summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--include/acl.h73
-rw-r--r--include/common.h.in119
-rw-r--r--include/config.h.in354
-rw-r--r--include/nrpe.h71
-rw-r--r--include/utils.h54
5 files changed, 671 insertions, 0 deletions
diff --git a/include/acl.h b/include/acl.h
new file mode 100644
index 0000000..9a661f6
--- /dev/null
+++ b/include/acl.h
@@ -0,0 +1,73 @@
+/****************************************************************************
+ *
+ * acl.h - header file for acl.c
+ *
+ * License: GPLv2
+ * Copyright (c) 2011 Kaspersky Lab ZAO
+ *
+ * License Notice:
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ ****************************************************************************/
+
+#ifndef ACL_H_INCLUDED
+#define ACL_H_INCLUDED 1
+
+#include <sys/types.h>
+#include <sys/socket.h>
+
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <netdb.h>
+#include <syslog.h>
+#include <stdarg.h>
+
+#define CHAR_TO_NUMBER(c) ((c) - '0')
+
+struct ip_acl {
+ int family;
+ struct in_addr addr;
+ struct in_addr mask;
+ struct in6_addr addr6;
+ struct in6_addr mask6;
+ struct ip_acl *next;
+};
+
+struct dns_acl {
+ char domain[255];
+ struct dns_acl *next;
+};
+
+/* Pointers to head ACL structs */
+static struct ip_acl *ip_acl_head, *ip_acl_prev;
+static struct dns_acl *dns_acl_head, *dns_acl_prev;
+
+/* Functions */
+void parse_allowed_hosts(char *allowed_hosts);
+int add_ipv4_to_acl(char *ipv4);
+int add_ipv6_to_acl(char *ipv6);
+int add_domain_to_acl(char *domain);
+//int is_an_allowed_host(struct in_addr);
+int is_an_allowed_host(int, void *);
+unsigned int prefix_from_mask(struct in_addr mask);
+void show_acl_lists(void);
+
+#endif /* ACL_H_INCLUDED */
diff --git a/include/common.h.in b/include/common.h.in
new file mode 100644
index 0000000..0662083
--- /dev/null
+++ b/include/common.h.in
@@ -0,0 +1,119 @@
+/****************************************************************************
+ *
+ * common.h - NRPE Common header file
+ *
+ * License: GPLv2
+ * Copyright (c) 2006-2017 Nagios Enterprises
+ * 1999-2006 Ethan Galstad (nagios@nagios.org)
+ *
+ * License Notice:
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ ****************************************************************************/
+
+#include "config.h"
+
+#define SSL_TYPE_@SSL_TYPE@
+
+#ifdef HAVE_SSL
+#include <@SSL_INC_PREFIX@@SSL_HDR@>
+# ifdef SSL_TYPE_openssl
+# include <@SSL_INC_PREFIX@err.h>
+# include <@SSL_INC_PREFIX@rand.h>
+# include <@SSL_INC_PREFIX@engine.h>
+# endif
+#endif
+
+#define PROGRAM_VERSION "4.0.3"
+#define MODIFICATION_DATE "2020-04-28"
+
+#define OK 0
+#define ERROR -1
+
+#define TRUE 1
+#define FALSE 0
+
+#define STATE_UNKNOWN 3 /* service state return codes */
+#define STATE_CRITICAL 2
+#define STATE_WARNING 1
+#define STATE_OK 0
+
+
+#define DEFAULT_SOCKET_TIMEOUT 10 /* timeout after 10 seconds */
+#define DEFAULT_CONNECTION_TIMEOUT 300 /* timeout if daemon is waiting for connection more than this time */
+
+#define MAX_INPUT_BUFFER 2048 /* max size of most buffers we use */
+#define MAX_FILENAME_LENGTH 256
+#define MAX_HOST_ADDRESS_LENGTH 256 /* max size of a host address */
+#define MAX_COMMAND_ARGUMENTS 16
+
+#define NRPE_HELLO_COMMAND "_NRPE_CHECK"
+
+/**************** PACKET STRUCTURE DEFINITION **********/
+
+#define QUERY_PACKET 1 /* id code for a packet containing a query */
+#define RESPONSE_PACKET 2 /* id code for a packet containing a response */
+
+/* v4 takes struct padding into account, so the buffer "takes" 4 bytes
+ * v3 removes the 1 byte that "should" be allocated to buffer.
