diff options
author | RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> | 2022-11-13 18:54:21 +0100 |
---|---|---|
committer | Sven Nierlein <sven@nierlein.org> | 2023-01-07 18:34:46 +0100 |
commit | 2315f59835a51dc29a16c435ca5cbda7039c433a (patch) | |
tree | d69d743c6eea1d9557da103faf048fd801d7da9c | |
parent | d2a05e0d12e93b06ef1357e6dffd2842d40e0aa8 (diff) | |
download | monitoring-plugins-2315f59835a51dc29a16c435ca5cbda7039c433a.tar.gz |
clang format
-rw-r--r-- | plugins/check_http.c | 1685 |
1 files changed, 872 insertions, 813 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c index 6c6810fe..440c8422 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
@@ -1,46 +1,47 @@ | |||
1 | /***************************************************************************** | 1 | /***************************************************************************** |
2 | * | 2 | * |
3 | * Monitoring check_http plugin | 3 | * Monitoring check_http plugin |
4 | * | 4 | * |
5 | * License: GPL | 5 | * License: GPL |
6 | * Copyright (c) 1999-2013 Monitoring Plugins Development Team | 6 | * Copyright (c) 1999-2013 Monitoring Plugins Development Team |
7 | * | 7 | * |
8 | * Description: | 8 | * Description: |
9 | * | 9 | * |
10 | * This file contains the check_http plugin | 10 | * This file contains the check_http plugin |
11 | * | 11 | * |
12 | * This plugin tests the HTTP service on the specified host. It can test | 12 | * This plugin tests the HTTP service on the specified host. It can test |
13 | * normal (http) and secure (https) servers, follow redirects, search for | 13 | * normal (http) and secure (https) servers, follow redirects, search for |
14 | * strings and regular expressions, check connection times, and report on | 14 | * strings and regular expressions, check connection times, and report on |
15 | * certificate expiration times. | 15 | * certificate expiration times. |
16 | * | 16 | * |
17 | * | 17 | * |
18 | * This program is free software: you can redistribute it and/or modify | 18 | * This program is free software: you can redistribute it and/or modify |
19 | * it under the terms of the GNU General Public License as published by | 19 | * it under the terms of the GNU General Public License as published by |
20 | * the Free Software Foundation, either version 3 of the License, or | 20 | * the Free Software Foundation, either version 3 of the License, or |
21 | * (at your option) any later version. | 21 | * (at your option) any later version. |
22 | * | 22 | * |
23 | * This program is distributed in the hope that it will be useful, | 23 | * This program is distributed in the hope that it will be useful, |
24 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | 24 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
25 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 25 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
26 | * GNU General Public License for more details. | 26 | * GNU General Public License for more details. |
27 | * | 27 | * |
28 | * You should have received a copy of the GNU General Public License | 28 | * You should have received a copy of the GNU General Public License |
29 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | 29 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
30 | * | 30 | * |
31 | * | 31 | * |
32 | *****************************************************************************/ | 32 | *****************************************************************************/ |
33 | 33 | ||
34 | /* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */ | 34 | /* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ |
35 | * ../../plugins/check_http.c */ | ||
35 | 36 | ||
36 | const char *progname = "check_http"; | 37 | const char *progname = "check_http"; |
37 | const char *copyright = "1999-2022"; | 38 | const char *copyright = "1999-2022"; |
38 | const char *email = "devel@monitoring-plugins.org"; | 39 | const char *email = "devel@monitoring-plugins.org"; |
39 | 40 | ||
41 | #include "base64.h" | ||
40 | #include "common.h" | 42 | #include "common.h" |
41 | #include "netutils.h" | 43 | #include "netutils.h" |
42 | #include "utils.h" | 44 | #include "utils.h" |
43 | #include "base64.h" | ||
44 | #include <ctype.h> | 45 | #include <ctype.h> |
45 | 46 | ||
46 | #define STICKY_NONE 0 | 47 | #define STICKY_NONE 0 |
@@ -63,19 +64,18 @@ int ssl_version = 0; | |||
63 | int days_till_exp_warn, days_till_exp_crit; | 64 | int days_till_exp_warn, days_till_exp_crit; |
64 | char *randbuff; | 65 | char *randbuff; |
65 | X509 *server_cert; | 66 | X509 *server_cert; |
66 | # define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) | 67 | #define my_recv(buf, len) \ |
67 | # define my_send(buf, len) ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) | 68 | ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) |
69 | #define my_send(buf, len) \ | ||
70 | ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) | ||
68 | #else /* ifndef HAVE_SSL */ | 71 | #else /* ifndef HAVE_SSL */ |
69 | # define my_recv(buf, len) read(sd, buf, len) | 72 | #define my_recv(buf, len) read(sd, buf, len) |
70 | # define my_send(buf, len) send(sd, buf, len, 0) | 73 | #define my_send(buf, len) send(sd, buf, len, 0) |
71 | #endif /* HAVE_SSL */ | 74 | #endif /* HAVE_SSL */ |
72 | bool no_body = false; | 75 | bool no_body = false; |
73 | int maximum_age = -1; | 76 | int maximum_age = -1; |
74 | 77 | ||
75 | enum { | 78 | enum { REGS = 2, MAX_RE_SIZE = 1024 }; |
76 | REGS = 2, | ||
77 | MAX_RE_SIZE = 1024 | ||
78 | }; | ||
79 | #include "regex.h" | 79 | #include "regex.h" |
80 | regex_t preg; | 80 | regex_t preg; |
81 | regmatch_t pmatch[REGS]; | 81 | regmatch_t pmatch[REGS]; |
@@ -136,71 +136,67 @@ char buffer[MAX_INPUT_BUFFER]; | |||
136 | char *client_cert = NULL; | 136 | char *client_cert = NULL; |
137 | char *client_privkey = NULL; | 137 | char *client_privkey = NULL; |
138 | 138 | ||
139 | bool process_arguments (int, char **); | 139 | bool process_arguments(int, char **); |
140 | int check_http (void); | 140 | int check_http(void); |
141 | void redir (char *pos, char *status_line); | 141 | void redir(char *pos, char *status_line); |
142 | bool server_type_check(const char *type); | 142 | bool server_type_check(const char *type); |
143 | int server_port_check(int ssl_flag); | 143 | int server_port_check(int ssl_flag); |
144 | char *perfd_time (double microsec); | 144 | char *perfd_time(double microsec); |
145 | char *perfd_time_connect (double microsec); | 145 | char *perfd_time_connect(double microsec); |
146 | char *perfd_time_ssl (double microsec); | 146 | char *perfd_time_ssl(double microsec); |
147 | char *perfd_time_firstbyte (double microsec); | 147 | char *perfd_time_firstbyte(double microsec); |
148 | char *perfd_time_headers (double microsec); | 148 | char *perfd_time_headers(double microsec); |
149 | char *perfd_time_transfer (double microsec); | 149 | char *perfd_time_transfer(double microsec); |
150 | char *perfd_size (int page_len); | 150 | char *perfd_size(int page_len); |
151 | void print_help (void); | 151 | void print_help(void); |
152 | void print_usage (void); | 152 | void print_usage(void); |
153 | 153 | ||
154 | int | 154 | int main(int argc, char **argv) { |
155 | main (int argc, char **argv) | ||
156 | { | ||
157 | int result = STATE_UNKNOWN; | 155 | int result = STATE_UNKNOWN; |
158 | 156 | ||
159 | setlocale (LC_ALL, ""); | 157 | setlocale(LC_ALL, ""); |
160 | bindtextdomain (PACKAGE, LOCALEDIR); | 158 | bindtextdomain(PACKAGE, LOCALEDIR); |
161 | textdomain (PACKAGE); | 159 | textdomain(PACKAGE); |
162 | 160 | ||
163 | /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */ | 161 | /* Set default URL. Must be malloced for subsequent realloc if |
162 | * --onredirect=follow */ | ||
164 | server_url = strdup(HTTP_URL); | 163 | server_url = strdup(HTTP_URL); |
165 | server_url_length = strlen(server_url); | 164 | server_url_length = strlen(server_url); |
166 | xasprintf (&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", | 165 | xasprintf(&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", |
167 | NP_VERSION, VERSION); | 166 | NP_VERSION, VERSION); |
168 | 167 | ||
169 | /* Parse extra opts if any */ | 168 | /* Parse extra opts if any */ |
170 | argv=np_extra_opts (&argc, argv, progname); | 169 | argv = np_extra_opts(&argc, argv, progname); |
171 | 170 | ||
172 | if (process_arguments (argc, argv) == false) | 171 | if (process_arguments(argc, argv) == false) |
173 | usage4 (_("Could not parse arguments")); | 172 | usage4(_("Could not parse arguments")); |
174 | 173 | ||
175 | if (display_html == true) | 174 | if (display_html == true) |
176 | printf ("<A HREF=\"%s://%s:%d%s\" target=\"_blank\">", | 175 | printf("<A HREF=\"%s://%s:%d%s\" target=\"_blank\">", |
177 | use_ssl ? "https" : "http", host_name ? host_name : server_address, | 176 | use_ssl ? "https" : "http", host_name ? host_name : server_address, |
178 | server_port, server_url); | 177 | server_port, server_url); |
179 | 178 | ||
180 | /* initialize alarm signal handling, set socket timeout, start timer */ | 179 | /* initialize alarm signal handling, set socket timeout, start timer */ |
181 | (void) signal (SIGALRM, socket_timeout_alarm_handler); | 180 | (void)signal(SIGALRM, socket_timeout_alarm_handler); |
182 | (void) alarm (socket_timeout); | 181 | (void)alarm(socket_timeout); |
183 | gettimeofday (&tv, NULL); | 182 | gettimeofday(&tv, NULL); |
184 | 183 | ||
185 | result = check_http (); | 184 | result = check_http(); |
186 | return result; | 185 | return result; |
187 | } | 186 | } |
188 | 187 | ||
189 | /* check whether a file exists */ | 188 | /* check whether a file exists */ |
190 | void | 189 | void test_file(char *path) { |
191 | test_file (char *path) | ||
192 | { | ||
193 | if (access(path, R_OK) == 0) | 190 | if (access(path, R_OK) == 0) |
194 | return; | 191 | return; |
195 | usage2 (_("file does not exist or is not readable"), path); | 192 | usage2(_("file does not exist or is not readable"), path); |
196 | } | 193 | } |
197 | 194 | ||
198 | /* | 195 | /* |
199 | * process command-line arguments | 196 | * process command-line arguments |
200 | * returns true on succes, false otherwise | 197 | * returns true on succes, false otherwise |
201 | */ | 198 | */ |
202 | bool process_arguments (int argc, char **argv) | 199 | bool process_arguments(int argc, char **argv) { |
203 | { | ||
204 | int c = 1; | 200 | int c = 1; |
205 | char *p; | 201 | char *p; |
206 | char *temp; | 202 | char *temp; |
@@ -214,83 +210,85 @@ bool process_arguments (int argc, char **argv) | |||
214 | 210 | ||
215 | int option = 0; | 211 | int option = 0; |
216 | static struct option longopts[] = { | 212 | static struct option longopts[] = { |
217 | STD_LONG_OPTS, | 213 | STD_LONG_OPTS, |
218 | {"link", no_argument, 0, 'L'}, | 214 | {"link", no_argument, 0, 'L'}, |
219 | {"nohtml", no_argument, 0, 'n'}, | 215 | {"nohtml", no_argument, 0, 'n'}, |
220 | {"ssl", optional_argument, 0, 'S'}, | 216 | {"ssl", optional_argument, 0, 'S'}, |
221 | {"sni", no_argument, 0, SNI_OPTION}, | 217 | {"sni", no_argument, 0, SNI_OPTION}, |
222 | {"post", required_argument, 0, 'P'}, | 218 | {"post", required_argument, 0, 'P'}, |
223 | {"method", required_argument, 0, 'j'}, | 219 | {"method", required_argument, 0, 'j'}, |
224 | {"IP-address", required_argument, 0, 'I'}, | 220 | {"IP-address", required_argument, 0, 'I'}, |
225 | {"url", required_argument, 0, 'u'}, | 221 | {"url", required_argument, 0, 'u'}, |
226 | {"port", required_argument, 0, 'p'}, | 222 | {"port", required_argument, 0, 'p'}, |
227 | {"authorization", required_argument, 0, 'a'}, | 223 | {"authorization", required_argument, 0, 'a'}, |
228 | {"proxy-authorization", required_argument, 0, 'b'}, | 224 | {"proxy-authorization", required_argument, 0, 'b'}, |
229 | {"header-string", required_argument, 0, 'd'}, | 225 | {"header-string", required_argument, 0, 'd'}, |
230 | {"string", required_argument, 0, 's'}, | 226 | {"string", required_argument, 0, 's'}, |
231 | {"expect", required_argument, 0, 'e'}, | 227 | {"expect", required_argument, 0, 'e'}, |
232 | {"regex", required_argument, 0, 'r'}, | 228 | {"regex", required_argument, 0, 'r'}, |
233 | {"ereg", required_argument, 0, 'r'}, | 229 | {"ereg", required_argument, 0, 'r'}, |
234 | {"eregi", required_argument, 0, 'R'}, | 230 | {"eregi", required_argument, 0, 'R'}, |
235 | {"linespan", no_argument, 0, 'l'}, | 231 | {"linespan", no_argument, 0, 'l'}, |
236 | {"onredirect", required_argument, 0, 'f'}, | 232 | {"onredirect", required_argument, 0, 'f'}, |
237 | {"certificate", required_argument, 0, 'C'}, | 233 | {"certificate", required_argument, 0, 'C'}, |
238 | {"client-cert", required_argument, 0, 'J'}, | 234 | {"client-cert", required_argument, 0, 'J'}, |
239 | {"private-key", required_argument, 0, 'K'}, | 235 | {"private-key", required_argument, 0, 'K'}, |
240 | {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, | 236 | {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, |
241 | {"useragent", required_argument, 0, 'A'}, | 237 | {"useragent", required_argument, 0, 'A'}, |
242 | {"header", required_argument, 0, 'k'}, | 238 | {"header", required_argument, 0, 'k'}, |
243 | {"no-body", no_argument, 0, 'N'}, | 239 | {"no-body", no_argument, 0, 'N'}, |
244 | {"max-age", required_argument, 0, 'M'}, | 240 | {"max-age", required_argument, 0, 'M'}, |
245 | {"content-type", required_argument, 0, 'T'}, | 241 | {"content-type", required_argument, 0, 'T'}, |
246 | {"pagesize", required_argument, 0, 'm'}, | 242 | {"pagesize", required_argument, 0, 'm'}, |
247 | {"invert-regex", no_argument, NULL, INVERT_REGEX}, | 243 | {"invert-regex", no_argument, NULL, INVERT_REGEX}, |
248 | {"use-ipv4", no_argument, 0, '4'}, | 244 | {"use-ipv4", no_argument, 0, '4'}, |
249 | {"use-ipv6", no_argument, 0, '6'}, | 245 | {"use-ipv6", no_argument, 0, '6'}, |
250 | {"extended-perfdata", no_argument, 0, 'E'}, | 246 | {"extended-perfdata", no_argument, 0, 'E'}, |
251 | {"show-body", no_argument, 0, 'B'}, | 247 | {"show-body", no_argument, 0, 'B'}, |
252 | {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, | 248 | {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, |
253 | {0, 0, 0, 0} | 249 | {0, 0, 0, 0}}; |
254 | }; | ||
255 | 250 | ||
256 | if (argc < 2) | 251 | if (argc < 2) |
257 | return false; | 252 | return false; |
258 | 253 | ||
259 | for (c = 1; c < argc; c++) { | 254 | for (c = 1; c < argc; c++) { |
260 | if (strcmp ("-to", argv[c]) == 0) | 255 | if (strcmp("-to", argv[c]) == 0) |
261 | strcpy (argv[c], "-t"); | 256 | strcpy(argv[c], "-t"); |
262 | if (strcmp ("-hn", argv[c]) == 0) | 257 | if (strcmp("-hn", argv[c]) == 0) |
263 | strcpy (argv[c], "-H"); | 258 | strcpy(argv[c], "-H"); |
264 | if (strcmp ("-wt", argv[c]) == 0) | 259 | if (strcmp("-wt", argv[c]) == 0) |
265 | strcpy (argv[c], "-w"); | 260 | strcpy(argv[c], "-w"); |
266 | if (strcmp ("-ct", argv[c]) == 0) | 261 | if (strcmp("-ct", argv[c]) == 0) |
267 | strcpy (argv[c], "-c"); | 262 | strcpy(argv[c], "-c"); |
268 | if (strcmp ("-nohtml", argv[c]) == 0) | 263 | if (strcmp("-nohtml", argv[c]) == 0) |
269 | strcpy (argv[c], "-n"); | 264 | strcpy(argv[c], "-n"); |
270 | } | 265 | } |
271 | 266 | ||
272 | while (1) { | 267 | while (1) { |
273 | c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option); | 268 | c = getopt_long( |
269 | argc, argv, | ||
270 | "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", | ||
271 | longopts, &option); | ||
274 | if (c == -1 || c == EOF) | 272 | if (c == -1 || c == EOF) |
