diff options
author | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2025-03-04 11:02:33 +0100 |
---|---|---|
committer | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2025-03-04 11:02:33 +0100 |
commit | 554bf3e5256f5489aed0cd56f0c600bcb281a7f5 (patch) | |
tree | 7bfd651246005043e91be597ad82ca79ff3207e0 | |
parent | 06fa1036f9e7216aac27107cd7d4c4903fa61ab2 (diff) | |
download | monitoring-plugins-554bf3e5256f5489aed0cd56f0c600bcb281a7f5.tar.gz |
Refactor check_tcp and implement new output format
-rw-r--r-- | plugins/check_tcp.c | 742 | ||||
-rw-r--r-- | plugins/check_tcp.d/config.h | 78 |
2 files changed, 493 insertions, 327 deletions
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 49ad096c..f93152e5 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c | |||
@@ -3,7 +3,7 @@ | |||
3 | * Monitoring check_tcp plugin | 3 | * Monitoring check_tcp plugin |
4 | * | 4 | * |
5 | * License: GPL | 5 | * License: GPL |
6 | * Copyright (c) 1999-2024 Monitoring Plugins Development Team | 6 | * Copyright (c) 1999-2025 Monitoring Plugins Development Team |
7 | * | 7 | * |
8 | * Description: | 8 | * Description: |
9 | * | 9 | * |
@@ -28,75 +28,63 @@ | |||
28 | *****************************************************************************/ | 28 | *****************************************************************************/ |
29 | 29 | ||
30 | /* progname "check_tcp" changes depending on symlink called */ | 30 | /* progname "check_tcp" changes depending on symlink called */ |
31 | #include "states.h" | ||
31 | char *progname; | 32 | char *progname; |
32 | const char *copyright = "1999-2024"; | 33 | const char *copyright = "1999-2025"; |
33 | const char *email = "devel@monitoring-plugins.org"; | 34 | const char *email = "devel@monitoring-plugins.org"; |
34 | 35 | ||
35 | #include "common.h" | 36 | #include "./common.h" |
36 | #include "netutils.h" | 37 | #include "./netutils.h" |
37 | #include "utils.h" | 38 | #include "./utils.h" |
38 | #include "utils_tcp.h" | 39 | #include "./check_tcp.d/config.h" |
39 | 40 | ||
41 | #include <sys/types.h> | ||
40 | #include <ctype.h> | 42 | #include <ctype.h> |
41 | #include <sys/select.h> | 43 | #include <sys/select.h> |
42 | 44 | ||
45 | ssize_t my_recv(char *buf, size_t len) { | ||
43 | #ifdef HAVE_SSL | 46 | #ifdef HAVE_SSL |
44 | static bool check_cert = false; | 47 | return np_net_ssl_read(buf, (int)len); |
45 | static int days_till_exp_warn, days_till_exp_crit; | ||
46 | # define my_recv(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) | ||
47 | # define my_send(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) | ||
48 | #else | 48 | #else |
49 | # define my_recv(buf, len) read(sd, buf, len) | 49 | return read(socket_descriptor, buf, len); |
50 | # define my_send(buf, len) send(sd, buf, len, 0) | 50 | #endif // HAVE_SSL |
51 | #endif | 51 | } |
52 | |||
53 | ssize_t my_send(char *buf, size_t len) { | ||
54 | #ifdef HAVE_SSL | ||
55 | return np_net_ssl_write(buf, (int)len); | ||
56 | #else | ||
57 | return write(socket_descriptor, buf, len); | ||
58 | #endif // HAVE_SSL | ||
59 | } | ||
60 | |||
61 | typedef struct process_arguments_wrapper { | ||
62 | int errorcode; | ||
63 | check_tcp_config config; | ||
64 | } process_arguments_wrapper; | ||
52 | 65 | ||
53 | /* int my_recv(char *, size_t); */ | 66 | /* int my_recv(char *, size_t); */ |
54 | static int process_arguments(int /*argc*/, char ** /*argv*/); | 67 | static process_arguments_wrapper process_arguments(int /*argc*/, char ** /*argv*/, check_tcp_config /*config*/); |
55 | static void print_help(void); | 68 | void print_help(const char *service); |
56 | void print_usage(void); | 69 | void print_usage(void); |
57 | 70 | ||
58 | #define EXPECT server_expect[0] | 71 | int verbosity = 0; |
59 | static char *SERVICE = "TCP"; | ||
60 | static char *SEND = NULL; | ||
61 | static char *QUIT = NULL; | ||
62 | static int PROTOCOL = IPPROTO_TCP; /* most common is default */ | ||
63 | static int PORT = 0; | ||
64 | static int READ_TIMEOUT = 2; | ||
65 | |||
66 | static int server_port = 0; | ||
67 | static char *server_address = NULL; | ||
68 | static bool host_specified = false; | ||
69 | static char *server_send = NULL; | ||
70 | static char *server_quit = NULL; | ||
71 | static char **server_expect; | ||
72 | static size_t server_expect_count = 0; | ||
73 | static ssize_t maxbytes = 0; | ||
74 | static char **warn_codes = NULL; | ||
75 | static size_t warn_codes_count = 0; | ||
76 | static char **crit_codes = NULL; | ||
77 | static size_t crit_codes_count = 0; | ||
78 | static unsigned int delay = 0; | ||
79 | static double warning_time = 0; | ||
80 | static double critical_time = 0; | ||
81 | static double elapsed_time = 0; | ||
82 | static long microsec; | ||
83 | static int sd = 0; | ||
84 | #define MAXBUF 1024 | ||
85 | static char buffer[MAXBUF]; | ||
86 | static int expect_mismatch_state = STATE_WARNING; | ||
87 | static int match_flags = NP_MATCH_EXACT; | ||
88 | 72 | ||
89 | #ifdef HAVE_SSL | 73 | static const int READ_TIMEOUT = 2; |
90 | static char *sni = NULL; | ||
91 | static bool sni_specified = false; | ||
92 | #endif | ||
93 | 74 | ||
94 | #define FLAG_SSL 0x01 | 75 | const int MAXBUF = 1024; |
95 | #define FLAG_VERBOSE 0x02 | 76 | |
96 | #define FLAG_TIME_WARN 0x04 | 77 | const int DEFAULT_FTP_PORT = 21; |
97 | #define FLAG_TIME_CRIT 0x08 | 78 | const int DEFAULT_POP_PORT = 110; |
98 | #define FLAG_HIDE_OUTPUT 0x10 | 79 | const int DEFAULT_SPOP_PORT = 995; |
99 | static size_t flags; | 80 | const int DEFAULT_SMTP_PORT = 25; |
81 | const int DEFAULT_SSMTP_PORT = 465; | ||
82 | const int DEFAULT_IMAP_PORT = 143; | ||
83 | const int DEFAULT_SIMAP_PORT = 993; | ||
84 | const int DEFAULT_XMPP_C2S_PORT = 5222; | ||
85 | const int DEFAULT_NNTP_PORT = 119; | ||
86 | const int DEFAULT_NNTPS_PORT = 563; | ||
87 | const int DEFAULT_CLAMD_PORT = 3310; | ||
100 | 88 | ||
101 | int main(int argc, char **argv) { | 89 | int main(int argc, char **argv) { |
