From noreply at sourceforge.net Mon May 14 17:58:42 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 14 May 2012 08:58:42 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3526621 ] Inconsistent results from check_disk Message-ID: Bugs item #3526621, was opened at 2012-05-14 08:58 Message generated for change (Tracker Item Submitted) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3526621&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: https://www.google.com/accounts () Assigned to: Nobody/Anonymous (nobody) Summary: Inconsistent results from check_disk Initial Comment: Disk space check can produce a status that is inconsistent with the threshold values in its performance data. So it can return a CRITICAL status yet according to the performance data it should only be a warning. For example: [root at ui-142 root]# df / Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda3 3652680 3180864 286268 92% / [root at ui-142 root]# /usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p / -vvvvvvv -u kB Thresholds(pct) for / warn: 20.000000 crit 10.000000 calling stat on / For /, total=913170, available=71567, available_to_root=117954, used=795216, fsp.fsu_files=232000, fsp.fsu_ffree=180847 For /, used_pct=92 free_pct=8 used_units=3.18086e+06 free_units=286268 total_units=3.65268e+06 used_inodes_pct=23 free_inodes_pct=77 fsp.fsu_blocksize=4096 mult=1024 Freespace_units result=0 Freespace% result=2 Usedspace_units result=0 Usedspace_percent result=0 Usedinodes_percent result=0 Freeinodes_percent result=0 DISK CRITICAL - free space: / 286268 kB (8% inode=77%);| /=3180864kB;2922144;3287412;0;3652680 What is happening is that (like df) check_disk is calculating the %free to give the CRITICAL status based on space available to a non-root user. However in the performance data it calculates the thresholds in blocks from the %levels using the total disk space available to root. Comparing with these indicates it should only be a warning. I attach a patch that calculates the thresholds in the performance data from the total available to non-root user so they are consistent with the status calculation. I have left the total size in the performance data as the total available to root as this is consistent with df and will be the value the user expects to see. It does mean that if someone tries to check the threshold calculation they might think it wrong - but this will not be very obvious if they are just looking at if in a graphical display based on the performance data. Whatever one does will involve some compromise - my view is that this is the most useful for most people. There is still a small band where the status and the performance data will disagree - this seems to be due to the status calculation calculating the %free as integer and doing the comparison on that rather than converting the % value passed in as an option to blocks and doing the comparison on that (as is done with the performance data). There are various ways to resolve this but need bigger changes to the code. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3526621&group_id=29880 From reply+i-4683011-0c314fd495ecccab88d77ad9bcfb3917cc5a759c-1651316 at reply.github.com Tue May 22 03:54:01 2012 From: reply+i-4683011-0c314fd495ecccab88d77ad9bcfb3917cc5a759c-1651316 at reply.github.com (willixix) Date: Mon, 21 May 2012 18:54:01 -0700 Subject: [Nagiosplug-devel] [nagios-plugins] extended certificate expiration checks to have both critical and warning thresholds (#5) Message-ID: applied patch that adds both critical and warning thresholds to certificate expiration checks of check_tcp, check_http, check_smtp You can merge this Pull Request by running: git pull https://github.com/willixix/nagios-plugins master Or you can view, comment on it, or merge it online at: https://github.com/nagios-plugins/nagios-plugins/pull/5 -- Commit Summary -- * applied patch that adds both critical and warning thresholds to certificate expiration checks of check_tcp, check_http, check_smtp -- File Changes -- M plugins/check_http.c (38) M plugins/check_smtp.c (37) M plugins/check_tcp.c (27) M plugins/netutils.h (2) M plugins/sslutils.c (20) -- Patch Links -- https://github.com/nagios-plugins/nagios-plugins/pull/5.patch https://github.com/nagios-plugins/nagios-plugins/pull/5.diff --- Reply to this email directly or view it on GitHub: https://github.com/nagios-plugins/nagios-plugins/pull/5 From noreply at sourceforge.net Tue May 22 07:32:59 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 21 May 2012 22:32:59 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3314686 ] check_ntp_time and check_ntp_peers cannot find offset Message-ID: Bugs item #3314686, was opened at 2011-06-10 05:56 Message generated for change (Comment added) made by You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3314686&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: release-1.4.15 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Douglas E. Warner (silfreed) Assigned to: Nobody/Anonymous (nobody) Summary: check_ntp_time and check_ntp_peers cannot find offset Initial Comment: I'm having a similar problem with the "offset unknown" that others have had in the past, although I'm running 1.4.14 of the plugins using check_ntp_time and check_ntp_peer. Below is the output of some of the commands. For some reason check_ntp_peer doesn't even seem to be able to find the peers, although check_ntp_time seems fine, but doesn't get the correct offset. # ntpdc -n -s localhost remote local st poll reach delay offset disp ======================================================================= 208.53.158.34 10.128.0.45 2 64 3 0.02493 -0.088040 1.98438 204.9.54.119 10.128.0.45 1 64 3 0.00943 -0.035220 1.98444 199.4.29.166 10.128.0.45 2 64 3 0.02950 -0.021567 1.98444 216.129.110.22 10.128.0.45 2 64 3 0.01813 -0.027695 1.98444 # /usr/lib/nagios/plugins/check_ntp_peer -H 127.0.0.1 -w 5 -c 10 -v 0 candiate peers available warning: no synchronization source found warning: LI_ALARM bit is set NTP CRITICAL: Server not synchronized, Offset unknown| # /usr/lib/nagios/plugins/check_ntp_time -H 127.0.0.1 -w 5 -c 10 -v sending request to peer 0 response from peer 0: offset 2.74181366e-06 sending request to peer 0 response from peer 0: offset -4.291534424e-06 sending request to peer 0 response from peer 0: offset -3.457069397e-06 sending request to peer 0 response from peer 0: offset -3.576278687e-06 discarding peer 0: stratum=0 overall average offset: 0 NTP CRITICAL: Offset unknown| ---------------------------------------------------------------------- Comment By: https://www.google.com/accounts () Date: 2012-05-21 22:32 Message: Any progress on this one? I have the latest plugin, yet the problem is still there. ---------------------------------------------------------------------- Comment By: Douglas E. Warner (silfreed) Date: 2011-06-27 10:57 Message: Confirmed this also exists w/ 1.4.15. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3314686&group_id=29880 From noreply at sourceforge.net Mon May 28 16:06:40 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 07:06:40 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-1894850 ] check_ping: incorrectly parses ping6 output Message-ID: Bugs item #1894850, was opened at 2008-02-16 01:57 Message generated for change (Settings changed) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1894850&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Parsing problem Group: Release (specify) Status: Open Resolution: None Priority: 5 Private: No Submitted By: Matej Vela (vela) >Assigned to: Holger Weiss (hweiss) Summary: check_ping: incorrectly parses ping6 output Initial Comment: Plugin Version: 1.4.11, HEAD Plugin Name: check_ping Plugin Commandline showing issues: check_ping -H [invalid-ipv6-address] -w 5000,100% -c 5000,100% -p 1 Operating System: Debian GNU/Linux 4.0 (etch) Debian's ping6 may produce output in the following format: 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2009ms There's a corresponding pattern in check_ping.c:450: "%*d packets transmitted, %*d received, +%*d errors, %d%% packet loss" but the pattern in check_ping.c:448 matches first: "%*d packets transmitted, %*d received, %d%% loss, time" because sscanf interprets "+3" as a match for "%d". Although the rest of the pattern doesn't match, the number of successful assignments (and thus the return value of sscanf) is still 1. A simple way to make sure the whole pattern matches is to add a "%n" specifier at the end, which will assign the number of characters matched by that point. (The same trick is used in check_http.c.) There seems to be some confusion whether "%n" affects the return value of sscanf, so it's safer to check the assigned number of characters. Patch attached. ---------------------------------------------------------------------- Comment By: Matija Nalis (mnalis) Date: 2010-10-16 16:49 Message: cyco_dd - the patch really isn't that complicated, it just makes C sscanf(3) behave like the one who wrote it intended (like string matching in perl for example). I've also made more detailed explanation with real-life examples at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514588#36 if you're interested. It's also been running for more than a year and a half without any ill effects on CARNet (Croatian Academic and Research Network) while monitoring hundreds of servers, and all the people who tried the patch (both at sourceforge.net tracker and at debian bug tracker) report it works as intended. If you have any specific issues or further need for patch clarifications, just ask and I'll answer them. Thanks. ---------------------------------------------------------------------- Comment By: Jan Wagner (cyco_dd) Date: 2010-10-16 15:53 Message: things maybe less trivial, as it look at the first view? ---------------------------------------------------------------------- Comment By: WebComPas (webcompas) Date: 2010-10-15 06:09 Message: I also need "check_ping" to work correctly with ping6 on debian. The attached fix seems to work, so where is the problem to include this patch? ---------------------------------------------------------------------- Comment By: Matija Nalis (mnalis) Date: 2010-08-12 07:17 Message: Any chance of this fix being implemented? It's been sitting here for years now :-( BTW, it has also been reported at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514588 if more info is needed ---------------------------------------------------------------------- Comment By: Matija Nalis (mnalis) Date: 2009-02-09 02:27 Message: has there been any luck with integrating this patch to nagios-plugins ? It does not seem to be getting any activity. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1894850&group_id=29880 From noreply at sourceforge.net Mon May 28 16:14:52 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 07:14:52 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3518671 ] check_icmp throws an error on "Address unreachable" Message-ID: Bugs item #3518671, was opened at 2012-04-16 23:06 Message generated for change (Settings changed) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3518671&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Bernhard Schmidt (bschmidt) >Assigned to: Holger Weiss (hweiss) Summary: check_icmp throws an error on "Address unreachable" Initial Comment: $ ,/check_ping -H isatap-g.srv.lrz.de -w '200,10%' -c '400,50%' -6 -p 5 --verbose --verbose --verbose --verbose CMD: /bin/ping6 -n -U -w 10 -c 5 isatap-g.srv.lrz.de Output: PING isatap-g.srv.lrz.de(2001:4ca0:0:107::a9c:ca0b) 56 data bytes Output: Output: --- isatap-g.srv.lrz.de ping statistics --- Output: 10 packets transmitted, 0 received, 100% packet loss, time 9057ms Output: PING CRITICAL - Packet loss = 100%|rta=400.000000ms;200.000000;400.000000;0.000000 