diff options
author | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2023-09-17 23:15:59 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-09-17 23:15:59 +0200 |
commit | d3e07d2b5734149c1314cb98b48dd1adebd62686 (patch) | |
tree | a924b49927ae1925a7e0893d31e0c9c6abd3228e /plugins/check_curl.c | |
parent | 495c4c9adfa482303b31cdac7d28adda82d2d2ed (diff) | |
parent | 2ddc75e69db5a3dd379c896d8420c9af20ec1cee (diff) | |
download | monitoring-plugins-d3e07d2b5734149c1314cb98b48dd1adebd62686.tar.gz |
Merge branch 'master' into dev/check_ssh-patches
Diffstat (limited to 'plugins/check_curl.c')
-rw-r--r-- | plugins/check_curl.c | 267 |
1 files changed, 191 insertions, 76 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c index c51914a9..d0871c48 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c | |||
@@ -244,7 +244,7 @@ void curlhelp_freewritebuffer (curlhelp_write_curlbuf*); | |||
244 | int curlhelp_initreadbuffer (curlhelp_read_curlbuf *, const char *, size_t); | 244 | int curlhelp_initreadbuffer (curlhelp_read_curlbuf *, const char *, size_t); |
245 | int curlhelp_buffer_read_callback (void *, size_t , size_t , void *); | 245 | int curlhelp_buffer_read_callback (void *, size_t , size_t , void *); |
246 | void curlhelp_freereadbuffer (curlhelp_read_curlbuf *); | 246 | void curlhelp_freereadbuffer (curlhelp_read_curlbuf *); |
247 | curlhelp_ssl_library curlhelp_get_ssl_library (CURL*); | 247 | curlhelp_ssl_library curlhelp_get_ssl_library (); |
248 | const char* curlhelp_get_ssl_library_string (curlhelp_ssl_library); | 248 | const char* curlhelp_get_ssl_library_string (curlhelp_ssl_library); |
249 | int net_noopenssl_check_certificate (cert_ptr_union*, int, int); | 249 | int net_noopenssl_check_certificate (cert_ptr_union*, int, int); |
250 | 250 | ||
@@ -297,6 +297,7 @@ main (int argc, char **argv) | |||
297 | 297 | ||
298 | int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) | 298 | int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) |
299 | { | 299 | { |
300 | (void) preverify_ok; | ||
300 | /* TODO: we get all certificates of the chain, so which ones | 301 | /* TODO: we get all certificates of the chain, so which ones |
301 | * should we test? | 302 | * should we test? |
302 | * TODO: is the last certificate always the server certificate? | 303 | * TODO: is the last certificate always the server certificate? |
@@ -321,6 +322,8 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) | |||
321 | 322 | ||
322 | CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) | 323 | CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) |
323 | { | 324 | { |
325 | (void) curl; // ignore unused parameter | ||
326 | (void) parm; // ignore unused parameter | ||
324 | SSL_CTX_set_verify(sslctx, SSL_VERIFY_PEER, verify_callback); | 327 | SSL_CTX_set_verify(sslctx, SSL_VERIFY_PEER, verify_callback); |
325 | 328 | ||
326 | return CURLE_OK; | 329 | return CURLE_OK; |
@@ -375,8 +378,12 @@ void | |||
375 | handle_curl_option_return_code (CURLcode res, const char* option) | 378 | handle_curl_option_return_code (CURLcode res, const char* option) |
376 | { | 379 | { |
377 | if (res != CURLE_OK) { | 380 | if (res != CURLE_OK) { |
378 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("Error while setting cURL option '%s': cURL returned %d - %s"), | 381 | snprintf (msg, |
379 | option, res, curl_easy_strerror(res)); | 382 | DEFAULT_BUFFER_SIZE, |
383 | _("Error while setting cURL option '%s': cURL returned %d - %s"), | ||
384 | option, | ||
385 | res, | ||
386 | curl_easy_strerror(res)); | ||
380 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | 387 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); |
381 | } | 388 | } |
382 | } | 389 | } |