275 | break; | 273 | break; |
276 | 274 | ||
277 | switch (c) { | 275 | switch (c) { |
278 | case '?': /* usage */ | 276 | case '?': /* usage */ |
279 | usage5 (); | 277 | usage5(); |
280 | break; | 278 | break; |
281 | case 'h': /* help */ | 279 | case 'h': /* help */ |
282 | print_help (); | 280 | print_help(); |
283 | exit (STATE_UNKNOWN); | 281 | exit(STATE_UNKNOWN); |
284 | break; | 282 | break; |
285 | case 'V': /* version */ | 283 | case 'V': /* version */ |
286 | print_revision (progname, NP_VERSION); | 284 | print_revision(progname, NP_VERSION); |
287 | exit (STATE_UNKNOWN); | 285 | exit(STATE_UNKNOWN); |
288 | break; | 286 | break; |
289 | case 't': /* timeout period */ | 287 | case 't': /* timeout period */ |
290 | if (!is_intnonneg (optarg)) | 288 | if (!is_intnonneg(optarg)) |
291 | usage2 (_("Timeout interval must be a positive integer"), optarg); | 289 | usage2(_("Timeout interval must be a positive integer"), optarg); |
292 | else | 290 | else |
293 | socket_timeout = atoi (optarg); | 291 | socket_timeout = atoi(optarg); |
294 | break; | 292 | break; |
295 | case 'c': /* critical time threshold */ | 293 | case 'c': /* critical time threshold */ |
296 | critical_thresholds = optarg; | 294 | critical_thresholds = optarg; |
@@ -299,13 +297,14 @@ bool process_arguments (int argc, char **argv) | |||
299 | warning_thresholds = optarg; | 297 | warning_thresholds = optarg; |
300 | break; | 298 | break; |
301 | case 'A': /* User Agent String */ | 299 | case 'A': /* User Agent String */ |
302 | xasprintf (&user_agent, "User-Agent: %s", optarg); | 300 | xasprintf(&user_agent, "User-Agent: %s", optarg); |
303 | break; | 301 | break; |
304 | case 'k': /* Additional headers */ | 302 | case 'k': /* Additional headers */ |
305 | if (http_opt_headers_count == 0) | 303 | if (http_opt_headers_count == 0) |
306 | http_opt_headers = malloc (sizeof (char *) * (++http_opt_headers_count)); | 304 | http_opt_headers = malloc(sizeof(char *) * (++http_opt_headers_count)); |
307 | else | 305 | else |
308 | http_opt_headers = realloc (http_opt_headers, sizeof (char *) * (++http_opt_headers_count)); | 306 | http_opt_headers = realloc(http_opt_headers, |
307 | sizeof(char *) * (++http_opt_headers_count)); | ||
309 | http_opt_headers[http_opt_headers_count - 1] = optarg; | 308 | http_opt_headers[http_opt_headers_count - 1] = optarg; |
310 | /* xasprintf (&http_opt_headers, "%s", optarg); */ | 309 | /* xasprintf (&http_opt_headers, "%s", optarg); */ |
311 | break; | 310 | break; |
@@ -317,27 +316,27 @@ bool process_arguments (int argc, char **argv) | |||
317 | break; | 316 | break; |
318 | case 'C': /* Check SSL cert validity */ | 317 | case 'C': /* Check SSL cert validity */ |
319 | #ifdef HAVE_SSL | 318 | #ifdef HAVE_SSL |
320 | if ((temp=strchr(optarg,','))!=NULL) { | 319 | if ((temp = strchr(optarg, ',')) != NULL) { |
321 | *temp='\0'; | 320 | *temp = '\0'; |
322 | if (!is_intnonneg (optarg)) | 321 | if (!is_intnonneg(optarg)) |
323 | usage2 (_("Invalid certificate expiration period"), optarg); | 322 | usage2(_("Invalid certificate expiration period"), optarg); |
324 | days_till_exp_warn = atoi(optarg); | 323 | days_till_exp_warn = atoi(optarg); |
325 | *temp=','; | 324 | *temp = ','; |
326 | temp++; | 325 | temp++; |
327 | if (!is_intnonneg (temp)) | 326 | if (!is_intnonneg(temp)) |
328 | usage2 (_("Invalid certificate expiration period"), temp); | 327 | usage2(_("Invalid certificate expiration period"), temp); |
329 | days_till_exp_crit = atoi (temp); | 328 | days_till_exp_crit = atoi(temp); |
330 | } | 329 | } else { |
331 | else { | 330 | days_till_exp_crit = 0; |
332 | days_till_exp_crit=0; | 331 | if (!is_intnonneg(optarg)) |
333 | if (!is_intnonneg (optarg)) | 332 | usage2(_("Invalid certificate expiration period"), optarg); |
334 | usage2 (_("Invalid certificate expiration period"), optarg); | 333 | days_till_exp_warn = atoi(optarg); |
335 | days_till_exp_warn = atoi (optarg); | ||
336 | } | 334 | } |
337 | check_cert = true; | 335 | check_cert = true; |
338 | goto enable_ssl; | 336 | goto enable_ssl; |
339 | #endif | 337 | #endif |
340 | case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ | 338 | case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is |
339 | checked */ | ||
341 | #ifdef HAVE_SSL | 340 | #ifdef HAVE_SSL |
342 | continue_after_check_cert = true; | 341 | continue_after_check_cert = true; |
343 | break; | 342 | break; |
@@ -357,15 +356,16 @@ bool process_arguments (int argc, char **argv) | |||
357 | case 'S': /* use SSL */ | 356 | case 'S': /* use SSL */ |
358 | #ifdef HAVE_SSL | 357 | #ifdef HAVE_SSL |
359 | enable_ssl: | 358 | enable_ssl: |
360 | /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple | 359 | /* ssl_version initialized to 0 as a default. Only set if it's non-zero. |
361 | parameters, like -S and -C combinations */ | 360 | This helps when we include multiple parameters, like -S and -C |
361 | combinations */ | ||
362 | use_ssl = true; | 362 | use_ssl = true; |
363 | if (c=='S' && optarg != NULL) { | 363 | if (c == 'S' && optarg != NULL) { |
364 | int got_plus = strchr(optarg, '+') != NULL; | 364 | int got_plus = strchr(optarg, '+') != NULL; |
365 | 365 | ||
366 | if (!strncmp (optarg, "1.2", 3)) | 366 | if (!strncmp(optarg, "1.2", 3)) |
367 | ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2; | 367 | ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2; |
368 | else if (!strncmp (optarg, "1.1", 3)) | 368 | else if (!strncmp(optarg, "1.1", 3)) |
369 | ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1; | 369 | ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1; |
370 | else if (optarg[0] == '1') | 370 | else if (optarg[0] == '1') |
371 | ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1; | 371 | ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1; |
@@ -374,101 +374,104 @@ bool process_arguments (int argc, char **argv) | |||
374 | else if (optarg[0] == '2') | 374 | else if (optarg[0] == '2') |
375 | ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2; | 375 | ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2; |
376 | else | 376 | else |
377 | usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); | 377 | usage4(_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 " |
378 | "(with optional '+' suffix)")); | ||
378 | } | 379 | } |
379 | if (specify_port == false) | 380 | if (specify_port == false) |
380 | server_port = HTTPS_PORT; | 381 | server_port = HTTPS_PORT; |
381 | #else | 382 | #else |
382 | /* -C -J and -K fall through to here without SSL */ | 383 | /* -C -J and -K fall through to here without SSL */ |
383 | usage4 (_("Invalid option - SSL is not available")); | 384 | usage4(_("Invalid option - SSL is not available")); |
384 | #endif | 385 | #endif |
385 | break; | 386 | break; |
386 | case SNI_OPTION: | 387 | case SNI_OPTION: |
387 | use_sni = true; | 388 | use_sni = true; |
388 | break; | 389 | break; |
389 | case MAX_REDIRS_OPTION: | 390 | case MAX_REDIRS_OPTION: |
390 | if (!is_intnonneg (optarg)) | 391 | if (!is_intnonneg(optarg)) |
391 | usage2 (_("Invalid max_redirs count"), optarg); | 392 | usage2(_("Invalid max_redirs count"), optarg); |
392 | else { | 393 | else { |
393 | max_depth = atoi (optarg); | 394 | max_depth = atoi(optarg); |
394 | } | 395 | } |
395 | break; | 396 | break; |
396 | case 'f': /* onredirect */ | 397 | case 'f': /* onredirect */ |
397 | if (!strcmp (optarg, "stickyport")) | 398 | if (!strcmp(optarg, "stickyport")) |
398 | onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; | 399 | onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST | STICKY_PORT; |
399 | else if (!strcmp (optarg, "sticky")) | 400 | else if (!strcmp(optarg, "sticky")) |
400 | onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST; | 401 | onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST; |
401 | else if (!strcmp (optarg, "follow")) | 402 | else if (!strcmp(optarg, "follow")) |
402 | onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE; | 403 | onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE; |
403 | else if (!strcmp (optarg, "unknown")) | 404 | else if (!strcmp(optarg, "unknown")) |
404 | onredirect = STATE_UNKNOWN; | 405 | onredirect = STATE_UNKNOWN; |
405 | else if (!strcmp (optarg, "ok")) | 406 | else if (!strcmp(optarg, "ok")) |
406 | onredirect = STATE_OK; | 407 | onredirect = STATE_OK; |
407 | else if (!strcmp (optarg, "warning")) | 408 | else if (!strcmp(optarg, "warning")) |
408 | onredirect = STATE_WARNING; | 409 | onredirect = STATE_WARNING; |
409 | else if (!strcmp (optarg, "critical")) | 410 | else if (!strcmp(optarg, "critical")) |
410 | onredirect = STATE_CRITICAL; | 411 | onredirect = STATE_CRITICAL; |
411 | else usage2 (_("Invalid onredirect option"), optarg); | 412 | else |
413 | usage2(_("Invalid onredirect option"), optarg); | ||
412 | if (verbose) | 414 | if (verbose) |
413 | printf(_("option f:%d \n"), onredirect); | 415 | printf(_("option f:%d \n"), onredirect); |
414 | break; | 416 | break; |
415 | /* Note: H, I, and u must be malloc'd or will fail on redirects */ | 417 | /* Note: H, I, and u must be malloc'd or will fail on redirects */ |
416 | case 'H': /* Host Name (virtual host) */ | 418 | case 'H': /* Host Name (virtual host) */ |
417 | host_name = strdup (optarg); | 419 | host_name = strdup(optarg); |
418 | if (host_name[0] == '[') { | 420 | if (host_name[0] == '[') { |
419 | if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */ | 421 | if ((p = strstr(host_name, "]:")) != NULL) { /* [IPv6]:port */ |
420 | virtual_port = atoi (p + 2); | 422 | virtual_port = atoi(p + 2); |
421 | /* cut off the port */ | 423 | /* cut off the port */ |
422 | host_name_length = strlen (host_name) - strlen (p) - 1; | 424 | host_name_length = strlen(host_name) - strlen(p) - 1; |
423 | free (host_name); | 425 | free(host_name); |
424 | host_name = strndup (optarg, host_name_length); | 426 | host_name = strndup(optarg, host_name_length); |
425 | if (specify_port == false) | ||
426 | server_port = virtual_port; | ||
427 | } | ||
428 | } else if ((p = strchr (host_name, ':')) != NULL | ||
429 | && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */ | ||
430 | virtual_port = atoi (p); | ||
431 | /* cut off the port */ | ||
432 | host_name_length = strlen (host_name) - strlen (p) - 1; | ||
433 | free (host_name); | ||
434 | host_name = strndup (optarg, host_name_length); | ||
435 | if (specify_port == false) | 427 | if (specify_port == false) |
436 | server_port = virtual_port; | 428 | server_port = virtual_port; |
437 | } | 429 | } |
430 | } else if ((p = strchr(host_name, ':')) != NULL && | ||
431 | strchr(++p, ':') == NULL) { /* IPv4:port or host:port */ | ||
432 | virtual_port = atoi(p); | ||
433 | /* cut off the port */ | ||
434 | host_name_length = strlen(host_name) - strlen(p) - 1; | ||
435 | free(host_name); | ||
436 | host_name = strndup(optarg, host_name_length); | ||
437 | if (specify_port == false) | ||
438 | server_port = virtual_port; | ||
439 | } | ||
438 | break; | 440 | break; |
439 | case 'I': /* Server IP-address */ | 441 | case 'I': /* Server IP-address */ |
440 | server_address = strdup (optarg); | 442 | server_address = strdup(optarg); |
441 | break; | 443 | break; |
442 | case 'u': /* URL path */ | 444 | case 'u': /* URL path */ |
443 | server_url = strdup (optarg); | 445 | server_url = strdup(optarg); |
444 | server_url_length = strlen (server_url); | 446 | server_url_length = strlen(server_url); |
445 | break; | 447 | break; |
446 | case 'p': /* Server port */ | 448 | case 'p': /* Server port */ |
447 | if (!is_intnonneg (optarg)) | 449 | if (!is_intnonneg(optarg)) |
448 | usage2 (_("Invalid port number"), optarg); | 450 | usage2(_("Invalid port number"), optarg); |
449 | else { | 451 | else { |
450 | server_port = atoi (optarg); | 452 | server_port = atoi(optarg); |
451 | specify_port = true; | 453 | specify_port = true; |
452 | } | 454 | } |
453 | break; | 455 | break; |
454 | case 'a': /* authorization info */ | 456 | case 'a': /* authorization info */ |
455 | strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1); | 457 | strncpy(user_auth, optarg, MAX_INPUT_BUFFER - 1); |
456 | user_auth[MAX_INPUT_BUFFER - 1] = 0; | 458 | user_auth[MAX_INPUT_BUFFER - 1] = 0; |
457 | break; | 459 | break; |
458 | case 'b': /* proxy-authorization info */ | 460 | case 'b': /* proxy-authorization info */ |
459 | strncpy (proxy_auth, optarg, MAX_INPUT_BUFFER - 1); | 461 | strncpy(proxy_auth, optarg, MAX_INPUT_BUFFER - 1); |
460 | proxy_auth[MAX_INPUT_BUFFER - 1] = 0; | 462 | proxy_auth[MAX_INPUT_BUFFER - 1] = 0; |
461 | break; | 463 | break; |
462 | case 'P': /* HTTP POST data in URL encoded format; ignored if settings already */ | 464 | case 'P': /* HTTP POST data in URL encoded format; ignored if settings |
463 | if (! http_post_data) | 465 | already */ |
464 | http_post_data = strdup (optarg); | 466 | if (!http_post_data) |
465 | if (! http_method) | 467 | http_post_data = strdup(optarg); |
468 | if (!http_method) | ||
466 | http_method = strdup("POST"); | 469 | http_method = strdup("POST"); |
467 | break; | 470 | break; |
468 | case 'j': /* Set HTTP method */ | 471 | case 'j': /* Set HTTP method */ |
469 | if (http_method) | 472 | if (http_method) |
470 | free(http_method); | 473 | free(http_method); |
471 | http_method = strdup (optarg); | 474 | http_method = strdup(optarg); |
472 | char *tmp; | 475 | char *tmp; |
473 | if ((tmp = strstr(http_method, ":")) > 0) { | 476 | if ((tmp = strstr(http_method, ":")) > 0) { |
474 | tmp[0] = '\0'; | 477 | tmp[0] = '\0'; |
@@ -477,20 +480,20 @@ bool process_arguments (int argc, char **argv) | |||
477 | } | 480 | } |
478 | break; | 481 | break; |
479 | case 'd': /* string or substring */ | 482 | case 'd': /* string or substring */ |
480 | strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); | 483 | strncpy(header_expect, optarg, MAX_INPUT_BUFFER - 1); |
481 | header_expect[MAX_INPUT_BUFFER - 1] = 0; | 484 | header_expect[MAX_INPUT_BUFFER - 1] = 0; |
482 | break; | 485 | break; |
483 | case 's': /* string or substring */ | 486 | case 's': /* string or substring */ |
484 | strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); | 487 | strncpy(string_expect, optarg, MAX_INPUT_BUFFER - 1); |
485 | string_expect[MAX_INPUT_BUFFER - 1] = 0; | 488 | string_expect[MAX_INPUT_BUFFER - 1] = 0; |
486 | break; | 489 | break; |
487 | case 'e': /* string or substring */ | 490 | case 'e': /* string or substring */ |
488 | strncpy (server_expect, optarg, MAX_INPUT_BUFFER - 1); | 491 | strncpy(server_expect, optarg, MAX_INPUT_BUFFER - 1); |
489 | server_expect[MAX_INPUT_BUFFER - 1] = 0; | 492 | server_expect[MAX_INPUT_BUFFER - 1] = 0; |
490 | server_expect_yn = 1; | 493 | server_expect_yn = 1; |
491 | break; | 494 | break; |
492 | case 'T': /* Content-type */ | 495 | case 'T': /* Content-type */ |
493 | xasprintf (&http_content_type, "%s", optarg); | 496 | xasprintf(&http_content_type, "%s", optarg); |
494 | break; | 497 | break; |
495 | case 'l': /* linespan */ | 498 | case 'l': /* linespan */ |
496 | cflags &= ~REG_NEWLINE; | 499 | cflags &= ~REG_NEWLINE; |
@@ -498,12 +501,12 @@ bool process_arguments (int argc, char **argv) | |||
498 | case 'R': /* regex */ | 501 | case 'R': /* regex */ |
499 | cflags |= REG_ICASE; | 502 | cflags |= REG_ICASE; |
500 | case 'r': /* regex */ | 503 | case 'r': /* regex */ |
501 | strncpy (regexp, optarg, MAX_RE_SIZE - 1); | 504 | strncpy(regexp, optarg, MAX_RE_SIZE - 1); |