pl=100%;10;50;0 200.000000:10% 400.000000:50% $ ./check_ping -H isatap-g.srv.lrz.de -w '200,10%' -c '400,50%' -6 -p 5 --verbose --verbose --verbose --verbose CMD: /bin/ping6 -n -U -w 10 -c 5 isatap-g.srv.lrz.de Output: PING isatap-g.srv.lrz.de(2001:4ca0:0:107::a9c:ca0b) 56 data bytes Output: From 2001:4ca0:0:55::5 icmp_seq=1 Destination unreachable: Address unreachable Output: Output: --- isatap-g.srv.lrz.de ping statistics --- Output: 4 packets transmitted, 0 received, +1 errors, 100% packet loss, time 3000ms Output: /bin/ping6 -n -U -w 10 -c 5 isatap-g.srv.lrz.de CRITICAL - Could not interpret output from ping command ---------------------------------------------------------------------- Comment By: Bernhard Schmidt (bschmidt) Date: 2012-04-16 23:55 Message: Fixed in https://github.com/bernhardschmidt/nagios-plugins/commit/ff098243ab9e41696f91df99135d80546cefecbc, I sent a pull request. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3518671&group_id=29880 From noreply at sourceforge.net Mon May 28 16:50:43 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 07:50:43 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Patches-3285367 ] Support SSL Protocol version argument Message-ID: Patches item #3285367, was opened at 2011-04-12 08:47 Message generated for change (Settings changed) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397599&aid=3285367&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Enhancement Group: release-1.4.15 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Jason A. Lunn (omnipotus) >Assigned to: Holger Weiss (hweiss) Summary: Support SSL Protocol version argument Initial Comment: Bug 3066166 has a suggested solution to try to fallback to TLSv1 only when SSL protocol negotiation fails. This patch takes an alternative approach that is more general purpose, adding support for an optional value to the -S/--ssl argument of check_http and using that to chose the SSL Protocol version in sslutils.c. This will facilitate testing of HTTPS services that fail to properly auto-negotiate the protocol version but work with an explicit version is set. ---------------------------------------------------------------------- Comment By: Holger Weiss (hweiss) Date: 2012-05-07 03:42 Message: As we're stumbling over negotiation glitches in various SSL server implementations every now and then, I think it would be nice to be able to specify the desired SSL protocol version. The patch looks fine to me. If nobody objects, I'll commit it before the next release. ---------------------------------------------------------------------- Comment By: Thomas Guyot-Sionnest (dermoth) Date: 2011-05-02 17:03 Message: [This is a copy of my reply to your email, as it bounced] I've looked at it but didn't take the time to look further or reply... According to the openssl documentation the function SSLv23_client_method should already try TLSv1. I'd like to better understand why using specifically TLSv1_client_method would make a difference, and most importantely whenever it's an openssl bug or not (i.e. did you try against the latest openssl version?) A reproducible testcase would be great, or at least an external server I could test against. Thanks ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397599&aid=3285367&group_id=29880 From noreply at sourceforge.net Mon May 28 17:22:22 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 08:22:22 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3066166 ] check_http fails to connect to some SSL servers/devices Message-ID: Bugs item #3066166, was opened at 2010-09-14 12:27 Message generated for change (Settings changed) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3066166&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: rabinnh (rabinnh) >Assigned to: Holger Weiss (hweiss) Summary: check_http fails to connect to some SSL servers/devices Initial Comment: Error is "CRITICAL - Cannot make SSL connection" This has repeatedly been reported an closed for different servers; i.e. Tomcat, Oracle AppServer, etc. I can still see the issue on some access points that I have. I debugged through the code and the problem and solution are simple;in "ssltuils.c" in the function "int np_net_ssl_init_with_hostname", is the following line of code: if ((c = SSL_CTX_new (SSLv23_client_method ())) == NULL) { If this call fails, the error is returned. However, on systems that fail, falling back to TLS works fine, for example: if ((c = SSL_CTX_new (TLSv1_client_method ())) == NULL) { sslutil.c should attempt both methods ---------------------------------------------------------------------- Comment By: Jason A. Lunn (omnipotus) Date: 2011-04-12 09:00 Message: Today I submitted a patch (3285367) that implements a more general solution to this problem, by allowing check_http to take a value for the -S/--ssl argument that allows you to specify the protocol version. Supports TLSv1, SSLv2 and SSLv3. ---------------------------------------------------------------------- Comment By: https://www.google.com/accounts () Date: 2010-09-28 02:23 Message: no, it's not fixed: # /usr/lib/nagios/plugins/check_http -I x.x.x.x --ssl -v CRITICAL - Cannot make SSL connection 3078097176:error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message:s23_clnt.c:674: GET / HTTP/1.0 User-Agent: check_http/v1.4.15 (nagios-plugins 1.4.15) Connection: close HTTP CRITICAL - Error on receive ---------------------------------------------------------------------- Comment By: rabinnh (rabinnh) Date: 2010-09-27 07:37 Message: Version 1.4.15. Previous causes may have been fixed, but not the one that I identified. I have attached the patch to sslutils.c to fallback to TLS if SSL doesn't work. FWIW, in other cases, I changed the command configuration to use just the IP address instead of host headers. -I instead of -H ---------------------------------------------------------------------- Comment By: Thomas Guyot-Sionnest (dermoth) Date: 2010-09-27 05:27 Message: Thanks for your bug report. Which version of the nagios-plugins are you using? I believe this has been fixed in 1.4.15. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3066166&group_id=29880 From noreply at sourceforge.net Mon May 28 17:22:53 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 08:22:53 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3095106 ] check_http return code 141 with SSL connection error Message-ID: Bugs item #3095106, was opened at 2010-10-25 12:15 Message generated for change (Settings changed) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3095106&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: release-1.4.15 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Eric Schoeller (eschoeller) >Assigned to: Holger Weiss (hweiss) Summary: check_http return code 141 with SSL connection error Initial Comment: Under certain scenarios the check_http plugin will fail with the message "CRITICAL - Cannot make SSL connection" but the return code will be set to 141, and not 2. See the following snippet I posted to both mail lists for details: We're currently experiencing some problems with our Cisco Content switch that is causing numerous service checks relying on check_http to fail, with '(Return code of 141 is out of bounds)'. Running the check by hand: /usr/local/nagios/libexec/check_http -H SITE.colorado.edu -p 443 -w 10 -s 20 -t 30 -u "/URL/" -s "title" -S; echo $? result: CRITICAL - Cannot make SSL connection 141 So, the plugin is correctly stating that it had trouble initiating an SSL connection, but the return code is out of bounds. After looking through both sslutils.c and check_http.c I've somewhat zeroed in on the problem. The function call: np_net_ssl_init_with_hostname(sd, (use_sni ? host_name : NULL)); Correctly returns an error code of 2 back to check_http on about line 810, however the return code of this function call never seems to be checked. The plugin finally bombs out at line 879 when it tries to send the constructed buffer using my_send(). This is when the return code of 141 is generated. I reproduced this condition using the latest nagios-plugins available, nagios-plugins-1.4.15. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3095106&group_id=29880 From noreply at sourceforge.net Mon May 28 17:27:12 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 08:27:12 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Patches-3285367 ] Support SSL Protocol version argument Message-ID: Patches item #3285367, was opened at 2011-04-12 08:47 Message generated for change (Comment added) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397599&aid=3285367&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Enhancement Group: release-1.4.15 >Status: Closed >Resolution: Accepted Priority: 5 Private: No Submitted By: Jason A. Lunn (omnipotus) Assigned to: Holger Weiss (hweiss) Summary: Support SSL Protocol version argument Initial Comment: Bug 3066166 has a suggested solution to try to fallback to TLSv1 only when SSL protocol negotiation fails. This patch takes an alternative approach that is more general purpose, adding support for an optional value to the -S/--ssl argument of check_http and using that to chose the SSL Protocol version in sslutils.c. This will facilitate testing of HTTPS services that fail to properly auto-negotiate the protocol version but work with an explicit version is set. ---------------------------------------------------------------------- >Comment By: Holger Weiss (hweiss) Date: 2012-05-28 08:27 Message: I commited the patch with minor modifications, it will be included in the next release. Thank you! ---------------------------------------------------------------------- Comment By: Holger Weiss (hweiss) Date: 2012-05-07 03:42 Message: As we're stumbling over negotiation glitches in various SSL server implementations every now and then, I think it would be nice to be able to specify the desired SSL protocol version. The patch looks fine to me. If nobody objects, I'll commit it before the next release. ---------------------------------------------------------------------- Comment By: Thomas Guyot-Sionnest (dermoth) Date: 2011-05-02 17:03 Message: [This is a copy of my reply to your email, as it bounced] I've looked at it but didn't take the time to look further or reply... According to the openssl documentation the function SSLv23_client_method should already try TLSv1. I'd like to better understand why using specifically TLSv1_client_method would make a difference, and most importantely whenever it's an openssl bug or not (i.e. did you try against the latest openssl version?) A reproducible testcase would be great, or at least an external server I could test against. Thanks ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397599&aid=3285367&group_id=29880 From noreply at sourceforge.net Mon May 28 17:29:17 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 08:29:17 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3066166 ] check_http fails to connect to some SSL servers/devices Message-ID: Bugs item #3066166, was opened at 2010-09-14 12:27 Message generated for change (Comment added) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3066166&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: None >Status: Closed >Resolution: Fixed Priority: 5 Private: No Submitted By: rabinnh (rabinnh) Assigned to: Holger Weiss (hweiss) Summary: check_http fails to connect to some SSL servers/devices Initial Comment: Error is "CRITICAL - Cannot make SSL connection" This has repeatedly been reported an closed for different servers; i.e. Tomcat, Oracle AppServer, etc. I can still see the issue on some access points that I have. I debugged through the code and the problem and solution are simple;in "ssltuils.c" in the function "int