[Nagiosplug-checkins] CVS: nagiosplug/plugins check_http.c,1.46,1.47

[Karl DeBisschop]

Update of /cvsroot/nagiosplug/nagiosplug/plugins
In directory sc8-pr-cvs1:/tmp/cvs-serv21136/plugins

Modified Files:
	check_http.c 
Log Message:
* Check redirections for infinte loops and limit depth of recursion

Index: check_http.c
===================================================================
RCS file: /cvsroot/nagiosplug/nagiosplug/plugins/check_http.c,v
retrieving revision 1.46
retrieving revision 1.47
diff -C2 -r1.46 -r1.47
*** check_http.c	19 Aug 2003 11:41:08 -0000	1.46
--- check_http.c	21 Aug 2003 18:00:48 -0000	1.47
***************
*** 80,88 ****
  struct timeval tv;
  
- #define server_type_check(server_type) \
- (strcmp (server_type, "https") ? FALSE : TRUE)
- 
- #define server_port_check(use_ssl) (use_ssl ? HTTPS_PORT : HTTP_PORT)
- 
  #define HTTP_URL "/"
  #define CRLF "\r\n"
--- 80,83 ----
***************
*** 111,114 ****
--- 106,111 ----
  int sd;
  int min_page_len = 0;
+ int redir_depth = 0;
+ int max_depth = 15;
  char *http_method;
  char *http_post_data;
***************
*** 116,121 ****
  
  int process_arguments (int, char **);
! static char *base64 (char *bin, size_t len);
  int check_http (void);
  int my_recv (void);
  int my_close (void);
--- 113,121 ----
  
  int process_arguments (int, char **);
! static char *base64 (const char *bin, size_t len);
  int check_http (void);
+ int redir (char *pos, char *status_line);
+ int server_type_check(const char *type);
+ int server_port_check(int ssl_flag);
  int my_recv (void);
  int my_close (void);
***************
*** 410,414 ****
  /* written by lauri alanko */
  static char *
! base64 (char *bin, size_t len)
  {
  
--- 410,414 ----
  /* written by lauri alanko */
  static char *
! base64 (const char *bin, size_t len)
  {
  
***************
*** 451,465 ****
  
  
! /* per RFC 2396 */
! #define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: "
! #define URI_HTTP "%[HTPShtps]://"
! #define URI_HOST "%[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
! #define URI_PORT ":%[0123456789]"
! #define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
! #define HD1 URI_HTTP URI_HOST URI_PORT URI_PATH
! #define HD2 URI_HTTP URI_HOST URI_PATH
! #define HD3 URI_HTTP URI_HOST URI_PORT
! #define HD4 URI_HTTP URI_HOST
! #define HD5 URI_PATH
  
  int
--- 451,455 ----
  
  
! 
  
  int
***************
*** 476,482 ****
  	char *buf;
  	char *pos;
- 	char *x;
- 	char xx[2];
- 	char *orig_url;
  	long microsec;
  	double elapsed_time;
--- 466,469 ----
***************
*** 491,495 ****
  
  		if (connect_SSL () != OK) {
! 			die (STATE_CRITICAL, _("Unable to open TCP socket"));
  		}
  
--- 478,482 ----
  
  		if (connect_SSL () != OK) {
! 			die (STATE_CRITICAL, _("Unable to open TCP socket\n"));
  		}
  
***************
*** 506,510 ****
  #endif
  		if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
! 			die (STATE_CRITICAL, _("Unable to open TCP socket"));
  #ifdef HAVE_SSL
  	}
--- 493,497 ----
  #endif
  		if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
! 			die (STATE_CRITICAL, _("Unable to open TCP socket\n"));
  #ifdef HAVE_SSL
  	}
***************
*** 567,576 ****
  				die (STATE_WARNING, _("Client Certificate Required\n"));
  			} else {
! 				die (STATE_CRITICAL, _("Error in recv()"));
  			}
  		}
  		else {
  #endif
! 			die (STATE_CRITICAL, _("Error in recv()"));
  #ifdef HAVE_SSL
  		}
--- 554,563 ----
  				die (STATE_WARNING, _("Client Certificate Required\n"));
  			} else {
! 				die (STATE_CRITICAL, _("Error in recv()\n"));
  			}
  		}
  		else {
  #endif
! 			die (STATE_CRITICAL, _("Error in recv()\n"));
  #ifdef HAVE_SSL
  		}
***************
*** 580,584 ****
  	/* return a CRITICAL status if we couldn't read any data */
  	if (pagesize == (size_t) 0)
! 		die (STATE_CRITICAL, _("No data received %s"), timestamp);
  
  	/* close the connection */
--- 567,571 ----
  	/* return a CRITICAL status if we couldn't read any data */
  	if (pagesize == (size_t) 0)
! 		die (STATE_CRITICAL, _("No data received %s\n"), timestamp);
  