502 | regexp[MAX_RE_SIZE - 1] = 0; | 505 | regexp[MAX_RE_SIZE - 1] = 0; |
503 | errcode = regcomp (&preg, regexp, cflags); | 506 | errcode = regcomp(&preg, regexp, cflags); |
504 | if (errcode != 0) { | 507 | if (errcode != 0) { |
505 | (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); | 508 | (void)regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER); |
506 | printf (_("Could Not Compile Regular Expression: %s"), errbuf); | 509 | printf(_("Could Not Compile Regular Expression: %s"), errbuf); |
507 | return false; | 510 | return false; |
508 | } | 511 | } |
509 | break; | 512 | break; |
@@ -517,55 +520,53 @@ bool process_arguments (int argc, char **argv) | |||
517 | #ifdef USE_IPV6 | 520 | #ifdef USE_IPV6 |
518 | address_family = AF_INET6; | 521 | address_family = AF_INET6; |
519 | #else | 522 | #else |
520 | usage4 (_("IPv6 support not available")); | 523 | usage4(_("IPv6 support not available")); |
521 | #endif | 524 | #endif |
522 | break; | 525 | break; |
523 | case 'v': /* verbose */ | 526 | case 'v': /* verbose */ |
524 | verbose = true; | 527 | verbose = true; |
525 | break; | 528 | break; |
526 | case 'm': /* min_page_length */ | 529 | case 'm': /* min_page_length */ |
527 | { | 530 | { |
528 | char *tmp; | 531 | char *tmp; |
529 | if (strchr(optarg, ':') != (char *)NULL) { | 532 | if (strchr(optarg, ':') != (char *)NULL) { |
530 | /* range, so get two values, min:max */ | 533 | /* range, so get two values, min:max */ |
531 | tmp = strtok(optarg, ":"); | 534 | tmp = strtok(optarg, ":"); |
532 | if (tmp == NULL) { | 535 | if (tmp == NULL) { |
533 | printf("Bad format: try \"-m min:max\"\n"); | 536 | printf("Bad format: try \"-m min:max\"\n"); |
534 | exit (STATE_WARNING); | 537 | exit(STATE_WARNING); |
535 | } else | 538 | } else |
536 | min_page_len = atoi(tmp); | 539 | min_page_len = atoi(tmp); |
537 | 540 | ||
538 | tmp = strtok(NULL, ":"); | 541 | tmp = strtok(NULL, ":"); |
539 | if (tmp == NULL) { | 542 | if (tmp == NULL) { |
540 | printf("Bad format: try \"-m min:max\"\n"); | 543 | printf("Bad format: try \"-m min:max\"\n"); |
541 | exit (STATE_WARNING); | 544 | exit(STATE_WARNING); |
542 | } else | 545 | } else |
543 | max_page_len = atoi(tmp); | 546 | max_page_len = atoi(tmp); |
544 | } else | 547 | } else |
545 | min_page_len = atoi (optarg); | 548 | min_page_len = atoi(optarg); |
546 | break; | 549 | break; |
547 | } | 550 | } |
548 | case 'N': /* no-body */ | 551 | case 'N': /* no-body */ |
549 | no_body = true; | 552 | no_body = true; |
550 | break; | 553 | break; |
551 | case 'M': /* max-age */ | 554 | case 'M': /* max-age */ |
552 | { | 555 | { |
553 | int L = strlen(optarg); | 556 | int L = strlen(optarg); |
554 | if (L && optarg[L-1] == 'm') | 557 | if (L && optarg[L - 1] == 'm') |
555 | maximum_age = atoi (optarg) * 60; | 558 | maximum_age = atoi(optarg) * 60; |
556 | else if (L && optarg[L-1] == 'h') | 559 | else if (L && optarg[L - 1] == 'h') |
557 | maximum_age = atoi (optarg) * 60 * 60; | 560 | maximum_age = atoi(optarg) * 60 * 60; |
558 | else if (L && optarg[L-1] == 'd') | 561 | else if (L && optarg[L - 1] == 'd') |
559 | maximum_age = atoi (optarg) * 60 * 60 * 24; | 562 | maximum_age = atoi(optarg) * 60 * 60 * 24; |
560 | else if (L && (optarg[L-1] == 's' || | 563 | else if (L && (optarg[L - 1] == 's' || isdigit(optarg[L - 1]))) |
561 | isdigit (optarg[L-1]))) | 564 | maximum_age = atoi(optarg); |
562 | maximum_age = atoi (optarg); | 565 | else { |
563 | else { | 566 | fprintf(stderr, "unparsable max-age: %s\n", optarg); |
564 | fprintf (stderr, "unparsable max-age: %s\n", optarg); | 567 | exit(STATE_WARNING); |
565 | exit (STATE_WARNING); | 568 | } |
566 | } | 569 | } break; |
567 | } | ||
568 | break; | ||
569 | case 'E': /* show extended perfdata */ | 570 | case 'E': /* show extended perfdata */ |
570 | show_extended_perfdata = true; | 571 | show_extended_perfdata = true; |
571 | break; | 572 | break; |
@@ -578,31 +579,32 @@ bool process_arguments (int argc, char **argv) | |||
578 | c = optind; | 579 | c = optind; |
579 | 580 | ||
580 | if (server_address == NULL && c < argc) | 581 | if (server_address == NULL && c < argc) |
581 | server_address = strdup (argv[c++]); | 582 | server_address = strdup(argv[c++]); |
582 | 583 | ||
583 | if (host_name == NULL && c < argc) | 584 | if (host_name == NULL && c < argc) |
584 | host_name = strdup (argv[c++]); | 585 | host_name = strdup(argv[c++]); |
585 | 586 | ||
586 | if (server_address == NULL) { | 587 | if (server_address == NULL) { |
587 | if (host_name == NULL) | 588 | if (host_name == NULL) |
588 | usage4 (_("You must specify a server address or host name")); | 589 | usage4(_("You must specify a server address or host name")); |
589 | else | 590 | else |
590 | server_address = strdup (host_name); | 591 | server_address = strdup(host_name); |
591 | } | 592 | } |
592 | 593 | ||
593 | set_thresholds(&thlds, warning_thresholds, critical_thresholds); | 594 | set_thresholds(&thlds, warning_thresholds, critical_thresholds); |
594 | 595 | ||
595 | if (critical_thresholds && thlds->critical->end>(double)socket_timeout) | 596 | if (critical_thresholds && thlds->critical->end > (double)socket_timeout) |
596 | socket_timeout = (int)thlds->critical->end + 1; | 597 | socket_timeout = (int)thlds->critical->end + 1; |
597 | 598 | ||
598 | if (http_method == NULL) | 599 | if (http_method == NULL) |
599 | http_method = strdup ("GET"); | 600 | http_method = strdup("GET"); |
600 | 601 | ||
601 | if (http_method_proxy == NULL) | 602 | if (http_method_proxy == NULL) |
602 | http_method_proxy = strdup ("GET"); | 603 | http_method_proxy = strdup("GET"); |
603 | 604 | ||
604 | if (client_cert && !client_privkey) | 605 | if (client_cert && !client_privkey) |
605 | usage4 (_("If you use a client certificate you must also specify a private key file")); | 606 | usage4(_("If you use a client certificate you must also specify a private " |
607 | "key file")); | ||
606 | 608 | ||
607 | if (virtual_port == 0) | 609 | if (virtual_port == 0) |
608 | virtual_port = server_port; | 610 | virtual_port = server_port; |
@@ -610,89 +612,68 @@ bool process_arguments (int argc, char **argv) | |||
610 | return true; | 612 | return true; |
611 | } | 613 | } |
612 | 614 | ||
613 | |||
614 | |||
615 | /* Returns 1 if we're done processing the document body; 0 to keep going */ | 615 | /* Returns 1 if we're done processing the document body; 0 to keep going */ |
616 | static int | 616 | static int document_headers_done(char *full_page) { |
617 | document_headers_done (char *full_page) | ||
618 | { | ||
619 | const char *body; | 617 | const char *body; |
620 | 618 | ||
621 | for (body = full_page; *body; body++) { | 619 | for (body = full_page; *body; body++) { |
622 | if (!strncmp (body, "\n\n", 2) || !strncmp (body, "\n\r\n", 3)) | 620 | if (!strncmp(body, "\n\n", 2) || !strncmp(body, "\n\r\n", 3)) |
623 | break; | 621 | break; |
624 | } | 622 | } |
625 | 623 | ||
626 | if (!*body) | 624 | if (!*body) |
627 | return 0; /* haven't read end of headers yet */ | 625 | return 0; /* haven't read end of headers yet */ |
628 | 626 | ||
629 | full_page[body - full_page] = 0; | 627 | full_page[body - full_page] = 0; |
630 | return 1; | 628 | return 1; |
631 | } | 629 | } |
632 | 630 | ||
633 | static time_t | 631 | static time_t parse_time_string(const char *string) { |
634 | parse_time_string (const char *string) | ||
635 | { | ||
636 | struct tm tm; | 632 | struct tm tm; |
637 | time_t t; | 633 | time_t t; |
638 | memset (&tm, 0, sizeof(tm)); | 634 | memset(&tm, 0, sizeof(tm)); |
639 | 635 | ||
640 | /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */ | 636 | /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */ |
641 | 637 | ||
642 | if (isupper (string[0]) && /* Tue */ | 638 | if (isupper(string[0]) && /* Tue */ |
643 | islower (string[1]) && | 639 | islower(string[1]) && islower(string[2]) && ',' == string[3] && |
644 | islower (string[2]) && | 640 | ' ' == string[4] && (isdigit(string[5]) || string[5] == ' ') && /* 25 */ |
645 | ',' == string[3] && | 641 | isdigit(string[6]) && ' ' == string[7] && isupper(string[8]) && /* Dec */ |
646 | ' ' == string[4] && | 642 | islower(string[9]) && islower(string[10]) && ' ' == string[11] && |
647 | (isdigit(string[5]) || string[5] == ' ') && /* 25 */ | 643 | isdigit(string[12]) && /* 2001 */ |
648 | isdigit (string[6]) && | 644 | isdigit(string[13]) && isdigit(string[14]) && isdigit(string[15]) && |
649 | ' ' == string[7] && | 645 | ' ' == string[16] && isdigit(string[17]) && /* 02: */ |
650 | isupper (string[8]) && /* Dec */ | 646 | isdigit(string[18]) && ':' == string[19] && |
651 | islower (string[9]) && | 647 | isdigit(string[20]) && /* 59: */ |
652 | islower (string[10]) && | 648 | isdigit(string[21]) && ':' == string[22] && |
653 | ' ' == string[11] && | 649 | isdigit(string[23]) && /* 03 */ |
654 | isdigit (string[12]) && /* 2001 */ | 650 | isdigit(string[24]) && ' ' == string[25] && 'G' == string[26] && /* GMT */ |
655 | isdigit (string[13]) && | 651 | 'M' == string[27] && /* GMT */ |
656 | isdigit (string[14]) && | 652 | 'T' == string[28]) { |
657 | isdigit (string[15]) && | 653 | |
658 | ' ' == string[16] && | 654 | tm.tm_sec = 10 * (string[23] - '0') + (string[24] - '0'); |
659 | isdigit (string[17]) && /* 02: */ | 655 | tm.tm_min = 10 * (string[20] - '0') + (string[21] - '0'); |
660 | isdigit (string[18]) && | 656 | tm.tm_hour = 10 * (string[17] - '0') + (string[18] - '0'); |
661 | ':' == string[19] && | 657 | tm.tm_mday = |
662 | isdigit (string[20]) && /* 59: */ | 658 | 10 * (string[5] == ' ' ? 0 : string[5] - '0') + (string[6] - '0'); |
663 | isdigit (string[21]) && | 659 | tm.tm_mon = (!strncmp(string + 8, "Jan", 3) ? 0 |
664 | ':' == string[22] && | 660 | : !strncmp(string + 8, "Feb", 3) ? 1 |
665 | isdigit (string[23]) && /* 03 */ | 661 | : !strncmp(string + 8, "Mar", 3) ? 2 |
666 | isdigit (string[24]) && | 662 | : !strncmp(string + 8, "Apr", 3) ? 3 |
667 | ' ' == string[25] && | 663 | : !strncmp(string + 8, "May", 3) ? 4 |
668 | 'G' == string[26] && /* GMT */ | 664 | : !strncmp(string + 8, "Jun", 3) ? 5 |
669 | 'M' == string[27] && /* GMT */ | 665 | : !strncmp(string + 8, "Jul", 3) ? 6 |
670 | 'T' == string[28]) { | 666 | : !strncmp(string + 8, "Aug", 3) ? 7 |
671 | 667 | : !strncmp(string + 8, "Sep", 3) ? 8 | |
672 | tm.tm_sec = 10 * (string[23]-'0') + (string[24]-'0'); | 668 | : !strncmp(string + 8, "Oct", 3) ? 9 |
673 | tm.tm_min = 10 * (string[20]-'0') + (string[21]-'0'); | 669 | : !strncmp(string + 8, "Nov", 3) ? 10 |
674 | tm.tm_hour = 10 * (string[17]-'0') + (string[18]-'0'); | 670 | : !strncmp(string + 8, "Dec", 3) ? 11 |
675 | tm.tm_mday = 10 * (string[5] == ' ' ? 0 : string[5]-'0') + (string[6]-'0'); | 671 | : -1); |
676 | tm.tm_mon = (!strncmp (string+8, "Jan", 3) ? 0 : | 672 | tm.tm_year = ((1000 * (string[12] - '0') + 100 * (string[13] - '0') + |
677 | !strncmp (string+8, "Feb", 3) ? 1 : | 673 | 10 * (string[14] - '0') + (string[15] - '0')) - |
678 | !strncmp (string+8, "Mar", 3) ? 2 : | 674 | 1900); |
679 | !strncmp (string+8, "Apr", 3) ? 3 : | 675 | |
680 | !strncmp (string+8, "May", 3) ? 4 : | 676 | tm.tm_isdst = 0; /* GMT is never in DST, right? */ |
681 | !strncmp (string+8, "Jun", 3) ? 5 : | ||
682 | !strncmp (string+8, "Jul", 3) ? 6 : | ||
683 | !strncmp (string+8, "Aug", 3) ? 7 : | ||
684 | !strncmp (string+8, "Sep", 3) ? 8 : | ||
685 | !strncmp (string+8, "Oct", 3) ? 9 : | ||
686 | !strncmp (string+8, "Nov", 3) ? 10 : | ||
687 | !strncmp (string+8, "Dec", 3) ? 11 : | ||
688 | -1); | ||
689 | tm.tm_year = ((1000 * (string[12]-'0') + | ||
690 | 100 * (string[13]-'0') + | ||
691 | 10 * (string[14]-'0') + | ||
692 | (string[15]-'0')) | ||
693 | - 1900); | ||
694 | |||
695 | tm.tm_isdst = 0; /* GMT is never in DST, right? */ | ||
696 | 677 | ||
697 | if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31) | 678 | if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31) |
698 | return 0; | 679 | return 0; |
@@ -704,14 +685,15 @@ parse_time_string (const char *string) | |||
704 | so it doesn't matter what time zone we parse them in. | 685 | so it doesn't matter what time zone we parse them in. |
705 | */ | 686 | */ |
706 | 687 | ||
707 | t = mktime (&tm); | 688 | t = mktime(&tm); |
708 | if (t == (time_t) -1) t = 0; | 689 | if (t == (time_t)-1) |
690 | t = 0; | ||
709 | 691 | ||
710 | if (verbose) { | 692 | if (verbose) { |
711 | const char *s = string; | 693 | const char *s = string; |
712 | while (*s && *s != '\r' && *s != '\n') | 694 | while (*s && *s != '\r' && *s != '\n') |
713 | fputc (*s++, stdout); | 695 | fputc(*s++, stdout); |
714 | printf (" ==> %lu\n", (unsigned long) t); | 696 | printf(" ==> %lu\n", (unsigned long)t); |
715 | } | 697 | } |
716 | 698 | ||
717 | return t; | 699 | return t; |
@@ -722,28 +704,24 @@ parse_time_string (const char *string) | |||
722 | } | 704 | } |
723 | 705 | ||
724 | /* Checks if the server 'reply' is one of the expected 'statuscodes' */ | 706 | /* Checks if the server 'reply' is one of the expected 'statuscodes' */ |
725 | static int | 707 | static int expected_statuscode(const char *reply, const char *statuscodes) { |
726 | expected_statuscode (const char *reply, const char *statuscodes) | ||
727 | { | ||
728 | char *expected, *code; | 708 | char *expected, *code; |
729 | int result = 0; | 709 | int result = 0; |
730 | 710 | ||
731 | if ((expected = strdup (statuscodes)) == NULL) | 711 | if ((expected = strdup(statuscodes)) == NULL) |
732 | die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); | 712 | die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); |
733 | 713 | ||
734 | for (code = strtok (expected, ","); code != NULL; code = strtok (NULL, ",")) | 714 | for (code = strtok(expected, ","); code != NULL; code = strtok(NULL, ",")) |
735 | if (strstr (reply, code) != NULL) { | 715 | if (strstr(reply, code) != NULL) { |
736 | result = 1; | 716 | result = 1; |
737 | break; | 717 | break; |
738 | } | 718 | } |
739 | 719 | ||
740 | free (expected); | 720 | free(expected); |
741 | return result; | 721 | return result; |
742 | } | 722 | } |
743 | 723 | ||
744 | static int | 724 | static int check_document_dates(const char *headers, char **msg) { |
745 | check_document_dates (const char *headers, char **msg) | ||
746 | { | ||
747 | const char *s; | 725 | const char *s; |
748 | char *server_date = 0; | 726 | char *server_date = 0; |
749 | char *document_date = 0; | 727 | char *document_date = 0; |
@@ -771,73 +749,78 @@ check_document_dates (const char *headers, char **msg) | |||
771 | s++; | 749 | s++; |
772 | 750 | ||
773 | /* Process this header. */ | 751 | /* Process this header. */ |
774 | if (value && value > field+2) { | 752 | if (value && value > field + 2) { |
775 | char *ff = (char *) malloc (value-field); | 753 | char *ff = (char *)malloc(value - field); |
776 | char *ss = ff; | 754 | char *ss = ff; |
777 | while (field < value-1) | 755 | while (field < value - 1) |
778 | *ss++ = tolower(*field++); | 756 | *ss++ = tolower(*field++); |
779 | *ss++ = 0; | 757 | *ss++ = 0; |
780 | 758 | ||
781 | if (!strcmp (ff, "date") || !strcmp (ff, "last-modified")) { | 759 | if (!strcmp(ff, "date") || !strcmp(ff, "last-modified")) { |
782 | const char *e; | 760 | const char *e; |
783 | while (*value && isspace (*value)) | 761 | while (*value && isspace(*value)) |
784 | value++; | 762 | value++; |
785 | for (e = value; *e && *e != '\r' && *e != '\n'; e++) | 763 | for (e = value; *e && *e != '\r' && *e != '\n'; e++) |
786 | ; | 764 | ; |
