فهرست منبع

Bug fixes for random seed weakness and non-blocking accept()s

Ethan Galstad 20 سال پیش
والد
کامیت
03286023d6
3فایلهای تغییر یافته به همراه26 افزوده شده و 29 حذف شده
  1. 2 0
      Changelog
  2. 6 6
      include/dh.h
  3. 18 23
      src/nrpe.c

+ 2 - 0
Changelog

@@ -7,6 +7,8 @@ NRPE Changelog
 ------------------
 - Fixed incorrect service name in sample xinetd config file
 - Added note on how to restart inetd for OpenBSD users (Robert Peaslee)
+- Fix for nonblocking accept()s on systems that define EAGAIN differently than EWOULDBLOCK (Gerhard Lausser)
+- Fix to (re)allow week random seed (Gerhard Lausser)
 
 
 2.5.1 - 04/09/2006

+ 6 - 6
include/dh.h

@@ -4,12 +4,12 @@
 DH *get_dh512()
 	{
 	static unsigned char dh512_p[]={
-		0xEC,0xC9,0x9D,0xB4,0x77,0x0B,0x31,0xC3,0xEF,0xE7,0xEC,0xEE,
-		0x32,0xA5,0xED,0x4E,0x09,0xD3,0x78,0xDA,0xB2,0x62,0x82,0xA5,
-		0xF9,0xCE,0x6E,0x65,0x23,0x71,0x18,0x9B,0x78,0x41,0x37,0xA1,
-		0x6C,0xCB,0x2F,0xEF,0x2A,0x41,0x21,0x76,0x64,0x55,0xF7,0xFB,
-		0x6B,0xB5,0x98,0xB6,0x10,0x20,0xB8,0x29,0x2C,0xD4,0x4C,0x49,
-		0x58,0xB7,0x21,0x73,
+		0xDD,0xFE,0xAB,0x05,0xB7,0x0F,0xD8,0xDA,0x6D,0xAD,0x7C,0xD8,
+		0x5D,0x9E,0xE9,0xE6,0x79,0x28,0x19,0xE7,0xAA,0xA9,0x56,0xD1,
+		0xDE,0x11,0xD0,0x89,0x8D,0x63,0x2D,0xB1,0xDD,0x29,0x4F,0x83,
+		0x7A,0xAB,0x85,0xAA,0xE8,0xB7,0x4D,0x4F,0x8E,0x16,0x90,0xA3,
+		0xBD,0x55,0x57,0xE8,0x21,0x77,0xE9,0x5D,0x87,0x5C,0xF1,0xFA,
+		0x81,0xC0,0xD5,0xF3,
 		};
 	static unsigned char dh512_g[]={
 		0x02,

+ 18 - 23
src/nrpe.c

@@ -4,7 +4,7 @@
  * Copyright (c) 1999-2006 Ethan Galstad (nagios@nagios.org)
  * License: GPL
  *
- * Last Modified: 04-09-2006
+ * Last Modified: 04-28-2006
  *
  * Command line: nrpe -c <config_file> [--inetd | --daemon]
  *
@@ -175,6 +175,15 @@ int main(int argc, char **argv){
 		config_file[sizeof(config_file)-1]='\x0';
 	        }
 
+	/* read the config file */
+	result=read_config_file(config_file);	
+
+	/* exit if there are errors... */
+	if(result==ERROR){
+		syslog(LOG_ERR,"Config file '%s' contained errors, aborting...",config_file);
+		return STATE_CRITICAL;
+		}
+
         /* generate the CRC 32 table */
         generate_crc32_table();
 
@@ -235,15 +244,6 @@ int main(int argc, char **argv){
 	/* if we're running under inetd... */
 	if(use_inetd==TRUE){
 
-		/* read the config file */
-		result=read_config_file(config_file);	
-
-		/* exit if there are errors... */
-		if(result==ERROR){
-			syslog(LOG_ERR,"Config file '%s' contained errors, bailing out...",config_file);
-			return STATE_CRITICAL;
-		        }
-
 		/* make sure we're not root */
 		check_privileges();
 
@@ -282,15 +282,6 @@ int main(int argc, char **argv){
 		/* log info to syslog facility */
 		syslog(LOG_NOTICE,"Starting up daemon");
 
-		/* read the config file */
-		result=read_config_file(config_file);	
-
-		/* exit if there are errors... */
-		if(result==ERROR){
-			syslog(LOG_ERR,"Config file '%s' contained errors, bailing out...",config_file);
-			return STATE_CRITICAL;
-		        }
-
 		/* write pid file */
 		if(write_pid_file()==ERROR)
 			return STATE_CRITICAL;
@@ -716,10 +707,6 @@ void wait_for_connections(void){
 			/* some kind of error occurred... */
 			if(new_sd<0){
 
-				/* fix for HP-UX 11.0 - just retry */
-				if(errno==ENOBUFS)
-					continue;
-
 				/* bail out if necessary */
 				if(sigrestart==TRUE || sigshutdown==TRUE)
 					break;
@@ -728,6 +715,14 @@ void wait_for_connections(void){
 				if(errno==EWOULDBLOCK || errno==EINTR)
 					continue;
 
+				/* socket is nonblocking and we don't have a connection yet */
+				if(errno==EAGAIN)
+					continue;
+
+				/* fix for HP-UX 11.0 - just retry */
+				if(errno==ENOBUFS)
+					continue;
+
 				/* else handle the error later */
 				break;
 			        }