]=@pluginsdir@/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
|
#command[check_procs]=@pluginsdir@/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
|
||||||
|
24
debian/patches/10_reproducible_build.patch
vendored
24
debian/patches/10_reproducible_build.patch
vendored
@ -1,24 +0,0 @@
|
|||||||
Description: Make the build reproducible.
|
|
||||||
Author: Chris Lamb <lamby@debian.org>
|
|
||||||
Bug-Debian: https://bugs.debian.org/834857
|
|
||||||
Forwarded: https://github.com/NagiosEnterprises/nrpe/pull/78
|
|
||||||
Applied-Upstream: https://github.com/NagiosEnterprises/nrpe/commit/c6ca9766cae19bc194efa68ed85999e9c9756422
|
|
||||||
|
|
||||||
--- a/update-version
|
|
||||||
+++ b/update-version
|
|
||||||
@@ -20,11 +20,11 @@ fi
|
|
||||||
|
|
||||||
# Get date (two formats)
|
|
||||||
if [ -n "$2" ]; then
|
|
||||||
- LONGDATE=`date -d "$2" "+%B %d, %Y"`
|
|
||||||
- SHORTDATE=`date -d "$2" "+%m-%d-%Y"`
|
|
||||||
+ LONGDATE=$(LC_ALL=C date -u -d "$2" "+%B %d, %Y")
|
|
||||||
+ SHORTDATE=$(date -u -d "$2" "+%m-%d-%Y")
|
|
||||||
else
|
|
||||||
- LONGDATE=`date "+%B %d, %Y"`
|
|
||||||
- SHORTDATE=`date "+%m-%d-%Y"`
|
|
||||||
+ LONGDATE=$(LC_ALL=C date -u -d "@${SOURCE_DATE_EPOCH:-$(date +%s)}" "+%B %d, %Y")
|
|
||||||
+ SHORTDATE=$(date -u -d "@${SOURCE_DATE_EPOCH:-$(date +%s)}" "+%m-%d-%Y")
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Current version number
|
|
60
debian/patches/11_reproducible_dh.h.patch
vendored
60
debian/patches/11_reproducible_dh.h.patch
vendored
@ -1,60 +0,0 @@
|
|||||||
Description: Use pre-generated dh.h for reproducible builds.
|
|
||||||
Author: Bas Couwenberg <sebastic@debian.org>
|
|
||||||
Bug-Debian: https://bugs.debian.org/834857
|
|
||||||
Forwarded: not-needed
|
|
||||||
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/include/dh.h
|
|
||||||
@@ -0,0 +1,41 @@
|
|
||||||
+#ifndef HEADER_DH_H
|
|
||||||
+#include <openssl/dh.h>
|
|
||||||
+#endif
|
|
||||||
+DH *get_dh2048()
|
|
||||||
+ {
|
|
||||||
+ static unsigned char dh2048_p[]={
|
|
||||||
+ 0xE9,0x3C,0xF4,0xCE,0x63,0x0A,0x57,0x9A,0xD1,0x34,0x74,0xA1,
|
|
||||||
+ 0x3E,0xC3,0x93,0xB5,0x50,0x36,0x56,0x87,0x9F,0x8F,0xBC,0x74,
|
|
||||||
+ 0x15,0x03,0x1D,0x00,0x45,0xB0,0x2F,0xA3,0x2C,0xC1,0x13,0xFF,
|
|
||||||
+ 0x6C,0xF1,0xDB,0x36,0xB5,0xB5,0x49,0x2D,0x6A,0x8D,0x55,0xA1,
|
|
||||||
+ 0xE6,0x4C,0xD1,0xA9,0x07,0x24,0xC4,0xDF,0x3A,0x2A,0x9E,0xDB,
|
|
||||||
+ 0x4A,0x23,0xAD,0x56,0x79,0xA3,0x3D,0xC4,0xAD,0xE0,0x3E,0x17,
|
|
||||||
+ 0x3B,0x43,0x0F,0xB6,0x83,0xE4,0x52,0xFD,0x6D,0x74,0x03,0xB3,
|
|
||||||
+ 0x29,0x26,0xF2,0x29,0x0A,0xA2,0x33,0x56,0x0C,0x16,0xF7,0x81,
|
|
||||||
+ 0xBF,0xDC,0xB8,0xCE,0x78,0xC1,0x73,0xD6,0x48,0x54,0x2D,0x98,
|
|
||||||
+ 0xA5,0x7A,0xE3,0x38,0x8E,0x3D,0x75,0xDB,0x92,0x4D,0x76,0xC1,
|
|
||||||
+ 0xCD,0xE7,0x27,0xEE,0x09,0x89,0xFA,0xCE,0x7A,0xD6,0xDC,0x5B,
|
|
||||||
+ 0x08,0x6B,0xE8,0x7E,0x37,0x7B,0x40,0x89,0x72,0xBD,0x4E,0xF4,
|
|
||||||
+ 0x9A,0xDC,0x94,0xA3,0x7D,0x4C,0x15,0xE4,0xE1,0xA8,0x8D,0xF9,
|
|
||||||
+ 0xB2,0xF0,0x02,0x40,0x39,0x6C,0xDD,0x37,0x08,0xC1,0xE8,0x0B,
|
|
||||||
+ 0xAD,0x16,0x24,0x81,0x5F,0x24,0xD9,0x65,0x71,0x34,0x78,0xF3,
|
|
||||||
+ 0xFE,0x35,0xE0,0x20,0xFF,0x6D,0x41,0xE7,0xC8,0x8E,0x58,0x59,
|
|
||||||
+ 0x24,0x01,0x9A,0xC8,0xA7,0x8D,0x48,0x43,0x8E,0x34,0x7C,0xC1,
|
|
||||||
+ 0xB4,0xC8,0xD0,0x9C,0xBD,0xEA,0x83,0xC7,0xC9,0x86,0xFC,0xD1,
|
|
||||||
+ 0xA7,0xAF,0x5C,0x99,0x98,0xD1,0x82,0x78,0xE4,0xA4,0x1C,0xB5,
|
|
||||||
+ 0x87,0x72,0xD8,0x38,0x48,0x60,0xAE,0xCB,0x92,0xA2,0x79,0xFC,
|
|
||||||
+ 0x8F,0x1D,0x94,0xB5,0x88,0xA5,0xA4,0xE1,0xF5,0x98,0xBA,0xB2,
|
|
||||||
+ 0x06,0x22,0xA8,0x1B,
|
|
||||||
+ };
|
|
||||||
+ static unsigned char dh2048_g[]={
|
|
||||||
+ 0x02,
|
|
||||||
+ };
|
|
||||||
+ DH *dh;
|
|
||||||
+
|
|
||||||
+ if ((dh=DH_new()) == NULL) return(NULL);
|
|
||||||
+ dh->p=BN_bin2bn(dh2048_p,sizeof(dh2048_p),NULL);
|
|
||||||
+ dh->g=BN_bin2bn(dh2048_g,sizeof(dh2048_g),NULL);
|
|
||||||
+ if ((dh->p == NULL) || (dh->g == NULL))
|
|
||||||
+ { DH_free(dh); return(NULL); }
|
|
||||||
+ return(dh);
|
|
||||||
+ }
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -307,7 +307,7 @@ AC_ARG_ENABLE([ssl],
|
|
||||||
dnl Optional SSL library and include paths
|
|
||||||
if test x$check_for_ssl = xyes; then
|
|
||||||
# need_dh should only be set for NRPE
|
|
||||||
- need_dh=yes
|
|
||||||
+ need_dh=no
|
|
||||||
AC_NAGIOS_GET_SSL
|
|
||||||
fi
|
|
||||||
|
|
2
debian/patches/series
vendored
2
debian/patches/series
vendored
@ -1,4 +1,2 @@
|
|||||||
02_nrpe.cfg_local-include_support_nrpe.d.patch
|
02_nrpe.cfg_local-include_support_nrpe.d.patch
|
||||||
07_warn_ssloption.patch
|
07_warn_ssloption.patch
|
||||||
10_reproducible_build.patch
|
|
||||||
11_reproducible_dh.h.patch
|
|
||||||
|
10
debian/rules
vendored
10
debian/rules
vendored
@ -14,9 +14,6 @@ export AUTOHEADER=true
|
|||||||
dh $@ --with autoreconf,systemd --parallel
|
dh $@ --with autoreconf,systemd --parallel
|
||||||
|
|
||||||
override_dh_auto_configure:
|
override_dh_auto_configure:
|
||||||
# Save deterministic "openssl dhparam" output.
|
|
||||||
cp include/dh.h include/dh.h.orig
|
|
||||||
|
|
||||||
dh_auto_configure -- \
|
dh_auto_configure -- \
|
||||||
--prefix=/usr \
|
--prefix=/usr \
|
||||||
--sysconfdir=/etc \
|
--sysconfdir=/etc \
|
||||||
@ -24,12 +21,9 @@ override_dh_auto_configure:
|
|||||||
--libexecdir=/usr/lib/nagios/plugins \
|
--libexecdir=/usr/lib/nagios/plugins \
|
||||||
--localstatedir=/var \
|
--localstatedir=/var \
|
||||||
--enable-ssl \
|
--enable-ssl \
|
||||||
|
--with-need-dh=no \
|
||||||
--with-ssl-lib=/usr/lib/$(DEB_HOST_MULTIARCH) \
|
--with-ssl-lib=/usr/lib/$(DEB_HOST_MULTIARCH) \
|
||||||
--with-piddir=/var/run/nagios \
|
--with-piddir=/var/run/nagios
|
||||||
--enable-command-args
|
|
||||||
|
|
||||||
# Restore deterministic "openssl dhparam" output.
|
|
||||||
cp include/dh.h.orig include/dh.h
|
|
||||||
|
|
||||||
override_dh_auto_build:
|
override_dh_auto_build:
|
||||||
dh_auto_build -- all
|
dh_auto_build -- all
|
||||||
|
BIN
docs/NRPE.odt
BIN
docs/NRPE.odt
Binary file not shown.
BIN
docs/NRPE.pdf
BIN
docs/NRPE.pdf
Binary file not shown.
@ -53,7 +53,7 @@ struct dns_acl {
|
|||||||
struct dns_acl *next;
|
struct dns_acl *next;
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Poiters to head ACL structs */
|
/* Pointers to head ACL structs */
|
||||||
static struct ip_acl *ip_acl_head, *ip_acl_prev;
|
static struct ip_acl *ip_acl_head, *ip_acl_prev;
|
||||||
static struct dns_acl *dns_acl_head, *dns_acl_prev;
|
static struct dns_acl *dns_acl_head, *dns_acl_prev;
|
||||||
|
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
*
|
*
|
||||||
* COMMON.H - NRPE Common Include File
|
* COMMON.H - NRPE Common Include File
|
||||||
* Copyright (c) 1999-2007 Ethan Galstad (nagios@nagios.org)
|
* Copyright (c) 1999-2007 Ethan Galstad (nagios@nagios.org)
|
||||||
* Last Modified: 09-08-2016
|
* Last Modified: 2017-05-24
|
||||||
*
|
*
|
||||||
* License:
|
* License:
|
||||||
*
|
*
|
||||||
@ -23,12 +23,18 @@
|
|||||||
|
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
|
||||||
|
#define SSL_TYPE_@SSL_TYPE@
|
||||||
|
|
||||||
#ifdef HAVE_SSL
|
#ifdef HAVE_SSL
|
||||||
#include <@SSL_INC_PREFIX@@SSL_HDR@>
|
#include <@SSL_INC_PREFIX@@SSL_HDR@>
|
||||||
|
# ifdef SSL_TYPE_openssl
|
||||||
|
# include <@SSL_INC_PREFIX@err.h>
|
||||||
|
# include <@SSL_INC_PREFIX@rand.h>
|
||||||
|
# endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define PROGRAM_VERSION "3.0.1"
|
#define PROGRAM_VERSION "3.1.1"
|
||||||
#define MODIFICATION_DATE "09-08-2016"
|
#define MODIFICATION_DATE "2017-05-24"
|
||||||
|
|
||||||
#define OK 0
|
#define OK 0
|
||||||
#define ERROR -1
|
#define ERROR -1
|
||||||
|
@ -28,30 +28,70 @@
|
|||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
|
||||||
#define DEFAULT_SERVER_PORT @nrpe_port@ /* default port to use */
|
/* Default port for NRPE daemon */
|
||||||
|
#undef DEFAULT_SERVER_PORT
|
||||||
|
|
||||||
#define NRPE_LOG_FACILITY @log_facility@
|
/* NRPE syslog facility */
|
||||||
|
#undef NRPE_LOG_FACILITY
|
||||||
|
|
||||||
|
/* Enable command-line arguments */
|
||||||
#undef ENABLE_COMMAND_ARGUMENTS
|
#undef ENABLE_COMMAND_ARGUMENTS
|
||||||
|
|
||||||
|
/* Enable bash command substitution */
|
||||||
#undef ENABLE_BASH_COMMAND_SUBSTITUTION
|
#undef ENABLE_BASH_COMMAND_SUBSTITUTION
|
||||||
|
|
||||||
|
/* type to use in place of socklen_t if not defined */
|
||||||
#undef socklen_t
|
#undef socklen_t
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `getopt_long' function. */
|
||||||
#undef HAVE_GETOPT_LONG
|
#undef HAVE_GETOPT_LONG
|
||||||
|
|
||||||
|
/* Have the TCP wrappers library */
|
||||||
#undef HAVE_LIBWRAP
|
#undef HAVE_LIBWRAP
|
||||||
|
|
||||||
|
/* Define to 1 if you have the ANSI C header files. */
|
||||||
#undef STDC_HEADERS
|
#undef STDC_HEADERS
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `strdup' function. */
|
||||||
#undef HAVE_STRDUP
|
#undef HAVE_STRDUP
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `strstr' function. */
|
||||||
#undef HAVE_STRSTR
|
#undef HAVE_STRSTR
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `strtoul' function. */
|
||||||
#undef HAVE_STRTOUL
|
#undef HAVE_STRTOUL
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `strtok_r' function. */
|
||||||
#undef HAVE_STRTOK_R
|
#undef HAVE_STRTOK_R
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `initgroups' function. */
|
||||||
#undef HAVE_INITGROUPS
|
#undef HAVE_INITGROUPS
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `closesocket' function. */
|
||||||
#undef HAVE_CLOSESOCKET
|
#undef HAVE_CLOSESOCKET
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `sigaction' function. */
|
||||||
#undef HAVE_SIGACTION
|
#undef HAVE_SIGACTION
|
||||||
|
|
||||||
|
/* Define to 1 if you have the `scandir' function. */
|
||||||
|
#undef HAVE_SCANDIR
|
||||||
|
|
||||||
|
/* Set to 1 if you have rfc931_timeout */
|
||||||
#undef HAVE_RFC931_TIMEOUT
|
#undef HAVE_RFC931_TIMEOUT
|
||||||
|
|
||||||
|
/* The size of `int', as computed by sizeof. */
|
||||||
#undef SIZEOF_INT
|
#undef SIZEOF_INT
|
||||||
|
|
||||||
|
/* The size of `short', as computed by sizeof. */
|
||||||
#undef SIZEOF_SHORT
|
#undef SIZEOF_SHORT
|
||||||
|
|
||||||
|
/* The size of `long', as computed by sizeof. */
|
||||||
#undef SIZEOF_LONG
|
#undef SIZEOF_LONG
|
||||||
|
|
||||||
/* #undef const */
|
/* Define to empty if `const' does not conform to ANSI C. */
|
||||||
|
#undef const
|
||||||
|
|
||||||
|
/* Set to 1 to use SSL DH */
|
||||||
#undef USE_SSL_DH
|
#undef USE_SSL_DH
|
||||||
|
|
||||||
/* stupid stuff for u_int32_t */
|
/* stupid stuff for u_int32_t */
|
||||||
@ -91,71 +131,98 @@ typedef int int32_t;
|
|||||||
|
|
||||||
/***** ASPRINTF() AND FRIENDS *****/
|
/***** ASPRINTF() AND FRIENDS *****/
|
||||||
|
|
||||||
|
/* Whether vsnprintf() is available */
|
||||||
#undef HAVE_VSNPRINTF
|
#undef HAVE_VSNPRINTF
|
||||||
|
/* Whether snprintf() is available */
|
||||||
#undef HAVE_SNPRINTF
|
#undef HAVE_SNPRINTF
|
||||||
|
/* Whether aprintf() is available */
|
||||||
#undef HAVE_ASPRINTF
|
#undef HAVE_ASPRINTF
|
||||||
|
/* Whether vaprintf() is available */
|
||||||
#undef HAVE_VASPRINTF
|
#undef HAVE_VASPRINTF
|
||||||
|
/* Define if system has C99 compatible vsnprintf */
|
||||||
#undef HAVE_C99_VSNPRINTF
|
#undef HAVE_C99_VSNPRINTF
|
||||||
|
|
||||||
|
/* Whether va_copy() is available */
|
||||||
#undef HAVE_VA_COPY
|
#undef HAVE_VA_COPY
|
||||||
|
|
||||||
|
/* Whether __va_copy() is available */
|
||||||
#undef HAVE___VA_COPY
|
#undef HAVE___VA_COPY
|
||||||
|
|
||||||
|
|
||||||
#define SOCKET_SIZE_TYPE ""
|
/* Socket Size Type */
|
||||||
#define GETGROUPS_T ""
|
#undef SOCKET_SIZE_TYPE
|
||||||
#define RETSIGTYPE ""
|
|
||||||
|
/* Define to the type of elements in the array set by `getgroups'. Usually
|
||||||
|
this is either `int' or `gid_t'. */
|
||||||
|
#undef GETGROUPS_T
|
||||||
|
|
||||||
|
/* Define as the return type of signal handlers (`int' or `void'). */
|
||||||
|
#undef RETSIGTYPE
|
||||||
|
|
||||||
|
/* Define to 1 if the system has the type `struct sockaddr_storage'. */
|
||||||
#undef HAVE_STRUCT_SOCKADDR_STORAGE
|
#undef HAVE_STRUCT_SOCKADDR_STORAGE
|
||||||
|
|
||||||
/* Use seteuid() or setresuid() depending on the platform */
|
/* Use seteuid() or setresuid() depending on the platform */
|
||||||
#undef SETEUID
|
#undef SETEUID
|
||||||
|
|
||||||
/* Is this a Solaris 10 machine? */
|
/* Set to 1 if we are on Solaris 10 */
|
||||||
#undef SOLARIS_10
|
#undef SOLARIS_10
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <getopt.h> header file. */
|
||||||
#undef HAVE_GETOPT_H
|
#undef HAVE_GETOPT_H
|
||||||
#ifdef HAVE_GETOPT_H
|
#ifdef HAVE_GETOPT_H
|
||||||
#include <getopt.h>
|
#include <getopt.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <strings.h> header file. */
|
||||||
#undef HAVE_STRINGS_H
|
#undef HAVE_STRINGS_H
|
||||||
#undef HAVE_STRING_H
|
|
||||||
#ifdef HAVE_STRINGS_H
|
#ifdef HAVE_STRINGS_H
|
||||||
#include <strings.h>
|
#include <strings.h>
|
||||||
#endif
|
#endif
|
||||||
#ifdef HAVE_STRINGS_H
