Closed hariwe closed 4 years ago
Same "problem" here. The log files are flooded with these messages. OS: RHEL 7
Are you using version 4 for both the daemon and for check_nrpe? In my testing, that log message only appears if you use 3.x and 4.x together.
Yes, I'm using version 4 for both of them.
I am also using both (nrpe & check_nrpe) in version 4.
Compiling: ./configure --with-nrpe-user=nagios --with-nrpe-group=nagios --with-nagios-user=root --with-nagios-group=nagios --disable-command-args --disable-bash-command-substitution make all
./check_nrpe_v4 -H
check_nrpe.config contains: --client-cert=/etc/pki/tls/certs/server.crt --key-file=/etc/pki/tls/private/server.key --ca-cert-file=/etc/pki/tls/certs/ca.crt
nrpe.cfg: server_port=5666 nrpe_user=nagios nrpe_group=nagios debug=0 command_timeout=60 allow_bash_command_substitution=0 dont_blame_nrpe=0 ssl_logging=0x00 ssl_privatekey_file=/etc/pki/tls/private/nrpe.key ssl_cert_file=/etc/pki/tls/certs/nrpe.crt ssl_cacert_file=/etc/pki/tls/certs/ca.crt ssl_cipher_list=AES256-GCM-SHA384 ssl_version=TLSv1.2+ ssl_use_adh=0 ssl_client_certs=2
I hope this helps.
Debug output of "nrpe".
Jan 22 14:08:41
SELinux was permissive, so this should not be the problem.
The pkt_size
seems to differ between check_nrpe
& nrpe
, adding some debug logging to send_request()
in check_nrpe.c
and validate_request()
in nrpe.c
shows:
Jan 22 15:20:35 foobar check_nrpe: v3 - crc32_value: 658913308, pkt_size: 1036
Jan 22 15:20:35 foobar nrpe[5807]: v3 - crc32_value: 0, calculated_crc32: 4151722210, pkt_size: 1033
...
Jan 22 15:20:35 foobar check_nrpe: v2 - crc32_value: 1923810245, pkt_size: 1036
Jan 22 15:20:35 foobar nrpe[5809]: v2 - crc32_value: 0, calculated_crc32: 3305352050, pkt_size: 1036
For v2 packets the size is the same in check_nrpe & nrpe.
Adding the 3 missing bytes to pkt_size
helps, but it causes check_nrpe to segfault in read_response()
:
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x000055555555a3ed in read_response () at ./check_nrpe.c:1387
1387 result = ntohs(v2_receive_packet->result_code);
(gdb) bt full
#0 0x000055555555a3ed in read_response () at ./check_nrpe.c:1387
v2_receive_packet = 0x0
v3_receive_packet = 0x55555559ce30
packet_crc32 = 3179841556
calculated_crc32 = 3179841556
pkt_size = 27
buffer_size = 11
rc = 16
result = 1431940256
#1 0x00005555555579ba in main (argc=4, argv=0x7fffffffdf98) at ./check_nrpe.c:177
result = 0
I was able to reproduce the issue as well. Thanks for the extra info @sebastic. It looks like I missed a spot when updating the buffer lengths for the new version, and a version check as well near the end of the program.
Compiling from the pull request just above, do any of you continue to have issues?
Looking good with the changes from #225 applied:
Jan 22 20:19:10 foobar nrpe[8305]: CONN_CHECK_PEER: checking if host is allowed: 127.0.0.1 port 30345
Jan 22 20:19:10 foobar nrpe[8305]: Connection from 127.0.0.1 port 30345
Jan 22 20:19:10 foobar nrpe[8305]: is_an_allowed_host (AF_INET): is host >127.0.0.1< an allowed host >127.0.0.1<
Jan 22 20:19:10 foobar nrpe[8305]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 22 20:19:10 foobar nrpe[8305]: Host address is in allowed_hosts
Jan 22 20:19:10 foobar nrpe[8305]: Host 127.0.0.1 is asking for command '_NRPE_CHECK' to be run...
Jan 22 20:19:10 foobar nrpe[8305]: Response to 127.0.0.1: NRPE v4.0.0
Jan 22 20:19:10 foobar nrpe[8305]: Return Code: 0, Output: NRPE v4.0.0
Jan 22 20:19:10 foobar nrpe[8305]: Connection from 127.0.0.1 closed.
Looking also fine for me with the changes applied from above.
Affects version: 4.0.0 OS: RHEL7
With nrpe 4.0.0 (used for check_nrpe and nrpe daemon) I always get following errors in the logs:
The version 2 request afterwards is working fine. I do not see this issue with version 3.2.1