From noreply at sourceforge.net  Tue Dec  4 14:02:05 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Tue, 04 Dec 2012 05:02:05 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Feature Requests-3574197 ]
	check_ssh add --fingerprint option
Message-ID: <mailman.231.1535628675.23718.devel@monitoring-plugins.org>

Feature Requests item #3574197, was opened at 2012-10-03 11:07
Message generated for change (Comment added) made by hjanuschka
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397600&aid=3574197&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Priority: 5
Private: No
Submitted By: Marc Haber (zugschlus)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_ssh add --fingerprint option

Initial Comment:
Hi,

please consider adding to the check_ssh plugin a check whether the fingerprint is what we expected. One would configure into the check the expected fingerprint, and the check would go into warning or critical if the fingerprint presented by the remote sshd is not what we expected.

Greetings
Marc


----------------------------------------------------------------------

Comment By: Helmut Januschka (hjanuschka)
Date: 2012-12-04 05:02

Message:
checkout the git pull request
https://github.com/nagios-plugins/nagios-plugins/pull/26


i have reworked the check_ssh - using libssh to check version and
fingerprint (instead of serverhello version guessing)

----------------------------------------------------------------------

Comment By: J. Bern (j-bern)
Date: 2012-10-03 11:52

Message:
I'm afraid that you're expecting a bit much from good ol' check_ssh here.
It makes the TCP connection and has a look at the server hello to determine
the server's versions, but it never proceeds into the crypto setup stages,
which it would need to do to actually obtain the server's pubkey.

However, any service check using *check_by_ssh* against the target machine
- and assuming the usual ssh config params - should yell bloody murder
(well, actually "@@@@@@@@@@@@",the first line of ssh's "someone might be
doing something nasty" warning) when the host's pubkey has changed.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397600&aid=3574197&group_id=29880



From noreply at sourceforge.net  Thu Dec  6 12:01:33 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Thu, 06 Dec 2012 03:01:33 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Feature Requests-3593130 ]
	check_http -M should also look for Age header
Message-ID: <mailman.232.1535628675.23718.devel@monitoring-plugins.org>

Feature Requests item #3593130, was opened at 2012-12-06 03:01
Message generated for change (Tracker Item Submitted) made by 
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397600&aid=3593130&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Priority: 5
Private: No
Submitted By: Richard Zuidhof ()
Assigned to: Nobody/Anonymous (nobody)
Summary: check_http -M should also look for Age header

Initial Comment:
Could you please let check_http -M look for the Age header if Last-Modified is not present. There are a lot of web accelerators and CDNs that add the Age header.

check_http v1.4.15 (nagios-plugins 1.4.15)



----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397600&aid=3593130&group_id=29880



From noreply at sourceforge.net  Thu Dec  6 21:48:29 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Thu, 06 Dec 2012 12:48:29 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3593304 ] check_http injecting
	garbage into content, breaking --string
Message-ID: <mailman.233.1535628675.23718.devel@monitoring-plugins.org>

Bugs item #3593304, was opened at 2012-12-06 12:48
Message generated for change (Tracker Item Submitted) made by jwhitlock
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: v1.4.14
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: John Whitlock (jwhitlock)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_http injecting garbage into content, breaking --string

Initial Comment:
Plugin Version (-V output):  check_http v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Plugin Name:  check_http
Plugin Commandline showing issues: ./check_http -H 'www.consumeraffairs.com' -u '/' -v | head -n 20
Operating System: OS X 10.8.2, Ubuntu 12.04.1 LTS
Architecture: x86_64
Compiler: gcc 4.2.1, ubuntu package

When running check_http against our server, it appears to inject garbage (with newlines) into the content.  Here's the output of my example run:

GET / HTTP/1.1
User-Agent: check_http/v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Connection: close
Host: www.consumeraffairs.com


http://www.consumeraffairs.com:80/ is 30933 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Server: nginx/1.1.19
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Dec 2012 20:32:29 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
**** CONTENT ****
1f66
<!doctype html><!--[if lt IE 7 ]><html lang="en" class="no-js ie6"> ... (trimmed) ...

