Changeset 4c8d44d in nscp

Timestamp:

02/20/08 21:04:27 (5 years ago)

Author:

Michael Medin <michael@…>

Branches:

master, 0.4.0, 0.4.1, 0.4.2, stable

Children:

140dd49

Parents:

5b9d247

Message:

• Fixed a bug in NSCA module (now it works again :) + Added a command wrapper for the NRPECLient module so now it can act as a check command.

(No argument handling yet though), For a sample check out the [NRPE Client Handlers] section in NSC.ini

Files:

• NSC.dist (modified) (2 diffs)
• changelog (modified) (2 diffs)
• include/config.h (modified) (1 diff)
• modules/NRPEClient/NRPEClient.cpp (modified) (3 diffs)
• modules/NRPEClient/NRPEClient.h (modified) (4 diffs)
• modules/NSCAAgent/NSCAAgent.cpp (modified) (1 diff)

NSC.dist

@@ -26 +26 @@
 ; Script to check external scripts and/or internal aliases, early beta.
 ;CheckExternalScripts.dll
+; Check other hosts through NRPE extreme beta and probably a bit dangerous! :)
+;NRPEClient.dll
+
 
 
@@ -274 +277 @@
 ;check_nok=scripts\xlong.bat
 ;check_vbs=cscript.exe //T:30 //NoLogo scripts\check_vb.vbs
+
+;# REMOTE NRPE PROXY COMMANDS
+;  A list of commands that check other hosts.
+;  Used by the NRPECLient module
+[NRPE Client Handlers]
+check_other=-H 192.168.0.1 -p 5666 -c remote_command -a arguments
+

changelog

@@ -12 +12 @@
    Usage: nsclient++ -noboot NRPEClient -H 192.168.0.1 -p 5666 -c check_something -a foo bar
    This is an early concept so don't expect much...
+ * Fixed a bug in NSCA module (now it works again :)
+ + Added a command wrapper for the NRPECLient module so now it can act as a check command.
+   (No argument handling yet though), For a sample check out the [NRPE Client Handlers] section in NSC.ini
 
 2008-02-19 MickeM
@@ -17 +20 @@
  
 2008-02-18 MickeM
- + Added proper output handling to process subsystem (now you can execute programs tat return "much" data.
+ + Added proper output handling to process subsystem (now you can execute programs that return "much" data.
  + Added select support for SSL_write (now you can send "any amount of data" to the (SSL) socket.
    Since check_nrpe doesn't do this it wont work in that end, but still...

include/config.h

@@ -83 +83 @@
 // NRPE Settings headlines
 #define NRPE_SECTION_TITLE _T("NRPE")
+#define NRPE_CLIENT_HANDLER_SECTION_TITLE _T("NRPE Client Handlers")
 #define NRPE_HANDLER_SECTION_TITLE _T("NRPE Handlers")
 #define NRPE_SETTINGS_TIMEOUT _T("command_timeout")