@@ -516,9 +523,13 @@ check_http (void) | |||
516 | // fill dns resolve cache to make curl connect to the given server_address instead of the host_name, only required for ssl, because we use the host_name later on to make SNI happy | 523 | // fill dns resolve cache to make curl connect to the given server_address instead of the host_name, only required for ssl, because we use the host_name later on to make SNI happy |
517 | if(use_ssl && host_name != NULL) { | 524 | if(use_ssl && host_name != NULL) { |
518 | if ( (res=lookup_host (server_address, addrstr, DEFAULT_BUFFER_SIZE/2)) != 0) { | 525 | if ( (res=lookup_host (server_address, addrstr, DEFAULT_BUFFER_SIZE/2)) != 0) { |
519 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("Unable to lookup IP address for '%s': getaddrinfo returned %d - %s"), | 526 | snprintf (msg, |
520 | server_address, res, gai_strerror (res)); | 527 | DEFAULT_BUFFER_SIZE, |
521 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | 528 | _("Unable to lookup IP address for '%s': getaddrinfo returned %d - %s"), |
529 | server_address, | ||
530 | res, | ||
531 | gai_strerror (res)); | ||
532 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | ||
522 | } | 533 | } |
523 | snprintf (dnscache, DEFAULT_BUFFER_SIZE, "%s:%d:%s", host_name, server_port, addrstr); | 534 | snprintf (dnscache, DEFAULT_BUFFER_SIZE, "%s:%d:%s", host_name, server_port, addrstr); |
524 | host = curl_slist_append(NULL, dnscache); | 535 | host = curl_slist_append(NULL, dnscache); |
@@ -618,7 +629,7 @@ check_http (void) | |||
618 | 629 | ||
619 | #ifdef LIBCURL_FEATURE_SSL | 630 | #ifdef LIBCURL_FEATURE_SSL |
620 | 631 | ||
621 | /* set SSL version, warn about unsecure or unsupported versions */ | 632 | /* set SSL version, warn about insecure or unsupported versions */ |
622 | if (use_ssl) { | 633 | if (use_ssl) { |
623 | handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_SSLVERSION, ssl_version), "CURLOPT_SSLVERSION"); | 634 | handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_SSLVERSION, ssl_version), "CURLOPT_SSLVERSION"); |
624 | } | 635 | } |
@@ -646,7 +657,7 @@ check_http (void) | |||
646 | } | 657 | } |
647 | 658 | ||
648 | /* detect SSL library used by libcurl */ | 659 | /* detect SSL library used by libcurl */ |
649 | ssl_library = curlhelp_get_ssl_library (curl); | 660 | ssl_library = curlhelp_get_ssl_library (); |
650 | 661 | ||
651 | /* try hard to get a stack of certificates to verify against */ | 662 | /* try hard to get a stack of certificates to verify against */ |
652 | if (check_cert) { | 663 | if (check_cert) { |
@@ -816,9 +827,13 @@ check_http (void) | |||
816 | 827 | ||
817 | /* Curl errors, result in critical Nagios state */ | 828 | /* Curl errors, result in critical Nagios state */ |
818 | if (res != CURLE_OK) { | 829 | if (res != CURLE_OK) { |
819 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host on port %d: cURL returned %d - %s"), | 830 | snprintf (msg, |
820 | server_port, res, errbuf[0] ? errbuf : curl_easy_strerror(res)); | 831 | DEFAULT_BUFFER_SIZE, |
821 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | 832 | _("Invalid HTTP response received from host on port %d: cURL returned %d - %s"), |
833 | server_port, | ||
834 | res, | ||
835 | errbuf[0] ? errbuf : curl_easy_strerror(res)); | ||
836 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | ||
822 | } | 837 | } |
823 | 838 | ||
824 | /* certificate checks */ | 839 | /* certificate checks */ |
@@ -861,15 +876,19 @@ check_http (void) | |||
861 | } | 876 | } |
862 | GOT_FIRST_CERT: | 877 | GOT_FIRST_CERT: |
863 | if (!raw_cert) { | 878 | if (!raw_cert) { |
864 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot retrieve certificates from CERTINFO information - certificate data was empty")); | 879 | snprintf (msg, |
