summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndreas Baumann <mail@andreasbaumann.cc>2017-04-28 08:57:11 +0200
committerAndreas Baumann <mail@andreasbaumann.cc>2017-04-28 08:57:11 +0200
commitf433931fa0fda9a8fce06a6e30d6a87dfd4be682 (patch)
tree48b82bc57155bd9931aa9dc15f1af68f4a3c5db7
parent067ef4269d209066f2fc71510c9ed952ceb26a1e (diff)
downloadmonitoring-plugins-f433931.tar.gz
using CURLOPT_RESOLVE to make sure -I is the IP we connect to
-rw-r--r--plugins/check_curl.c22
1 files changed, 18 insertions, 4 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index de105fbe..1aee5ebe 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -112,6 +112,8 @@ int invert_regex = 0;
112char *server_address; 112char *server_address;
113char *host_name; 113char *host_name;
114char *server_url = DEFAULT_SERVER_URL; 114char *server_url = DEFAULT_SERVER_URL;
115char server_ip[DEFAULT_BUFFER_SIZE];
116struct curl_slist *server_ips = NULL;
115unsigned short server_port = HTTP_PORT; 117unsigned short server_port = HTTP_PORT;
116int virtual_port = 0; 118int virtual_port = 0;
117int host_name_length; 119int host_name_length;
@@ -326,11 +328,22 @@ check_http (void)
326 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, socket_timeout), "CURLOPT_CONNECTTIMEOUT"); 328 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, socket_timeout), "CURLOPT_CONNECTTIMEOUT");
327 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_TIMEOUT, socket_timeout), "CURLOPT_TIMEOUT"); 329 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_TIMEOUT, socket_timeout), "CURLOPT_TIMEOUT");
328 330
329 /* compose URL */ 331 /* compose URL: must be the host_name, only if not given take the IP address. */
330 snprintf (url, DEFAULT_BUFFER_SIZE, "%s://%s%s", use_ssl ? "https" : "http", 332 snprintf (url, DEFAULT_BUFFER_SIZE, "%s://%s%s", use_ssl ? "https" : "http",
331 server_address ? server_address : host_name, server_url); 333 host_name ? host_name : server_address, server_url);
332 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_URL, url), "CURLOPT_URL"); 334 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_URL, url), "CURLOPT_URL");
333 335
336 /* cURL does certificate checking with this host_name (and not the virtual host?
337 * So we force CURLOPT_RESOLVE to make sure the resolver pickes the right IP
338 * for this hostname. */
339#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 21, 3)
340 if (host_name && strcmp (host_name, server_address)) {
341 snprintf (server_ip, DEFAULT_BUFFER_SIZE, "%s:%d:%s", host_name, server_port, server_address);
342 server_ips = curl_slist_append (server_ips, server_ip);
343 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_RESOLVE, server_ips), "CURLOPT_RESOLVE");
344 }
345#endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 21, 3) */
346
334 /* set port */ 347 /* set port */
335 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_PORT, server_port), "CURLOPT_PORT"); 348 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_PORT, server_port), "CURLOPT_PORT");
336 349
@@ -519,8 +532,9 @@ check_http (void)
519 if (verbose>=2 && http_post_data) 532 if (verbose>=2 && http_post_data)
520 printf ("**** REQUEST CONTENT ****\n%s\n", http_post_data); 533 printf ("**** REQUEST CONTENT ****\n%s\n", http_post_data);
521 534
522 /* free header list, we don't need it anymore */ 535 /* free header and server IP resolve lists, we don't need it anymore */
523 curl_slist_free_all(header_list); 536 curl_slist_free_all (header_list);
537 curl_slist_free_all (server_ips);
524 538
525 /* Curl errors, result in critical Nagios state */ 539 /* Curl errors, result in critical Nagios state */
526 if (res != CURLE_OK) { 540 if (res != CURLE_OK) {