modules/NRPEClient/NRPEClient.cpp

@@ -43 +43 @@
 
 bool NRPEClient::loadModule() {
-  timeout = NSCModuleHelper::getSettingsInt(NRPE_SECTION_TITLE, NRPE_SETTINGS_TIMEOUT ,NRPE_SETTINGS_TIMEOUT_DEFAULT);
-  socketTimeout_ = NSCModuleHelper::getSettingsInt(NRPE_SECTION_TITLE, NRPE_SETTINGS_READ_TIMEOUT ,NRPE_SETTINGS_READ_TIMEOUT_DEFAULT);
   buffer_length_ = NSCModuleHelper::getSettingsInt(NRPE_SECTION_TITLE, NRPE_SETTINGS_STRLEN, NRPE_SETTINGS_STRLEN_DEFAULT);
+
+  std::list<std::wstring> commands = NSCModuleHelper::getSettingsSection(NRPE_CLIENT_HANDLER_SECTION_TITLE);
+  NSC_DEBUG_MSG_STD(_T("humm..."));
+  for (std::list<std::wstring>::const_iterator it = commands.begin(); it != commands.end(); ++it) {
+    NSC_DEBUG_MSG_STD(*it);
+    std::wstring s = NSCModuleHelper::getSettingsString(NRPE_CLIENT_HANDLER_SECTION_TITLE, (*it), _T(""));
+    if (s.empty()) {
+      NSC_LOG_ERROR_STD(_T("Invalid NRPE-client entry: ") + (*it));
+    } else {
+      addCommand((*it).c_str(), s);
+    }
+  }
   return true;
 }
+
+void NRPEClient::addCommand(strEx::blindstr key, std::wstring args) {
+  NSC_LOG_ERROR_STD(_T("Parsing: ") + args);
+  try {
+    boost::program_options::options_description desc = get_optionDesc();
+    boost::program_options::positional_options_description p = get_optionsPositional();
+
+    boost::program_options::variables_map vm;
+    boost::program_options::store(
+      basic_command_line_parser_ex<TCHAR>(args).options(desc).positional(p).run()
+      , vm);
+    boost::program_options::notify(vm); 
+    nrpe_connection_data cd = get_ConectionData(vm);
+    NSC_DEBUG_MSG_STD(_T("Parsed CLI for: ") + key.c_str() + _T(" = ") + cd.toString());
+    commands[key] = cd;
+  } catch (boost::program_options::validation_error &e) {
+    NSC_LOG_ERROR_STD(_T("Could not parse: ") + key.c_str() + strEx::string_to_wstring(e.what()));
+  } catch (...) {
+    NSC_LOG_ERROR_STD(_T("Could not parse: ") + key.c_str());
+  }
+}
+
 bool NRPEClient::unloadModule() {
   return true;
@@ -60 +92 @@
 NSCAPI::nagiosReturn NRPEClient::handleCommand(const strEx::blindstr command, const unsigned int argLen, TCHAR **char_args, std::wstring &message, std::wstring &perf)
 {
-  return 0;
-}
-
-
-
+  command_list::const_iterator cit = commands.find(command);
+  if (cit == commands.end())
+    return NSCAPI::returnIgnored;
+  nrpe_result_data r = execute_nrpe_command((*cit).second);
+  message = r.text;
+  return r.result;
+}
+
+
+boost::program_options::options_description NRPEClient::get_optionDesc() {
+  boost::program_options::options_description desc("Allowed options");
+  buffer_length_ = NSCModuleHelper::getSettingsInt(NRPE_SECTION_TITLE, NRPE_SETTINGS_STRLEN, NRPE_SETTINGS_STRLEN_DEFAULT);
+  desc.add_options()
+    ("help,h", "Show this help message.")
+    ("host,H", boost::program_options::wvalue<std::wstring>(), "The address of the host running the NRPE daemon")
+    ("port,p", boost::program_options::value<int>(), "The port on which the daemon is running (default=5666)")
+    ("command,c", boost::program_options::wvalue<std::wstring>(), "The name of the command that the remote daemon should run")
+    ("timeout,t", boost::program_options::value<int>(), "Number of seconds before connection times out (default=10)")
+    ("buffer-length,l", boost::program_options::value<int>(), std::string("Length of payload (has to be same as on the server (default=" + strEx::s::itos(buffer_length_) + ")").c_str())