787 | ss = (char *) malloc (e - value + 1); | 765 | ss = (char *)malloc(e - value + 1); |
788 | strncpy (ss, value, e - value); | 766 | strncpy(ss, value, e - value); |
789 | ss[e - value] = 0; | 767 | ss[e - value] = 0; |
790 | if (!strcmp (ff, "date")) { | 768 | if (!strcmp(ff, "date")) { |
791 | if (server_date) free (server_date); | 769 | if (server_date) |
770 | free(server_date); | ||
792 | server_date = ss; | 771 | server_date = ss; |
793 | } else { | 772 | } else { |
794 | if (document_date) free (document_date); | 773 | if (document_date) |
774 | free(document_date); | ||
795 | document_date = ss; | 775 | document_date = ss; |
796 | } | 776 | } |
797 | } | 777 | } |
798 | free (ff); | 778 | free(ff); |
799 | } | 779 | } |
800 | } | 780 | } |
801 | 781 | ||
802 | /* Done parsing the body. Now check the dates we (hopefully) parsed. */ | 782 | /* Done parsing the body. Now check the dates we (hopefully) parsed. */ |
803 | if (!server_date || !*server_date) { | 783 | if (!server_date || !*server_date) { |
804 | xasprintf (msg, _("%sServer date unknown, "), *msg); | 784 | xasprintf(msg, _("%sServer date unknown, "), *msg); |
805 | date_result = max_state_alt(STATE_UNKNOWN, date_result); | 785 | date_result = max_state_alt(STATE_UNKNOWN, date_result); |
806 | } else if (!document_date || !*document_date) { | 786 | } else if (!document_date || !*document_date) { |
807 | xasprintf (msg, _("%sDocument modification date unknown, "), *msg); | 787 | xasprintf(msg, _("%sDocument modification date unknown, "), *msg); |
808 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 788 | date_result = max_state_alt(STATE_CRITICAL, date_result); |
809 | } else { | 789 | } else { |
810 | time_t srv_data = parse_time_string (server_date); | 790 | time_t srv_data = parse_time_string(server_date); |
811 | time_t doc_data = parse_time_string (document_date); | 791 | time_t doc_data = parse_time_string(document_date); |
812 | 792 | ||
813 | if (srv_data <= 0) { | 793 | if (srv_data <= 0) { |
814 | xasprintf (msg, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); | 794 | xasprintf(msg, _("%sServer date \"%100s\" unparsable, "), *msg, |
795 | server_date); | ||
815 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 796 | date_result = max_state_alt(STATE_CRITICAL, date_result); |
816 | } else if (doc_data <= 0) { | 797 | } else if (doc_data <= 0) { |
817 | xasprintf (msg, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); | 798 | xasprintf(msg, _("%sDocument date \"%100s\" unparsable, "), *msg, |
799 | document_date); | ||
818 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 800 | date_result = max_state_alt(STATE_CRITICAL, date_result); |
819 | } else if (doc_data > srv_data + 30) { | 801 | } else if (doc_data > srv_data + 30) { |
820 | xasprintf (msg, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); | 802 | xasprintf(msg, _("%sDocument is %d seconds in the future, "), *msg, |
803 | (int)doc_data - (int)srv_data); | ||
821 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 804 | date_result = max_state_alt(STATE_CRITICAL, date_result); |
822 | } else if (doc_data < srv_data - maximum_age) { | 805 | } else if (doc_data < srv_data - maximum_age) { |
823 | int n = (srv_data - doc_data); | 806 | int n = (srv_data - doc_data); |
824 | if (n > (60 * 60 * 24 * 2)) { | 807 | if (n > (60 * 60 * 24 * 2)) { |
825 | xasprintf (msg, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); | 808 | xasprintf(msg, _("%sLast modified %.1f days ago, "), *msg, |
809 | ((float)n) / (60 * 60 * 24)); | ||
826 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 810 | date_result = max_state_alt(STATE_CRITICAL, date_result); |
827 | } else { | 811 | } else { |
828 | xasprintf (msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); | 812 | xasprintf(msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, |
813 | n / (60 * 60), (n / 60) % 60, n % 60); | ||
829 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 814 | date_result = max_state_alt(STATE_CRITICAL, date_result); |
830 | } | 815 | } |
831 | } | 816 | } |
832 | free (server_date); | 817 | free(server_date); |
833 | free (document_date); | 818 | free(document_date); |
834 | } | 819 | } |
835 | return date_result; | 820 | return date_result; |
836 | } | 821 | } |
837 | 822 | ||
838 | int | 823 | int get_content_length(const char *headers) { |
839 | get_content_length (const char *headers) | ||
840 | { | ||
841 | const char *s; | 824 | const char *s; |
842 | int content_length = 0; | 825 | int content_length = 0; |
843 | 826 | ||
@@ -863,50 +846,46 @@ get_content_length (const char *headers) | |||
863 | s++; | 846 | s++; |
864 | 847 | ||
865 | /* Process this header. */ | 848 | /* Process this header. */ |
866 | if (value && value > field+2) { | 849 | if (value && value > field + 2) { |
867 | char *ff = (char *) malloc (value-field); | 850 | char *ff = (char *)malloc(value - field); |
868 | char *ss = ff; | 851 | char *ss = ff; |
869 | while (field < value-1) | 852 | while (field < value - 1) |
870 | *ss++ = tolower(*field++); | 853 | *ss++ = tolower(*field++); |
871 | *ss++ = 0; | 854 | *ss++ = 0; |
872 | 855 | ||
873 | if (!strcmp (ff, "content-length")) { | 856 | if (!strcmp(ff, "content-length")) { |
874 | const char *e; | 857 | const char *e; |
875 | while (*value && isspace (*value)) | 858 | while (*value && isspace(*value)) |
876 | value++; | 859 | value++; |
877 | for (e = value; *e && *e != '\r' && *e != '\n'; e++) | 860 | for (e = value; *e && *e != '\r' && *e != '\n'; e++) |
878 | ; | 861 | ; |
879 | ss = (char *) malloc (e - value + 1); | 862 | ss = (char *)malloc(e - value + 1); |
880 | strncpy (ss, value, e - value); | 863 | strncpy(ss, value, e - value); |
881 | ss[e - value] = 0; | 864 | ss[e - value] = 0; |
882 | content_length = atoi(ss); | 865 | content_length = atoi(ss); |
883 | free (ss); | 866 | free(ss); |
884 | } | 867 | } |
885 | free (ff); | 868 | free(ff); |
886 | } | 869 | } |
887 | } | 870 | } |
888 | return (content_length); | 871 | return (content_length); |
889 | } | 872 | } |
890 | 873 | ||
891 | char * | 874 | char *prepend_slash(char *path) { |
892 | prepend_slash (char *path) | ||
893 | { | ||
894 | char *newpath; | 875 | char *newpath; |
895 | 876 | ||
896 | if (path[0] == '/') | 877 | if (path[0] == '/') |
897 | return path; | 878 | return path; |
898 | 879 | ||
899 | if ((newpath = malloc (strlen(path) + 2)) == NULL) | 880 | if ((newpath = malloc(strlen(path) + 2)) == NULL) |
900 | die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); | 881 | die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); |
901 | newpath[0] = '/'; | 882 | newpath[0] = '/'; |
902 | strcpy (newpath + 1, path); | 883 | strcpy(newpath + 1, path); |
903 | free (path); | 884 | free(path); |
904 | return newpath; | 885 | return newpath; |
905 | } | 886 | } |
906 | 887 | ||
907 | int | 888 | int check_http(void) { |
908 | check_http (void) | ||
909 | { | ||
910 | char *msg; | 889 | char *msg; |
911 | char *status_line; | 890 | char *status_line; |
912 | char *status_code; | 891 | char *status_code; |
@@ -937,62 +916,73 @@ check_http (void) | |||
937 | char *force_host_header = NULL; | 916 | char *force_host_header = NULL; |
938 | 917 | ||
939 | /* try to connect to the host at the given port number */ | 918 | /* try to connect to the host at the given port number */ |
940 | gettimeofday (&tv_temp, NULL); | 919 | gettimeofday(&tv_temp, NULL); |
941 | if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) | 920 | if (my_tcp_connect(server_address, server_port, &sd) != STATE_OK) |
942 | die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); | 921 | die(STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); |
943 | microsec_connect = deltime (tv_temp); | 922 | microsec_connect = deltime(tv_temp); |
944 | 923 | ||
945 | /* if we are called with the -I option, the -j method is CONNECT and */ | 924 | /* if we are called with the -I option, the -j method is CONNECT and */ |
946 | /* we received -S for SSL, then we tunnel the request through a proxy*/ | 925 | /* we received -S for SSL, then we tunnel the request through a proxy*/ |
947 | /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ | 926 | /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ |
948 | 927 | ||
949 | if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 | 928 | if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && |
950 | && host_name != NULL && use_ssl == true) { | 929 | host_name != NULL && use_ssl == true) { |
951 | 930 | ||
952 | if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); | 931 | if (verbose) |
953 | asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); | 932 | printf("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", |
933 | server_address, server_port, host_name, HTTPS_PORT); | ||
934 | asprintf(&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, | ||
935 | HTTPS_PORT, user_agent); | ||
954 | if (strlen(proxy_auth)) { | 936 | if (strlen(proxy_auth)) { |
955 | base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); | 937 | base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth); |
956 | xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); | 938 | xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); |
957 | } | 939 | } |
958 | /* optionally send any other header tag */ | 940 | /* optionally send any other header tag */ |
959 | if (http_opt_headers_count) { | 941 | if (http_opt_headers_count) { |
960 | for (i = 0; i < http_opt_headers_count ; i++) { | 942 | for (i = 0; i < http_opt_headers_count; i++) { |
961 | if (force_host_header != http_opt_headers[i]) { | 943 | if (force_host_header != http_opt_headers[i]) { |
962 | xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); | 944 | xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]); |
963 | } | 945 | } |
964 | } | 946 | } |
965 | /* This cannot be free'd here because a redirection will then try to access this and segfault */ | 947 | /* This cannot be free'd here because a redirection will then try to |
948 | * access this and segfault */ | ||
966 | /* Covered in a testcase in tests/check_http.t */ | 949 | /* Covered in a testcase in tests/check_http.t */ |
967 | /* free(http_opt_headers); */ | 950 | /* free(http_opt_headers); */ |
968 | } | 951 | } |
969 | asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); | 952 | asprintf(&buf, "%sProxy-Connection: keep-alive\r\n", buf); |
970 | asprintf (&buf, "%sHost: %s\r\n", buf, host_name); | 953 | asprintf(&buf, "%sHost: %s\r\n", buf, host_name); |
971 | /* we finished our request, send empty line with CRLF */ | 954 | /* we finished our request, send empty line with CRLF */ |
972 | asprintf (&buf, "%s%s", buf, CRLF); | 955 | asprintf(&buf, "%s%s", buf, CRLF); |
973 | if (verbose) printf ("%s\n", buf); | 956 | if (verbose) |
974 | send(sd, buf, strlen (buf), 0); | 957 | printf("%s\n", buf); |
975 | buf[0]='\0'; | 958 | send(sd, buf, strlen(buf), 0); |
976 | 959 | buf[0] = '\0'; | |
977 | if (verbose) printf ("Receive response from proxy\n"); | 960 | |
978 | read (sd, buffer, MAX_INPUT_BUFFER-1); | 961 | if (verbose) |
979 | if (verbose) printf ("%s", buffer); | 962 | printf("Receive response from proxy\n"); |
963 | read(sd, buffer, MAX_INPUT_BUFFER - 1); | ||
964 | if (verbose) | ||
965 | printf("%s", buffer); | ||
980 | /* Here we should check if we got HTTP/1.1 200 Connection established */ | 966 | /* Here we should check if we got HTTP/1.1 200 Connection established */ |
981 | } | 967 | } |
982 | #ifdef HAVE_SSL | 968 | #ifdef HAVE_SSL |
983 | elapsed_time_connect = (double)microsec_connect / 1.0e6; | 969 | elapsed_time_connect = (double)microsec_connect / 1.0e6; |
984 | if (use_ssl == true) { | 970 | if (use_ssl == true) { |
985 | gettimeofday (&tv_temp, NULL); | 971 | gettimeofday(&tv_temp, NULL); |
986 | result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); | 972 | result = np_net_ssl_init_with_hostname_version_and_cert( |
987 | if (verbose) printf ("SSL initialized\n"); | 973 | sd, (use_sni ? host_name : NULL), ssl_version, client_cert, |
974 | client_privkey); | ||
975 | if (verbose) | ||
976 | printf("SSL initialized\n"); | ||
988 | if (result != STATE_OK) | 977 | if (result != STATE_OK) |
989 | die (STATE_CRITICAL, NULL); | 978 | die(STATE_CRITICAL, NULL); |
990 | microsec_ssl = deltime (tv_temp); | 979 | microsec_ssl = deltime(tv_temp); |
991 | elapsed_time_ssl = (double)microsec_ssl / 1.0e6; | 980 | elapsed_time_ssl = (double)microsec_ssl / 1.0e6; |
992 | if (check_cert == true) { | 981 | if (check_cert == true) { |
993 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); | 982 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); |
994 | if (continue_after_check_cert == false) { | 983 | if (continue_after_check_cert == false) { |
995 | if (sd) close(sd); | 984 | if (sd) |
985 | close(sd); | ||
996 | np_net_ssl_cleanup(); | 986 | np_net_ssl_cleanup(); |
997 | return result; | 987 | return result; |
998 | } | 988 | } |
@@ -1000,18 +990,20 @@ check_http (void) | |||
1000 | } | 990 | } |
1001 | #endif /* HAVE_SSL */ | 991 | #endif /* HAVE_SSL */ |
1002 | 992 | ||
1003 | if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 | 993 | if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && |
1004 | && host_name != NULL && use_ssl == true) | 994 | host_name != NULL && use_ssl == true) |
1005 | asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | 995 | asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, |
996 | host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | ||
1006 | else | 997 | else |
1007 | asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | 998 | asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, |
999 | host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | ||
1008 | 1000 | ||
1009 | /* tell HTTP/1.1 servers not to keep the connection alive */ | 1001 | /* tell HTTP/1.1 servers not to keep the connection alive */ |
1010 | xasprintf (&buf, "%sConnection: close\r\n", buf); | 1002 | xasprintf(&buf, "%sConnection: close\r\n", buf); |
1011 | 1003 | ||
1012 | /* check if Host header is explicitly set in options */ | 1004 | /* check if Host header is explicitly set in options */ |
1013 | if (http_opt_headers_count) { | 1005 | if (http_opt_headers_count) { |
1014 | for (i = 0; i < http_opt_headers_count ; i++) { | 1006 | for (i = 0; i < http_opt_headers_count; i++) { |
1015 | if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { | 1007 | if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { |
1016 | force_host_header = http_opt_headers[i]; | 1008 | force_host_header = http_opt_headers[i]; |
1017 | } | 1009 | } |
@@ -1021,9 +1013,8 @@ check_http (void) | |||
1021 | /* optionally send the host header info */ | 1013 | /* optionally send the host header info */ |
1022 | if (host_name) { | 1014 | if (host_name) { |
1023 | if (force_host_header) { | 1015 | if (force_host_header) { |
1024 | xasprintf (&buf, "%s%s\r\n", buf, force_host_header); | 1016 | xasprintf(&buf, "%s%s\r\n", buf, force_host_header); |
1025 | } | 1017 | } else { |
1026 | else { | ||
1027 | /* | 1018 | /* |
1028 | * Specify the port only if we're using a non-default port (see RFC 2616, | 1019 | * Specify the port only if we're using a non-default port (see RFC 2616, |
1029 | * 14.23). Some server applications/configurations cause trouble if the | 1020 | * 14.23). Some server applications/configurations cause trouble if the |
@@ -1031,65 +1022,69 @@ check_http (void) | |||
1031 | */ | 1022 | */ |
