Changeset 2f01f93 in nscp

Timestamp:

02/20/08 16:16:16 (5 years ago)

Author:

Michael Medin <michael@…>

Branches:

master, 0.4.0, 0.4.1, 0.4.2, stable

Children:

5b9d247

Parents:

95e4ace

Message:

+ Added new module NRPEClient that can act as a NRPE client, might be useful for testing things and

eventually for relaying events.
Usage: nsclient++ -noboot NRPEClient -H 192.168.0.1 -p 5666 -c check_something -a foo bar
This is an early concept so don't expect much...

Files:

• AutoBuild.h (modified) (1 diff)
• NSClient++.cpp (modified) (5 diffs)
• NSClient++.h (modified) (2 diffs)
• changelog (modified) (5 diffs)
• include/SSLSocket.cpp (modified) (2 diffs)
• include/SSLSocket.h (modified) (6 diffs)
• include/Socket.h (modified) (2 diffs)
• include/strEx.h (modified) (1 diff)
• modules/NRPEClient/NRPEClient.cpp (modified) (3 diffs)
• modules/NRPEClient/NRPEClient.h (modified) (1 diff)

AutoBuild.h

@@ -3 +3 @@
 // change the FALSE to TRUE for autoincrement of build number
 #define INCREMENT_VERSION TRUE
-#define FILEVER        0,3,0,58
-#define PRODUCTVER     0,3,0,58
-#define STRFILEVER     _T("0.3.0.58")
-#define STRPRODUCTVER  _T("0.3.0.58")
-#define STRPRODUCTDATE  _T("2008-02-14")
+#define FILEVER        0,3,0,60
+#define PRODUCTVER     0,3,0,60
+#define STRFILEVER     _T("0.3.0.60")
+#define STRPRODUCTVER  _T("0.3.0.60")
+#define STRPRODUCTDATE  _T("2008-02-19")
 #endif // AUTOBUILD_H

NSClient++.cpp

@@ -107 +107 @@
       LOG_MESSAGE(SZAPPNAME _T(" Version: ") SZVERSION _T(", Plattform: ") SZARCH);
     } else if ( _wcsicmp( _T("noboot"), argv[1]+1 ) == 0 ) {
-      g_bConsoleLog = true;
+      mainClient.setBoot(false);
+      g_bConsoleLog = false;
       mainClient.enableDebug(true);
+      mainClient.InitiateService();
       int nRetCode = -1;
       if (argc>=4)
@@ -114 +116 @@
       else if (argc>=3)
         nRetCode = mainClient.commandLineExec(argv[2], argv[3], 0, NULL);
+      mainClient.TerminateService();
       return nRetCode;
     } else if ( _wcsicmp( _T("test"), argv[1]+1 ) == 0 ) {
@@ -221 +224 @@
     return false;
   }
-  try {
-    SettingsT::sectionList list = Settings::getInstance()->getSection(_T("modules"));
-    for (SettingsT::sectionList::iterator it = list.begin(); it != list.end(); it++) {
-      try {
-        loadPlugin(getBasePath() + _T("modules\\") + (*it));
-      } catch(const NSPluginException& e) {
-        LOG_ERROR_STD(_T("Exception raised: ") + e.error_ + _T(" in module: ") + e.file_);
-        //return false;
-      } catch (...) {
-        LOG_ERROR_STD(_T("Unknown exception loading plugin: ") + (*it));
-        return false;
-      }
-    }
-  } catch (SettingsException e) {
-    NSC_LOG_ERROR_STD(_T("Failed to set settings file") + e.getMessage());
-  }
-  try {
-    loadPlugins();
-  } catch (...) {
-    LOG_ERROR_STD(_T("Unknown exception loading plugins"));
-    return false;
+  if (boot_) {
+    try {
+      SettingsT::sectionList list = Settings::getInstance()->getSection(_T("modules"));
+      for (SettingsT::sectionList::iterator it = list.begin(); it != list.end(); it++) {
+        try {
+          loadPlugin(getBasePath() + _T("modules\\") + (*it));
+        } catch(const NSPluginException& e) {
+          LOG_ERROR_STD(_T("Exception raised: ") + e.error_ + _T(" in module: ") + e.file_);
+          //return false;
+        } catch (...) {
+          LOG_ERROR_STD(_T("Unknown exception loading plugin: ") + (*it));
+          return false;
+        }
+      }
+    } catch (SettingsException e) {
+      NSC_LOG_ERROR_STD(_T("Failed to set settings file") + e.getMessage());
+    }
+    try {
+      loadPlugins();
+    } catch (...) {
+      LOG_ERROR_STD(_T("Unknown exception loading plugins"));
+      return false;
+    }
   }
   return true;
@@ -250 +255 @@
  */
 void NSClientT::TerminateService(void) {
-  try {
-    mainClient.unloadPlugins();
-  } catch(NSPluginException &e) {
-    std::wcout << _T("Exception raised: ") << e.error_ << _T(" in module: ") << e.file_ << std::endl;;
+  if (boot_) {
+    try {
+      mainClient.unloadPlugins();
+    } catch(NSPluginException &e) {
+      std::wcout << _T("Exception raised: ") << e.error_ << _T(" in module: ") << e.file_ << std::endl;;
+    }
   }
   try {
@@ -307 +314 @@
     }
   }
-  LOG_MESSAGE_STD(_T("Module was not loaded, attempt to load it"));
   try {
     plugin_type plugin = loadPlugin(getBasePath() + _T("modules\\") + module);