+    ("no-ssl,n", "Do not initial an ssl handshake with the server, talk in plaintext.")
+    ("arguments,a", boost::program_options::wvalue<std::vector<std::wstring>>(), "list of arguments")
+    ;
+  return desc;
+}
+boost::program_options::positional_options_description NRPEClient::get_optionsPositional() {
+  boost::program_options::positional_options_description p;
+  p.add("arguments", -1);
+  return p;
+}
+NRPEClient::nrpe_connection_data NRPEClient::get_ConectionData(boost::program_options::variables_map &vm) {
+  nrpe_connection_data ret(buffer_length_);
+  if (vm.count("host"))
+    ret.host = vm["host"].as<std::wstring>();
+  if (vm.count("port"))
+    ret.port = vm["port"].as<int>();
+  if (vm.count("timeout"))
+    ret.timeout = vm["timeout"].as<int>();
+  if (vm.count("buffer-length"))
+    ret.buffer_length = vm["buffer-length"].as<int>();
+  if (vm.count("command"))
+    ret.command = vm["command"].as<std::wstring>();
+  if (vm.count("arguments")) {
+    std::vector<std::wstring> v = vm["arguments"].as<std::vector<std::wstring>>();
+    for (std::vector<std::wstring>::const_iterator cit = v.begin(); cit != v.end(); ++cit) {
+      if (!ret.arguments.empty())
+        ret.arguments += _T("!");
+      ret.arguments += *cit;
+    }
+  }
+  if (vm.count("no-ssl"))
+    ret.ssl = false;
+  return ret;
+}
 int NRPEClient::commandLineExec(const TCHAR* command, const unsigned int argLen, TCHAR** args) {
-    try {
-      boost::program_options::options_description desc("Allowed options");
-      buffer_length_ = NSCModuleHelper::getSettingsInt(NRPE_SECTION_TITLE, NRPE_SETTINGS_STRLEN, NRPE_SETTINGS_STRLEN_DEFAULT);
-      desc.add_options()
-        ("help,h", "Show this help message.")
-        ("host,H", boost::program_options::wvalue<std::wstring>(), "The address of the host running the NRPE daemon")
-        ("port,p", boost::program_options::value<int>(), "The port on which the daemon is running (default=5666)")
-        ("command,c", boost::program_options::wvalue<std::wstring>(), "The name of the command that the remote daemon should run")
-        ("timeout,t", boost::program_options::value<int>(), "Number of seconds before connection times out (default=10)")
-        ("buffer-length,l", boost::program_options::value<int>(), std::string("Length of payload (has to be same as on the server (default=" + strEx::s::itos(buffer_length_) + ")").c_str())
-        ("no-ssl,n", "Do not initial an ssl handshake with the server, talk in plaintext.")
-        ("arguments,a", boost::program_options::wvalue<std::vector<std::wstring>>(), "list of arguments")
-        ;
-      boost::program_options::positional_options_description p;
-      p.add("arguments", -1);
-      
-      boost::program_options::variables_map vm;
-      boost::program_options::store(
-        basic_command_line_parser_ex<TCHAR>(command, argLen, args).options(desc).positional(p).run()
-        , vm);
-      boost::program_options::notify(vm);    
-
-      if (vm.count("help")) {
-        std::cout << desc << "\n";
-        return 1;
-      }
-      std::wstring host = _T("localhost");
-      std::wstring command;
-      std::wstring arguments;
-      int port = 5666;
-      int timeout = 10;
-      bool ssl = true;
-
-      if (vm.count("host"))
-        host = vm["host"].as<std::wstring>();
-      if (vm.count("port"))
-        port = vm["port"].as<int>();
-      if (vm.count("timeout"))
-        timeout = vm["timeout"].as<int>();
-      if (vm.count("buffer-length"))