  	/* close the connection */
***************
*** 669,744 ****
  		    strstr (status_line, "304") || strstr (status_line, "305") ||
  		    strstr (status_line, "306")) {
- 			if (onredirect == STATE_DEPENDENT) {
- 
- 				server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH + 1);
- 				if (server_address == NULL)
- 					die (STATE_UNKNOWN,_("ERROR: could not allocate server_address"));
- 
- 				asprintf (&orig_url, "%s", server_url);
- 				if (strcspn (pos, "\r\n") > (size_t)server_url_length) {
- 					server_url = realloc (server_url, strcspn (pos, "\r\n"));
- 					if (server_url == NULL)
- 						die (STATE_UNKNOWN, _("ERROR: could not allocate server_url"));
- 					server_url_length = strcspn (pos, "\r\n");
- 				}
  
! 				pos = header;
! 				while (pos) {
! 					if (sscanf (pos, "%[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]:%n", xx, &i) > 0) {
! 						pos += i;
! 						pos += strspn (pos, " \t\r\n");
! 					} else {
! 						pos += (size_t) strcspn (pos, "\r\n");
! 						pos += (size_t) strspn (pos, "\r\n");
! 						continue;
! 					}
! 					/* HDR_LOCATION, URI_HTTP, URI_HOST, URI_PORT, URI_PATH */
! 					if (sscanf (pos, HD1, server_type, server_address, server_port_text, server_url) == 4) {
! 						if (host_name != NULL) free(host_name);
! 						host_name = strdup(server_address);
! 						use_ssl = server_type_check (server_type);
! 						server_port = atoi (server_port_text);
! 						check_http ();
! 					}
! 					/* HDR_LOCATION URI_HTTP URI_HOST URI_PATH */
! 					else if (sscanf (pos, HD2, server_type, server_address, server_url) == 3 ) { 
! 						if (host_name != NULL) free(host_name);
! 						host_name = strdup(server_address);
! 						use_ssl = server_type_check (server_type);
! 						server_port = server_port_check (use_ssl);
! 						check_http ();
! 					}
! 					/* HDR_LOCATION URI_HTTP URI_HOST URI_PORT */
! 					else if(sscanf (pos, HD3, server_type, server_address, server_port_text) == 3) {
! 						if (host_name != NULL) free(host_name);
! 						host_name = strdup(server_address);
! 						strcpy (server_url, "/");
! 						use_ssl = server_type_check (server_type);
! 						server_port = atoi (server_port_text);
! 						check_http ();
! 					}
! 					/* HDR_LOCATION URI_HTTP URI_HOST */
! 					else if(sscanf (pos, HD4, server_type, server_address) == 2) {
! 						if (host_name != NULL) free(host_name);
! 						host_name = strdup(server_address);
! 						strcpy (server_url, "/");
! 						use_ssl = server_type_check (server_type);
! 						server_port = server_port_check (use_ssl);
! 						check_http ();
! 					}
! 					/* HDR_LOCATION URI_PATH */
! 					else if (sscanf (pos, HD5, server_url) == 1) {
! 						if ((server_url[0] != '/') && (x = strrchr(orig_url, '/'))) {
! 							*x = '\0';
! 							asprintf (&server_url, "%s/%s", orig_url, server_url);
! 						}
! 						check_http ();
! 					} 					
! 				} /* end while (pos) */
! 				printf (_("UNKNOWN - Could not find redirect location - %s%s"),
! 				        status_line, (display_html ? "</A>" : ""));
! 				exit (STATE_UNKNOWN);
! 			} /* end if (onredirect == STATE_DEPENDENT) */
! 			
  			else if (onredirect == STATE_UNKNOWN)
  				printf (_("UNKNOWN"));
--- 656,662 ----
  		    strstr (status_line, "304") || strstr (status_line, "305") ||
  		    strstr (status_line, "306")) {
  