NSClient++.h

@@ -72 +72 @@
   typedef enum log_status {log_unknown, log_debug, log_nodebug };
   log_status debug_;
+  bool boot_;
 
 public:
   // c-tor, d-tor
-  NSClientT(void) : debug_(log_unknown) {}
+  NSClientT(void) : debug_(log_unknown), boot_(true) {}
   virtual ~NSClientT(void) {}
   void enableDebug(bool debug = true) {
@@ -82 +83 @@
     else
       debug_ = log_nodebug;
+  }
+  void setBoot(bool boot = true) {
+    boot_ = boot;
   }
 

changelog

@@ -3 +3 @@
  * Fix configuration GUI (low priority)
  * Fix installer (after configuration UI)
- * Add module for relaying events
+ * Add module for relaying events (in progress)
  * Add API for rehashing the daemon (or implement it the API is there but does nothing)
+ * Improved socket performance (would be nice if we could be used as a "hub")
+
+2008-02-19 MickeM
+ + Added new module NRPEClient that can act as a NRPE client, might be useful for testing things and 
+   eventually for relaying events.
+   Usage: nsclient++ -noboot NRPEClient -H 192.168.0.1 -p 5666 -c check_something -a foo bar
+   This is an early concept so don't expect much...
 
 2008-02-19 MickeM
@@ -10 +17 @@
  
 2008-02-18 MickeM
- + Added propper output handling to process subsystem (now you can execute programs tat return "much" data.
+ + Added proper output handling to process subsystem (now you can execute programs tat return "much" data.
  + Added select support for SSL_write (now you can send "any amount of data" to the (SSL) socket.
    Since check_nrpe doesn't do this it wont work in that end, but still...
 
 2008-02-16 MickeM
- + Refactored ExternalCommand handling so NRPE and new module does the same thing.
+ + Re factored ExternalCommand handling so NRPE and new module does the same thing.
 
 2008-02-14 MickeM
@@ -23 +30 @@
 2008-02-13 MickeM
  + Added string_length to [Settings] as well (used internally) for all "injected" buffers.
- * Fixed issue with scripts result truncated efter 1024 chars 
-    (now they return "all" output and thus you can use the NRPE settings I adde yesterday :)
- + Added hostname setting to [NSCA] section (must have been braindead when I did not add it before)
+ * Fixed issue with scripts result truncated after 1024 chars 
+    (now they return "all" output and thus you can use the NRPE settings I added yesterday :)
+ + Added hostname setting to [NSCA] section (must have been  when I did not add it before)
  + Added to NSCA truncates output when to long.
 
@@ -34 +41 @@
 
 2008-02-11 MickeM
- + Added encryption support for NSCA module (about half of the algorithms are avalible, 
+ + Added encryption support for NSCA module (about half of the algorithms are available, 
      if someone wants to use one not available let me know, and I will try to add it)
 
@@ -48 +55 @@
 
 2008-02-07 MickeM
- + Added default catch handlers to all wrapped plugin calls.
+ + Added default catch handlers to all wrapped plug in calls.
 