The '1f66' does not appear in the actual response, as verified with the browser, curl, wget, etc.  It appears it injects something like '1000', '2000', every few thousand characters, and a final '0' at the end.  I don't see these results against other hosts - ours appears to be 'lucky'.  We're running on nginx in Rackspace and using their load balancer service, but it reproduces running against a webserver on my laptop.

I ran in gdb, and it looks like the calls to `while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {` are injecting the garbage into the buffer, so it is somewhere in the read code.  Changing the buffer size or max read size appears to have no effect.  valgrind finds no reads of uninitialized memory.

It was breaking expected string checks, which is why we noticed it.  I'm turning off the expected string tests, so we'll just check 200 and timeouts.


----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880



From noreply at sourceforge.net  Thu Dec  6 22:14:03 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Thu, 06 Dec 2012 13:14:03 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3593304 ] check_http injecting
	garbage into content, breaking --string
Message-ID: <mailman.234.1535628675.23718.devel@monitoring-plugins.org>

Bugs item #3593304, was opened at 2012-12-06 12:48
Message generated for change (Comment added) made by jwhitlock
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: v1.4.14
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: John Whitlock (jwhitlock)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_http injecting garbage into content, breaking --string

Initial Comment:
Plugin Version (-V output):  check_http v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Plugin Name:  check_http
Plugin Commandline showing issues: ./check_http -H 'www.consumeraffairs.com' -u '/' -v | head -n 20
Operating System: OS X 10.8.2, Ubuntu 12.04.1 LTS
Architecture: x86_64
Compiler: gcc 4.2.1, ubuntu package

When running check_http against our server, it appears to inject garbage (with newlines) into the content.  Here's the output of my example run:

GET / HTTP/1.1
User-Agent: check_http/v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Connection: close
Host: www.consumeraffairs.com


http://www.consumeraffairs.com:80/ is 30933 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Server: nginx/1.1.19
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Dec 2012 20:32:29 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
**** CONTENT ****
1f66
<!doctype html><!--[if lt IE 7 ]><html lang="en" class="no-js ie6"> ... (trimmed) ...

The '1f66' does not appear in the actual response, as verified with the browser, curl, wget, etc.  It appears it injects something like '1000', '2000', every few thousand characters, and a final '0' at the end.  I don't see these results against other hosts - ours appears to be 'lucky'.  We're running on nginx in Rackspace and using their load balancer service, but it reproduces running against a webserver on my laptop.

I ran in gdb, and it looks like the calls to `while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {` are injecting the garbage into the buffer, so it is somewhere in the read code.  Changing the buffer size or max read size appears to have no effect.  valgrind finds no reads of uninitialized memory.

It was breaking expected string checks, which is why we noticed it.  I'm turning off the expected string tests, so we'll just check 200 and timeouts.


----------------------------------------------------------------------

>Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 13:14

Message:
I found a few more sites with the problem:

http://www.disqus.com/
http://instagram.com/
http://www.mozilla.org/en-US/

Like us, they are all sites running Django:

https://www.djangoproject.com/

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880



From noreply at sourceforge.net  Thu Dec  6 23:44:15 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Thu, 06 Dec 2012 14:44:15 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3593304 ] check_http injecting
	garbage into content, breaking --string
Message-ID: <mailman.235.1535628675.23718.devel@monitoring-plugins.org>

Bugs item #3593304, was opened at 2012-12-06 12:48
Message generated for change (Comment added) made by jwhitlock
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: v1.4.14
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: John Whitlock (jwhitlock)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_http injecting garbage into content, breaking --string

Initial Comment:
Plugin Version (-V output):  check_http v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Plugin Name:  check_http
Plugin Commandline showing issues: ./check_http -H 'www.consumeraffairs.com' -u '/' -v | head -n 20
Operating System: OS X 10.8.2, Ubuntu 12.04.1 LTS
Architecture: x86_64
Compiler: gcc 4.2.1, ubuntu package

When running check_http against our server, it appears to inject garbage (with newlines) into the content.  Here's the output of my example run:

GET / HTTP/1.1
User-Agent: check_http/v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Connection: close
Host: www.consumeraffairs.com


http://www.consumeraffairs.com:80/ is 30933 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Server: nginx/1.1.19
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Dec 2012 20:32:29 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
**** CONTENT ****
1f66
<!doctype html><!--[if lt IE 7 ]><html lang="en" class="no-js ie6"> ... (trimmed) ...