102 | setlocale(LC_ALL, ""); | 90 | setlocale(LC_ALL, ""); |
@@ -105,279 +93,371 @@ int main(int argc, char **argv) { | |||
105 | 93 | ||
106 | /* determine program- and service-name quickly */ | 94 | /* determine program- and service-name quickly */ |
107 | progname = strrchr(argv[0], '/'); | 95 | progname = strrchr(argv[0], '/'); |
108 | if (progname != NULL) | 96 | if (progname != NULL) { |
109 | progname++; | 97 | progname++; |
110 | else | 98 | } else { |
111 | progname = argv[0]; | 99 | progname = argv[0]; |
100 | } | ||
101 | |||
102 | // Initialize config here with values from above, | ||
103 | // might be changed by on disk config or cli commands | ||
104 | check_tcp_config config = check_tcp_config_init(); | ||
112 | 105 | ||
113 | size_t prog_name_len = strlen(progname); | 106 | size_t prog_name_len = strlen(progname); |
114 | if (prog_name_len > 6 && !memcmp(progname, "check_", 6)) { | 107 | const size_t prefix_length = strlen("check_"); |
115 | SERVICE = strdup(progname + 6); | 108 | |
116 | for (size_t i = 0; i < prog_name_len - 6; i++) | 109 | if (prog_name_len <= prefix_length) { |
117 | SERVICE[i] = toupper(SERVICE[i]); | 110 | die(STATE_UNKNOWN, _("Weird progname")); |
111 | } | ||
112 | |||
113 | if (!memcmp(progname, "check_", prefix_length)) { | ||
114 | config.service = strdup(progname + prefix_length); | ||
115 | if (config.service == NULL) { | ||
116 | die(STATE_UNKNOWN, _("Allocation failed")); | ||
117 | } | ||
118 | |||
119 | for (size_t i = 0; i < prog_name_len - prefix_length; i++) { | ||
120 | config.service[i] = toupper(config.service[i]); | ||
121 | } | ||
118 | } | 122 | } |
119 | 123 | ||
120 | /* set up a reasonable buffer at first (will be realloc()'ed if | 124 | /* set up a reasonable buffer at first (will be realloc()'ed if |
121 | * user specifies other options) */ | 125 | * user specifies other options) */ |
122 | server_expect = calloc(2, sizeof(char *)); | 126 | config.server_expect = calloc(2, sizeof(char *)); |
127 | |||
128 | if (config.server_expect == NULL) { | ||
129 | die(STATE_UNKNOWN, _("Allocation failed")); | ||
130 | } | ||
123 | 131 | ||
124 | /* determine defaults for this service's protocol */ | 132 | /* determine defaults for this service's protocol */ |
125 | if (!strncmp(SERVICE, "UDP", 3)) { | 133 | if (!strncmp(config.service, "UDP", strlen("UDP"))) { |
126 | PROTOCOL = IPPROTO_UDP; | 134 | config.protocol = IPPROTO_UDP; |
127 | } else if (!strncmp(SERVICE, "FTP", 3)) { | 135 | } else if (!strncmp(config.service, "FTP", strlen("FTP"))) { |
128 | EXPECT = "220"; | 136 | config.server_expect[0] = "220"; |
129 | QUIT = "QUIT\r\n"; | 137 | config.quit = "QUIT\r\n"; |
130 | PORT = 21; | 138 | config.server_port = DEFAULT_FTP_PORT; |
131 | } else if (!strncmp(SERVICE, "POP", 3) || !strncmp(SERVICE, "POP3", 4)) { | 139 | } else if (!strncmp(config.service, "POP", strlen("POP")) || !strncmp(config.service, "POP3", strlen("POP3"))) { |
132 | EXPECT = "+OK"; | 140 | config.server_expect[0] = "+OK"; |
133 | QUIT = "QUIT\r\n"; | 141 | config.quit = "QUIT\r\n"; |
134 | PORT = 110; | 142 | config.server_port = DEFAULT_POP_PORT; |
135 | } else if (!strncmp(SERVICE, "SMTP", 4)) { | 143 | } else if (!strncmp(config.service, "SMTP", strlen("SMTP"))) { |
136 | EXPECT = "220"; | 144 | config.server_expect[0] = "220"; |
137 | QUIT = "QUIT\r\n"; | 145 | config.quit = "QUIT\r\n"; |
138 | PORT = 25; | 146 | config.server_port = DEFAULT_SMTP_PORT; |
139 | } else if (!strncmp(SERVICE, "IMAP", 4)) { | 147 | } else if (!strncmp(config.service, "IMAP", strlen("IMAP"))) { |
140 | EXPECT = "* OK"; | 148 | config.server_expect[0] = "* OK"; |
141 | QUIT = "a1 LOGOUT\r\n"; | 149 | config.quit = "a1 LOGOUT\r\n"; |
142 | PORT = 143; | 150 | config.server_port = DEFAULT_IMAP_PORT; |
143 | } | 151 | } |
144 | #ifdef HAVE_SSL | 152 | #ifdef HAVE_SSL |
145 | else if (!strncmp(SERVICE, "SIMAP", 5)) { | 153 | else if (!strncmp(config.service, "SIMAP", strlen("SIMAP"))) { |
146 | EXPECT = "* OK"; | 154 | config.server_expect[0] = "* OK"; |
147 | QUIT = "a1 LOGOUT\r\n"; | 155 | config.quit = "a1 LOGOUT\r\n"; |
148 | flags |= FLAG_SSL; | 156 | config.use_tls = true; |
149 | PORT = 993; | 157 | config.server_port = DEFAULT_SIMAP_PORT; |
150 | } else if (!strncmp(SERVICE, "SPOP", 4)) { | 158 | } else if (!strncmp(config.service, "SPOP", strlen("SPOP"))) { |
151 | EXPECT = "+OK"; | 159 | config.server_expect[0] = "+OK"; |
152 | QUIT = "QUIT\r\n"; | 160 | config.quit = "QUIT\r\n"; |
153 | flags |= FLAG_SSL; | 161 | config.use_tls = true; |
154 | PORT = 995; | 162 | config.server_port = DEFAULT_SPOP_PORT; |
155 | } else if (!strncmp(SERVICE, "SSMTP", 5)) { | 163 | } else if (!strncmp(config.service, "SSMTP", strlen("SSMTP"))) { |
156 | EXPECT = "220"; | 164 | config.server_expect[0] = "220"; |
157 | QUIT = "QUIT\r\n"; | 165 | config.quit = "QUIT\r\n"; |
158 | flags |= FLAG_SSL; | 166 | config.use_tls = true; |
159 | PORT = 465; | 167 | config.server_port = DEFAULT_SSMTP_PORT; |
160 | } else if (!strncmp(SERVICE, "JABBER", 6)) { | 168 | } else if (!strncmp(config.service, "JABBER", strlen("JABBER"))) { |
161 | SEND = "<stream:stream to=\'host\' xmlns=\'jabber:client\' xmlns:stream=\'http://etherx.jabber.org/streams\'>\n"; | 169 | config.send = "<stream:stream to=\'host\' xmlns=\'jabber:client\' xmlns:stream=\'http://etherx.jabber.org/streams\'>\n"; |
162 | EXPECT = "<?xml version=\'1.0\'"; | 170 | config.server_expect[0] = "<?xml version=\'1.0\'"; |
163 | QUIT = "</stream:stream>\n"; | 171 | config.quit = "</stream:stream>\n"; |
164 | flags |= FLAG_HIDE_OUTPUT; | 172 | config.hide_output = true; |
165 | PORT = 5222; | 173 | config.server_port = DEFAULT_XMPP_C2S_PORT; |
166 | } else if (!strncmp(SERVICE, "NNTPS", 5)) { | 174 | } else if (!strncmp(config.service, "NNTPS", strlen("NNTPS"))) { |
167 | server_expect_count = 2; | 175 | config.server_expect_count = 2; |
168 | server_expect[0] = "200"; | 176 | config.server_expect[0] = "200"; |
169 | server_expect[1] = "201"; | 177 | config.server_expect[1] = "201"; |