 2008-02-05 MickeM

include/SSLSocket.cpp

@@ -134 +134 @@
 }
 
-void simpleSSL::Listener::StartListener(std::wstring host, int port, unsigned int listenQue) {
-  // @todo init SSL
+int simpleSSL::Socket::connect_() {
   simpleSSL::SSL_init();
 
-  context.createSSLv23();
+  Context context;
+  context.createSSLv23Client();
+  context.setCipherList();
+  /*
+  simpleSSL::DH dh;
+  dh.create();
+  setupDH(dh);
+  context.setTmpDH(dh.getDH());
+  dh.free();
+  */
+  if (tBase::connect_() == SOCKET_ERROR) {
+    throw simpleSocket::SocketException(_T("Failed to connect to host: ") + inet_ntoa(to_.sin_addr.s_addr), WSAGetLastError());
+  }
+  ssl.setContext(context);
+  ssl.set_fd(socket_);
+  ssl.connect();
+  return 0;
+}
+
+
+void simpleSSL::Listener::StartListener(std::wstring host, int port, unsigned int listenQue) {
+  simpleSSL::SSL_init();
+  context.createSSLv23Server();
   context.setCipherList();
   simpleSSL::DH dh;
@@ -145 +166 @@
   context.setTmpDH(dh.getDH());
   dh.free();
-
   if (!lock_cs) {
     lock_cs_count = simpleSSL::Crypto::getNumberOfLocks();

include/SSLSocket.h

@@ -112 +112 @@
 
     void destroy() {
-      assert(ctx_);
+      if (ctx_ != NULL)
+        throw SSLException(_T("Error: SSL Context already initalized."));
       SSL_CTX_free(ctx_);
       ctx_ = NULL;
     }
-    void createSSLv23() {
-      assert(ctx_ == NULL);
+    void createSSLv23Server() {
+      if (ctx_ != NULL)
+        throw SSLException(_T("Error: SSL Context already initalized."));
       ctx_ = SSL_CTX_new(SSLv23_server_method());
       if (ctx_ == NULL) {
@@ -123 +125 @@
       }
     }
+    void createSSLv23Client() {
+      if (ctx_ != NULL)
+        throw SSLException(_T("Error: SSL Context already initalized."));
+      ctx_ = SSL_CTX_new(SSLv23_client_method());
+      if (ctx_ == NULL)
+        throw SSLException(_T("Error: could not create SSL context."));
+      SSL_CTX_set_options(ctx_,SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+    }
     void setCipherList(std::string s = "ADH") {
-      assert(ctx_);
+      if (ctx_ == NULL)
+        throw SSLException(_T("Error: SSL Context already initalized."));
       SSL_CTX_set_cipher_list(ctx_, s.c_str());
     }
@@ -169 +180 @@
     }
     void create() {
-      assert(!ssl_);
+      if (ssl_ != NULL) 
+        throw SSLException(_T("Error: Could not create SSL connection structure, SSL is already inatialized."));
       ssl_ = context_.newSSL();
       if (ssl_ == NULL) 
@@ -186 +198 @@
       int i = 0;
       while ((rc = SSL_accept(ssl_)) != 1) {
+        if (++i >= 100) {
+          throw SSLException(_T("SSL: Could not complete SSL handshake."));
+        }
+        int rc2 = getError(rc);
+        if ((rc2 == SSL_ERROR_WANT_READ) || (rc2 == SSL_ERROR_WANT_WRITE)) {
+          Sleep(100);
+          continue;
+        } else {
+          throw SSLException(_T("Error: Could not complete SSL handshake : "), rc, rc2);
+        }
+      }
+      /**/
+    }
+    void connect() {
+      if (!ssl_)
+        create();
+      int rc = 0;
+      int i = 0;
+      while ((rc = SSL_connect(ssl_)) != 1) {
         if (++i >= 100) {
           throw SSLException(_T("SSL: Could not complete SSL handshake."));
@@ -244 +275 @@
     Socket(Socket &other) : tBase(other), ssl(other.ssl) {
     }
+    Socket(bool create) : tBase(create) {
+    }
     virtual ~Socket() {
       ssl.shutdown();
@@ -302 +335 @@
       tBase::close();
     }
+    virtual int connect(std::wstring host, u_short port) {
+      return tBase::connect(host, port);
+    }
+
+    virtual int connect_();
     void setContext(Context c) {
       ssl.setContext(c);

