head	1.5;
access;
symbols
	pkgsrc-2013Q2:1.5.0.10
	pkgsrc-2013Q2-base:1.5
	pkgsrc-2012Q4:1.5.0.8
	pkgsrc-2012Q4-base:1.5
	pkgsrc-2011Q4:1.5.0.6
	pkgsrc-2011Q4-base:1.5
	pkgsrc-2011Q2:1.5.0.4
	pkgsrc-2011Q2-base:1.5
	pkgsrc-2009Q4:1.5.0.2
	pkgsrc-2009Q4-base:1.5
	pkgsrc-2009Q3:1.4.0.6
	pkgsrc-2009Q3-base:1.4
	pkgsrc-2009Q2:1.4.0.4
	pkgsrc-2009Q2-base:1.4
	pkgsrc-2009Q1:1.4.0.2
	pkgsrc-2009Q1-base:1.4
	pkgsrc-2008Q4:1.3.0.10
	pkgsrc-2008Q4-base:1.3
	pkgsrc-2008Q3:1.3.0.8
	pkgsrc-2008Q3-base:1.3
	cube-native-xorg:1.3.0.6
	cube-native-xorg-base:1.3
	pkgsrc-2008Q2:1.3.0.4
	pkgsrc-2008Q2-base:1.3
	cwrapper:1.3.0.2
	pkgsrc-2008Q1:1.1.0.2
	pkgsrc-2008Q1-base:1.1;
locks; strict;
comment	@# @;


1.5
date	2009.12.15.18.59.54;	author bouyer;	state dead;
branches;
next	1.4;

1.4
date	2009.03.24.19.54.54;	author bouyer;	state Exp;
branches;
next	1.3;

1.3
date	2008.06.08.14.08.47;	author tonnerre;	state Exp;
branches;
next	1.2;

1.2
date	2008.05.27.21.22.03;	author tonnerre;	state dead;
branches;
next	1.1;

1.1
date	2008.03.22.14.52.21;	author tonnerre;	state Exp;
branches;
next	;


desc
@@


1.5
log
@Update nagios plugins to 1.4.14. Changes since 1.4.13:
This is a bug fix release, which includes some important fixes to --extra-opts (a way of specifying command line options within files).
* check_http has options to specify the HTTP method (#2155152)
* check_users thresholds were not working exactly as documented (>= rather
  than >)
@
text
@$NetBSD: patch-aa,v 1.4 2009/03/24 19:54:54 bouyer Exp $

--- lib/utils_base.c.orig	2008-03-11 01:10:23.000000000 +0100
+++ lib/utils_base.c	2009-03-23 12:39:57.000000000 +0100
@@@@ -104,7 +104,7 @@@@
 {
 	thresholds *temp_thresholds = NULL;
 
-	temp_thresholds = malloc(sizeof(temp_thresholds));
+	temp_thresholds = malloc(sizeof(*temp_thresholds));
 
 	temp_thresholds->warning = NULL;
 	temp_thresholds->critical = NULL;
@


1.4
log
@Update nagios-plugins and nagios-plugin-{ldap,pgsql,mysql,radius,snmp}
to 1.4.13. Approved by tonnerre@@

main CHANGES since 1.4.11:
- lots of bug fixes
- Added ./check_nt -v INSTANCES to count number of instances (Alessandro Ren)
- New check_icmp -s option to specify the source IP address
- check_dns now sorts addresses for testing results for more than one
  returned IP (Matthias Urlichs)
- check_disk should now work with large file systems (2TB+) on all archs
  that supports it
- check_ntp_peer now checks for the LI_ALARM flag
- check_procs now accepts --ereg-argument-array for a regular expression
  match to the argument array
- check_dig can now pass arguments to dig by using -A/--dig-arguments
- check_dns now allow to repeat -a to match multiple possibly returned address
  (common with load balancers)
- check_mysql and check_radius now try clearing password in processlist
  just like check_mysql_query
- check_mysql and check_mysql_query now support sockets explicitely
  (-s, --socket)
- negate now has the ability to replace the status text as well
  (-s, --substitute)
- Added performance data to check_ping (Christian Schneemann)
- On non-skipped stderr, check_by_ssh now returns UNKNOWN or worse
  (result from command) instead of always UNKNOWN.
- check_dig now returns CRITICAL instead of WARNING when no answer section
  is found
- check_procs now captures stderr in external command and adds to plugin output
- check_snmp now only prints perfdata for non numeric values (#1867716)
- check_icmp now supports packet size modification
- check_http -e now accepts a comma-delimited list of expected status
  codes (Sven Nierlein)
- check_ntp_peer/check_ntp_time used to show port in --help but ignored
  the argument - now implemented
@
text
@d1 1
a1 1
$NetBSD: patch-aa,v 1.3 2008/06/08 14:08:47 tonnerre Exp $
@


