From 3930fa0fab92da95fa4a84e7ae8ca43f35d614df Mon Sep 17 00:00:00 2001 From: Colin Gagnaire Date: Mon, 10 Jun 2019 18:59:58 +0200 Subject: [PATCH] add nrpe/nsclient protocol plugin --- .../apps/protocols/nrpe/custom/nrpe.pm | 141 ++++++ .../apps/protocols/nrpe/custom/nsclient.pm | 341 ++++++++++++++ .../apps/protocols/nrpe/mode/query.pm | 116 +++++ .../apps/protocols/nrpe/plugin.pm | 50 +++ centreon-plugins/centreon/plugins/nrpe.pm | 418 ++++++++++++++++++ 5 files changed, 1066 insertions(+) create mode 100644 centreon-plugins/apps/protocols/nrpe/custom/nrpe.pm create mode 100644 centreon-plugins/apps/protocols/nrpe/custom/nsclient.pm create mode 100644 centreon-plugins/apps/protocols/nrpe/mode/query.pm create mode 100644 centreon-plugins/apps/protocols/nrpe/plugin.pm create mode 100644 centreon-plugins/centreon/plugins/nrpe.pm diff --git a/centreon-plugins/apps/protocols/nrpe/custom/nrpe.pm b/centreon-plugins/apps/protocols/nrpe/custom/nrpe.pm new file mode 100644 index 000000000..248a588e5 --- /dev/null +++ b/centreon-plugins/apps/protocols/nrpe/custom/nrpe.pm @@ -0,0 +1,141 @@ +# +# Copyright 2019 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::protocols::nrpe::custom::nrpe; + +use base qw(centreon::plugins::mode); + +use strict; +use warnings; +use centreon::plugins::nrpe; + +my %errors_num = (0 => 'OK', 1 => 'WARNING', 2 => 'CRITICAL', 3 => 'UNKNOWN'); + +sub new { + my ($class, %options) = @_; + my $self = {}; + bless $self, $class; + + if (!defined($options{output})) { + print "Class Custom: Need to specify 'output' argument.\n"; + exit 3; + } + if (!defined($options{options})) { + $options{output}->add_option_msg(short_msg => "Class Custom: Need to specify 'options' argument."); + $options{output}->option_exit(); + } + + if (!defined($options{noptions})) { + $options{options}->add_options(arguments => { + "hostname:s" => { name => 'hostname' }, + }); + } + $options{options}->add_help(package => __PACKAGE__, sections => 'CUSTOM MODE OPTIONS', once => 1); + + $self->{output} = $options{output}; + $self->{mode} = $options{mode}; + $self->{nrpe} = centreon::plugins::nrpe->new(%options); + + return $self; +} + +sub set_options { + my ($self, %options) = @_; + + $self->{option_results} = $options{option_results}; +} + +sub set_defaults { + my ($self, %options) = @_; + + foreach (keys %{$options{default}}) { + if ($_ eq $self->{mode}) { + for (my $i = 0; $i < scalar(@{$options{default}->{$_}}); $i++) { + foreach my $opt (keys %{$options{default}->{$_}[$i]}) { + if (!defined($self->{option_results}->{$opt}[$i])) { + $self->{option_results}->{$opt}[$i] = $options{default}->{$_}[$i]->{$opt}; + } + } + } + } + } +} + +sub check_options { + my ($self, %options) = @_; + + $self->{hostname} = (defined($self->{option_results}->{hostname})) ? $self->{option_results}->{hostname} : ''; + + if (!defined($self->{hostname}) || $self->{hostname} eq '') { + $self->{output}->add_option_msg(short_msg => "Need to specify --hostname option."); + $self->{output}->option_exit(); + } + + $self->{nrpe}->check_options(option_results => $self->{option_results}); + + return 0; +} + +sub format_result { + my ($self, %options) = @_; + + my %result = ( + code => ($options{content}->{result_code} =~ /^[0-3]$/) ? $errors_num{$options{content}->{result_code}} : $options{content}->{result_code}, + message => $options{content}->{buffer}, + perf => [] + ); + return \%result; +} + +sub request { + my ($self, %options) = @_; + + my ($content) = $self->{nrpe}->request(check => $options{command}, arg => $options{arg}); + + my $result = $self->format_result(content => $content); + + return $result; +} + +1; + +__END__ + +=head1 NAME + +NRPE protocol + +=head1 