Module: check_mk
Branch: master
Commit: 36c2e1137116168dad58bfea87a42fbd75dfb5fc
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=36c2e113711616…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue May 23 12:03:35 2017 +0200
Cleaned up watolib plugin loading a bit. A lot more needs to be done in 1.5 code
Change-Id: I2d4fca04bf5b8090b4c8b0175e8c285c9e9bb9a0
---
web/htdocs/wato.py | 8 +++++++-
web/htdocs/watolib.py | 16 +++++++---------
2 files changed, 14 insertions(+), 10 deletions(-)
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index 59a014d..5de5ee3 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -17354,7 +17354,13 @@ def load_plugins(force):
load_notification_table()
initialize_global_configvars()
- initialize_before_loading_plugins()
+ # Initialize watolib things which are needed before loading the WATO plugins.
+ # This also loads the watolib plugins. Then the globals of the watolib.py are
+ # loaded into the wato.py namespace. This "repeats" the watolib star import above
+ # together with things from the plugins. What a hack!
+ # TODO: Clearly separate the watolib and wato
+ globals().update(load_watolib_plugins())
+
register_builtin_host_tags()
# Declare WATO-specific permissions
diff --git a/web/htdocs/watolib.py b/web/htdocs/watolib.py
index 9fb3ee5..4a022d1 100644
--- a/web/htdocs/watolib.py
+++ b/web/htdocs/watolib.py
@@ -87,7 +87,7 @@ g_host_attributes = []
# Dictionary for quick access
g_host_attribute = {}
-def initialize_before_loading_plugins():
+def load_watolib_plugins():
if g_rulespecs:
g_rulespecs.clear()
@@ -128,6 +128,10 @@ def initialize_before_loading_plugins():
backup_domains.clear()
+ load_web_plugins("watolib", globals())
+ return globals()
+
+
def init_watolib_datastructures():
if config.wato_use_git:
prepare_git_commit()
@@ -2489,14 +2493,8 @@ class CREHost(WithPermissionsAndAttributes):
self._name = new_name
-
-if cmk.is_managed_edition():
- # TODO: Hack that is needed to resolve circular imports. This will be cleaned up in 1.5 code
- # soon. For the 1.4. we need to stick with this hack. Sorry.
- execfile("%s/plugins/watolib/managed_watolib.py" % cmk.paths.web_dir)
-else:
- Folder = CREFolder
- Host = CREHost
+Folder = CREFolder
+Host = CREHost
#.
# .--Attributes----------------------------------------------------------.
Module: check_mk
Branch: master
Commit: 37335389b43db10869008373e41e8d588c5d0f4d
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=37335389b43db1…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue May 23 11:33:22 2017 +0200
Make pylint accept the recent CME related hack
Change-Id: I3eb967f2e1474b7f80889de5943b8092d30122c1
---
web/htdocs/watolib.py | 2 --
1 file changed, 2 deletions(-)
diff --git a/web/htdocs/watolib.py b/web/htdocs/watolib.py
index 7f9a915..9fb3ee5 100644
--- a/web/htdocs/watolib.py
+++ b/web/htdocs/watolib.py
@@ -2494,8 +2494,6 @@ if cmk.is_managed_edition():
