[pkg-nagios-changes] [Git][nagios-team/pkg-nrpe][master] 6 commits: New upstream version 4.0.2
Bas Couwenberg
gitlab at salsa.debian.org
Mon Mar 23 05:21:47 GMT 2020
Bas Couwenberg pushed to branch master at Debian Nagios Maintainer Group / pkg-nrpe
Commits:
e718e494 by Bas Couwenberg at 2020-03-23T06:00:13+01:00
New upstream version 4.0.2
- - - - -
27041c82 by Bas Couwenberg at 2020-03-23T06:00:17+01:00
Update upstream source from tag 'upstream/4.0.2'
Update to upstream version '4.0.2'
with Debian dir 87de992ac959a0526c7846cf2e4befa7bdff5b7a
- - - - -
17ea3755 by Bas Couwenberg at 2020-03-23T06:00:50+01:00
New upstream release.
- - - - -
01e397d3 by Bas Couwenberg at 2020-03-23T06:01:43+01:00
Don't explicitly enable systemd, enabled by default.
- - - - -
4a8bae9a by Bas Couwenberg at 2020-03-23T06:06:26+01:00
Drop check_nrpe-buffer-length.patch, included upstream.
Refresh patches.
- - - - -
bf62d7f7 by Bas Couwenberg at 2020-03-23T06:06:47+01:00
Set distribution to unstable.
- - - - -
15 changed files:
- CHANGELOG.md
- README.md
- configure
- configure.ac
- debian/changelog
- debian/patches/02_nrpe.cfg_local-include_support_nrpe.d.patch
- − debian/patches/check_nrpe-buffer-length.patch
- debian/patches/series
- debian/rules
- include/common.h.in
- nrpe.spec.in
- sample-config/nrpe.cfg.in
- src/check_nrpe.c
- src/nrpe.c
- update-version
Changes:
=====================================
CHANGELOG.md
=====================================
@@ -1,6 +1,17 @@
NRPE Changelog
==============
+[4.0.2](https://github.com/NagiosEnterprises/nrpe/releases/tag/nrpe-4.0.2) - 2020-03-11
+---------------------------------------------------------------------------------------
+**FIXES**
+- Fixed buffer length calculations/writing past memory boundaries on some systems (#227, #228) (Andreas Baumann, hariwe, Sebastian Wolf)
+- Fixed use of uninitialized variable when validating requests (#229) (hariwe, Sebastian Wolf)
+
+[4.0.1](https://github.com/NagiosEnterprises/nrpe/releases/tag/nrpe-4.0.1) - 2020-01-22
+---------------------------------------------------------------------------------------
+**FIXES**
+* Fixed syslog flooding with CRC-checking errors when both plugin and agent were updated to version 4 (Sebastian Wolf)
+
[4.0.0](https://github.com/NagiosEnterprises/nrpe/releases/tag/nrpe-4.0.0) - 2019-01-13
---------------------------------------------------------------------------------------
Note: This update includes security fixes which affect both the check_nrpe plugin and
=====================================
README.md
=====================================
@@ -2,11 +2,12 @@
[](https://travis-ci.org/NagiosEnterprises/nrpe)
-NRPE
-====
-
-## Nagios Remote Plugin Executor
+ 🔴 🔴 🔴
+***Notice: As of NRPE version 4.0.1, this project is deprecated. It will not receive any more bugfixes or features, except to resolve security issues.***
+ 🔴 🔴 🔴
+Nagios Remote Plugin Executor (NRPE)
+====================================
For installation instructions and information on the design overview
of the NRPE addon, please read the PDF documentation that is found in
=====================================
configure
=====================================
@@ -2487,9 +2487,9 @@ ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
PKG_NAME=nrpe
-PKG_VERSION="4.0.0"
+PKG_VERSION="4.0.2"
PKG_HOME_URL="http://www.nagios.org/"
-PKG_REL_DATE="2020-01-15"
+PKG_REL_DATE="2020-03-09"
RPM_RELEASE=1
LANG=C
=====================================
configure.ac
=====================================
@@ -11,9 +11,9 @@ AC_CONFIG_AUX_DIR([build-aux])
AC_PREFIX_DEFAULT(/usr/local/nagios)
PKG_NAME=nrpe
-PKG_VERSION="4.0.0"
+PKG_VERSION="4.0.2"
PKG_HOME_URL="http://www.nagios.org/"
-PKG_REL_DATE="2020-01-15"
+PKG_REL_DATE="2020-03-09"
RPM_RELEASE=1
LANG=C
=====================================
debian/changelog
=====================================
@@ -1,8 +1,12 @@
-nagios-nrpe (4.0.0-3) UNRELEASED; urgency=medium
+nagios-nrpe (4.0.2-1) unstable; urgency=medium
+ * New upstream release.