170 | QUIT = "QUIT\r\n"; | 178 | config.quit = "QUIT\r\n"; |
171 | flags |= FLAG_SSL; | 179 | config.use_tls = true; |
172 | PORT = 563; | 180 | config.server_port = DEFAULT_NNTPS_PORT; |
173 | } | 181 | } |
174 | #endif | 182 | #endif |
175 | else if (!strncmp(SERVICE, "NNTP", 4)) { | 183 | else if (!strncmp(config.service, "NNTP", strlen("NNTP"))) { |
176 | server_expect_count = 2; | 184 | config.server_expect_count = 2; |
177 | server_expect = malloc(sizeof(char *) * server_expect_count); | 185 | char **tmp = realloc(config.server_expect, config.server_expect_count * sizeof(char *)); |
178 | server_expect[0] = strdup("200"); | 186 | if (tmp == NULL) { |
179 | server_expect[1] = strdup("201"); | 187 | free(config.server_expect); |
180 | QUIT = "QUIT\r\n"; | 188 | die(STATE_UNKNOWN, _("Allocation failed")); |
181 | PORT = 119; | 189 | } |
182 | } else if (!strncmp(SERVICE, "CLAMD", 5)) { | 190 | config.server_expect = tmp; |
183 | SEND = "PING"; | 191 | |
184 | EXPECT = "PONG"; | 192 | config.server_expect[0] = strdup("200"); |
185 | QUIT = NULL; | 193 | config.server_expect[1] = strdup("201"); |
186 | PORT = 3310; | 194 | config.quit = "QUIT\r\n"; |
195 | config.server_port = DEFAULT_NNTP_PORT; | ||
196 | } else if (!strncmp(config.service, "CLAMD", strlen("CLAMD"))) { | ||
197 | config.send = "PING"; | ||
198 | config.server_expect[0] = "PONG"; | ||
199 | config.quit = NULL; | ||
200 | config.server_port = DEFAULT_CLAMD_PORT; | ||
187 | } | 201 | } |
188 | /* fallthrough check, so it's supposed to use reverse matching */ | 202 | /* fallthrough check, so it's supposed to use reverse matching */ |
189 | else if (strcmp(SERVICE, "TCP")) | 203 | else if (strcmp(config.service, "TCP")) { |
190 | usage(_("CRITICAL - Generic check_tcp called with unknown service\n")); | 204 | usage(_("CRITICAL - Generic check_tcp called with unknown service\n")); |
191 | 205 | } | |
192 | server_address = "127.0.0.1"; | ||
193 | server_port = PORT; | ||
194 | server_send = SEND; | ||
195 | server_quit = QUIT; | ||
196 | char *status = NULL; | ||
197 | 206 | ||
198 | /* Parse extra opts if any */ | 207 | /* Parse extra opts if any */ |
199 | argv = np_extra_opts(&argc, argv, progname); | 208 | argv = np_extra_opts(&argc, argv, progname); |
200 | 209 | ||
201 | if (process_arguments(argc, argv) == ERROR) | 210 | process_arguments_wrapper paw = process_arguments(argc, argv, config); |
211 | if (paw.errorcode == ERROR) { | ||
202 | usage4(_("Could not parse arguments")); | 212 | usage4(_("Could not parse arguments")); |
213 | } | ||
214 | |||
215 | config = paw.config; | ||
203 | 216 | ||
204 | if (flags & FLAG_VERBOSE) { | 217 | if (verbosity > 0) { |
205 | printf("Using service %s\n", SERVICE); | 218 | printf("Using service %s\n", config.service); |
206 | printf("Port: %d\n", server_port); | 219 | printf("Port: %d\n", config.server_port); |
207 | printf("flags: 0x%x\n", (int)flags); | ||
208 | } | 220 | } |
209 | 221 | ||
210 | if (EXPECT && !server_expect_count) | 222 | if ((config.server_expect_count == 0) && config.server_expect[0]) { |
211 | server_expect_count++; | 223 | config.server_expect_count++; |
224 | } | ||
212 | 225 | ||
213 | if (PROTOCOL == IPPROTO_UDP && !(server_expect_count && server_send)) { | 226 | if (config.protocol == IPPROTO_UDP && !(config.server_expect_count && config.send)) { |
214 | usage(_("With UDP checks, a send/expect string must be specified.")); | 227 | usage(_("With UDP checks, a send/expect string must be specified.")); |
215 | } | 228 | } |
216 | 229 | ||
230 | // Initialize check stuff before setting timers | ||
231 | mp_check overall = mp_check_init(); | ||
232 | |||
217 | /* set up the timer */ | 233 | /* set up the timer */ |
218 | signal(SIGALRM, socket_timeout_alarm_handler); | 234 | signal(SIGALRM, socket_timeout_alarm_handler); |
219 | alarm(socket_timeout); | 235 | alarm(socket_timeout); |
220 | 236 | ||
221 | /* try to connect to the host at the given port number */ | 237 | /* try to connect to the host at the given port number */ |
222 | struct timeval tv; | 238 | struct timeval start_time; |
223 | gettimeofday(&tv, NULL); | 239 | gettimeofday(&start_time, NULL); |
224 | 240 | ||
225 | int result = STATE_UNKNOWN; | 241 | int socket_descriptor = 0; |
226 | result = np_net_connect(server_address, server_port, &sd, PROTOCOL); | 242 | mp_subcheck inital_connect_result = mp_subcheck_init(); |
227 | if (result == STATE_CRITICAL) | 243 | |
228 | return econn_refuse_state; | 244 | // Try initial connection |
245 | if (np_net_connect(config.server_address, config.server_port, &socket_descriptor, config.protocol) == STATE_CRITICAL) { | ||
246 | // Early exit here, we got connection refused | ||
247 | inital_connect_result = mp_set_subcheck_state(inital_connect_result, config.econn_refuse_state); | ||
248 | xasprintf(&inital_connect_result.output, "Connection to %s on port %i was REFUSED", config.server_address, config.server_port); | ||
249 | mp_add_subcheck_to_check(&overall, inital_connect_result); | ||
250 | mp_exit(overall); | ||
251 | } else { | ||
252 | inital_connect_result = mp_set_subcheck_state(inital_connect_result, STATE_OK); | ||
253 | xasprintf(&inital_connect_result.output, "Connection to %s on port %i was a SUCCESS", config.server_address, config.server_port); | ||
254 | mp_add_subcheck_to_check(&overall, inital_connect_result); | ||
255 | } | ||
229 | 256 | ||
230 | #ifdef HAVE_SSL | 257 | #ifdef HAVE_SSL |
231 | if (flags & FLAG_SSL) { | 258 | if (config.use_tls) { |
232 | result = np_net_ssl_init_with_hostname(sd, (sni_specified ? sni : NULL)); | 259 | mp_subcheck tls_connection_result = mp_subcheck_init(); |
233 | if (result == STATE_OK && check_cert) { | 260 | int result = np_net_ssl_init_with_hostname(socket_descriptor, (config.sni_specified ? config.sni : NULL)); |
234 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); | 261 | tls_connection_result = mp_set_subcheck_state(tls_connection_result, result); |