+ */
+#define NRPE_V4_PACKET_SIZE_OFFSET 4
+#define NRPE_V3_PACKET_SIZE_OFFSET 1
+
+/* packet version identifiers */
+#define NRPE_PACKET_VERSION_4 4 /* Same as version 3, but accounts for struct padding in network code */
+#define NRPE_PACKET_VERSION_3 3 /* Allows for variable-length buffer */
+#define NRPE_PACKET_VERSION_2 2
+#define NRPE_PACKET_VERSION_1 1 /* older packet version identifiers (no longer supported) */
+
+#define MAX_PACKETBUFFER_LENGTH 1024 /* amount of data to send in one query/response vor version 2 */
+
+#define NRPE_DEFAULT_PACKET_VERSION NRPE_PACKET_VERSION_4
+
+typedef struct _v2_packet {
+ int16_t packet_version;
+ int16_t packet_type;
+ u_int32_t crc32_value;
+ int16_t result_code;
+ char buffer[MAX_PACKETBUFFER_LENGTH];
+} v2_packet;
+typedef struct _v3_packet {
+ int16_t packet_version;
+ int16_t packet_type;
+ u_int32_t crc32_value;
+ int16_t result_code;
+ int16_t alignment;
+ int32_t buffer_length;
+ char buffer[1];
+} v3_packet;
+
+typedef v3_packet v4_packet;
+
+/**************** OPERATING SYSTEM SPECIFIC DEFINITIONS **********/
+#if defined(__sun) || defined(__hpux)
+
+# ifndef LOG_AUTHPRIV
+# define LOG_AUTHPRIV LOG_AUTH
+# endif
+# ifndef LOG_FTP
+# define LOG_FTP LOG_DAEMON
+# endif
+#elif defined(_AIX)
+# include <sys/select.h>
+# ifndef LOG_FTP
+# define LOG_FTP LOG_DAEMON
+# endif
+#endif
diff --git a/include/config.h.in b/include/config.h.in
new file mode 100644
index 0000000..4bedca3
--- /dev/null
+++ b/include/config.h.in
@@ -0,0 +1,354 @@
+/****************************************************************************
+ *
+ * config.h - NRPE Configuration header file
+ *
+ * License: GPLv2
+ * Copyright (c) 2006-2017 Nagios Enterprises
+ * 1999-2006 Ethan Galstad (nagios@nagios.org)
+ *
+ * License Notice:
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ ****************************************************************************/
+
+#ifndef _CONFIG_H
+#define _CONFIG_H
+
+#include <stdio.h>
+#include <stdlib.h>
+
+
+/* Default port for NRPE daemon */
+#undef DEFAULT_SERVER_PORT
+
+/* NRPE syslog facility */
+#undef NRPE_LOG_FACILITY
+
+/* Enable command-line arguments */
+#undef ENABLE_COMMAND_ARGUMENTS
+
+/* Enable bash command substitution */
+#undef ENABLE_BASH_COMMAND_SUBSTITUTION
+
+/* type to use in place of socklen_t if not defined */
+#undef socklen_t
+
+/* Define to 1 if you have the `getopt_long' function. */
+#undef HAVE_GETOPT_LONG
+
+/* Have the TCP wrappers library */
+#undef HAVE_LIBWRAP
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* Define to 1 if you have the `strdup' function. */
+#undef HAVE_STRDUP
+
+/* Define to 1 if you have the `strstr' function. */
+#undef HAVE_STRSTR
+
+/* Define to 1 if you have the `strtoul' function. */
+#undef HAVE_STRTOUL
+
+/* Define to 1 if you have the `strtok_r' function. */
+#undef HAVE_STRTOK_R
+
+/* Define to 1 if you have the `initgroups' function. */
+#undef HAVE_INITGROUPS
+
+/* Define to 1 if you have the `closesocket' function. */
+#undef HAVE_CLOSESOCKET
+
+/* Define to 1 if you have the `sigaction' function. */
+#undef HAVE_SIGACTION
+
+/* Define to 1 if you have the `scandir' function. */
+#undef HAVE_SCANDIR
+
+/* Set to 1 if you have rfc931_timeout */
+#undef HAVE_RFC931_TIMEOUT
+
+/* The size of `int', as computed by sizeof. */
+#undef SIZEOF_INT
+
+/* The size of `short', as computed by sizeof. */
+#undef SIZEOF_SHORT
+
+/* The size of `long', as computed by sizeof. */
+#undef SIZEOF_LONG
+
+/* Define to empty if `const' does not conform to ANSI C. */
+#undef const
+
+/* Set to 1 to use SSL DH */
+#undef USE_SSL_DH
+
+/* stupid stuff for u_int32_t */
+#undef U_INT32_T_IS_USHORT
+#undef U_INT32_T_IS_UINT
+#undef U_INT32_T_IS_ULONG
+#undef U_INT32_T_IS_UINT32_T
+
+#ifdef U_INT32_T_IS_USHORT
+typedef unsigned short u_int32_t;
+#endif
+#ifdef U_INT32_T_IS_ULONG
+typedef unsigned long u_int32_t;
+#endif
+#ifdef U_INT32_T_IS_UINT
+typedef unsigned int u_int32_t;
+#endif
+#ifdef U_INT32_T_IS_UINT32_t
+typedef uint32_t u_int32_t;
+#endif
+
+/* stupid stuff for int32_t */
+#undef INT32_T_IS_SHORT
+#undef INT32_T_IS_INT