|
|
||||||
|
/* Define to 1 if you have the <string.h> header file. */
|
||||||
|
#undef HAVE_STRING_H
|
||||||
|
#ifdef HAVE_STRING_H
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <unistd.h> header file. */
|
||||||
#undef HAVE_UNISTD_H
|
#undef HAVE_UNISTD_H
|
||||||
#ifdef HAVE_UNISTD_H
|
#ifdef HAVE_UNISTD_H
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <signal.h> header file. */
|
||||||
#undef HAVE_SIGNAL_H
|
#undef HAVE_SIGNAL_H
|
||||||
#ifdef HAVE_SIGNAL_H
|
#ifdef HAVE_SIGNAL_H
|
||||||
#include <signal.h>
|
#include <signal.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <syslog.h> header file. */
|
||||||
#undef HAVE_SYSLOG_H
|
#undef HAVE_SYSLOG_H
|
||||||
#ifdef HAVE_SYSLOG_H
|
#ifdef HAVE_SYSLOG_H
|
||||||
#include <syslog.h>
|
#include <syslog.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <sys/stat.h> header file. */
|
||||||
#undef HAVE_SYS_STAT_H
|
#undef HAVE_SYS_STAT_H
|
||||||
#ifdef HAVE_SYS_STAT_H
|
#ifdef HAVE_SYS_STAT_H
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <fcntl.h> header file. */
|
||||||
#undef HAVE_FCNTL_H
|
#undef HAVE_FCNTL_H
|
||||||
#ifdef HAVE_FCNTL_H
|
#ifdef HAVE_FCNTL_H
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <sys/types.h> header file. */
|
||||||
#undef HAVE_SYS_TYPES_H
|
#undef HAVE_SYS_TYPES_H
|
||||||
#ifdef HAVE_SYS_TYPES_H
|
#ifdef HAVE_SYS_TYPES_H
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <sys/wait.h> header file. */
|
||||||
#undef HAVE_SYS_WAIT_H
|
#undef HAVE_SYS_WAIT_H
|
||||||
#ifdef HAVE_SYS_WAIT_H
|
#ifdef HAVE_SYS_WAIT_H
|
||||||
#include <sys/wait.h>
|
#include <sys/wait.h>
|
||||||
@ -168,14 +235,18 @@ typedef int int32_t;
|
|||||||
# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
|
# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <errno.h> header file. */
|
||||||
#undef HAVE_ERRNO_H
|
#undef HAVE_ERRNO_H
|
||||||
#ifdef HAVE_ERRNO_H
|
#ifdef HAVE_ERRNO_H
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* needed for the time_t structures we use later... */
|
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
|
||||||
#undef TIME_WITH_SYS_TIME
|
#undef TIME_WITH_SYS_TIME
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <sys/time.h> header file. */
|
||||||
#undef HAVE_SYS_TIME_H
|
#undef HAVE_SYS_TIME_H
|
||||||
|
|
||||||
#if TIME_WITH_SYS_TIME
|
#if TIME_WITH_SYS_TIME
|
||||||
# include <sys/time.h>
|
# include <sys/time.h>
|
||||||
# include <time.h>
|
# include <time.h>
|
||||||
@ -188,68 +259,81 @@ typedef int int32_t;
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <sys/socket.h> header file. */
|
||||||
#undef HAVE_SYS_SOCKET_H
|
#undef HAVE_SYS_SOCKET_H
|
||||||
#ifdef HAVE_SYS_SOCKET_H
|
#ifdef HAVE_SYS_SOCKET_H
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Define to 'int' if <sys/socket.h> does not define */
|
/* Define to 1 if you have the <socket.h> header file. */
|
||||||
#undef socklen_t
|
|
||||||
|
|
||||||
#undef HAVE_SOCKET_H
|
#undef HAVE_SOCKET_H
|
||||||
#ifdef HAVE_SOCKET_H
|
#ifdef HAVE_SOCKET_H
|
||||||
#include <socket.h>
|
#include <socket.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <tcpd.h> header file. */
|
||||||
#undef HAVE_TCPD_H
|
#undef HAVE_TCPD_H
|
||||||
#ifdef HAVE_TCPD_H
|
#ifdef HAVE_TCPD_H
|
||||||
#include <tcpd.h>
|
#include <tcpd.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <netinet/in.h> header file. */
|
||||||
#undef HAVE_NETINET_IN_H
|
#undef HAVE_NETINET_IN_H
|
||||||
#ifdef HAVE_NETINET_IN_H
|
#ifdef HAVE_NETINET_IN_H
|
||||||
#include <netinet/in.h>
|
#include <netinet/in.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <arpa/inet.h> header file. */
|
||||||
#undef HAVE_ARPA_INET_H
|
#undef HAVE_ARPA_INET_H
|
||||||
#ifdef HAVE_ARPA_INET_H
|
#ifdef HAVE_ARPA_INET_H
|
||||||
#include <arpa/inet.h>
|
#include <arpa/inet.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <netdb.h> header file. */
|
||||||
#undef HAVE_NETDB_H
|
#undef HAVE_NETDB_H
|
||||||
#ifdef HAVE_NETDB_H
|
#ifdef HAVE_NETDB_H
|
||||||
#include <netdb.h>
|
#include <netdb.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <ctype.h> header file. */
|
||||||
#undef HAVE_CTYPE_H
|
#undef HAVE_CTYPE_H
|
||||||
#ifdef HAVE_CTYPE_H
|
#ifdef HAVE_CTYPE_H
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <pwd.h> header file. */
|
||||||
#undef HAVE_PWD_H
|
#undef HAVE_PWD_H
|
||||||
#ifdef HAVE_PWD_H
|
#ifdef HAVE_PWD_H
|
||||||
#include <pwd.h>
|
#include <pwd.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <grp.h> header file. */
|
||||||
#undef HAVE_GRP_H
|
#undef HAVE_GRP_H
|
||||||
#ifdef HAVE_GRP_H
|
#ifdef HAVE_GRP_H
|
||||||
#include <grp.h>
|
#include <grp.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <dirent.h> header file. */
|
||||||
#undef HAVE_DIRENT_H
|
#undef HAVE_DIRENT_H
|
||||||
#ifdef HAVE_DIRENT_H
|
#ifdef HAVE_DIRENT_H
|
||||||
#include <dirent.h>
|
#include <dirent.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Have SSL support */
|
||||||
#undef HAVE_SSL
|
#undef HAVE_SSL
|
||||||
|
|
||||||
|
/* Have the krb5.h header file */
|
||||||
#undef HAVE_KRB5_H
|
#undef HAVE_KRB5_H
|
||||||
#ifdef HAVE_KRB5_H
|
#ifdef HAVE_KRB5_H
|
||||||
#include <krb5.h>
|
#include <krb5.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <inttypes.h> header file. */
|
||||||
#undef HAVE_INTTYPES_H
|
#undef HAVE_INTTYPES_H
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <stdint.h> header file. */
|
||||||
#undef HAVE_STDINT_H
|
#undef HAVE_STDINT_H
|
||||||
|
|
||||||
#ifdef HAVE_INTTYPES_H
|
#ifdef HAVE_INTTYPES_H
|
||||||
#include <inttypes.h>
|
#include <inttypes.h>
|
||||||
#else
|
#else
|
||||||
@ -258,4 +342,10 @@ typedef int int32_t;
|
|||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <paths.h> header file. */
|
||||||
|
#undef HAVE_PATHS_H
|
||||||
|
|
||||||
|
/* Define to 1 if you have the <sys/resource.h> header file. */
|
||||||
|
#undef HAVE_SYS_RESOURCE_H
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -49,7 +49,9 @@ char* strip(char*);
|
|||||||
int sendall(int, char*, int*);
|
int sendall(int, char*, int*);
|
||||||
int recvall(int, char*, int*, int);
|
int recvall(int, char*, int*, int);
|
||||||
char *my_strsep(char**, const char*);
|
char *my_strsep(char**, const char*);
|
||||||
int b64_decode(unsigned char *encoded);
|
void open_log_file();
|
||||||
|
void logit(int priority, const char *format, ...);
|
||||||
|
void close_log_file();
|
||||||
void display_license(void);
|
void display_license(void);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -34,8 +34,8 @@ used in subsequent macros.
|
|||||||
> Output Variables : dist_type, dist_ver
|
> Output Variables : dist_type, dist_ver
|
||||||
|
|
||||||
This macro detects the distribution type. For Linux, this would be rh
|
This macro detects the distribution type. For Linux, this would be rh
|
||||||
(for Red Hat and derivitives), suse (OpenSUSE, SLES, derivitives), gentoo
|
(for Red Hat and derivatives), suse (OpenSUSE, SLES, derivatives), gentoo
|
||||||
(Gentoo and derivitives), debian (Debian and derivitives), and so on.
|
(Gentoo and derivatives), debian (Debian and derivatives), and so on.
|
||||||
For BSD, this would be openbsd, netbsd, freebsd, dragonfly, etc. It can
|
For BSD, this would be openbsd, netbsd, freebsd, dragonfly, etc. It can
|
||||||
also be aix, solaris, osx, and so on for Unix operating systems.
|
also be aix, solaris, osx, and so on for Unix operating systems.
|
||||||
|
|
||||||
@ -94,7 +94,7 @@ on a simple program to make sure a compile and link will work correctly.
|
|||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
This repo is intended to be used as a git subtree, so changes will
|
This repo is intended to be used as a git subtree, so changes will
|
||||||
automatically propogate, and still be reasonably easy to use.
|
automatically propagate, and still be reasonably easy to use.
|
||||||
|
|
||||||
* First, Create, checkout, clone, or branch your project. If you do an
|
* First, Create, checkout, clone, or branch your project. If you do an
|
||||||
`ls -AF` it might look something like this:
|
`ls -AF` it might look something like this:
|
||||||
@ -129,7 +129,7 @@ master.
|
|||||||
|
|
||||||
* To get the latest version of `autoconf-macros` into your parent project:
|
* To get the latest version of `autoconf-macros` into your parent project:
|
||||||
|
|
||||||
git subtgree pull --squash --prefix=macros autoconf-macros master
|
git subtree pull --squash --prefix=macros autoconf-macros master
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -96,10 +96,12 @@ AC_SUBST(dist_ver)
|
|||||||
[bsd],
|
[bsd],
|
||||||
dist_type=`uname -s | tr ["[A-Z]" "[a-z]"]`
|
dist_type=`uname -s | tr ["[A-Z]" "[a-z]"]`
|
||||||
dist_ver=`uname -r`,
|
dist_ver=`uname -r`,
|
||||||
[aix|hp-ux],
|
[aix],
|
||||||
dist_ver=$OSTYPE,
|
dist_ver="`uname -v`.`uname -r`",
|
||||||
|
[hp-ux],
|
||||||
|
dist_ver=`uname -r | cut -d'.' -f1-3`,
|
||||||
[solaris],
|
[solaris],
|
||||||
dist_ver=`echo $OSTYPE | cut -d'.' -f2`,
|
dist_ver=`uname -r | cut -d'.' -f2`,
|
||||||
[*],
|
[*],
|
||||||
dist_ver=$OSTYPE
|
dist_ver=$OSTYPE
|
||||||
)
|
)
|
||||||
|
@ -97,7 +97,7 @@ AS_CASE([$init_type],
|
|||||||
fi,
|
fi,
|
||||||
|
|
||||||
[launchd],
|
[launchd],
|
||||||
src_init="mac-init.plist"
|
src_init="mac-init.plist",
|
||||||
|
|
||||||
[*],
|
[*],
|
||||||
src_init="unknown"
|
src_init="unknown"
|
||||||
|
@ -93,13 +93,6 @@ AC_SUBST(inetd_type)
|
|||||||
|
|
||||||
inetd_disabled=""
|
inetd_disabled=""
|
||||||
|
|
||||||
if test x"$init_type" = "xupstart"; then
|
|
||||||
inetd_type="upstart"
|
|
||||||
elif test "$opsys" = "osx"; then
|
|
||||||
inetd_type="launchd"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test x"$inetd_type" = x; then
|
|
||||||
AS_CASE([$dist_type],
|
AS_CASE([$dist_type],
|
||||||
[solaris],
|
[solaris],
|
||||||
if test x"$init_type" = "xsmf10" -o x"$init_type" = "xsmf11"; then
|
if test x"$init_type" = "xsmf10" -o x"$init_type" = "xsmf11"; then
|
||||||
@ -111,11 +104,19 @@ AC_SUBST(inetd_type)
|
|||||||
[*bsd*],
|
[*bsd*],
|
||||||
inetd_type=`ps -A -o comm -c | grep inetd`,
|
inetd_type=`ps -A -o comm -c | grep inetd`,
|
||||||
|
|
||||||
|
[osx],
|
||||||
|
inetd_type=`launchd`,
|
||||||
|
|
||||||
[aix|hp-ux],
|
[aix|hp-ux],
|
||||||
inetd_type=`UNIX95= ps -A -o comm | grep inetd | head -1`,
|
inetd_type=`UNIX95= ps -A -o comm | grep inetd | head -1`,
|
||||||
|
|
||||||
[*],
|
[*],
|
||||||
inetd_type=[`ps -C "inetd,xinetd" -o fname | grep -vi COMMAND`])
|
inetd_type=[`ps -C "inetd,xinetd" -o fname | grep -vi COMMAND | head -1`])
|
||||||
|
|
||||||
|
if test x"$inetd_type" = x; then
|
||||||
|
if test x"$init_type" = "xupstart"; then
|
||||||
|
inetd_type="upstart"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if test x"$inetd_type" = x; then
|
if test x"$inetd_type" = x; then
|
||||||
|
@ -119,14 +119,19 @@ AC_SUBST(init_type)
|
|||||||
elif test "$dist_type" = "slackware"; then
|
elif test "$dist_type" = "slackware"; then
|
||||||
init_type="bsd"
|
init_type="bsd"
|
||||||
init_type_wanted=no
|
init_type_wanted=no
|
||||||
|
elif test "$dist_type" = "aix"; then
|
||||||
|
init_type="bsd"
|
||||||
|
init_type_wanted=no
|
||||||
|
elif test "$dist_type" = "hp-ux"; then
|
||||||
|
init_type="unknown"
|
||||||
|
init_type_wanted=no
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
PSCMD="ps -p1 -o args"
|
PSCMD="ps -p1 -o args"
|
||||||
AS_CASE([$dist_type],
|
if test $dist_type = solaris; then
|
||||||
[aix], PSCMD="env UNIX95=1; ps -p1 -o args",
|
PSCMD="env UNIX95=1; ps -p1 -o args"
|
||||||
[solaris], PSCMD="env UNIX95=1; ps -p1 -o args",
|
fi
|
||||||
[hp-ux], PSCMD="env UNIX95=1; ps -p1 -o args")
|
|
||||||
|
|
||||||
if test "$init_type_wanted" = yes; then
|
if test "$init_type_wanted" = yes; then
|
||||||
pid1=`$PSCMD | grep -vi COMMAND | cut -d' ' -f1`
|
pid1=`$PSCMD | grep -vi COMMAND | cut -d' ' -f1`
|
||||||
@ -173,7 +178,7 @@ AC_SUBST(init_type)
|
|||||||
|
|
||||||
if test "$init_type_wanted" = yes; then
|
if test "$init_type_wanted" = yes; then
|
||||||
if test "$pid1" = "/sbin/init" -o "$pid1" = "/usr/sbin/init"; then
|
if test "$pid1" = "/sbin/init" -o "$pid1" = "/usr/sbin/init"; then
|
||||||
if `/sbin/init --version 2>/dev/null | grep "upstart" >/dev/null`; then
|
if `$pid1 --version 2>/dev/null | grep "upstart" >/dev/null`; then
|
||||||
init_type="upstart"
|
init_type="upstart"
|
||||||
init_type_wanted=no
|
init_type_wanted=no
|
||||||
elif test -f "/etc/rc" -a ! -L "/etc/rc"; then
|
elif test -f "/etc/rc" -a ! -L "/etc/rc"; then
|
||||||
|
@ -119,16 +119,21 @@ AS_CASE([$dist_type],
|
|||||||
[*solaris*|*hp-ux*|*aix*|*osx*], opsys=unix)
|
[*solaris*|*hp-ux*|*aix*|*osx*], opsys=unix)
|
||||||
|
|
||||||
|
|
||||||
need_cgi=no
|
# Does this package need to know:
|
||||||
need_web=no
|
need_cgi=no # where the cgi-bin directory is
|
||||||
need_brk=no
|
need_web=no # where the website directory is
|
||||||
need_plg=no
|
need_brk=no # where the event broker modules directory is
|
||||||
need_pipe=no
|
need_plg=no # where the plugins directory is
|
||||||
need_spl=no
|
need_pipe=no # where the pipe directory is