262 | |||
263 | if (result == STATE_OK) { | ||
264 | xasprintf(&tls_connection_result.output, "TLS connection succeded"); | ||
265 | |||
266 | if (config.check_cert) { | ||
267 | result = np_net_ssl_check_cert(config.days_till_exp_warn, config.days_till_exp_crit); | ||
268 | |||
269 | mp_subcheck tls_certificate_lifetime_result = mp_subcheck_init(); | ||
270 | tls_certificate_lifetime_result = mp_set_subcheck_state(tls_certificate_lifetime_result, result); | ||
271 | |||
272 | if (result == STATE_OK) { | ||
273 | xasprintf(&tls_certificate_lifetime_result.output, "Certificate lifetime is within thresholds"); | ||
274 | } else if (result == STATE_WARNING) { | ||
275 | xasprintf(&tls_certificate_lifetime_result.output, "Certificate lifetime is violating warning threshold (%i)", | ||
276 | config.days_till_exp_warn); | ||
277 | } else if (result == STATE_CRITICAL) { | ||
278 | xasprintf(&tls_certificate_lifetime_result.output, "Certificate lifetime is violating critical threshold (%i)", | ||
279 | config.days_till_exp_crit); | ||
280 | } else { | ||
281 | xasprintf(&tls_certificate_lifetime_result.output, "Certificate lifetime is somehow unknown"); | ||
282 | } | ||
283 | |||
284 | mp_add_subcheck_to_subcheck(&tls_connection_result, tls_certificate_lifetime_result); | ||
285 | } | ||
286 | |||
287 | mp_add_subcheck_to_check(&overall, tls_connection_result); | ||
288 | } else { | ||
289 | xasprintf(&tls_connection_result.output, "TLS connection failed"); | ||
290 | mp_add_subcheck_to_check(&overall, tls_connection_result); | ||
291 | |||
292 | if (socket_descriptor) { | ||
293 | close(socket_descriptor); | ||
294 | } | ||
295 | np_net_ssl_cleanup(); | ||
296 | |||
297 | mp_exit(overall); | ||
235 | } | 298 | } |
236 | } | 299 | } |
237 | if (result != STATE_OK) { | ||
238 | if (sd) | ||
239 | close(sd); | ||
240 | np_net_ssl_cleanup(); | ||
241 | return result; | ||
242 | } | ||
243 | #endif /* HAVE_SSL */ | 300 | #endif /* HAVE_SSL */ |
244 | 301 | ||
245 | if (server_send != NULL) { /* Something to send? */ | 302 | if (config.send != NULL) { /* Something to send? */ |
246 | my_send(server_send, strlen(server_send)); | 303 | my_send(config.send, strlen(config.send)); |
247 | } | 304 | } |
248 | 305 | ||
249 | if (delay > 0) { | 306 | if (config.delay > 0) { |
250 | tv.tv_sec += delay; | 307 | start_time.tv_sec += config.delay; |
251 | sleep(delay); | 308 | sleep(config.delay); |
252 | } | 309 | } |
253 | 310 | ||
254 | if (flags & FLAG_VERBOSE) { | 311 | if (verbosity > 0) { |
255 | if (server_send) { | 312 | if (config.send) { |
256 | printf("Send string: %s\n", server_send); | 313 | printf("Send string: %s\n", config.send); |
257 | } | 314 | } |
258 | if (server_quit) { | 315 | if (config.quit) { |
259 | printf("Quit string: %s\n", server_quit); | 316 | printf("Quit string: %s\n", config.quit); |
317 | } | ||
318 | printf("server_expect_count: %d\n", (int)config.server_expect_count); | ||
319 | for (size_t i = 0; i < config.server_expect_count; i++) { | ||
320 | printf("\t%zd: %s\n", i, config.server_expect[i]); | ||
260 | } | 321 | } |
261 | printf("server_expect_count: %d\n", (int)server_expect_count); | ||
262 | for (size_t i = 0; i < server_expect_count; i++) | ||
263 | printf("\t%zd: %s\n", i, server_expect[i]); | ||
264 | } | 322 | } |
265 | 323 | ||
266 | /* if(len) later on, we know we have a non-NULL response */ | 324 | /* if(len) later on, we know we have a non-NULL response */ |
267 | ssize_t len = 0; | 325 | ssize_t len = 0; |
268 | 326 | char *status = NULL; | |
269 | int match = -1; | 327 | int match = -1; |
270 | struct timeval timeout; | 328 | mp_subcheck expected_data_result = mp_subcheck_init(); |
271 | fd_set rfds; | 329 | |
272 | FD_ZERO(&rfds); | 330 | if (config.server_expect_count) { |
273 | if (server_expect_count) { | ||
274 | ssize_t received = 0; | 331 | ssize_t received = 0; |
332 | char buffer[MAXBUF]; | ||
275 | 333 | ||
276 | /* watch for the expect string */ | 334 | /* watch for the expect string */ |
277 | while ((received = my_recv(buffer, sizeof(buffer))) > 0) { | 335 | while ((received = my_recv(buffer, sizeof(buffer))) > 0) { |
278 | status = realloc(status, len + received + 1); | 336 | status = realloc(status, len + received + 1); |
337 | |||
338 | if (status == NULL) { | ||
339 | die(STATE_UNKNOWN, _("Allocation failed")); | ||
340 | } | ||
341 | |||
279 | memcpy(&status[len], buffer, received); | 342 | memcpy(&status[len], buffer, received); |
280 | len += received; | 343 | len += received; |
281 | status[len] = '\0'; | 344 | status[len] = '\0'; |
282 | 345 | ||
283 | /* stop reading if user-forced */ | 346 | /* stop reading if user-forced */ |
284 | if (maxbytes && len >= maxbytes) | 347 | if (config.maxbytes && len >= config.maxbytes) { |
285 | break; | 348 | break; |
349 | } | ||
286 | 350 | ||
287 | if ((match = np_expect_match(status, server_expect, server_expect_count, match_flags)) != NP_MATCH_RETRY) | 351 | if ((match = np_expect_match(status, config.server_expect, config.server_expect_count, config.match_flags)) != NP_MATCH_RETRY) { |
288 | break; | 352 | break; |
353 | } | ||
354 | |||
355 | fd_set rfds; | ||
356 | FD_ZERO(&rfds); | ||
357 | FD_SET(socket_descriptor, &rfds); | ||
289 | 358 | ||
290 | /* some protocols wait for further input, so make sure we don't wait forever */ | 359 | /* some protocols wait for further input, so make sure we don't wait forever */ |
291 | FD_SET(sd, &rfds); | 360 | struct timeval timeout; |
292 | timeout.tv_sec = READ_TIMEOUT; | 361 | timeout.tv_sec = READ_TIMEOUT; |
293 | timeout.tv_usec = 0; | 362 | timeout.tv_usec = 0; |
294 | if (select(sd + 1, &rfds, NULL, NULL, &timeout) <= 0) | 363 | |
364 | if (select(socket_descriptor + 1, &rfds, NULL, NULL, &timeout) <= 0) { | ||
295 | break; | 365 | break; |
366 | } | ||
296 | } | 367 | } |
297 | 368 | ||
298 | if (match == NP_MATCH_RETRY) | 369 | if (match == NP_MATCH_RETRY) { |
299 | match = NP_MATCH_FAILURE; | 370 | match = NP_MATCH_FAILURE; |