+#undef INT32_T_IS_LONG
+
+#ifdef INT32_T_IS_USHORT
+typedef short int32_t;
+#endif
+#ifdef INT32_T_IS_ULONG
+typedef long int32_t;
+#endif
+#ifdef INT32_T_IS_UINT
+typedef int int32_t;
+#endif
+
+
+/***** ASPRINTF() AND FRIENDS *****/
+
+/* Whether vsnprintf() is available */
+#undef HAVE_VSNPRINTF
+/* Whether snprintf() is available */
+#undef HAVE_SNPRINTF
+/* Whether aprintf() is available */
+#undef HAVE_ASPRINTF
+/* Whether vaprintf() is available */
+#undef HAVE_VASPRINTF
+/* Define if system has C99 compatible vsnprintf */
+#undef HAVE_C99_VSNPRINTF
+
+/* Whether va_copy() is available */
+#undef HAVE_VA_COPY
+
+/* Whether __va_copy() is available */
+#undef HAVE___VA_COPY
+
+
+/* Socket Size Type */
+#undef SOCKET_SIZE_TYPE
+
+/* Define to the type of elements in the array set by `getgroups'. Usually
+ this is either `int' or `gid_t'. */
+#undef GETGROUPS_T
+
+/* Define as the return type of signal handlers (`int' or `void'). */
+#undef RETSIGTYPE
+
+/* Define to 1 if the system has the type `struct sockaddr_storage'. */
+#undef HAVE_STRUCT_SOCKADDR_STORAGE
+
+/* Use seteuid() or setresuid() depending on the platform */
+#undef SETEUID
+
+/* Set to 1 if we are on Solaris 10 */
+#undef SOLARIS_10
+
+/* Define to 1 if you have the <getopt.h> header file. */
+#undef HAVE_GETOPT_H
+#ifdef HAVE_GETOPT_H
+#include <getopt.h>
+#endif
+
+/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H
+#ifdef HAVE_STRINGS_H
+#include <strings.h>
+#endif
+
+/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H
+#ifdef HAVE_STRING_H
+#include <string.h>
+#endif
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#undef HAVE_UNISTD_H
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+/* Define to 1 if you have the <signal.h> header file. */
+#undef HAVE_SIGNAL_H
+#ifdef HAVE_SIGNAL_H
+#include <signal.h>
+#endif
+
+/* Define to 1 if you have the <syslog.h> header file. */
+#undef HAVE_SYSLOG_H
+#ifdef HAVE_SYSLOG_H
+#include <syslog.h>
+#endif
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#undef HAVE_FCNTL_H
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#undef HAVE_SYS_TYPES_H
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
+/* Define to 1 if you have the <sys/wait.h> header file. */
+#undef HAVE_SYS_WAIT_H
+#ifdef HAVE_SYS_WAIT_H
+#include <sys/wait.h>
+#endif
+
+#ifndef WEXITSTATUS
+# define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
+#endif
+#ifndef WIFEXITED
+# define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
+#endif
+
+/* Define to 1 if you have the <errno.h> header file. */
+#undef HAVE_ERRNO_H
+#ifdef HAVE_ERRNO_H
+#include <errno.h>
+#endif
+
+/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+#undef TIME_WITH_SYS_TIME
+
+/* Define to 1 if you have the <sys/time.h> header file. */
+#undef HAVE_SYS_TIME_H
+
+#if TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# if HAVE_SYS_TIME_H
+# include <sys/time.h>
+# else
+# include <time.h>
+# endif
+#endif
+
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#undef HAVE_SYS_SOCKET_H
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+
+/* Define to 1 if you have the <socket.h> header file. */
+#undef HAVE_SOCKET_H
+#ifdef HAVE_SOCKET_H
+#include <socket.h>
+#endif
+
+/* Define to 1 if you have the <tcpd.h> header file. */
+#undef HAVE_TCPD_H
+#ifdef HAVE_TCPD_H
+#include <tcpd.h>
+#endif
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#undef HAVE_NETINET_IN_H
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#undef HAVE_ARPA_INET_H
+#ifdef HAVE_ARPA_INET_H
+#include <arpa/inet.h>
+#endif
+
+/* Define to 1 if you have the <netdb.h> header file. */
+#undef HAVE_NETDB_H
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
+
+/* Define to 1 if you have the <ctype.h> header file. */
+#undef HAVE_CTYPE_H
+#ifdef HAVE_CTYPE_H
+#include <ctype.h>
+#endif
+
+/* Define to 1 if you have the <pwd.h> header file. */
+#undef HAVE_PWD_H
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
+
+/* Define to 1 if you have the <grp.h> header file. */
+#undef HAVE_GRP_H
+#ifdef HAVE_GRP_H
+#include <grp.h>
+#endif
+
+/* Define to 1 if you have the <dirent.h> header file. */