-        buffer_length_ = vm["buffer-length"].as<int>();
-      if (vm.count("command"))
-        command = vm["command"].as<std::wstring>();
-      if (vm.count("arguments")) {
-        std::vector<std::wstring> v = vm["arguments"].as<std::vector<std::wstring>>();
-        for (std::vector<std::wstring>::const_iterator cit = v.begin(); cit != v.end(); ++cit) {
-          if (!arguments.empty())
-            arguments += _T("!");
-          arguments += *cit;
-        }
-      }
-      if (vm.count("no-ssl"))
-        ssl = false;
-      return execute_nrpe_command(host, port, ssl, timeout, command, arguments);
-    } catch (boost::program_options::validation_error &e) {
-      std::cout << e.what() << std::endl;
-    } catch (...) {
-      std::cout << "Unknown exception parsing command line" << std::endl;
+  try {
+    boost::program_options::options_description desc = get_optionDesc();
+    boost::program_options::positional_options_description p = get_optionsPositional();
+    
+    boost::program_options::variables_map vm;
+    boost::program_options::store(
+      basic_command_line_parser_ex<TCHAR>(command, argLen, args).options(desc).positional(p).run()
+      , vm);
+    boost::program_options::notify(vm);    
+
+    if (vm.count("help")) {
+      std::cout << desc << "\n";
+      return 1;
     }
-  return 0;
-}
-int NRPEClient::execute_nrpe_command(std::wstring host, int port, bool ssl, int timeout, std::wstring command, std::wstring arguments) {
+
+    nrpe_result_data result = execute_nrpe_command(get_ConectionData(vm));
+    std::wcout << result.text << std::endl;
+    return result.result;
+  } catch (boost::program_options::validation_error &e) {
+    std::cout << e.what() << std::endl;
+  } catch (...) {
+    std::cout << "Unknown exception parsing command line" << std::endl;
+  }
+  return NSCAPI::returnUNKNOWN;
+}
+NRPEClient::nrpe_result_data NRPEClient::execute_nrpe_command(nrpe_connection_data con) {
   try {
-    std::wstring cmd = command;
-    if (cmd.empty())
-      cmd = _T("_NRPE_CHECK");
-    if (!arguments.empty())
-      cmd += _T("!") + arguments;
     NRPEPacket packet;
-    if (ssl)
-      packet = send_ssl(host, port, timeout, NRPEPacket::make_request(cmd, buffer_length_));
+    if (con.ssl)
+      packet = send_ssl(con.host, con.port, con.timeout, NRPEPacket::make_request(con.get_cli(), con.buffer_length));
     else
-      packet = send_nossl(host, port, timeout, NRPEPacket::make_request(cmd, buffer_length_));
-    std::wcout << packet.getPayload() << std::endl;
-    return packet.getResult();
+      packet = send_nossl(con.host, con.port, con.timeout, NRPEPacket::make_request(con.get_cli(), con.buffer_length));
+    return nrpe_result_data(packet.getResult(), packet.getPayload());
   } catch (simpleSocket::SocketException &e) {
-    std::wcout << _T("whoops...") << e.getMessage() <<  std::endl;
+    return nrpe_result_data(NSCAPI::returnUNKNOWN, _T("Socket error: ") + e.getMessage());
   } catch (simpleSSL::SSLException &e) {
-    std::wcout << _T("whoops...") << e.getMessage() <<  std::endl;
+    return nrpe_result_data(NSCAPI::returnUNKNOWN, _T("SSL Socket error: ") + e.getMessage());
   } catch (...) {
-    std::cout << "whoops..." << std::endl;
-  }
-  return NSCAPI::returnUNKNOWN;
+    return nrpe_result_data(NSCAPI::returnUNKNOWN, _T("Unknown error"));
+  }
 }
 NRPEPacket NRPEClient::send_ssl(std::wstring host, int port, int timeout, NRPEPacket packet)
@@ -174 +211 @@
 