The '1f66' does not appear in the actual response, as verified with the browser, curl, wget, etc.  It appears it injects something like '1000', '2000', every few thousand characters, and a final '0' at the end.  I don't see these results against other hosts - ours appears to be 'lucky'.  We're running on nginx in Rackspace and using their load balancer service, but it reproduces running against a webserver on my laptop.

I ran in gdb, and it looks like the calls to `while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {` are injecting the garbage into the buffer, so it is somewhere in the read code.  Changing the buffer size or max read size appears to have no effect.  valgrind finds no reads of uninitialized memory.

It was breaking expected string checks, which is why we noticed it.  I'm turning off the expected string tests, so we'll just check 200 and timeouts.


----------------------------------------------------------------------

Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 14:44

Message:
And also http://wordpress.com, which is an nginx site probably running
PHP+Wordpress.  Maybe this is an issue w/ nginx?

----------------------------------------------------------------------

Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 13:14

Message:
I found a few more sites with the problem:

http://www.disqus.com/
http://instagram.com/
http://www.mozilla.org/en-US/

Like us, they are all sites running Django:

https://www.djangoproject.com/

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880



From noreply at sourceforge.net  Thu Dec  6 23:56:58 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Thu, 06 Dec 2012 14:56:58 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3593304 ] check_http injecting
	garbage into content, breaking --string
Message-ID: <mailman.236.1535628675.23718.devel@monitoring-plugins.org>

Bugs item #3593304, was opened at 2012-12-06 12:48
Message generated for change (Comment added) made by colling2
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: v1.4.14
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: John Whitlock (jwhitlock)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_http injecting garbage into content, breaking --string

Initial Comment:
Plugin Version (-V output):  check_http v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Plugin Name:  check_http
Plugin Commandline showing issues: ./check_http -H 'www.consumeraffairs.com' -u '/' -v | head -n 20
Operating System: OS X 10.8.2, Ubuntu 12.04.1 LTS
Architecture: x86_64
Compiler: gcc 4.2.1, ubuntu package

When running check_http against our server, it appears to inject garbage (with newlines) into the content.  Here's the output of my example run:

GET / HTTP/1.1
User-Agent: check_http/v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Connection: close
Host: www.consumeraffairs.com


http://www.consumeraffairs.com:80/ is 30933 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Server: nginx/1.1.19
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Dec 2012 20:32:29 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
**** CONTENT ****
1f66
<!doctype html><!--[if lt IE 7 ]><html lang="en" class="no-js ie6"> ... (trimmed) ...

The '1f66' does not appear in the actual response, as verified with the browser, curl, wget, etc.  It appears it injects something like '1000', '2000', every few thousand characters, and a final '0' at the end.  I don't see these results against other hosts - ours appears to be 'lucky'.  We're running on nginx in Rackspace and using their load balancer service, but it reproduces running against a webserver on my laptop.

I ran in gdb, and it looks like the calls to `while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {` are injecting the garbage into the buffer, so it is somewhere in the read code.  Changing the buffer size or max read size appears to have no effect.  valgrind finds no reads of uninitialized memory.

It was breaking expected string checks, which is why we noticed it.  I'm turning off the expected string tests, so we'll just check 200 and timeouts.


----------------------------------------------------------------------

Comment By: Graham (colling2)
Date: 2012-12-06 14:56

Message:
This is chunked data. Isnt the 'garbage' part of the way chunked data is
transmitted? Check_http probably doesn't understand chunking.