|
||||||
need_loc=no
|
need_spl=no # where the spool directory is
|
||||||
need_log_subdir=no
|
need_loc=no # where the locale directory is
|
||||||
need_etc_subdir=no
|
need_log_subdir=no # where the loc sub-directory is
|
||||||
need_pls_dir=no
|
need_etc_subdir=no # where the etc sub-directory is
|
||||||
|
need_pls_dir=no # where the package locate state directory is
|
||||||
|
|
||||||
|
if test x"$INIT_PROG" = x; then
|
||||||
|
INIT_PROG="$PKG_NAME"
|
||||||
|
fi
|
||||||
|
|
||||||
AS_CASE([$PKG_NAME],
|
AS_CASE([$PKG_NAME],
|
||||||
[nagios],
|
[nagios],
|
||||||
@ -143,6 +148,7 @@ AS_CASE([$PKG_NAME],
|
|||||||
need_web=yes,
|
need_web=yes,
|
||||||
|
|
||||||
[ndoutils],
|
[ndoutils],
|
||||||
|
need_brk=yes
|
||||||
need_spl=yes,
|
need_spl=yes,
|
||||||
|
|
||||||
[nrpe],
|
[nrpe],
|
||||||
@ -284,14 +290,14 @@ tmpfilesd=${tmpfilesd="/usr/lib/tmpfiles.d"}
|
|||||||
if test ! -d "$tmpfilesd"; then
|
if test ! -d "$tmpfilesd"; then
|
||||||
tmpfilesd="N/A"
|
tmpfilesd="N/A"
|
||||||
else
|
else
|
||||||
tmpfilesd="$tmpfilesd/$PKG_NAME.conf"
|
tmpfilesd="$tmpfilesd/$INIT_PROG.conf"
|
||||||
fi
|
fi
|
||||||
subsyslockdir=${subsyslockdir="/var/lock/subsys"}
|
subsyslockdir=${subsyslockdir="/var/lock/subsys"}
|
||||||
if test ! -d "$subsyslockdir"; then
|
if test ! -d "$subsyslockdir"; then
|
||||||
subsyslockdir="N/A"
|
subsyslockdir="N/A"
|
||||||
subsyslockfile="N/A"
|
subsyslockfile="N/A"
|
||||||
else
|
else
|
||||||
subsyslockfile="$subsyslockdir/$PKG_NAME"
|
subsyslockfile="$subsyslockdir/$INIT_PROG"
|
||||||
fi
|
fi
|
||||||
if test "$need_loc" = no; then
|
if test "$need_loc" = no; then
|
||||||
localedir="N/A"
|
localedir="N/A"
|
||||||
@ -372,23 +378,23 @@ elif test $opsys = "linux"; then
|
|||||||
fi
|
fi
|
||||||
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
||||||
if test $need_log_subdir = yes; then
|
if test $need_log_subdir = yes; then
|
||||||
logdir=${logdir="$localstatedir/log/$PKG_NAME"}
|
logdir=${logdir="$localstatedir/log/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
logdir=${logdir="$localstatedir/log"}
|
logdir=${logdir="$localstatedir/log"}
|
||||||
fi
|
fi
|
||||||
piddir=${piddir="$localstatedir/run/${PKG_NAME}"}
|
piddir=${piddir="$localstatedir/run/${INIT_PROG}"}
|
||||||
if test "$need_pipe" = yes; then
|
if test "$need_pipe" = yes; then
|
||||||
pipedir=${pipedir="$localstatedir/run/${PKG_NAME}"}
|
pipedir=${pipedir="$localstatedir/run/${INIT_PROG}"}
|
||||||
else
|
else
|
||||||
pipedir="N/A"
|
pipedir="N/A"
|
||||||
fi
|
fi
|
||||||
if test "$need_pls_dir" = yes; then
|
if test "$need_pls_dir" = yes; then
|
||||||
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$PKG_NAME"}
|
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
pkglocalstatedir="N/A"
|
pkglocalstatedir="N/A"
|
||||||
fi
|
fi
|
||||||
if test "$need_spl" = yes; then
|
if test "$need_spl" = yes; then
|
||||||
spooldir=${spooldir="$localstatedir/spool/$PKG_NAME"}
|
spooldir=${spooldir="$localstatedir/spool/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
spooldir="N/A"
|
spooldir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -437,7 +443,7 @@ elif test $opsys = "unix"; then
|
|||||||
fi
|
fi
|
||||||
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
||||||
if test "$need_pls_dir" = yes; then
|
if test "$need_pls_dir" = yes; then
|
||||||
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$PKG_NAME"}
|
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
pkglocalstatedir="N/A"
|
pkglocalstatedir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -445,7 +451,7 @@ elif test $opsys = "unix"; then
|
|||||||
localedir=${localedir="/usr/local/share/locale/<lang>/LC_MESSAGES/nagios-plugins.mo"}
|
localedir=${localedir="/usr/local/share/locale/<lang>/LC_MESSAGES/nagios-plugins.mo"}
|
||||||
fi
|
fi
|
||||||
if test "$need_spl" = yes; then
|
if test "$need_spl" = yes; then
|
||||||
spooldir=${spooldir="$localstatedir/spool/$PKG_NAME"}
|
spooldir=${spooldir="$localstatedir/spool/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
spooldir="N/A"
|
spooldir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -471,14 +477,14 @@ elif test $opsys = "unix"; then
|
|||||||
logdir=${logdir="$pkglocalstatedir/log"},
|
logdir=${logdir="$pkglocalstatedir/log"},
|
||||||
|
|
||||||
[*],
|
[*],
|
||||||
piddir=${piddir="$localstatedir/run/${PKG_NAME}"}
|
piddir=${piddir="$localstatedir/run/${INIT_PROG}"}
|
||||||
if test "$need_pipe" = yes; then
|
if test "$need_pipe" = yes; then
|
||||||
pipedir=${pipedir="$localstatedir/run/${PKG_NAME}"}
|
pipedir=${pipedir="$localstatedir/run/${INIT_PROG}"}
|
||||||
else
|
else
|
||||||
pipedir="N/A"
|
pipedir="N/A"
|
||||||
fi
|
fi
|
||||||
if test $need_log_subdir = yes; then
|
if test $need_log_subdir = yes; then
|
||||||
logdir=${logdir="$localstatedir/log/$PKG_NAME"}
|
logdir=${logdir="$localstatedir/log/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
logdir=${logdir="$localstatedir/log"}
|
logdir=${logdir="$localstatedir/log"}
|
||||||
fi
|
fi
|
||||||
@ -528,7 +534,7 @@ elif test $opsys = "bsd"; then
|
|||||||
fi
|
fi
|
||||||
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
privatesysconfdir=${privatesysconfdir="$pkgsysconfdir/private"}
|
||||||
if test "$need_pls_dir" = yes; then
|
if test "$need_pls_dir" = yes; then
|
||||||
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$PKG_NAME"}
|
pkglocalstatedir=${pkglocalstatedir="$localstatedir/lib/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
pkglocalstatedir="N/A"
|
pkglocalstatedir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -536,7 +542,7 @@ elif test $opsys = "bsd"; then
|
|||||||
localedir=${localedir="/usr/local/share/locale/<lang>/LC_MESSAGES/nagios-plugins.mo"}
|
localedir=${localedir="/usr/local/share/locale/<lang>/LC_MESSAGES/nagios-plugins.mo"}
|
||||||
fi
|
fi
|
||||||
if test "$need_spl" = yes; then
|
if test "$need_spl" = yes; then
|
||||||
spooldir=${spooldir="$localstatedir/spool/$PKG_NAME"}
|
spooldir=${spooldir="$localstatedir/spool/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
spooldir="N/A"
|
spooldir="N/A"
|
||||||
fi
|
fi
|
||||||
@ -561,14 +567,14 @@ elif test $opsys = "bsd"; then
|
|||||||
else
|
else
|
||||||
cgibindir="N/A"
|
cgibindir="N/A"
|
||||||
fi
|
fi
|
||||||
piddir=${piddir="$localstatedir/run/${PKG_NAME}"}
|
piddir=${piddir="$localstatedir/run/${INIT_PROG}"}
|
||||||
if test "$need_pipe" = yes; then
|
if test "$need_pipe" = yes; then
|
||||||
pipedir=${pipedir="$localstatedir/run/${PKG_NAME}"}
|
pipedir=${pipedir="$localstatedir/run/${INIT_PROG}"}
|
||||||
else
|
else
|
||||||
pipedir="N/A"
|
pipedir="N/A"
|
||||||
fi
|
fi
|
||||||
if test $need_log_subdir = yes; then
|
if test $need_log_subdir = yes; then
|
||||||
logdir=${logdir="$localstatedir/log/$PKG_NAME"}
|
logdir=${logdir="$localstatedir/log/$INIT_PROG"}
|
||||||
else
|
else
|
||||||
logdir=${logdir="$localstatedir/log"}
|
logdir=${logdir="$localstatedir/log"}
|
||||||
fi
|
fi
|
||||||
@ -604,6 +610,7 @@ eval libexecdir=$libexecdir
|
|||||||
eval brokersdir=$brokersdir
|
eval brokersdir=$brokersdir
|
||||||
eval pluginsdir=$pluginsdir
|
eval pluginsdir=$pluginsdir
|
||||||
eval cgibindir=$cgibindir
|
eval cgibindir=$cgibindir
|
||||||
|
eval localstatedir=$localstatedir
|
||||||
eval pkglocalstatedir=$pkglocalstatedir
|
eval pkglocalstatedir=$pkglocalstatedir
|
||||||
eval webdir=$webdir
|
eval webdir=$webdir
|
||||||
eval localedir=$localedir
|
eval localedir=$localedir
|
||||||
@ -622,9 +629,9 @@ AS_CASE([$init_type],
|
|||||||
else
|
else
|
||||||
initdir=${initdir="/etc/init.d"}
|
initdir=${initdir="/etc/init.d"}
|
||||||
fi
|
fi
|
||||||
initname=${initname="$PKG_NAME"}
|
initname=${initname="$INIT_PROG"}
|
||||||
initconfdir=${initconfdir="/etc/conf.d"}
|
initconfdir=${initconfdir="/etc/conf.d"}
|
||||||
initconf=${initconf="$initconfdir/$PKG_NAME"},
|
initconf=${initconf="$initconfdir/$INIT_PROG"},
|
||||||
|
|
||||||
[systemd],
|
[systemd],
|
||||||
if test $dist_type = "debian"; then
|
if test $dist_type = "debian"; then
|
||||||
@ -632,27 +639,32 @@ AS_CASE([$init_type],
|
|||||||
else
|
else
|
||||||
initdir=${initdir="/usr/lib/systemd/system"}
|
initdir=${initdir="/usr/lib/systemd/system"}
|
||||||
fi
|
fi
|
||||||
initname=${initname="$PKG_NAME.service"},
|
initname=${initname="$INIT_PROG.service"},
|
||||||
|
|
||||||
[bsd],
|
[bsd],
|
||||||
|
if test $dist_type = "aix"; then
|
||||||
|
initdir=${initdir="/sbin/rc.d/init.d"}
|
||||||
|
initname=${initname="$INIT_PROG"}
|
||||||
|
else
|
||||||
initdir=${initdir="/etc/rc.d"}
|
initdir=${initdir="/etc/rc.d"}
|
||||||
initname=${initname="rc.$PKG_NAME"},
|
initname=${initname="rc.$INIT_PROG"}
|
||||||
|
fi,
|
||||||
|
|
||||||
[newbsd],
|
[newbsd],
|
||||||
initdir=${initdir="/etc/rc.d"}
|
initdir=${initdir="/etc/rc.d"}
|
||||||
initname=${initname="$PKG_NAME"},
|
initname=${initname="$INIT_PROG"},
|
||||||
|
|
||||||
[gentoo],
|
[gentoo],
|
||||||
initdir=${initdir="/etc/init.d"}
|
initdir=${initdir="/etc/init.d"}
|
||||||
initname=${initname="$PKG_NAME"}
|
initname=${initname="$INIT_PROG"}
|
||||||
initconfdir=${initconfdir="/etc/init.d"}
|
initconfdir=${initconfdir="/etc/init.d"}
|
||||||
initconf=${initconf="$initconfdir/$PKG_NAME"},
|
initconf=${initconf="$initconfdir/$INIT_PROG"},
|
||||||
|
|
||||||
[openrc],
|
[openrc],
|
||||||
initdir=${initdir="/etc/init.d"}
|
initdir=${initdir="/etc/init.d"}
|
||||||
initname=${initname="$PKG_NAME"}
|
initname=${initname="$INIT_PROG"}
|
||||||
initconfdir=${initconfdir="/etc/conf.d"}
|
initconfdir=${initconfdir="/etc/conf.d"}
|
||||||
initconf=${initconf="$initconfdir/$PKG_NAME"},
|
initconf=${initconf="$initconfdir/$INIT_PROG"},
|
||||||
|
|
||||||
[smf*],
|
[smf*],
|
||||||
if test $init_type = smf10; then
|
if test $init_type = smf10; then
|
||||||
@ -660,21 +672,21 @@ AS_CASE([$init_type],
|
|||||||
else
|
else
|
||||||
initdir=${initdir="/lib/svc/manifest/network/nagios"}
|
initdir=${initdir="/lib/svc/manifest/network/nagios"}
|
||||||
fi
|
fi
|
||||||
initname=${initname="$PKG_NAME.xml"}
|
initname=${initname="$INIT_PROG.xml"}
|
||||||
initconfdir=unknown
|
initconfdir=unknown
|
||||||
initconf=unknown,
|
initconf=unknown,
|
||||||
|
|
||||||
[upstart],
|
[upstart],
|
||||||
initdir=${initdir="/etc/init"}
|
initdir=${initdir="/etc/init"}
|
||||||
initname=${initname="$PKG_NAME.conf"}
|
initname=${initname="$INIT_PROG.conf"}
|
||||||
initconfdir=${initconfdir="/etc/default"}
|
initconfdir=${initconfdir="/etc/default"}
|
||||||
initconf=${initconf="$initconfdir/$PKG_NAME"},
|
initconf=${initconf="$initconfdir/$INIT_PROG"},
|
||||||
|
|
||||||
[launchd],
|
[launchd],
|
||||||
initdir=${initdir="/Library/LaunchDaemons"}
|
initdir=${initdir="/Library/LaunchDaemons"}
|
||||||
initname=${initname="org.nagios.$PKG_NAME.plist"},
|
initname=${initname="org.nagios.$INIT_PROG.plist"},
|
||||||
# initconfdir=${initconfdir="/private/etc"}
|
# initconfdir=${initconfdir="/private/etc"}
|
||||||
# initconf=${initconf="$initconfdir/$PKG_NAME"},
|
# initconf=${initconf="$initconfdir/$INIT_PROG"},
|
||||||
|
|
||||||
|
|
||||||
[*],
|
[*],
|
||||||
@ -691,7 +703,7 @@ AS_CASE([$inetd_type],
|
|||||||
|
|
||||||
[xinetd],
|
[xinetd],
|
||||||
inetddir=${inetddir="/etc/xinetd.d"}
|
inetddir=${inetddir="/etc/xinetd.d"}
|
||||||
inetdname=${inetdname="$PKG_NAME"},
|
inetdname=${inetdname="$INIT_PROG"},
|
||||||
|
|
||||||
[systemd],
|
[systemd],
|
||||||
if test $dist_type = "debian"; then
|
if test $dist_type = "debian"; then
|
||||||
@ -699,7 +711,7 @@ AS_CASE([$inetd_type],
|
|||||||
else
|
else
|
||||||
inetddir=${inetddir="/usr/lib/systemd/system"}
|
inetddir=${inetddir="/usr/lib/systemd/system"}
|
||||||
fi
|
fi
|
||||||
netdname=${inetdname="$PKG_NAME.socket"},
|
netdname=${inetdname="$INIT_PROG.socket"},
|
||||||
|
|
||||||
[smf*],
|
[smf*],
|
||||||
if test $init_type = smf10; then
|
if test $init_type = smf10; then
|
||||||
@ -707,15 +719,15 @@ AS_CASE([$inetd_type],
|
|||||||
else
|
else
|
||||||
inetddir=${inetddir="/lib/svc/manifest/network/nagios"}
|
inetddir=${inetddir="/lib/svc/manifest/network/nagios"}
|
||||||
fi
|
fi
|
||||||
inetdname=${inetdname="$PKG_NAME.xml"},
|
inetdname=${inetdname="$INIT_PROG.xml"},
|
||||||
|
|
||||||
# [upstart],
|
# [upstart],
|
||||||
# inetddir=${inetddir="/etc/init.d"}
|
# inetddir=${inetddir="/etc/init.d"}
|
||||||
# inetdname=${inetdname="$PKG_NAME"},
|
# inetdname=${inetdname="$INIT_PROG"},
|
||||||
|
|
||||||
[launchd],
|
[launchd],
|
||||||
inetddir=${inetddir="/Library/LaunchDaemons"}
|
inetddir=${inetddir="/Library/LaunchDaemons"}
|
||||||
inetdname=${inetdname="org.nagios.$PKG_NAME.plist"},
|
inetdname=${inetdname="org.nagios.$INIT_PROG.plist"},
|
||||||
|
|
||||||
[*],
|
[*],
|
||||||
inetddir=${inetddir="unknown"}
|
inetddir=${inetddir="unknown"}
|
||||||
|
@ -59,6 +59,7 @@ SSL_HDR=
|
|||||||
SSL_LIB_DIR=
|
SSL_LIB_DIR=
|
||||||
|
|
||||||
AC_SUBST(HAVE_SSL)
|
AC_SUBST(HAVE_SSL)
|
||||||
|
AC_SUBST(SSL_TYPE)
|
||||||
AC_SUBST(SSL_INC_DIR)
|
AC_SUBST(SSL_INC_DIR)
|
||||||
AC_SUBST(SSL_HDR)
|
AC_SUBST(SSL_HDR)
|
||||||
AC_SUBST(SSL_INC_PREFIX)
|
AC_SUBST(SSL_INC_PREFIX)