1.3
log
@Remove some broken malloc logic from the nagios-plugins library.
Discovered and patch provided by Wolfgang Solfrank.
@
text
@d1 1
a1 1
$NetBSD$
d3 3
a5 3
--- lib/utils_base.c.orig	2007-07-29 14:42:05.000000000 +0200
+++ lib/utils_base.c
@@@@ -89,7 +89,7 @@@@ _set_thresholds(thresholds **my_threshol
a13 13
@@@@ -105,10 +105,9 @@@@ _set_thresholds(thresholds **my_threshol
 		}
 	}
 
-	if (*my_thresholds > 0) {	/* Not sure why, but sometimes could be -1 */
-		/* printf("Freeing here: %d\n", *my_thresholds); */
+	if (*my_thresholds)
 		free(*my_thresholds);
-	}
+
 	*my_thresholds = temp_thresholds;
 
 	return 0;
@


1.2
log
@Update the nagios-plugins package to version 1.4.11. This fixes various
crashes on various architectures and system, such as, for example,
the check_icmp bus error on sparc64.

Changes in 1.4.4:
 - check_ntp is now written in C instead of Perl.
 - check_disk bugfixes.
 - check_udp2, check_udp and check_tcp are now united.
 - check_mailq now reports mailq errors better.
 - check_snmp now compiles with a sane amount of effort.

Changes in 1.4.5:
 - Fixed bug in perl's is_hostname routine.

Changes in 1.4.6:
 - check_ping and netutils.c now do less DNS lookups.
 - alloca.h related compile fixes.
 - check_swap now works on Solaris too.
 - check_disk perf data can now be monitored.
 - check_procs had a buffer overflow.
 - Fixed UNIX socket error handling.
 - check_by_ssh now can pass -q and -o to ssh.
 - GNUlib sync.
 - check_jabber can now return things different from a warning.

Changes in 1.4.7:
 - check_procs uses /usr/ucb/ps on Solaris which fixes pst3 problems.
 - check_smtp does a non-broken HELO now.
 - check_icmp can now have a minimum number of required hosts and also
   works if running for a long time on BSDs.
 - check_ping timeout reduced.
 - Everybody can now execute SUID check plugins unless indicated otherwise
   to configure.

Changes in 1.4.8:
 - check_disk now has an extra option for regex matching and grouping of FSes.
 - check_ntp various fixes.

Changes in 1.4.9:
 - New plugin check_cluster (not built by pkgsrc).
 - check_by_ssh now has improved stderr/stdout handling options (-E/-S).
 - check_ldap, check_radius and check_pgsql compile fixes.
 - check_snmp 64-bit counter support.
 - Better underflow checking for check_time.
 - check_http output is more consistent now.
 - check_http HTTP redirect segfault fixes.
 - check_tcp doesn't segfault anymore when multiple expect strings are given.
 - check_tcp now supports -A to check if all expect strings match.

Changes in 1.4.10:
 - check_http redirect buffer overflow vulnerability fixed (was fixed
   in pkgsrc before).
 - check_http now shuts down HTTP/1.1 keepalive connections cleanly.
 - check_ldaps doesn't guess anymore whether to use SSL or STARTTLS.
 - check_disk now calls stat on all file systems.
 - check_disk now supports the -L flag for local file system checks.
 - check_disk now supports -i/-I for ignoring paths/partitions by regex.
 - check_disk now supports -A to select all file systems explicitly.
 - check_disk now needs to have the -E flag passed before -p or -r/-R.
 - check_disk is no longer buggy when case sensitive and insensitive regexes
   are mixed.
 - check_dhcp now supports -u (unicast) to emulate a relay.
 - check_dhcp now lets you specify the MAC address in the request using -m.
 - check_dhcp -r and -s options now accept host names.
 - check_icmp no longer bus errors on various platforms.
 - check_smtp now handles multiple-packet server responses properly.
 - Negate command line options are no longer evaluated twice by the shell.
 - Negate commands to be run must now be fully qualified.
 - Negate can now remap custom states.
 - check_radius now supports radius-client-ng (was already in pkgsrc).
 - check_by_ssh now supports multiline output.
 - check_ntp now honors ntp flags.

