diff options
author | Lorenz <12514511+RincewindsHat@users.noreply.github.com> | 2022-07-03 13:38:10 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-03 13:38:10 +0200 |
commit | c3b596311131fad17421313b5c42ac3d5d082bef (patch) | |
tree | 9308ae928fbb93f8c90e72da89469be80ed82fc9 | |
parent | 14161f1823976445088e0bbb734aa3a984b13b22 (diff) | |
parent | d63bb62e5d47d02e9cfd7bcfc25ef5a700fbe6d2 (diff) | |
download | monitoring-plugins-c3b596311131fad17421313b5c42ac3d5d082bef.tar.gz |
Merge branch 'master' into check_swap-compiler_warnings
-rw-r--r--[-rwxr-xr-x] | plugins-scripts/check_disk_smb.pl | 10 | ||||
-rw-r--r-- | plugins/check_curl.c | 26 | ||||
-rw-r--r-- | plugins/check_http.c | 24 |
3 files changed, 49 insertions, 11 deletions
diff --git a/plugins-scripts/check_disk_smb.pl b/plugins-scripts/check_disk_smb.pl index ad71e6a2..15d16340 100755..100644 --- a/plugins-scripts/check_disk_smb.pl +++ b/plugins-scripts/check_disk_smb.pl | |||
@@ -22,7 +22,7 @@ require 5.004; | |||
22 | use POSIX qw(setsid); | 22 | use POSIX qw(setsid); |
23 | use strict; | 23 | use strict; |
24 | use Getopt::Long; | 24 | use Getopt::Long; |
25 | use vars qw($opt_P $opt_V $opt_h $opt_H $opt_s $opt_W $opt_u $opt_p $opt_w $opt_c $opt_a $opt_C $verbose); | 25 | use vars qw($opt_P $opt_V $opt_h $opt_H $opt_s $opt_W $opt_u $opt_p $opt_w $opt_c $opt_a $opt_C $opt_t $verbose); |
26 | use vars qw($PROGNAME); | 26 | use vars qw($PROGNAME); |
27 | use FindBin; | 27 | use FindBin; |
28 | use lib "$FindBin::Bin"; | 28 | use lib "$FindBin::Bin"; |
@@ -43,6 +43,7 @@ $ENV{'ENV'}=''; | |||
43 | Getopt::Long::Configure('bundling'); | 43 | Getopt::Long::Configure('bundling'); |
44 | GetOptions | 44 | GetOptions |
45 | ("v" => \$verbose, "verbose" => \$verbose, | 45 | ("v" => \$verbose, "verbose" => \$verbose, |
46 | "t=i" => \$opt_t, "timeout=i" => \$opt_t, | ||
46 | "P=s" => \$opt_P, "port=s" => \$opt_P, | 47 | "P=s" => \$opt_P, "port=s" => \$opt_P, |
47 | "V" => \$opt_V, "version" => \$opt_V, | 48 | "V" => \$opt_V, "version" => \$opt_V, |
48 | "h" => \$opt_h, "help" => \$opt_h, | 49 | "h" => \$opt_h, "help" => \$opt_h, |
@@ -96,6 +97,8 @@ my $crit = $1 if ($opt_c =~ /^([0-9]{1,2}\%?|100\%?|[0-9]+[kMG])$/); | |||
96 | my $configfile = $opt_C if ($opt_C); | 97 | my $configfile = $opt_C if ($opt_C); |
97 | usage("Unable to read config file $configfile\n") if ($configfile) && (! -r $configfile); | 98 | usage("Unable to read config file $configfile\n") if ($configfile) && (! -r $configfile); |
98 | 99 | ||
100 | if ($opt_t && $opt_t =~ /^([0-9]+)$/) { $TIMEOUT = $1; } | ||
101 | |||
99 | # Execute the given command line and return anything it writes to STDOUT and/or | 102 | # Execute the given command line and return anything it writes to STDOUT and/or |
100 | # STDERR. (This might be useful for other plugins, too, so it should possibly | 103 | # STDERR. (This might be useful for other plugins, too, so it should possibly |
101 | # be moved to utils.pm.) | 104 | # be moved to utils.pm.) |
@@ -298,7 +301,8 @@ exit $ERRORS{$state}; | |||
298 | 301 | ||
299 | sub print_usage () { | 302 | sub print_usage () { |
300 | print "Usage: $PROGNAME -H <host> -s <share> -u <user> -p <password> | 303 | print "Usage: $PROGNAME -H <host> -s <share> -u <user> -p <password> |
301 | -w <warn> -c <crit> [-W <workgroup>] [-P <port>] [-a <IP>] [-C <configfile>]\n"; | 304 | -w <warn> -c <crit> [-W <workgroup>] [-P <port>] [-a <IP>] [-t timeout] |
305 | [-C <configfile>]\n"; | ||
302 | } | 306 | } |
303 | 307 | ||
304 | sub print_help () { | 308 | sub print_help () { |
@@ -326,6 +330,8 @@ Perl Check SMB Disk plugin for monitoring | |||