CUSTOM MODE OPTIONS + +NRPE protocol + +=over 8 + +=item B<--hostname> + +Remote hostname or IP address. + +=back + +=head1 DESCRIPTION + +B. + +=cut diff --git a/centreon-plugins/apps/protocols/nrpe/custom/nsclient.pm b/centreon-plugins/apps/protocols/nrpe/custom/nsclient.pm new file mode 100644 index 000000000..ff1ef4475 --- /dev/null +++ b/centreon-plugins/apps/protocols/nrpe/custom/nsclient.pm @@ -0,0 +1,341 @@ +# +# Copyright 2019 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::protocols::nrpe::custom::nsclient; + +use base qw(centreon::plugins::mode); + +use strict; +use warnings; +use centreon::plugins::http; +use URI::Encode; +use JSON::XS; + +sub new { + my ($class, %options) = @_; + my $self = {}; + bless $self, $class; + + if (!defined($options{output})) { + print "Class Custom: Need to specify 'output' argument.\n"; + exit 3; + } + if (!defined($options{options})) { + $options{output}->add_option_msg(short_msg => "Class Custom: Need to specify 'options' argument."); + $options{output}->option_exit(); + } + + if (!defined($options{noptions})) { + $options{options}->add_options(arguments => { + "hostname:s" => { name => 'hostname' }, + "port:s" => { name => 'port' }, + "proto:s" => { name => 'proto' }, + "credentials" => { name => 'credentials' }, + "basic" => { name => 'basic' }, + "username:s" => { name => 'username' }, + "password:s" => { name => 'password' }, + "legacy-password:s" => { name => 'legacy_password' }, + "timeout:s" => { name => 'timeout' }, + }); + } + $options{options}->add_help(package => __PACKAGE__, sections => 'CUSTOM MODE OPTIONS', once => 1); + + $self->{output} = $options{output}; + $self->{mode} = $options{mode}; + $self->{http} = centreon::plugins::http->new(%options); + + return $self; +} + +sub set_options { + my ($self, %options) = @_; + + $self->{option_results} = $options{option_results}; +} + +sub set_defaults { + my ($self, %options) = @_; + + foreach (keys %{$options{default}}) { + if ($_ eq $self->{mode}) { + for (my $i = 0; $i < scalar(@{$options{default}->{$_}}); $i++) { + foreach my $opt (keys %{$options{default}->{$_}[$i]}) { + if (!defined($self->{option_results}->{$opt}[$i])) { + $self->{option_results}->{$opt}[$i] = $options{default}->{$_}[$i]->{$opt}; + } + } + } + } + } +} + +sub check_options { + my ($self, %options) = @_; + + $self->{hostname} = (defined($self->{option_results}->{hostname})) ? $self->{option_results}->{hostname} : ''; + $self->{port} = (defined($self->{option_results}->{port})) ? $self->{option_results}->{port} : 8443; + $self->{proto} = (defined($self->{option_results}->{proto})) ? $self->{option_results}->{proto} : 'https'; + $self->{timeout} = (defined($self->{option_results}->{timeout})) ? $self->{option_results}->{timeout} : 10; + $self->{username} = (defined($self->{option_results}->{username})) ? $self->{option_results}->{username} : undef; + $self->{password} = (defined($self->{option_results}->{password})) ? $self->{option_results}->{password} : undef; + $self->{legacy_password} = (defined($self->{option_results}->{legacy_password})) ? $self->{option_results}->{legacy_password} : undef; + $self->{credentials} = (defined($self->{option_results}->{credentials})) ? 1 : undef; + $self->{basic} = (defined($self->{option_results}->{basic})) ? 