Changes in 1.4.10:
 - check_ntp returns UNKNOWN rather than WARNING if no jitter is available.
 - check_cluster now accept all valid characters in its thresholds.
 - check_ntp is now deprecated in favor of check_ntp_peer and check_ntp_time.
 - check_disk no longer reports OK if disk usage exceeds 100%.
 - check_load handles non-triplet arguments correctly now.
 - Nagios::Plugin updated to 0.22.
@
text
@d1 1
a1 1
$NetBSD: patch-aa,v 1.1 2008/03/22 14:52:21 tonnerre Exp $
d3 20
a22 91
--- plugins/check_http.c.orig	2006-04-05 09:58:27.000000000 +0200
+++ plugins/check_http.c
@@@@ -34,7 +34,8 @@@@ const char *email = "nagiosplug-devel@@li
 enum {
   MAX_IPV4_HOSTLENGTH = 255,
   HTTP_PORT = 80,
-  HTTPS_PORT = 443
+  HTTPS_PORT = 443,
+  MAX_PORT = 65535
 };
 
 #ifdef HAVE_SSL
@@@@ -1043,14 +1044,14 @@@@ check_http (void)
 
 /* per RFC 2396 */
 #define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: "
-#define URI_HTTP "%[HTPShtps]://"
-#define URI_HOST "%[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
-#define URI_PORT ":%[0123456789]"
+#define URI_HTTP "%5[HTPShtps]"
+#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+#define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */
 #define URI_PATH "%[-_.!~*'();/?:@@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
-#define HD1 URI_HTTP URI_HOST URI_PORT URI_PATH
-#define HD2 URI_HTTP URI_HOST URI_PATH
-#define HD3 URI_HTTP URI_HOST URI_PORT
-#define HD4 URI_HTTP URI_HOST
+#define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH
+#define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH
+#define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT
+#define HD4 URI_HTTP "://" URI_HOST
 #define HD5 URI_PATH
 
 void
@@@@ -1061,7 +1062,6 @@@@ redir (char *pos, char *status_line)
   char xx[2];
   char type[6];
   char *addr;
-  char port[6];
   char *url;
 
   addr = malloc (MAX_IPV4_HOSTLENGTH + 1);
@@@@ -1093,10 +1093,8 @@@@ redir (char *pos, char *status_line)
       die (STATE_UNKNOWN, _("could not allocate url\n"));
 
     /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */
-    if (sscanf (pos, HD1, type, addr, port, url) == 4) {
+    if (sscanf (pos, HD1, type, addr, &i, url) == 4)
       use_ssl = server_type_check (type);
-      i = atoi (port);
-    }
 
     /* URI_HTTP URI_HOST URI_PATH */
     else if (sscanf (pos, HD2, type, addr, url) == 3 ) { 
@@@@ -1105,10 +1103,9 @@@@ redir (char *pos, char *status_line)
     }
 
     /* URI_HTTP URI_HOST URI_PORT */
-    else if(sscanf (pos, HD3, type, addr, port) == 3) {
+    else if(sscanf (pos, HD3, type, addr, &i) == 3) {
       strcpy (url, HTTP_URL);
       use_ssl = server_type_check (type);
-      i = atoi (port);
     }
 
     /* URI_HTTP URI_HOST */
@@@@ -1154,7 +1151,6 @@@@ redir (char *pos, char *status_line)
          _("WARNING - redirection creates an infinite loop - %s://%s:%d%s%s\n"),
          type, addr, i, url, (display_html ? "</A>" : ""));
 
-  server_port = i;
   strcpy (server_type, type);
 
   free (host_name);
@@@@ -1164,7 +1160,22 @@@@ redir (char *pos, char *status_line)
   server_address = strdup (addr);
 
   free (server_url);
-  server_url = strdup (url);
+  if ((url[0] == '/'))
+    server_url = strdup (url);
+  else if (asprintf(&server_url, "/%s", url) == -1)
+    die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate server_url%s\n"),
+         display_html ? "</A>" : "");
+  free(url);
+
+  if ((server_port = i) > MAX_PORT)
+    die (STATE_UNKNOWN,
+         _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"),
+         MAX_PORT, server_type, server_address, server_port, server_url,
+         display_html ? "</A>" : "");
d24 1
a24 3
+  if (verbose)
+    printf ("Redirection to %s://%s:%d%s\n", server_type, server_address,
+            server_port, server_url);
d26 1
a26 2
   check_http ();
 }
@


1.1
log
@Location header buffer overflow fix for nagios-plugins-1.4.3
check_http (CVE-2007-5198)
Approved-by: gdt
@
text
@d1 1
a1 1
$NetBSD$
@