* Bump Standards-Version to 4.5.0, no changes.
+ * Don't explicitly enable systemd, enabled by default.
+ * Drop check_nrpe-buffer-length.patch, included upstream.
+ * Refresh patches.
- -- Bas Couwenberg <sebastic at debian.org> Sat, 25 Jan 2020 11:24:05 +0100
+ -- Bas Couwenberg <sebastic at debian.org> Mon, 23 Mar 2020 06:06:35 +0100
nagios-nrpe (4.0.0-2) unstable; urgency=medium
=====================================
debian/patches/02_nrpe.cfg_local-include_support_nrpe.d.patch
=====================================
@@ -5,11 +5,10 @@ Forwarded: not-needed
--- a/sample-config/nrpe.cfg.in
+++ b/sample-config/nrpe.cfg.in
-@@ -361,3 +361,16 @@ command[check_total_procs]=@pluginsdir@/
-
+@@ -362,6 +362,19 @@ command[check_total_procs]=@pluginsdir@/
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
-+
+
+
+
+# local configuration:
@@ -22,3 +21,7 @@ Forwarded: not-needed
+
+include_dir=/etc/nagios/nrpe.d/
+
++
+ # KEEP ENVIRONMENT VARIABLES
+ # This directive allows you to retain specific variables from the environment
+ # when starting the NRPE daemon.
=====================================
debian/patches/check_nrpe-buffer-length.patch deleted
=====================================
@@ -1,56 +0,0 @@
-Description: Fix buffer length calculation in check_nrpe.
- - Buffer length was being calculated incorrectly when check_nrpe sends its
- request.
- - There was also a conditional that was missed when printing the final result,
- which would cause a segfault once the buffer length issue was corrected.
-Author: Sebastian Wolf <swolf at nagios.com>
-Origin: https://github.com/NagiosEnterprises/nrpe/pull/225/commits/4529829e0048059dd0514f9cde95d7edaf3c07c8
-Bug: https://github.com/NagiosEnterprises/nrpe/issues/223
-
---- a/CHANGELOG.md
-+++ b/CHANGELOG.md
-@@ -1,6 +1,11 @@
- NRPE Changelog
- ==============
-
-+[4.0.1](https://github.com/NagiosEnterprises/nrpe/releases/tag/nrpe-4.0.1) - 2020-01-22
-+---------------------------------------------------------------------------------------
-+**FIXES**
-+* Fixed syslog flooding with CRC-checking errors when both plugin and agent were updated to version 4 (Sebastian Wolf)
-+
- [4.0.0](https://github.com/NagiosEnterprises/nrpe/releases/tag/nrpe-4.0.0) - 2019-01-13
- ---------------------------------------------------------------------------------------
- Note: This update includes security fixes which affect both the check_nrpe plugin and
---- a/src/check_nrpe.c
-+++ b/src/check_nrpe.c
-@@ -1230,7 +1230,9 @@ int send_request()
- v3_send_packet->packet_version = htons(packet_ver);