1 : undef; + + if (!defined($self->{hostname}) || $self->{hostname} eq '') { + $self->{output}->add_option_msg(short_msg => "Need to specify --hostname option."); + $self->{output}->option_exit(); + } + return 0; +} + +sub build_options_for_httplib { + my ($self, %options) = @_; + + $self->{option_results}->{hostname} = $self->{hostname}; + $self->{option_results}->{timeout} = $self->{timeout}; + $self->{option_results}->{port} = $self->{port}; + $self->{option_results}->{proto} = $self->{proto}; + $self->{option_results}->{timeout} = $self->{timeout}; + $self->{option_results}->{warning_status} = ''; + $self->{option_results}->{critical_status} = ''; + $self->{option_results}->{unknown_status} = '%{http_code} < 200 or %{http_code} >= 300'; +} + +sub settings { + my ($self, %options) = @_; + + $self->build_options_for_httplib(); + if (defined($self->{legacy_password}) && $self->{legacy_password} ne '') { + $self->{http}->add_header(key => 'password', value => $self->{legacy_password}); + } + $self->{http}->set_options(%{$self->{option_results}}); +} + +# Two kind of outputs. +# 1- +# { +# "header": { +# "source_id": "" +# }, +# "payload": [{ +# "command": "check_centreon_plugins", +# "lines": [{ +# "message": "OK: Reboot Pending : False | 'value1'=10;;;; 'value2'=10;;;;\r\nlong1\r\nlong2" +# }], +# "result": "OK" +# }] +# } +# 2- Can be also "int_value". +# { +# "header": { +# "source_id": "" +# }, +# "payload": [{ +# "command": "check_drivesize", +# "lines": [{ +# "message": "OK All 1 drive(s) are ok", +# "perf": [{ +# "alias": "C", +# "float_value": { +# "critical": 44.690621566027403, +# "maximum": 49.656246185302734, +# "minimum": 0.00000000000000000, +# "unit": "GB", +# "value": 21.684593200683594, +# "warning": 39.724996947683394 +# } +# }, +# { +# "alias": "C", +# "float_value": { +# "critical": 90.000000000000000, +# "maximum": 100.00000000000000, +# "minimum": 0.00000000000000000, +# "unit": "%", +# "value": 44.000000000000000, +# "warning": 80.000000000000000 +# } +# } +# ] +# }], +# "result": "OK" +# }] +# } + +sub output_perf { + my ($self, %options) = @_; + + my %result = ( + code => $options{result}, + message => $options{data}->{message} + ); + + foreach (@{$options{data}->{perf}}) { + my $perf = defined($_->{float_value}) ? $_->{float_value} : $_->{int_value}; + my $printf_format = '%d'; + $printf_format = '%.3f' if (defined($_->{float_value})); + + push @{$result{perf}}, { + label => $_->{alias}, + unit => $perf->{unit}, + value => sprintf($printf_format, $perf->{value}), + warning => defined($perf->{warning}) ? sprintf($printf_format, $perf->{warning}) : undef, + critical => defined($perf->{critical}) ? sprintf($printf_format, $perf->{critical}) : undef, + min => defined($perf->{minimum}) ? sprintf($printf_format, $perf->{minimum}) : undef, + max => defined($perf->{maximum}) ? sprintf($printf_format, $perf->{maximum}) : undef, + }; + } + return \%result; +} + +sub output_noperf { + my ($self, %options) = @_; + + my %result = ( + code => $options{result}, + message => $options{data}->{message}, + perf => [] + ); + return \%result; +} + +sub format_result { + my ($self, %options) = @_; + + my $decoded; + eval { + $decoded = decode_json($options{content}); + }; + if ($@) { + $self->{output}->output_add(long_msg => $options{content}, debug => 1); + $self->{output}->add_option_msg(short_msg => "Cannot decode response (add --debug option to display returned content)"); + $self->{output}->option_exit(); + } + + my $entry = $decoded->{payload}->[0]; + $entry->{lines}->[0]->{message} =~ s/\r//msg; + if (defined($entry->{lines}->[0]->{perf})) { + return $self->output_perf(result => $entry->{result}, data => $entry->{lines}->[0]); + } else { + return $self->output_noperf(result => $entry->{result}, data => $entry->{lines}->[0]); + } +} + +sub request { + my ($self, %options) = @_; + + $self->settings(); + + my $uri = URI::Encode->new({encode_reserved => 1}); + my ($encoded_args, $append) = ('', ''); + if (defined($options{arg})) { + foreach (@{$options{arg}}) { + $encoded_args .