865 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | 880 | DEFAULT_BUFFER_SIZE, |
881 | _("Cannot retrieve certificates from CERTINFO information - certificate data was empty")); | ||
882 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | ||
866 | } | 883 | } |
867 | BIO* cert_BIO = BIO_new (BIO_s_mem()); | 884 | BIO* cert_BIO = BIO_new (BIO_s_mem()); |
868 | BIO_write (cert_BIO, raw_cert, strlen(raw_cert)); | 885 | BIO_write (cert_BIO, raw_cert, strlen(raw_cert)); |
869 | cert = PEM_read_bio_X509 (cert_BIO, NULL, NULL, NULL); | 886 | cert = PEM_read_bio_X509 (cert_BIO, NULL, NULL, NULL); |
870 | if (!cert) { | 887 | if (!cert) { |
871 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot read certificate from CERTINFO information - BIO error")); | 888 | snprintf (msg, |
872 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | 889 | DEFAULT_BUFFER_SIZE, |
890 | _("Cannot read certificate from CERTINFO information - BIO error")); | ||
891 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | ||
873 | } | 892 | } |
874 | BIO_free (cert_BIO); | 893 | BIO_free (cert_BIO); |
875 | result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); | 894 | result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); |
@@ -886,9 +905,12 @@ GOT_FIRST_CERT: | |||
886 | } | 905 | } |
887 | #endif /* USE_OPENSSL */ | 906 | #endif /* USE_OPENSSL */ |
888 | } else { | 907 | } else { |
889 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot retrieve certificates - cURL returned %d - %s"), | 908 | snprintf (msg, |
890 | res, curl_easy_strerror(res)); | 909 | DEFAULT_BUFFER_SIZE, |
891 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | 910 | _("Cannot retrieve certificates - cURL returned %d - %s"), |
911 | res, | ||
912 | curl_easy_strerror(res)); | ||
913 | die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); | ||
892 | } | 914 | } |
893 | } | 915 | } |
894 | } | 916 | } |
@@ -927,8 +949,11 @@ GOT_FIRST_CERT: | |||
927 | 949 | ||
928 | /* get status line of answer, check sanity of HTTP code */ | 950 | /* get status line of answer, check sanity of HTTP code */ |
929 | if (curlhelp_parse_statusline (header_buf.buf, &status_line) < 0) { | 951 | if (curlhelp_parse_statusline (header_buf.buf, &status_line) < 0) { |
930 | snprintf (msg, DEFAULT_BUFFER_SIZE, "Unparsable status line in %.3g seconds response time|%s\n", | 952 | snprintf (msg, |
931 | total_time, perfstring); | 953 | DEFAULT_BUFFER_SIZE, |
954 | "Unparsable status line in %.3g seconds response time|%s\n", | ||
955 | total_time, | ||
956 | perfstring); | ||
932 | /* we cannot know the major/minor version here for sure as we cannot parse the first line */ | 957 | /* we cannot know the major/minor version here for sure as we cannot parse the first line */ |
933 | die (STATE_CRITICAL, "HTTP CRITICAL HTTP/x.x %ld unknown - %s", code, msg); | 958 | die (STATE_CRITICAL, "HTTP CRITICAL HTTP/x.x %ld unknown - %s", code, msg); |
934 | } | 959 | } |
@@ -948,9 +973,16 @@ GOT_FIRST_CERT: | |||
948 | /* make sure the status line matches the response we are looking for */ | 973 | /* make sure the status line matches the response we are looking for */ |
949 | if (!expected_statuscode(status_line.first_line, server_expect)) { | 974 | if (!expected_statuscode(status_line.first_line, server_expect)) { |
950 | if (server_port == HTTP_PORT) | 975 | if (server_port == HTTP_PORT) |
951 | snprintf(msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host: %s\n"), status_line.first_line); | 976 | snprintf(msg, |
977 | DEFAULT_BUFFER_SIZE, | ||
978 | _("Invalid HTTP response received from host: %s\n"), | ||
979 | status_line.first_line); | ||
952 | else | 980 | else |