 
-NRPEPacket NRPEClient::handlePacket(NRPEPacket p) {
-  if (p.getType() != NRPEPacket::queryPacket) {
-    NSC_LOG_ERROR(_T("Request is not a query."));
-    throw NRPEException(_T("Invalid query type"));
-  }
-  if (p.getVersion() != NRPEPacket::version2) {
-    NSC_LOG_ERROR(_T("Request had unsupported version."));
-    throw NRPEException(_T("Invalid version"));
-  }
-  if (!p.verifyCRC()) {
-    NSC_LOG_ERROR(_T("Request had invalid checksum."));
-    throw NRPEException(_T("Invalid checksum"));
-  }
-  strEx::token cmd = strEx::getToken(p.getPayload(), '!');
-  if (cmd.first == _T("_NRPE_CHECK")) {
-    return NRPEPacket(NRPEPacket::responsePacket, NRPEPacket::version2, NSCAPI::returnOK, _T("I (") SZVERSION _T(") seem to be doing fine..."), buffer_length_);
-  }
-  std::wstring msg, perf;
-
-  if (NSCModuleHelper::getSettingsInt(NRPE_SECTION_TITLE, NRPE_SETTINGS_ALLOW_ARGUMENTS, NRPE_SETTINGS_ALLOW_ARGUMENTS_DEFAULT) == 0) {
-    if (!cmd.second.empty()) {
-      NSC_LOG_ERROR(_T("Request contained arguments (not currently allowed, check the allow_arguments option)."));
-      throw NRPEException(_T("Request contained arguments (not currently allowed, check the allow_arguments option)."));
-    }
-  }
-  if (NSCModuleHelper::getSettingsInt(NRPE_SECTION_TITLE, NRPE_SETTINGS_ALLOW_NASTY_META, NRPE_SETTINGS_ALLOW_NASTY_META_DEFAULT) == 0) {
-    if (cmd.first.find_first_of(NASTY_METACHARS) != std::wstring::npos) {
-      NSC_LOG_ERROR(_T("Request command contained illegal metachars!"));
-      throw NRPEException(_T("Request command contained illegal metachars!"));
-    }
-    if (cmd.second.find_first_of(NASTY_METACHARS) != std::wstring::npos) {
-      NSC_LOG_ERROR(_T("Request arguments contained illegal metachars!"));
-      throw NRPEException(_T("Request command contained illegal metachars!"));
-    }
-  }
-
-  NSCAPI::nagiosReturn ret = -3;
-  try {
-    ret = NSCModuleHelper::InjectSplitAndCommand(cmd.first, cmd.second, '!', msg, perf);
-  } catch (...) {
-    return NRPEPacket(NRPEPacket::responsePacket, NRPEPacket::version2, NSCAPI::returnUNKNOWN, _T("UNKNOWN: Internal exception"), buffer_length_);
-  }
-  switch (ret) {
-    case NSCAPI::returnInvalidBufferLen:
-      msg = _T("UNKNOWN: Return buffer to small to handle this command.");
-      ret = NSCAPI::returnUNKNOWN;
-      break;
-    case NSCAPI::returnIgnored:
-      msg = _T("UNKNOWN: No handler for that command");
-      ret = NSCAPI::returnUNKNOWN;
-      break;
-    case NSCAPI::returnOK:
-    case NSCAPI::returnWARN:
-    case NSCAPI::returnCRIT:
-    case NSCAPI::returnUNKNOWN:
-      break;
-    default:
-      msg = _T("UNKNOWN: Internal error.");
-      ret = NSCAPI::returnUNKNOWN;
-  }
-  if (msg.length() > buffer_length_) {
-    NSC_LOG_ERROR(_T("Truncating returndata as it is bigger then NRPE allowes :("));
-    msg = msg.substr(0,buffer_length_-1);
-  }
-  if (perf.empty()||noPerfData_) {
-    return NRPEPacket(NRPEPacket::responsePacket, NRPEPacket::version2, ret, msg, buffer_length_);
-  } else {
-    return NRPEPacket(NRPEPacket::responsePacket, NRPEPacket::version2, ret, msg + _T("|") + perf, buffer_length_);
-  }
-}
+
 