= $append . $uri->encode($_); + $append = '&'; + } + } + + my ($content) = $self->{http}->request(url_path => '/query/' . $options{command} . '?' . $encoded_args); + if (!defined($content) || $content eq '') { + $self->{output}->add_option_msg(short_msg => "API returns empty content [code: '" . $self->{http}->get_code() . "'] [message: '" . $self->{http}->get_message() . "']"); + $self->{output}->option_exit(); + } + $self->{output}->output_add(long_msg => "nsclient return = " . $content, debug => 1); + + my $result = $self->format_result(content => $content); + + return $result; +} + +1; + +__END__ + +=head1 NAME + +NSClient++ Rest API + +=head1 CUSTOM MODE OPTIONS + +NSClient++ Rest API + +=over 8 + +=item B<--hostname> + +Remote hostname or IP address. + +=item B<--port> + +Port used (Default: 8443) + +=item B<--proto> + +Specify https if needed (Default: 'https') + +=item B<--credentials> + +Specify this option if you access webpage with authentication + +=item B<--username> + +Specify username for authentication (Mandatory if --credentials is specified) + +=item B<--password> + +Specify password for authentication (Mandatory if --credentials is specified) + +=item B<--basic> + +Specify this option if you access webpage over basic authentication and don't want a '401 UNAUTHORIZED' error to be logged on your webserver. + +Specify this option if you access webpage over hidden basic authentication or you'll get a '404 NOT FOUND' error. + +(Use with --credentials) + +=item B<--legacy-password> + +Specify password for old authentication system. + +=item B<--timeout> + +Set timeout in seconds (Default: 10). + +=item B<--unknown-status> + +Threshold warning for http response code. +(Default: '%{http_code} < 200 or %{http_code} >= 300') + +=item B<--warning-status> + +Threshold warning for http response code. + +=item B<--critical-status> + +Threshold critical for http response code. + +=back + +=head1 DESCRIPTION + +B. + +=cut diff --git a/centreon-plugins/apps/protocols/nrpe/mode/query.pm b/centreon-plugins/apps/protocols/nrpe/mode/query.pm new file mode 100644 index 000000000..fa862d99d --- /dev/null +++ b/centreon-plugins/apps/protocols/nrpe/mode/query.pm @@ -0,0 +1,116 @@ +# +# Copyright 2019 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::protocols::nrpe::mode::query; + +use base qw(centreon::plugins::mode); + +use strict; +use warnings; + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '1.0'; + $options{options}->add_options(arguments => { + "command:s" => { name => 'command' }, + "arg:s@" => { name => 'arg' }, + "sanitize-message:s" => { name => 'sanitize_message' }, + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::init(%options); + + if (!defined($self->{option_results}->{command}) || $self->{option_results}->{command} eq '') { + $self->{output}->add_option_msg(short_msg => "Please set --command option"); + $self->{output}->option_exit(); + } +} + +sub sanitize_message { + my ($self, %options) = @_; + + $self->{display_options}->{nolabel} = 1; + return $options{message} unless (defined($self->{option_results}->{sanitize_message})); + + my $message = $options{message}; + foreach my $code (('OK', 'WARNING', 'CRITICAL', 'UNKNOWN')) { + foreach my $separator (('-', ':')) { + if ($message =~ /^\w+\s*$code\s*$separator\s*(.