371 | } | ||
300 | 372 | ||
301 | /* no data when expected, so return critical */ | 373 | /* no data when expected, so return critical */ |
302 | if (len == 0) | 374 | if (len == 0) { |
303 | die(STATE_CRITICAL, _("No data received from host\n")); | 375 | xasprintf(&expected_data_result.output, "Received no data when some was expected"); |
376 | expected_data_result = mp_set_subcheck_state(expected_data_result, STATE_CRITICAL); | ||
377 | mp_add_subcheck_to_check(&overall, expected_data_result); | ||
378 | mp_exit(overall); | ||
379 | } | ||
304 | 380 | ||
305 | /* print raw output if we're debugging */ | 381 | /* print raw output if we're debugging */ |
306 | if (flags & FLAG_VERBOSE) | 382 | if (verbosity > 0) { |
307 | printf("received %d bytes from host\n#-raw-recv-------#\n%s\n#-raw-recv-------#\n", (int)len + 1, status); | 383 | printf("received %d bytes from host\n#-raw-recv-------#\n%s\n#-raw-recv-------#\n", (int)len + 1, status); |
384 | } | ||
308 | /* strip whitespace from end of output */ | 385 | /* strip whitespace from end of output */ |
309 | while (--len > 0 && isspace(status[len])) | 386 | while (--len > 0 && isspace(status[len])) { |
310 | status[len] = '\0'; | 387 | status[len] = '\0'; |
388 | } | ||
389 | } | ||
390 | |||
391 | if (config.quit != NULL) { | ||
392 | my_send(config.quit, strlen(config.quit)); | ||
311 | } | 393 | } |
312 | 394 | ||
313 | if (server_quit != NULL) { | 395 | if (socket_descriptor) { |
314 | my_send(server_quit, strlen(server_quit)); | 396 | close(socket_descriptor); |
315 | } | 397 | } |
316 | if (sd) | ||
317 | close(sd); | ||
318 | #ifdef HAVE_SSL | 398 | #ifdef HAVE_SSL |
319 | np_net_ssl_cleanup(); | 399 | np_net_ssl_cleanup(); |
320 | #endif | 400 | #endif |
321 | 401 | ||
322 | microsec = deltime(tv); | 402 | long microsec = deltime(start_time); |
323 | elapsed_time = (double)microsec / 1.0e6; | 403 | double elapsed_time = (double)microsec / 1.0e6; |
324 | 404 | ||
325 | if (flags & FLAG_TIME_CRIT && elapsed_time > critical_time) | 405 | mp_subcheck elapsed_time_result = mp_subcheck_init(); |
326 | result = STATE_CRITICAL; | ||
327 | else if (flags & FLAG_TIME_WARN && elapsed_time > warning_time) | ||
328 | result = STATE_WARNING; | ||
329 | 406 | ||
330 | /* did we get the response we hoped? */ | 407 | mp_perfdata time_pd = perfdata_init(); |
331 | if (match == NP_MATCH_FAILURE && result != STATE_CRITICAL) | 408 | time_pd = mp_set_pd_value(time_pd, elapsed_time); |
332 | result = expect_mismatch_state; | 409 | time_pd.label = "time"; |
410 | time_pd.uom = "s"; | ||
333 | 411 | ||
334 | /* reset the alarm */ | 412 | if (config.critical_time_set && elapsed_time > config.critical_time) { |
335 | alarm(0); | 413 | xasprintf(&elapsed_time_result.output, "Connection time %fs exceeded critical threshold (%f)", elapsed_time, config.critical_time); |
414 | |||
415 | elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_CRITICAL); | ||
416 | time_pd.crit_present = true; | ||
417 | mp_range crit_val = mp_range_init(); | ||
418 | |||
419 | crit_val.end = mp_create_pd_value(config.critical_time); | ||
420 | crit_val.end_infinity = false; | ||
421 | |||
422 | time_pd.crit = crit_val; | ||
423 | } else if (config.warning_time_set && elapsed_time > config.warning_time) { | ||
424 | xasprintf(&elapsed_time_result.output, "Connection time %fs exceeded warning threshold (%f)", elapsed_time, config.critical_time); | ||
336 | 425 | ||
337 | /* this is a bit stupid, because we don't want to print the | 426 | elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_WARNING); |
338 | * response time (which can look ok to the user) if we didn't get | 427 | time_pd.warn_present = true; |
339 | * the response we were looking for. if-else */ | 428 | mp_range warn_val = mp_range_init(); |
340 | printf("%s %s - ", SERVICE, state_text(result)); | 429 | warn_val.end = mp_create_pd_value(config.critical_time); |
341 | 430 | warn_val.end_infinity = false; | |
342 | if (match == NP_MATCH_FAILURE && len && !(flags & FLAG_HIDE_OUTPUT)) | 431 | |
343 | printf("Unexpected response from host/socket: %s", status); | 432 | time_pd.warn = warn_val; |
344 | else { | 433 | } else { |
345 | if (match == NP_MATCH_FAILURE) | 434 | elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_OK); |
346 | printf("Unexpected response from host/socket on "); | 435 | xasprintf(&elapsed_time_result.output, "Connection time %fs is within thresholds", elapsed_time); |
347 | else | ||
348 | printf("%.3f second response time on ", elapsed_time); | ||
349 | if (server_address[0] != '/') { | ||
350 | if (host_specified) | ||
351 | printf("%s port %d", server_address, server_port); | ||
352 | else | ||
353 | printf("port %d", server_port); | ||
354 | } else | ||
355 | printf("socket %s", server_address); | ||
356 | } | 436 | } |
357 | 437 | ||
358 | if (match != NP_MATCH_FAILURE && !(flags & FLAG_HIDE_OUTPUT) && len) | 438 | mp_add_perfdata_to_subcheck(&elapsed_time_result, time_pd); |
359 | printf(" [%s]", status); | 439 | mp_add_subcheck_to_check(&overall, elapsed_time_result); |
360 | 440 | ||
361 | /* perf-data doesn't apply when server doesn't talk properly, | 441 | /* did we get the response we hoped? */ |
362 | * so print all zeroes on warn and crit. Use fperfdata since | 442 | if (match == NP_MATCH_FAILURE) { |
363 | * localisation settings can make different outputs */ | 443 | expected_data_result = mp_set_subcheck_state(expected_data_result, config.expect_mismatch_state); |
364 | if (match == NP_MATCH_FAILURE) | 444 | xasprintf(&expected_data_result.output, "Answer failed to match expectation"); |
365 | printf("|%s", fperfdata("time", elapsed_time, "s", (flags & FLAG_TIME_WARN ? true : false), 0, | 445 | mp_add_subcheck_to_check(&overall, expected_data_result); |
366 | (flags & FLAG_TIME_CRIT ? true : false), 0, true, 0, true, socket_timeout)); | 446 | } |
367 | else | ||
368 | printf("|%s", fperfdata("time", elapsed_time, "s", (flags & FLAG_TIME_WARN ? true : false), warning_time, | ||