|
||||||
|
@ -9,6 +9,7 @@
|
|||||||
%endif
|
%endif
|
||||||
%if %{islinux}
|
%if %{islinux}
|
||||||
%define _init_dir @initdir@
|
%define _init_dir @initdir@
|
||||||
|
%define _init_type @init_type@
|
||||||
%define _exec_prefix %{_prefix}/sbin
|
%define _exec_prefix %{_prefix}/sbin
|
||||||
%define _bindir %{_prefix}/sbin
|
%define _bindir %{_prefix}/sbin
|
||||||
%define _sbindir %{_prefix}/lib/nagios/cgi
|
%define _sbindir %{_prefix}/lib/nagios/cgi
|
||||||
@ -21,7 +22,7 @@
|
|||||||
%define _sysconfdir /etc/nagios
|
%define _sysconfdir /etc/nagios
|
||||||
|
|
||||||
%define name @PACKAGE_NAME@
|
%define name @PACKAGE_NAME@
|
||||||
%define version @PACKAGE_VERSION@
|
%define version 3.1.1
|
||||||
%define release @RPM_RELEASE@
|
%define release @RPM_RELEASE@
|
||||||
%define nsusr @nrpe_user@
|
%define nsusr @nrpe_user@
|
||||||
%define nsgrp @nrpe_group@
|
%define nsgrp @nrpe_group@
|
||||||
@ -32,7 +33,7 @@
|
|||||||
# rpm -ba|--rebuild --define 'nsport 5666'
|
# rpm -ba|--rebuild --define 'nsport 5666'
|
||||||
%{?port:%define nsport %{port}}
|
%{?port:%define nsport %{port}}
|
||||||
|
|
||||||
# Macro that print mesages to syslog at package (un)install time
|
# Macro that print messages to syslog at package (un)install time
|
||||||
%define nnmmsg logger -t %{name}/rpm
|
%define nnmmsg logger -t %{name}/rpm
|
||||||
|
|
||||||
Summary: Host/service/network monitoring agent for Nagios
|
Summary: Host/service/network monitoring agent for Nagios
|
||||||
@ -127,7 +128,7 @@ fi
|
|||||||
export PATH=$PATH:/usr/sbin
|
export PATH=$PATH:/usr/sbin
|
||||||
CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS" \
|
CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS" \
|
||||||
MAKE=%{_make} ./configure \
|
MAKE=%{_make} ./configure \
|
||||||
--with-init-dir=/etc/init.d \
|
--with-init-type=%{_init_type} \
|
||||||
--with-nrpe-port=%{nsport} \
|
--with-nrpe-port=%{nsport} \
|
||||||
--with-nrpe-user=%{nsusr} \
|
--with-nrpe-user=%{nsusr} \
|
||||||
--with-nrpe-group=%{nsgrp} \
|
--with-nrpe-group=%{nsgrp} \
|
||||||
|
@ -18,6 +18,14 @@ log_facility=@log_facility@
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# LOG FILE
|
||||||
|
# If a log file is specified in this option, nrpe will write to
|
||||||
|
# that file instead of using syslog.
|
||||||
|
|
||||||
|
#log_file=@logdir@/nrpe.log
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
# DEBUGGING OPTION
|
# DEBUGGING OPTION
|
||||||
# This option determines whether or not debugging messages are logged to the
|
# This option determines whether or not debugging messages are logged to the
|
||||||
# syslog facility.
|
# syslog facility.
|
||||||
@ -38,7 +46,7 @@ pid_file=@piddir@/nrpe.pid
|
|||||||
|
|
||||||
# PORT NUMBER
|
# PORT NUMBER
|
||||||
# Port number we should wait for connections on.
|
# Port number we should wait for connections on.
|
||||||
# NOTE: This must be a non-priviledged port (i.e. > 1024).
|
# NOTE: This must be a non-privileged port (i.e. > 1024).
|
||||||
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
|
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
|
||||||
|
|
||||||
server_port=@nrpe_port@
|
server_port=@nrpe_port@
|
||||||
@ -95,7 +103,7 @@ nrpe_group=@nrpe_group@
|
|||||||
#
|
#
|
||||||
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
|
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
|
||||||
|
|
||||||
allowed_hosts=127.0.0.1
|
allowed_hosts=127.0.0.1,::1
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -115,7 +123,7 @@ dont_blame_nrpe=0
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
# BASH COMMAND SUBTITUTION
|
# BASH COMMAND SUBSTITUTION
|
||||||
# This option determines whether or not the NRPE daemon will allow clients
|
# This option determines whether or not the NRPE daemon will allow clients
|
||||||
# to specify arguments that contain bash command substitutions of the form
|
# to specify arguments that contain bash command substitutions of the form
|
||||||
# $(...). This option only works if the daemon was configured with both
|
# $(...). This option only works if the daemon was configured with both
|
||||||
@ -141,7 +149,7 @@ allow_bash_command_substitution=0
|
|||||||
# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
|
# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
|
||||||
# Usage scenario:
|
# Usage scenario:
|
||||||
# Execute restricted commmands using sudo. For this to work, you need to add
|
# Execute restricted commmands using sudo. For this to work, you need to add
|
||||||
# the nagios user to your /etc/sudoers. An example entry for alllowing
|
# the nagios user to your /etc/sudoers. An example entry for allowing
|
||||||
# execution of the plugins from might be:
|
# execution of the plugins from might be:
|
||||||
#
|
#
|
||||||
# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
|
# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
|
||||||
@ -197,6 +205,7 @@ connection_timeout=300
|
|||||||
# TLSv1.2+ (use TLSv1.2 or above)
|
# TLSv1.2+ (use TLSv1.2 or above)
|
||||||
# If an "or above" version is used, the best will be negotiated. So if both
|
# If an "or above" version is used, the best will be negotiated. So if both
|
||||||
# ends are able to do TLSv1.2 and use specify SSLv2, you will get TLSv1.2.
|
# ends are able to do TLSv1.2 and use specify SSLv2, you will get TLSv1.2.
|
||||||
|
# If you are using openssl 1.1.0 or above, the SSLv2 options are not available.
|
||||||
|
|
||||||
#ssl_version=SSLv2+
|
#ssl_version=SSLv2+
|
||||||
|
|
||||||
@ -246,6 +255,13 @@ connection_timeout=300
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# NASTY METACHARACTERS
|
||||||
|
# This option allows you to override the list of characters that cannot
|
||||||
|
# be passed to the NRPE daemon.
|
||||||
|
|
||||||
|
# nasty_metachars="|`&><'\\[]{};\r\n"
|
||||||
|
|
||||||
|
|
||||||
# INCLUDE CONFIG FILE
|
# INCLUDE CONFIG FILE
|
||||||
# This directive allows you to include definitions from an external config file.
|
# This directive allows you to include definitions from an external config file.
|
||||||
|
|
||||||
@ -285,7 +301,7 @@ connection_timeout=300
|
|||||||
# The following examples use hardcoded command arguments...
|
# The following examples use hardcoded command arguments...
|
||||||
|
|
||||||
command[check_users]=@pluginsdir@/check_users -w 5 -c 10
|
command[check_users]=@pluginsdir@/check_users -w 5 -c 10
|
||||||
command[check_load]=@pluginsdir@/check_load -w 15,10,5 -c 30,25,20
|
command[check_load]=@pluginsdir@/check_load -r -w .15,.10,.05 -c .30,.25,.20
|
||||||
command[check_hda1]=@pluginsdir@/check_disk -w 20% -c 10% -p /dev/hda1
|
command[check_hda1]=@pluginsdir@/check_disk -w 20% -c 10% -p /dev/hda1
|
||||||
command[check_zombie_procs]=@pluginsdir@/check_procs -w 5 -c 10 -s Z
|
command[check_zombie_procs]=@pluginsdir@/check_procs -w 5 -c 10 -s Z
|
||||||
command[check_total_procs]=@pluginsdir@/check_procs -w 150 -c 200
|
command[check_total_procs]=@pluginsdir@/check_procs -w 150 -c 200
|
||||||
|
109
src/acl.c
109
src/acl.c
@ -29,6 +29,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#include "../include/config.h"
|
#include "../include/config.h"
|
||||||
|
#include "../include/common.h"
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
@ -41,12 +42,13 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#include <netdb.h>
|
#include <netdb.h>
|
||||||
#include <syslog.h>
|
|
||||||
#include <stdarg.h>
|
#include <stdarg.h>
|
||||||
|
|
||||||
#include "../include/acl.h"
|
#include "../include/acl.h"
|
||||||
|
|
||||||
/* This function checks if a char argumnet from valid char range.
|
extern int debug;
|
||||||
|
|
||||||
|
/* This function checks if a char argument from valid char range.
|
||||||
* Valid range is: ASCII only, a number or a letter, a space, a dot, a slash, a dash, a comma.
|
* Valid range is: ASCII only, a number or a letter, a space, a dot, a slash, a dash, a comma.
|
||||||
*
|
*
|
||||||
* Returns:
|
* Returns:
|
||||||
@ -76,16 +78,12 @@ int isvalidchar(int c) {
|
|||||||
switch (c) {
|
switch (c) {
|
||||||
case '.':
|
case '.':
|
||||||
return 4;
|
return 4;
|
||||||
break;
|
|
||||||
case '/':
|
case '/':
|
||||||
return 5;
|
return 5;
|
||||||
break;
|
|
||||||
case '-':
|
case '-':
|
||||||
return 6;
|
return 6;
|
||||||
break;
|
|
||||||
case ',':
|
case ',':
|
||||||
return 7;
|
return 7;
|
||||||
break;
|
|
||||||
default:
|
default:
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -142,9 +140,14 @@ int add_ipv4_to_acl(char *ipv4) {
|
|||||||
unsigned long ip, mask;
|
unsigned long ip, mask;
|
||||||
struct ip_acl *ip_acl_curr;
|
struct ip_acl *ip_acl_curr;
|
||||||
|
|
||||||
|
if(debug == TRUE)
|
||||||
|
logit(LOG_INFO, "add_ipv4_to_acl: checking ip-address >%s<", ipv4);
|
||||||
|
|
||||||
/* Check for min and max IPv4 valid length */
|
/* Check for min and max IPv4 valid length */
|
||||||
if (len < 7 || len > 18)
|
if (len < 7 || len > 18) {
|
||||||
|
logit(LOG_INFO, "add_ipv4_to_acl: Error, ip-address >%s< incorrect length", ipv4);
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
/* default mask for ipv4 */
|
/* default mask for ipv4 */
|
||||||
data[4] = 32;
|
data[4] = 32;
|
||||||
@ -152,8 +155,12 @@ int add_ipv4_to_acl(char *ipv4) {
|
|||||||
/* Basic IPv4 format check */
|
/* Basic IPv4 format check */
|
||||||
for (i = 0; i < len; i++) {
|
for (i = 0; i < len; i++) {
|
||||||
/* Return 0 on error state */
|
/* Return 0 on error state */
|
||||||
if (state == -1)
|
if (state == -1) {
|
||||||
|
if(debug == TRUE)
|
||||||
|
logit(LOG_INFO, "add_ipv4_to_acl: Error, ip-address >%s< incorrect "
|
||||||
|
"format, continue with next check ...", ipv4);
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
c = ipv4[i];
|
c = ipv4[i];
|
||||||
|
|
||||||
@ -201,6 +208,7 @@ int add_ipv4_to_acl(char *ipv4) {
|
|||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
/* Bad states */
|
/* Bad states */
|
||||||
|
logit(LOG_INFO, "add_ipv4_to_acl: Error, ip-address >%s< bad state", ipv4);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -209,29 +217,29 @@ int add_ipv4_to_acl(char *ipv4) {
|
|||||||
*/
|
*/
|
||||||
for (i=0; i < 4; i++) {
|
for (i=0; i < 4; i++) {
|
||||||
if (data[i] < 0 || data[i] > 255) {
|
if (data[i] < 0 || data[i] > 255) {
|
||||||
syslog(LOG_ERR,"Invalid IPv4 address/network format(%s) in allowed_hosts option\n",ipv4);
|
logit(LOG_ERR,"Invalid IPv4 address/network format(%s) in allowed_hosts option\n",ipv4);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (data[4] < 0 || data[4] > 32) {
|
if (data[4] < 0 || data[4] > 32) {
|
||||||
syslog(LOG_ERR,"Invalid IPv4 network mask format(%s) in allowed_hosts option\n",ipv4);
|
logit(LOG_ERR,"Invalid IPv4 network mask format(%s) in allowed_hosts option\n",ipv4);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Conver ip and mask to unsigned long */
|
/* Convert ip and mask to unsigned long */
|
||||||
ip = htonl((data[0] << 24) + (data[1] << 16) + (data[2] << 8) + data[3]);
|
ip = htonl((data[0] << 24) + (data[1] << 16) + (data[2] << 8) + data[3]);
|
||||||
mask = htonl(-1 << (32 - data[4]));
|
mask = htonl(-1 << (32 - data[4]));
|
||||||
|
|
||||||
/* Wrong network address */
|
/* Wrong network address */
|
||||||
if ( (ip & mask) != ip) {
|
if ( (ip & mask) != ip) {
|
||||||
syslog(LOG_ERR,"IP address and mask do not match in %s\n",ipv4);
|
logit(LOG_ERR,"IP address and mask do not match in %s\n",ipv4);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Add addr to ip_acl list */
|
/* Add addr to ip_acl list */
|
||||||
if ( (ip_acl_curr = malloc(sizeof(*ip_acl_curr))) == NULL) {
|
if ( (ip_acl_curr = malloc(sizeof(*ip_acl_curr))) == NULL) {
|
||||||
syslog(LOG_ERR,"Can't allocate memory for ACL, malloc error\n");
|
logit(LOG_ERR,"Can't allocate memory for ACL, malloc error\n");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -247,6 +255,10 @@ int add_ipv4_to_acl(char *ipv4) {
|
|||||||
ip_acl_prev->next = ip_acl_curr;
|
ip_acl_prev->next = ip_acl_curr;
|
||||||
}
|
}
|
||||||
ip_acl_prev = ip_acl_curr;
|
ip_acl_prev = ip_acl_curr;
|
||||||
|
|
||||||
|
if(debug == TRUE)
|
||||||
|
logit(LOG_INFO, "add_ipv4_to_acl: ip-address >%s< correct, adding.", ipv4);
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -271,7 +283,7 @@ int add_ipv6_to_acl(char *ipv6) {
|
|||||||
messages if needed */
|
messages if needed */
|
||||||
ipv6tmp = strdup(ipv6);
|
ipv6tmp = strdup(ipv6);
|
||||||
if(NULL == ipv6tmp) {
|
if(NULL == ipv6tmp) {
|
||||||
syslog(LOG_ERR, "Memory allocation failed for copy of address: %s\n",
|
logit(LOG_ERR, "Memory allocation failed for copy of address: %s\n",
|
||||||
ipv6);
|
ipv6);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -327,7 +339,7 @@ int add_ipv6_to_acl(char *ipv6) {
|
|||||||
/* Add address to ip_acl list */
|
/* Add address to ip_acl list */
|
||||||
ip_acl_curr = malloc(sizeof(*ip_acl_curr));
|
ip_acl_curr = malloc(sizeof(*ip_acl_curr));
|
||||||
if(NULL == ip_acl_curr) {
|
if(NULL == ip_acl_curr) {
|
||||||
syslog(LOG_ERR, "Memory allocation failed for ACL: %s\n", ipv6);
|
logit(LOG_ERR, "Memory allocation failed for ACL: %s\n", ipv6);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -387,8 +399,12 @@ int add_domain_to_acl(char *domain) {
|
|||||||
|
|
||||||
struct dns_acl *dns_acl_curr;
|
struct dns_acl *dns_acl_curr;
|
||||||
|
|
||||||
if (len > 63)
|
if (len > 63) {
|
||||||
|
logit(LOG_INFO,
|
||||||
|
"ADD_DOMAIN_TO_ACL: Error, did not add >%s< to acl list, too long!",
|
||||||
|
domain);
|
||||||
return 0;
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
for (i = 0; i < len; i++) {
|
for (i = 0; i < len; i++) {
|
||||||
c = domain[i];
|
c = domain[i];
|
||||||
@ -426,6 +442,9 @@ int add_domain_to_acl(char *domain) {
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
logit(LOG_INFO,
|
||||||
|
"ADD_DOMAIN_TO_ACL: Error, did not add >%s< to acl list, "
|
||||||
|
"invalid chars!", domain);
|
||||||
/* Not valid chars */
|
/* Not valid chars */
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@ -436,7 +455,7 @@ int add_domain_to_acl(char *domain) {
|
|||||||
case 1: case 4: case 5:
|
case 1: case 4: case 5:
|
||||||
/* Add name to domain ACL list */
|
/* Add name to domain ACL list */
|
||||||
if ( (dns_acl_curr = malloc(sizeof(*dns_acl_curr))) == NULL) {
|
if ( (dns_acl_curr = malloc(sizeof(*dns_acl_curr))) == NULL) {
|
||||||
syslog(LOG_ERR,"Can't allocate memory for ACL, malloc error\n");
|
logit(LOG_ERR,"Can't allocate memory for ACL, malloc error\n");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
strcpy(dns_acl_curr->domain, domain);
|
strcpy(dns_acl_curr->domain, domain);
|
||||||
@ -448,13 +467,18 @@ int add_domain_to_acl(char *domain) {
|
|||||||
dns_acl_prev->next = dns_acl_curr;
|
dns_acl_prev->next = dns_acl_curr;
|
||||||
|
|
||||||
dns_acl_prev = dns_acl_curr;
|
dns_acl_prev = dns_acl_curr;
|
||||||
|
if(debug == TRUE)
|
||||||
|
logit(LOG_INFO, "ADD_DOMAIN_TO_ACL: added >%s< to acl list!", domain);
|
||||||
return 1;
|
return 1;
|
||||||
default:
|
default:
|
||||||
|
logit(LOG_INFO,
|
||||||
|
"ADD_DOMAIN_TO_ACL: ERROR, did not add >%s< to acl list, "
|
||||||
|
"check allowed_host in config file!", domain);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Checks connectiong host in ACL
|
/* Checks connection host in ACL
|
||||||
*
|
*
|
||||||
* Returns:
|
* Returns:
|
||||||
* 1 - on success
|
* 1 - on success
|
||||||
@ -470,14 +494,23 @@ int is_an_allowed_host(int family, void *host)
|
|||||||
struct sockaddr_in *addr;
|
struct sockaddr_in *addr;
|
||||||
struct sockaddr_in6 addr6;
|
struct sockaddr_in6 addr6;
|
||||||
struct addrinfo *res, *ai;
|
struct addrinfo *res, *ai;
|
||||||
|
struct in_addr tmp;
|
||||||
|
|
||||||
while (ip_acl_curr != NULL) {
|
while (ip_acl_curr != NULL) {
|
||||||
if(ip_acl_curr->family == family) {
|
if(ip_acl_curr->family == family) {
|
||||||
switch(ip_acl_curr->family) {
|
switch(ip_acl_curr->family) {
|
||||||
case AF_INET:
|
case AF_INET:
|
||||||
|
if (debug == TRUE) {
|
||||||
|
tmp.s_addr = ((struct in_addr*)host)->s_addr;
|
||||||
|
logit(LOG_INFO, "is_an_allowed_host (AF_INET): is host >%s< "
|
||||||
|
"an allowed host >%s<\n",
|
||||||
|
inet_ntoa(tmp), inet_ntoa(ip_acl_curr->addr));
|
||||||
|
}
|
||||||
if((((struct in_addr *)host)->s_addr &
|
if((((struct in_addr *)host)->s_addr &
|
||||||
ip_acl_curr->mask.s_addr) ==
|
ip_acl_curr->mask.s_addr) ==
|
||||||
ip_acl_curr->addr.s_addr) {
|
ip_acl_curr->addr.s_addr) {
|
||||||
|
if (debug == TRUE)
|
||||||
|
logit(LOG_INFO, "is_an_allowed_host (AF_INET): host is in allowed host list!");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
@ -509,9 +542,20 @@ int is_an_allowed_host(int family, void *host)
|
|||||||
switch(ai->ai_family) {
