Hi,
i made a patch to NRPE, which enables it to use SSL on operating systems
which have no /dev/random by default or which have not been patched
accordingly. Normally a ssl-enabled nrpe will not be able to initialize
correctly on these machines and refuses handshakes with check_nrpe clients.
This patch is for people, who are forced by company policy to use SSL, or
who do not want to use both ssl-enabled and plaintext check_nrpe binaries
depending on the monitored server's capabilities.
What i added is a fallback to an alternative way of seeding the random
number generator. You enable it by setting "allow_weak_random_seed=1" in the
nrpe.cfg file.
If there was no randomness device available for seeding, then this directive
allows
- the seeding from a file (using RAND_file_name() and RAND_load_file()) and
if this was still not enough
- the seeding from the PRNG (using RAND_seed())
If this looks useful for you, please download it from
http://people.consol.de/~lausser/nagios ... _seed.patc
h
and apply it with:
cd nrpe-2.0
patch -p1 < nrpe-2.0-allow_waek_random_seed.patch
Greetings from munich,
Gerhard
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]