 NSC_WRAPPERS_MAIN_DEF(gNRPEClient);

modules/NRPEClient/NRPEClient.h

@@ -25 +25 @@
 #include <map>
 #include <nrpe/NRPEPacket.hpp>
+#include <boost/program_options.hpp>
+
 
 class NRPEClient {
@@ -31 +33 @@
     inject, script, script_dir,
   } command_type;
-  struct command_data {
-    command_data() : type(inject) {}
-    command_data(command_type type_, std::wstring arguments_) : type(type_), arguments(arguments_) {}
-    command_type type;
+  struct nrpe_connection_data {
+    std::wstring host;
+    std::wstring command;
     std::wstring arguments;
+    std::wstring command_line;
+    int port;
+    int timeout;
+    unsigned int buffer_length;
+    bool ssl;
+    nrpe_connection_data(unsigned int buffer_length_ = 1024) 
+      : host(_T("localhost")), 
+      port(5666), 
+      timeout(10), 
+      ssl(true), 
+      buffer_length(buffer_length_) 
+    {}
+    std::wstring get_cli() {
+      if (command_line.empty()) {
+        command_line = command;
+        if (command_line.empty())
+          command_line = _T("_NRPE_CHECK");
+        if (!arguments.empty())
+          command_line += _T("!") + arguments;
+      }
+      return command_line;
+    }
+    std::wstring toString() {
+      std::wstringstream ss;
+      ss << _T("host: ") << host;
+      ss << _T(", port: ") << port;
+      ss << _T(", timeout: ") << timeout;
+      ss << _T(", ssl: ") << ssl;
+      ss << _T(", buffer_length: ") << buffer_length;
+      return ss.str();
+    }
   };
-  bool bUseSSL_;
-  simpleSSL::Listener socket_ssl_;
-  simpleSocket::Listener<> socket_;
-  typedef std::map<strEx::blindstr, command_data> command_list;
+  struct nrpe_result_data {
+    nrpe_result_data() {}
+    nrpe_result_data(int result_, std::wstring text_) : result(result_), text(text_) {}
+    std::wstring text;
+    int result;
+  };
+  typedef std::map<strEx::blindstr, nrpe_connection_data> command_list;
   command_list commands;
-  unsigned int timeout;
-  unsigned int socketTimeout_;
-  socketHelpers::allowedHosts allowedHosts;
-  bool noPerfData_;
-  std::wstring scriptDirectory_;
   unsigned int buffer_length_;
 
@@ -65 +95 @@
   }
   std::wstring getModuleDescription() {
-    return _T("A simple server that listens for incoming NRPE connection and handles them.\nNRPE is preferred over NSClient as it is more flexible. You can of cource use both NSClient and NRPE.");
+    return _T("A simple client for NRPE.");
   }
 
@@ -75 +105 @@
 
 private:
-  int execute_nrpe_command(std::wstring host, int port, bool ssl, int timeout, std::wstring command, std::wstring arguments);
+  nrpe_result_data  execute_nrpe_command(nrpe_connection_data con);
   NRPEPacket send_nossl(std::wstring host, int port, int timeout, NRPEPacket packet);
   NRPEPacket send_ssl(std::wstring host, int port, int timeout, NRPEPacket packet);
-  class NRPEException {
-    std::wstring error_;
-  public:
-/*    NRPESocketException(simpleSSL::SSLException e) {
-      error_ = e.getMessage();
-    }
-    NRPEException(NRPEPacket::NRPEPacketException e) {
-      error_ = e.getMessage();
-    }
-    */
-    NRPEException(std::wstring s) {
-      error_ = s;
-    }
-    std::wstring getMessage() {
-      return error_;
-    }
-  };
+
+  boost::program_options::options_description NRPEClient::get_optionDesc();
+  boost::program_options::positional_options_description NRPEClient::get_optionsPositional();
+  nrpe_connection_data NRPEClient::get_ConectionData(boost::program_options::variables_map &vm);
 
 
 private:
-
-
-  NRPEPacket handlePacket(NRPEPacket p);
-  void addCommand(command_type type, strEx::blindstr key, std::wstring args = _T("")) {
-    addCommand(key, command_data(type, args));
-  }
-  void addCommand(strEx::blindstr key, command_data args) {
-    commands[key] = args;
-  }
+  void addCommand(strEx::blindstr key, std::wstring args);
 
 };

modules/NSCAAgent/NSCAAgent.cpp

@@ -57 +57 @@
  */
 bool NSCAAgent::loadModule() {
-  //pdhThread.createThread();
-  //std::list<std::wstring> checks = NSCModuleHelper::getSettingsSection(NSCA_CMD_SECTION_TITLE);
-  //int interval = NSCModuleHelper::getSettingsInt(NSCA_AGENT_SECTION_TITLE, NSCA_INTERVAL, NSCA_INTERVAL_DEFAULT);
   int e_threads = NSCModuleHelper::getSettingsInt(NSCA_AGENT_SECTION_TITLE, NSCA_DEBUG_THREADS, NSCA_DEBUG_THREADS_DEFAULT);
 
-  for (int i=1;i<e_threads;i++) {
+  for (int i=0;i<e_threads;i++) {
     std::wstring id = _T("nsca_t_") + strEx::itos(i);
     NSCAThreadImpl *thread = new NSCAThreadImpl(id);