|
switch(ai->ai_family) {
|
||||||
|
|
||||||
case AF_INET:
|
case AF_INET:
|
||||||
|
if(debug == TRUE) {
|
||||||
|
tmp.s_addr=((struct in_addr *)host)->s_addr;
|
||||||
|
logit(LOG_INFO, "is_an_allowed_host (AF_INET): is host >%s< "
|
||||||
|
"an allowed host >%s<\n",
|
||||||
|
inet_ntoa(tmp), dns_acl_curr->domain);
|
||||||
|
}
|
||||||
|
|
||||||
addr = (struct sockaddr_in*)(ai->ai_addr);
|
addr = (struct sockaddr_in*)(ai->ai_addr);
|
||||||
if (addr->sin_addr.s_addr == ((struct in_addr*)host)->s_addr)
|
if (addr->sin_addr.s_addr == ((struct in_addr*)host)->s_addr) {
|
||||||
|
if (debug == TRUE)
|
||||||
|
logit(LOG_INFO, "is_an_allowed_host (AF_INET): "
|
||||||
|
"host is in allowed host list!");
|
||||||
return 1;
|
return 1;
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case AF_INET6:
|
case AF_INET6:
|
||||||
@ -521,10 +565,10 @@ int is_an_allowed_host(int family, void *host)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
dns_acl_curr = dns_acl_curr->next;
|
dns_acl_curr = dns_acl_curr->next;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -559,19 +603,30 @@ void parse_allowed_hosts(char *allowed_hosts) {
|
|||||||
const char *delim = ",";
|
const char *delim = ",";
|
||||||
char *trimmed_tok;
|
char *trimmed_tok;
|
||||||
|
|
||||||
|
if (debug == TRUE)
|
||||||
|
logit(LOG_INFO,
|
||||||
|
"parse_allowed_hosts: parsing the allowed host string >%s< to add to ACL list\n",
|
||||||
|
allowed_hosts);
|
||||||
|
|
||||||
#ifdef HAVE_STRTOK_R
|
#ifdef HAVE_STRTOK_R
|
||||||
tok = strtok_r(hosts, delim, &saveptr);
|
tok = strtok_r(hosts, delim, &saveptr);
|
||||||
#else
|
#else
|
||||||
|
if (debug == TRUE)
|
||||||
|
logit(LOG_INFO,"parse_allowed_hosts: using strtok, this might lead to "
|
||||||
|
"problems in the allowed_hosts string determination!\n");
|
||||||
tok = strtok(hosts, delim);
|
tok = strtok(hosts, delim);
|
||||||
#endif
|
#endif
|
||||||
while( tok) {
|
while( tok) {
|
||||||
trimmed_tok = malloc( sizeof( char) * ( strlen( tok) + 1));
|
trimmed_tok = malloc( sizeof( char) * ( strlen( tok) + 1));
|
||||||
trim( tok, trimmed_tok);
|
trim( tok, trimmed_tok);
|
||||||
|
if(debug == TRUE)
|
||||||
|
logit(LOG_DEBUG, "parse_allowed_hosts: ADDING this record (%s) to ACL list!\n", trimmed_tok);
|
||||||
if( strlen( trimmed_tok) > 0) {
|
if( strlen( trimmed_tok) > 0) {
|
||||||
if (!add_ipv4_to_acl(trimmed_tok) && !add_ipv6_to_acl(trimmed_tok)
|
if (!add_ipv4_to_acl(trimmed_tok) && !add_ipv6_to_acl(trimmed_tok)
|
||||||
&& !add_domain_to_acl(trimmed_tok)) {
|
&& !add_domain_to_acl(trimmed_tok)) {
|
||||||
syslog(LOG_ERR,"Can't add to ACL this record (%s). Check allowed_hosts option!\n",trimmed_tok);
|
logit(LOG_ERR,"Can't add to ACL this record (%s). Check allowed_hosts option!\n",trimmed_tok);
|
||||||
}
|
} else if (debug == TRUE)
|
||||||
|
logit(LOG_DEBUG,"parse_allowed_hosts: Record added to ACL list!\n");
|
||||||
}
|
}
|
||||||
free( trimmed_tok);
|
free( trimmed_tok);
|
||||||
#ifdef HAVE_STRTOK_R
|
#ifdef HAVE_STRTOK_R
|
||||||
@ -606,17 +661,21 @@ unsigned int prefix_from_mask(struct in_addr mask) {
|
|||||||
* It shows all hosts in ACL lists
|
* It shows all hosts in ACL lists
|
||||||
*/
|
*/
|
||||||
|
|
||||||
void show_acl_lists(void) {
|
void show_acl_lists(void)
|
||||||
|
{
|
||||||
struct ip_acl *ip_acl_curr = ip_acl_head;
|
struct ip_acl *ip_acl_curr = ip_acl_head;
|
||||||
struct dns_acl *dns_acl_curr = dns_acl_head;
|
struct dns_acl *dns_acl_curr = dns_acl_head;
|
||||||
|
|
||||||
|
logit(LOG_INFO, "Showing ACL lists for both IP and DOMAIN acl's:\n" );
|
||||||
|
|
||||||
while (ip_acl_curr != NULL) {
|
while (ip_acl_curr != NULL) {
|
||||||
printf(" IP ACL: %s/%u %u\n", inet_ntoa(ip_acl_curr->addr), prefix_from_mask(ip_acl_curr->mask), ip_acl_curr->addr.s_addr);
|
logit(LOG_INFO, " IP ACL: %s/%u %u\n", inet_ntoa(ip_acl_curr->addr),
|
||||||
|
prefix_from_mask(ip_acl_curr->mask), ip_acl_curr->addr.s_addr);
|
||||||
ip_acl_curr = ip_acl_curr->next;
|
ip_acl_curr = ip_acl_curr->next;
|
||||||
}
|
}
|
||||||
|
|
||||||
while (dns_acl_curr != NULL) {
|
while (dns_acl_curr != NULL) {
|
||||||
printf("DNS ACL: %s\n", dns_acl_curr->domain);
|
logit(LOG_INFO, " DNS ACL: %s\n", dns_acl_curr->domain);
|
||||||
dns_acl_curr = dns_acl_curr->next;
|
dns_acl_curr = dns_acl_curr->next;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
363
src/check_nrpe.c
363
src/check_nrpe.c
@ -4,7 +4,7 @@
|
|||||||
* Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
|
* Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
|
||||||
* License: GPL
|
* License: GPL
|
||||||
*
|
*
|
||||||
* Last Modified: 09-08-2016
|
* Last Modified: 2017-05-24
|
||||||
*
|
*
|
||||||
* Command line: CHECK_NRPE -H <host_address> [-p port] [-c command] [-to to_sec]
|
* Command line: CHECK_NRPE -H <host_address> [-p port] [-c command] [-to to_sec]
|
||||||
*
|
*
|
||||||
@ -46,7 +46,9 @@ int show_help = FALSE;
|
|||||||
int show_license = FALSE;
|
int show_license = FALSE;
|
||||||
int show_version = FALSE;
|
int show_version = FALSE;
|
||||||
int packet_ver = NRPE_PACKET_VERSION_3;
|
int packet_ver = NRPE_PACKET_VERSION_3;
|
||||||
|
int force_v2_packet = 0;
|
||||||
int payload_size = 0;
|
int payload_size = 0;
|
||||||
|
extern char *log_file;
|
||||||
|
|
||||||
#ifdef HAVE_SSL
|
#ifdef HAVE_SSL
|
||||||
# if (defined(__sun) && defined(SOLARIS_10)) || defined(_AIX) || defined(__hpux)
|
# if (defined(__sun) && defined(SOLARIS_10)) || defined(_AIX) || defined(__hpux)
|
||||||
@ -57,7 +59,7 @@ const SSL_METHOD *meth;
|
|||||||
SSL_CTX *ctx;
|
SSL_CTX *ctx;
|
||||||
SSL *ssl;
|
SSL *ssl;
|
||||||
int use_ssl = TRUE;
|
int use_ssl = TRUE;
|
||||||
int ssl_opts = SSL_OP_ALL;
|
unsigned long ssl_opts = SSL_OP_ALL;
|
||||||
#else
|
#else
|
||||||
int use_ssl = FALSE;
|
int use_ssl = FALSE;
|
||||||
#endif
|
#endif
|
||||||
@ -81,7 +83,7 @@ struct _SSL_PARMS {
|
|||||||
char *cacert_file;
|
char *cacert_file;
|
||||||
char *privatekey_file;
|
char *privatekey_file;
|
||||||
char cipher_list[MAX_FILENAME_LENGTH];
|
char cipher_list[MAX_FILENAME_LENGTH];
|
||||||
SslVer ssl_min_ver;
|
SslVer ssl_proto_ver;
|
||||||
int allowDH;
|
int allowDH;
|
||||||
ClntCerts client_certs;
|
ClntCerts client_certs;
|
||||||
SslLogging log_opts;
|
SslLogging log_opts;
|
||||||
@ -97,7 +99,7 @@ void set_timeout_state (char *state);
|
|||||||
int parse_timeout_string (char *timeout_str);
|
int parse_timeout_string (char *timeout_str);
|
||||||
void usage(int result);
|
void usage(int result);
|
||||||
void setup_ssl();
|
void setup_ssl();
|
||||||
void set_sig_hadlers();
|
void set_sig_handlers();
|
||||||
int connect_to_remote();
|
int connect_to_remote();
|
||||||
int send_request();
|
int send_request();
|
||||||
int read_response();
|
int read_response();
|
||||||
@ -127,14 +129,14 @@ int main(int argc, char **argv)
|
|||||||
timeout_return_code = STATE_CRITICAL;
|
timeout_return_code = STATE_CRITICAL;
|
||||||
if (sslprm.cipher_list[0] == '\0')
|
if (sslprm.cipher_list[0] == '\0')
|
||||||
strncpy(sslprm.cipher_list, "ALL:!MD5:@STRENGTH", MAX_FILENAME_LENGTH - 1);
|
strncpy(sslprm.cipher_list, "ALL:!MD5:@STRENGTH", MAX_FILENAME_LENGTH - 1);
|
||||||
if (sslprm.ssl_min_ver == SSL_Ver_Invalid)
|
if (sslprm.ssl_proto_ver == SSL_Ver_Invalid)
|
||||||
sslprm.ssl_min_ver = TLSv1_plus;
|
sslprm.ssl_proto_ver = TLSv1_plus;
|
||||||
if (sslprm.allowDH == -1)
|
if (sslprm.allowDH == -1)
|
||||||
sslprm.allowDH = TRUE;
|
sslprm.allowDH = TRUE;
|
||||||
|
|
||||||
generate_crc32_table(); /* generate the CRC 32 table */
|
generate_crc32_table(); /* generate the CRC 32 table */
|
||||||
setup_ssl(); /* Do all the SSL/TLS set up */
|
setup_ssl(); /* Do all the SSL/TLS set up */
|
||||||
set_sig_hadlers(); /* initialize alarm signal handling */
|
set_sig_handlers(); /* initialize alarm signal handling */
|
||||||
result = connect_to_remote(); /* Make the connection */
|
result = connect_to_remote(); /* Make the connection */
|
||||||
if (result != STATE_OK) {
|
if (result != STATE_OK) {
|
||||||
alarm(0);
|
alarm(0);
|
||||||
@ -149,28 +151,32 @@ int main(int argc, char **argv)
|
|||||||
|
|
||||||
if (result == -1) {
|
if (result == -1) {
|
||||||
/* Failure reading from remote, so try version 2 packet */
|
/* Failure reading from remote, so try version 2 packet */
|
||||||
syslog(LOG_NOTICE, "Remote %s does not support Version 3 Packets", rem_host);
|
logit(LOG_INFO, "Remote %s does not support Version 3 Packets", rem_host);
|
||||||
packet_ver = NRPE_PACKET_VERSION_2;
|
packet_ver = NRPE_PACKET_VERSION_2;
|
||||||
|
|
||||||
/* Rerun the setup */
|
/* Rerun the setup */
|
||||||
setup_ssl();
|
setup_ssl();
|
||||||
set_sig_hadlers();
|
set_sig_handlers();
|
||||||
result = connect_to_remote(); /* Connect */
|
result = connect_to_remote(); /* Connect */
|
||||||
if (result != STATE_OK) {
|
if (result != STATE_OK) {
|
||||||
alarm(0);
|
alarm(0);
|
||||||
|
close_log_file(); /* close the log file */
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
result = send_request(); /* Send the request */
|
result = send_request(); /* Send the request */
|
||||||
if (result != STATE_OK)
|
if (result != STATE_OK) {
|
||||||
|
close_log_file(); /* close the log file */
|
||||||
return result;
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
result = read_response(); /* Get the response */
|
result = read_response(); /* Get the response */
|
||||||
}
|
}
|
||||||
|
|
||||||
if (result != -1)
|
if (result != -1 && force_v2_packet == 0 && packet_ver == NRPE_PACKET_VERSION_2)
|
||||||
syslog(LOG_NOTICE, "Remote %s accepted a Version %d Packet", rem_host, packet_ver);
|
logit(LOG_DEBUG, "Remote %s accepted a Version %d Packet", rem_host, packet_ver);
|
||||||
|
|
||||||
|
close_log_file(); /* close the log file */
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -206,6 +212,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
{"timeout", required_argument, 0, 't'},
|
{"timeout", required_argument, 0, 't'},
|
||||||
{"port", required_argument, 0, 'p'},
|
{"port", required_argument, 0, 'p'},
|
||||||
{"payload-size", required_argument, 0, 'P'},
|
{"payload-size", required_argument, 0, 'P'},
|
||||||
|
{"log-file", required_argument, 0, 'g'},
|
||||||
{"help", no_argument, 0, 'h'},
|
{"help", no_argument, 0, 'h'},
|
||||||
{"license", no_argument, 0, 'l'},
|
{"license", no_argument, 0, 'l'},
|
||||||
{0, 0, 0, 0}
|
{0, 0, 0, 0}
|
||||||
@ -217,15 +224,17 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
return ERROR;
|
return ERROR;
|
||||||
|
|
||||||
optind = 0;
|
optind = 0;
|
||||||
snprintf(optchars, MAX_INPUT_BUFFER, "H:f:b:c:a:t:p:S:L:C:K:A:d:s:P:246hlnuV");
|
snprintf(optchars, MAX_INPUT_BUFFER, "H:f:b:c:a:t:p:S:L:C:K:A:d:s:P:g:246hlnuV");
|
||||||
|
|
||||||
while (1) {
|
while (1) {
|
||||||
|
if (argindex > 0)
|
||||||
|
break;
|
||||||
#ifdef HAVE_GETOPT_LONG
|
#ifdef HAVE_GETOPT_LONG
|
||||||
c = getopt_long(argc, argv, optchars, long_options, &option_index);
|
c = getopt_long(argc, argv, optchars, long_options, &option_index);
|
||||||
#else
|
#else
|
||||||
c = getopt(argc, argv, optchars);
|
c = getopt(argc, argv, optchars);
|
||||||
#endif
|
#endif
|
||||||
if (c == -1 || c == EOF || argindex > 0)
|
if (c == -1 || c == EOF)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
/* process all arguments */
|
/* process all arguments */
|
||||||
@ -258,7 +267,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 't':
|
case 't':
|
||||||
if (from_config_file && socket_timeout != -1) {
|
if (from_config_file && socket_timeout != -1) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line socket timeout overrides "
|
logit(LOG_WARNING, "WARNING: Command-line socket timeout overrides "
|
||||||
"the config file option.");
|
"the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -269,7 +278,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 'p':
|
case 'p':
|
||||||
if (from_config_file && server_port != 0) {
|
if (from_config_file && server_port != 0) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line server port overrides "
|
logit(LOG_WARNING, "WARNING: Command-line server port overrides "
|
||||||
"the config file option.");
|
"the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -280,7 +289,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 'P':
|
case 'P':
|
||||||
if (from_config_file && payload_size > 0) {
|
if (from_config_file && payload_size > 0) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line payload-size (-P) overrides "
|
logit(LOG_WARNING, "WARNING: Command-line payload-size (-P) overrides "
|
||||||
"the config file option.");
|
"the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -291,7 +300,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 'H':
|
case 'H':
|
||||||
if (from_config_file && server_name != NULL) {
|
if (from_config_file && server_name != NULL) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line server name overrides "
|
logit(LOG_WARNING, "WARNING: Command-line server name overrides "
|
||||||
"the config file option.");
|
"the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -302,7 +311,6 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
if (from_config_file) {
|
if (from_config_file) {
|
||||||
printf("Error: The config file should not have a command (-c) option.\n");
|
printf("Error: The config file should not have a command (-c) option.\n");
|
||||||
return ERROR;
|
return ERROR;
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
command_name = strdup(optarg);
|
command_name = strdup(optarg);
|
||||||
break;
|
break;
|
||||||
@ -311,7 +319,6 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
if (from_config_file) {
|
if (from_config_file) {
|
||||||
printf("Error: The config file should not have args (-a) arguments.\n");
|
printf("Error: The config file should not have args (-a) arguments.\n");
|
||||||
return ERROR;
|
return ERROR;
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
argindex = optind;
|
argindex = optind;
|
||||||
break;
|
break;
|
||||||
@ -322,7 +329,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 'u':
|
case 'u':
|
||||||
if (from_config_file && timeout_return_code != -1) {
|
if (from_config_file && timeout_return_code != -1) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line unknown-timeout (-u) "
|
logit(LOG_WARNING, "WARNING: Command-line unknown-timeout (-u) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -331,16 +338,17 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case '2':
|
case '2':
|
||||||
if (from_config_file && packet_ver != NRPE_PACKET_VERSION_3) {
|
if (from_config_file && packet_ver != NRPE_PACKET_VERSION_3) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line v2-packets-only (-2) "
|
logit(LOG_WARNING, "WARNING: Command-line v2-packets-only (-2) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
packet_ver = NRPE_PACKET_VERSION_2;
|
packet_ver = NRPE_PACKET_VERSION_2;
|
||||||
|
force_v2_packet = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case '4':
|
case '4':
|
||||||
if (from_config_file && address_family != AF_UNSPEC) {
|
if (from_config_file && address_family != AF_UNSPEC) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line ipv4 (-4) "
|
logit(LOG_WARNING, "WARNING: Command-line ipv4 (-4) "
|
||||||
"or ipv6 (-6) overrides the config file option.");
|
"or ipv6 (-6) overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -349,7 +357,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case '6':
|
case '6':
|
||||||
if (from_config_file && address_family != AF_UNSPEC) {
|
if (from_config_file && address_family != AF_UNSPEC) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line ipv4 (-4) "
|
logit(LOG_WARNING, "WARNING: Command-line ipv4 (-4) "
|
||||||
"or ipv6 (-6) overrides the config file option.");
|
"or ipv6 (-6) overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -358,7 +366,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 'd':
|
case 'd':
|
||||||
if (from_config_file && sslprm.allowDH != -1) {
|
if (from_config_file && sslprm.allowDH != -1) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line use-adh (-d) "
|
logit(LOG_WARNING, "WARNING: Command-line use-adh (-d) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -369,7 +377,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 'A':
|
case 'A':
|
||||||
if (from_config_file && sslprm.cacert_file != NULL) {
|
if (from_config_file && sslprm.cacert_file != NULL) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line ca-cert-file (-A) "
|
logit(LOG_WARNING, "WARNING: Command-line ca-cert-file (-A) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -378,7 +386,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 'C':
|
case 'C':
|
||||||
if (from_config_file && sslprm.cert_file != NULL) {