----------------------------------------------------------------------

Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 14:44

Message:
And also http://wordpress.com, which is an nginx site probably running
PHP+Wordpress.  Maybe this is an issue w/ nginx?

----------------------------------------------------------------------

Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 13:14

Message:
I found a few more sites with the problem:

http://www.disqus.com/
http://instagram.com/
http://www.mozilla.org/en-US/

Like us, they are all sites running Django:

https://www.djangoproject.com/

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880



From noreply at sourceforge.net  Fri Dec  7 10:40:44 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Fri, 07 Dec 2012 01:40:44 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3593304 ] check_http injecting
	garbage into content, breaking --string
Message-ID: <mailman.237.1535628675.23718.devel@monitoring-plugins.org>

Bugs item #3593304, was opened at 2012-12-06 12:48
Message generated for change (Comment added) made by wferi
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: v1.4.14
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: John Whitlock (jwhitlock)
Assigned to: Nobody/Anonymous (nobody)
Summary: check_http injecting garbage into content, breaking --string

Initial Comment:
Plugin Version (-V output):  check_http v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Plugin Name:  check_http
Plugin Commandline showing issues: ./check_http -H 'www.consumeraffairs.com' -u '/' -v | head -n 20
Operating System: OS X 10.8.2, Ubuntu 12.04.1 LTS
Architecture: x86_64
Compiler: gcc 4.2.1, ubuntu package

When running check_http against our server, it appears to inject garbage (with newlines) into the content.  Here's the output of my example run:

GET / HTTP/1.1
User-Agent: check_http/v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Connection: close
Host: www.consumeraffairs.com


http://www.consumeraffairs.com:80/ is 30933 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Server: nginx/1.1.19
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Dec 2012 20:32:29 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
**** CONTENT ****
1f66
<!doctype html><!--[if lt IE 7 ]><html lang="en" class="no-js ie6"> ... (trimmed) ...

The '1f66' does not appear in the actual response, as verified with the browser, curl, wget, etc.  It appears it injects something like '1000', '2000', every few thousand characters, and a final '0' at the end.  I don't see these results against other hosts - ours appears to be 'lucky'.  We're running on nginx in Rackspace and using their load balancer service, but it reproduces running against a webserver on my laptop.

I ran in gdb, and it looks like the calls to `while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {` are injecting the garbage into the buffer, so it is somewhere in the read code.  Changing the buffer size or max read size appears to have no effect.  valgrind finds no reads of uninitialized memory.

It was breaking expected string checks, which is why we noticed it.  I'm turning off the expected string tests, so we'll just check 200 and timeouts.


----------------------------------------------------------------------

Comment By: Ferenc W?gner (wferi)
Date: 2012-12-07 01:40

Message:
Yes, this is actually #2786808: check_http asks for HTTP/1.1, but doesn't
understand chunked.

----------------------------------------------------------------------

Comment By: Graham (colling2)
Date: 2012-12-06 14:56

Message:
This is chunked data. Isnt the 'garbage' part of the way chunked data is
transmitted? Check_http probably doesn't understand chunking.

----------------------------------------------------------------------

Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 14:44

Message:
And also http://wordpress.com, which is an nginx site probably running
PHP+Wordpress.  Maybe this is an issue w/ nginx?

----------------------------------------------------------------------

Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 13:14

Message:
I found a few more sites with the problem:

http://www.disqus.com/
http://instagram.com/
http://www.mozilla.org/en-US/

Like us, they are all sites running Django:

https://www.djangoproject.com/

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880



From noreply at sourceforge.net  Fri Dec  7 10:44:23 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Fri, 07 Dec 2012 01:44:23 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3593304 ] check_http injecting
	garbage into content, breaking --string
Message-ID: <mailman.238.1535628675.23718.devel@monitoring-plugins.org>