! 			if (onredirect == STATE_DEPENDENT)
! 				redir (header, status_line);
  			else if (onredirect == STATE_UNKNOWN)
  				printf (_("UNKNOWN"));
***************
*** 825,828 ****
--- 743,889 ----
  	die (STATE_OK, "%s", msg);
  	return STATE_UNKNOWN;
+ }
+ 
+ 
+ 
+ 
+ /* per RFC 2396 */
+ #define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: "
+ #define URI_HTTP "%[HTPShtps]://"
+ #define URI_HOST "%[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+ #define URI_PORT ":%[0123456789]"
+ #define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+ #define HD1 URI_HTTP URI_HOST URI_PORT URI_PATH
+ #define HD2 URI_HTTP URI_HOST URI_PATH
+ #define HD3 URI_HTTP URI_HOST URI_PORT
+ #define HD4 URI_HTTP URI_HOST
+ #define HD5 URI_PATH
+ 
+ int
+ redir (char *pos, char *status_line)
+ {
+ 	int i = 0;
+ 	char *x;
+ 	char xx[2];
+ 	char type[6];
+ 	char *addr;
+ 	char port[6];
+ 	char *url;
+ 
+ 	addr = malloc (MAX_IPV4_HOSTLENGTH + 1);
+ 	if (addr == NULL)
+ 		die (STATE_UNKNOWN, _("ERROR: could not allocate addr\n"));
+ 	
+ 	url = malloc (strcspn (pos, "\r\n"));
+ 	if (url == NULL)
+ 		die (STATE_UNKNOWN, _("ERROR: could not allocate url\n"));
+ 
+ 	while (pos) {
+ 
+ 		if (sscanf (pos, "%[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]:%n", xx, &i) > 0) {
+ 
+ 			pos += i;
+ 			pos += strspn (pos, " \t\r\n");
+ 
+ 			/* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */
+ 			if (sscanf (pos, HD1, type, addr, port, url) == 4) {
+ 				use_ssl = server_type_check (type);
+ 				i = atoi (port);
+ 			}
+ 
+ 			/* URI_HTTP URI_HOST URI_PATH */
+ 			else if (sscanf (pos, HD2, type, addr, url) == 3 ) { 
+ 				use_ssl = server_type_check (type);
+ 				i = server_port_check (use_ssl);
+ 			}
+ 
+ 			/* URI_HTTP URI_HOST URI_PORT */
+ 			else if(sscanf (pos, HD3, type, addr, port) == 3) {
+ 				strcpy (url, HTTP_URL);
+ 				use_ssl = server_type_check (type);
+ 				i = atoi (port);
+ 			}
+ 
+ 			/* URI_HTTP URI_HOST */
+ 			else if(sscanf (pos, HD4, type, addr) == 2) {
+ 				strcpy (url, HTTP_URL);
+ 				use_ssl = server_type_check (type);
+ 				i = server_port_check (use_ssl);
+ 			}
+ 
+ 			/* URI_PATH */
+ 			else if (sscanf (pos, HD5, url) == 1) {
+ 				/* relative url */
+ 				if ((url[0] != '/')) {
+ 					if (x = strrchr(url, '/'))
+ 						*x = '\0';
+ 					asprintf (&server_url, "%s/%s", server_url, url);
+ 				}
+ 				i = server_port;
+ 				strcpy (type, server_type);
+ 				strcpy (addr, host_name);
+ 			} 					
+ 
+ 			else {
+ 				die (STATE_UNKNOWN,
+ 						 _("UNKNOWN - Could not parse redirect location - %s%s\n"),
+ 						 pos, (display_html ? "</A>" : ""));
+ 			}
+ 
+ 			break;
+ 
+ 		} else {
+ 
+ 			pos += (size_t) strcspn (pos, "\r\n");
+ 			pos += (size_t) strspn (pos, "\r\n");
+ 			if (strlen(pos) == 0) 
+ 				die (STATE_UNKNOWN,
+ 						 _("UNKNOWN - Could not find redirect location - %s%s\n"),
+ 						 status_line, (display_html ? "</A>" : ""));
+ 
+ 		}
+ 
+ 	} /* end while (pos) */
+ 
+ 	if (++redir_depth > max_depth)
+ 		die (STATE_WARNING,
+ 		     _("WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"),
+ 		     max_depth, type, addr, i, url, (display_html ? "</A>" : ""));
+ 
+ 	if (server_port==i &&
+ 	    !strcmp(server_address, addr) &&
+ 	    (host_name && !strcmp(host_name, addr)) &&
+ 	    !strcmp(server_url, url))
+ 		die (STATE_WARNING,
+ 		     _("WARNING - redirection creates an infinite loop - %s://%s:%d%s%s\n"),
+ 		     type, addr, i, url, (display_html ? "</A>" : ""));
+ 
+ 	server_port = i;
+ 	strcpy (server_type, type);
+ 	asprintf (&host_name, "%s", addr);
+ 	asprintf (&server_address, "%s", addr);
+ 	asprintf (&server_url, "%s", url);
+ 
+ 	return check_http ();
+ }
+ 
+ 
+ 
+ int
+ server_type_check (const char *type)
+ {
+ 	if (strcmp (type, "https"))
+ 		return FALSE;
+ 	else
+ 		return TRUE;
+ }
+ 
+ int
+ server_port_check (int ssl_flag)
+ {
+ 	if (ssl_flag)
+ 		return HTTPS_PORT;
+ 	else
+ 		return HTTP_PORT;
  }