diff options
| author | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2025-03-11 12:12:32 +0100 |
|---|---|---|
| committer | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2025-03-11 12:12:32 +0100 |
| commit | 7a518f99a57a6ee169cedd062e4e2e1e7c3fc2d2 (patch) | |
| tree | 6b7eee63a99f8ecb1f20fa20c3e2baa3437099c2 /plugins/check_ldap.c | |
| parent | 590c190bd88d5907b9e649fc45f8d8997227c4c4 (diff) | |
| download | monitoring-plugins-7a518f99a57a6ee169cedd062e4e2e1e7c3fc2d2.tar.gz | |
Refactor check_ldap
Diffstat (limited to 'plugins/check_ldap.c')
| -rw-r--r-- | plugins/check_ldap.c | 262 |
1 files changed, 122 insertions, 140 deletions
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c index fc8eccec..597644bd 100644 --- a/plugins/check_ldap.c +++ b/plugins/check_ldap.c | |||
| @@ -34,70 +34,33 @@ const char *email = "devel@monitoring-plugins.org"; | |||
| 34 | #include "common.h" | 34 | #include "common.h" |
| 35 | #include "netutils.h" | 35 | #include "netutils.h" |
| 36 | #include "utils.h" | 36 | #include "utils.h" |
| 37 | #include "check_ldap.d/config.h" | ||
| 37 | 38 | ||
| 39 | #include "states.h" | ||
| 38 | #include <lber.h> | 40 | #include <lber.h> |
| 39 | #define LDAP_DEPRECATED 1 | 41 | #define LDAP_DEPRECATED 1 |
| 40 | #include <ldap.h> | 42 | #include <ldap.h> |
| 41 | 43 | ||
| 42 | enum { | 44 | enum { |
| 43 | UNDEFINED = 0, | ||
| 44 | #ifdef HAVE_LDAP_SET_OPTION | ||
| 45 | DEFAULT_PROTOCOL = 2, | ||
| 46 | #endif | ||
| 47 | DEFAULT_PORT = 389 | 45 | DEFAULT_PORT = 389 |
| 48 | }; | 46 | }; |
| 49 | 47 | ||
| 50 | static int process_arguments(int, char **); | 48 | typedef struct { |
| 51 | static int validate_arguments(void); | 49 | int errorcode; |
| 50 | check_ldap_config config; | ||
| 51 | } check_ldap_config_wrapper; | ||
| 52 | static check_ldap_config_wrapper process_arguments(int /*argc*/, char ** /*argv*/); | ||
| 53 | static check_ldap_config_wrapper validate_arguments(check_ldap_config_wrapper /*config_wrapper*/); | ||
| 54 | |||
| 52 | static void print_help(void); | 55 | static void print_help(void); |
| 53 | void print_usage(void); | 56 | void print_usage(void); |
| 54 | 57 | ||
| 55 | static char ld_defattr[] = "(objectclass=*)"; | ||
| 56 | static char *ld_attr = ld_defattr; | ||
| 57 | static char *ld_host = NULL; | ||
| 58 | static char *ld_base = NULL; | ||
| 59 | static char *ld_passwd = NULL; | ||
| 60 | static char *ld_binddn = NULL; | ||
| 61 | static int ld_port = -1; | ||
| 62 | #ifdef HAVE_LDAP_SET_OPTION | ||
| 63 | static int ld_protocol = DEFAULT_PROTOCOL; | ||
| 64 | #endif | ||
| 65 | #ifndef LDAP_OPT_SUCCESS | 58 | #ifndef LDAP_OPT_SUCCESS |
| 66 | # define LDAP_OPT_SUCCESS LDAP_SUCCESS | 59 | # define LDAP_OPT_SUCCESS LDAP_SUCCESS |
| 67 | #endif | 60 | #endif |
| 68 | static double warn_time = UNDEFINED; | 61 | static int verbose = 0; |
| 69 | static double crit_time = UNDEFINED; | ||
| 70 | static thresholds *entries_thresholds = NULL; | ||
| 71 | static struct timeval tv; | ||