np_net_ssl_init_with_hostname", is the following line of code: if ((c = SSL_CTX_new (SSLv23_client_method ())) == NULL) { If this call fails, the error is returned. However, on systems that fail, falling back to TLS works fine, for example: if ((c = SSL_CTX_new (TLSv1_client_method ())) == NULL) { sslutil.c should attempt both methods ---------------------------------------------------------------------- >Comment By: Holger Weiss (hweiss) Date: 2012-05-28 08:29 Message: The patch committed by Jason A. Lunn in #3285367 will be included in the next release. Thank you for your report! ---------------------------------------------------------------------- Comment By: Jason A. Lunn (omnipotus) Date: 2011-04-12 09:00 Message: Today I submitted a patch (3285367) that implements a more general solution to this problem, by allowing check_http to take a value for the -S/--ssl argument that allows you to specify the protocol version. Supports TLSv1, SSLv2 and SSLv3. ---------------------------------------------------------------------- Comment By: https://www.google.com/accounts () Date: 2010-09-28 02:23 Message: no, it's not fixed: # /usr/lib/nagios/plugins/check_http -I x.x.x.x --ssl -v CRITICAL - Cannot make SSL connection 3078097176:error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert unexpected message:s23_clnt.c:674: GET / HTTP/1.0 User-Agent: check_http/v1.4.15 (nagios-plugins 1.4.15) Connection: close HTTP CRITICAL - Error on receive ---------------------------------------------------------------------- Comment By: rabinnh (rabinnh) Date: 2010-09-27 07:37 Message: Version 1.4.15. Previous causes may have been fixed, but not the one that I identified. I have attached the patch to sslutils.c to fallback to TLS if SSL doesn't work. FWIW, in other cases, I changed the command configuration to use just the IP address instead of host headers. -I instead of -H ---------------------------------------------------------------------- Comment By: Thomas Guyot-Sionnest (dermoth) Date: 2010-09-27 05:27 Message: Thanks for your bug report. Which version of the nagios-plugins are you using? I believe this has been fixed in 1.4.15. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3066166&group_id=29880 From noreply at sourceforge.net Tue May 29 00:03:01 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 15:03:01 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3095106 ] check_http return code 141 with SSL connection error Message-ID: Bugs item #3095106, was opened at 2010-10-25 12:15 Message generated for change (Comment added) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3095106&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: release-1.4.15 Status: Open >Resolution: Fixed Priority: 5 Private: No Submitted By: Eric Schoeller (eschoeller) Assigned to: Holger Weiss (hweiss) Summary: check_http return code 141 with SSL connection error Initial Comment: Under certain scenarios the check_http plugin will fail with the message "CRITICAL - Cannot make SSL connection" but the return code will be set to 141, and not 2. See the following snippet I posted to both mail lists for details: We're currently experiencing some problems with our Cisco Content switch that is causing numerous service checks relying on check_http to fail, with '(Return code of 141 is out of bounds)'. Running the check by hand: /usr/local/nagios/libexec/check_http -H SITE.colorado.edu -p 443 -w 10 -s 20 -t 30 -u "/URL/" -s "title" -S; echo $? result: CRITICAL - Cannot make SSL connection 141 So, the plugin is correctly stating that it had trouble initiating an SSL connection, but the return code is out of bounds. After looking through both sslutils.c and check_http.c I've somewhat zeroed in on the problem. The function call: np_net_ssl_init_with_hostname(sd, (use_sni ? host_name : NULL)); Correctly returns an error code of 2 back to check_http on about line 810, however the return code of this function call never seems to be checked. The plugin finally bombs out at line 879 when it tries to send the constructed buffer using my_send(). This is when the return code of 141 is generated. I reproduced this condition using the latest nagios-plugins available, nagios-plugins-1.4.15. ---------------------------------------------------------------------- Comment By: Holger Weiss (hweiss) Date: 2012-05-28 15:03 Message: This problem is now fixed in Git. Thank you for your report. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3095106&group_id=29880 From noreply at sourceforge.net Tue May 29 00:03:22 2012 From: noreply at sourceforge.net (SourceForge.net) Date: Mon, 28 May 2012 15:03:22 -0700 Subject: [Nagiosplug-devel] [ nagiosplug-Bugs-3095106 ] check_http return code 141 with SSL connection error Message-ID: Bugs item #3095106, was opened at 2010-10-25 12:15 Message generated for change (Settings changed) made by hweiss You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3095106&group_id=29880 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: General plugin execution Group: release-1.4.15 >Status: Closed Resolution: Fixed Priority: 5 Private: No Submitted By: Eric Schoeller (eschoeller) Assigned to: Holger Weiss (hweiss) Summary: check_http return code 141 with SSL connection error Initial Comment: Under certain scenarios the check_http plugin will fail with the message "CRITICAL - Cannot make SSL connection" but the return code will be set to 141, and not 2. See the following snippet I posted to both mail lists for details: We're currently experiencing some problems with our Cisco Content switch that is causing numerous service checks relying on check_http to fail, with '(Return code of 141 is out of bounds)'. Running the check by hand: /usr/local/nagios/libexec/check_http -H SITE.colorado.edu -p 443 -w 10 -s 20 -t 30 -u "/URL/" -s "title" -S; echo $? result: CRITICAL - Cannot make SSL connection 141 So, the plugin is correctly stating that it had trouble initiating an SSL connection, but the return code is out of bounds. After looking through both sslutils.c and check_http.c I've somewhat zeroed in on the problem. The function call: np_net_ssl_init_with_hostname(sd, (use_sni ? host_name : NULL)); Correctly returns an error code of 2 back to check_http on about line 810, however the return code of this function call never seems to be checked. The plugin finally bombs out at line 879 when it tries to send the constructed buffer using my_send(). This is when the return code of 141 is generated. I reproduced this condition using the latest nagios-plugins available, nagios-plugins-1.4.15. ---------------------------------------------------------------------- Comment By: Holger Weiss (hweiss) Date: 2012-05-28 15:03 Message: This problem is now fixed in Git. Thank you for your report. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=397597&aid=3095106&group_id=29880 From leandro.teixeira at conductor.com.br Wed May 30 00:45:36 2012 From: leandro.teixeira at conductor.com.br (Leandro Teixeira) Date: Tue, 29 May 2012 19:45:36 -0300 Subject: [Nagiosplug-devel] Help Message-ID: <4FC55190.6030600@conductor.com.br> Hi! I am in need of help with my nagios server here, i don't know what exactly i should do to get warning and critical alarms on the application when monitoring a linux disk. Here are the lines of my commands: Nagios server: at check_commands.cfg file command_line /usr/local/nagios/libexec/check_nrpe -H 10.1.1.73 -n -p 5666 -c check_disk9 On the client server (10.1.1.73), at nrpe.cfg file command[check_disk9]=/usr/local/nagios/libexec/check_disk -w 30% -c 10% -p /dev/hdc1 Well, the disk goes to 99% usage and not warning and critical alarms... what am I doing wrong? The disk are being monitored well, as the nagios server returns me OK every single check of the service. Thanks for the help Best regards -- Leandro Teixeira da Silva Administrador de Redes | Monitora??o Conductor Tecnologia S/A (11)3889 1800 Ramal 5005 ________________________________ Este e-mail, incluindo seus anexos, ? confidencial e de uso exclusivo do destinat?rio. Seu conte?do n?o deve ser revelado a terceiros. Caso voc? n?o seja o destinat?rio, por favor, notifique o remetente e elimine esta mensagem imediatamente. Alertamos que esta mensagem transitou por rede p?blica de comunica??o, estando, portanto, sujeita aos riscos inerentes a essa forma de comunica??o. -------------- next part -------------- An HTML attachment was scrubbed... URL: From wferi at niif.hu Wed May 30 09:25:49 2012 From: wferi at niif.hu (Ferenc Wagner) Date: Wed, 30 May 2012 09:25:49 +0200 Subject: [Nagiosplug-devel] Help In-Reply-To: <4FC55190.6030600@conductor.com.br> (Leandro Teixeira's message of "Tue, 29 May 2012 19:45:36 -0300") References: <4FC55190.6030600@conductor.com.br> Message-ID: <87vcjejfk2.fsf@szonett.ki.iif.hu> Leandro Teixeira writes: > command_line /usr/local/nagios/libexec/check_nrpe -H 10.1.1.73 -n -p 5666 -c check_disk9 > command[check_disk9]=/usr/local/nagios/libexec/check_disk -w 30% -c 10% -p /dev/hdc1 > > Well, the disk goes to 99% usage and not warning and critical > alarms... what am I doing wrong? I wonder if there's a more appropriate forum for such user questions... Maybe running check_disk with the above parameters from the shell could provide some indication of the problem. -- Regards, Feri. From grant.byers at gmail.com Wed May 30 11:07:07 2012 From: grant.byers at gmail.com (Grant Byers) Date: Wed, 30 May 2012 19:07:07 +1000 Subject: [Nagiosplug-devel] Help In-Reply-To: <4FC55190.6030600@conductor.com.br> References: <4FC55190.6030600@conductor.com.br> Message-ID: I'm not near a computer right now, but I believe you should be passing the mountpoint to -p, not the block device. Regards, Grant On May 30, 2012 8:49 AM, "Leandro Teixeira" < leandro.teixeira at conductor.com.br> wrote: > Hi! > > I am in need of help with my nagios server here, i don't know what exactly > i should do to get warning and critical alarms on the application when > monitoring a linux disk. Here are the lines of my commands: > > Nagios server: at check_commands.cfg file > > > *command_line /usr/local/nagios/libexec/check_nrpe -H 10.1.1.73 -n -p > 5666 -c check_disk9* > > > On the client server (10.1.1.73), at nrpe.cfg file > > * > command[check_disk9]=/usr/local/nagios/libexec/check_disk -w 30% -c 10% -p > /dev/hdc1* > > > > Well, the disk goes to 99% usage and not warning and critical alarms... > what am I doing wrong? > > The disk are being monitored well, as the nagios server returns me OK > every single check of the service. > > Thanks for the help > Best regards > > -- > > *Leandro Teixeira da Silva* > > *Administrador de Redes | Monitora??o *** > > *Conductor** Tecnologia S/A * > > (11)3889 1800 Ramal 5005 > > ** ** > > ------------------------------ > Este e-mail, incluindo seus anexos, ? confidencial e de uso exclusivo do > destinat?rio. Seu conte?do n?o deve ser revelado a terceiros. Caso voc? n?o > seja o destinat?rio, por favor, notifique o remetente e elimine esta > mensagem imediatamente. Alertamos que esta mensagem transitou por rede > p?blica de comunica??o, estando, portanto, sujeita aos riscos inerentes a > essa forma de comunica??o. > > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________________ > Nagios Plugin Development Mailing List > Nagiosplug-devel at lists.sourceforge.net > Unsubscribe at > https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel > ::: Please include plugins version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -------------- next part -------------- An HTML attachment was scrubbed... URL: From daniel.wittenberg.r0ko at statefarm.com Wed May 30 15:39:35 2012 From: daniel.wittenberg.r0ko at statefarm.com (Daniel Wittenberg) Date: Wed, 30 May 2012 13:39:35 +0000 Subject: [Nagiosplug-devel] Help In-Reply-To: References: <4FC55190.6030600@conductor.com.br> Message-ID: Actually -M is mountpoint, -p is the path or partition. What does your 'mount' command return? Dan On May 30, 2012, at 4:07 AM, Grant Byers wrote: I'm not near a computer right now, but I believe you should be passing the mountpoint to -p, not the block device. Regards, Grant On May 30, 2012 8:49 AM, "Leandro Teixeira" > wrote: Hi! I am in need of help with my nagios server here, i don't know what exactly i should do to get warning and critical alarms on the application when monitoring a linux disk. Here are the lines of my commands: Nagios server: at check_commands.cfg file command_line /usr/local/nagios/libexec/check_nrpe -H 10.1.1.73 -n -p 5666 -c check_disk9 On the client server (10.1.1.73), at nrpe.cfg file command[check_disk9]=/usr/local/nagios/libexec/check_disk -w 30% -c 10% -p /dev/hdc1 Well, the disk goes to 99% usage and not warning and critical alarms... what am I doing wrong? The disk are being monitored well, as the nagios server returns me OK every single check of the service. Thanks for the help Best regards -- Leandro Teixeira da Silva Administrador de Redes | Monitora??o Conductor Tecnologia S/A (11)3889 1800 Ramal 5005 ________________________________ Este e-mail, incluindo seus anexos, ? confidencial e de uso exclusivo do destinat?rio. Seu conte?do n?o deve ser revelado a terceiros. Caso voc? n?o seja o destinat?rio, por favor, notifique o remetente e elimine esta mensagem imediatamente. Alertamos que esta mensagem transitou por rede p?blica de comunica??o, estando, portanto, sujeita aos riscos inerentes a essa forma de comunica??o. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________________ Nagios Plugin Development Mailing List Nagiosplug-devel at lists.sourceforge.net Unsubscribe at https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel ::: Please include plugins version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/_______________________________________________________ Nagios Plugin Development Mailing List Nagiosplug-devel at lists.sourceforge.net Unsubscribe at https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel ::: Please include plugins version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -------------- next part -------------- An HTML attachment was scrubbed... URL: From leandro.teixeira at conductor.com.br Wed May 30 20:39:49 2012 From: leandro.teixeira at conductor.com.br (Leandro Teixeira) Date: Wed, 30 May 2012 15:39:49 -0300 Subject: [Nagiosplug-devel] Help In-Reply-To: References: <4FC55190.6030600@conductor.com.br> Message-ID: <4FC66975.10802@conductor.com.br> I am not mounting any, the device is a real disk (/dev/hdc1). If I run the command from the shell i got no errors... but no critical or warning is displayed when the disk became full. Leandro Teixeira da Silva Administrador de Redes | Monitora??o Conductor Tecnologia S/A (11)3889 1800 Ramal 5005 Em 30/05/2012 10:39, Daniel Wittenberg escreveu: Actually -M is mountpoint, -p is the path or partition. What does your 'mount' command return? Dan On May 30, 2012, at 4:07 AM, Grant Byers wrote: I'm not near a computer right now, but I believe you should be passing the mountpoint to -p, not the block device. Regards, Grant On May 30, 2012 8:49 AM, "Leandro Teixeira" > wrote: Hi! I am in need of help with my nagios server here, i don't know what exactly i should do to get warning and critical alarms on the application when monitoring a linux disk. Here are the lines of my commands: Nagios server: at check_commands.cfg file command_line /usr/local/nagios/libexec/check_nrpe -H 10.1.1.73 -n -p 5666 -c check_disk9 On the client server (10.1.1.73), at nrpe.cfg file command[check_disk9]=/usr/local/nagios/libexec/check_disk -w 30% -c 10% -p /dev/hdc1 Well, the disk goes to 99% usage and not warning and critical alarms... what am I doing wrong? The disk are being monitored well, as the nagios server returns me OK every single check of the service. Thanks for the help Best regards -- Leandro Teixeira da Silva Administrador de Redes | Monitora??o Conductor Tecnologia S/A (11)3889 1800 Ramal 5005 ________________________________ Este e-mail, incluindo seus anexos, ? confidencial e de uso exclusivo do destinat?rio. Seu conte?do n?o deve ser revelado a terceiros. Caso voc? n?o seja o destinat?rio, por favor, notifique o remetente e elimine esta mensagem imediatamente. Alertamos que esta mensagem transitou por rede p?blica de comunica??o, estando, portanto, sujeita aos riscos inerentes a essa forma de comunica??o. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________________ Nagios Plugin Development Mailing List Nagiosplug-devel at lists.sourceforge.net Unsubscribe at https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel ::: Please include plugins version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/_______________________________________________________ Nagios Plugin Development Mailing List Nagiosplug-devel at lists.sourceforge.net Unsubscribe at https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel ::: Please include plugins version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ________________________________ Este e-mail, incluindo seus anexos, ? confidencial e de uso exclusivo do destinat?rio. Seu conte?do n?o deve ser revelado a terceiros. Caso voc? n?o seja o destinat?rio, por favor, notifique o remetente e elimine esta mensagem imediatamente. Alertamos que esta mensagem transitou por rede p?blica de comunica??o, estando, portanto, sujeita aos riscos inerentes a essa forma de comunica??o. -------------- next part -------------- An HTML attachment was scrubbed... URL: From leandro.teixeira at conductor.com.br Thu May 31 01:45:43 2012 From: leandro.teixeira at conductor.com.br (Leandro Teixeira) Date: Wed, 30 May 2012 20:45:43 -0300 Subject: [Nagiosplug-devel] Help In-Reply-To: <4FC66975.10802@conductor.com.br> References: <4FC55190.6030600@conductor.com.br> <4FC66975.10802@conductor.com.br> Message-ID: <4FC6B127.1030000@conductor.com.br> Hey guys, thanks for the help I found out why this was happening: when i execute the check_disk from de remote server the command returns me with DISK WARNING and the nagios server after using the check_nrpe command was returning DISK OK. I killed the nrpe process and start a new one running as a daemon (and using SSL, after some compiling). I removed the '-n' option from both commands and it works. Thanks again and this thread can be closed. Regards Leandro Teixeira da Silva Administrador de Redes | Monitora??o Conductor Tecnologia S/A (11)3889 1800 Ramal 5005 Em 30/05/2012 15:39, Leandro Teixeira escreveu: I am not mounting any, the device is a real disk (/dev/hdc1). If I run the command from the shell i got no errors... but no critical or warning is displayed when the disk became full. Leandro Teixeira da Silva Administrador de Redes | Monitora??o Conductor Tecnologia S/A (11)3889 1800 Ramal 5005 Em 30/05/2012 10:39, Daniel Wittenberg escreveu: Actually -M is mountpoint, -p is the path or partition. What does your 'mount' command return? Dan On May 30, 2012, at 4:07 AM, Grant Byers wrote: I'm not near a computer right now, but I believe you should be passing the mountpoint to -p, not the block device. Regards, Grant On May 30, 2012 8:49 AM, "Leandro Teixeira" > wrote: Hi! I am in need of help with my nagios server here, i don't know what exactly i should do to get warning and critical alarms on the application when monitoring a linux disk. Here are the lines of my commands: Nagios server: at check_commands.cfg file command_line /usr/local/nagios/libexec/check_nrpe -H 10.1.1.73 -n -p 5666 -c check_disk9 On the client server (10.1.1.73), at nrpe.cfg file command[check_disk9]=/usr/local/nagios/libexec/check_disk -w 30% -c 10% -p /dev/hdc1 Well, the disk goes to 99% usage and not warning and critical alarms... what am I doing wrong? The disk are being monitored well, as the nagios server returns me OK every single check of the service. Thanks for the help Best regards -- Leandro Teixeira da Silva Administrador de Redes | Monitora??o Conductor Tecnologia S/A (11)3889 1800 Ramal 5005 ________________________________ Este e-mail, incluindo seus anexos, ? confidencial e de uso exclusivo do destinat?rio. Seu conte?do n?o deve ser revelado a terceiros. Caso voc? n?o seja o destinat?rio, por favor, notifique o remetente e elimine esta mensagem imediatamente. Alertamos que esta mensagem transitou por rede p?blica de comunica??o, estando, portanto, sujeita aos riscos inerentes a essa forma de comunica??o. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________________ Nagios Plugin Development Mailing List Nagiosplug-devel at lists.sourceforge.net Unsubscribe at https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel ::: Please include plugins version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/_______________________________________________________ Nagios Plugin Development Mailing List Nagiosplug-devel at lists.sourceforge.net Unsubscribe at https://lists.sourceforge.net/lists/listinfo/nagiosplug-devel ::: Please include plugins version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ________________________________ Este e-mail, incluindo seus anexos, ? confidencial e de uso exclusivo do destinat?rio. Seu conte?do n?o deve ser revelado a terceiros. Caso voc? n?o seja o destinat?rio, por favor, notifique o remetente e elimine esta mensagem imediatamente. Alertamos que esta mensagem transitou por rede p?blica de comunica??o, estando, portanto, sujeita aos riscos inerentes a essa forma de comunica??o. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Stephan at quantentunnel.de Wed May 30 22:59:03 2012 From: Stephan at quantentunnel.de (Stephan) Date: Wed, 30 May 2012 22:59:03 +0200 Subject: [Nagiosplug-devel] Perl Modul Nagios::Plugin and extra-opts - request for comments In-Reply-To: <4FC66975.10802@conductor.com.br> References: <4FC55190.6030600@conductor.com.br> <4FC66975.10802@conductor.com.br> Message-ID: <4FC68A17.5040806@quantentunnel.de> Hi! Holger Wei? asked me to introduce here what I intend to do. I lately started to use Nagios::Plugin for a plugin I developed at work. I came across the --extra-opts parameter and thought that this could be very helpful. Unfortunately I seem to found a bug - or at least - inconsistant behaviour. When you pass on commandline something like --opt "test value" you get in your variable: test value But if you put into the extra-opts file opt="test value" you get "test value" Okay, I could live with the plugin not removing the quotes, so I put into the extra-opts file opt=test vale But guess what I got: "test value" So N::P is introducing quotes here. So my first idea is to get rid of those quotes. Unfortunately this will break some of the tests, as they rely on the sub _cmdline which generates, from the internal options array, a commandline. But this sub is, as far as I can see, only used for this test and nowhere else. Additionally the quoting is done wrong or at least for an OS I don't know as quotes inside the string are not escaped. So this opt=a 2.5" hard disc becomes "a 2.5" hard disc" So the questions I have are: 1) For what reason was the quoting introduced - except for the tests? 2) For which platform is it intended? For sure no *IX 3) Is it required? I'd vote for getting rid of the quoting. My second idea is to introduce multiline values in the extra-opts file. This would simply be done in the usual way, by putting a backslash "\" as last charater of the line. All the lines will be concatenated by a single space after first triming them. So opt=multi \ line \ value would become multi line value Last but not lest I'd like to introduce a HERE-document like syntax in conformance to Config::General. Example: opt=<