953 | snprintf(msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host on port %d: %s\n"), server_port, status_line.first_line); | 981 | snprintf(msg, |
982 | DEFAULT_BUFFER_SIZE, | ||
983 | _("Invalid HTTP response received from host on port %d: %s\n"), | ||
984 | server_port, | ||
985 | status_line.first_line); | ||
954 | die (STATE_CRITICAL, "HTTP CRITICAL - %s%s%s", msg, | 986 | die (STATE_CRITICAL, "HTTP CRITICAL - %s%s%s", msg, |
955 | show_body ? "\n" : "", | 987 | show_body ? "\n" : "", |
956 | show_body ? body_buf.buf : ""); | 988 | show_body ? body_buf.buf : ""); |
@@ -986,7 +1018,7 @@ GOT_FIRST_CERT: | |||
986 | } | 1018 | } |
987 | } else { | 1019 | } else { |
988 | /* this is a specific code in the command line to | 1020 | /* this is a specific code in the command line to |
989 | * be returned when a redirection is encoutered | 1021 | * be returned when a redirection is encountered |
990 | */ | 1022 | */ |
991 | } | 1023 | } |
992 | result = max_state_alt (onredirect, result); | 1024 | result = max_state_alt (onredirect, result); |
@@ -1023,23 +1055,55 @@ GOT_FIRST_CERT: | |||
1023 | 1055 | ||
1024 | if (strlen (header_expect)) { | 1056 | if (strlen (header_expect)) { |
1025 | if (!strstr (header_buf.buf, header_expect)) { | 1057 | if (!strstr (header_buf.buf, header_expect)) { |
1058 | |||
1026 | strncpy(&output_header_search[0],header_expect,sizeof(output_header_search)); | 1059 | strncpy(&output_header_search[0],header_expect,sizeof(output_header_search)); |
1060 | |||
1027 | if(output_header_search[sizeof(output_header_search)-1]!='\0') { | 1061 | if(output_header_search[sizeof(output_header_search)-1]!='\0') { |
1028 | bcopy("...",&output_header_search[sizeof(output_header_search)-4],4); | 1062 | bcopy("...",&output_header_search[sizeof(output_header_search)-4],4); |
1029 | } | 1063 | } |
1030 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); | 1064 | |
1031 | result = STATE_CRITICAL; | 1065 | char tmp[DEFAULT_BUFFER_SIZE]; |
1066 | |||
1067 | snprintf (tmp, | ||
1068 | DEFAULT_BUFFER_SIZE, | ||
1069 | _("%sheader '%s' not found on '%s://%s:%d%s', "), | ||
1070 | msg, | ||
1071 | output_header_search, | ||
1072 | use_ssl ? "https" : "http", | ||
1073 | host_name ? host_name : server_address, | ||
1074 | server_port, | ||
1075 | server_url); | ||
1076 | |||
1077 | strcpy(msg, tmp); | ||
1078 | |||
1079 | result = STATE_CRITICAL; | ||
1032 | } | 1080 | } |
1033 | } | 1081 | } |
1034 | 1082 | ||
1035 | if (strlen (string_expect)) { | 1083 | if (strlen (string_expect)) { |
1036 | if (!strstr (body_buf.buf, string_expect)) { | 1084 | if (!strstr (body_buf.buf, string_expect)) { |
1085 | |||
1037 | strncpy(&output_string_search[0],string_expect,sizeof(output_string_search)); | 1086 | strncpy(&output_string_search[0],string_expect,sizeof(output_string_search)); |
1087 | |||
1038 | if(output_string_search[sizeof(output_string_search)-1]!='\0') { | 1088 | if(output_string_search[sizeof(output_string_search)-1]!='\0') { |
1039 | bcopy("...",&output_string_search[sizeof(output_string_search)-4],4); | 1089 | bcopy("...",&output_string_search[sizeof(output_string_search)-4],4); |
1040 | } | 1090 | } |
1041 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); | 1091 | |
1042 | result = STATE_CRITICAL; | 1092 | char tmp[DEFAULT_BUFFER_SIZE]; |
1093 | |||
1094 | snprintf (tmp, | ||
1095 | DEFAULT_BUFFER_SIZE, | ||
1096 | _("%sstring '%s' not found on '%s://%s:%d%s', "), | ||
1097 | msg, | ||
1098 | output_string_search, | ||
1099 | use_ssl ? "https" : "http", | ||
1100 | host_name ? host_name : server_address, | ||
1101 | server_port, | ||
1102 | server_url); | ||
1103 | |||
1104 | strcpy(msg, tmp); | ||
1105 | |||
1106 | result = STATE_CRITICAL; | ||
1043 | } | 1107 | } |