|
if (from_config_file && sslprm.cert_file != NULL) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line client-cert (-C) "
|
logit(LOG_WARNING, "WARNING: Command-line client-cert (-C) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -388,7 +396,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 'K':
|
case 'K':
|
||||||
if (from_config_file && sslprm.privatekey_file != NULL) {
|
if (from_config_file && sslprm.privatekey_file != NULL) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line key-file (-K) "
|
logit(LOG_WARNING, "WARNING: Command-line key-file (-K) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -397,38 +405,41 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
case 'S':
|
case 'S':
|
||||||
if (from_config_file && sslprm.ssl_min_ver != SSL_Ver_Invalid) {
|
if (from_config_file && sslprm.ssl_proto_ver != SSL_Ver_Invalid) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line ssl-version (-S) "
|
logit(LOG_WARNING, "WARNING: Command-line ssl-version (-S) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (!strcmp(optarg, "SSLv2"))
|
|
||||||
sslprm.ssl_min_ver = SSLv2;
|
if (!strcmp(optarg, "TLSv1.2"))
|
||||||
else if (!strcmp(optarg, "SSLv2+"))
|
sslprm.ssl_proto_ver = TLSv1_2;
|
||||||
sslprm.ssl_min_ver = SSLv2_plus;
|
|
||||||
else if (!strcmp(optarg, "SSLv3"))
|
|
||||||
sslprm.ssl_min_ver = SSLv3;
|
|
||||||
else if (!strcmp(optarg, "SSLv3+"))
|
|
||||||
sslprm.ssl_min_ver = SSLv3_plus;
|
|
||||||
else if (!strcmp(optarg, "TLSv1"))
|
|
||||||
sslprm.ssl_min_ver = TLSv1;
|
|
||||||
else if (!strcmp(optarg, "TLSv1+"))
|
|
||||||
sslprm.ssl_min_ver = TLSv1_plus;
|
|
||||||
else if (!strcmp(optarg, "TLSv1.1"))
|
|
||||||
sslprm.ssl_min_ver = TLSv1_1;
|
|
||||||
else if (!strcmp(optarg, "TLSv1.1+"))
|
|
||||||
sslprm.ssl_min_ver = TLSv1_1_plus;
|
|
||||||
else if (!strcmp(optarg, "TLSv1.2"))
|
|
||||||
sslprm.ssl_min_ver = TLSv1_2;
|
|
||||||
else if (!strcmp(optarg, "TLSv1.2+"))
|
else if (!strcmp(optarg, "TLSv1.2+"))
|
||||||
sslprm.ssl_min_ver = TLSv1_2_plus;
|
sslprm.ssl_proto_ver = TLSv1_2_plus;
|
||||||
|
else if (!strcmp(optarg, "TLSv1.1"))
|
||||||
|
sslprm.ssl_proto_ver = TLSv1_1;
|
||||||
|
else if (!strcmp(optarg, "TLSv1.1+"))
|
||||||
|
sslprm.ssl_proto_ver = TLSv1_1_plus;
|
||||||
|
else if (!strcmp(optarg, "TLSv1"))
|
||||||
|
sslprm.ssl_proto_ver = TLSv1;
|
||||||
|
else if (!strcmp(optarg, "TLSv1+"))
|
||||||
|
sslprm.ssl_proto_ver = TLSv1_plus;
|
||||||
|
else if (!strcmp(optarg, "SSLv3"))
|
||||||
|
sslprm.ssl_proto_ver = SSLv3;
|
||||||
|
else if (!strcmp(optarg, "SSLv3+"))
|
||||||
|
sslprm.ssl_proto_ver = SSLv3_plus;
|
||||||
|
#if OPENSSL_VERSION_NUMBER < 0x10100000
|
||||||
|
else if (!strcmp(optarg, "SSLv2"))
|
||||||
|
sslprm.ssl_proto_ver = SSLv2;
|
||||||
|
else if (!strcmp(optarg, "SSLv2+"))
|
||||||
|
sslprm.ssl_proto_ver = SSLv2_plus;
|
||||||
|
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000 */
|
||||||
else
|
else
|
||||||
return ERROR;
|
return ERROR;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case 'L':
|
case 'L':
|
||||||
if (from_config_file && sslprm.cipher_list[0] != '\0') {
|
if (from_config_file && sslprm.cipher_list[0] != '\0') {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line cipher-list (-L) "
|
logit(LOG_WARNING, "WARNING: Command-line cipher-list (-L) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -438,7 +449,7 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
|
|
||||||
case 's':
|
case 's':
|
||||||
if (from_config_file && have_log_opts == TRUE) {
|
if (from_config_file && have_log_opts == TRUE) {
|
||||||
syslog(LOG_WARNING, "WARNING: Command-line ssl-logging (-s) "
|
logit(LOG_WARNING, "WARNING: Command-line ssl-logging (-s) "
|
||||||
"overrides the config file option.");
|
"overrides the config file option.");
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@ -446,19 +457,30 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
have_log_opts = TRUE;
|
have_log_opts = TRUE;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case 'g':
|
||||||
|
if (from_config_file && log_file != NULL) {
|
||||||
|
logit(LOG_WARNING, "WARNING: Command-line log-file (-g) "
|
||||||
|
"overrides the config file option.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
log_file = strdup(optarg);
|
||||||
|
open_log_file();
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
return ERROR;
|
return ERROR;
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* determine (base) command query */
|
/* determine (base) command query */
|
||||||
|
if (!from_config_file) {
|
||||||
snprintf(query, sizeof(query), "%s",
|
snprintf(query, sizeof(query), "%s",
|
||||||
(command_name == NULL) ? DEFAULT_NRPE_COMMAND : command_name);
|
(command_name == NULL) ? DEFAULT_NRPE_COMMAND : command_name);
|
||||||
query[sizeof(query) - 1] = '\x0';
|
query[sizeof(query) - 1] = '\x0';
|
||||||
|
}
|
||||||
|
|
||||||
/* get the command args */
|
/* get the command args */
|
||||||
if (argindex > 0) {
|
if (!from_config_file && argindex > 0) {
|
||||||
|
|
||||||
for (c = argindex - 1; c < argc; c++) {
|
for (c = argindex - 1; c < argc; c++) {
|
||||||
|
|
||||||
@ -471,7 +493,6 @@ int process_arguments(int argc, char **argv, int from_config_file)
|
|||||||
query[sizeof(query) - 1] = '\x0';
|
query[sizeof(query) - 1] = '\x0';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!from_config_file && config_file != NULL) {
|
if (!from_config_file && config_file != NULL) {
|
||||||
if ((rc = read_config_file(config_file)) != OK)
|
if ((rc = read_config_file(config_file)) != OK)
|
||||||
return rc;
|
return rc;
|
||||||
@ -507,28 +528,28 @@ int read_config_file(char *fname)
|
|||||||
size_t sz;
|
size_t sz;
|
||||||
|
|
||||||
if (stat(fname, &st)) {
|
if (stat(fname, &st)) {
|
||||||
syslog(LOG_ERR, "Error: Could not stat config file %s", fname);
|
logit(LOG_ERR, "Error: Could not stat config file %s", fname);
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
if ((f = fopen(fname, "r")) == NULL) {
|
if ((f = fopen(fname, "r")) == NULL) {
|
||||||
syslog(LOG_ERR, "Error: Could not open config file %s", fname);
|
logit(LOG_ERR, "Error: Could not open config file %s", fname);
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
if ((buf = (char*)calloc(1, st.st_size + 2)) == NULL) {
|
if ((buf = (char*)calloc(1, st.st_size + 2)) == NULL) {
|
||||||
fclose(f);
|
fclose(f);
|
||||||
syslog(LOG_ERR, "Error: read_config_file fail to allocate memory");
|
logit(LOG_ERR, "Error: read_config_file fail to allocate memory");
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
if ((sz = fread(buf, 1, st.st_size, f)) != st.st_size) {
|
if ((sz = fread(buf, 1, st.st_size, f)) != st.st_size) {
|
||||||
fclose(f);
|
fclose(f);
|
||||||
free(buf);
|
free(buf);
|
||||||
syslog(LOG_ERR, "Error: Failed to completely read config file %s", fname);
|
logit(LOG_ERR, "Error: Failed to completely read config file %s", fname);
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
if ((argv = calloc(50, sizeof(char*))) == NULL) {
|
if ((argv = calloc(50, sizeof(char*))) == NULL) {
|
||||||
fclose(f);
|
fclose(f);
|
||||||
free(buf);
|
free(buf);
|
||||||
syslog(LOG_ERR, "Error: read_config_file fail to allocate memory");
|
logit(LOG_ERR, "Error: read_config_file fail to allocate memory");
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -536,10 +557,10 @@ int read_config_file(char *fname)
|
|||||||
|
|
||||||
bufp = buf;
|
bufp = buf;
|
||||||
while (argc < 50) {
|
while (argc < 50) {
|
||||||
|
while (*bufp && strchr(delims, *bufp))
|
||||||
|
++bufp;
|
||||||
if (*bufp == '\0')
|
if (*bufp == '\0')
|
||||||
break;
|
break;
|
||||||
while (strchr(delims, *bufp))
|
|
||||||
++bufp;
|
|
||||||
argv[argc] = my_strsep(&bufp, delims);
|
argv[argc] = my_strsep(&bufp, delims);
|
||||||
if (!argv[argc++])
|
if (!argv[argc++])
|
||||||
break;
|
break;
|
||||||
@ -550,7 +571,7 @@ int read_config_file(char *fname)
|
|||||||
if (argc == 50) {
|
if (argc == 50) {
|
||||||
free(buf);
|
free(buf);
|
||||||
free(argv);
|
free(argv);
|
||||||
syslog(LOG_ERR, "Error: too many parameters in config file %s", fname);
|
logit(LOG_ERR, "Error: too many parameters in config file %s", fname);
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -594,22 +615,22 @@ void set_timeout_state (char *state) {
|
|||||||
|
|
||||||
int parse_timeout_string (char *timeout_str)
|
int parse_timeout_string (char *timeout_str)
|
||||||
{
|
{
|
||||||
char *seperated_str;
|
char *separated_str;
|
||||||
char *timeout_val = NULL;
|
char *timeout_val = NULL;
|
||||||
char *timeout_sta = NULL;
|
char *timeout_sta = NULL;
|
||||||
|
|
||||||
if (strstr(timeout_str, ":") == NULL)
|
if (strstr(timeout_str, ":") == NULL)
|
||||||
timeout_val = timeout_str;
|
timeout_val = timeout_str;
|
||||||
else if (strncmp(timeout_str, ":", 1) == 0) {
|
else if (strncmp(timeout_str, ":", 1) == 0) {
|
||||||
seperated_str = strtok(timeout_str, ":");
|
separated_str = strtok(timeout_str, ":");
|
||||||
if (seperated_str != NULL)
|
if (separated_str != NULL)
|
||||||
timeout_sta = seperated_str;
|
timeout_sta = separated_str;
|
||||||
} else {
|
} else {
|
||||||
seperated_str = strtok(timeout_str, ":");
|
separated_str = strtok(timeout_str, ":");
|
||||||
timeout_val = seperated_str;
|
timeout_val = separated_str;
|
||||||
seperated_str = strtok(NULL, ":");
|
separated_str = strtok(NULL, ":");
|
||||||
if (seperated_str != NULL) {
|
if (separated_str != NULL) {
|
||||||
timeout_sta = seperated_str;
|
timeout_sta = separated_str;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -645,7 +666,7 @@ void usage(int result)
|
|||||||
printf("Usage: check_nrpe -H <host> [-2] [-4] [-6] [-n] [-u] [-V] [-l] [-d <dhopt>]\n"
|
printf("Usage: check_nrpe -H <host> [-2] [-4] [-6] [-n] [-u] [-V] [-l] [-d <dhopt>]\n"
|
||||||
" [-P <size>] [-S <ssl version>] [-L <cipherlist>] [-C <clientcert>]\n"
|
" [-P <size>] [-S <ssl version>] [-L <cipherlist>] [-C <clientcert>]\n"
|
||||||
" [-K <key>] [-A <ca-certificate>] [-s <logopts>] [-b <bindaddr>]\n"
|
" [-K <key>] [-A <ca-certificate>] [-s <logopts>] [-b <bindaddr>]\n"
|
||||||
" [-f <cfg-file>] [-p <port>] [-t <interval>:<state>]\n"
|
" [-f <cfg-file>] [-p <port>] [-t <interval>:<state>] [-g <log-file>]\n"
|
||||||
" [-c <command>] [-a <arglist...>]\n");
|
" [-c <command>] [-a <arglist...>]\n");
|
||||||
printf("\n");
|
printf("\n");
|
||||||
printf("Options:\n");
|
printf("Options:\n");
|
||||||
@ -655,7 +676,7 @@ void usage(int result)
|
|||||||
printf(" -6 = bind to ipv6 only\n");
|
printf(" -6 = bind to ipv6 only\n");
|
||||||
printf(" -n = Do no use SSL\n");
|
printf(" -n = Do no use SSL\n");
|
||||||
printf
|
printf
|
||||||
(" -u = (DEPRECATED) Make timeouts return UNKNOWN instead of CRITICAL\n");
|
(" -u = Make connection problems return UNKNOWN instead of CRITICAL\n");
|
||||||
printf(" -V = Show version\n");
|
printf(" -V = Show version\n");
|
||||||
printf(" -l = Show license\n");
|
printf(" -l = Show license\n");
|
||||||
printf(" <dhopt> = Anonymous Diffie Hellman use:\n");
|
printf(" <dhopt> = Anonymous Diffie Hellman use:\n");
|
||||||
@ -665,10 +686,14 @@ void usage(int result)
|
|||||||
printf(" 2 = Force Anonymous Diffie Hellman\n");
|
printf(" 2 = Force Anonymous Diffie Hellman\n");
|
||||||
printf(" <size> = Specify non-default payload size for NSClient++\n");
|
printf(" <size> = Specify non-default payload size for NSClient++\n");
|
||||||
printf
|
printf
|
||||||
(" <ssl ver> = The SSL/TLS version to use. Can be any one of: SSLv2 (only),\n");
|
(" <ssl ver> = The SSL/TLS version to use. Can be any one of:\n");
|
||||||
printf(" SSLv2+ (or above), SSLv3 (only), SSLv3+ (or above),\n");
|
#if OPENSSL_VERSION_NUMBER < 0x10100000
|
||||||
printf(" TLSv1 (only), TLSv1+ (or above DEFAULT), TLSv1.1 (only),\n");
|
printf(" SSLv2 (only), SSLv2+ (or above),\n");
|
||||||
printf(" TLSv1.1+ (or above), TLSv1.2 (only), TLSv1.2+ (or above)\n");
|
#endif /* OPENSSL_VERSION_NUMBER < 0x10100000 */
|
||||||
|
printf(" SSLv3 (only), SSLv3+ (or above),\n");
|
||||||
|
printf(" TLSv1 (only), TLSv1+ (or above DEFAULT),\n");
|
||||||
|
printf(" TLSv1.1 (only), TLSv1.1+ (or above),\n");
|
||||||
|
printf(" TLSv1.2 (only), TLSv1.2+ (or above)\n");
|
||||||
printf(" <cipherlist> = The list of SSL ciphers to use (currently defaults\n");
|
printf(" <cipherlist> = The list of SSL ciphers to use (currently defaults\n");
|
||||||
printf
|
printf
|
||||||
(" to \"ALL:!MD5:@STRENGTH\". WILL change in a future release.)\n");
|
(" to \"ALL:!MD5:@STRENGTH\". WILL change in a future release.)\n");
|
||||||
@ -678,6 +703,7 @@ void usage(int result)
|
|||||||
printf(" <logopts> = SSL Logging Options\n");
|
printf(" <logopts> = SSL Logging Options\n");
|
||||||
printf(" <bindaddr> = bind to local address\n");
|
printf(" <bindaddr> = bind to local address\n");
|
||||||
printf(" <cfg-file> = configuration file to use\n");
|
printf(" <cfg-file> = configuration file to use\n");
|
||||||
|
printf(" <log-file> = full path to the log file to write to\n");
|
||||||
printf(" [port] = The port on which the daemon is running (default=%d)\n",
|
printf(" [port] = The port on which the daemon is running (default=%d)\n",
|
||||||
DEFAULT_SERVER_PORT);
|
DEFAULT_SERVER_PORT);
|
||||||
printf(" [command] = The name of the command that the remote daemon should run\n");
|
printf(" [command] = The name of the command that the remote daemon should run\n");
|
||||||
@ -717,25 +743,26 @@ void usage(int result)
|
|||||||
void setup_ssl()
|
void setup_ssl()
|
||||||
{
|
{
|
||||||
#ifdef HAVE_SSL
|
#ifdef HAVE_SSL
|
||||||
int vrfy;
|
int vrfy, x;
|
||||||
|
|
||||||
if (sslprm.log_opts & SSL_LogStartup) {
|
if (sslprm.log_opts & SSL_LogStartup) {
|
||||||
char *val;
|
char *val;
|
||||||
|
|
||||||
syslog(LOG_INFO, "SSL Certificate File: %s",
|
logit(LOG_INFO, "SSL Certificate File: %s",
|
||||||
sslprm.cert_file ? sslprm.cert_file : "None");
|
sslprm.cert_file ? sslprm.cert_file : "None");
|
||||||
syslog(LOG_INFO, "SSL Private Key File: %s",
|
logit(LOG_INFO, "SSL Private Key File: %s",
|
||||||
sslprm.privatekey_file ? sslprm.privatekey_file : "None");
|
sslprm.privatekey_file ? sslprm.privatekey_file : "None");
|
||||||
syslog(LOG_INFO, "SSL CA Certificate File: %s",
|
logit(LOG_INFO, "SSL CA Certificate File: %s",
|
||||||
sslprm.cacert_file ? sslprm.cacert_file : "None");
|
sslprm.cacert_file ? sslprm.cacert_file : "None");
|
||||||
if (sslprm.allowDH < 2)
|
if (sslprm.allowDH < 2)
|
||||||
syslog(LOG_INFO, "SSL Cipher List: %s", sslprm.cipher_list);
|
logit(LOG_INFO, "SSL Cipher List: %s", sslprm.cipher_list);
|
||||||
else
|
else
|
||||||
syslog(LOG_INFO, "SSL Cipher List: ADH");
|
logit(LOG_INFO, "SSL Cipher List: ADH");
|
||||||
syslog(LOG_INFO, "SSL Allow ADH: %s",
|
logit(LOG_INFO, "SSL Allow ADH: %s",
|
||||||
sslprm.allowDH == 0 ? "No" : (sslprm.allowDH == 1 ? "Allow" : "Require"));
|
sslprm.allowDH == 0 ? "No" : (sslprm.allowDH == 1 ? "Allow" : "Require"));
|
||||||
syslog(LOG_INFO, "SSL Log Options: 0x%02x", sslprm.log_opts);
|
logit(LOG_INFO, "SSL Log Options: 0x%02x", sslprm.log_opts);
|
||||||
switch (sslprm.ssl_min_ver) {
|
|
||||||
|
switch (sslprm.ssl_proto_ver) {
|
||||||
case SSLv2:
|
case SSLv2:
|
||||||
val = "SSLv2";
|
val = "SSLv2";
|
||||||
break;
|
break;
|
||||||
@ -770,56 +797,125 @@ void setup_ssl()
|
|||||||
val = "INVALID VALUE!";
|
val = "INVALID VALUE!";
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
syslog(LOG_INFO, "SSL Version: %s", val);
|
logit(LOG_INFO, "SSL Version: %s", val);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* initialize SSL */
|
/* initialize SSL */
|
||||||
if (use_ssl == TRUE) {
|
if (use_ssl == TRUE) {
|
||||||
SSL_load_error_strings();
|
SSL_load_error_strings();
|
||||||
SSL_library_init();
|
SSL_library_init();
|
||||||
|
|
||||||
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||||
|
|
||||||
|
meth = TLS_method();
|
||||||
|
|
||||||
|
#else /* OPENSSL_VERSION_NUMBER >= 0x10100000 */
|
||||||
|
|
||||||
meth = SSLv23_client_method();
|
meth = SSLv23_client_method();
|
||||||
|
|
||||||
# ifndef OPENSSL_NO_SSL2
|
# ifndef OPENSSL_NO_SSL2
|
||||||
if (sslprm.ssl_min_ver == SSLv2)
|
if (sslprm.ssl_proto_ver == SSLv2)
|
||||||
meth = SSLv2_client_method();
|
meth = SSLv2_client_method();
|
||||||
# endif
|
# endif
|
||||||
# ifndef OPENSSL_NO_SSL3
|
# ifndef OPENSSL_NO_SSL3
|
||||||
if (sslprm.ssl_min_ver == SSLv3)
|
if (sslprm.ssl_proto_ver == SSLv3)
|
||||||
meth = SSLv3_client_method();
|
meth = SSLv3_client_method();
|
||||||
# endif
|
# endif
|
||||||
if (sslprm.ssl_min_ver == TLSv1)
|
if (sslprm.ssl_proto_ver == TLSv1)
|
||||||
meth = TLSv1_client_method();
|
meth = TLSv1_client_method();
|
||||||
# ifdef SSL_TXT_TLSV1_1
|
# ifdef SSL_TXT_TLSV1_1
|