Bugs item #3593304, was opened at 2012-12-06 12:48
Message generated for change (Settings changed) made by hweiss
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: v1.4.14
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: John Whitlock (jwhitlock)
>Assigned to: Holger Weiss (hweiss)
Summary: check_http injecting garbage into content, breaking --string

Initial Comment:
Plugin Version (-V output):  check_http v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Plugin Name:  check_http
Plugin Commandline showing issues: ./check_http -H 'www.consumeraffairs.com' -u '/' -v | head -n 20
Operating System: OS X 10.8.2, Ubuntu 12.04.1 LTS
Architecture: x86_64
Compiler: gcc 4.2.1, ubuntu package

When running check_http against our server, it appears to inject garbage (with newlines) into the content.  Here's the output of my example run:

GET / HTTP/1.1
User-Agent: check_http/v1.4.16-61-g1845c (nagios-plugins 1.4.16)
Connection: close
Host: www.consumeraffairs.com


http://www.consumeraffairs.com:80/ is 30933 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Server: nginx/1.1.19
Vary: Cookie
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Dec 2012 20:32:29 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
Set-Cookie: X-Mapping-fjhppofk=0F06A766EC4682365170E5AA67F0FDDA; path=/
**** CONTENT ****
1f66
<!doctype html><!--[if lt IE 7 ]><html lang="en" class="no-js ie6"> ... (trimmed) ...

The '1f66' does not appear in the actual response, as verified with the browser, curl, wget, etc.  It appears it injects something like '1000', '2000', every few thousand characters, and a final '0' at the end.  I don't see these results against other hosts - ours appears to be 'lucky'.  We're running on nginx in Rackspace and using their load balancer service, but it reproduces running against a webserver on my laptop.

I ran in gdb, and it looks like the calls to `while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {` are injecting the garbage into the buffer, so it is somewhere in the read code.  Changing the buffer size or max read size appears to have no effect.  valgrind finds no reads of uninitialized memory.

It was breaking expected string checks, which is why we noticed it.  I'm turning off the expected string tests, so we'll just check 200 and timeouts.


----------------------------------------------------------------------

Comment By: Ferenc W?gner (wferi)
Date: 2012-12-07 01:40

Message:
Yes, this is actually #2786808: check_http asks for HTTP/1.1, but doesn't
understand chunked.

----------------------------------------------------------------------

Comment By: Graham (colling2)
Date: 2012-12-06 14:56

Message:
This is chunked data. Isnt the 'garbage' part of the way chunked data is
transmitted? Check_http probably doesn't understand chunking.

----------------------------------------------------------------------

Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 14:44

Message:
And also http://wordpress.com, which is an nginx site probably running
PHP+Wordpress.  Maybe this is an issue w/ nginx?

----------------------------------------------------------------------

Comment By: John Whitlock (jwhitlock)
Date: 2012-12-06 13:14

Message:
I found a few more sites with the problem:

http://www.disqus.com/
http://instagram.com/
http://www.mozilla.org/en-US/

Like us, they are all sites running Django:

https://www.djangoproject.com/

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3593304&group_id=29880



From noreply at sourceforge.net  Tue Dec 18 07:12:21 2012
From: noreply at sourceforge.net (SourceForge.net)
Date: Mon, 17 Dec 2012 22:12:21 -0800
Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-2786808 ] check_http asks for
	HTTP/1.1, but doesn't understand chunked
Message-ID: <mailman.239.1535628675.23718.devel@monitoring-plugins.org>

Bugs item #2786808, was opened at 2009-05-04 12:19
Message generated for change (Comment added) made by 
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2786808&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Parsing problem
Group: CVS
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Ferenc W?gner (wferi)
Assigned to: Holger Weiss (hweiss)
Summary: check_http asks for HTTP/1.1, but doesn't understand chunked

Initial Comment:
Fixing 2638765 uncovered this bug (actually, most HTTP servers respect Host: headers in HTTP/1.0 requests, even though it isn't part of the spec).
Anyway: if a client sends a HTTP/1.1 request, it must be able to handle the incoming HTTP/1.1 reply. Which includes coping with a chunked one.
This exact same command worked with check_http version 1.4.5 (and still does so with -H replaced by -I, but that isn't the point).