1044 | } | 1108 | } |
1045 | 1109 | ||
@@ -1050,27 +1114,48 @@ GOT_FIRST_CERT: | |||
1050 | result = max_state_alt(STATE_OK, result); | 1114 | result = max_state_alt(STATE_OK, result); |
1051 | } | 1115 | } |
1052 | else if ((errcode == REG_NOMATCH && !invert_regex) || (errcode == 0 && invert_regex)) { | 1116 | else if ((errcode == REG_NOMATCH && !invert_regex) || (errcode == 0 && invert_regex)) { |
1053 | if (!invert_regex) | 1117 | if (!invert_regex) { |
1054 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spattern not found, "), msg); | 1118 | char tmp[DEFAULT_BUFFER_SIZE]; |
1055 | else | 1119 | |
1056 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spattern found, "), msg); | 1120 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spattern not found, "), msg); |
1057 | result = STATE_CRITICAL; | 1121 | strcpy(msg, tmp); |
1058 | } | 1122 | |
1059 | else { | 1123 | } else { |
1060 | regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); | 1124 | char tmp[DEFAULT_BUFFER_SIZE]; |
1061 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sExecute Error: %s, "), msg, errbuf); | 1125 | |
1062 | result = STATE_UNKNOWN; | 1126 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spattern found, "), msg); |
1063 | } | 1127 | strcpy(msg, tmp); |
1128 | |||
1129 | } | ||
1130 | result = STATE_CRITICAL; | ||
1131 | } else { | ||
1132 | regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); | ||
1133 | |||
1134 | char tmp[DEFAULT_BUFFER_SIZE]; | ||
1135 | |||
1136 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sExecute Error: %s, "), msg, errbuf); | ||
1137 | strcpy(msg, tmp); | ||
1138 | result = STATE_UNKNOWN; | ||
1139 | } | ||
1064 | } | 1140 | } |
1065 | 1141 | ||
1066 | /* make sure the page is of an appropriate size */ | 1142 | /* make sure the page is of an appropriate size */ |
1067 | if ((max_page_len > 0) && (page_len > max_page_len)) { | 1143 | if ((max_page_len > 0) && (page_len > max_page_len)) { |
1068 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spage size %d too large, "), msg, page_len); | 1144 | char tmp[DEFAULT_BUFFER_SIZE]; |
1069 | result = max_state_alt(STATE_WARNING, result); | 1145 | |
1070 | } else if ((min_page_len > 0) && (page_len < min_page_len)) { | 1146 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spage size %d too large, "), msg, page_len); |
1071 | snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spage size %d too small, "), msg, page_len); | 1147 | |
1072 | result = max_state_alt(STATE_WARNING, result); | 1148 | strcpy(msg, tmp); |
1073 | } | 1149 | |
1150 | result = max_state_alt(STATE_WARNING, result); | ||
1151 | |||
1152 | } else if ((min_page_len > 0) && (page_len < min_page_len)) { | ||
1153 | char tmp[DEFAULT_BUFFER_SIZE]; | ||
1154 | |||
1155 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spage size %d too small, "), msg, page_len); | ||
1156 | strcpy(msg, tmp); | ||
1157 | result = max_state_alt(STATE_WARNING, result); | ||
1158 | } | ||
1074 | 1159 | ||
1075 | /* -w, -c: check warning and critical level */ | 1160 | /* -w, -c: check warning and critical level */ |
1076 | result = max_state_alt(get_status(total_time, thlds), result); | 1161 | result = max_state_alt(get_status(total_time, thlds), result); |
@@ -1654,6 +1739,7 @@ process_arguments (int argc, char **argv) | |||
1654 | break; | 1739 | break; |
1655 | case 'R': /* regex */ | 1740 | case 'R': /* regex */ |
1656 | cflags |= REG_ICASE; | 1741 | cflags |= REG_ICASE; |
1742 | // fall through | ||
1657 | case 'r': /* regex */ | 1743 | case 'r': /* regex */ |
1658 | strncpy (regexp, optarg, MAX_RE_SIZE - 1); | 1744 | strncpy (regexp, optarg, MAX_RE_SIZE - 1); |
1659 | regexp[MAX_RE_SIZE - 1] = 0; | 1745 | regexp[MAX_RE_SIZE - 1] = 0; |