1032 | if ((use_ssl == false && virtual_port == HTTP_PORT) || | 1023 | if ((use_ssl == false && virtual_port == HTTP_PORT) || |
1033 | (use_ssl == true && virtual_port == HTTPS_PORT) || | 1024 | (use_ssl == true && virtual_port == HTTPS_PORT) || |
1034 | (server_address != NULL && strcmp(http_method, "CONNECT") == 0 | 1025 | (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && |
1035 | && host_name != NULL && use_ssl == true)) | 1026 | host_name != NULL && use_ssl == true)) |
1036 | xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); | 1027 | xasprintf(&buf, "%sHost: %s\r\n", buf, host_name); |
1037 | else | 1028 | else |
1038 | xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); | 1029 | xasprintf(&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); |
1039 | } | 1030 | } |
1040 | } | 1031 | } |
1041 | 1032 | ||
1042 | /* optionally send any other header tag */ | 1033 | /* optionally send any other header tag */ |
1043 | if (http_opt_headers_count) { | 1034 | if (http_opt_headers_count) { |
1044 | for (i = 0; i < http_opt_headers_count ; i++) { | 1035 | for (i = 0; i < http_opt_headers_count; i++) { |
1045 | if (force_host_header != http_opt_headers[i]) { | 1036 | if (force_host_header != http_opt_headers[i]) { |
1046 | xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); | 1037 | xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]); |
1047 | } | 1038 | } |
1048 | } | 1039 | } |
1049 | /* This cannot be free'd here because a redirection will then try to access this and segfault */ | 1040 | /* This cannot be free'd here because a redirection will then try to access |
1041 | * this and segfault */ | ||
1050 | /* Covered in a testcase in tests/check_http.t */ | 1042 | /* Covered in a testcase in tests/check_http.t */ |
1051 | /* free(http_opt_headers); */ | 1043 | /* free(http_opt_headers); */ |
1052 | } | 1044 | } |
1053 | 1045 | ||
1054 | /* optionally send the authentication info */ | 1046 | /* optionally send the authentication info */ |
1055 | if (strlen(user_auth)) { | 1047 | if (strlen(user_auth)) { |
1056 | base64_encode_alloc (user_auth, strlen (user_auth), &auth); | 1048 | base64_encode_alloc(user_auth, strlen(user_auth), &auth); |
1057 | xasprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth); | 1049 | xasprintf(&buf, "%sAuthorization: Basic %s\r\n", buf, auth); |
1058 | } | 1050 | } |
1059 | 1051 | ||
1060 | /* optionally send the proxy authentication info */ | 1052 | /* optionally send the proxy authentication info */ |
1061 | if (strlen(proxy_auth)) { | 1053 | if (strlen(proxy_auth)) { |
1062 | base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); | 1054 | base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth); |
1063 | xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); | 1055 | xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); |
1064 | } | 1056 | } |
1065 | 1057 | ||
1066 | /* either send http POST data (any data, not only POST)*/ | 1058 | /* either send http POST data (any data, not only POST)*/ |
1067 | if (http_post_data) { | 1059 | if (http_post_data) { |
1068 | if (http_content_type) { | 1060 | if (http_content_type) { |
1069 | xasprintf (&buf, "%sContent-Type: %s\r\n", buf, http_content_type); | 1061 | xasprintf(&buf, "%sContent-Type: %s\r\n", buf, http_content_type); |
1070 | } else { | 1062 | } else { |
1071 | xasprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf); | 1063 | xasprintf(&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", |
1064 | buf); | ||
1072 | } | 1065 | } |
1073 | 1066 | ||
1074 | xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data)); | 1067 | xasprintf(&buf, "%sContent-Length: %i\r\n\r\n", buf, |
1075 | xasprintf (&buf, "%s%s", buf, http_post_data); | 1068 | (int)strlen(http_post_data)); |
1069 | xasprintf(&buf, "%s%s", buf, http_post_data); | ||
1076 | } else { | 1070 | } else { |
1077 | /* or just a newline so the server knows we're done with the request */ | 1071 | /* or just a newline so the server knows we're done with the request */ |
1078 | xasprintf (&buf, "%s%s", buf, CRLF); | 1072 | xasprintf(&buf, "%s%s", buf, CRLF); |
1079 | } | 1073 | } |
1080 | 1074 | ||
1081 | if (verbose) printf ("%s\n", buf); | 1075 | if (verbose) |
1082 | gettimeofday (&tv_temp, NULL); | 1076 | printf("%s\n", buf); |
1083 | my_send (buf, strlen (buf)); | 1077 | gettimeofday(&tv_temp, NULL); |
1084 | microsec_headers = deltime (tv_temp); | 1078 | my_send(buf, strlen(buf)); |
1079 | microsec_headers = deltime(tv_temp); | ||
1085 | elapsed_time_headers = (double)microsec_headers / 1.0e6; | 1080 | elapsed_time_headers = (double)microsec_headers / 1.0e6; |
1086 | 1081 | ||
1087 | /* fetch the page */ | 1082 | /* fetch the page */ |
1088 | full_page = strdup(""); | 1083 | full_page = strdup(""); |
1089 | gettimeofday (&tv_temp, NULL); | 1084 | gettimeofday(&tv_temp, NULL); |
1090 | while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) { | 1085 | while ((i = my_recv(buffer, MAX_INPUT_BUFFER - 1)) > 0) { |
1091 | if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) { | 1086 | if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) { |
1092 | microsec_firstbyte = deltime (tv_temp); | 1087 | microsec_firstbyte = deltime(tv_temp); |
1093 | elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; | 1088 | elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; |
1094 | } | 1089 | } |
1095 | while (pos = memchr(buffer, '\0', i)) { | 1090 | while (pos = memchr(buffer, '\0', i)) { |
@@ -1107,12 +1102,12 @@ check_http (void) | |||
1107 | 1102 | ||
1108 | pagesize += i; | 1103 | pagesize += i; |
1109 | 1104 | ||
1110 | if (no_body && document_headers_done (full_page)) { | 1105 | if (no_body && document_headers_done(full_page)) { |
1111 | i = 0; | 1106 | i = 0; |
1112 | break; | 1107 | break; |
1113 | } | 1108 | } |
1114 | } | 1109 | } |
1115 | microsec_transfer = deltime (tv_temp); | 1110 | microsec_transfer = deltime(tv_temp); |
1116 | elapsed_time_transfer = (double)microsec_transfer / 1.0e6; | 1111 | elapsed_time_transfer = (double)microsec_transfer / 1.0e6; |
1117 | 1112 | ||
1118 | if (i < 0 && errno != ECONNRESET) { | 1113 | if (i < 0 && errno != ECONNRESET) { |
@@ -1129,176 +1124,187 @@ check_http (void) | |||
1129 | else { | 1124 | else { |
1130 | */ | 1125 | */ |
1131 | #endif | 1126 | #endif |
1132 | die (STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n")); | 1127 | die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n")); |
1133 | #ifdef HAVE_SSL | 1128 | #ifdef HAVE_SSL |
1134 | /* XXX | 1129 | /* XXX |
1135 | } | 1130 | } |
1136 | */ | 1131 | */ |
1137 | #endif | 1132 | #endif |
1138 | } | 1133 | } |
1139 | 1134 | ||
1140 | /* return a CRITICAL status if we couldn't read any data */ | 1135 | /* return a CRITICAL status if we couldn't read any data */ |
1141 | if (pagesize == (size_t) 0) | 1136 | if (pagesize == (size_t)0) |
1142 | die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); | 1137 | die(STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); |
1143 | 1138 | ||
1144 | /* close the connection */ | 1139 | /* close the connection */ |
1145 | if (sd) close(sd); | 1140 | if (sd) |
1141 | close(sd); | ||
1146 | #ifdef HAVE_SSL | 1142 | #ifdef HAVE_SSL |
1147 | np_net_ssl_cleanup(); | 1143 | np_net_ssl_cleanup(); |
1148 | #endif | 1144 | #endif |
1149 | 1145 | ||
1150 | /* Save check time */ | 1146 | /* Save check time */ |
1151 | microsec = deltime (tv); | 1147 | microsec = deltime(tv); |
1152 | elapsed_time = (double)microsec / 1.0e6; | 1148 | elapsed_time = (double)microsec / 1.0e6; |
1153 | 1149 | ||
1154 | /* leave full_page untouched so we can free it later */ | 1150 | /* leave full_page untouched so we can free it later */ |
1155 | page = full_page; | 1151 | page = full_page; |
1156 | 1152 | ||
1157 | if (verbose) | 1153 | if (verbose) |
1158 | printf ("%s://%s:%d%s is %d characters\n", | 1154 | printf("%s://%s:%d%s is %d characters\n", use_ssl ? "https" : "http", |
1159 | use_ssl ? "https" : "http", server_address, | 1155 | server_address, server_port, server_url, (int)pagesize); |
1160 | server_port, server_url, (int)pagesize); | ||
1161 | 1156 | ||
1162 | /* find status line and null-terminate it */ | 1157 | /* find status line and null-terminate it */ |
1163 | status_line = page; | 1158 | status_line = page; |
1164 | page += (size_t) strcspn (page, "\r\n"); | 1159 | page += (size_t)strcspn(page, "\r\n"); |
1165 | pos = page; | 1160 | pos = page; |
1166 | page += (size_t) strspn (page, "\r\n"); | 1161 | page += (size_t)strspn(page, "\r\n"); |
1167 | status_line[strcspn(status_line, "\r\n")] = 0; | 1162 | status_line[strcspn(status_line, "\r\n")] = 0; |
1168 | strip (status_line); | 1163 | strip(status_line); |
1169 | if (verbose) | 1164 | if (verbose) |
1170 | printf ("STATUS: %s\n", status_line); | 1165 | printf("STATUS: %s\n", status_line); |
1171 | 1166 | ||
1172 | /* find header info and null-terminate it */ | 1167 | /* find header info and null-terminate it */ |
1173 | header = page; | 1168 | header = page; |
1174 | while (strcspn (page, "\r\n") > 0) { | 1169 | while (strcspn(page, "\r\n") > 0) { |
1175 | page += (size_t) strcspn (page, "\r\n"); | 1170 | page += (size_t)strcspn(page, "\r\n"); |
1176 | pos = page; | 1171 | pos = page; |
1177 | if ((strspn (page, "\r") == 1 && strspn (page, "\r\n") >= 2) || | 1172 | if ((strspn(page, "\r") == 1 && strspn(page, "\r\n") >= 2) || |
1178 | (strspn (page, "\n") == 1 && strspn (page, "\r\n") >= 2)) | 1173 | (strspn(page, "\n") == 1 && strspn(page, "\r\n") >= 2)) |
1179 | page += (size_t) 2; | 1174 | page += (size_t)2; |
1180 | else | 1175 | else |
1181 | page += (size_t) 1; | 1176 | page += (size_t)1; |
1182 | } | 1177 | } |
1183 | page += (size_t) strspn (page, "\r\n"); | 1178 | page += (size_t)strspn(page, "\r\n"); |
1184 | header[pos - header] = 0; | 1179 | header[pos - header] = 0; |
1185 | if (verbose) | 1180 | if (verbose) |
1186 | printf ("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header, | 1181 | printf("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header, |
1187 | (no_body ? " [[ skipped ]]" : page)); | 1182 | (no_body ? " [[ skipped ]]" : page)); |
1188 | 1183 | ||
1189 | /* make sure the status line matches the response we are looking for */ | 1184 | /* make sure the status line matches the response we are looking for */ |
1190 | if (!expected_statuscode (status_line, server_expect)) { | 1185 | if (!expected_statuscode(status_line, server_expect)) { |
1191 | if (server_port == HTTP_PORT) | 1186 | if (server_port == HTTP_PORT) |
1192 | xasprintf (&msg, | 1187 | xasprintf(&msg, _("Invalid HTTP response received from host: %s\n"), |
1193 | _("Invalid HTTP response received from host: %s\n"), | ||
1194 | status_line); | 1188 | status_line); |
1195 | else | 1189 | else |
1196 | xasprintf (&msg, | 1190 | xasprintf(&msg, |
1197 | _("Invalid HTTP response received from host on port %d: %s\n"), | 1191 | _("Invalid HTTP response received from host on port %d: %s\n"), |
1198 | server_port, status_line); | 1192 | server_port, status_line); |
1199 | if (show_body) | 1193 | if (show_body) |
1200 | xasprintf (&msg, _("%s\n%s"), msg, page); | 1194 | xasprintf(&msg, _("%s\n%s"), msg, page); |
1201 | die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); | 1195 | die(STATE_CRITICAL, "HTTP CRITICAL - %s", msg); |
1202 | } | 1196 | } |
1203 | 1197 | ||
1204 | /* Bypass normal status line check if server_expect was set by user and not default */ | 1198 | /* Bypass normal status line check if server_expect was set by user and not |
1205 | /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string */ | 1199 | * default */ |
1206 | if ( server_expect_yn ) { | 1200 | /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string |
1207 | xasprintf (&msg, | 1201 | */ |
1208 | _("Status line output matched \"%s\" - "), server_expect); | 1202 | if (server_expect_yn) { |
1203 | xasprintf(&msg, _("Status line output matched \"%s\" - "), server_expect); | ||
1209 | if (verbose) | 1204 | if (verbose) |
1210 | printf ("%s\n",msg); | 1205 | printf("%s\n", msg); |
1211 | } | 1206 | } else { |
1212 | else { | ||
1213 | /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */ | 1207 | /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */ |
1214 | /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */ | 1208 | /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */ |
1215 | /* Status-Code = 3 DIGITS */ | 1209 | /* Status-Code = 3 DIGITS */ |
1216 | 1210 | ||
1217 | status_code = strchr (status_line, ' ') + sizeof (char); | 1211 | status_code = strchr(status_line, ' ') + sizeof(char); |
1218 | if (strspn (status_code, "1234567890") != 3) | 1212 | if (strspn(status_code, "1234567890") != 3) |
1219 | die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), status_line); | 1213 | die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), |
1214 | status_line); | ||
1220 | 1215 | ||
1221 | http_status = atoi (status_code); | 1216 | http_status = atoi(status_code); |
1222 | 1217 | ||
1223 | /* check the return code */ | 1218 | /* check the return code */ |
1224 | 1219 | ||
1225 | if (http_status >= 600 || http_status < 100) { | 1220 | if (http_status >= 600 || http_status < 100) { |
1226 | die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), status_line); | 1221 | die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), |
1222 | status_line); | ||
1227 | } | 1223 | } |
1228 | /* server errors result in a critical state */ | 1224 | /* server errors result in a critical state */ |
1229 | else if (http_status >= 500) { | 1225 | else if (http_status >= 500) { |
1230 | xasprintf (&msg, _("%s - "), status_line); | 1226 | xasprintf(&msg, _("%s - "), status_line); |
1231 | result = STATE_CRITICAL; | 1227 | result = STATE_CRITICAL; |
1232 | } | 1228 | } |
1233 | /* client errors result in a warning state */ | 1229 | /* client errors result in a warning state */ |
1234 | else if (http_status >= 400) { | 1230 | else if (http_status >= 400) { |
1235 | xasprintf (&msg, _("%s - "), status_line); | 1231 | xasprintf(&msg, _("%s - "), status_line); |
1236 | result = max_state_alt(STATE_WARNING, result); | 1232 | result = max_state_alt(STATE_WARNING, result); |
1237 | } | 1233 | } |
1238 | /* check redirected page if specified */ | 1234 | /* check redirected page if specified */ |
1239 | else if (http_status >= 300) { | 1235 | else if (http_status >= 300) { |
1240 | 1236 | ||
1241 | if (onredirect == STATE_DEPENDENT) | 1237 | if (onredirect == STATE_DEPENDENT) |
1242 | redir (header, status_line); | 1238 | redir(header, status_line); |
1243 | else | 1239 | else |
1244 | result = max_state_alt(onredirect, result); | 1240 | result = max_state_alt(onredirect, result); |
1245 | xasprintf (&msg, _("%s - "), status_line); | 1241 | xasprintf(&msg, _("%s - "), status_line); |
1246 | } /* end if (http_status >= 300) */ | 1242 | } /* end if (http_status >= 300) */ |
1247 | else { | 1243 | else { |
1248 | /* Print OK status anyway */ | 1244 | /* Print OK status anyway */ |
1249 | xasprintf (&msg, _("%s - "), status_line); | 1245 | xasprintf(&msg, _("%s - "), status_line); |
1250 | } | 1246 | } |
1251 | 1247 | ||
1252 | } /* end else (server_expect_yn) */ | 1248 | } /* end else (server_expect_yn) */ |
1253 | 1249 | ||
1254 | /* reset the alarm - must be called *after* redir or we'll never die on redirects! */ | 1250 | /* reset the alarm - must be called *after* redir or we'll never die on |
1255 | alarm (0); | 1251 | * redirects! */ |
1252 | alarm(0); | ||
1256 | 1253 | ||
1257 | if (maximum_age >= 0) { | 1254 | if (maximum_age >= 0) { |