326 | Percent of used space at which a warning will be generated (Default: 85%) | 330 | Percent of used space at which a warning will be generated (Default: 85%) |
327 | -c, --critical=INTEGER or INTEGER[kMG] | 331 | -c, --critical=INTEGER or INTEGER[kMG] |
328 | Percent of used space at which a critical will be generated (Defaults: 95%) | 332 | Percent of used space at which a critical will be generated (Defaults: 95%) |
333 | -t, --timeout=INTEGER | ||
334 | Seconds before connection times out (Default: 15) | ||
329 | -P, --port=INTEGER | 335 | -P, --port=INTEGER |
330 | Port to be used to connect to. Some Windows boxes use 139, others 445 (Defaults to smbclient default) | 336 | Port to be used to connect to. Some Windows boxes use 139, others 445 (Defaults to smbclient default) |
331 | -C, --configfile=STRING | 337 | -C, --configfile=STRING |
diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 7da84de4..a69854a8 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c | |||
@@ -193,6 +193,7 @@ int followsticky = STICKY_NONE; | |||
193 | int use_ssl = FALSE; | 193 | int use_ssl = FALSE; |
194 | int use_sni = TRUE; | 194 | int use_sni = TRUE; |
195 | int check_cert = FALSE; | 195 | int check_cert = FALSE; |
196 | int continue_after_check_cert = FALSE; | ||
196 | typedef union { | 197 | typedef union { |
197 | struct curl_slist* to_info; | 198 | struct curl_slist* to_info; |
198 | struct curl_certinfo* to_certinfo; | 199 | struct curl_certinfo* to_certinfo; |
@@ -754,7 +755,9 @@ check_http (void) | |||
754 | * and we actually have OpenSSL in the monitoring tools | 755 | * and we actually have OpenSSL in the monitoring tools |
755 | */ | 756 | */ |
756 | result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); | 757 | result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); |
757 | return result; | 758 | if (continue_after_check_cert == FALSE) { |
759 | return result; | ||
760 | } | ||
758 | #else /* USE_OPENSSL */ | 761 | #else /* USE_OPENSSL */ |
759 | die (STATE_CRITICAL, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL callback used and not linked against OpenSSL\n"); | 762 | die (STATE_CRITICAL, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL callback used and not linked against OpenSSL\n"); |
760 | #endif /* USE_OPENSSL */ | 763 | #endif /* USE_OPENSSL */ |
@@ -794,13 +797,17 @@ GOT_FIRST_CERT: | |||
794 | } | 797 | } |
795 | BIO_free (cert_BIO); | 798 | BIO_free (cert_BIO); |
796 | result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); | 799 | result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); |
797 | return result; | 800 | if (continue_after_check_cert == FALSE) { |
801 | return result; | ||
802 | } | ||
798 | #else /* USE_OPENSSL */ | 803 | #else /* USE_OPENSSL */ |
799 | /* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our disposal, | 804 | /* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our disposal, |
800 | * so we use the libcurl CURLINFO data | 805 | * so we use the libcurl CURLINFO data |
801 | */ | 806 | */ |
802 | result = net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn, days_till_exp_crit); | 807 | result = net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn, days_till_exp_crit); |
803 | return result; | 808 | if (continue_after_check_cert == FALSE) { |
809 | return result; | ||
810 | } | ||
804 | #endif /* USE_OPENSSL */ | 811 | #endif /* USE_OPENSSL */ |
805 | } else { | 812 | } else { |
806 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot retrieve certificates - cURL returned %d - %s"), | 813 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot retrieve certificates - cURL returned %d - %s"), |