$ /usr/lib/nagios/plugins/check_http -v -H idp.niif.hu -u /idp/profile/Status --ssl -r "^ok$"
GET /idp/profile/Status HTTP/1.1
Host: idp.niif.hu:443
User-Agent: check_http/v1991 (nagios-plugins 1.4.12)
Connection: close


https://idp.niif.hu:443/idp/profile/Status is 141 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Date: Mon, 04 May 2009 19:12:13 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/plain
**** CONTENT ****
2
ok
0


HTTP CRITICAL - pattern not found|time=0.067933s;;;0.000000 size=141B;;;0


----------------------------------------------------------------------

Comment By: Avi B ()
Date: 2012-12-17 22:12

Message:
I've updated check_http.c to properly process chunked encoding. The pull
request is at https://github.com/nagios-plugins/nagios-plugins/pull/28

----------------------------------------------------------------------

Comment By: https://www.google.com/accounts ()
Date: 2012-10-15 05:44

Message:
Say guys... It's 3 years later and this is still broken causing check_http
to fail against HP's iLO2 if you're not using the -N...

----------------------------------------------------------------------

Comment By: Andor (tothandor)
Date: 2011-09-07 03:26

Message:
+1 Present in 1.4.15. 
A possible workaround is to use 
-k "Host: example.com"


----------------------------------------------------------------------

Comment By: Chris Hiestand (chrishiestand)
Date: 2010-11-23 22:23

Message:
+1 here too. I spent my whole evening figuring out why a nagios check was
failing on a page that was fully functional, and had the sought-for regular
expression. If the regular expression happens to be broken up by a chunk,
the check fails.

----------------------------------------------------------------------

Comment By: Lamont Granquist (lamontgranquist)
Date: 2010-07-31 20:40

Message:
+1, I just ran into this bug.

I started blaming our software devs for not marshalling their data
correctly into XML and garbling it on the wire before I realized that the
problem was that check_http didn't understand chunked encoding...



----------------------------------------------------------------------

Comment By: Holger Weiss (hweiss)
Date: 2009-05-19 12:04

Message:
I'll look into teaching check_http how to cope with chunked replies. 
Thanks for the bug report.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2786808&group_id=29880



From fra.nospam.nk at gmx.de  Mon Dec 24 15:02:24 2012
From: fra.nospam.nk at gmx.de (Frank Fegert)
Date: Mon, 24 Dec 2012 15:02:24 +0100
Subject: [Nagiosplug-devel] Patch to check_ntp_time.c and netutils.c to not
 resolve hostname if given as an IP address
Message-ID: <20121224140224.GA2879@dyndns.org>

Hello all,

i'd like to propose the attached patch against the current nagios-plugins-1.4.16
sources. Although it's a bit hacky, i tried to accomplish the following with this
patch:
 - Add help output wrt the "-4" and "-6" command line options.
 - Move "is_host()" check to after the evaluation of the "-4" and "-6" command
   line options. Otherwise, when built with "USE_IPV6", the address_family for
   the call to resolve_host_or_addr stays at the default AF_UNSPEC instead of
   being set to AF_INET or AF_INET6.
 - Add check logic to determine if the argument passed to the "-H" command line
   option is already a valid IPv4 or IPv6 address. In this case no name lookup
   with getaddrinfo should be necessary.
   I recently ran into an issue related to this: The check_ntp_time calls were
   configured against the IP adresses of two NTP servers, e.g.:
     check_ntp_time -H 192.168.1.1 -w ... -c ...
     check_ntp_time -H 192.168.2.1 -w ... -c ...
   The IP addresses were deliberately used to be independent of DNS glitches.
   Still, when the companies DNS/AD went half braindead, check_ntp_time started
   complaining about NTP connection issues, steering everyone a bit in the wrong
   direction. In this particular case it was a good thing, because it would've
   been a much longer time before someone would've figured out a only partially
   working DNS/AD ;-)
   See here for an explaination of the "ifdef _AIX":
     http://pic.dhe.ibm.com/infocenter/aix/v6r1/index.jsp?topic=%2Fcom.ibm.aix.commtechref%2Fdoc%2Fcommtrf2%2Finet_pton.htm
     http://pic.dhe.ibm.com/infocenter/aix/v6r1/index.jsp?topic=%2Fcom.ibm.aix.commtechref%2Fdoc%2Fcommtrf2%2Finet_pton6_zone.htm