@@ -2051,7 +2137,7 @@ print_usage (void) | |||
2051 | printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname); | 2137 | printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname); |
2052 | printf (" [-J <client certificate file>] [-K <private key>] [--ca-cert <CA certificate file>] [-D]\n"); | 2138 | printf (" [-J <client certificate file>] [-K <private key>] [--ca-cert <CA certificate file>] [-D]\n"); |
2053 | printf (" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n"); | 2139 | printf (" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n"); |
2054 | printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport|curl>]\n"); | 2140 | printf (" [-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport|curl>]\n"); |
2055 | printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); | 2141 | printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); |
2056 | printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); | 2142 | printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); |
2057 | printf (" [-A string] [-k string] [-S <version>] [--sni]\n"); | 2143 | printf (" [-A string] [-k string] [-S <version>] [--sni]\n"); |
@@ -2217,11 +2303,10 @@ curlhelp_parse_statusline (const char *buf, curlhelp_statusline *status_line) | |||
2217 | if( strchr( p, '.' ) != NULL ) { | 2303 | if( strchr( p, '.' ) != NULL ) { |
2218 | 2304 | ||
2219 | /* HTTP 1.x case */ | 2305 | /* HTTP 1.x case */ |
2220 | char *ppp; | 2306 | strtok( p, "." ); |
2221 | ppp = strtok( p, "." ); | ||
2222 | status_line->http_major = (int)strtol( p, &pp, 10 ); | 2307 | status_line->http_major = (int)strtol( p, &pp, 10 ); |
2223 | if( *pp != '\0' ) { free( first_line_buf ); return -1; } | 2308 | if( *pp != '\0' ) { free( first_line_buf ); return -1; } |
2224 | ppp = strtok( NULL, " " ); | 2309 | strtok( NULL, " " ); |
2225 | status_line->http_minor = (int)strtol( p, &pp, 10 ); | 2310 | status_line->http_minor = (int)strtol( p, &pp, 10 ); |
2226 | if( *pp != '\0' ) { free( first_line_buf ); return -1; } | 2311 | if( *pp != '\0' ) { free( first_line_buf ); return -1; } |
2227 | p += 4; /* 1.x SP */ | 2312 | p += 4; /* 1.x SP */ |
@@ -2308,37 +2393,67 @@ check_document_dates (const curlhelp_write_curlbuf *header_buf, char (*msg)[DEFA | |||
2308 | server_date = get_header_value (headers, nof_headers, "date"); | 2393 | server_date = get_header_value (headers, nof_headers, "date"); |
2309 | document_date = get_header_value (headers, nof_headers, "last-modified"); | 2394 | document_date = get_header_value (headers, nof_headers, "last-modified"); |
2310 | 2395 | ||
2311 | if (!server_date || !*server_date) { | 2396 | if (!server_date || !*server_date) { |
2312 | snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sServer date unknown, "), *msg); | 2397 | char tmp[DEFAULT_BUFFER_SIZE]; |
2313 | date_result = max_state_alt(STATE_UNKNOWN, date_result); | 2398 | |
2314 | } else if (!document_date || !*document_date) { | 2399 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sServer date unknown, "), *msg); |
2315 | snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument modification date unknown, "), *msg); | 2400 | strcpy(*msg, tmp); |
2316 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 2401 | |
2402 | date_result = max_state_alt(STATE_UNKNOWN, date_result); | ||
2403 | |||
2404 | } else if (!document_date || !*document_date) { | ||
2405 | char tmp[DEFAULT_BUFFER_SIZE]; | ||
2406 | |||
2407 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument modification date unknown, "), *msg); | ||
2408 | strcpy(*msg, tmp); | ||
2409 | |||
2410 | date_result = max_state_alt(STATE_CRITICAL, date_result); | ||
2411 | |||
2317 | } else { | 2412 | } else { |
