[Nagiosplug-devel] Case sensitivity in check_dig

Joe Greco jgreco at ns.sol.net
Sat May 15 15:13:40 CEST 2010

Previous message: [Nagiosplug-devel] check_tcp don't report state if connection is refused
Next message: [Nagiosplug-devel] Regarding the check_wmi.pl script
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Noted the following RFC violation in the Nagios check_dig plugin.

According to STD13, and most recently reiterated in RFC4343:3, in
reference to label comparison: "a lookup string octet with a value 
in the inclusive range from 0x41 to 0x5A, the uppercase ASCII 
letters, MUST match the identical value and also match the 
corresponding value in the inclusive range from 0x61 to 0x7A, 
the lowercase ASCII letters.  A lookup string octet with a
lowercase ASCII letter value MUST similarly match the identical
value and also match the corresponding value in the uppercase
ASCII letter range.

check_dig can be trivially shown to be in violation of this
requirement:

# check_dig -T txt -A "-c chaos" -w 2 -c 6 -H 10.1.1.1 -l version.bind -v
/usr/bin/dig @10.1.1.1 -p 53 version.bind -t txt -c chaos
Looking for: 'version.bind'
;; ANSWER SECTION:
VERSION.BIND.		0	CH	TXT	"Nosy, nosy!"

;; Query time: 12 msec
;; SERVER: 10.1.1.1#53(10.1.1.1)
;; WHEN: Sat May 15 07:53:46 2010
;; MSG SIZE  rcvd: 64

DNS WARNING - 0.245 seconds response time (Server not found in ANSWER SECTION)|time=0.245255s;2.000000;6.000000;0.000000
# check_dig -T txt -A "-c chaos" -w 2 -c 6 -H 10.1.1.1 -l VERSION.BIND -v
/usr/bin/dig @10.1.1.1 -p 53 VERSION.BIND -t txt -c chaos
Looking for: 'VERSION.BIND'
;; ANSWER SECTION:
VERSION.BIND.		0	CH	TXT	"Nosy, nosy!"
DNS OK - 0.125 seconds response time (VERSION.BIND.  0 CH TXT "Nosy, nosy!")|time=0.125346s;2.000000;6.000000;0.000000
# check_dig -T txt -A "-c chaos" -w 2 -c 6 -H 10.1.1.2 -l version.bind -v
/usr/bin/dig @10.1.1.2 -p 53 version.bind -t txt -c chaos
Looking for: 'version.bind'
;; ANSWER SECTION:
version.bind.		0	CH	TXT	"Nosy, nosy!"
DNS OK - 0.153 seconds response time (version.bind.  0 CH TXT "Nosy, nosy!")|time=0.152567s;2.000000;6.000000;0.000000
# check_dig -T txt -A "-c chaos" -w 2 -c 6 -H 10.1.1.2 -l VERSION.BIND -v
/usr/bin/dig @10.1.1.2 -p 53 VERSION.BIND -t txt -c chaos
Looking for: 'VERSION.BIND'
;; ANSWER SECTION:
VERSION.BIND.		0	CH	TXT	"Nosy, nosy!"
DNS OK - 0.153 seconds response time (VERSION.BIND.  0 CH TXT "Nosy, nosy!")|time=0.152567s;2.000000;6.000000;0.000000

The first server is an older BIND series that always returns the label
for VERSION.BIND as uppercase; the second server parrots it properly.
However, while the server behaviour is clearly dodgy, check_dig's
case-sensitive comparison is definitely in violation of the RFC.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.

Previous message: [Nagiosplug-devel] check_tcp don't report state if connection is refused
Next message: [Nagiosplug-devel] Regarding the check_wmi.pl script
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Devel mailing list