include/Socket.h

@@ -211 +211 @@
         to_.sin_port = htons(port);
         to_.sin_addr.s_addr = inet_addr(host);
-        return ::connect(socket_, (SOCKADDR*) &to_, sizeof(to_));
+        return connect_();
       }
       return SOCKET_ERROR;
+    }
+    virtual int connect_() {
+      return ::connect(socket_, (SOCKADDR*) &to_, sizeof(to_));
     }
 
@@ -252 +255 @@
       else
         ::select(NULL, &read_, &write_, &excp_, &timeout_);
-      return FD_ISSET(socket_, &write_);
+      if (FD_ISSET(socket_, &write_))
+        return true;
+      return false;
     }
 

include/strEx.h

@@ -35 +35 @@
 
 namespace strEx {
+  namespace s {
+    inline std::string itos(float i) {
+      std::stringstream ss;
+      ss << i;
+      return ss.str();
+    }
+    inline std::string itos(int i) {
+      std::stringstream ss;
+      ss << i;
+      return ss.str();
+    }
+    inline std::string itos(unsigned int i) {
+      std::stringstream ss;
+      ss << i;
+      return ss.str();
+    }
+  }
 
   inline void append_list(std::wstring &lst, std::wstring &append) {

modules/NRPEClient/NRPEClient.cpp

@@ -66 +66 @@
 
 int NRPEClient::commandLineExec(const TCHAR* command, const unsigned int argLen, TCHAR** args) {
-  if (_wcsicmp(command, _T("check")) == 0) {
-    std::wcout << args[0] << std::endl;
-
-
     try {
       boost::program_options::options_description desc("Allowed options");
+      buffer_length_ = NSCModuleHelper::getSettingsInt(NRPE_SECTION_TITLE, NRPE_SETTINGS_STRLEN, NRPE_SETTINGS_STRLEN_DEFAULT);
       desc.add_options()
-        ("help", "Show this help message.")
-        ("host", boost::program_options::value<std::string>(), "remote NRPE host")
-        ("port", boost::program_options::value<int>(), "remote NRPE port")
-        ("-c", "command to execute")
-        ("-a", "list of arguments")
-        ("compression", boost::program_options::value<int>(), "set compression level")
+        ("help,h", "Show this help message.")
+        ("host,H", boost::program_options::wvalue<std::wstring>(), "The address of the host running the NRPE daemon")
+        ("port,p", boost::program_options::value<int>(), "The port on which the daemon is running (default=5666)")
+        ("command,c", boost::program_options::wvalue<std::wstring>(), "The name of the command that the remote daemon should run")
+        ("timeout,t", boost::program_options::value<int>(), "Number of seconds before connection times out (default=10)")
+        ("buffer-length,l", boost::program_options::value<int>(), std::string("Length of payload (has to be same as on the server (default=" + strEx::s::itos(buffer_length_) + ")").c_str())
+        ("no-ssl,n", "Do not initial an ssl handshake with the server, talk in plaintext.")
+        ("arguments,a", boost::program_options::wvalue<std::vector<std::wstring>>(), "list of arguments")
         ;
-
+      boost::program_options::positional_options_description p;
+      p.add("arguments", -1);
+      
       boost::program_options::variables_map vm;
-      boost::program_options::store(basic_command_line_parser_ex<wchar_t>::parse_command_line(argLen, args, desc, 0), vm);
+      boost::program_options::store(
+        basic_command_line_parser_ex<TCHAR>(command, argLen, args).options(desc).positional(p).run()
+        , vm);
       boost::program_options::notify(vm);    
 
