From git at monitoring-plugins.org Sun Aug 11 22:20:11 2024 From: git at monitoring-plugins.org (Sven Nierlein) Date: Sun, 11 Aug 2024 22:20:11 +0200 (CEST) Subject: [monitoring-plugins] check_curl: raise SSL issue when ... Message-ID: <20240811202011.EB6632000122@orwell.monitoring-plugins.org> Module: monitoring-plugins Branch: master Commit: 78ce3144e38791a8ea2ee5832a91b24d743dccd3 Author: Yannick Martin Committer: Sven Nierlein Date: Fri Aug 9 12:14:28 2024 +0200 URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=78ce314 check_curl: raise SSL issue when --continue-after-certificate is used This change aims to raise the worst status between the SSL check and the HTTP check. before: check_curl -H www.google.fr -S --continue-after-certificate --certificate 4000,4000 ; echo $? CRITICAL - Certificate '*.google.fr' expires in 74 day(s) (Tue 22 Oct 2024 12:53:52 PM GMT +0000). HTTP OK: HTTP/2 200 - 22807 bytes in 0.076 second response time |time=0.075516s;;;0.000000;10.000000 size=22807B;;;0; 0 after: /usr/lib/nagios/ovh/check_curl -H www.google.fr -S --continue-after-certificate --certificate 4000,4000 ; echo $? CRITICAL - Certificate '*.google.fr' expires in 74 day(s) (Tue 22 Oct 2024 12:53:52 PM GMT +0000). HTTP OK: HTTP/2 200 - 22840 bytes in 0.090 second response time |time=0.090463s;;;0.000000;10.000000 size=22840B;;;0; 2 --- plugins/check_curl.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 01e2770..4522e6c 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -468,6 +468,7 @@ int check_http (void) { int result = STATE_OK; + int result_ssl = STATE_OK; int page_len = 0; int i; char *force_host_header = NULL; @@ -852,9 +853,9 @@ check_http (void) /* check certificate with OpenSSL functions, curl has been built against OpenSSL * and we actually have OpenSSL in the monitoring tools */ - result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); + result_ssl = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); if (!continue_after_check_cert) { - return result; + return result_ssl; } #else /* USE_OPENSSL */ die (STATE_CRITICAL, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL callback used and not linked against OpenSSL\n"); @@ -898,17 +899,17 @@ GOT_FIRST_CERT: die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); } BIO_free (cert_BIO); - result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); + result_ssl = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); if (!continue_after_check_cert) { - return result; + return result_ssl; } #else /* USE_OPENSSL */ /* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our disposal, * so we use the libcurl CURLINFO data */ - result = net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn, days_till_exp_crit); + result_ssl = net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn, days_till_exp_crit); if (!continue_after_check_cert) { - return result; + return result_ssl; } #endif /* USE_OPENSSL */ } else { @@ -1176,7 +1177,7 @@ GOT_FIRST_CERT: } /* TODO: separate _() msg and status code: die (result, "HTTP %s: %s\n", state_text(result), msg); */ - die (result, "HTTP %s: %s %d %s%s%s - %d bytes in %.3f second response time %s|%s\n%s%s", + die (max_state_alt(result, result_ssl), "HTTP %s: %s %d %s%s%s - %d bytes in %.3f second response time %s|%s\n%s%s", state_text(result), string_statuscode (status_line.http_major, status_line.http_minor), status_line.http_code, status_line.msg, strlen(msg) > 0 ? " - " : "", @@ -1186,7 +1187,7 @@ GOT_FIRST_CERT: (show_body ? body_buf.buf : ""), (show_body ? "\n" : "") ); - return result; + return max_state_alt(result, result_ssl); } int From git at monitoring-plugins.org Fri Aug 16 12:40:12 2024 From: git at monitoring-plugins.org (Alvar Penning) Date: Fri, 16 Aug 2024 12:40:12 +0200 (CEST) Subject: [monitoring-plugins] check_curl: Documentation for --certificate, ... Message-ID: <20240816104012.44B992000122@orwell.monitoring-plugins.org> Module: monitoring-plugins Branch: master Commit: 9cdf2aec7fa3277237c078fc9da32f40d0292299 Author: Alvar Penning Date: Fri Aug 16 10:38:02 2024 +0200 URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=9cdf2ae check_curl: Documentation for --certificate, --cookie-jar >From the mere help output for -C / --certificate, I was confused about what its two integer parameters do. Unfortunately, I also missed out on the explaining examples later. Since I like to have basic documentation for each flag, I tried to make the arguments as short as possible. The other fix was one hyphen too many for the --cookie-jar option. --- plugins/check_curl.