1258 | result = max_state_alt(check_document_dates(header, &msg), result); | 1255 | result = max_state_alt(check_document_dates(header, &msg), result); |
1259 | } | 1256 | } |
1260 | 1257 | ||
1261 | /* Page and Header content checks go here */ | 1258 | /* Page and Header content checks go here */ |
1262 | if (strlen (header_expect)) { | 1259 | if (strlen(header_expect)) { |
1263 | if (!strstr (header, header_expect)) { | 1260 | if (!strstr(header, header_expect)) { |
1264 | strncpy(&output_header_search[0],header_expect,sizeof(output_header_search)); | 1261 | strncpy(&output_header_search[0], header_expect, |
1265 | if(output_header_search[sizeof(output_header_search)-1]!='\0') { | 1262 | sizeof(output_header_search)); |
1266 | bcopy("...",&output_header_search[sizeof(output_header_search)-4],4); | 1263 | if (output_header_search[sizeof(output_header_search) - 1] != '\0') { |
1264 | bcopy("...", &output_header_search[sizeof(output_header_search) - 4], | ||
1265 | 4); | ||
1267 | } | 1266 | } |
1268 | xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); | 1267 | xasprintf(&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, |
1268 | output_header_search, use_ssl ? "https" : "http", | ||
1269 | host_name ? host_name : server_address, server_port, | ||
1270 | server_url); | ||
1269 | result = STATE_CRITICAL; | 1271 | result = STATE_CRITICAL; |
1270 | } | 1272 | } |
1271 | } | 1273 | } |
1272 | 1274 | ||
1273 | 1275 | if (strlen(string_expect)) { | |
1274 | if (strlen (string_expect)) { | 1276 | if (!strstr(page, string_expect)) { |
1275 | if (!strstr (page, string_expect)) { | 1277 | strncpy(&output_string_search[0], string_expect, |
1276 | strncpy(&output_string_search[0],string_expect,sizeof(output_string_search)); | 1278 | sizeof(output_string_search)); |
1277 | if(output_string_search[sizeof(output_string_search)-1]!='\0') { | 1279 | if (output_string_search[sizeof(output_string_search) - 1] != '\0') { |
1278 | bcopy("...",&output_string_search[sizeof(output_string_search)-4],4); | 1280 | bcopy("...", &output_string_search[sizeof(output_string_search) - 4], |
1281 | 4); | ||
1279 | } | 1282 | } |
1280 | xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); | 1283 | xasprintf(&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, |
1284 | output_string_search, use_ssl ? "https" : "http", | ||
1285 | host_name ? host_name : server_address, server_port, | ||
1286 | server_url); | ||
1281 | result = STATE_CRITICAL; | 1287 | result = STATE_CRITICAL; |
1282 | } | 1288 | } |
1283 | } | 1289 | } |
1284 | 1290 | ||
1285 | if (strlen (regexp)) { | 1291 | if (strlen(regexp)) { |
1286 | errcode = regexec (&preg, page, REGS, pmatch, 0); | 1292 | errcode = regexec(&preg, page, REGS, pmatch, 0); |
1287 | if ((errcode == 0 && invert_regex == 0) || (errcode == REG_NOMATCH && invert_regex == 1)) { | 1293 | if ((errcode == 0 && invert_regex == 0) || |
1294 | (errcode == REG_NOMATCH && invert_regex == 1)) { | ||
1288 | /* OK - No-op to avoid changing the logic around it */ | 1295 | /* OK - No-op to avoid changing the logic around it */ |
1289 | result = max_state_alt(STATE_OK, result); | 1296 | result = max_state_alt(STATE_OK, result); |
1290 | } | 1297 | } else if ((errcode == REG_NOMATCH && invert_regex == 0) || |
1291 | else if ((errcode == REG_NOMATCH && invert_regex == 0) || (errcode == 0 && invert_regex == 1)) { | 1298 | (errcode == 0 && invert_regex == 1)) { |
1292 | if (invert_regex == 0) | 1299 | if (invert_regex == 0) |
1293 | xasprintf (&msg, _("%spattern not found, "), msg); | 1300 | xasprintf(&msg, _("%spattern not found, "), msg); |
1294 | else | 1301 | else |
1295 | xasprintf (&msg, _("%spattern found, "), msg); | 1302 | xasprintf(&msg, _("%spattern found, "), msg); |
1296 | result = STATE_CRITICAL; | 1303 | result = STATE_CRITICAL; |
1297 | } | 1304 | } else { |
1298 | else { | ||
1299 | /* FIXME: Shouldn't that be UNKNOWN? */ | 1305 | /* FIXME: Shouldn't that be UNKNOWN? */ |
1300 | regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); | 1306 | regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER); |
1301 | xasprintf (&msg, _("%sExecute Error: %s, "), msg, errbuf); | 1307 | xasprintf(&msg, _("%sExecute Error: %s, "), msg, errbuf); |
1302 | result = STATE_CRITICAL; | 1308 | result = STATE_CRITICAL; |
1303 | } | 1309 | } |
1304 | } | 1310 | } |
@@ -1314,68 +1320,64 @@ check_http (void) | |||
1314 | */ | 1320 | */ |
1315 | page_len = pagesize; | 1321 | page_len = pagesize; |
1316 | if ((max_page_len > 0) && (page_len > max_page_len)) { | 1322 | if ((max_page_len > 0) && (page_len > max_page_len)) { |
1317 | xasprintf (&msg, _("%spage size %d too large, "), msg, page_len); | 1323 | xasprintf(&msg, _("%spage size %d too large, "), msg, page_len); |
1318 | result = max_state_alt(STATE_WARNING, result); | 1324 | result = max_state_alt(STATE_WARNING, result); |
1319 | } else if ((min_page_len > 0) && (page_len < min_page_len)) { | 1325 | } else if ((min_page_len > 0) && (page_len < min_page_len)) { |
1320 | xasprintf (&msg, _("%spage size %d too small, "), msg, page_len); | 1326 | xasprintf(&msg, _("%spage size %d too small, "), msg, page_len); |
1321 | result = max_state_alt(STATE_WARNING, result); | 1327 | result = max_state_alt(STATE_WARNING, result); |
1322 | } | 1328 | } |
1323 | 1329 | ||
1324 | /* Cut-off trailing characters */ | 1330 | /* Cut-off trailing characters */ |
1325 | if(msg[strlen(msg)-2] == ',') | 1331 | if (msg[strlen(msg) - 2] == ',') |
1326 | msg[strlen(msg)-2] = '\0'; | 1332 | msg[strlen(msg) - 2] = '\0'; |
1327 | else | 1333 | else |
1328 | msg[strlen(msg)-3] = '\0'; | 1334 | msg[strlen(msg) - 3] = '\0'; |
1329 | 1335 | ||
1330 | /* check elapsed time */ | 1336 | /* check elapsed time */ |
1331 | if (show_extended_perfdata) | 1337 | if (show_extended_perfdata) |
1332 | xasprintf (&msg, | 1338 | xasprintf( |
1333 | _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), | 1339 | &msg, |
1334 | msg, page_len, elapsed_time, | 1340 | _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), |
1335 | (display_html ? "</A>" : ""), | 1341 | msg, page_len, elapsed_time, (display_html ? "</A>" : ""), |
1336 | perfd_time (elapsed_time), | 1342 | perfd_time(elapsed_time), perfd_size(page_len), |
1337 | perfd_size (page_len), | 1343 | perfd_time_connect(elapsed_time_connect), |
1338 | perfd_time_connect (elapsed_time_connect), | 1344 | use_ssl == true ? perfd_time_ssl(elapsed_time_ssl) : "", |
1339 | use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "", | 1345 | perfd_time_headers(elapsed_time_headers), |
1340 | perfd_time_headers (elapsed_time_headers), | 1346 | perfd_time_firstbyte(elapsed_time_firstbyte), |
1341 | perfd_time_firstbyte (elapsed_time_firstbyte), | 1347 | perfd_time_transfer(elapsed_time_transfer)); |
1342 | perfd_time_transfer (elapsed_time_transfer)); | ||
1343 | else | 1348 | else |
1344 | xasprintf (&msg, | 1349 | xasprintf(&msg, _("%s - %d bytes in %.3f second response time %s|%s %s"), |
1345 | _("%s - %d bytes in %.3f second response time %s|%s %s"), | 1350 | msg, page_len, elapsed_time, (display_html ? "</A>" : ""), |
1346 | msg, page_len, elapsed_time, | 1351 | perfd_time(elapsed_time), perfd_size(page_len)); |
1347 | (display_html ? "</A>" : ""), | ||
1348 | perfd_time (elapsed_time), | ||
1349 | perfd_size (page_len)); | ||
1350 | 1352 | ||
1351 | if (show_body) | 1353 | if (show_body) |
1352 | xasprintf (&msg, _("%s\n%s"), msg, page); | 1354 | xasprintf(&msg, _("%s\n%s"), msg, page); |
1353 | 1355 | ||
1354 | result = max_state_alt(get_status(elapsed_time, thlds), result); | 1356 | result = max_state_alt(get_status(elapsed_time, thlds), result); |
1355 | 1357 | ||
1356 | die (result, "HTTP %s: %s\n", state_text(result), msg); | 1358 | die(result, "HTTP %s: %s\n", state_text(result), msg); |
1357 | /* die failed? */ | 1359 | /* die failed? */ |
1358 | return STATE_UNKNOWN; | 1360 | return STATE_UNKNOWN; |
1359 | } | 1361 | } |
1360 | 1362 | ||
1361 | |||
1362 | |||
1363 | /* per RFC 2396 */ | 1363 | /* per RFC 2396 */ |
1364 | #define URI_HTTP "%5[HTPShtps]" | 1364 | #define URI_HTTP "%5[HTPShtps]" |
1365 | #define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" | 1365 | #define URI_HOST \ |
1366 | "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" | ||
1366 | #define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */ | 1367 | #define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */ |
1367 | #define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" | 1368 | #define URI_PATH \ |
1369 | "%[-_.!~*'();/" \ | ||
1370 | "?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" | ||
1368 | #define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH | 1371 | #define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH |
1369 | #define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH | 1372 | #define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH |
1370 | #define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT | 1373 | #define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT |
1371 | #define HD4 URI_HTTP "://" URI_HOST | 1374 | #define HD4 URI_HTTP "://" URI_HOST |
1372 | /* relative reference redirect like //www.site.org/test https://tools.ietf.org/html/rfc3986 */ | 1375 | /* relative reference redirect like //www.site.org/test |
1376 | * https://tools.ietf.org/html/rfc3986 */ | ||
1373 | #define HD5 "//" URI_HOST "/" URI_PATH | 1377 | #define HD5 "//" URI_HOST "/" URI_PATH |
1374 | #define HD6 URI_PATH | 1378 | #define HD6 URI_PATH |
1375 | 1379 | ||
1376 | void | 1380 | void redir(char *pos, char *status_line) { |
1377 | redir (char *pos, char *status_line) | ||
1378 | { | ||
1379 | int i = 0; | 1381 | int i = 0; |
1380 | char *x; | 1382 | char *x; |
1381 | char xx[2]; | 1383 | char xx[2]; |
@@ -1383,101 +1385,101 @@ redir (char *pos, char *status_line) | |||
1383 | char *addr; | 1385 | char *addr; |
1384 | char *url; | 1386 | char *url; |
1385 | 1387 | ||
1386 | addr = malloc (MAX_IPV4_HOSTLENGTH + 1); | 1388 | addr = malloc(MAX_IPV4_HOSTLENGTH + 1); |
1387 | if (addr == NULL) | 1389 | if (addr == NULL) |
1388 | die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); | 1390 | die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); |
1389 | 1391 | ||
1390 | memset(addr, 0, MAX_IPV4_HOSTLENGTH); | 1392 | memset(addr, 0, MAX_IPV4_HOSTLENGTH); |
1391 | url = malloc (strcspn (pos, "\r\n")); | 1393 | url = malloc(strcspn(pos, "\r\n")); |
1392 | if (url == NULL) | 1394 | if (url == NULL) |
1393 | die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); | 1395 | die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); |
1394 | 1396 | ||
1395 | while (pos) { | 1397 | while (pos) { |
1396 | sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i); | 1398 | sscanf(pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", |
1399 | xx, &i); | ||
1397 | if (i == 0) { | 1400 | if (i == 0) { |
1398 | pos += (size_t) strcspn (pos, "\r\n"); | 1401 | pos += (size_t)strcspn(pos, "\r\n"); |
1399 | pos += (size_t) strspn (pos, "\r\n"); | 1402 | pos += (size_t)strspn(pos, "\r\n"); |
1400 | if (strlen(pos) == 0) | 1403 | if (strlen(pos) == 0) |
1401 | die (STATE_UNKNOWN, | 1404 | die(STATE_UNKNOWN, |
1402 | _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"), | 1405 | _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"), |
1403 | status_line, (display_html ? "</A>" : "")); | 1406 | status_line, (display_html ? "</A>" : "")); |
1404 | continue; | 1407 | continue; |
1405 | } | 1408 | } |
1406 | 1409 | ||
1407 | pos += i; | 1410 | pos += i; |
1408 | pos += strspn (pos, " \t"); | 1411 | pos += strspn(pos, " \t"); |
1409 | 1412 | ||
1410 | /* | 1413 | /* |
1411 | * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by | 1414 | * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by |
1412 | * preceding each extra line with at least one SP or HT.'' | 1415 | * preceding each extra line with at least one SP or HT.'' |
1413 | */ | 1416 | */ |
1414 | for (; (i = strspn (pos, "\r\n")); pos += i) { | 1417 | for (; (i = strspn(pos, "\r\n")); pos += i) { |
1415 | pos += i; | 1418 | pos += i; |
1416 | if (!(i = strspn (pos, " \t"))) { | 1419 | if (!(i = strspn(pos, " \t"))) { |
1417 | die (STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"), | 1420 | die(STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"), |
1418 | display_html ? "</A>" : ""); | 1421 | display_html ? "</A>" : ""); |
1419 | } | 1422 | } |
1420 | } | 1423 | } |
1421 | 1424 | ||
1422 | url = realloc (url, strcspn (pos, "\r\n") + 1); | 1425 | url = realloc(url, strcspn(pos, "\r\n") + 1); |
1423 | if (url == NULL) | 1426 | if (url == NULL) |
1424 | die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); | 1427 | die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); |
1425 | 1428 | ||
1426 | /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */ | 1429 | /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */ |
1427 | if (sscanf (pos, HD1, type, addr, &i, url) == 4) { | 1430 | if (sscanf(pos, HD1, type, addr, &i, url) == 4) { |
1428 | url = prepend_slash (url); | 1431 | url = prepend_slash(url); |
1429 | use_ssl = server_type_check (type); | 1432 | use_ssl = server_type_check(type); |
1430 | } | 1433 | } |
1431 | 1434 | ||
1432 | /* URI_HTTP URI_HOST URI_PATH */ | 1435 | /* URI_HTTP URI_HOST URI_PATH */ |
1433 | else if (sscanf (pos, HD2, type, addr, url) == 3 ) { | 1436 | else if (sscanf(pos, HD2, type, addr, url) == 3) { |
1434 | url = prepend_slash (url); | 1437 | url = prepend_slash(url); |
1435 | use_ssl = server_type_check (type); | 1438 | use_ssl = server_type_check(type); |
1436 | i = server_port_check (use_ssl); | 1439 | i = server_port_check(use_ssl); |
1437 | } | 1440 | } |
1438 | 1441 | ||
1439 | /* URI_HTTP URI_HOST URI_PORT */ | 1442 | /* URI_HTTP URI_HOST URI_PORT */ |
1440 | else if (sscanf (pos, HD3, type, addr, &i) == 3) { | 1443 | else if (sscanf(pos, HD3, type, addr, &i) == 3) { |
1441 | strcpy (url, HTTP_URL); | 1444 | strcpy(url, HTTP_URL); |
1442 | use_ssl = server_type_check (type); | 1445 | use_ssl = server_type_check(type); |
1443 | } | 1446 | } |
1444 | 1447 | ||
1445 | /* URI_HTTP URI_HOST */ | 1448 | /* URI_HTTP URI_HOST */ |
1446 | else if (sscanf (pos, HD4, type, addr) == 2) { | 1449 | else if (sscanf(pos, HD4, type, addr) == 2) { |
1447 | strcpy (url, HTTP_URL); | 1450 | strcpy(url, HTTP_URL); |
1448 | use_ssl = server_type_check (type); | 1451 | use_ssl = server_type_check(type); |
1449 | i = server_port_check (use_ssl); | 1452 | i = server_port_check(use_ssl); |
1450 | } | 1453 | } |
1451 | /* URI_HTTP, URI_HOST, URI_PATH */ | 1454 | /* URI_HTTP, URI_HOST, URI_PATH */ |
1452 | else if (sscanf (pos, HD5, addr, url) == 2) { | 1455 | else if (sscanf(pos, HD5, addr, url) == 2) { |
1453 | if(use_ssl){ | 1456 | if (use_ssl) { |
1454 | strcpy (type,"https"); | 1457 | strcpy(type, "https"); |
1455 | } | 1458 | } else { |
1456 | else{ | 1459 | strcpy(type, server_type); |
1457 | strcpy (type, server_type); | ||
1458 | } | 1460 | } |
1459 | xasprintf (&url, "/%s", url); | 1461 | xasprintf(&url, "/%s", url); |
1460 | use_ssl = server_type_check (type); | 1462 | use_ssl = server_type_check(type); |
1461 | i = server_port_check (use_ssl); | 1463 | i = server_port_check(use_ssl); |
1462 | } | 1464 | } |
1463 | 1465 | ||
1464 | /* URI_PATH */ | 1466 | /* URI_PATH */ |
1465 | else if (sscanf (pos, HD6, url) == 1) { | 1467 | else if (sscanf(pos, HD6, url) == 1) { |
1466 | /* relative url */ | 1468 | /* relative url */ |