Any comments are very welcome!

Thanks & best regards,

    Frank Fegert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nagios-plugins.patch
Type: text/x-diff
Size: 1766 bytes
Desc: not available
URL: <https://www.monitoring-plugins.org/archive/devel/attachments/20121224/4b3f5feb/attachment.patch>

From manu at netbsd.org  Wed Dec 26 07:09:58 2012
From: manu at netbsd.org (Emmanuel Dreyfus)
Date: Wed, 26 Dec 2012 07:09:58 +0100
Subject: [Nagiosplug-devel] [PATCH] NetBSD support for check_ide_smart
Message-ID: <1kvp714.1puwc4611qdspwM%manu@netbsd.org>

Hello

I would like to submit the patch below that adds NetBSD support to 
plugins/check_ide_smart.c

I used the least-intrusive approach. One could argue it would be 
better to have  smart_read_values defined as  smart_read_values_linux()
or  smart_read_values_netbsd(), or to have an array of OS-dependant 
function pointers (ie: calling osdep->smart_read_values(fd, &values). 
I can rework the patch in one theses ways if is it is preferred.

--- plugins/check_ide_smart.c.orig      2012-12-25 19:47:45.000000000 +0100
+++ plugins/check_ide_smart.c   2012-12-25 20:46:46.000000000 +0100
@@ -45,10 +45,31 @@
 
 #include <sys/stat.h>
 #include <sys/ioctl.h>
 #include <fcntl.h>
+#ifdef linux
 #include <linux/hdreg.h>
 #include <linux/types.h>
+
+#define OPEN_MODE O_RDONLY
+#endif /* linux */
+#ifdef __NetBSD__
+#include <sys/device.h>
+#include <sys/param.h>
+#include <sys/sysctl.h>
+#include <sys/videoio.h> /* for __u8 and friends */
+#include <sys/scsiio.h>
+#include <sys/ataio.h>
+#include <dev/ata/atareg.h>
+#include <dev/ic/wdcreg.h>
+
+#define SMART_ENABLE WDSM_ENABLE_OPS
+#define SMART_DISABLE WDSM_DISABLE_OPS
+#define SMART_IMMEDIATE_OFFLINE WDSM_EXEC_OFFL_IMM
+#define SMART_AUTO_OFFLINE 0xdb /* undefined in NetBSD headers */
+
+#define OPEN_MODE O_RDWR
+#endif /* __NetBSD__ */
 #include <errno.h>
        
 #define NR_ATTRIBUTES  30
        
@@ -222,9 +243,9 @@
                print_help ();
                return STATE_OK;
        }
 
-       fd = open (device, O_RDONLY);
+       fd = open (device, OPEN_MODE);
 
        if (fd < 0) {
                printf (_("CRITICAL - Couldn't open device %s: %s\n"), device, strerror (errno));
                return STATE_CRITICAL;
@@ -283,8 +304,9 @@
 