*)$/) { + delete $self->{display_options}->{nolabel}; + return $1; + } + } + } + return $message; +} + +sub run { + my ($self, %options) = @_; + + my $result = $options{custom}->request( + command => $self->{option_results}->{command}, + arg => $self->{option_results}->{arg} + ); + + $self->{output}->output_add( + severity => $result->{code}, + short_msg => $self->sanitize_message(message => $result->{message}) + ); + + foreach (@{$result->{perf}}) { + $self->{output}->perfdata_add(%{$_}); + } + $self->{display_options}->{force_ignore_perfdata} = 1 if (scalar(@{$result->{perf}}) == 0); + + $self->{output}->display(%{$self->{display_options}}); + $self->{output}->exit(); +} + +1; + +__END__ + +=head1 MODE + +Trigger commands against NRPE/NSClient agent. + +=item B<--command> + +Set command. + +=item B<--arg> + +Set arguments (Multiple option. Example: --arg='arg1' --arg='arg2'). + +=item B<--sanitize-message> + +Sanitize message by removing heading code and +separator from returned message (ie "OK - "). + +=back + +=cut diff --git a/centreon-plugins/apps/protocols/nrpe/plugin.pm b/centreon-plugins/apps/protocols/nrpe/plugin.pm new file mode 100644 index 000000000..b1ce1cf05 --- /dev/null +++ b/centreon-plugins/apps/protocols/nrpe/plugin.pm @@ -0,0 +1,50 @@ + # +# Copyright 2019 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::protocols::nrpe::plugin; + +use strict; +use warnings; +use base qw(centreon::plugins::script_custom); + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '0.1'; + %{$self->{modes}} = ( + 'query' => 'apps::protocols::nrpe::mode::query', + ); + + $self->{custom_modes}{nrpe} = 'apps::protocols::nrpe::custom::nrpe'; + $self->{custom_modes}{nsclient} = 'apps::protocols::nrpe::custom::nsclient'; + return $self; +} + +1; + +__END__ + +=head1 PLUGIN DESCRIPTION + +Trigger commands against NRPE/NSClient agent. + +=cut diff --git a/centreon-plugins/centreon/plugins/nrpe.pm b/centreon-plugins/centreon/plugins/nrpe.pm new file mode 100644 index 000000000..033a44001 --- /dev/null +++ b/centreon-plugins/centreon/plugins/nrpe.pm @@ -0,0 +1,418 @@ +# +# Copyright 2019 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package centreon::plugins::nrpe; + +use strict; +use warnings; +use Convert::Binary::C; +use Digest::CRC 'crc32'; +use IO::Socket; +use IO::Socket::INET6; +use IO::Socket::SSL; +use Socket qw(SOCK_STREAM AF_INET6 AF_INET); + +sub new { + my ($class, %options) = @_; + my $self = {}; + bless $self, $class; + + if (!defined($options{output})) { + print "Class NRPE: Need to specify 'output' argument.\n"; + exit 3; + } + if (!defined($options{options})) { + $options{output}->add_option_msg(short_msg => "Class NRPE: Need to specify 'options' argument."); + $options{output}->option_exit(); + } + + if (!defined($options{noptions})) { + $options{options}->add_options(arguments => { + "nrpe-version:s" => { name => 'nrpe_version', default => 2 }, + "nrpe-port:s" => { name => 'nrpe_port', default => 5666 }, + "nrpe-payload:s" => { name => 'nrpe_payload', default => 1024 }, + "nrpe-bindaddr:s" => { name => 'nrpe_bindaddr' }, + "nrpe-use-ipv4" => { name => 'nrpe_use_ipv4' }, + "nrpe-use-ipv6" => { name => 'nrpe_use_ipv6' }, + "nrpe-timeout:s" => { name => 'nrpe_timeout', default => 10 }, + "ssl-opt:s@" => { name => 'ssl_opt' }, + }); + } + $options{options}->add_help(package => __PACKAGE__, sections => 'NRPE CLASS OPTIONS'); + + $self->{output} = $options{output}; + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + + $options{option_results}->{nrpe_version} =~ s/^v//; + if ($options{option_results}->{nrpe_version} !~ /2|3/) { + $self->{output}->add_option_msg(short_msg => "Unknown NRPE version."); + $self->{output}->option_exit(); + } + $self->{nrpe_version} = $options{option_results}->{nrpe_version}; + $self->{nrpe_payload} = $options{option_results}->{nrpe_payload}; + + %{$self->{nrpe_params}} = ( + PeerHost => $options{option_results}->{hostname}, + PeerPort => $options{option_results}->{nrpe_port}, + Timeout => $options{option_results}->{nrpe_timeout}, + ); + if ($options{option_results}->{bindaddr}) { + $self->{nrpe_params}->{LocalAddr} = $options{option_results}->{nrpe_bindaddr}; + } + if ($options{option_results}->{nrpe_use_ipv4}) { + $self->{nrpe_params}->{Domain} = AF_INET; + } elsif ($options{option_results}->{nrpe_use_ipv6}) { + $self->{nrpe_params}->{Domain} = AF_INET6; + } + + foreach (@{$options{option_results}->{ssl_opt}}) { + if ($_ ne '' && $_ =~ /(.