Check_http and password length problem

Wes_Hegge · May 12, 2008, 7:53pm

I am running version 3.0.1 with plugin version 1.4.11 on a linux box.

I run this command from the command line:
/usr/local/nagios/libexec/check_http -H device.ip.com -t 20 -a :AbCdef$$ -u / -r ‘var rfAssociated = 1’. I get back a “HTTP OK”.

But when Nagios runs the command I get a “401 Unauthorized”.

I have tracked the problem down to the length of the password. If I use the ‘-v’ option on the check_http command I get 2 different Basic64 authentication keys back. When I do the command manually I get:
Authorization: Basic OkFiQ2RlZiQk

But when I add the ‘-v’ to the Nagios output I get:
Authorization: Basic OkFiQ2RlZiQ=

Notice the difference, the ‘=’ as compared to the ‘k’ at the end of the line. I ran some tests and it looks like Nagios will only except 8 characters for the password length. With the ‘’'s as an escape character for the $$, the password is 10 characters long. If I change the password on the device to have only 1 ‘$’ in the password, Nagios gets the “OK”.

It is not really feasible to change the passwords at this time.

So, I either need to know what source code file to look in to make this change or hopefully there is a parameter in one of the configuration files I can change.

Any ideas?

Thanks,

Wes

Wes_Hegge · May 13, 2008, 1:42pm

Alright, figured it out.

The problem is the ‘$’, which I knew. But after scouring through the source code, I found a comment about 2 ‘$’ together escapes the ‘$’. So what I needed to do was make the password being passed to Nagios have 4 '$'s. So I passed the password from check_http as ‘AbCdef$$$$’ or ‘AbCdef$$$$’. Either works in the configuration files. The bad thing is it does NOT work for check_http when manually entered at the command line.

So, there still is a problem in that the command line will not give you the same result as Nagios will. I am not that good at C code but I will make an attempt to fix this and post the changes up here.

Wes