 int
 smart_read_values (int fd, values_t * values) 
 {
+#ifdef linux
        int e;
        __u8 args[4 + 512];
        args[0] = WIN_SMART;
        args[1] = 0;
@@ -295,8 +317,37 @@
                printf (_("CRITICAL - SMART_READ_VALUES: %s\n"), strerror (errno));
                return e;
        }
        memcpy (values, args + 4, 512);
+#endif /* linux */
+#ifdef __NetBSD__
+       struct atareq req;
+       unsigned char inbuf[DEV_BSIZE];
+
+       memset(&req, 0, sizeof(req));
+       req.timeout = 1000;
+       memset(&inbuf, 0, sizeof(inbuf));
+
+       req.flags = ATACMD_READ;
+       req.features = WDSM_RD_DATA;
+       req.command = WDCC_SMART;
+       req.databuf = (char *)inbuf;
+       req.datalen = sizeof(inbuf);
+       req.cylinder = WDSMART_CYL;
+
+       if (ioctl(fd, ATAIOCCOMMAND, &req) == 0) {
+               if (req.retsts != ATACMD_OK)
+                       errno = ENODEV;
+       }
+
+       if (errno != 0) {
+               int e = errno;
+               printf (_("CRITICAL - SMART_READ_VALUES: %s\n"), strerror (errno));
+               return e;
+       }
+       
+       (void)memcpy(values, inbuf, 512);
+#endif /* __NetBSD__ */
        return 0;
 }
 
 
@@ -438,8 +489,9 @@
 int
 smart_cmd_simple (int fd, enum SmartCommand command, __u8 val0, char show_error) 
 {
        int e = 0;
+#ifdef linux
        __u8 args[4];
        args[0] = WIN_SMART;
        args[1] = val0;
        args[2] = smart_command[command].value;
@@ -449,16 +501,42 @@
                if (show_error) {
                        printf (_("CRITICAL - %s: %s\n"), smart_command[command].text, strerror (errno));
                }
        }
+#endif /* linux */
+#ifdef __NetBSD__
+       struct atareq req;
+
+       memset(&req, 0, sizeof(req));
+       req.timeout = 1000;
+       req.flags = ATACMD_READREG;
+       req.features = smart_command[command].value;
+       req.command = WDCC_SMART;
+       req.cylinder = WDSMART_CYL;
+       req.sec_count = val0;
+
+       if (ioctl(fd, ATAIOCCOMMAND, &req) == 0) {
+               if (req.retsts != ATACMD_OK)
+                       errno = ENODEV;
+               if (req.cylinder != WDSMART_CYL)
+                       errno = ENODEV;
+       }
+
+       if (errno != 0) {
+               e = errno;
+               printf (_("CRITICAL - %s: %s\n"), smart_command[command].text, strerror (errno));
+               return e;
+       }
+#endif /* __NetBSD__ */
        return e;
 }
 
 
 
 int
 smart_read_thresholds (int fd, thresholds_t * thresholds) 
 {
+#ifdef linux
        int e;
        __u8 args[4 + 512];
        args[0] = WIN_SMART;
   args[1] = 0;
@@ -469,8 +547,37 @@
                printf (_("CRITICAL - SMART_READ_THRESHOLDS: %s\n"), strerror (errno));
                return e;
        }
        memcpy (thresholds, args + 4, 512);
+#endif /* linux */
+#ifdef __NetBSD__
+       struct atareq req;
+       unsigned char inbuf[DEV_BSIZE];
+
+       memset(&req, 0, sizeof(req));
+       req.timeout = 1000;
+       memset(&inbuf, 0, sizeof(inbuf));
+
+       req.flags = ATACMD_READ;
+       req.features = WDSM_RD_THRESHOLDS;
+       req.command = WDCC_SMART;
+       req.databuf = (char *)inbuf;
+       req.datalen = sizeof(inbuf);
+       req.cylinder = WDSMART_CYL;
+
+       if (ioctl(fd, ATAIOCCOMMAND, &req) == 0) {
+               if (req.retsts != ATACMD_OK)
+                       errno = ENODEV;
+       }
+
+       if (errno != 0) {
+               int e = errno;
+               printf (_("CRITICAL - SMART_READ_THRESHOLDS: %s\n"), strerror (errno));
+               return e;
+       }
+       
+       (void)memcpy(thresholds, inbuf, 512);
+#endif /* __NetBSD__ */
        return 0;
 }
 
 

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu at netbsd.org