Age | Commit message (Collapse) | Author | Files | Lines |
|
REJECT_RC is defined on some radiusclient versions and differenciates
between auth errors and bad responses. This patch will affect only the
behaviour of those clients exporting REJECT_RC.
In addition, unexpected return codes are now handled properly and
return UNKNOWN.
|
|
|
|
| check_radius doesn't seem to provide any way to modify the
| NAS-IP-Address attribute that it uses in the packets it sends, but it
| does so for NAS-Identifier.
|
| Instead, it hardcodes the IP address that it gets from the
| rc_own_ipaddress() library call, and that in turn translates into
| calling gethostbyname() on the result of uname(). This call can easily
| fail, and its result can easily be unsuitable - for example when the
| Nagios instance uses its own virtual host, and you don't want the
| original system hostname leaked to the RADIUS servers you monitor with
| this.
|
| Furthermore, this behaviour is inconsistent with RFC 2865, which
| defines the two attributes as analogous and never suggests hardcoding
| the value of either of them in client software.
Therefore, this commit adds the "-N, --nas-ip-address" option which
allows for specifying the value of the NAS-IP-Address attribute.
| I've also noticed that the original code for NAS-IP-Address hardcoding
| is broken in its error handling - it does "return (ERROR_PC)", which
| is meaningless in the context of check_radius.c. That actually seems
| to be copy&waste from radiusclient-0.3.2/src/radexample.c. :) I fixed
| that.
|
| While debugging, I also took the opportunity to decouple the
| nas-identifier rc_avpair_add() instance from the initial three,
| because this is just bad practice to lump a fourth optional attribute
| into the same block with the required attributes, the error handling
| for which is throwing the same daft message "Out of Memory?"...
[ http://bugs.debian.org/482947 ]
(Contributed by Josip Rodin, forwarded by Jan Wagner.)
|
|
The check_ldap plugin did not allow for specifying an empty LDAP base.
See: http://bugs.debian.org/479984
(Fixed by Stephane Chazelas, forwarded by Jan Wagner.)
|
|
See: http://bugs.debian.org/460097
One instance of this bug has already been fixed in commit
888358122004b9571c8fbdfa52ceee1ba5e5f4f2.
(Fixed by Hilko Bengen, forwarded by Jan Wagner.)
|
|
| Our automated build log filter[1] detected a problem that is likely to
| cause your package to segfault on architectures where the size of a
| pointer is greater than the size of an integer, such as ia64 and
| amd64.
|
| This is often due to a missing function prototype definition. For
| more information, see [2].
|
| Function `ldap_init' implicitly converted to pointer at
| check_ldap.c:124
|
| [1] http://people.debian.org/~dannf/check-implicit-pointer-functions
| [2] http://wiki.debian.org/ImplicitPointerConversions
|
| The libldap API has been updated and many functions used by the ldap
| plugin are now deprecated. This package should either update to the
| new API or define LDAP_DEPRECATED to continue using the deprecated
| interfaces.
|
| This patch implements the lazy solution.
[ http://bugs.debian.org/463322 ]
(Contributed by Dann Frazier, forwarded by Jan Wagner.)
|
|
The usage output of check_game was wrong, see:
http://bugs.debian.org/307905
(Fixed by Sean Finney, forwarded by Jan Wagner.)
|
|
The fix is making SNI an option.
|
|
Rework last patch, copying the converted portion of the string rather
than re-converting it. This is safer for backwards-compatibility as the
value is never modified.
|
|
Bug #1867716 fixed what it meant to fix: broken perfdata strings.
Unfortunately some users relied on half-broken perfdata string where at
least the first token was OK. This patch do a two-way conversion
(string to double then back to string) instead and use the conversion
result for the performance data.
A possible caveat is that the string may change where it normally
shouldn't but the result should be somewhat similar.
|
|
|
|
Add support for checking the number of usable time sources (i.e., the
number of peers which are classified as so-called "truechimers" by NTP's
intersection algorithm). The new "-m" and "-n" options allow for
specifying the according WARNING and CRITICAL thresholds (and thereby
activating the truechimers check), respectively.
|
|
|
|
|
|
|
|
|
|
Bryan Irvine - #2863925)
|
|
|
|
lines so this new test fails on the current head.
Note: check_snmp v1.4.13 with multi-line strings return somewhat v3 output;
it's not exactly what the specs say but it doesn't appears to break them
either. The fix could eventually supports both v2 and v3 output formats.
|
|
#2832451)
|
|
|
|
|
|
Only multi-line string test for now (regression test), counter rollover
tests planed with my snmp_counters_new branch.
NB: 64bit counters are broken in NetSNMP::agent from NetSNMP version 5.4.1
and lower, but might come in handy one day
|
|
|
|
|
|
no snmp community is specified
The checks for invalid/unavailable hosts need a complete command line.
They failed on hosts where no community was specified. Now, an invalid community is used so
the tests can run on hosts w/o snmp host/community in NPTest.cache. Execution will fail anyway.
|
|
|
|
check_pgsql displayed the -v flag in help output, but didn't
accept the verbosity argument. Added -v and basic verbose output.
|
|
(#2347686 - Martin Foster)
Added support for passing timeout and interval length to check_fping.
To protect compatibility, both options use fping's defaults if they
are not specified on the command line.
|
|
This patch makes use of standard threshold functions. This allows using
doubles as thresholds.
Since SNMP supports only integers, double precision numbers are only
printed when parsed from a STRING type.
In addition, support for printing properly Timeticks type has been added,
and the code has been thoroughly cleaned.
|
|
|
|
|
|
check_mrtgtraf used the label "in" for both input and output traffic.
This fixed, now.
|
|
Check_smtp's help showed the -n/--nocommand options to not send an
SMTP command. This usage is covered by check_tcp and is thus not needed
in check_smtp.
|
|
|
|
Presbrey)
|
|
|
|
Signed-off-by: Holger Weiss <holger@zedat.fu-berlin.de>
|
|
|
|
(sf.net #2731755, debian #521097)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
left to default
|