Checkmk git commits October 2016

checkmk-commits@lists.checkmk.com

10 participants
276 discussions

Removed obsolete perfdata: section from check manpages

by Mathias Kettner

8 years

Removed obsolete examples: section from check manpages

by Mathias Kettner

8 years

Removed obsolete [configuration] section from check manpages

by Mathias Kettner

8 years

Removed obsolete [examples] section from check manpages

by Mathias Kettner

8 years

Better rendering of check manpages on homepage

by Mathias Kettner

Module: check_mk Branch: master Commit: 9917f371346eac40ef6afe9c5ad049424eec865b URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=9917f371346eac… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Mon Oct 24 14:15:47 2016 +0200 Better rendering of check manpages on homepage --- lib/man_pages.py | 62 +++++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 43 insertions(+), 19 deletions(-) diff --git a/lib/man_pages.py b/lib/man_pages.py index 2b577c6..cbacf1c 100644 --- a/lib/man_pages.py +++ b/lib/man_pages.py @@ -512,7 +512,7 @@ class ManPageRenderer(object): bg_color = 4 fg_color = 7 - self._bold_color = tty.white + tty.bold + self._tty_color = tty.white + tty.bold self._normal_color = tty.normal + tty.colorset(fg_color, bg_color) self._title_color_left = tty.colorset(0, 7, 1) self._title_color_right = tty.colorset(0, 7) @@ -543,12 +543,13 @@ class ManPageRenderer(object): self._print_header() header = self.man_page['header'] - self._print_sectionheader(header['title']) + self._print_manpage_title(header['title']) ags = [] for agent in header['agents']: ags.append(check_mk_agents.get(agent, agent.upper())) - self._print_splitline(self._header_color_left, "Supported Agents: ", self._header_color_right, ", ".join(ags)) + + self._print_begin_splitlines() distro = header['distribution'] if distro == 'check_mk': @@ -556,6 +557,9 @@ class ManPageRenderer(object): self._print_splitline(self._header_color_left, "Distribution: ", self._header_color_right, distro) self._print_splitline(self._header_color_left, "License: ", self._header_color_right, header['license']) + self._print_splitline(self._header_color_left, "Supported Agents: ", self._header_color_right, ", ".join(ags)) + + self._print_end_splitlines() self._print_empty_line() self._print_textbody(header['description']) @@ -576,17 +580,17 @@ class ManPageRenderer(object): else: self._print_line("None.") - self._print_subheader("Performance data") + self._print_subheader("Metrics") if header.has_key('perfdata'): self._print_textbody(header['perfdata']) else: self._print_textbody("None.") - self._print_subheader("Inventory") + self._print_subheader("Discovery") if header.has_key('inventory'): self._print_textbody(header['inventory']) else: - self._print_textbody("No inventory supported.") + self._print_textbody("No discovery supported.") self._print_subheader("Configuration variables") if self.man_page.has_key('configuration'): @@ -621,7 +625,7 @@ class ManPageRenderer(object): raise NotImplementedError() - def _print_sectionheader(self, title): + def _print_manpage_title(self, title): raise NotImplementedError() @@ -633,6 +637,14 @@ class ManPageRenderer(object): raise NotImplementedError() + def _print_begin_splitlines(self): + pass + + + def _print_end_splitlines(self): + pass + + def _print_splitline(self, attr1, left, attr2, right): raise NotImplementedError() @@ -674,14 +686,14 @@ class ConsoleManPageRenderer(ManPageRenderer): def _markup(self, line, attr): # Replaces braces in the line but preserves the inner braces - return re.sub('(?<!{){', self._bold_color, re.sub('(?<!})}', tty.normal + attr, line)) + return re.sub('(?<!{){', self._tty_color, re.sub('(?<!})}', tty.normal + attr, line)) def _print_header(self): pass - def _print_sectionheader(self, title): + def _print_manpage_title(self, title): self._print_splitline(self._title_color_left, "%-25s" % self.name, self._title_color_right, title) @@ -825,7 +837,7 @@ class NowikiManPageRenderer(ManPageRenderer): def index_entry(self): - return "<tr><td class=tt>%s</td><td>[check_%s|%s]</td></tr>\n" % \ + return "<tr><td class=\"tt narrow\">%s</td><td>[check_%s|%s]</td></tr>\n" % \ (self.name, self.name, self.man_page["header"]["title"]) @@ -838,18 +850,21 @@ class NowikiManPageRenderer(ManPageRenderer): # preserve the inner { and } in double braces and then replace the braces left return line.replace('{{', '{{') \ .replace('}}', '}}') \ - .replace("{", "<b>") \ - .replace("}", "</b>") + .replace("{", "<tt>") \ + .replace("}", "</tt>") def _print_header(self): self.output.write("TI:Check manual page of %s\n" % self.name) - self.output.write("DT:%s\n" % (time.strftime("%Y-%m-%d"))) - self.output.write("SA:checks\n") + # It does not make much sense to print the date of the HTML generation + # of the man page here. More useful would be the Check_MK version where + # the plugin first appeared. But we have no access to that - alas. + # self.output.write("DT:%s\n" % (time.strftime("%Y-%m-%d"))) + self.output.write("SA:check_plugins_catalog,check_plugins_list\n") - def _print_sectionheader(self, title): - self.output.write("H1:%s\n" % title) + def _print_manpage_title(self, title): + self.output.write("<b>%s</b>\n" % title) def _print_subheader(self, line): @@ -863,8 +878,16 @@ class NowikiManPageRenderer(ManPageRenderer): self.output.write("%s\n" % self._markup(line)) + def _print_begin_splitlines(self): + self.output.write("<table>\n") + + + def _print_end_splitlines(self): + self.output.write("</table>\n") + + def _print_splitline(self, attr1, left, attr2, right): - self.output.write("<b style=\"width: 300px;\">%s</b> %s\n\n" % (left, right)) + self.output.write("<tr><td>%s</td><td>%s</td></tr>\n" % (left, right)) def _print_empty_line(self): @@ -883,8 +906,9 @@ class NowikiManPageRenderer(ManPageRenderer): else: name = left typ = "" - self.output.write("<tr><td class=tt>%s</td><td>%s</td><td>%s</td></tr>\n" % - (name, typ, self._markup(text))) + self.output.write("<tr><td class=tt>%s</td>" + "<td>%s</td><td>%s</td></tr>\n" % + (name, typ, self._markup(text))) def _begin_table(self, titles):