1467 | if ((url[0] != '/')) { | 1469 | if ((url[0] != '/')) { |
1468 | if ((x = strrchr(server_url, '/'))) | 1470 | if ((x = strrchr(server_url, '/'))) |
1469 | *x = '\0'; | 1471 | *x = '\0'; |
1470 | xasprintf (&url, "%s/%s", server_url, url); | 1472 | xasprintf(&url, "%s/%s", server_url, url); |
1471 | } | 1473 | } |
1472 | i = server_port; | 1474 | i = server_port; |
1473 | strcpy (type, server_type); | 1475 | strcpy(type, server_type); |
1474 | strcpy (addr, host_name ? host_name : server_address); | 1476 | strcpy(addr, host_name ? host_name : server_address); |
1475 | } | 1477 | } |
1476 | 1478 | ||
1477 | else { | 1479 | else { |
1478 | die (STATE_UNKNOWN, | 1480 | die(STATE_UNKNOWN, |
1479 | _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), | 1481 | _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), pos, |
1480 | pos, (display_html ? "</A>" : "")); | 1482 | (display_html ? "</A>" : "")); |
1481 | } | 1483 | } |
1482 | 1484 | ||
1483 | break; | 1485 | break; |
@@ -1485,299 +1487,356 @@ redir (char *pos, char *status_line) | |||
1485 | } /* end while (pos) */ | 1487 | } /* end while (pos) */ |
1486 | 1488 | ||
1487 | if (++redir_depth > max_depth) | 1489 | if (++redir_depth > max_depth) |
1488 | die (STATE_WARNING, | 1490 | die(STATE_WARNING, |
1489 | _("HTTP WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"), | 1491 | _("HTTP WARNING - maximum redirection depth %d exceeded - " |
1490 | max_depth, type, addr, i, url, (display_html ? "</A>" : "")); | 1492 | "%s://%s:%d%s%s\n"), |
1493 | max_depth, type, addr, i, url, (display_html ? "</A>" : "")); | ||
1491 | 1494 | ||
1492 | if (server_port==i && | 1495 | if (server_port == i && !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && |
1493 | !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && | ||
1494 | (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && | 1496 | (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && |
1495 | !strcmp(server_url, url)) | 1497 | !strcmp(server_url, url)) |
1496 | die (STATE_CRITICAL, | 1498 | die(STATE_CRITICAL, |
1497 | _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"), | 1499 | _("HTTP CRITICAL - redirection creates an infinite loop - " |
1498 | type, addr, i, url, (display_html ? "</A>" : "")); | 1500 | "%s://%s:%d%s%s\n"), |
1501 | type, addr, i, url, (display_html ? "</A>" : "")); | ||
1499 | 1502 | ||
1500 | strcpy (server_type, type); | 1503 | strcpy(server_type, type); |
1501 | 1504 | ||
1502 | free (host_name); | 1505 | free(host_name); |
1503 | host_name = strndup (addr, MAX_IPV4_HOSTLENGTH); | 1506 | host_name = strndup(addr, MAX_IPV4_HOSTLENGTH); |
1504 | 1507 | ||
1505 | if (!(followsticky & STICKY_HOST)) { | 1508 | if (!(followsticky & STICKY_HOST)) { |
1506 | free (server_address); | 1509 | free(server_address); |
1507 | server_address = strndup (addr, MAX_IPV4_HOSTLENGTH); | 1510 | server_address = strndup(addr, MAX_IPV4_HOSTLENGTH); |
1508 | } | 1511 | } |
1509 | if (!(followsticky & STICKY_PORT)) { | 1512 | if (!(followsticky & STICKY_PORT)) { |
1510 | server_port = i; | 1513 | server_port = i; |
1511 | } | 1514 | } |
1512 | 1515 | ||
1513 | free (server_url); | 1516 | free(server_url); |
1514 | server_url = url; | 1517 | server_url = url; |
1515 | 1518 | ||
1516 | if (server_port > MAX_PORT) | 1519 | if (server_port > MAX_PORT) |
1517 | die (STATE_UNKNOWN, | 1520 | die(STATE_UNKNOWN, |
1518 | _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"), | 1521 | _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"), |
1519 | MAX_PORT, server_type, server_address, server_port, server_url, | 1522 | MAX_PORT, server_type, server_address, server_port, server_url, |
1520 | display_html ? "</A>" : ""); | 1523 | display_html ? "</A>" : ""); |
1521 | 1524 | ||
1522 | /* reset virtual port */ | 1525 | /* reset virtual port */ |
1523 | virtual_port = server_port; | 1526 | virtual_port = server_port; |
1524 | 1527 | ||
1525 | if (verbose) | 1528 | if (verbose) |
1526 | printf (_("Redirection to %s://%s:%d%s\n"), server_type, | 1529 | printf(_("Redirection to %s://%s:%d%s\n"), server_type, |
1527 | host_name ? host_name : server_address, server_port, server_url); | 1530 | host_name ? host_name : server_address, server_port, server_url); |
1528 | 1531 | ||
1529 | free(addr); | 1532 | free(addr); |
1530 | check_http (); | 1533 | check_http(); |
1531 | } | 1534 | } |
1532 | 1535 | ||
1533 | 1536 | bool server_type_check(const char *type) { | |
1534 | bool | 1537 | if (strcmp(type, "https")) |
1535 | server_type_check (const char *type) | ||
1536 | { | ||
1537 | if (strcmp (type, "https")) | ||
1538 | return false; | 1538 | return false; |
1539 | else | 1539 | else |
1540 | return true; | 1540 | return true; |
1541 | } | 1541 | } |
1542 | 1542 | ||
1543 | int | 1543 | int server_port_check(int ssl_flag) { |
1544 | server_port_check (int ssl_flag) | ||
1545 | { | ||
1546 | if (ssl_flag) | 1544 | if (ssl_flag) |
1547 | return HTTPS_PORT; | 1545 | return HTTPS_PORT; |
1548 | else | 1546 | else |
1549 | return HTTP_PORT; | 1547 | return HTTP_PORT; |
1550 | } | 1548 | } |
1551 | 1549 | ||
1552 | char *perfd_time (double elapsed_time) | 1550 | char *perfd_time(double elapsed_time) { |
1553 | { | 1551 | return fperfdata("time", elapsed_time, "s", thlds->warning ? true : false, |
1554 | return fperfdata ("time", elapsed_time, "s", | 1552 | thlds->warning ? thlds->warning->end : 0, |
1555 | thlds->warning?true:false, thlds->warning?thlds->warning->end:0, | 1553 | thlds->critical ? true : false, |
1556 | thlds->critical?true:false, thlds->critical?thlds->critical->end:0, | 1554 | thlds->critical ? thlds->critical->end : 0, true, 0, true, |
1557 | true, 0, true, socket_timeout); | 1555 | socket_timeout); |
1558 | } | 1556 | } |
1559 | 1557 | ||
1560 | char *perfd_time_connect (double elapsed_time_connect) | 1558 | char *perfd_time_connect(double elapsed_time_connect) { |
1561 | { | 1559 | return fperfdata("time_connect", elapsed_time_connect, "s", false, 0, false, |
1562 | return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout); | 1560 | 0, false, 0, true, socket_timeout); |
1563 | } | 1561 | } |
1564 | 1562 | ||
1565 | char *perfd_time_ssl (double elapsed_time_ssl) | 1563 | char *perfd_time_ssl(double elapsed_time_ssl) { |
1566 | { | 1564 | return fperfdata("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, |
1567 | return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout); | 1565 | 0, true, socket_timeout); |
1568 | } | 1566 | } |
1569 | 1567 | ||
1570 | char *perfd_time_headers (double elapsed_time_headers) | 1568 | char *perfd_time_headers(double elapsed_time_headers) { |
1571 | { | 1569 | return fperfdata("time_headers", elapsed_time_headers, "s", false, 0, false, |
1572 | return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout); | 1570 | 0, false, 0, true, socket_timeout); |
1573 | } | 1571 | } |
1574 | 1572 | ||
1575 | char *perfd_time_firstbyte (double elapsed_time_firstbyte) | 1573 | char *perfd_time_firstbyte(double elapsed_time_firstbyte) { |
1576 | { | 1574 | return fperfdata("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, |
1577 | return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout); | 1575 | false, 0, false, 0, true, socket_timeout); |
1578 | } | 1576 | } |
1579 | 1577 | ||
1580 | char *perfd_time_transfer (double elapsed_time_transfer) | 1578 | char *perfd_time_transfer(double elapsed_time_transfer) { |
1581 | { | 1579 | return fperfdata("time_transfer", elapsed_time_transfer, "s", false, 0, false, |
1582 | return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout); | 1580 | 0, false, 0, true, socket_timeout); |
1583 | } | 1581 | } |
1584 | 1582 | ||
1585 | char *perfd_size (int page_len) | 1583 | char *perfd_size(int page_len) { |
1586 | { | 1584 | return perfdata("size", page_len, "B", (min_page_len > 0 ? true : false), |
1587 | return perfdata ("size", page_len, "B", | 1585 | min_page_len, (min_page_len > 0 ? true : false), 0, true, 0, |
1588 | (min_page_len>0?true:false), min_page_len, | 1586 | false, 0); |
1589 | (min_page_len>0?true:false), 0, | ||
1590 | true, 0, false, 0); | ||
1591 | } | 1587 | } |
1592 | 1588 | ||
1593 | void | 1589 | void print_help(void) { |
1594 | print_help (void) | 1590 | print_revision(progname, NP_VERSION); |
1595 | { | ||
1596 | print_revision (progname, NP_VERSION); | ||
1597 | 1591 | ||
1598 | printf ("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); | 1592 | printf("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); |
1599 | printf (COPYRIGHT, copyright, email); | 1593 | printf(COPYRIGHT, copyright, email); |
1600 | 1594 | ||
1601 | printf ("%s\n", _("This plugin tests the HTTP service on the specified host. It can test")); | 1595 | printf("%s\n", _("This plugin tests the HTTP service on the specified host. " |
1602 | printf ("%s\n", _("normal (http) and secure (https) servers, follow redirects, search for")); | 1596 | "It can test")); |
1603 | printf ("%s\n", _("strings and regular expressions, check connection times, and report on")); | 1597 | printf("%s\n", _("normal (http) and secure (https) servers, follow " |
1604 | printf ("%s\n", _("certificate expiration times.")); | 1598 | "redirects, search for")); |
1599 | printf("%s\n", _("strings and regular expressions, check connection times, " | ||
1600 | "and report on")); | ||
1601 | printf("%s\n", _("certificate expiration times.")); | ||
1605 | 1602 | ||
1606 | printf ("\n\n"); | 1603 | printf("\n\n"); |
1607 | 1604 | ||
1608 | print_usage (); | 1605 | print_usage(); |
1609 | 1606 | ||
1610 | #ifdef HAVE_SSL | 1607 | #ifdef HAVE_SSL |
1611 | printf (_("In the first form, make an HTTP request.")); | 1608 | printf(_("In the first form, make an HTTP request.")); |
1612 | printf (_("In the second form, connect to the server and check the TLS certificate.")); | 1609 | printf(_("In the second form, connect to the server and check the TLS " |
1610 | "certificate.")); | ||
1613 | #endif | 1611 | #endif |
1614 | printf (_("NOTE: One or both of -H and -I must be specified")); | 1612 | printf(_("NOTE: One or both of -H and -I must be specified")); |
1615 | 1613 | ||
1616 | printf ("\n"); | 1614 | printf("\n"); |
1617 | 1615 | ||
1618 | printf (UT_HELP_VRSN); | 1616 | printf(UT_HELP_VRSN); |
1619 | printf (UT_EXTRA_OPTS); | 1617 | printf(UT_EXTRA_OPTS); |
1620 | 1618 | ||
1621 | printf (" %s\n", "-H, --hostname=ADDRESS"); | 1619 | printf(" %s\n", "-H, --hostname=ADDRESS"); |
1622 | printf (" %s\n", _("Host name argument for servers using host headers (virtual host)")); | 1620 | printf(" %s\n", |
1623 | printf (" %s\n", _("Append a port to include it in the header (eg: example.com:5000)")); | 1621 | _("Host name argument for servers using host headers (virtual host)")); |
1624 | printf (" %s\n", "-I, --IP-address=ADDRESS"); | 1622 | printf(" %s\n", |
1625 | printf (" %s\n", _("IP address or name (use numeric address if possible to bypass DNS lookup).")); | 1623 | _("Append a port to include it in the header (eg: example.com:5000)")); |
1626 | printf (" %s\n", "-p, --port=INTEGER"); | 1624 | printf(" %s\n", "-I, --IP-address=ADDRESS"); |
1627 | printf (" %s", _("Port number (default: ")); | 1625 | printf(" %s\n", _("IP address or name (use numeric address if possible to " |
1628 | printf ("%d)\n", HTTP_PORT); | 1626 | "bypass DNS lookup).")); |
1627 | printf(" %s\n", "-p, --port=INTEGER"); | ||
1628 | printf(" %s", _("Port number (default: ")); | ||
1629 | printf("%d)\n", HTTP_PORT); | ||
1629 | 1630 | ||
1630 | printf (UT_IPv46); | 1631 | printf(UT_IPv46); |
1631 | 1632 | ||
1632 | #ifdef HAVE_SSL | 1633 | #ifdef HAVE_SSL |
1633 | printf (" %s\n", "-S, --ssl=VERSION[+]"); | 1634 | printf(" %s\n", "-S, --ssl=VERSION[+]"); |
1634 | printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); | 1635 | printf(" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is " |
1635 | printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); | 1636 | "optional, and prevents")); |
1636 | printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted.")); | 1637 | printf( |
1637 | printf (" %s\n", "--sni"); | 1638 | " %s\n", |
1638 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); | 1639 | _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); |
1639 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); | 1640 | printf(" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are " |
1640 | printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); | 1641 | "also accepted.")); |
1641 | printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); | 1642 | printf(" %s\n", "--sni"); |
1642 | printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); | 1643 | printf(" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); |
1643 | printf (" %s\n", "--continue-after-certificate"); | 1644 | printf(" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); |
1644 | printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); | 1645 | printf(" %s\n", _("Minimum number of days a certificate has to be valid. " |
1645 | printf (" %s\n", _("Does nothing unless -C is used.")); | 1646 | "Port defaults to 443")); |
1646 | printf (" %s\n", "-J, --client-cert=FILE"); | 1647 | printf(" %s\n", _("(when this option is used the URL is not checked by " |
1647 | printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); | 1648 | "default. You can use")); |
1648 | printf (" %s\n", _("to be used in establishing the SSL session")); | 1649 | printf(" %s\n", |
1649 | printf (" %s\n", "-K, --private-key=FILE"); | 1650 | _(" --continue-after-certificate to override this behavior)")); |
1650 | printf (" %s\n", _("Name of file containing the private key (PEM format)")); | 1651 | printf(" %s\n", "--continue-after-certificate"); |
1651 | printf (" %s\n", _("matching the client certificate")); | 1652 | printf(" %s\n", _("Allows the HTTP check to continue after performing the " |
1653 | "certificate check.")); | ||
1654 | printf(" %s\n", _("Does nothing unless -C is used.")); | ||
1655 | printf(" %s\n", "-J, --client-cert=FILE"); | ||
1656 | printf(" %s\n", | ||
1657 | _("Name of file that contains the client certificate (PEM format)")); | ||
1658 | printf(" %s\n", _("to be used in establishing the SSL session")); | ||
1659 | printf(" %s\n", "-K, --private-key=FILE"); | ||
1660 | printf(" %s\n", _("Name of file containing the private key (PEM format)")); | ||
1661 | printf(" %s\n", _("matching the client certificate")); | ||
1652 | #endif | 1662 | #endif |
1653 | 1663 | ||
1654 | printf (" %s\n", "-e, --expect=STRING"); | 1664 | printf(" %s\n", "-e, --expect=STRING"); |
1655 | printf (" %s\n", _("Comma-delimited list of strings, at least one of them is expected in")); | 1665 | printf(" %s\n", _("Comma-delimited list of strings, at least one of them " |
1656 | printf (" %s", _("the first (status) line of the server response (default: ")); | 1666 | "is expected in")); |
1657 | printf ("%s)\n", HTTP_EXPECT); | 1667 | printf(" %s", |
1658 | printf (" %s\n", _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)")); | 1668 | _("the first (status) line of the server response (default: ")); |
1659 | printf (" %s\n", "-d, --header-string=STRING"); | 1669 | printf("%s)\n", HTTP_EXPECT); |
1660 | printf (" %s\n", _("String to expect in the response headers")); | 1670 | printf(" %s\n", _("If specified skips all other status line logic (ex: " |
1661 | printf (" %s\n", "-s, --string=STRING"); | 1671 | "3xx, 4xx, 5xx processing)")); |
1662 | printf (" %s\n", _("String to expect in the content")); | 1672 | printf(" %s\n", "-d, --header-string=STRING"); |