*)\s*=>\s*(.*)/) { + $self->{ssl_context}->{$1} = $2; + } + } +} + +sub create_socket { + my ($self, %options) = @_; + + my $socket; + + if (defined($self->{ssl_context}) && $self->{ssl_context} ne '') { + IO::Socket::SSL::set_ctx_defaults(%{$self->{ssl_context}}); + $socket = IO::Socket::SSL->new(%{$self->{nrpe_params}}); + if (!$socket) { + $self->{output}->add_option_msg(short_msg => "Failed to establish SSL connection: $!, ssl_error=$SSL_ERROR"); + $self->{output}->option_exit(); + } + } else { + $socket = IO::Socket::INET6->new(Proto => 'tcp', Type => SOCK_STREAM, %{$self->{nrpe_params}}); + if (!$socket) { + $self->{output}->add_option_msg(short_msg => "Failed to create socket: $!"); + $self->{output}->option_exit(); + } + } + + return $socket; +} + +sub assemble { + my ($self, %options) = @_; + + $self->{c} = Convert::Binary::C->new(ByteOrder => 'BigEndian', Alignment => 0); + + my $packed; + if ($options{version} eq 2) { + $packed = $self->assemble_v2(%options); + } else { + $packed = $self->assemble_v3(%options); + } + return $packed; +} + +sub assemble_v3 { + my ($self, %options) = @_; + + my $buffer = $options{check}; + my $len = length($buffer); + + # In order for crc32 calculation to be correct we need to pad the buffer with \0 + # It seems that the buffer must be in multiples of 1024 so to achive this we use + # some integer arithmetic to find the next multiple of 1024 that can hold our message + my $pack_len; + { + use integer; + $pack_len = (($len / 1024) * 1024) + 1024; + } + $buffer = pack("Z$pack_len", $buffer); + $len = length($buffer) + 1; + + my $unpacked; + $unpacked->{alignment} = 0; + $unpacked->{buffer_length} = $len; + $unpacked->{buffer} = $buffer; + $unpacked->{crc32_value} = "\x00\x00\x00\x00"; + $unpacked->{packet_type} = $options{type} // 1; + $unpacked->{packet_version} = 3; + $unpacked->{result_code} = $options{result_code} // 2324; + + $self->{c}->parse(<{c}->tag('Packet.buffer', Format => 'String'); + my $packed = $self->{c}->pack('Packet', $unpacked); + + $unpacked->{crc32_value} = crc32($packed); + $packed = $self->{c}->pack('Packet', $unpacked); + return $packed; +} + +sub assemble_v2 { + my ($self, %options) = @_; + + my $len = $options{payload}; + + my $unpacked; + $unpacked->{buffer} = $options{check}; + $unpacked->{crc32_value} = "\x00\x00\x00\x00"; + $unpacked->{packet_type} = $options{type} // 1; + $unpacked->{packet_version} = 2; + $unpacked->{result_code} = $options{result_code} // 2324; + + $self->{c}->parse(<{c}->tag('Packet.buffer', Format => 'String'); + my $packed = $self->{c}->pack('Packet', $unpacked); + + $unpacked->{crc32_value} = crc32($packed); + $packed = $self->{c}->pack('Packet', $unpacked); + return $packed; +} + +sub validate { + my ($self, $packet) = @_; + + my $unpacked = $self->disassemble($packet, 1); + if (!$unpacked->{packet_version}) { + # If version is missing this is probably not an NRPE Packet. + return undef; + } + my $checksum = $unpacked->{crc32_value}; + $unpacked->{crc32_value} = "\x00\x00\x00\x00"; + my $packed = $self->assemble( + %{ + { + check => $unpacked->{buffer}, + version => $unpacked->{packet_version}, + type => $unpacked->{packet_type}, + result_code => $unpacked->{result_code} + } + } + ); + if (crc32($packed) != $checksum) { + return undef; + } else { + return 1; + } +} + +sub disassemble { + my ($self, $packet, $novalidate) = @_; + + if (!