@@ -89 +92 @@
         return 1;
       }
-
-      if (vm.count("host")) {
-        std::cout << "Host level was set to " 
-          << vm["host"].as<std::string>() << ".\n";
-        std::cout << "Port level was set to " 
-          << vm["port"].as<int>() << ".\n";
-      } else {
-        std::cout << "Compression level was not set.\n";
+      std::wstring host = _T("localhost");
+      std::wstring command;
+      std::wstring arguments;
+      int port = 5666;
+      int timeout = 10;
+      bool ssl = true;
+
+      if (vm.count("host"))
+        host = vm["host"].as<std::wstring>();
+      if (vm.count("port"))
+        port = vm["port"].as<int>();
+      if (vm.count("timeout"))
+        timeout = vm["timeout"].as<int>();
+      if (vm.count("buffer-length"))
+        buffer_length_ = vm["buffer-length"].as<int>();
+      if (vm.count("command"))
+        command = vm["command"].as<std::wstring>();
+      if (vm.count("arguments")) {
+        std::vector<std::wstring> v = vm["arguments"].as<std::vector<std::wstring>>();
+        for (std::vector<std::wstring>::const_iterator cit = v.begin(); cit != v.end(); ++cit) {
+          if (!arguments.empty())
+            arguments += _T("!");
+          arguments += *cit;
+        }
       }
+      if (vm.count("no-ssl"))
+        ssl = false;
+      return execute_nrpe_command(host, port, ssl, timeout, command, arguments);
     } catch (boost::program_options::validation_error &e) {
       std::cout << e.what() << std::endl;
@@ -103 +125 @@
       std::cout << "Unknown exception parsing command line" << std::endl;
     }
-    std::wcout << _T("Checking...") << std::endl;
-  }
   return 0;
 }
+int NRPEClient::execute_nrpe_command(std::wstring host, int port, bool ssl, int timeout, std::wstring command, std::wstring arguments) {
+  try {
+    std::wstring cmd = command;
+    if (cmd.empty())
+      cmd = _T("_NRPE_CHECK");
+    if (!arguments.empty())
+      cmd += _T("!") + arguments;
+    NRPEPacket packet;
+    if (ssl)
+      packet = send_ssl(host, port, timeout, NRPEPacket::make_request(cmd, buffer_length_));
+    else
+      packet = send_nossl(host, port, timeout, NRPEPacket::make_request(cmd, buffer_length_));
+    std::wcout << packet.getPayload() << std::endl;
+    return packet.getResult();
+  } catch (simpleSocket::SocketException &e) {
+    std::wcout << _T("whoops...") << e.getMessage() <<  std::endl;
+  } catch (simpleSSL::SSLException &e) {
+    std::wcout << _T("whoops...") << e.getMessage() <<  std::endl;
+  } catch (...) {
+    std::cout << "whoops..." << std::endl;
+  }
+  return NSCAPI::returnUNKNOWN;
+}
+NRPEPacket NRPEClient::send_ssl(std::wstring host, int port, int timeout, NRPEPacket packet)
+{
+  simpleSSL::Socket socket(true);
+  socket.connect(host, port);
+  socket.sendAll(packet.getBuffer(), packet.getBufferLength());
+  simpleSocket::DataBuffer buffer;
+  socket.readAll(buffer);
+  packet.readFrom(buffer.getBuffer(), buffer.getLength());
+  return packet;
+}
+NRPEPacket NRPEClient::send_nossl(std::wstring host, int port, int timeout, NRPEPacket packet)
+{
+  simpleSocket::Socket socket(true);
+  socket.connect(host, port);
+  socket.sendAll(packet.getBuffer(), packet.getBufferLength());
+  simpleSocket::DataBuffer buffer;
+  socket.readAll(buffer);
+  packet.readFrom(buffer.getBuffer(), buffer.getLength());
+  return packet;
+}
+
+
 
 

modules/NRPEClient/NRPEClient.h

@@ -75 +75 @@
 
 private:
+  int execute_nrpe_command(std::wstring host, int port, bool ssl, int timeout, std::wstring command, std::wstring arguments);
+  NRPEPacket send_nossl(std::wstring host, int port, int timeout, NRPEPacket packet);
+  NRPEPacket send_ssl(std::wstring host, int port, int timeout, NRPEPacket packet);
   class NRPEException {
     std::wstring error_;