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 4522e6c..e9c15e6 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -2008,8 +2008,11 @@ print_help (void) printf (" %s\n", _("Note: SNI is not supported in libcurl before 7.18.1")); #endif printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); - printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); - printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); + printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443.")); + printf (" %s\n", _("A STATE_WARNING is returned if the certificate has a validity less than the")); + printf (" %s\n", _("first agument's value. If there is a second argument and the certificate's")); + printf (" %s\n", _("validity is less than its value, a STATE_CRITICAL is returned.")); + printf (" %s\n", _("(When this option is used the URL is not checked by default. You can use")); printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); printf (" %s\n", "--continue-after-certificate"); printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); @@ -2092,7 +2095,7 @@ print_help (void) printf (" %s\n", _("Enable automatic decompression of body (CURLOPT_ACCEPT_ENCODING).")); printf(" %s\n", "--haproxy-protocol"); printf(" %s\n", _("Send HAProxy proxy protocol v1 header (CURLOPT_HAPROXYPROTOCOL).")); - printf (" %s\n", "---cookie-jar=FILE"); + printf (" %s\n", "--cookie-jar=FILE"); printf (" %s\n", _("Store cookies in the cookie jar and send them out when requested.")); printf ("\n"); From git at monitoring-plugins.org Fri Aug 16 12:40:12 2024 From: git at monitoring-plugins.org (GitHub) Date: Fri, 16 Aug 2024 12:40:12 +0200 (CEST) Subject: [monitoring-plugins] Merge pull request #2012 from ... Message-ID: <20240816104012.517BD2000124@orwell.monitoring-plugins.org> Module: monitoring-plugins Branch: master Commit: f49074e802145a6a0d5cc1a24fd3d355944af5d5 Author: Lorenz K?stle <12514511+RincewindsHat at users.noreply.github.com> Committer: GitHub Date: Fri Aug 16 12:32:10 2024 +0200 URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=f49074e Merge pull request #2012 from oxzi/check_curl-help-fixes check_curl: Documentation for --certificate, --cookie-jar --- From git at monitoring-plugins.org Wed Aug 28 10:30:11 2024 From: git at monitoring-plugins.org (RincewindsHat) Date: Wed, 28 Aug 2024 10:30:11 +0200 (CEST) Subject: [monitoring-plugins] Add more documentation to the help page of ... Message-ID: <20240828083011.DF8AB2000122@orwell.monitoring-plugins.org> Module: monitoring-plugins Branch: master Commit: c862f705f393c89c78d63a10a66b5abe1d2d432e Author: RincewindsHat <12514511+RincewindsHat at users.noreply.github.com> Date: Tue May 21 13:59:45 2024 +0200 URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=c862f70 Add more documentation to the help page of check_snmp regarding authentication and privacy options --- plugins/check_snmp.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 295aa9b..898b6ab 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -1253,10 +1253,12 @@ print_help (void) printf (" %s\n", _("SNMPv3 context")); printf (" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]"); printf (" %s\n", _("SNMPv3 securityLevel")); - printf (" %s\n", "-a, --authproto=[MD5|SHA]"); - printf (" %s\n", _("SNMPv3 auth proto")); - printf (" %s\n", "-x, --privproto=[DES|AES]"); - printf (" %s\n", _("SNMPv3 priv proto (default DES)")); + printf (" %s\n", "-a, --authproto=AUTHENTICATION_PROTOCOL"); + printf (" %s\n", _("SNMPv3 authentication protocol (default MD5), available options depend on the specific version of the net-snmp tools")); + printf (" %s\n", _("if < 5.8 SHA (1) and MD5 should be available, if >= 5.8 additionaly SHA-224, SHA-256, SHA-384 and SHA-512")); + printf (" %s\n", "-x, --privproto=PRIVACY_PROTOCOL"); + printf (" %s\n", _("SNMPv3 privacy protocol (default DES), available options depend on the specific version of the net-snmp tools")); + printf (" %s\n", _("if < 5.8 DES and AES should be available, if >= 5.8 additionaly AES-192 and AES-256")); /* Authentication