1663 | printf (" %s\n", "-u, --url=PATH"); | 1673 | printf(" %s\n", _("String to expect in the response headers")); |
1664 | printf (" %s\n", _("URL to GET or POST (default: /)")); | 1674 | printf(" %s\n", "-s, --string=STRING"); |
1665 | printf (" %s\n", "-P, --post=STRING"); | 1675 | printf(" %s\n", _("String to expect in the content")); |
1666 | printf (" %s\n", _("URL encoded http POST data")); | 1676 | printf(" %s\n", "-u, --url=PATH"); |
1667 | printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)"); | 1677 | printf(" %s\n", _("URL to GET or POST (default: /)")); |
1668 | printf (" %s\n", _("Set HTTP method.")); | 1678 | printf(" %s\n", "-P, --post=STRING"); |
1669 | printf (" %s\n", "-N, --no-body"); | 1679 | printf(" %s\n", _("URL encoded http POST data")); |
1670 | printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); | 1680 | printf(" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, " |
1671 | printf (" %s\n", _("(Note that this still does an HTTP GET or POST, not a HEAD.)")); | 1681 | "PUT, DELETE, CONNECT, CONNECT:POST)"); |
1672 | printf (" %s\n", "-M, --max-age=SECONDS"); | 1682 | printf(" %s\n", _("Set HTTP method.")); |
1673 | printf (" %s\n", _("Warn if document is more than SECONDS old. the number can also be of")); | 1683 | printf(" %s\n", "-N, --no-body"); |
1674 | printf (" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or \"10d\" for days.")); | 1684 | printf(" %s\n", |
1675 | printf (" %s\n", "-T, --content-type=STRING"); | 1685 | _("Don't wait for document body: stop reading after headers.")); |
1676 | printf (" %s\n", _("specify Content-Type header media type when POSTing\n")); | 1686 | printf(" %s\n", |
1677 | 1687 | _("(Note that this still does an HTTP GET or POST, not a HEAD.)")); | |
1678 | printf (" %s\n", "-l, --linespan"); | 1688 | printf(" %s\n", "-M, --max-age=SECONDS"); |
1679 | printf (" %s\n", _("Allow regex to span newlines (must precede -r or -R)")); | 1689 | printf(" %s\n", _("Warn if document is more than SECONDS old. the number " |
1680 | printf (" %s\n", "-r, --regex, --ereg=STRING"); | 1690 | "can also be of")); |
1681 | printf (" %s\n", _("Search page for regex STRING")); | 1691 | printf(" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or " |
1682 | printf (" %s\n", "-R, --eregi=STRING"); | 1692 | "\"10d\" for days.")); |
1683 | printf (" %s\n", _("Search page for case-insensitive regex STRING")); | 1693 | printf(" %s\n", "-T, --content-type=STRING"); |
1684 | printf (" %s\n", "--invert-regex"); | 1694 | printf(" %s\n", |
1685 | printf (" %s\n", _("Return CRITICAL if found, OK if not\n")); | 1695 | _("specify Content-Type header media type when POSTing\n")); |
1686 | 1696 | ||
1687 | printf (" %s\n", "-a, --authorization=AUTH_PAIR"); | 1697 | printf(" %s\n", "-l, --linespan"); |
1688 | printf (" %s\n", _("Username:password on sites with basic authentication")); | 1698 | printf(" %s\n", _("Allow regex to span newlines (must precede -r or -R)")); |
1689 | printf (" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); | 1699 | printf(" %s\n", "-r, --regex, --ereg=STRING"); |
1690 | printf (" %s\n", _("Username:password on proxy-servers with basic authentication")); | 1700 | printf(" %s\n", _("Search page for regex STRING")); |
1691 | printf (" %s\n", "-A, --useragent=STRING"); | 1701 | printf(" %s\n", "-R, --eregi=STRING"); |
1692 | printf (" %s\n", _("String to be sent in http header as \"User Agent\"")); | 1702 | printf(" %s\n", _("Search page for case-insensitive regex STRING")); |
1693 | printf (" %s\n", "-k, --header=STRING"); | 1703 | printf(" %s\n", "--invert-regex"); |
1694 | printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); | 1704 | printf(" %s\n", _("Return CRITICAL if found, OK if not\n")); |
1695 | printf (" %s\n", "-E, --extended-perfdata"); | 1705 | |
1696 | printf (" %s\n", _("Print additional performance data")); | 1706 | printf(" %s\n", "-a, --authorization=AUTH_PAIR"); |
1697 | printf (" %s\n", "-B, --show-body"); | 1707 | printf(" %s\n", _("Username:password on sites with basic authentication")); |
1698 | printf (" %s\n", _("Print body content below status line")); | 1708 | printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); |
1699 | printf (" %s\n", "-L, --link"); | 1709 | printf(" %s\n", |
1700 | printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); | 1710 | _("Username:password on proxy-servers with basic authentication")); |
1701 | printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); | 1711 | printf(" %s\n", "-A, --useragent=STRING"); |
1702 | printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); | 1712 | printf(" %s\n", _("String to be sent in http header as \"User Agent\"")); |
1703 | printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); | 1713 | printf(" %s\n", "-k, --header=STRING"); |
1704 | printf (" %s\n", "--max-redirs=INTEGER"); | 1714 | printf(" %s\n", _("Any other tags to be sent in http header. Use multiple " |
1705 | printf (" %s", _("Maximal number of redirects (default: ")); | 1715 | "times for additional headers")); |
1706 | printf ("%d)\n", DEFAULT_MAX_REDIRS); | 1716 | printf(" %s\n", "-E, --extended-perfdata"); |
1707 | printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); | 1717 | printf(" %s\n", _("Print additional performance data")); |
1708 | printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); | 1718 | printf(" %s\n", "-B, --show-body"); |
1709 | printf (UT_WARN_CRIT); | 1719 | printf(" %s\n", _("Print body content below status line")); |
1710 | 1720 | printf(" %s\n", "-L, --link"); | |
1711 | printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); | 1721 | printf(" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); |
1712 | 1722 | printf(" %s\n", | |
1713 | printf (UT_VERBOSE); | 1723 | "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); |
1714 | 1724 | printf(" %s\n", _("How to handle redirected pages. sticky is like follow " | |
1715 | printf ("\n"); | 1725 | "but stick to the")); |
1716 | printf ("%s\n", _("Notes:")); | 1726 | printf( |
1717 | printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host.")); | 1727 | " %s\n", |
1718 | printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL")); | 1728 | _("specified IP address. stickyport also ensures port stays the same.")); |
1719 | printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response")); | 1729 | printf(" %s\n", "--max-redirs=INTEGER"); |
1720 | printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are")); | 1730 | printf(" %s", _("Maximal number of redirects (default: ")); |
1721 | printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN")); | 1731 | printf("%d)\n", DEFAULT_MAX_REDIRS); |
1722 | printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument.")); | 1732 | printf(" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); |
1733 | printf(" %s\n", _("Minimum page size required (bytes) : Maximum page size " | ||
1734 | "required (bytes)")); | ||
1735 | printf(UT_WARN_CRIT); | ||
1736 | |||
1737 | printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); | ||
1738 | |||
1739 | printf(UT_VERBOSE); | ||
1740 | |||
1741 | printf("\n"); | ||
1742 | printf("%s\n", _("Notes:")); | ||
1743 | printf( | ||
1744 | " %s\n", | ||
1745 | _("This plugin will attempt to open an HTTP connection with the host.")); | ||
1746 | printf(" %s\n", _("Successful connects return STATE_OK, refusals and " | ||
1747 | "timeouts return STATE_CRITICAL")); | ||
1748 | printf(" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, " | ||
1749 | "but incorrect response")); | ||
1750 | printf(" %s\n", _("messages from the host result in STATE_WARNING return " | ||
1751 | "values. If you are")); | ||
1752 | printf(" %s\n", _("checking a virtual server that uses 'host headers' you " | ||
1753 | "must supply the FQDN")); | ||
1754 | printf(" %s\n", | ||
1755 | _("(fully qualified domain name) as the [host_name] argument.")); | ||
1723 | 1756 | ||
1724 | #ifdef HAVE_SSL | 1757 | #ifdef HAVE_SSL |
1725 | printf ("\n"); | 1758 | printf("\n"); |
1726 | printf (" %s\n", _("This plugin can also check whether an SSL enabled web server is able to")); | 1759 | printf(" %s\n", _("This plugin can also check whether an SSL enabled web " |
1727 | printf (" %s\n", _("serve content (optionally within a specified time) or whether the X509 ")); | 1760 | "server is able to")); |
1728 | printf (" %s\n", _("certificate is still valid for the specified number of days.")); | 1761 | printf(" %s\n", _("serve content (optionally within a specified time) or " |
1729 | printf ("\n"); | 1762 | "whether the X509 ")); |
1730 | printf (" %s\n", _("Please note that this plugin does not check if the presented server")); | 1763 | printf(" %s\n", |
1731 | printf (" %s\n", _("certificate matches the hostname of the server, or if the certificate")); | 1764 | _("certificate is still valid for the specified number of days.")); |
1732 | printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs.")); | 1765 | printf("\n"); |
1733 | printf ("\n"); | 1766 | printf( |
1734 | printf ("%s\n", _("Examples:")); | 1767 | " %s\n", |
1735 | printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); | 1768 | _("Please note that this plugin does not check if the presented server")); |
1736 | printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,")); | 1769 | printf(" %s\n", _("certificate matches the hostname of the server, or if the " |
1737 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); | 1770 | "certificate")); |
1738 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); | 1771 | printf(" %s\n", |
1739 | printf (" %s\n", _("a STATE_CRITICAL will be returned.")); | 1772 | _("has a valid chain of trust to one of the locally installed CAs.")); |
1740 | printf ("\n"); | 1773 | printf("\n"); |
1741 | printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); | 1774 | printf("%s\n", _("Examples:")); |
1742 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); | 1775 | printf(" %s\n\n", |
1743 | printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); | 1776 | "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); |
1744 | printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); | 1777 | printf(" %s\n", _("When the 'www.verisign.com' server returns its content " |
1745 | printf (" %s\n\n", _("the certificate is expired.")); | 1778 | "within 5 seconds,")); |
1746 | printf ("\n"); | 1779 | printf(" %s\n", _("a STATE_OK will be returned. When the server returns its " |
1747 | printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); | 1780 | "content but exceeds")); |
1748 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); | 1781 | printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. " |
1749 | printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); | 1782 | "When an error occurs,")); |
1750 | printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); | 1783 | printf(" %s\n", _("a STATE_CRITICAL will be returned.")); |
1751 | printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); | 1784 | printf("\n"); |
1752 | 1785 | printf(" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); | |
1753 | printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); | 1786 | printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for " |
1754 | printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); | 1787 | "more than 14 days,")); |
1755 | printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); | 1788 | printf(" %s\n", _("a STATE_OK is returned. When the certificate is still " |
1756 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); | 1789 | "valid, but for less than")); |
1757 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); | 1790 | printf(" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL " |
1758 | printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used")); | 1791 | "will be returned when")); |
1759 | printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST")); | 1792 | printf(" %s\n\n", _("the certificate is expired.")); |
1793 | printf("\n"); | ||
1794 | printf(" %s\n\n", | ||
1795 | "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); | ||
1796 | printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for " | ||
1797 | "more than 30 days,")); | ||
1798 | printf(" %s\n", _("a STATE_OK is returned. When the certificate is still " | ||
1799 | "valid, but for less than")); | ||
1800 | printf(" %s\n", | ||
1801 | _("30 days, but more than 14 days, a STATE_WARNING is returned.")); | ||
1802 | printf(" %s\n", _("A STATE_CRITICAL will be returned when certificate " | ||
1803 | "expires in less than 14 days")); | ||
1804 | |||
1805 | printf(" %s\n\n", | ||
1806 | "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); | ||
1807 | printf(" %s\n", | ||
1808 | _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S " | ||
1809 | "-j CONNECT -H www.verisign.com ")); | ||
1810 | printf(" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> " | ||
1811 | "-u <check-url> -S(sl) -j CONNECT -H <webserver>")); | ||
1812 | printf(" %s\n", _("a STATE_OK will be returned. When the server returns its " | ||
1813 | "content but exceeds")); | ||
1814 | printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. " | ||
1815 | "When an error occurs,")); | ||
1816 | printf(" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to " | ||
1817 | "the method you can set the method used")); | ||
1818 | printf(" %s\n", _("inside the proxied connection: -j CONNECT:POST")); | ||
1760 | 1819 | ||
1761 | #endif | 1820 | #endif |
1762 | 1821 | ||
1763 | printf (UT_SUPPORT); | 1822 | printf(UT_SUPPORT); |
1764 | |||
1765 | } | 1823 | } |
1766 | 1824 | ||
1767 | 1825 | void print_usage(void) { | |
1768 | 1826 | printf("%s\n", _("Usage:")); | |
1769 | void | 1827 | printf(" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n", progname); |
1770 | print_usage (void) | 1828 | printf(" [-J <client certificate file>] [-K <private key>]\n"); |
1771 | { | 1829 | printf(" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] " |
1772 | printf ("%s\n", _("Usage:")); | 1830 | "[-E] [-a auth]\n"); |
1773 | printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname); | 1831 | printf(" [-b proxy_auth] [-f " |
1774 | printf (" [-J <client certificate file>] [-K <private key>]\n"); | 1832 | "<ok|warning|critcal|follow|sticky|stickyport>]\n"); |
1775 | printf (" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n"); | 1833 | printf(" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R " |
1776 | printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n"); | 1834 | "<case-insensitive regex>]\n"); |
1777 | printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); | 1835 | printf(" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M " |
1778 | printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); | 1836 | "<age>]\n"); |
1779 | printf (" [-A string] [-k string] [-S <version>] [--sni]\n"); | 1837 | printf(" [-A string] [-k string] [-S <version>] [--sni]\n"); |
1780 | printf (" [-T <content-type>] [-j method]\n"); | 1838 | printf(" [-T <content-type>] [-j method]\n"); |
1781 | printf (" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n",progname); | 1839 | printf(" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n", |
1782 | printf (" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n"); | 1840 | progname); |
1841 | printf(" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n"); | ||
1783 | } | 1842 | } |