369 | (flags & FLAG_TIME_CRIT ? true : false), critical_time, true, 0, true, socket_timeout)); | ||
370 | 447 | ||
371 | putchar('\n'); | 448 | /* reset the alarm */ |
372 | return result; | 449 | alarm(0); |
450 | |||
451 | mp_exit(overall); | ||
373 | } | 452 | } |
374 | 453 | ||
375 | /* process command-line arguments */ | 454 | /* process command-line arguments */ |
376 | static int process_arguments(int argc, char **argv) { | 455 | static process_arguments_wrapper process_arguments(int argc, char **argv, check_tcp_config config) { |
377 | enum { | 456 | enum { |
378 | SNI_OPTION = CHAR_MAX + 1 | 457 | SNI_OPTION = CHAR_MAX + 1 |
379 | }; | 458 | }; |
380 | 459 | ||
460 | int option = 0; | ||
381 | static struct option longopts[] = {{"hostname", required_argument, 0, 'H'}, | 461 | static struct option longopts[] = {{"hostname", required_argument, 0, 'H'}, |
382 | {"critical", required_argument, 0, 'c'}, | 462 | {"critical", required_argument, 0, 'c'}, |
383 | {"warning", required_argument, 0, 'w'}, | 463 | {"warning", required_argument, 0, 'w'}, |
@@ -406,52 +486,44 @@ static int process_arguments(int argc, char **argv) { | |||
406 | {"certificate", required_argument, 0, 'D'}, | 486 | {"certificate", required_argument, 0, 'D'}, |
407 | {0, 0, 0, 0}}; | 487 | {0, 0, 0, 0}}; |
408 | 488 | ||
409 | if (argc < 2) | 489 | if (argc < 2) { |
410 | usage4(_("No arguments found")); | 490 | usage4(_("No arguments found")); |
411 | |||
412 | /* backwards compatibility */ | ||
413 | for (int i = 1; i < argc; i++) { | ||
414 | if (strcmp("-to", argv[i]) == 0) | ||
415 | strcpy(argv[i], "-t"); | ||
416 | else if (strcmp("-wt", argv[i]) == 0) | ||
417 | strcpy(argv[i], "-w"); | ||
418 | else if (strcmp("-ct", argv[i]) == 0) | ||
419 | strcpy(argv[i], "-c"); | ||
420 | } | 491 | } |
421 | 492 | ||
422 | if (!is_option(argv[1])) { | 493 | if (!is_option(argv[1])) { |
423 | server_address = argv[1]; | 494 | config.server_address = argv[1]; |
424 | argv[1] = argv[0]; | 495 | argv[1] = argv[0]; |
425 | argv = &argv[1]; | 496 | argv = &argv[1]; |
426 | argc--; | 497 | argc--; |
427 | } | 498 | } |
428 | 499 | ||
429 | int option_char; | 500 | int c; |
430 | bool escape = false; | 501 | bool escape = false; |
502 | |||
431 | while (true) { | 503 | while (true) { |
432 | int option = 0; | 504 | c = getopt_long(argc, argv, "+hVv46EAH:s:e:q:m:c:w:t:p:C:W:d:Sr:jD:M:", longopts, &option); |
433 | option_char = getopt_long(argc, argv, "+hVv46EAH:s:e:q:m:c:w:t:p:C:W:d:Sr:jD:M:", longopts, &option); | ||
434 | 505 | ||
435 | if (option_char == -1 || option_char == EOF || option_char == 1) | 506 | if (c == -1 || c == EOF || c == 1) { |
436 | break; | 507 | break; |
508 | } | ||
437 | 509 | ||
438 | switch (option_char) { | 510 | switch (c) { |
439 | case '?': /* print short usage statement if args not parsable */ | 511 | case '?': /* print short usage statement if args not parsable */ |
440 | usage5(); | 512 | usage5(); |
441 | case 'h': /* help */ | 513 | case 'h': /* help */ |
442 | print_help(); | 514 | print_help(config.service); |
443 | exit(STATE_UNKNOWN); | 515 | exit(STATE_UNKNOWN); |
444 | case 'V': /* version */ | 516 | case 'V': /* version */ |
445 | print_revision(progname, NP_VERSION); | 517 | print_revision(progname, NP_VERSION); |
446 | exit(STATE_UNKNOWN); | 518 | exit(STATE_UNKNOWN); |
447 | case 'v': /* verbose mode */ | 519 | case 'v': /* verbose mode */ |
448 | flags |= FLAG_VERBOSE; | 520 | verbosity++; |
449 | match_flags |= NP_MATCH_VERBOSE; | 521 | config.match_flags |= NP_MATCH_VERBOSE; |
450 | break; | 522 | break; |
451 | case '4': | 523 | case '4': // Apparently unused TODO |
452 | address_family = AF_INET; | 524 | address_family = AF_INET; |
453 | break; | 525 | break; |
454 | case '6': | 526 | case '6': // Apparently unused TODO |
455 | #ifdef USE_IPV6 | 527 | #ifdef USE_IPV6 |
456 | address_family = AF_INET6; | 528 | address_family = AF_INET6; |
457 | #else | 529 | #else |
@@ -459,163 +531,178 @@ static int process_arguments(int argc, char **argv) { | |||
459 | #endif | 531 | #endif |
460 | break; | 532 | break; |
461 | case 'H': /* hostname */ | 533 | case 'H': /* hostname */ |
462 | host_specified = true; | 534 | config.host_specified = true; |
463 | server_address = optarg; | 535 | config.server_address = optarg; |
464 | break; | 536 | break; |
465 | case 'c': /* critical */ | 537 | case 'c': /* critical */ |
466 | critical_time = strtod(optarg, NULL); | 538 | config.critical_time = strtod(optarg, NULL); |
467 | flags |= FLAG_TIME_CRIT; | 539 | config.critical_time_set = true; |
468 | break; | 540 | break; |
469 | case 'j': /* hide output */ | 541 | case 'j': /* hide output */ |
470 | flags |= FLAG_HIDE_OUTPUT; | 542 | config.hide_output = true; |
471 | break; | 543 | break; |
472 | case 'w': /* warning */ | 544 | case 'w': /* warning */ |
473 | warning_time = strtod(optarg, NULL); | 545 | config.warning_time = strtod(optarg, NULL); |
474 | flags |= FLAG_TIME_WARN; | 546 | config.warning_time_set = true; |
475 | break; | ||
476 | case 'C': | ||
477 | crit_codes = realloc(crit_codes, ++crit_codes_count); | ||
478 | crit_codes[crit_codes_count - 1] = optarg; | ||
479 | break; | ||
480 | case 'W': | ||
481 | warn_codes = realloc(warn_codes, ++warn_codes_count); | ||
482 | warn_codes[warn_codes_count - 1] = optarg; | ||
483 | break; | 547 | break; |
484 | case 't': /* timeout */ | 548 | case 't': /* timeout */ |
485 | if (!is_intpos(optarg)) | 549 | if (!is_intpos(optarg)) { |
486 | usage4(_("Timeout interval must be a positive integer")); | 550 | usage4(_("Timeout interval must be a positive integer")); |
487 | else | 551 | } else { |
488 | socket_timeout = atoi(optarg); | 552 | socket_timeout = atoi(optarg); |
553 | } | ||
489 | break; | 554 | break; |
490 | case 'p': /* port */ | 555 | case 'p': /* port */ |
491 | if (!is_intpos(optarg)) | 556 | if (!is_intpos(optarg)) { |
492 | usage4(_("Port must be a positive integer")); | 557 | usage4(_("Port must be a positive integer")); |
