Bug #41656 for POE-Component-Client-NSCA: Blank password not allowed with XOR 'encryption'

Fri Dec 12 11:21:15 2008 jt [...] signless.com - Ticket created

Subject:

Blank password not allowed with XOR 'encryption'

When using the send_nsca command line utility with the nsca daemon, the default configuration uses a blank password and XOR encryption (obfuscation). Due to the structure of the encrypt_buffer function a blank password in send_nsca is simply ignored. Some users might have a large NSCA deployment and be unable to easily add a password to all hosts, so supporting this method is desirable. The attached patch will emulate this behavior by not requiring the presence of a password when the encryption method is XOR, and skipping the loop over the password. I have tested this with nsca-2.7.2. Let me know what you think. Thanks! JT

Subject:

NSCA.pm.blank_password.diff

124c124 < unless $params{password}; --- > unless $params{password} || $params{encryption} eq ENCRYPT_XOR; 382,390c382,392 < #/* rotate over password... */ < $y=0; < $x=0; < while ($y < SIZEOF_DATA_PACKET){ < #/* keep rotating over password */ < $out[$y] = $out[$y] ^ $salt_pw[$x % scalar(@salt_pw)]; < < $y++; < $x++; --- > if ($password) { > #/* rotate over password... */ > $y=0; > $x=0; > while ($y < SIZEOF_DATA_PACKET){ > #/* keep rotating over password */ > $out[$y] = $out[$y] ^ $salt_pw[$x % scalar(@salt_pw)]; > > $y++; > $x++; > }

Mon Dec 15 09:31:11 2008 BINGOS [...] cpan.org - Correspondence added 15 min

Hi, Thanks for this. I have applied the patch and shipped a new release to CPAN. Cheers, Chris 'BinGOs' Williams

Mon Dec 15 09:31:12 2008 The RT System itself - Status changed from 'new' to 'open'

Mon Dec 15 09:31:12 2008 BINGOS [...] cpan.org - Status changed from 'open' to 'resolved'

Mon Dec 15 09:31:13 2008 BINGOS [...] cpan.org - Given to BINGOS