$packet) { + $self->{output}->add_option_msg(short_msg => "Could not disassemble packet."); + $self->{output}->option_exit(); + } + unless ($novalidate) { + unless ($self->validate($packet)) { + $self->{output}->add_option_msg(short_msg => "Packet had invalid CRC32."); + $self->{output}->option_exit(); + } + } + + my $version = unpack("n", $packet); + if (!defined($version) || $version eq '') { + $self->{output}->add_option_msg(short_msg => "Could not disassemble packet."); + $self->{output}->option_exit(); + } + + my $unpacked = {}; + if ($version eq 2) { + $unpacked = $self->disassemble_v2($packet); + } else { + $unpacked = $self->disassemble_v3($packet); + } + + return $unpacked; +} + +sub disassemble_v3 { + my ($self, $packet) = @_; + + my @arr = unpack("n2 N n2 N Z*", $packet); + my $unpacked = {}; + $unpacked->{packet_version} = $arr[0]; + $unpacked->{packet_type} = $arr[1]; + $unpacked->{crc32_value} = $arr[2]; + $unpacked->{result_code} = $arr[3]; + $unpacked->{alignment} = $arr[4]; + $unpacked->{buffer_length} = $arr[5]; + $unpacked->{buffer} = $arr[6]; + return $unpacked; +} + +sub disassemble_v2 { + my ($self, $packet) = @_; + + my @arr = unpack("n2 N n Z*", $packet); + my $unpacked = {}; + $unpacked->{packet_version} = $arr[0]; + $unpacked->{packet_type} = $arr[1]; + $unpacked->{crc32_value} = $arr[2]; + $unpacked->{result_code} = $arr[3]; + $unpacked->{buffer} = $arr[4]; + return $unpacked; +} + +sub request { + my ($self, %options) = @_; + + my $check; + if (!defined($options{arg}) || scalar @{$options{arg}} == 0) { + $check = $options{check}; + } else { + $check = join('!', $options{check}, @{$options{arg}}); + } + + my $socket = $self->create_socket(%options); + + my $assembled = $self->assemble( + type => 1, + check => $check, + version => $self->{nrpe_version}, + payload => $self->{nrpe_payload} + ); + + my $response; + print $socket $assembled; + while (<$socket>) { + $response .= $_; + } + close($socket); + + if (!defined($response) || $response eq '') { + $self->{output}->add_option_msg(short_msg => "No response from remote host."); + $self->{output}->option_exit(); + } + + my $response_packet = $self->disassemble($response, 1); + if (!defined($response_packet->{packet_version}) || $response_packet->{packet_version} != $self->{nrpe_version}) { + $self->{output}->add_option_msg(short_msg => "Bad response from remote host."); + $self->{output}->option_exit(); + } + + return $response_packet; +} + +sub set_nrpe_connect_params { + my ($self, %options) = @_; + + foreach (keys %options) { + $self->{nrpe_params}->{$_} = $options{$_}; + } +} + +sub set_nrpe_params { + my ($self, %options) = @_; + + foreach (keys %options) { + $self->{$_} = $options{$_}; + } +} + +sub get_hostname { + my ($self) = @_; + + my $host = $self->{nrpe_params}->{PeerHost}; + $host =~ s/.*://; + return $host; +} + +sub get_port { + my ($self) = @_; + + return $self->{nrpe_params}->{PeerPort}; +} + +1; + +__END__ + +=head1 NAME + +NRPE global + +=head1 SYNOPSIS + +NRPE class + +=head1 NRPE CLASS OPTIONS + +=over 8 + +=item B<--nrpe-version> + +Version: 2 for NRPE v2 (Default), 3 for NRPE v3. + +=item B<--nrpe-port> + +Port (Default: 5666). + +=item B<--nrpe-payload> + +Buffer payload (For v2 only) (Default: 1024). + +=item B<--nrpe-bindaddr> + +Bind to local address. + +=item B<--nrpe-use-ipv4> + +Use IPv4 only + +=item B<--nrpe-use-ipv6> + +Use IPv6 only + +=item B<--nrpe-timeout> + +Timeout in secondes (Default: 10). + +=item B<--ssl-opt> + +Set SSL Options (--ssl-opt="SSL_version => TLSv1" --ssl-opt="SSL_verify_mode => 0" +--ssl-opt="SSL_cipher_list => ALL"). + +=back + +=head1 DESCRIPTION + +B. + +=cut