Fix for SSL errors on Solaris 8

Changelog

@@ -6,6 +6,7 @@ NRPE Changelog
 2.5 - ??/??/2006
 ----------------
 - (Re)added allowed_hosts option for systems that don't support TCP wrappers
+- Fix for SSL errors under Solaris 8 (Niels Endres)
 
 
 2.4 - 02/22/2006

configure

@@ -1296,7 +1296,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu
 PKG_NAME=nrpe
 PKG_VERSION="2.5"
 PKG_HOME_URL="http://www.nagios.org/"
-PKG_REL_DATE="02-28-2006"
+PKG_REL_DATE="03-21-2006"
 
 ac_aux_dir=
 for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do

configure.in

@@ -11,7 +11,7 @@ AC_PREFIX_DEFAULT(/usr/local/nagios)
 PKG_NAME=nrpe
 PKG_VERSION="2.5"
 PKG_HOME_URL="http://www.nagios.org/"
-PKG_REL_DATE="02-28-2006"
+PKG_REL_DATE="03-21-2006"
 
 dnl Figure out how to invoke "install" and what install options to use.
 AC_PROG_INSTALL

include/common.h

@@ -24,7 +24,7 @@
 #include "config.h"
 
 #define PROGRAM_VERSION "2.5"
-#define MODIFICATION_DATE "02-28-2006"
+#define MODIFICATION_DATE "03-21-2006"
 
 #define OK		0
 #define ERROR		-1

include/dh.h

@@ -4,12 +4,12 @@
 DH *get_dh512()
 	{
 	static unsigned char dh512_p[]={
-		0xFB,0x08,0x25,0x3A,0x54,0x60,0x09,0xB0,0xEB,0xCE,0x3C,0xDD,
-		0x35,0x82,0x5F,0xA3,0xBD,0x55,0xB6,0x5B,0xB6,0x7B,0x0C,0xD0,
-		0xAC,0x70,0x50,0xFE,0x06,0xFA,0xA8,0xF5,0xE3,0x89,0x88,0x5F,
-		0xFA,0x71,0x4E,0x63,0x65,0x31,0x03,0x2F,0x8E,0x35,0xE1,0x97,
-		0x05,0x0C,0xBE,0xA0,0xB9,0xC3,0x42,0x97,0x94,0xB0,0x4D,0x33,
-		0x31,0xBC,0xA2,0x9B,
+		0xC4,0xA5,0x12,0x8D,0x07,0x6B,0x7C,0x00,0x1A,0x5E,0xFE,0xF5,
+		0xA8,0x36,0x55,0xBB,0xBD,0x23,0x69,0x76,0x34,0xA0,0x36,0x79,
+		0x15,0x70,0x22,0xFF,0xAB,0xA8,0x8F,0xAF,0x7B,0x4C,0x9F,0xAB,
+		0x16,0x7D,0xB6,0x92,0x51,0xE6,0x0C,0x50,0x39,0xCB,0x92,0x92,
+		0x29,0x24,0x03,0x32,0xC7,0x26,0x26,0x36,0xA5,0x10,0x35,0x42,
+		0x7B,0xA6,0x0F,0x33,
 		};
 	static unsigned char dh512_g[]={
 		0x02,

src/check_nrpe.c

@@ -4,7 +4,7 @@
  * Copyright (c) 1999-2006 Ethan Galstad (nagios@nagios.org)
  * License: GPL
  *
- * Last Modified: 02-28-2006
+ * Last Modified: 03-21-2006
  *
  * Command line: CHECK_NRPE -H <host_address> [-p port] [-c command] [-to to_sec]
  *

src/nrpe.c

@@ -4,7 +4,7 @@
  * Copyright (c) 1999-2006 Ethan Galstad (nagios@nagios.org)
  * License: GPL
  *
- * Last Modified: 02-28-2006
+ * Last Modified: 03-21-2006
  *
  * Command line: nrpe -c <config_file> [--inetd | --daemon]
  *
@@ -974,7 +974,11 @@ void handle_connection(int sock){
 	if(result==STATE_OK && use_ssl==TRUE){
 		if((ssl=SSL_new(ctx))!=NULL){
 			SSL_set_fd(ssl,sock);
-			if((rc=SSL_accept(ssl))!=1){
+
+			/* keep attempting the request if needed */
+                        while(((rc=SSL_accept(ssl))!=1) && (SSL_get_error(ssl,rc)==SSL_ERROR_WANT_READ));
+
+			if(rc!=1){
 				syslog(LOG_ERR,"Error: Could not complete SSL handshake. %d\n",SSL_get_error(ssl,rc));
 #ifdef DEBUG
 				errfp=fopen("/tmp/err.log","w");
@@ -1000,8 +1004,9 @@ void handle_connection(int sock){
 	if(use_ssl==FALSE)
 		rc=recvall(sock,(char *)&receive_packet,&bytes_to_recv,socket_timeout);
 #ifdef HAVE_SSL
-	else
-		rc=SSL_read(ssl,&receive_packet,bytes_to_recv);
+	else{
+                while(((rc=SSL_read(ssl,&receive_packet,bytes_to_recv))<=0) && (SSL_get_error(ssl,rc)==SSL_ERROR_WANT_READ));
+		}
 #endif
 
 	/* recv() error or client disconnect */