@@ -1211,6 +1218,7 @@ process_arguments (int argc, char **argv) | |||
1211 | INVERT_REGEX = CHAR_MAX + 1, | 1218 | INVERT_REGEX = CHAR_MAX + 1, |
1212 | SNI_OPTION, | 1219 | SNI_OPTION, |
1213 | MAX_REDIRS_OPTION, | 1220 | MAX_REDIRS_OPTION, |
1221 | CONTINUE_AFTER_CHECK_CERT, | ||
1214 | CA_CERT_OPTION, | 1222 | CA_CERT_OPTION, |
1215 | HTTP_VERSION_OPTION, | 1223 | HTTP_VERSION_OPTION, |
1216 | AUTOMATIC_DECOMPRESSION | 1224 | AUTOMATIC_DECOMPRESSION |
@@ -1244,6 +1252,7 @@ process_arguments (int argc, char **argv) | |||
1244 | {"private-key", required_argument, 0, 'K'}, | 1252 | {"private-key", required_argument, 0, 'K'}, |
1245 | {"ca-cert", required_argument, 0, CA_CERT_OPTION}, | 1253 | {"ca-cert", required_argument, 0, CA_CERT_OPTION}, |
1246 | {"verify-cert", no_argument, 0, 'D'}, | 1254 | {"verify-cert", no_argument, 0, 'D'}, |
1255 | {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, | ||
1247 | {"useragent", required_argument, 0, 'A'}, | 1256 | {"useragent", required_argument, 0, 'A'}, |
1248 | {"header", required_argument, 0, 'k'}, | 1257 | {"header", required_argument, 0, 'k'}, |
1249 | {"no-body", no_argument, 0, 'N'}, | 1258 | {"no-body", no_argument, 0, 'N'}, |
@@ -1403,6 +1412,11 @@ process_arguments (int argc, char **argv) | |||
1403 | check_cert = TRUE; | 1412 | check_cert = TRUE; |
1404 | goto enable_ssl; | 1413 | goto enable_ssl; |
1405 | #endif | 1414 | #endif |
1415 | case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ | ||
1416 | #ifdef HAVE_SSL | ||
1417 | continue_after_check_cert = TRUE; | ||
1418 | break; | ||
1419 | #endif | ||
1406 | case 'J': /* use client certificate */ | 1420 | case 'J': /* use client certificate */ |
1407 | #ifdef LIBCURL_FEATURE_SSL | 1421 | #ifdef LIBCURL_FEATURE_SSL |
1408 | test_file(optarg); | 1422 | test_file(optarg); |
@@ -1800,7 +1814,11 @@ print_help (void) | |||
1800 | #endif | 1814 | #endif |
1801 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); | 1815 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); |
1802 | printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); | 1816 | printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); |
1803 | printf (" %s\n", _("(when this option is used the URL is not checked.)")); | 1817 | printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); |
1818 | printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); | ||
1819 | printf (" %s\n", "--continue-after-certificate"); | ||
1820 | printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); | ||
1821 | printf (" %s\n", _("Does nothing unless -C is used.")); | ||
1804 | printf (" %s\n", "-J, --client-cert=FILE"); | 1822 | printf (" %s\n", "-J, --client-cert=FILE"); |
1805 | printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); | 1823 | printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); |
1806 | printf (" %s\n", _("to be used in establishing the SSL session")); | 1824 | printf (" %s\n", _("to be used in establishing the SSL session")); |
diff --git a/plugins/check_http.c b/plugins/check_http.c index df2a79c2..f8ec853b 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
@@ -58,6 +58,7 @@ enum { | |||
58 | 58 | ||
59 | #ifdef HAVE_SSL | 59 | #ifdef HAVE_SSL |
60 | int check_cert = FALSE; | 60 | int check_cert = FALSE; |
61 | int continue_after_check_cert = FALSE; | ||
61 | int ssl_version = 0; | 62 | int ssl_version = 0; |
62 | int days_till_exp_warn, days_till_exp_crit; | 63 | int days_till_exp_warn, days_till_exp_crit; |
63 | char *randbuff; | 64 | char *randbuff; |