8 years

3970 SEC Fixed possible URL injection on index page

by Lars Michelsen

Module: check_mk Branch: master Commit: deb742277a669b8ec9865fb502ad156b1db61014 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=deb742277a669b… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Mon Oct 24 10:06:27 2016 +0200 3970 SEC Fixed possible URL injection on index page Till this version it was possible to inject authenticated users external URLs as start URLs for their GUI. An attacker could use this to make an authenticated GUI user open a page of his choice when the user clicks on a prepared link. One example URL which could be used: "index.py?start_url=//heise.de". --- .werks/3970 | 16 ++++++++++++++++ ChangeLog | 1 + web/htdocs/main.py | 17 ++++++++++++++--- 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/.werks/3970 b/.werks/3970 new file mode 100644 index 0000000..65dc504 --- /dev/null +++ b/.werks/3970 @@ -0,0 +1,16 @@ +Title: Fixed possible URL injection on index page +Level: 1 +Component: multisite +Class: security +Compatible: compat +State: unknown +Version: 1.4.0i2 +Date: 1477295864 + +Till this version it was possible to inject authenticated users external URLs +as start URLs for their GUI. + +An attacker could use this to make an authenticated GUI user open a page of his +choice when the user clicks on a prepared link. + +One example URL which could be used: "index.py?start_url=//heise.de". diff --git a/ChangeLog b/ChangeLog index 30dee88..fd15f54 100644 --- a/ChangeLog +++ b/ChangeLog @@ -42,6 +42,7 @@ Multisite: * 3959 Two new filters for the comment view: author and comment text field + * 3970 SEC: Fixed possible URL injection on index page... * 3897 FIX: Fixed possible exception in raw edition when rendering graphs * 3898 FIX: Unmonitored services: Fixed possible bug in case discovery service produces unexpected output * 3902 FIX: Graph search view: Changing painter options made page empty diff --git a/web/htdocs/main.py b/web/htdocs/main.py index 97a6981..c1a93d2 100644 --- a/web/htdocs/main.py +++ b/web/htdocs/main.py @@ -26,17 +26,28 @@ import config +import urlparse +import re + def page_index(): default_start_url = config.user.get_attribute("start_url") or config.start_url start_url = html.var("start_url", default_start_url).strip() # Prevent redirecting to absolute URL which could be used to redirect # users to compromised pages. - if '://' in start_url: + # Also prevent using of "javascript:" URLs which could used to inject code + parsed = urlparse.urlparse(start_url) + + # Don't allow the user to set a URL scheme + if parsed.scheme != "": start_url = default_start_url - # Also prevent using of "javascript:" URLs which could used to inject code - if start_url.lower().startswith('javascript:'): + # Don't allow the user to set a network location + if parsed.netloc != "": + start_url = default_start_url + + # Don't allow bad characters in path + if not re.match("[/a-z0-9_\.-]*$", parsed.path): start_url = default_start_url if "%s" in config.page_heading:

8 years

added missing webapi validation key

by Andreas Boesl

Module: check_mk Branch: master Commit: 523a1b4855be9c40d3e908e07ebd4d2819ea66a5 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=523a1b4855be9c… Author: Andreas Boesl <ab(a)mathias-kettner.de> Date: Mon Oct 24 10:02:04 2016 +0200 added missing webapi validation key --- web/plugins/webapi/webapi.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/web/plugins/webapi/webapi.py b/web/plugins/webapi/webapi.py index 23a068e..7f624a1 100644 --- a/web/plugins/webapi/webapi.py +++ b/web/plugins/webapi/webapi.py @@ -295,7 +295,7 @@ api_actions["discover_services"] = { ############### def action_activate_changes(request): - validate_request_keys(request, ["mode", "sites"]) + validate_request_keys(request, ["mode", "sites", "allow_foreign_changes"]) mode = html.var("mode") and html.var("mode") or "dirty" if html.var("allow_foreign_changes"):

8 years

Fetched Livestatus from downstream.

by Sven Panne

Module: check_mk Branch: master Commit: 36448a9f39e3a9c298e2e042bc496eb66c64d13d URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=36448a9f39e3a9… Author: Sven Panne <sp(a)mathias-kettner.de> Date: Mon Oct 24 09:37:48 2016 +0200 Fetched Livestatus from downstream. --- livestatus/src/DynamicLogwatchFileColumn.cc | 7 +++---- livestatus/src/DynamicLogwatchFileColumn.h | 9 +++++++-- livestatus/src/HostSpecialIntColumn.cc | 9 +++++++-- livestatus/src/LogwatchListColumn.cc | 2 +- livestatus/src/LogwatchListColumn.h | 9 +++++++-- livestatus/src/StatusSpecialIntColumn.cc | 5 ++++- livestatus/src/StatusSpecialIntColumn.h | 10 +++++++--- livestatus/src/Store.cc | 3 ++- livestatus/src/TableHosts.cc | 5 +++-- livestatus/src/TableStatus.cc | 11 ++++++----- livestatus/src/mk_inventory.cc | 19 ++----------------- livestatus/src/mk_inventory.h | 3 +-- livestatus/src/mk_logwatch.cc | 21 +++++++++------------ livestatus/src/mk_logwatch.h | 14 ++++---------- 14 files changed, 63 insertions(+), 64 deletions(-) Diff: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commitdiff;h=36448a9f39…

8 years

3950 openbsd_sensors: Genugate devices are now handling hardware sensors

by Marcel Arentz

Module: check_mk Branch: master Commit: 2512cd8192d0343beda6cb9c42f99ed8044f6668 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=2512cd8192d034… Author: Marcel Arentz <ma(a)mathias-kettner.de> Date: Fri Oct 21 15:48:48 2016 +0200 3950 openbsd_sensors: Genugate devices are now handling hardware sensors Genugate and other OpenBSD devices are now handling hardware sensors if the data comes by SNMP. Included are temperature, fan and voltage sensors. For all of these new checks thresholds can be set. --- .werks/3950 | 11 ++ ChangeLog | 1 + checkman/openbsd_sensors | 17 +++ checkman/openbsd_sensors.fan | 17 +++ checkman/openbsd_sensors.voltage | 17 +++ checks/openbsd_sensors | 273 +++++++++++++++++++++++++++++++++++++++ 6 files changed, 336 insertions(+) Diff: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commitdiff;h=2512cd8192…

8 years

added some bug regarding disabled active checks

by Marcel Arentz

Module: check_mk Branch: master Commit: 31201b79299347ce65cf2c06d664f347d6c624dc URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=31201b79299347… Author: Marcel Arentz <ma(a)mathias-kettner.de> Date: Fri Oct 21 15:40:50 2016 +0200 added some bug regarding disabled active checks --- .bugs/2508 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.bugs/2508 b/.bugs/2508 new file mode 100644 index 0000000..5969eda --- /dev/null +++ b/.bugs/2508 @@ -0,0 +1,8 @@ +Title: Disabled Services: disabled active checks just vanish +Component: wato +State: open +Date: 2016-10-21 15:35:58 +Targetversion: 1.2.8 +Class: nastiness + +If active checks are disabled by WATO rule this check vanishs completely and will not be shown as "disabled service" in the service discovery like passive checks. This is not only inconsistent behavior but could also be confusing at some point.

8 years

← Newer
1
...
6
7
8
9
10
11
12
...
28
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits October 2016