- v3_send_packet->packet_type = htons(QUERY_PACKET);
- v3_send_packet->alignment = 0;
-- v3_send_packet->buffer_length = htonl(pkt_size - sizeof(v3_packet) + 1);
-+ v3_send_packet->buffer_length = pkt_size - sizeof(v3_packet);
-+ v3_send_packet->buffer_length += (packet_ver == NRPE_PACKET_VERSION_4 ? NRPE_V4_PACKET_SIZE_OFFSET : NRPE_V3_PACKET_SIZE_OFFSET);
-+ v3_send_packet->buffer_length = htonl(v3_send_packet->buffer_length);
- strcpy(&v3_send_packet->buffer[0], query);
-
- /* calculate the crc 32 value of the packet */
-@@ -1373,7 +1375,7 @@ int read_response()
-
- /* get the return code from the remote plugin */
- /* and print the output returned by the daemon */
-- if (packet_ver == NRPE_PACKET_VERSION_3) {
-+ if (packet_ver >= NRPE_PACKET_VERSION_3) {
- result = ntohs(v3_receive_packet->result_code);
- if (v3_receive_packet->buffer_length == 0) {
- printf("CHECK_NRPE: No output returned from daemon.\n");
-@@ -1612,8 +1614,9 @@ int read_packet(int sock, void *ssl_ptr,
- }
- }
- return -1;
-- } else
-+ } else {
- tot_bytes += rc;
-+ }
- }
- #endif
-
=====================================
debian/patches/series
=====================================
@@ -1,4 +1,3 @@
02_nrpe.cfg_local-include_support_nrpe.d.patch
07_warn_ssloption.patch
11_reproducible_dh.h.patch
-check_nrpe-buffer-length.patch
=====================================
debian/rules
=====================================
@@ -11,7 +11,7 @@ CFLAGS += $(CPPFLAGS)
export AUTOHEADER=true
%:
- dh $@ --with systemd
+ dh $@
override_dh_auto_configure:
dh_auto_configure -- \
=====================================
include/common.h.in
=====================================
@@ -37,8 +37,8 @@
# endif
#endif
-#define PROGRAM_VERSION "4.0.0"
-#define MODIFICATION_DATE "2020-01-15"
+#define PROGRAM_VERSION "4.0.2"
+#define MODIFICATION_DATE "2020-03-09"
#define OK 0
#define ERROR -1
=====================================
nrpe.spec.in
=====================================
@@ -22,7 +22,7 @@
%define _sysconfdir /etc/nagios
%define name @PACKAGE_NAME@
-%define version 4.0.0
+%define version 4.0.2
%define release @RPM_RELEASE@
%define nsusr @nrpe_user@
%define nsgrp @nrpe_group@
=====================================
sample-config/nrpe.cfg.in
=====================================
@@ -361,3 +361,9 @@ command[check_total_procs]=@pluginsdir@/check_procs -w 150 -c 200
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
+
+# KEEP ENVIRONMENT VARIABLES
+# This directive allows you to retain specific variables from the environment
+# when starting the NRPE daemon.