493 | else | 558 | } else { |
494 | server_port = atoi(optarg); | 559 | config.server_port = atoi(optarg); |
560 | } | ||
495 | break; | 561 | break; |
496 | case 'E': | 562 | case 'E': |
497 | escape = true; | 563 | escape = true; |
498 | break; | 564 | break; |
499 | case 's': | 565 | case 's': |
500 | if (escape) | 566 | if (escape) { |
501 | server_send = np_escaped_string(optarg); | 567 | config.send = np_escaped_string(optarg); |
502 | else | 568 | } else { |
503 | xasprintf(&server_send, "%s", optarg); | 569 | xasprintf(&config.send, "%s", optarg); |
570 | } | ||
504 | break; | 571 | break; |
505 | case 'e': /* expect string (may be repeated) */ | 572 | case 'e': /* expect string (may be repeated) */ |
506 | match_flags &= ~NP_MATCH_EXACT; | 573 | config.match_flags &= ~NP_MATCH_EXACT; |
507 | if (server_expect_count == 0) | 574 | if (config.server_expect_count == 0) { |
508 | server_expect = malloc(sizeof(char *) * (++server_expect_count)); | 575 | config.server_expect = malloc(sizeof(char *) * (++config.server_expect_count)); |
509 | else | 576 | } else { |
510 | server_expect = realloc(server_expect, sizeof(char *) * (++server_expect_count)); | 577 | config.server_expect = realloc(config.server_expect, sizeof(char *) * (++config.server_expect_count)); |
511 | server_expect[server_expect_count - 1] = optarg; | 578 | } |
579 | |||
580 | if (config.server_expect == NULL) { | ||
581 | die(STATE_UNKNOWN, _("Allocation failed")); | ||
582 | } | ||
583 | config.server_expect[config.server_expect_count - 1] = optarg; | ||
512 | break; | 584 | break; |
513 | case 'm': | 585 | case 'm': |
514 | if (!is_intpos(optarg)) | 586 | if (!is_intpos(optarg)) { |
515 | usage4(_("Maxbytes must be a positive integer")); | 587 | usage4(_("Maxbytes must be a positive integer")); |
516 | else | 588 | } else { |
517 | maxbytes = strtol(optarg, NULL, 0); | 589 | config.maxbytes = strtol(optarg, NULL, 0); |
590 | } | ||
518 | break; | 591 | break; |
519 | case 'q': | 592 | case 'q': |
520 | if (escape) | 593 | if (escape) { |
521 | server_quit = np_escaped_string(optarg); | 594 | config.quit = np_escaped_string(optarg); |
522 | else | 595 | } else { |
523 | xasprintf(&server_quit, "%s\r\n", optarg); | 596 | xasprintf(&config.quit, "%s\r\n", optarg); |
597 | } | ||
524 | break; | 598 | break; |
525 | case 'r': | 599 | case 'r': |
526 | if (!strncmp(optarg, "ok", 2)) | 600 | if (!strncmp(optarg, "ok", 2)) { |
527 | econn_refuse_state = STATE_OK; | 601 | config.econn_refuse_state = STATE_OK; |
528 | else if (!strncmp(optarg, "warn", 4)) | 602 | } else if (!strncmp(optarg, "warn", 4)) { |
529 | econn_refuse_state = STATE_WARNING; | 603 | config.econn_refuse_state = STATE_WARNING; |
530 | else if (!strncmp(optarg, "crit", 4)) | 604 | } else if (!strncmp(optarg, "crit", 4)) { |
531 | econn_refuse_state = STATE_CRITICAL; | 605 | config.econn_refuse_state = STATE_CRITICAL; |
532 | else | 606 | } else { |
533 | usage4(_("Refuse must be one of ok, warn, crit")); | 607 | usage4(_("Refuse must be one of ok, warn, crit")); |
608 | } | ||
534 | break; | 609 | break; |
535 | case 'M': | 610 | case 'M': |
536 | if (!strncmp(optarg, "ok", 2)) | 611 | if (!strncmp(optarg, "ok", 2)) { |
537 | expect_mismatch_state = STATE_OK; | 612 | config.expect_mismatch_state = STATE_OK; |
538 | else if (!strncmp(optarg, "warn", 4)) | 613 | } else if (!strncmp(optarg, "warn", 4)) { |
539 | expect_mismatch_state = STATE_WARNING; | 614 | config.expect_mismatch_state = STATE_WARNING; |
540 | else if (!strncmp(optarg, "crit", 4)) | 615 | } else if (!strncmp(optarg, "crit", 4)) { |
541 | expect_mismatch_state = STATE_CRITICAL; | 616 | config.expect_mismatch_state = STATE_CRITICAL; |
542 | else | 617 | } else { |
543 | usage4(_("Mismatch must be one of ok, warn, crit")); | 618 | usage4(_("Mismatch must be one of ok, warn, crit")); |
619 | } | ||
544 | break; | 620 | break; |
545 | case 'd': | 621 | case 'd': |
546 | if (is_intpos(optarg)) | 622 | if (is_intpos(optarg)) { |
547 | delay = atoi(optarg); | 623 | config.delay = atoi(optarg); |
548 | else | 624 | } else { |
549 | usage4(_("Delay must be a positive integer")); | 625 | usage4(_("Delay must be a positive integer")); |
626 | } | ||
550 | break; | 627 | break; |
551 | case 'D': { /* Check SSL cert validity - days 'til certificate expiration */ | 628 | case 'D': /* Check SSL cert validity - days 'til certificate expiration */ |
552 | #ifdef HAVE_SSL | 629 | #ifdef HAVE_SSL |
553 | # ifdef USE_OPENSSL /* XXX */ | 630 | # ifdef USE_OPENSSL /* XXX */ |
631 | { | ||
554 | char *temp; | 632 | char *temp; |
555 | if ((temp = strchr(optarg, ',')) != NULL) { | 633 | if ((temp = strchr(optarg, ',')) != NULL) { |
556 | *temp = '\0'; | 634 | *temp = '\0'; |
557 | if (!is_intnonneg(optarg)) | 635 | if (!is_intnonneg(optarg)) { |
558 | usage2(_("Invalid certificate expiration period"), optarg); | 636 | usage2(_("Invalid certificate expiration period"), optarg); |
559 | days_till_exp_warn = atoi(optarg); | 637 | } |
638 | config.days_till_exp_warn = atoi(optarg); | ||
560 | *temp = ','; | 639 | *temp = ','; |
561 | temp++; | 640 | temp++; |
562 | if (!is_intnonneg(temp)) | 641 | if (!is_intnonneg(temp)) { |
563 | usage2(_("Invalid certificate expiration period"), temp); | 642 | usage2(_("Invalid certificate expiration period"), temp); |
564 | days_till_exp_crit = atoi(temp); | 643 | } |
644 | config.days_till_exp_crit = atoi(temp); | ||
565 | } else { | 645 | } else { |
566 | days_till_exp_crit = 0; | 646 | config.days_till_exp_crit = 0; |
567 | if (!is_intnonneg(optarg)) | 647 | if (!is_intnonneg(optarg)) { |
568 | usage2(_("Invalid certificate expiration period"), optarg); | 648 | usage2(_("Invalid certificate expiration period"), optarg); |
569 | days_till_exp_warn = atoi(optarg); | 649 | } |
650 | config.days_till_exp_warn = atoi(optarg); | ||
570 | } | 651 | } |
571 | check_cert = true; | 652 | config.check_cert = true; |
572 | flags |= FLAG_SSL; | 653 | config.use_tls = true; |
