We've moved to a new support system!

The Nagios Answer Hub is a place where you can get help with technical questions from our experts. There, you can quickly open tickets and join discussion boards.

Request Nagios Answer Hub access here: https://info.nagios.com/answer-hub-access-new-users

After completing the access form, you will be given access to a portal where new tickets can be created. We will keep the old customer forum sections and ticket system available for current cases to be resolved.

Go to the Answer Hub

Re: [Nagios-devel] Bug: default_user_name broken (patch included)

Engage with the community of users including those using the open source solutions.
Includes Nagios Core, Plugins, and NCPA

Re: [Nagios-devel] Bug: default_user_name broken (patch included)

Postby Guest » Fri Apr 26, 2002 6:30 pm

Thanks for the note. I should actually remove all "?" in that
section of the code. The only place its really used is in the
display_info_table() function in cgiutils.c, so I'll make changes
there.

On 25 Apr 2002 at 20:10, Bradey Honsinger wrote:

>
> I've been working on setting up Nagios 1.0a7 on our internal network, and I
> noticed that the default_user_name option in cgi.cfg is broken. In
> cgi/auth.c:123, the current username is set to "?" if authentication isn't
> being used, but later the default_user_name is used only if the current
> username is the empty string (""). The only time the default_user_name will
> be used is if malloc() fails! Here's the code snippet:
>
> ----cgi/auth.c:123---
> /* grab username from the environment... */
> temp_ptr=getenv("REMOTE_USER");
> if(temp_ptr==NULL){
> authinfo->username="?";
> authinfo->authenticated=FALSE;
> }
> else{
> authinfo->username=(char *)malloc(strlen(temp_ptr)+1);
> if(authinfo->username==NULL)
> authinfo->username=""; <--- only place username is
> set to ""--when malloc fails!
> else
> strcpy(authinfo->username,temp_ptr);
> if(!strcmp(authinfo->username,"")){
> authinfo->username="?";
> authinfo->authenticated=FALSE;
> }
> else
> authinfo->authenticated=TRUE;
> }
>
>
>
> ---> if(!strcmp(authinfo->username,"") &&
> strstr(input_buffer,"default_user_name=")==input_buffer){
> temp_ptr=strtok(input_buffer,"=");
> temp_ptr=strtok(NULL,",");
> authinfo->username=(char
> *)malloc(strlen(temp_ptr)+1);
> if(authinfo->username==NULL)
> authinfo->username="";
> else
> strcpy(authinfo->username,temp_ptr);
> if(!strcmp(authinfo->username,""))
> authinfo->authenticated=FALSE;
> else
> authinfo->authenticated=TRUE;
> }
> ----end snippet----
>
> A simple patch is included below--it just checks authinfo->username against
> "?" instead of "". I've tested it out, and it works for me. A better way
> might be to check if authinfo->authenticated is FALSE--I'll leave the choice
> up to whoever checks it in.
>
> - Bradey
>
>
> --------
> diff -ruN nagios-1.0a7/cgi/auth.c nagios-1.0a7-patched/cgi/auth.c
> --- nagios-1.0a7/cgi/auth.c Wed Mar 6 17:34:32 2002
> +++ nagios-1.0a7-patched/cgi/auth.c Wed Apr 24 20:15:22 2002
> @@ -120,7 +120,7 @@
> strip(input_buffer);
>
> /* we don't have a username yet, so fake the
> authentication if we find a default username defined */
> - if(!strcmp(authinfo->username,"") &&
> strstr(input_buffer,"default_user_name=")==input_buffer){
> + if(!strcmp(authinfo->username,"?") &&
> strstr(input_buffer,"default_user_name=")==input_buffer){
> temp_ptr=strtok(input_buffer,"=");
> temp_ptr=strtok(NULL,",");
> authinfo->username=(char
> *)malloc(strlen(temp_ptr)+1);
>
> _______________________________________________
> Nagios-devel mailing list
> Nagios-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-devel
>



Ethan Galstad,
Nagios Developer
---
Email: nagios@nagios.org
Website: http://www.nagios.org






This post was automatically imported from historical nagios-devel mailing list archives
Original poster: nagios@nagios.org
Guest
 

Return to Community Support

Who is online

Users browsing this forum: No registered users and 21 guests