+
+#keep_env_vars=NRPE_MULTILINESUPPORT,NRPE_PROGRAMVERSION
=====================================
src/check_nrpe.c
=====================================
@@ -1230,7 +1230,9 @@ int send_request()
v3_send_packet->packet_version = htons(packet_ver);
v3_send_packet->packet_type = htons(QUERY_PACKET);
v3_send_packet->alignment = 0;
- v3_send_packet->buffer_length = htonl(pkt_size - sizeof(v3_packet) + 1);
+ v3_send_packet->buffer_length = pkt_size - sizeof(v3_packet);
+ v3_send_packet->buffer_length += (packet_ver == NRPE_PACKET_VERSION_4 ? NRPE_V4_PACKET_SIZE_OFFSET : NRPE_V3_PACKET_SIZE_OFFSET);
+ v3_send_packet->buffer_length = htonl(v3_send_packet->buffer_length);
strcpy(&v3_send_packet->buffer[0], query);
/* calculate the crc 32 value of the packet */
@@ -1373,7 +1375,7 @@ int read_response()
/* get the return code from the remote plugin */
/* and print the output returned by the daemon */
- if (packet_ver == NRPE_PACKET_VERSION_3) {
+ if (packet_ver >= NRPE_PACKET_VERSION_3) {
result = ntohs(v3_receive_packet->result_code);
if (v3_receive_packet->buffer_length == 0) {
printf("CHECK_NRPE: No output returned from daemon.\n");
@@ -1592,10 +1594,9 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
break;
bytes_read += rc;
bytes_to_recv -= rc;
+ tot_bytes += rc;
}
- buff_ptr[bytes_read] = 0;
-
if (rc < 0 || bytes_read != buffer_size) {
if (packet_ver >= NRPE_PACKET_VERSION_3) {
free(*v3_pkt);
@@ -1612,8 +1613,7 @@ int read_packet(int sock, void *ssl_ptr, v2_packet ** v2_pkt, v3_packet ** v3_pk
}
}
return -1;
- } else
- tot_bytes += rc;
+ }
}
#endif
=====================================
src/nrpe.c
=====================================
@@ -1912,9 +1912,9 @@ void handle_connection(int sock)
} else {
- pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + strlen(send_buff);
+ pkt_size = (sizeof(v3_packet) - NRPE_V4_PACKET_SIZE_OFFSET) + strlen(send_buff) + 1;
if (packet_ver == NRPE_PACKET_VERSION_3) {
- pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + strlen(send_buff);
+ pkt_size = (sizeof(v3_packet) - NRPE_V3_PACKET_SIZE_OFFSET) + strlen(send_buff) + 1;
}
v3_send_packet = calloc(1, pkt_size);
send_pkt = (char *)v3_send_packet;
@@ -1923,7 +1923,7 @@ void handle_connection(int sock)
v3_send_packet->packet_type = htons(RESPONSE_PACKET);
v3_send_packet->result_code = htons(result);
v3_send_packet->alignment = 0;
- v3_send_packet->buffer_length = htonl(strlen(send_buff));
+ v3_send_packet->buffer_length = htonl(strlen(send_buff) + 1);
strcpy(&v3_send_packet->buffer[0], send_buff);
/* calculate the crc 32 value of the packet */
@@ -2748,10 +2748,6 @@ int validate_request(v2_packet * v2pkt, v3_packet * v3pkt)
if (packet_ver >= NRPE_PACKET_VERSION_3) {
buffer_size = ntohl(v3pkt->buffer_length);
- if (buffer_size < 0 || buffer_size > INT_MAX - pkt_size) {
- logit(LOG_ERR, "Error: Request packet had invalid buffer size.");
- return ERROR;
- }
pkt_size = sizeof(v3_packet);
pkt_size -= (packet_ver == NRPE_PACKET_VERSION_3 ? NRPE_V3_PACKET_SIZE_OFFSET : NRPE_V4_PACKET_SIZE_OFFSET);
=====================================
update-version
=====================================
@@ -28,10 +28,10 @@ else
fi
# Current version number
-CURRENTVERSION=4.0.0
+CURRENTVERSION=4.0.2
# Last date
-LASTDATE=2020-01-15
+LASTDATE=2020-03-09
if [ "x$1" = "x" ]
then
View it on GitLab: https://salsa.debian.org/nagios-team/pkg-nrpe/-/compare/1bd11862474452b9da3be1eebf2d7358d251de4a...bf62d7f77360250259ddfa10e1e4e0717c99c29a
--
View it on GitLab: https://salsa.debian.org/nagios-team/pkg-nrpe/-/compare/1bd11862474452b9da3be1eebf2d7358d251de4a...bf62d7f77360250259ddfa10e1e4e0717c99c29a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-nagios-changes/attachments/20200323/e03bbeb2/attachment-0001.html>
More information about the pkg-nagios-changes
mailing list