@@ -205,7 +206,8 @@ process_arguments (int argc, char **argv) | |||
205 | enum { | 206 | enum { |
206 | INVERT_REGEX = CHAR_MAX + 1, | 207 | INVERT_REGEX = CHAR_MAX + 1, |
207 | SNI_OPTION, | 208 | SNI_OPTION, |
208 | MAX_REDIRS_OPTION | 209 | MAX_REDIRS_OPTION, |
210 | CONTINUE_AFTER_CHECK_CERT | ||
209 | }; | 211 | }; |
210 | 212 | ||
211 | int option = 0; | 213 | int option = 0; |
@@ -233,6 +235,7 @@ process_arguments (int argc, char **argv) | |||
233 | {"certificate", required_argument, 0, 'C'}, | 235 | {"certificate", required_argument, 0, 'C'}, |
234 | {"client-cert", required_argument, 0, 'J'}, | 236 | {"client-cert", required_argument, 0, 'J'}, |
235 | {"private-key", required_argument, 0, 'K'}, | 237 | {"private-key", required_argument, 0, 'K'}, |
238 | {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, | ||
236 | {"useragent", required_argument, 0, 'A'}, | 239 | {"useragent", required_argument, 0, 'A'}, |
237 | {"header", required_argument, 0, 'k'}, | 240 | {"header", required_argument, 0, 'k'}, |
238 | {"no-body", no_argument, 0, 'N'}, | 241 | {"no-body", no_argument, 0, 'N'}, |
@@ -332,6 +335,11 @@ process_arguments (int argc, char **argv) | |||
332 | check_cert = TRUE; | 335 | check_cert = TRUE; |
333 | goto enable_ssl; | 336 | goto enable_ssl; |
334 | #endif | 337 | #endif |
338 | case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ | ||
339 | #ifdef HAVE_SSL | ||
340 | continue_after_check_cert = TRUE; | ||
341 | break; | ||
342 | #endif | ||
335 | case 'J': /* use client certificate */ | 343 | case 'J': /* use client certificate */ |
336 | #ifdef HAVE_SSL | 344 | #ifdef HAVE_SSL |
337 | test_file(optarg); | 345 | test_file(optarg); |
@@ -981,9 +989,11 @@ check_http (void) | |||
981 | elapsed_time_ssl = (double)microsec_ssl / 1.0e6; | 989 | elapsed_time_ssl = (double)microsec_ssl / 1.0e6; |
982 | if (check_cert == TRUE) { | 990 | if (check_cert == TRUE) { |
983 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); | 991 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); |
984 | if (sd) close(sd); | 992 | if (continue_after_check_cert == FALSE) { |
985 | np_net_ssl_cleanup(); | 993 | if (sd) close(sd); |
986 | return result; | 994 | np_net_ssl_cleanup(); |
995 | return result; | ||
996 | } | ||
987 | } | 997 | } |
988 | } | 998 | } |
989 | #endif /* HAVE_SSL */ | 999 | #endif /* HAVE_SSL */ |
@@ -1608,7 +1618,11 @@ print_help (void) | |||
1608 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); | 1618 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); |
1609 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); | 1619 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); |
1610 | printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); | 1620 | printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); |
1611 | printf (" %s\n", _("(when this option is used the URL is not checked.)")); | 1621 | printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); |
1622 | printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); | ||
1623 | printf (" %s\n", "--continue-after-certificate"); | ||
1624 | printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); | ||
1625 | printf (" %s\n", _("Does nothing unless -C is used.")); | ||
1612 | printf (" %s\n", "-J, --client-cert=FILE"); | 1626 | printf (" %s\n", "-J, --client-cert=FILE"); |
1613 | printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); | 1627 | printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); |
1614 | printf (" %s\n", _("to be used in establishing the SSL session")); | 1628 | printf (" %s\n", _("to be used in establishing the SSL session")); |