diff options
| author | Holger Weiss <holger@zedat.fu-berlin.de> | 2015-10-06 10:57:29 (GMT) |
|---|---|---|
| committer | Holger Weiss <holger@zedat.fu-berlin.de> | 2015-10-06 10:57:29 (GMT) |
| commit | 5029714a9dcd308e5bc813a29bd1a38bfc7ecee7 (patch) | |
| tree | 323e5572fd157d5f41fede5cc71f89005cbb9db2 /plugins/check_http.c | |
| parent | dbd38bf7ec95c886b252d5ee0a66735f2f4a47c5 (diff) | |
| parent | f43083c6a9d5d9e66d42e7cd0b698b7eb1ecf822 (diff) | |
| download | monitoring-plugins-5029714a9dcd308e5bc813a29bd1a38bfc7ecee7.tar.gz | |
Merge branch 'pr/1373'
* pr/1373:
check_http: Allow for requesting TLSv1.1/TLSv1.2
Diffstat (limited to 'plugins/check_http.c')
| -rw-r--r-- | plugins/check_http.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c index 68b470c..2038f4a 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
| @@ -343,9 +343,20 @@ process_arguments (int argc, char **argv) | |||
| 343 | parameters, like -S and -C combinations */ | 343 | parameters, like -S and -C combinations */ |
| 344 | use_ssl = TRUE; | 344 | use_ssl = TRUE; |
| 345 | if (c=='S' && optarg != NULL) { | 345 | if (c=='S' && optarg != NULL) { |
| 346 | ssl_version = atoi(optarg); | 346 | int got_plus = strchr(optarg, '+') != NULL; |
| 347 | if (ssl_version < 1 || ssl_version > 3) | 347 | |
| 348 | usage4 (_("Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 (SSLv3)")); | 348 | if (!strncmp (optarg, "1.2", 3)) |
| 349 | ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2; | ||
| 350 | else if (!strncmp (optarg, "1.1", 3)) | ||
| 351 | ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1; | ||
| 352 | else if (optarg[0] == '1') | ||
| 353 | ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1; | ||
| 354 | else if (optarg[0] == '3') | ||
| 355 | ssl_version = got_plus ? MP_SSLv3_OR_NEWER : MP_SSLv3; | ||
| 356 | else if (optarg[0] == '2') | ||
| 357 | ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2; | ||
| 358 | else | ||
| 359 | usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); | ||
| 349 | } | 360 | } |
| 350 | if (specify_port == FALSE) | 361 | if (specify_port == FALSE) |
| 351 | server_port = HTTPS_PORT; | 362 | server_port = HTTPS_PORT; |
| @@ -1514,9 +1525,10 @@ print_help (void) | |||
| 1514 | printf (UT_IPv46); | 1525 | printf (UT_IPv46); |
| 1515 | 1526 | ||
| 1516 | #ifdef HAVE_SSL | 1527 | #ifdef HAVE_SSL |
| 1517 | printf (" %s\n", "-S, --ssl=VERSION"); | 1528 | printf (" %s\n", "-S, --ssl=VERSION[+]"); |
| 1518 | printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); | 1529 | printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); |
| 1519 | printf (" %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3).")); | 1530 | printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); |
| 1531 | printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted.")); | ||
| 1520 | printf (" %s\n", "--sni"); | 1532 | printf (" %s\n", "--sni"); |
| 1521 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); | 1533 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); |
| 1522 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); | 1534 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); |