573 | } break; | 654 | } break; |
574 | # endif /* USE_OPENSSL */ | 655 | # endif /* USE_OPENSSL */ |
575 | #endif | 656 | #endif |
576 | /* fallthrough if we don't have ssl */ | 657 | /* fallthrough if we don't have ssl */ |
577 | case 'S': | 658 | case 'S': |
578 | #ifdef HAVE_SSL | 659 | #ifdef HAVE_SSL |
579 | flags |= FLAG_SSL; | 660 | config.use_tls = true; |
580 | #else | 661 | #else |
581 | die(STATE_UNKNOWN, _("Invalid option - SSL is not available")); | 662 | die(STATE_UNKNOWN, _("Invalid option - SSL is not available")); |
582 | #endif | 663 | #endif |
583 | break; | 664 | break; |
584 | case SNI_OPTION: | 665 | case SNI_OPTION: |
585 | #ifdef HAVE_SSL | 666 | #ifdef HAVE_SSL |
586 | flags |= FLAG_SSL; | 667 | config.use_tls = true; |
587 | sni_specified = true; | 668 | config.sni_specified = true; |
588 | sni = optarg; | 669 | config.sni = optarg; |
589 | #else | 670 | #else |
590 | die(STATE_UNKNOWN, _("Invalid option - SSL is not available")); | 671 | die(STATE_UNKNOWN, _("Invalid option - SSL is not available")); |
591 | #endif | 672 | #endif |
592 | break; | 673 | break; |
593 | case 'A': | 674 | case 'A': |
594 | match_flags |= NP_MATCH_ALL; | 675 | config.match_flags |= NP_MATCH_ALL; |
595 | break; | 676 | break; |
596 | } | 677 | } |
597 | } | 678 | } |
598 | 679 | ||
599 | option_char = optind; | 680 | c = optind; |
600 | if (!host_specified && option_char < argc) | 681 | if (!config.host_specified && c < argc) { |
601 | server_address = strdup(argv[option_char++]); | 682 | config.server_address = strdup(argv[c++]); |
683 | } | ||
602 | 684 | ||
603 | if (server_address == NULL) | 685 | if (config.server_address == NULL) { |
604 | usage4(_("You must provide a server address")); | 686 | usage4(_("You must provide a server address")); |
605 | else if (server_address[0] != '/' && !is_host(server_address)) | 687 | } else if (config.server_address[0] != '/' && !is_host(config.server_address)) { |
606 | die(STATE_CRITICAL, "%s %s - %s: %s\n", SERVICE, state_text(STATE_CRITICAL), _("Invalid hostname, address or socket"), | 688 | die(STATE_CRITICAL, "%s %s - %s: %s\n", config.service, state_text(STATE_CRITICAL), _("Invalid hostname, address or socket"), |
607 | server_address); | 689 | config.server_address); |
690 | } | ||
608 | 691 | ||
609 | return OK; | 692 | process_arguments_wrapper result = { |
693 | .config = config, | ||
694 | .errorcode = OK, | ||
695 | }; | ||
696 | return result; | ||
610 | } | 697 | } |
611 | 698 | ||
612 | void print_help(void) { | 699 | void print_help(const char *service) { |
613 | print_revision(progname, NP_VERSION); | 700 | print_revision(progname, NP_VERSION); |
614 | 701 | ||
615 | printf("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); | 702 | printf("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); |
616 | printf(COPYRIGHT, copyright, email); | 703 | printf(COPYRIGHT, copyright, email); |
617 | 704 | ||
618 | printf(_("This plugin tests %s connections with the specified host (or unix socket).\n\n"), SERVICE); | 705 | printf(_("This plugin tests %s connections with the specified host (or unix socket).\n\n"), service); |
619 | 706 | ||
620 | print_usage(); | 707 | print_usage(); |
621 | 708 | ||
@@ -662,6 +749,7 @@ void print_help(void) { | |||
662 | 749 | ||
663 | printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); | 750 | printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); |
664 | 751 | ||
752 | printf(UT_OUTPUT_FORMAT); | ||
665 | printf(UT_VERBOSE); | 753 | printf(UT_VERBOSE); |
666 | 754 | ||
667 | printf(UT_SUPPORT); | 755 | printf(UT_SUPPORT); |
diff --git a/plugins/check_tcp.d/config.h b/plugins/check_tcp.d/config.h new file mode 100644 index 00000000..7ecf51a6 --- /dev/null +++ b/plugins/check_tcp.d/config.h | |||
@@ -0,0 +1,78 @@ | |||
1 | #pragma once | ||
2 | |||
3 | #include "../common.h" | ||
4 | #include "../../lib/utils_tcp.h" | ||
5 | #include <netinet/in.h> | ||
6 | |||
7 | typedef struct check_tcp_config { | ||
8 | char *server_address; | ||
9 | bool host_specified; | ||
10 | int server_port; // TODO can this be a uint16? | ||
11 | |||
12 | int protocol; /* most common is default */ | ||
13 | char *service; | ||
14 | char *send; | ||
15 | char *quit; | ||
16 | char **server_expect; | ||
17 | size_t server_expect_count; | ||
18 | #ifdef HAVE_SSL | ||
19 | bool use_tls; | ||
20 | char *sni; | ||
21 | bool sni_specified; | ||
22 | bool check_cert; | ||
23 | int days_till_exp_warn; | ||
24 | int days_till_exp_crit; | ||
25 | #endif // HAVE_SSL | ||
26 | int match_flags; | ||
27 | int expect_mismatch_state; | ||
28 | unsigned int delay; | ||
29 | |||
30 | bool warning_time_set; | ||
31 | double warning_time; | ||
32 | bool critical_time_set; | ||
33 | double critical_time; | ||
34 | |||
35 | int econn_refuse_state; | ||
36 | |||
37 | ssize_t maxbytes; | ||
38 | |||
39 | bool hide_output; | ||
40 | } check_tcp_config; | ||
41 | |||
42 | check_tcp_config check_tcp_config_init() { | ||
43 | check_tcp_config result = { | ||
44 | .server_address = "127.0.0.1", | ||
45 | .host_specified = false, | ||
46 | .server_port = 0, | ||
47 | |||
48 | .protocol = IPPROTO_TCP, | ||
49 | .service = "TCP", | ||
50 | .send = NULL, | ||
51 | .quit = NULL, | ||
52 | .server_expect = NULL, | ||
53 | .server_expect_count = 0, | ||
54 | #ifdef HAVE_SSL | ||
55 | .use_tls = false, | ||
56 | .sni = NULL, | ||
57 | .sni_specified = false, | ||
58 | .check_cert = false, | ||
59 | .days_till_exp_warn = 0, | ||
60 | .days_till_exp_crit = 0, | ||
61 | #endif // HAVE_SSL | ||
62 | .match_flags = NP_MATCH_EXACT, | ||
63 | .expect_mismatch_state = STATE_WARNING, | ||
64 | .delay = 0, | ||
65 | |||
66 | .warning_time_set = false, | ||
67 | .warning_time = 0, | ||
68 | .critical_time_set = false, | ||
69 | .critical_time = 0, | ||
70 | |||
71 | .econn_refuse_state = STATE_CRITICAL, | ||
72 | |||
73 | .maxbytes = 0, | ||
74 | |||
75 | .hide_output = false, | ||
76 | }; | ||
77 | return result; | ||
78 | } | ||