# TODO: Hack that is needed to resolve circular imports. This will be cleaned up in 1.5 code
# soon. For the 1.4. we need to stick with this hack. Sorry.
execfile("%s/plugins/watolib/managed_watolib.py" % cmk.paths.web_dir)
- Folder = CMEFolder
- Host = CMEHost
else:
Folder = CREFolder
Host = CREHost
Module: check_mk
Branch: master
Commit: 05334cbca6967433fb4edfac37c4b75c29d6a36f
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=05334cbca69674…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue May 23 10:16:38 2017 +0200
Improved error handling of API calls
Change-Id: Iaccc8572d73e65634d66c9b9b11e655d2bfdc803
---
web/htdocs/htmllib.py | 7 ++++++-
web/htdocs/modules.py | 9 ++++++---
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/web/htdocs/htmllib.py b/web/htdocs/htmllib.py
index 528b4ba..e557732 100644
--- a/web/htdocs/htmllib.py
+++ b/web/htdocs/htmllib.py
@@ -1129,7 +1129,12 @@ class RequestHandler(object):
if exclude_vars == None:
exclude_vars = []
- request = json.loads(self.var("request", "{}"))
+ try:
+ json_request = self.var("request", "{}")
+ request = json.loads(json_request)
+ except json.JSONDecodeError, e:
+ raise MKUserError("request", _("Failed to parse request: '%s': %s") %
+ (json_request, e))
for key, val in self.all_vars().items():
if key not in [ "request", "output_format" ] + exclude_vars:
diff --git a/web/htdocs/modules.py b/web/htdocs/modules.py
index 6113883..3452780 100644
--- a/web/htdocs/modules.py
+++ b/web/htdocs/modules.py
@@ -102,15 +102,14 @@ g_all_modules_loaded = False
def load_all_plugins():
global g_all_modules_loaded
+ # Optimization: in case of the graph ajax call only check the metrics module. This
+ # improves the performance for these requests.
# TODO: CLEANUP: Move this to the pagehandlers if this concept works out.
if html.myfile == "ajax_graph" and g_all_modules_loaded:
only_modules = ["metrics"]
else:
only_modules = None
- g_all_modules_loaded = True
-
-
need_plugins_reload = local_web_plugins_have_changed()
for module in modules:
@@ -128,6 +127,10 @@ def load_all_plugins():
# have been loaded to update the pagehandlers
pagehandlers.update(pagetypes.page_handlers())
+ # Mark the modules as loaded after all plugins have been loaded. In case of exceptions
+ # we want them to occur again on subsequent requests too.
+ g_all_modules_loaded = True
+
def get_handler(name, dflt=None):
return pagehandlers.get(name, dflt)
Passwords from password store were not used correctly
Message-ID: <5923d97b.YLRO+V5/jstegUrt%lm(a)mathias-kettner.de>
User-Agent: Heirloom mailx 12.5 6/20/10
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Module: check_mk
Branch: master
Commit: d4346412293d5014aa76c47ada0b354c13957afd
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=d4346412293d50…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue May 23 08:35:24 2017 +0200
4734 FIX check_mail check_mail_loop check_mailboxes check_sql: Passwords from password store were not used correctly
Change-Id: I850e042f9503c2b4f018839c387a892bdbd5d5d7
---
.werks/4734 | 11 +++++
active_checks/check_mail | 3 ++
active_checks/check_mail_loop | 4 ++
active_checks/check_mailboxes | 3 ++
active_checks/check_sql | 2 +
lib/password_store.py | 108 ++++++++++++++++++++++++++++++++++++++++++
modules/check_mk.py | 11 +----
7 files changed, 133 insertions(+), 9 deletions(-)
diff --git a/.werks/4734 b/.werks/4734
new file mode 100644
index 0000000..19494e4
--- /dev/null
+++ b/.werks/4734
@@ -0,0 +1,11 @@
+Title: check_mail check_mail_loop check_mailboxes check_sql: Passwords from password store were not used correctly
+Level: 1
+Component: checks
+Class: fix
+Compatible: compat
+Edition: cre
+State: unknown
+Version: 1.5.0i1
+Date: 1495521285
+
+
diff --git a/active_checks/check_mail b/active_checks/check_mail
index 44f2751..3df39af 100755
--- a/active_checks/check_mail
+++ b/active_checks/check_mail
@@ -28,6 +28,9 @@ import sys, getopt, os, time, random, poplib, imaplib, email