||||||
if (sslprm.ssl_min_ver == TLSv1_1)
|
if (sslprm.ssl_proto_ver == TLSv1_1)
|
||||||
meth = TLSv1_1_client_method();
|
meth = TLSv1_1_client_method();
|
||||||
# ifdef SSL_TXT_TLSV1_2
|
# ifdef SSL_TXT_TLSV1_2
|
||||||
if (sslprm.ssl_min_ver == TLSv1_2)
|
if (sslprm.ssl_proto_ver == TLSv1_2)
|
||||||
meth = TLSv1_2_client_method();
|
meth = TLSv1_2_client_method();
|
||||||
# endif
|
# endif /* ifdef SSL_TXT_TLSV1_2 */
|
||||||
# endif
|
# endif /* ifdef SSL_TXT_TLSV1_1 */
|
||||||
|
|
||||||
|
#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000 */
|
||||||
|
|
||||||
if ((ctx = SSL_CTX_new(meth)) == NULL) {
|
if ((ctx = SSL_CTX_new(meth)) == NULL) {
|
||||||
printf("CHECK_NRPE: Error - could not create SSL context.\n");
|
printf("CHECK_NRPE: Error - could not create SSL context.\n");
|
||||||
exit(STATE_CRITICAL);
|
exit(STATE_CRITICAL);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sslprm.ssl_min_ver >= SSLv3) {
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000
|
||||||
ssl_opts |= SSL_OP_NO_SSLv2;
|
|
||||||
if (sslprm.ssl_min_ver >= TLSv1)
|
SSL_CTX_set_max_proto_version(ctx, 0);
|
||||||
ssl_opts |= SSL_OP_NO_SSLv3;
|
|
||||||
|
switch(sslprm.ssl_proto_ver) {
|
||||||
|
|
||||||
|
case TLSv1_2:
|
||||||
|
SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION);
|
||||||
|
case TLSv1_2_plus:
|
||||||
|
SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSv1_1:
|
||||||
|
SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION);
|
||||||
|
case TLSv1_1_plus:
|
||||||
|
SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case TLSv1:
|
||||||
|
SSL_CTX_set_max_proto_version(ctx, TLS1_VERSION);
|
||||||
|
case TLSv1_plus:
|
||||||
|
SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case SSLv3:
|
||||||
|
SSL_CTX_set_max_proto_version(ctx, SSL3_VERSION);
|
||||||
|
case SSLv3_plus:
|
||||||
|
SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION);
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#else /* OPENSSL_VERSION_NUMBER >= 0x10100000 */
|
||||||
|
|
||||||
|
switch(sslprm.ssl_proto_ver) {
|
||||||
|
case SSLv2:
|
||||||
|
case SSLv2_plus:
|
||||||
|
break;
|
||||||
|
case TLSv1_2:
|
||||||
|
case TLSv1_2_plus:
|
||||||
|
#ifdef SSL_OP_NO_TLSv1_1
|
||||||
|
ssl_opts |= SSL_OP_NO_TLSv1_1;
|
||||||
|
#endif
|
||||||
|
case TLSv1_1:
|
||||||
|
case TLSv1_1_plus:
|
||||||
|
ssl_opts |= SSL_OP_NO_TLSv1;
|
||||||
|
case TLSv1:
|
||||||
|
case TLSv1_plus:
|
||||||
|
ssl_opts |= SSL_OP_NO_SSLv3;
|
||||||
|
case SSLv3:
|
||||||
|
case SSLv3_plus:
|
||||||
|
ssl_opts |= SSL_OP_NO_SSLv2;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif /* OPENSSL_VERSION_NUMBER >= 0x10100000 */
|
||||||
|
|
||||||
SSL_CTX_set_options(ctx, ssl_opts);
|
SSL_CTX_set_options(ctx, ssl_opts);
|
||||||
|
|
||||||
if (sslprm.cert_file != NULL && sslprm.privatekey_file != NULL) {
|
if (sslprm.cert_file != NULL && sslprm.privatekey_file != NULL) {
|
||||||
if (!SSL_CTX_use_certificate_file(ctx, sslprm.cert_file, SSL_FILETYPE_PEM)) {
|
if (!SSL_CTX_use_certificate_file(ctx, sslprm.cert_file, SSL_FILETYPE_PEM)) {
|
||||||
SSL_CTX_free(ctx);
|
|
||||||
printf("Error: could not use certificate file '%s'.\n", sslprm.cert_file);
|
printf("Error: could not use certificate file '%s'.\n", sslprm.cert_file);
|
||||||
|
while ((x = ERR_get_error_line_data(NULL, NULL, NULL, NULL)) != 0) {
|
||||||
|
printf("Error: could not use certificate file '%s': %s\n",
|
||||||
|
sslprm.cert_file, ERR_reason_error_string(x));
|
||||||
|
}
|
||||||
|
SSL_CTX_free(ctx);
|
||||||
exit(STATE_CRITICAL);
|
exit(STATE_CRITICAL);
|
||||||
}
|
}
|
||||||
if (!SSL_CTX_use_PrivateKey_file(ctx, sslprm.privatekey_file, SSL_FILETYPE_PEM)) {
|
if (!SSL_CTX_use_PrivateKey_file(ctx, sslprm.privatekey_file, SSL_FILETYPE_PEM)) {
|
||||||
SSL_CTX_free(ctx);
|
SSL_CTX_free(ctx);
|
||||||
printf("Error: could not use private key file '%s'.\n",
|
printf("Error: could not use private key file '%s'.\n",
|
||||||
sslprm.privatekey_file);
|
sslprm.privatekey_file);
|
||||||
|
while ((x = ERR_get_error_line_data(NULL, NULL, NULL, NULL)) != 0) {
|
||||||
|
printf("Error: could not use private key file '%s': %s\n",
|
||||||
|
sslprm.privatekey_file, ERR_reason_error_string(x));
|
||||||
|
}
|
||||||
|
SSL_CTX_free(ctx);
|
||||||
exit(STATE_CRITICAL);
|
exit(STATE_CRITICAL);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -828,8 +924,12 @@ void setup_ssl()
|
|||||||
vrfy = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
|
vrfy = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
|
||||||
SSL_CTX_set_verify(ctx, vrfy, verify_callback);
|
SSL_CTX_set_verify(ctx, vrfy, verify_callback);
|
||||||
if (!SSL_CTX_load_verify_locations(ctx, sslprm.cacert_file, NULL)) {
|
if (!SSL_CTX_load_verify_locations(ctx, sslprm.cacert_file, NULL)) {
|
||||||
SSL_CTX_free(ctx);
|
|
||||||
printf("Error: could not use CA certificate '%s'.\n", sslprm.cacert_file);
|
printf("Error: could not use CA certificate '%s'.\n", sslprm.cacert_file);
|
||||||
|
while ((x = ERR_get_error_line_data(NULL, NULL, NULL, NULL)) != 0) {
|
||||||
|
printf("Error: could not use CA certificate '%s': %s\n",
|
||||||
|
sslprm.privatekey_file, ERR_reason_error_string(x));
|
||||||
|
}
|
||||||
|
SSL_CTX_free(ctx);
|
||||||
exit(STATE_CRITICAL);
|
exit(STATE_CRITICAL);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -838,7 +938,7 @@ void setup_ssl()
|
|||||||
if (strlen(sslprm.cipher_list) < sizeof(sslprm.cipher_list) - 6) {
|
if (strlen(sslprm.cipher_list) < sizeof(sslprm.cipher_list) - 6) {
|
||||||
strcat(sslprm.cipher_list, ":!ADH");
|
strcat(sslprm.cipher_list, ":!ADH");
|
||||||
if (sslprm.log_opts & SSL_LogStartup)
|
if (sslprm.log_opts & SSL_LogStartup)
|
||||||
syslog(LOG_INFO, "New SSL Cipher List: %s", sslprm.cipher_list);
|
logit(LOG_INFO, "New SSL Cipher List: %s", sslprm.cipher_list);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
/* use anonymous DH ciphers */
|
/* use anonymous DH ciphers */
|
||||||
@ -847,15 +947,19 @@ void setup_ssl()
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (SSL_CTX_set_cipher_list(ctx, sslprm.cipher_list) == 0) {
|
if (SSL_CTX_set_cipher_list(ctx, sslprm.cipher_list) == 0) {
|
||||||
SSL_CTX_free(ctx);
|
|
||||||
printf("Error: Could not set SSL/TLS cipher list: %s\n", sslprm.cipher_list);
|
printf("Error: Could not set SSL/TLS cipher list: %s\n", sslprm.cipher_list);
|
||||||
|
while ((x = ERR_get_error_line_data(NULL, NULL, NULL, NULL)) != 0) {
|
||||||
|
printf("Could not set SSL/TLS cipher list '%s': %s\n",
|
||||||
|
sslprm.cipher_list, ERR_reason_error_string(x));
|
||||||
|
}
|
||||||
|
SSL_CTX_free(ctx);
|
||||||
exit(STATE_CRITICAL);
|
exit(STATE_CRITICAL);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
void set_sig_hadlers()
|
void set_sig_handlers()
|
||||||
{
|
{
|
||||||
#ifdef HAVE_SIGACTION
|
#ifdef HAVE_SIGACTION
|
||||||
struct sigaction sig_action;
|
struct sigaction sig_action;
|
||||||
@ -880,12 +984,12 @@ int connect_to_remote()
|
|||||||
struct sockaddr addr;
|
struct sockaddr addr;
|
||||||
struct in_addr *inaddr;
|
struct in_addr *inaddr;
|
||||||
socklen_t addrlen;
|
socklen_t addrlen;
|
||||||
int result, rc, ssl_err, ern;
|
int result, rc, ssl_err, ern, x, nerrs = 0;
|
||||||
|
|
||||||
/* try to connect to the host at the given port number */
|
/* try to connect to the host at the given port number */
|
||||||
if ((sd =
|
if ((sd =
|
||||||
my_connect(server_name, &hostaddr, server_port, address_family, bind_address)) < 0)
|
my_connect(server_name, &hostaddr, server_port, address_family, bind_address)) < 0)
|
||||||
exit(STATE_CRITICAL);
|
exit(timeout_return_code);
|
||||||
|
|
||||||
result = STATE_OK;
|
result = STATE_OK;
|
||||||
addrlen = sizeof(addr);
|
addrlen = sizeof(addr);
|
||||||
@ -901,7 +1005,7 @@ int connect_to_remote()
|
|||||||
strncpy(rem_host, "Unknown", sizeof(rem_host));
|
strncpy(rem_host, "Unknown", sizeof(rem_host));
|
||||||
rem_host[MAX_HOST_ADDRESS_LENGTH - 1] = '\0';
|
rem_host[MAX_HOST_ADDRESS_LENGTH - 1] = '\0';
|
||||||
if ((sslprm.log_opts & SSL_LogIpAddr) != 0)
|
if ((sslprm.log_opts & SSL_LogIpAddr) != 0)
|
||||||
syslog(LOG_DEBUG, "Connected to %s", rem_host);
|
logit(LOG_DEBUG, "Connected to %s", rem_host);
|
||||||
|
|
||||||
#ifdef HAVE_SSL
|
#ifdef HAVE_SSL
|
||||||
if (use_ssl == FALSE)
|
if (use_ssl == FALSE)
|
||||||
@ -919,20 +1023,26 @@ int connect_to_remote()
|
|||||||
ssl_err = SSL_get_error(ssl, rc);
|
ssl_err = SSL_get_error(ssl, rc);
|
||||||
|
|
||||||
if (sslprm.log_opts & (SSL_LogCertDetails | SSL_LogIfClientCert)) {
|
if (sslprm.log_opts & (SSL_LogCertDetails | SSL_LogIfClientCert)) {
|
||||||
int x, nerrs = 0;
|
|
||||||
rc = 0;
|
rc = 0;
|
||||||
while ((x = ERR_get_error_line_data(NULL, NULL, NULL, NULL)) != 0) {
|
while ((x = ERR_get_error_line_data(NULL, NULL, NULL, NULL)) != 0) {
|
||||||
syslog(LOG_ERR, "Error: Could not complete SSL handshake with %s: %s",
|
logit(LOG_ERR, "Error: Could not complete SSL handshake with %s: %s",
|
||||||
rem_host, ERR_reason_error_string(x));
|
rem_host, ERR_reason_error_string(x));
|
||||||
++nerrs;
|
++nerrs;
|
||||||
}
|
}
|
||||||
if (nerrs == 0)
|
if (nerrs == 0)
|
||||||
syslog(LOG_ERR, "Error: Could not complete SSL handshake with %s: rc=%d SSL-error=%d",
|
logit(LOG_ERR, "Error: Could not complete SSL handshake with %s: rc=%d SSL-error=%d",
|
||||||
rem_host, rc, ssl_err);
|
rem_host, rc, ssl_err);
|
||||||
|
|
||||||
} else
|
} else {
|
||||||
syslog(LOG_ERR, "Error: Could not complete SSL handshake with %s: rc=%d SSL-error=%d",
|
while ((x = ERR_get_error_line_data(NULL, NULL, NULL, NULL)) != 0) {
|
||||||
rem_host, rc, ssl_err);
|
logit(LOG_ERR, "Error: Could not complete SSL handshake with %s: %s",
|
||||||
|
rem_host, ERR_reason_error_string(x));
|
||||||
|
++nerrs;
|
||||||
|
}
|
||||||
|
if (nerrs == 0)
|
||||||
|
logit(LOG_ERR, "Error: Could not complete SSL handshake with %s: "
|
||||||
|
"rc=%d SSL-error=%d", rem_host, rc, ssl_err);
|
||||||
|
}
|
||||||
|
|
||||||
if (ssl_err == 5) {
|
if (ssl_err == 5) {
|
||||||
/* Often, errno will be zero, so print a generic message here */
|
/* Often, errno will be zero, so print a generic message here */
|
||||||
@ -961,7 +1071,7 @@ int connect_to_remote()
|
|||||||
} else {
|
} else {
|
||||||
|
|
||||||
if (sslprm.log_opts & SSL_LogVersion)
|
if (sslprm.log_opts & SSL_LogVersion)
|
||||||
syslog(LOG_NOTICE, "Remote %s - SSL Version: %s", rem_host, SSL_get_version(ssl));
|
logit(LOG_NOTICE, "Remote %s - SSL Version: %s", rem_host, SSL_get_version(ssl));
|
||||||
|
|
||||||
if (sslprm.log_opts & SSL_LogCipher) {
|
if (sslprm.log_opts & SSL_LogCipher) {
|
||||||
# if (defined(__sun) && defined(SOLARIS_10)) || defined(_AIX) || defined(__hpux)
|
# if (defined(__sun) && defined(SOLARIS_10)) || defined(_AIX) || defined(__hpux)
|
||||||
@ -969,7 +1079,7 @@ int connect_to_remote()
|
|||||||
# else
|
# else
|
||||||
const SSL_CIPHER *c = SSL_get_current_cipher(ssl);
|
const SSL_CIPHER *c = SSL_get_current_cipher(ssl);
|
||||||
# endif
|
# endif
|
||||||
syslog(LOG_NOTICE, "Remote %s - %s, Cipher is %s", rem_host,
|
logit(LOG_NOTICE, "Remote %s - %s, Cipher is %s", rem_host,
|
||||||
SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
|
SSL_CIPHER_get_version(c), SSL_CIPHER_get_name(c));
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -979,16 +1089,17 @@ int connect_to_remote()
|
|||||||
|
|
||||||
if (peer) {
|
if (peer) {
|
||||||
if (sslprm.log_opts & SSL_LogIfClientCert)
|
if (sslprm.log_opts & SSL_LogIfClientCert)
|
||||||
syslog(LOG_NOTICE, "SSL %s has %s certificate",
|
logit(LOG_NOTICE, "SSL %s has %s certificate",
|
||||||
rem_host, peer->valid ? "a valid" : "an invalid");
|
rem_host, SSL_get_verify_result(ssl) ? "a valid" : "an invalid");
|
||||||
if (sslprm.log_opts & SSL_LogCertDetails) {
|
if (sslprm.log_opts & SSL_LogCertDetails) {
|
||||||
syslog(LOG_NOTICE, "SSL %s Cert Name: %s", rem_host, peer->name);
|
X509_NAME_oneline(X509_get_subject_name(peer), buffer, sizeof(buffer));
|
||||||
|
logit(LOG_NOTICE, "SSL %s Cert Name: %s", rem_host, buffer);
|
||||||
X509_NAME_oneline(X509_get_issuer_name(peer), buffer, sizeof(buffer));
|
X509_NAME_oneline(X509_get_issuer_name(peer), buffer, sizeof(buffer));
|
||||||
syslog(LOG_NOTICE, "SSL %s Cert Issuer: %s", rem_host, buffer);
|
logit(LOG_NOTICE, "SSL %s Cert Issuer: %s", rem_host, buffer);
|
||||||
}
|
}
|
||||||
|
|
||||||
} else
|
} else
|
||||||
syslog(LOG_NOTICE, "SSL Did not get certificate from %s", rem_host);
|
logit(LOG_NOTICE, "SSL Did not get certificate from %s", rem_host);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1095,7 +1206,7 @@ int read_response()
|
|||||||
int rc, result;
|
int rc, result;
|
||||||
|
|
||||||
alarm(0);
|
alarm(0);
|
||||||
set_sig_hadlers();
|
set_sig_handlers();
|
||||||
|
|
||||||
#ifdef HAVE_SSL
|
#ifdef HAVE_SSL
|
||||||
rc = read_packet(sd, ssl, &v2_receive_packet, &v3_receive_packet);
|
rc = read_packet(sd, ssl, &v2_receive_packet, &v3_receive_packet);
|
||||||
@ -1240,7 +1351,7 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
|
|||||||
} else
|
} else
|
||||||
buffer_size = pkt_size - common_size;
|
buffer_size = pkt_size - common_size;
|
||||||
if ((*v2_pkt = calloc(1, pkt_size)) == NULL) {
|
if ((*v2_pkt = calloc(1, pkt_size)) == NULL) {
|
||||||
syslog(LOG_ERR, "Error: Could not allocate memory for packet");
|
logit(LOG_ERR, "Error: Could not allocate memory for packet");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
memcpy(*v2_pkt, &packet, common_size);
|
memcpy(*v2_pkt, &packet, common_size);
|
||||||
@ -1266,7 +1377,7 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
|
|||||||
buffer_size = ntohl(buffer_size);
|
buffer_size = ntohl(buffer_size);
|
||||||
pkt_size += buffer_size;
|
pkt_size += buffer_size;
|
||||||
if ((*v3_pkt = calloc(1, pkt_size)) == NULL) {
|
if ((*v3_pkt = calloc(1, pkt_size)) == NULL) {
|
||||||
syslog(LOG_ERR, "Error: Could not allocate memory for packet");
|
logit(LOG_ERR, "Error: Could not allocate memory for packet");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1329,7 +1440,7 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
|
|||||||
} else
|
} else
|
||||||
buffer_size = pkt_size - common_size;
|
buffer_size = pkt_size - common_size;
|
||||||
if ((*v2_pkt = calloc(1, pkt_size)) == NULL) {
|
if ((*v2_pkt = calloc(1, pkt_size)) == NULL) {
|
||||||
syslog(LOG_ERR, "Error: Could not allocate memory for packet");
|
logit(LOG_ERR, "Error: Could not allocate memory for packet");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
memcpy(*v2_pkt, &packet, common_size);
|
memcpy(*v2_pkt, &packet, common_size);
|
||||||
@ -1361,7 +1472,7 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
|
|||||||
buffer_size = ntohl(buffer_size);
|
buffer_size = ntohl(buffer_size);
|
||||||
pkt_size += buffer_size;
|
pkt_size += buffer_size;
|
||||||
if ((*v3_pkt = calloc(1, pkt_size)) == NULL) {
|
if ((*v3_pkt = calloc(1, pkt_size)) == NULL) {
|
||||||
syslog(LOG_ERR, "Error: Could not allocate memory for packet");
|
logit(LOG_ERR, "Error: Could not allocate memory for packet");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1427,11 +1538,11 @@ int verify_callback(int preverify_ok, X509_STORE_CTX * ctx)
|
|||||||
ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
|
ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
|
||||||
|
|
||||||
X509_NAME_oneline(X509_get_subject_name(err_cert), name, 256);
|
X509_NAME_oneline(X509_get_subject_name(err_cert), name, 256);
|
||||||
X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), issuer, 256);
|
X509_NAME_oneline(X509_get_issuer_name(err_cert), issuer, 256);
|
||||||
|
|
||||||
if (!preverify_ok && sslprm.client_certs >= Ask_For_Cert
|
if (!preverify_ok && sslprm.client_certs >= Ask_For_Cert
|
||||||
&& (sslprm.log_opts & SSL_LogCertDetails)) {
|
&& (sslprm.log_opts & SSL_LogCertDetails)) {
|
||||||
syslog(LOG_ERR, "SSL Client has an invalid certificate: %s (issuer=%s) err=%d:%s",
|
logit(LOG_ERR, "SSL Client has an invalid certificate: %s (issuer=%s) err=%d:%s",
|
||||||
name, issuer, err, X509_verify_cert_error_string(err));
|
name, issuer, err, X509_verify_cert_error_string(err));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
528
src/nrpe.c
528
src/nrpe.c
File diff suppressed because it is too large
Load Diff
@ -77,7 +77,7 @@
|
|||||||
* Fix incorrect zpadlen handling in fmtfp.
|
* Fix incorrect zpadlen handling in fmtfp.
|
||||||
* Thanks to Ollie Oldham <ollie.oldham@metro-optix.com> for spotting it.
|
* Thanks to Ollie Oldham <ollie.oldham@metro-optix.com> for spotting it.
|
||||||
* few mods to make it easier to compile the tests.
|
* few mods to make it easier to compile the tests.
|
||||||
* addedd the "Ollie" test to the floating point ones.
