--nextPart1286867.tSPeEDk6zl
Content-Type: multipart/mixed;
boundary="Boundary-01=_qeehIHymjSa5TcA"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--Boundary-01=_qeehIHymjSa5TcA
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Hi all,
I have patched nagios cgi to enable certificate based authentication.
In order to enable SSL authentication one have to set:
use_ssl_authentication =3D 1
in cgi.cfg config file, so this patch does not affect default behavior of=20
nagios.
Best regards,
Pawe=C5=82 Zuzelski
=2D-=20
TouK sp. z o.o. s.k.a. tel: +48664282776, +48225761854, jid:pzz@touk.=
pl
SSL root cert: http://cert.touk.pl/
SHA1 fingerprint: 4A:AC:7F:DA:54:B0:89:AE:D9:CD:B1:5E:95:88:BD:FD:B4:5E:1F:=
92
--Boundary-01=_qeehIHymjSa5TcA
Content-Type: text/x-diff; charset="iso 8859-15"; name="nagios-certauth.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
filename="nagios-certauth.patch"
diff -Naur nagios/cgi/cgiauth.c nagios-3.0.3.certauth/cgi/cgiauth.c
=2D-- nagios/cgi/cgiauth.c 2008-03-31 21:09:33.000000000 +0200
+++ nagios-3.0.3.certauth/cgi/cgiauth.c 2008-07-17 16:11:29.000000000 +0200
@@ -35,6 +35,7 @@
extern servicegroup *servicegroup_list;
=20
extern int use_authentication;
+extern int use_ssl_authentication;
=20
=20
=20
@@ -58,7 +59,12 @@
authinfo->authorized_for_configuration_information=3DFALSE;
=20
/* grab username from the environment... */
=2D temp_ptr=3Dgetenv("REMOTE_USER");
+ if(use_ssl_authentication) {
+ temp_ptr=3Dgetenv("SSL_CLIENT_S_DN_CN");
+ }
+ else{
+ temp_ptr=3Dgetenv("REMOTE_USER");
+ }
if(temp_ptr=3D=3DNULL){
authinfo->username=3D"";
authinfo->authenticated=3DFALSE;
diff -Naur nagios/cgi/cgiutils.c nagios-3.0.3.certauth/cgi/cgiutils.c
=2D-- nagios/cgi/cgiutils.c 2008-06-23 22:47:44.000000000 +0200
+++ nagios-3.0.3.certauth/cgi/cgiutils.c 2008-07-17 15:15:34.000000000 +0200
@@ -108,6 +108,8 @@
=20
int escape_html_tags=3DFALSE;
=20
+int use_ssl_authentication=3DFALSE;
+
int default_statusmap_layout_method=3D0;
int default_statuswrl_layout_method=3D0;
=20
@@ -405,6 +407,9 @@
=20
else if(!strcmp(var,"lock_author_names"))
lock_author_names=3D(atoi(val)>0)?TRUE:FALSE;
+
+ else if(!strcmp(var,"use_ssl_authentication"))
+ use_ssl_authentication=3D(atoi(val)>0)?TRUE:FALSE;
}
=20
/* free memory and close the file */
diff -Naur nagios/cgi/statuswml.c nagios-3.0.3.certauth/cgi/statuswml.c
=2D-- nagios/cgi/statuswml.c 2008-05-19 20:42:28.000000000 +0200
+++ nagios-3.0.3.certauth/cgi/statuswml.c 2008-07-17 16:04:29.000000000 +02=
00
@@ -40,6 +40,7 @@
extern hoststatus *hoststatus_list;
extern servicestatus *servicestatus_list;
=20
+extern int use_ssl_authentication;
extern int enable_notifications;
extern int execute_service_checks;
extern int nagios_process_state;
@@ -961,7 +962,7 @@
=20
printf("\n");
printf("Your Name:\n");
=2D printf("\n",getenv("REMOTE_USE=
R"));
+ printf("\n",((use_ssl_authentica=
tion)?(getenv("SSL_CLIENT_S_DN_CN")):(getenv("REMOTE_USER"))));
printf("Comment:\n");
printf("\n");
=20
@@ -1167,7 +1168,7 @@
=20
printf("\n");
printf("Your Name:\n");
=2D printf("\n",getenv("REMOTE_USE=
R"));
+ printf("\n",((use_ssl_authentica=
tion)?(getenv("SSL_CLIENT_S_DN_CN")):(getenv("REMOTE_USER"))));
printf("Comment:\n");
printf("\n");
=20
--Boundary-01=_qeehIHymjSa5TcA--
--nextPart1286867.tSPeEDk6zl
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Disposition: attachment; filename="smime.p7s"
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEH
...[email truncated]...
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]