+#undef HAVE_DIRENT_H
+#ifdef HAVE_DIRENT_H
+#include <dirent.h>
+#endif
+
+/* Have SSL support */
+#undef HAVE_SSL
+
+/* Have the krb5.h header file */
+#undef HAVE_KRB5_H
+#ifdef HAVE_KRB5_H
+#include <krb5.h>
+#endif
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H
+
+#ifdef HAVE_INTTYPES_H
+#include <inttypes.h>
+#else
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#endif
+
+/* Define to 1 if you have the <paths.h> header file. */
+#undef HAVE_PATHS_H
+
+/* Define to 1 if you have the <sys/resource.h> header file. */
+#undef HAVE_SYS_RESOURCE_H
+
+#endif
diff --git a/include/nrpe.h b/include/nrpe.h
new file mode 100644
index 0000000..e1b70c0
--- /dev/null
+++ b/include/nrpe.h
@@ -0,0 +1,71 @@
+/****************************************************************************
+ *
+ * nrpe.h - Nagios Remote Plugin Executor header file
+ *
+ * License: GPLv2
+ * Copyright (c) 2006-2017 Nagios Enterprises
+ * 1999-2006 Ethan Galstad (nagios@nagios.org)
+ *
+ * License Notice:
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ ****************************************************************************/
+
+#include <limits.h>
+
+typedef struct command_struct {
+ char *command_name;
+ char *command_line;
+ struct command_struct *next;
+} command;
+
+int init(void);
+void init_ssl(void);
+void log_ssl_startup(void);
+void usage(int);
+void run_inetd(void);
+void run_src(void);
+void run_daemon(void);
+void set_stdio_sigs(void);
+void cleanup(void);
+int read_config_file(char *);
+int read_config_dir(char *);
+int get_log_facility(char *);
+int add_command(char *,char *);
+command *find_command(char *);
+void create_listener(struct addrinfo *ai);
+void wait_for_connections(void);
+void setup_wait_conn(void);
+int wait_conn_fork(int sock);
+void conn_check_peer(int sock);
+void handle_connection(int);
+void init_handle_conn(void);
+int handle_conn_ssl(int sock, void *ssl_ptr);
+int read_packet(int sock, void *ssl_ptr, v2_packet *v2_pkt, v3_packet **v3_pkt);
+void free_memory(void);
+int my_system(char*, int, int*, char**); /* executes a command via popen(), but also protects against timeouts */
+void my_system_sighandler(int); /* handles timeouts when executing commands via my_system() */
+void my_connection_sighandler(int); /* handles timeouts of connection */
+int drop_privileges(char *,char *, int);
+int write_pid_file(void);
+int remove_pid_file(void);
+int check_privileges(void);
+void sighandler(int);
+void child_sighandler(int);
+int validate_request(v2_packet *, v3_packet *);
+int contains_nasty_metachars(char *);
+int process_macros(char *,char *,int);
+int process_arguments(int,char **);
diff --git a/include/utils.h b/include/utils.h
new file mode 100644
index 0000000..e81f8d1
--- /dev/null
+++ b/include/utils.h
@@ -0,0 +1,54 @@
+/****************************************************************************
+ *
+ * utils.h - NRPE Utility Functions header file
+ *
+ * License: GPLv2
+ * Copyright (c) 2009-2017 Nagios Enterprises
+ * 1999-2008 Ethan Galstad (nagios@nagios.org)
+ *
+ * License Notice:
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ ****************************************************************************/
+
+
+#ifndef NRPE_UTILS_H_INCLUDED
+#define NRPE_UTILS_H_INCLUDED
+
+#include "../include/config.h"
+
+void generate_crc32_table(void);
+unsigned long calculate_crc32(char*, int);
+void randomize_buffer(char*,int);
+int my_tcp_connect(char*, int, int*);
+#ifdef HAVE_STRUCT_SOCKADDR_STORAGE
+int my_connect(const char*, struct sockaddr_storage*, u_short, int, const char*, int);
+#else
+int my_connect(const char*, struct sockaddr*, u_short, int, const char*, int);
+#endif
+void add_listen_addr(struct addrinfo**, int, char*, int);
+int clean_environ(const char *keep_env_vars, const char *nrpe_user);
+char* strip(char*);
+int sendall(int, char*, int*);
+int recvall(int, char*, int*, int);
+char *my_strsep(char**, const char*);
+void open_log_file();
+void logit(int priority, const char *format, ...);
+void close_log_file();
+void display_license(void);
+extern int disable_syslog;
+
+#endif