Tokens*/ printf (" %s\n", "-C, --community=STRING"); From git at monitoring-plugins.org Wed Aug 28 10:30:11 2024 From: git at monitoring-plugins.org (RincewindsHat) Date: Wed, 28 Aug 2024 10:30:11 +0200 (CEST) Subject: [monitoring-plugins] Fix typos Message-ID: <20240828083011.EBDAC2000126@orwell.monitoring-plugins.org> Module: monitoring-plugins Branch: master Commit: 26a979284d1e05447523ef5153a7bd373571b97e Author: RincewindsHat <12514511+RincewindsHat at users.noreply.github.com> Date: Tue May 21 14:27:21 2024 +0200 URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=26a9792 Fix typos --- plugins/check_snmp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 898b6ab..937b3a5 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -1255,10 +1255,10 @@ print_help (void) printf (" %s\n", _("SNMPv3 securityLevel")); printf (" %s\n", "-a, --authproto=AUTHENTICATION_PROTOCOL"); printf (" %s\n", _("SNMPv3 authentication protocol (default MD5), available options depend on the specific version of the net-snmp tools")); - printf (" %s\n", _("if < 5.8 SHA (1) and MD5 should be available, if >= 5.8 additionaly SHA-224, SHA-256, SHA-384 and SHA-512")); + printf (" %s\n", _("if < 5.8 SHA (1) and MD5 should be available, if >= 5.8 additionally SHA-224, SHA-256, SHA-384 and SHA-512")); printf (" %s\n", "-x, --privproto=PRIVACY_PROTOCOL"); printf (" %s\n", _("SNMPv3 privacy protocol (default DES), available options depend on the specific version of the net-snmp tools")); - printf (" %s\n", _("if < 5.8 DES and AES should be available, if >= 5.8 additionaly AES-192 and AES-256")); + printf (" %s\n", _("if < 5.8 DES and AES should be available, if >= 5.8 additionally AES-192 and AES-256")); /* Authentication Tokens*/ printf (" %s\n", "-C, --community=STRING"); From git at monitoring-plugins.org Wed Aug 28 10:30:12 2024 From: git at monitoring-plugins.org (GitHub) Date: Wed, 28 Aug 2024 10:30:12 +0200 (CEST) Subject: [monitoring-plugins] Merge pull request #2001 from ... Message-ID: <20240828083012.0B46B200014F@orwell.monitoring-plugins.org> Module: monitoring-plugins Branch: master Commit: 2b8b66d41e5c077a1b127a453b8373f05c56e51d Author: Lorenz K?stle <12514511+RincewindsHat at users.noreply.github.com> Committer: GitHub Date: Wed Aug 28 10:21:12 2024 +0200 URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=2b8b66d Merge pull request #2001 from RincewindsHat/check_snmp_protocoll_documentation Add more documentation to the help page of check_snmp regarding authe? --- From git at monitoring-plugins.org Fri Aug 30 00:30:12 2024 From: git at monitoring-plugins.org (Lorenz Kästle) Date: Fri, 30 Aug 2024 00:30:12 +0200 (CEST) Subject: [monitoring-plugins] Remove experimental state from check_curl Message-ID: <20240829223012.428F72000124@orwell.monitoring-plugins.org> Module: monitoring-plugins Branch: master Commit: 75d5c512072a019cdf6365bcda02d7eddc237e0c Author: Lorenz K?stle Date: Thu Aug 29 18:20:35 2024 +0200 URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=75d5c51 Remove experimental state from check_curl --- plugins/check_curl.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/plugins/check_curl.c b/plugins/check_curl.c index e9c15e6..e25d7a7 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -2190,8 +2190,6 @@ print_usage (void) printf ("%s\n", _("In the first form, make an HTTP request.")); printf ("%s\n\n", _("In the second form, connect to the server and check the TLS certificate.")); #endif - printf ("%s\n", _("WARNING: check_curl is experimental. Please use")); - printf ("%s\n\n", _("check_http if you need a stable version.")); } void From git at monitoring-plugins.org Fri Aug 30 00:30:12 2024 From: git at monitoring-plugins.org (GitHub) Date: Fri, 30 Aug 2024 00:30:12 +0200 (CEST) Subject: [monitoring-plugins] Merge pull request #2017 from ... Message-ID: <20240829223012.4F8002000126@orwell.monitoring-plugins.org> Module: monitoring-plugins Branch: master Commit: 3e06d3a965f42a4576f8f6bf406d20d329b319b1 Author: Lorenz K?stle <12514511+RincewindsHat at users.noreply.github.com> Committer: GitHub Date: Fri Aug 30 00:22:31 2024 +0200 URL: https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=3e06d3a Merge pull request #2017 from RincewindsHat/check_curl_no_more_experimental Remove experimental state from check_curl ---