2318 | time_t srv_data = curl_getdate (server_date, NULL); | 2413 | time_t srv_data = curl_getdate (server_date, NULL); |
2319 | time_t doc_data = curl_getdate (document_date, NULL); | 2414 | time_t doc_data = curl_getdate (document_date, NULL); |
2320 | if (verbose >= 2) | 2415 | if (verbose >= 2) |
2321 | printf ("* server date: '%s' (%d), doc_date: '%s' (%d)\n", server_date, (int)srv_data, document_date, (int)doc_data); | 2416 | printf ("* server date: '%s' (%d), doc_date: '%s' (%d)\n", server_date, (int)srv_data, document_date, (int)doc_data); |
2322 | if (srv_data <= 0) { | 2417 | if (srv_data <= 0) { |
2323 | snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); | 2418 | char tmp[DEFAULT_BUFFER_SIZE]; |
2324 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 2419 | |
2325 | } else if (doc_data <= 0) { | 2420 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); |
2326 | snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); | 2421 | strcpy(*msg, tmp); |
2327 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 2422 | |
2328 | } else if (doc_data > srv_data + 30) { | 2423 | date_result = max_state_alt(STATE_CRITICAL, date_result); |
2329 | snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); | 2424 | } else if (doc_data <= 0) { |
2330 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 2425 | char tmp[DEFAULT_BUFFER_SIZE]; |
2331 | } else if (doc_data < srv_data - maximum_age) { | 2426 | |
2332 | int n = (srv_data - doc_data); | 2427 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); |
2333 | if (n > (60 * 60 * 24 * 2)) { | 2428 | strcpy(*msg, tmp); |
2334 | snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); | 2429 | |
2335 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 2430 | date_result = max_state_alt(STATE_CRITICAL, date_result); |
2336 | } else { | 2431 | } else if (doc_data > srv_data + 30) { |
2337 | snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); | 2432 | char tmp[DEFAULT_BUFFER_SIZE]; |
2338 | date_result = max_state_alt(STATE_CRITICAL, date_result); | 2433 | |
2339 | } | 2434 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); |
2340 | } | 2435 | strcpy(*msg, tmp); |
2341 | } | 2436 | |
2437 | date_result = max_state_alt(STATE_CRITICAL, date_result); | ||
2438 | } else if (doc_data < srv_data - maximum_age) { | ||
2439 | int n = (srv_data - doc_data); | ||
2440 | if (n > (60 * 60 * 24 * 2)) { | ||
2441 | char tmp[DEFAULT_BUFFER_SIZE]; | ||
2442 | |||
2443 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); | ||
2444 | strcpy(*msg, tmp); | ||
2445 | |||
2446 | date_result = max_state_alt(STATE_CRITICAL, date_result); | ||
2447 | } else { | ||
2448 | char tmp[DEFAULT_BUFFER_SIZE]; | ||
2449 | |||
2450 | snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); | ||
2451 | strcpy(*msg, tmp); | ||
2452 | |||
2453 | date_result = max_state_alt(STATE_CRITICAL, date_result); | ||
2454 | } | ||
2455 | } | ||
2456 | } | ||
2342 | 2457 | ||
2343 | if (server_date) free (server_date); | 2458 | if (server_date) free (server_date); |
2344 | if (document_date) free (document_date); | 2459 | if (document_date) free (document_date); |
@@ -2380,7 +2495,7 @@ get_content_length (const curlhelp_write_curlbuf* header_buf, const curlhelp_wri | |||
2380 | 2495 | ||
2381 | /* TODO: is there a better way in libcurl to check for the SSL library? */ | 2496 | /* TODO: is there a better way in libcurl to check for the SSL library? */ |
2382 | curlhelp_ssl_library | 2497 | curlhelp_ssl_library |
2383 | curlhelp_get_ssl_library (CURL* curl) | 2498 | curlhelp_get_ssl_library () |
2384 | { | 2499 | { |
2385 | curl_version_info_data* version_data; | 2500 | curl_version_info_data* version_data; |
2386 | char *ssl_version; | 2501 | char *ssl_version; |