|
* added the "Ollie" test to the floating point ones.
|
||||||
*
|
*
|
||||||
* Martin Pool (mbp@samba.org) April 2003
|
* Martin Pool (mbp@samba.org) April 2003
|
||||||
* Remove NO_CONFIG_H so that the test case can be built within a source
|
* Remove NO_CONFIG_H so that the test case can be built within a source
|
||||||
@ -847,7 +847,7 @@ static void fmtint(char *buffer, size_t *currlen, size_t maxlen,
|
|||||||
spadlen = 0;
|
spadlen = 0;
|
||||||
}
|
}
|
||||||
if (flags & DP_F_MINUS)
|
if (flags & DP_F_MINUS)
|
||||||
spadlen = -spadlen; /* Left Justifty */
|
spadlen = -spadlen; /* Left Justify */
|
||||||
|
|
||||||
#ifdef DEBUG_SNPRINTF
|
#ifdef DEBUG_SNPRINTF
|
||||||
printf("zpad: %d, spad: %d, min: %d, max: %d, place: %d\n",
|
printf("zpad: %d, spad: %d, min: %d, max: %d, place: %d\n",
|
||||||
@ -1055,7 +1055,7 @@ static void fmtfp (char *buffer, size_t *currlen, size_t maxlen,
|
|||||||
if (padlen < 0)
|
if (padlen < 0)
|
||||||
padlen = 0;
|
padlen = 0;
|
||||||
if (flags & DP_F_MINUS)
|
if (flags & DP_F_MINUS)
|
||||||
padlen = -padlen; /* Left Justifty */
|
padlen = -padlen; /* Left Justify */
|
||||||
|
|
||||||
if ((flags & DP_F_ZERO) && (padlen > 0)) {
|
if ((flags & DP_F_ZERO) && (padlen > 0)) {
|
||||||
if (signvalue) {
|
if (signvalue) {
|
||||||
|
155
src/utils.c
155
src/utils.c
@ -31,10 +31,17 @@
|
|||||||
|
|
||||||
#include "../include/common.h"
|
#include "../include/common.h"
|
||||||
#include "../include/utils.h"
|
#include "../include/utils.h"
|
||||||
|
#include <stdarg.h>
|
||||||
|
#ifdef HAVE_PATHS_H
|
||||||
|
#include <paths.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifndef HAVE_ASPRINTF
|
#ifndef HAVE_ASPRINTF
|
||||||
extern int asprintf(char **ptr, const char *format, ...);
|
extern int asprintf(char **ptr, const char *format, ...);
|
||||||
#endif
|
#endif
|
||||||
|
#ifndef HAVE_VASPRINTF
|
||||||
|
extern int vasprintf(char **ptr, const char *format, va_list ap);
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifndef NI_MAXSERV
|
#ifndef NI_MAXSERV
|
||||||
# define NI_MAXSERV 32
|
# define NI_MAXSERV 32
|
||||||
@ -48,6 +55,9 @@ extern char **environ;
|
|||||||
|
|
||||||
static unsigned long crc32_table[256];
|
static unsigned long crc32_table[256];
|
||||||
|
|
||||||
|
char *log_file = NULL;
|
||||||
|
FILE *log_fp = NULL;
|
||||||
|
|
||||||
static int my_create_socket(struct addrinfo *ai, const char *bind_address);
|
static int my_create_socket(struct addrinfo *ai, const char *bind_address);
|
||||||
|
|
||||||
|
|
||||||
@ -231,7 +241,7 @@ void add_listen_addr(struct addrinfo **listen_addrs, int address_family, char *a
|
|||||||
hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
|
hints.ai_flags = (addr == NULL) ? AI_PASSIVE : 0;
|
||||||
snprintf(strport, sizeof strport, "%d", port);
|
snprintf(strport, sizeof strport, "%d", port);
|
||||||
if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) {
|
if ((gaierr = getaddrinfo(addr, strport, &hints, &aitop)) != 0) {
|
||||||
syslog(LOG_ERR, "bad addr or host: %s (%s)\n", addr ? addr : "<NULL>",
|
logit(LOG_ERR, "bad addr or host: %s (%s)\n", addr ? addr : "<NULL>",
|
||||||
gai_strerror(gaierr));
|
gai_strerror(gaierr));
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
@ -242,7 +252,7 @@ void add_listen_addr(struct addrinfo **listen_addrs, int address_family, char *a
|
|||||||
|
|
||||||
int clean_environ(const char *keep_env_vars, const char *nrpe_user)
|
int clean_environ(const char *keep_env_vars, const char *nrpe_user)
|
||||||
{
|
{
|
||||||
#ifdef HAVE_PATHS_H
|
#if defined(HAVE_PATHS_H) && defined(_PATH_STDPATH)
|
||||||
static char *path = _PATH_STDPATH;
|
static char *path = _PATH_STDPATH;
|
||||||
#else
|
#else
|
||||||
static char *path = "/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin";
|
static char *path = "/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin";
|
||||||
@ -257,7 +267,7 @@ int clean_environ(const char *keep_env_vars, const char *nrpe_user)
|
|||||||
else
|
else
|
||||||
asprintf(&keep, "NRPE_MULTILINESUPPORT,NRPE_PROGRAMVERSION");
|
asprintf(&keep, "NRPE_MULTILINESUPPORT,NRPE_PROGRAMVERSION");
|
||||||
if (keep == NULL) {
|
if (keep == NULL) {
|
||||||
syslog(LOG_ERR, "Could not sanitize the environment. Aborting!");
|
logit(LOG_ERR, "Could not sanitize the environment. Aborting!");
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -269,7 +279,7 @@ int clean_environ(const char *keep_env_vars, const char *nrpe_user)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ((kept = calloc(keepcnt + 1, sizeof(char *))) == NULL) {
|
if ((kept = calloc(keepcnt + 1, sizeof(char *))) == NULL) {
|
||||||
syslog(LOG_ERR, "Could not sanitize the environment. Aborting!");
|
logit(LOG_ERR, "Could not sanitize the environment. Aborting!");
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
for (i = 0, var = my_strsep(&keep, ","); var != NULL; var = my_strsep(&keep, ","))
|
for (i = 0, var = my_strsep(&keep, ","); var != NULL; var = my_strsep(&keep, ","))
|
||||||
@ -283,7 +293,7 @@ int clean_environ(const char *keep_env_vars, const char *nrpe_user)
|
|||||||
free(keep);
|
free(keep);
|
||||||
free(kept);
|
free(kept);
|
||||||
free(var);
|
free(var);
|
||||||
syslog(LOG_ERR, "Could not sanitize the environment. Aborting!");
|
logit(LOG_ERR, "Could not sanitize the environment. Aborting!");
|
||||||
return ERROR;
|
return ERROR;
|
||||||
}
|
}
|
||||||
if (len >= var_sz) {
|
if (len >= var_sz) {
|
||||||
@ -309,17 +319,24 @@ int clean_environ(const char *keep_env_vars, const char *nrpe_user)
|
|||||||
free(keep);
|
free(keep);
|
||||||
free(kept);
|
free(kept);
|
||||||
|
|
||||||
pw = (struct passwd *)getpwnam(nrpe_user);
|
|
||||||
if (pw == NULL)
|
|
||||||
return OK;
|
|
||||||
|
|
||||||
setenv("PATH", path, 1);
|
setenv("PATH", path, 1);
|
||||||
setenv("IFS", " \t\n", 1);
|
setenv("IFS", " \t\n", 1);
|
||||||
setenv("HOME", pw->pw_dir, 0);
|
|
||||||
setenv("SHELL", pw->pw_shell, 0);
|
|
||||||
setenv("LOGNAME", nrpe_user, 0);
|
setenv("LOGNAME", nrpe_user, 0);
|
||||||
setenv("USER", nrpe_user, 0);
|
setenv("USER", nrpe_user, 0);
|
||||||
|
|
||||||
|
pw = (struct passwd *)getpwnam(nrpe_user);
|
||||||
|
if (pw == NULL) {
|
||||||
|
char *end = NULL;
|
||||||
|
uid_t uid = strtol(nrpe_user, &end, 10);
|
||||||
|
if (uid > 0)
|
||||||
|
pw = (struct passwd *)getpwuid(uid);
|
||||||
|
if (pw == NULL || *end != '\0')
|
||||||
|
return OK;
|
||||||
|
}
|
||||||
|
|
||||||
|
setenv("HOME", pw->pw_dir, 0);
|
||||||
|
setenv("SHELL", pw->pw_shell, 0);
|
||||||
|
|
||||||
return OK;
|
return OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -450,53 +467,87 @@ char *my_strsep(char **stringp, const char *delim)
|
|||||||
return begin;
|
return begin;
|
||||||
}
|
}
|
||||||
|
|
||||||
int b64_decode(unsigned char *encoded)
|
void open_log_file()
|
||||||
{
|
{
|
||||||
static const char *b64 = {
|
int fh;
|
||||||
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
|
int flags = O_RDWR|O_APPEND|O_CREAT;
|
||||||
};
|
struct stat st;
|
||||||
int i, j, l, padding = 0;
|
|
||||||
unsigned char c[4], *outp = encoded;
|
|
||||||
|
|
||||||
union {
|
close_log_file();
|
||||||
unsigned c3;
|
|
||||||
struct {
|
|
||||||
unsigned f1:6;
|
|
||||||
unsigned f2:6;
|
|
||||||
unsigned f3:6;
|
|
||||||
unsigned f4:6;
|
|
||||||
} fields;
|
|
||||||
} enc;
|
|
||||||
|
|
||||||
enc.c3 = 0;
|
if (!log_file)
|
||||||
l = strlen((char *)encoded);
|
return;
|
||||||
for (i = 0; i < l; i += 4) {
|
|
||||||
for (j = 0; j < 4; ++j) {
|
#ifdef O_NOFOLLOW
|
||||||
if (encoded[i + j] == '=') {
|
flags |= O_NOFOLLOW;
|
||||||
c[j] = 0;
|
#endif
|
||||||
++padding;
|
if ((fh = open(log_file, flags, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)) == -1) {
|
||||||
} else if (encoded[i + j] >= 'A' && encoded[i + j] <= 'Z')
|
printf("Warning: Cannot open log file '%s' for writing\n", log_file);
|
||||||
c[j] = encoded[i + j] - 'A';
|
logit(LOG_WARNING, "Warning: Cannot open log file '%s' for writing", log_file);
|
||||||
else if (encoded[i + j] >= 'a' && encoded[i + j] <= 'z')
|
return;
|
||||||
c[j] = encoded[i + j] - 'a' + 26;
|
|
||||||
else if (encoded[i + j] >= '0' && encoded[i + j] <= '9')
|
|
||||||
c[j] = encoded[i + j] - '0' + 52;
|
|
||||||
else if (encoded[i + j] == '+')
|
|
||||||
c[j] = encoded[i + j] - '+' + 62;
|
|
||||||
else
|
|
||||||
c[j] = encoded[i + j] - '/' + 63;
|
|
||||||
}
|
}
|
||||||
enc.fields.f1 = c[3];
|
log_fp = fdopen(fh, "a+");
|
||||||
enc.fields.f2 = c[2];
|
if(log_fp == NULL) {
|
||||||
enc.fields.f3 = c[1];
|
printf("Warning: Cannot open log file '%s' for writing\n", log_file);
|
||||||
enc.fields.f4 = c[0];
|
logit(LOG_WARNING, "Warning: Cannot open log file '%s' for writing", log_file);
|
||||||
*outp++ = (enc.c3 >> 16) & 0xff;
|
return;
|
||||||
*outp++ = (enc.c3 >> 8) & 0xff;
|
|
||||||
*outp++ = (enc.c3) & 0xff;
|
|
||||||
}
|
}
|
||||||
*outp = '\0';
|
|
||||||
|
|
||||||
return outp - encoded - padding;
|
if ((fstat(fh, &st)) == -1) {
|
||||||
|
log_fp = NULL;
|
||||||
|
close(fh);
|
||||||
|
printf("Warning: Cannot fstat log file '%s'\n", log_file);
|
||||||
|
logit(LOG_WARNING, "Warning: Cannot fstat log file '%s'", log_file);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (st.st_nlink != 1 || (st.st_mode & S_IFMT) != S_IFREG) {
|
||||||
|
log_fp = NULL;
|
||||||
|
close(fh);
|
||||||
|
printf("Warning: log file '%s' has an invalid mode\n", log_file);
|
||||||
|
logit(LOG_WARNING, "Warning: log file '%s' has an invalid mode", log_file);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
(void)fcntl(fileno(log_fp), F_SETFD, FD_CLOEXEC);
|
||||||
|
}
|
||||||
|
|
||||||
|
void logit(int priority, const char *format, ...)
|
||||||
|
{
|
||||||
|
time_t log_time = 0L;
|
||||||
|
va_list ap;
|
||||||
|
char *buffer = NULL;
|
||||||
|
|
||||||
|
if (!format || !*format)
|
||||||
|
return;
|
||||||
|
|
||||||
|
va_start(ap, format);
|
||||||
|
if(vasprintf(&buffer, format, ap) > 0) {
|
||||||
|
if (log_fp) {
|
||||||
|
time(&log_time);
|
||||||
|
/* strip any newlines from the end of the buffer */
|
||||||
|
strip(buffer);
|
||||||
|
|
||||||
|
/* write the buffer to the log file */
|
||||||
|
fprintf(log_fp, "[%llu] %s\n", (unsigned long long)log_time, buffer);
|
||||||
|
fflush(log_fp);
|
||||||
|
|
||||||
|
} else
|
||||||
|
syslog(priority, "%s", buffer);
|
||||||
|
|
||||||
|
free(buffer);
|
||||||
|
}
|
||||||
|
va_end(ap);
|
||||||
|
}
|
||||||
|
|
||||||
|
void close_log_file()
|
||||||
|
{
|
||||||
|
if(!log_fp)
|
||||||
|
return;
|
||||||
|
|
||||||
|
fflush(log_fp);
|
||||||
|
fclose(log_fp);
|
||||||
|
log_fp = NULL;
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* show license */
|
/* show license */
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
[Unit]
|
[Unit]
|
||||||
Description=Nagios Remote Program Executor
|
Description=Nagios Remote Plugin Executor
|
||||||
Documentation=http://www.nagios.org/documentation
|
Documentation=http://www.nagios.org/documentation
|
||||||
After=var-run.mount nss-lookup.target network.target local-fs.target time-sync.target
|
After=var-run.mount nss-lookup.target network.target local-fs.target time-sync.target
|
||||||
Before=getty@tty1.service plymouth-quit.service xdm.service
|
Before=getty@tty1.service plymouth-quit.service xdm.service
|
||||||
@ -15,6 +15,7 @@ PIDFile=@piddir@/nrpe.pid
|
|||||||
RuntimeDirectory=nrpe
|
RuntimeDirectory=nrpe
|
||||||
RuntimeDirectoryMode=0755
|
RuntimeDirectoryMode=0755
|
||||||
ExecStart=@sbindir@/nrpe -c @pkgsysconfdir@/nrpe.cfg -f
|
ExecStart=@sbindir@/nrpe -c @pkgsysconfdir@/nrpe.cfg -f
|
||||||
|
ExecReload=/bin/kill -HUP $MAINPID
|
||||||
ExecStopPost=/bin/rm -f @piddir@/nrpe.pid
|
ExecStopPost=/bin/rm -f @piddir@/nrpe.pid
|
||||||
TimeoutStopSec=60
|
TimeoutStopSec=60
|
||||||
User=@nrpe_user@
|
User=@nrpe_user@
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
[Unit]
|
[Unit]
|
||||||
Description=Nagios Remote Program Executor
|
Description=Nagios Remote Plugin Executor
|
||||||
Documentation=http://www.nagios.org/documentation
|
Documentation=http://www.nagios.org/documentation
|
||||||
After=var-run.mount nss-lookup.target network.target local-fs.target time-sync.target
|
After=var-run.mount nss-lookup.target network.target local-fs.target time-sync.target
|
||||||
|
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
[Unit]
|
[Unit]
|
||||||
Description=Nagios Remote Program Executor
|
Description=Nagios Remote Plugin Executor
|
||||||
Documentation=http://www.nagios.org/documentation
|
Documentation=http://www.nagios.org/documentation
|
||||||
Before=nrpe.service
|
Before=nrpe.service
|
||||||
Conflicts=nrpe.service
|
Conflicts=nrpe.service
|
||||||
|
@ -11,5 +11,5 @@ service nrpe
|
|||||||
server = @sbindir@/nrpe
|
server = @sbindir@/nrpe
|
||||||
server_args = -c @pkgsysconfdir@/nrpe.cfg --inetd
|
server_args = -c @pkgsysconfdir@/nrpe.cfg --inetd
|
||||||
only_from = 127.0.0.1
|
only_from = 127.0.0.1
|
||||||
log_on_failure += USERID
|
log_on_success =
|
||||||
}
|
}
|
||||||
|
@ -20,18 +20,18 @@ fi
|
|||||||
|
|
||||||
# Get date (two formats)
|
# Get date (two formats)
|
||||||
if [ -n "$2" ]; then
|
if [ -n "$2" ]; then
|
||||||
LONGDATE=`date -d "$2" "+%B %d, %Y"`
|
LONGDATE=$(LC_ALL=C date -u -d "$2" "+%B %d, %Y")
|
||||||
SHORTDATE=`date -d "$2" "+%m-%d-%Y"`
|
SHORTDATE=$(date -u -d "$2" "+%Y-%m-%d")
|
||||||
else
|
else
|
||||||
LONGDATE=`date "+%B %d, %Y"`
|
LONGDATE=$(LC_ALL=C date -u -d "@${SOURCE_DATE_EPOCH:-$(date +%s)}" "+%B %d, %Y")
|
||||||
SHORTDATE=`date "+%m-%d-%Y"`
|
SHORTDATE=$(date -u -d "@${SOURCE_DATE_EPOCH:-$(date +%s)}" "+%Y-%m-%d")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Current version number
|
# Current version number
|
||||||
CURRENTVERSION=3.0.1
|
CURRENTVERSION=3.1.1
|
||||||
|
|
||||||
# Last date
|
# Last date
|
||||||
LASTDATE=09-08-2016
|
LASTDATE=2017-05-24
|
||||||
|
|
||||||
if [ "x$1" = "x" ]
|
if [ "x$1" = "x" ]
|
||||||
then
|
then
|
||||||
@ -73,8 +73,8 @@ perl -i -p -e "s/PKG_REL_DATE=.*\"/PKG_REL_DATE=\"$SHORTDATE\"/;" configure.ac
|
|||||||
autoconf
|
autoconf
|
||||||
|
|
||||||
# Update RPM spec file with version number
|
# Update RPM spec file with version number
|
||||||
perl -i -p -e "s/%define version .*/%define version $1/;" nrpe.spec
|
perl -i -p -e "s/%define version .*/%define version $1/;" nrpe.spec.in
|
||||||
perl -i -p -e "if( /\%define _docdir/) { s/$CURRENTVERSION/$1/; }" nrpe.spec
|
perl -i -p -e "if( /\%define _docdir/) { s/$CURRENTVERSION/$1/; }" nrpe.spec.in
|
||||||
|
|
||||||
# Update this file with version number and last date
|
# Update this file with version number and last date
|
||||||
perl -i -p -e "s/^CURRENTVERSION=.*/CURRENTVERSION=$newversion/;" update-version
|
perl -i -p -e "s/^CURRENTVERSION=.*/CURRENTVERSION=$newversion/;" update-version
|
||||||
|
Loading…
Reference in New Issue
Block a user