import traceback, socket, re
import base64
+import cmk.password_store
+cmk.password_store.replace_passwords()
+
def parse_exception(e):
e = str(e)
if e[0] == '{':
diff --git a/active_checks/check_mail_loop b/active_checks/check_mail_loop
index 25a57b3..9af4e9c 100755
--- a/active_checks/check_mail_loop
+++ b/active_checks/check_mail_loop
@@ -29,6 +29,10 @@ import traceback, socket, re
from email.mime.text import MIMEText
+import cmk.password_store
+cmk.password_store.replace_passwords()
+
+
def parse_exception(e):
e = str(e)
if e[0] == '{':
diff --git a/active_checks/check_mailboxes b/active_checks/check_mailboxes
index 73c6694..ece1a17 100755
--- a/active_checks/check_mailboxes
+++ b/active_checks/check_mailboxes
@@ -37,6 +37,9 @@ import socket
import traceback
from optparse import OptionParser
+import cmk.password_store
+cmk.password_store.replace_passwords()
+
class Mail(object):
diff --git a/active_checks/check_sql b/active_checks/check_sql
index 18a88b2..ee0237f 100755
--- a/active_checks/check_sql
+++ b/active_checks/check_sql
@@ -34,6 +34,8 @@ import sys
import getopt
import os
+import cmk.password_store
+cmk.password_store.replace_passwords()
def usage():
sys.stderr.write("""Check_MK SQL Test
diff --git a/lib/password_store.py b/lib/password_store.py
new file mode 100644
index 0000000..c2254ce
--- /dev/null
+++ b/lib/password_store.py
@@ -0,0 +1,108 @@
+#!/usr/bin/python
+# -*- encoding: utf-8; py-indent-offset: 4 -*-
+# +------------------------------------------------------------------+
+# | ____ _ _ __ __ _ __ |
+# | / ___| |__ ___ ___| | __ | \/ | |/ / |
+# | | | | '_ \ / _ \/ __| |/ / | |\/| | ' / |
+# | | |___| | | | __/ (__| < | | | | . \ |
+# | \____|_| |_|\___|\___|_|\_\___|_| |_|_|\_\ |
+# | |
+# | Copyright Mathias Kettner 2016 mk(a)mathias-kettner.de |
+# +------------------------------------------------------------------+
+#
+# This file is part of Check_MK.
+# The official homepage is at http://mathias-kettner.de/check_mk.
+#
+# check_mk is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation in version 2. check_mk is distributed
+# in the hope that it will be useful, but WITHOUT ANY WARRANTY; with-
+# out even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE. See the GNU General Public License for more de-
+# tails. You should have received a copy of the GNU General Public
+# License along with GNU Make; see the file COPYING. If not, write
+# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor,
+# Boston, MA 02110-1301 USA.
+
+"""This module is meant to be used by active checks that support getting
+credentials from the Check_MK password store.
+
+The module needs to be included and then the script needs to run the
+replace_passwords() function. This should be done early in the script
+to make the pwstore option handling transparent for the script.
+
+Do it like this:
+
+ import cmk.password_store
+ cmk.password_store.replace_passwords()
+
+"""
+
+import sys
+
+import cmk.paths
+import cmk.store as store
+
+password_store_path = cmk.paths.var_dir + "/stored_passwords"
+
+def bail_out(s):
+ sys.stdout.write("UNKNOWN - %s\n" % s)
+ sys.exit(3)
+
+
+def replace_passwords():
+ if len(sys.argv) < 2:
+ return # command line too short
+
+ if not [ a for a in sys.argv if a.startswith("--pwstore") ]:
+ return # no password store in use
+
+ # --pwstore=4@4@web,6@0@foo
+ # In the 4th argument at char 4 replace the following bytes
+ # with the passwords stored under the ID 'web'
+ # In the 6th argument at char 0 insert the password with the ID 'foo'
+
+ # Extract first argument and parse it
+
+ pwstore_args = sys.argv.pop(1).split("=", 1)[1]
+ passwords = load()
+
+ for password_spec in pwstore_args.split(","):
+ parts = password_spec.split("@")
+ if len(parts) != 3:
+ bail_out("pwstore: Invalid --pwstore entry: %s" % password_spec)
+
+ try:
+ num_arg, pos_in_arg, password_id = int(parts[0]), int(parts[1]), parts[2]
+ except ValueError:
+ bail_out("pwstore: Invalid format: %s" % password_spec)
+
+ try:
+ arg = sys.argv[num_arg]
+ except IndexError:
+ bail_out("pwstore: Argument %d does not exist" % num_arg)
+
+ try:
+ password = passwords[password_id]
+ except KeyError:
+ bail_out("pwstore: Password '%s' does not exist" % password_id)
+
+ sys.argv[num_arg] = arg[:pos_in_arg] \
+ + password \
+ + arg[pos_in_arg+len(password):]
+
+
+def save(stored_passwords):
+ content = ""
+ for ident, pw in stored_passwords.items():
+ content += "%s:%s\n" % (ident, pw["password"])
+
+ store.save_file(password_store_path, content)
+
+
+def load():
+ passwords = {}
+ for line in open(password_store_path):
+ ident, password = line.strip().split(":", 1)
+ passwords[ident] = password
+ return passwords
diff --git a/modules/check_mk.py b/modules/check_mk.py
index 3141fa7..54383b6 100755
--- a/modules/check_mk.py
+++ b/modules/check_mk.py
@@ -56,6 +56,7 @@ import cmk.store as store
import cmk.paths
import cmk.render as render
import cmk.man_pages as man_pages
+import cmk.password_store
import cmk_base
import cmk_base.console as console
@@ -2828,7 +2829,7 @@ def create_core_config():
out = file(cmk.paths.nagios_objects_file, "w")
create_nagios_config(out)
- write_stored_passwords()
+ cmk.password_store.save(stored_passwords)
num_warnings = len(g_configuration_warnings)
if num_warnings > 10:
@@ -2883,14 +2884,6 @@ def verify_cluster_address_family(hostname):
(hostname, ", ".join(address_families)))
-def write_stored_passwords():
- content = ""
- for ident, pw in stored_passwords.items():
- content += "%s:%s\n" % (ident, pw["password"])
-
- store.save_file(cmk.paths.var_dir + "/stored_passwords", content)
-
-
def get_cluster_nodes_for_config(hostname):
verify_cluster_address_family(hostname)
Module: check_mk
Branch: master
Commit: f866a39cbb256f4a368f71aa185e03e2c184ffa7
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=f866a39cbb256f…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Tue May 23 08:37:14 2017 +0200
Updated bug entries #2511
Change-Id: I3b0ab40d179cb5a4cfdbf217e65b0d25d1e6edfa
---
.bugs/2511 | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/.bugs/2511 b/.bugs/2511
index 87a5c98..e356843 100644
--- a/.bugs/2511
+++ b/.bugs/2511
@@ -1,9 +1,12 @@
Title: PasswordStore uses id as password instead of real password
Component: wato
-State: open
+Class: bug
+State: done
Date: 2017-05-19 15:54:27
Targetversion: 1.4.0
-Class: bug
The password store seems to use the unique id as password instead of the
stored password. This is reproducible with "Check Email".
+
+2017-05-23 08:37:07: changed state open -> done
+Should work now
Module: check_mk
Branch: master
Commit: f277108ff29af4933900d0ed95500516ddff3adf
URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=f277108ff29af4…
Author: Sven Panne <sp(a)mathias-kettner.de>
Date: Mon May 22 15:46:56 2017 +0200
4689 FIX Fixed buffer overflow when importing cmcdump data
When importing data from cmcdump into the Check_MK Micro Core, a buffer for
the long plugin output was too small, leading to a buffer overflow with
unpredictable consequences. The affected COMMANDs on the Livestatus
interface were UPDATE_SHADOW_HOST_STATE and UPDATE_SHADOW_SERVICE_STATE.
This has been fixed.
Change-Id: I29db3e1ef2cd64e82927f8540b283138ea9089ee
---
.werks/4689 | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/.werks/4689 b/.werks/4689
new file mode 100644
index 0000000..544db73
--- /dev/null
+++ b/.werks/4689
@@ -0,0 +1,14 @@
+Title: Fixed buffer overflow when importing cmcdump data
+Level: 2
+Component: core
+Compatible: compat
+Edition: cee
+Version: 1.5.0i1
+Date: 1495460224
+Class: fix
+
+When importing data from cmcdump into the Check_MK Micro Core, a buffer for
+the long plugin output was too small, leading to a buffer overflow with
+unpredictable consequences. The affected COMMANDs on the Livestatus
+interface were UPDATE_SHADOW_HOST_STATE and UPDATE_SHADOW_SERVICE_STATE.
+This has been fixed.