Ubuntu
nagios-plugins package

check_http adds Port to Host Header (which is a violation of RFC) leading to problems checking certain hosts; current official nagios plugin sources fixes the problem

Bug #381246 reported by Sebastian Nohn
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nagios-plugins (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

Ubuntu 8.04 sends this:

E..<..@.@...W. .P......P...Q...................

.~.........
12:23:13.384425 IP 80.237.198.212.80 > 87.230.9.180.54999: S 1138991569:1138991569(0) ack 3164577106 win 5792 <mss 1460,sackOK,timestamp 1351211080 183271144,nop,wscale 2>
E..<..@.;..`P...W. ..P..C......R...............
P..H
.~.....
12:23:13.384448 IP 87.230.9.180.54999 > 80.237.198.212.80: . ack 1 win 1460 <nop,nop,timestamp 183271145 1351211080>
E..4..@.@...W. .P......P...RC........6.....

.~.P..H
12:23:13.384564 IP 87.230.9.180.54999 > 80.237.198.212.80: P 1:117(116) ack 1 win 1460 <nop,nop,timestamp 183271145 1351211080>
E.....@.@..6W. .P......P...RC........s.....

.~.P..HGET / HTTP/1.0
User-Agent: check_http/v1944 (nagios-plugins 1.4.11)
Connection: close
Host: www.ligatus.de:80

Expected (an in current official nagios plugins) is:

12:24:32.231387 IP 192.168.31.102.54538 > 80.237.198.212.80: S 2155244456:2155244456(0) win 5840 <mss 1460,sackOK,timestamp 39048674 0,nop,wscale 6>
E..<.J@.@......fP....
.P.vk....................
.S..........
12:24:32.236297 IP 80.237.198.212.80 > 192.168.31.102.54538: S 1890808228:1890808228(0) ack 2155244457 win 5792 <mss 1380,sackOK,timestamp 1351289965 39048674,nop,wscale 2>
E..<..@.7.K.P......f.P.
p.q..vk.....`......d...
P..m.S......
12:24:32.236335 IP 192.168.31.102.54538 > 80.237.198.212.80: . ack 1 win 92 <nop,nop,timestamp 39048675 1351289965>
E..4.K@.@......fP....
.P.vk.p.q....\.......
.S..P..m
12:24:32.239564 IP 192.168.31.102.54538 > 80.237.198.212.80: P 1:114(113) ack 1 win 92 <nop,nop,timestamp 39048676 1351289965>
E....L@.@..6...fP....
.P.vk.p.q....\.g.....
.S..P..mGET / HTTP/1.0
User-Agent: check_http/v2053 (nagios-plugins 1.4.13)
Connection: close
Host: www.ligatus.de

Revision history for this message
Thierry Carrez (ttx) wrote :

Well, adding port to the "Host" header isn't an RFC violation.

RFC2616 says in 14.23 Host
   The Host request-header field specifies the Internet host and port
   number of the resource being requested, as obtained from the original
   URI given by the user or referring resource (generally an HTTP URL,
   as described in section 3.2.2). The Host field value MUST represent
   the naming authority of the origin server or gateway given by the
   original URL. This allows the origin server or gateway to
   differentiate between internally-ambiguous URLs, such as the root "/"
   URL of a server for multiple host names on a single IP address.
       Host = "Host" ":" host [ ":" port ] ; Section 3.2.2

Nagios plugins 1.4.13 fixed it in its 2053 revision so that if it's default port 80 the port part is omitted, which the RFC allows to do. It was done to workaround buggy servers (see
http://sourceforge.net/tracker/?func=detail&aid=2082501&group_id=29880&atid=397597 for details) that don't support the "Host:" header correctly.

I'm not sure support for buggy servers should be considered a bug, and this will definitely not trigger a hardy SRU. We should move to 1.4.13 though, so I'm keeping this as a wishlist item.

Note: there is a RFC violation in this plugin, though: the "Host" header shouldn't even be present if you make a HTTP/1.0 request, as it is a HTTP/1.1 thing.

Changed in nagios-plugins (Ubuntu):
importance: Undecided → Wishlist
status: New → Confirmed
Revision history for this message
Chuck Short (zulcss) wrote :

Hi,

I have confirmed this code mentioned in the sourceforge bug tracker has been fixed for karmic. Thanks for the bug report.

Regards
chuck

Changed in nagios-plugins (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.