[Nagiosplug-devel] RV: Problem with "check_tcp"

[Julio Pedreira Paz]

Hi,

While testing a service with "check_tcp" tool, I ran into a estrange behaviour. Running the same check_tcp command several times resulted in random OK / WARNING results. Reading the service server log, I could assert that the server replied always the same response. When using "-v" with "check_tcp" I realized that WARNING messages were due to check_tcp doing an incomplete read of the service response:

$ check_tcp -H venus -p 22225 -s "0003000000D360PXXXAAAABBBBBBBB" -e "00028D360RXXX" -v
Using service TCP
Port: 22225
flags: 0x2
Send string: 0003000000D360PXXXAAAABBBBBBBB
server_expect_count: 1
        0: 00028D360RXXX
received 5 bytes from host
#-raw-recv-------#
00028
#-raw-recv-------#
looking for [00028D360RXXX] anywhere in [00028]
couldn't find it


I know that the server performs a "flush" after the first 5 bytes are ready but it does not close the connection. Its just that the server flushes parts of the response as soon as it has them ready. Tracking this to "check_tcp" source code, I found:

                 /* watch for the expect string */
                 while ((i = my_recv(buffer, sizeof(buffer))) > 0) {
                          status = realloc(status, len + i + 1);
                          memcpy(&status[len], buffer, i);
                          len += i;

                          /* stop reading if user-forced or data-starved */
                          if(i < sizeof(buffer) || (maxbytes && len >= maxbytes))
                                   break;


If I'm not wrong, the "i < sizeof(buffer)" condition means to leave the reading loop if the bytes received are less than the buffer size, wich makes no sense to me, as other bytes may be awainting in the server, as it was my case. In fact, if I comment that condition and recompile, it works as expected.

Is it a bug or just something I'm missing?

Thank you!



Julio Pedreira Paz
Enterprise Architect - IT Architecture & Design
Equifax Ibérica
Fijo/Land:  +34 91 768 773  (7732)
Móvil/Cell: +34 626 721 620  (8732)
julio.pedreira at equifax.es<mailto:julio.pedreira at equifax.es>
www.equifax.es<http://www.equifax.es/>

Este mensaje se dirige exclusivamente a su destinatario y puede contener información privilegiada o confidencial. Si no es vd. el destinatario indicado, queda notificado de que la utilización, divulgación y/o copia sin autorización está prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción. Esta mensagem destina-se exclusivamente ao destinatário e pode conter informação privilegiada e/ou confidencial. Se não é o destinatário da mensagem, fique ciente que a utilização, divulgação e/ou cópia sem autorização, está proibida pela lei actualmente em vigor. Se recebeu esta mensagem por engano, pedimos-lhe que no-lo comunique imediatamente por esta mesma via, e proceda à destruição da mesma
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-plugins.org/archive/devel/attachments/20130909/09118d31/attachment.html>