diff options
| author | Sven Nierlein <sven@consol.de> | 2024-07-29 18:53:32 (GMT) |
|---|---|---|
| committer | Sven Nierlein <sven@nierlein.org> | 2024-07-30 15:13:03 (GMT) |
| commit | acbfbf3de614f03ea5f9d3942558f1661fc202a4 (patch) | |
| tree | c19efcc783679d7f6b3b5686d2111052f3882128 /plugins/check_curl.c | |
| parent | 4ab154d5c3640d7f2cc3180d2f05ac688be7a11b (diff) | |
| download | monitoring-plugins-acbfbf3de614f03ea5f9d3942558f1661fc202a4.tar.gz | |
check_curl: fix relative redirects on non-standard port
Having a webserver respond with a relative redirect as for ex. in `Location: /path/to.html`
check_curl would use the wrong standard http/https port instead
of crafting the absolute url using the given scheme/hostname and port.
Adding a new test case for this for check_http and check_curl. check_http did
it correct already, so no fix necessary there.
before:
%>./check_curl -H 127.0.0.1 -p 50493 -f follow -u /redirect_rel -s redirected -vvv
**** HEADER ****
HTTP/1.1 302 Found
...
Location: /redirect2
...
* Seen redirect location /redirect2
** scheme: (null)
** host: (null)
** port: (null)
** path: /redirect2
Redirection to http://127.0.0.1:80/redirect2
fixed:
%>./check_curl -H 127.0.0.1 -p 50493 -f follow -u /redirect_rel -s redirected -vvv
**** HEADER ****
HTTP/1.1 302 Found
...
Location: /redirect2
...
* Seen redirect location /redirect2
** scheme: (null)
** host: (null)
** port: (null)
** path: /redirect2
Redirection to http://127.0.0.1:50493/redirect2
Signed-off-by: Sven Nierlein <sven@nierlein.de>
Diffstat (limited to 'plugins/check_curl.c')
| -rw-r--r-- | plugins/check_curl.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c index c54be5e..01e2770 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c | |||
| @@ -1285,10 +1285,12 @@ redir (curlhelp_write_curlbuf* header_buf) | |||
| 1285 | } | 1285 | } |
| 1286 | } | 1286 | } |
| 1287 | 1287 | ||
| 1288 | if (!uri_strcmp (uri.scheme, "https")) | 1288 | if (uri.scheme.first) { |
| 1289 | use_ssl = true; | 1289 | if (!uri_strcmp (uri.scheme, "https")) |
| 1290 | else | 1290 | use_ssl = true; |
| 1291 | use_ssl = false; | 1291 | else |
| 1292 | use_ssl = false; | ||
| 1293 | } | ||
| 1292 | 1294 | ||
| 1293 | /* we do a sloppy test here only, because uriparser would have failed | 1295 | /* we do a sloppy test here only, because uriparser would have failed |
| 1294 | * above, if the port would be invalid, we just check for MAX_PORT | 1296 | * above, if the port would be invalid, we just check for MAX_PORT |
| @@ -1306,10 +1308,13 @@ redir (curlhelp_write_curlbuf* header_buf) | |||
| 1306 | MAX_PORT, location, display_html ? "</A>" : ""); | 1308 | MAX_PORT, location, display_html ? "</A>" : ""); |
| 1307 | 1309 | ||
| 1308 | /* by RFC 7231 relative URLs in Location should be taken relative to | 1310 | /* by RFC 7231 relative URLs in Location should be taken relative to |
| 1309 | * the original URL, so wy try to form a new absolute URL here | 1311 | * the original URL, so we try to form a new absolute URL here |
| 1310 | */ | 1312 | */ |
| 1311 | if (!uri.scheme.first && !uri.hostText.first) { | 1313 | if (!uri.scheme.first && !uri.hostText.first) { |
| 1312 | new_host = strdup (host_name ? host_name : server_address); | 1314 | new_host = strdup (host_name ? host_name : server_address); |
| 1315 | new_port = server_port; | ||
| 1316 | if(use_ssl) | ||
| 1317 | uri_string (uri.scheme, "https", DEFAULT_BUFFER_SIZE); | ||
| 1313 | } else { | 1318 | } else { |
| 1314 | new_host = strdup (uri_string (uri.hostText, buf, DEFAULT_BUFFER_SIZE)); | 1319 | new_host = strdup (uri_string (uri.hostText, buf, DEFAULT_BUFFER_SIZE)); |
| 1315 | } | 1320 | } |