| 72 | static char *warn_entries = NULL; | ||
| 73 | static char *crit_entries = NULL; | ||
| 74 | static bool starttls = false; | ||
| 75 | static bool ssl_on_connect = false; | ||
| 76 | static bool verbose = false; | ||
| 77 | |||
| 78 | /* for ldap tls */ | ||
| 79 | |||
| 80 | static char *SERVICE = "LDAP"; | ||
| 81 | 62 | ||
| 82 | int main(int argc, char *argv[]) { | 63 | int main(int argc, char *argv[]) { |
| 83 | |||
| 84 | LDAP *ld; | ||
| 85 | LDAPMessage *result; | ||
| 86 | |||
| 87 | /* should be int result = STATE_UNKNOWN; */ | ||
| 88 | |||
| 89 | int status = STATE_UNKNOWN; | ||
| 90 | long microsec; | ||
| 91 | double elapsed_time; | ||
| 92 | |||
| 93 | /* for ldap tls */ | ||
| 94 | |||
| 95 | int tls; | ||
| 96 | int version = 3; | ||
| 97 | |||
| 98 | int status_entries = STATE_OK; | ||
| 99 | int num_entries = 0; | ||
| 100 | |||
| 101 | setlocale(LC_ALL, ""); | 64 | setlocale(LC_ALL, ""); |
| 102 | bindtextdomain(PACKAGE, LOCALEDIR); | 65 | bindtextdomain(PACKAGE, LOCALEDIR); |
| 103 | textdomain(PACKAGE); | 66 | textdomain(PACKAGE); |
| @@ -109,13 +72,12 @@ int main(int argc, char *argv[]) { | |||
| 109 | /* Parse extra opts if any */ | 72 | /* Parse extra opts if any */ |
| 110 | argv = np_extra_opts(&argc, argv, progname); | 73 | argv = np_extra_opts(&argc, argv, progname); |
| 111 | 74 | ||
| 112 | if (process_arguments(argc, argv) == ERROR) { | 75 | check_ldap_config_wrapper tmp_config = process_arguments(argc, argv); |
| 76 | if (tmp_config.errorcode == ERROR) { | ||
| 113 | usage4(_("Could not parse arguments")); | 77 | usage4(_("Could not parse arguments")); |
| 114 | } | 78 | } |
| 115 | 79 | ||
| 116 | if (strstr(argv[0], "check_ldaps") && !starttls && !ssl_on_connect) { | 80 | const check_ldap_config config = tmp_config.config; |
| 117 | starttls = true; | ||
| 118 | } | ||
| 119 | 81 | ||
| 120 | /* initialize alarm signal handling */ | 82 | /* initialize alarm signal handling */ |
| 121 | signal(SIGALRM, socket_timeout_alarm_handler); | 83 | signal(SIGALRM, socket_timeout_alarm_handler); |
| @@ -124,65 +86,67 @@ int main(int argc, char *argv[]) { | |||
| 124 | alarm(socket_timeout); | 86 | alarm(socket_timeout); |
| 125 | 87 | ||
| 126 | /* get the start time */ | 88 | /* get the start time */ |
| 127 | gettimeofday(&tv, NULL); | 89 | struct timeval start_time; |
| 90 | gettimeofday(&start_time, NULL); | ||
| 128 | 91 | ||
| 92 | LDAP *ldap_connection; | ||
| 129 | /* initialize ldap */ | 93 | /* initialize ldap */ |
| 130 | #ifdef HAVE_LDAP_INIT | 94 | #ifdef HAVE_LDAP_INIT |
| 131 | if (!(ld = ldap_init(ld_host, ld_port))) { | 95 | if (!(ldap_connection = ldap_init(config.ld_host, config.ld_port))) { |
| 132 | printf("Could not connect to the server at port %i\n", ld_port); | 96 | printf("Could not connect to the server at port %i\n", config.ld_port); |
| 133 | return STATE_CRITICAL; | 97 | return STATE_CRITICAL; |
| 134 | } | 98 | } |
| 135 | #else | 99 | #else |
| 136 | if (!(ld = ldap_open(ld_host, ld_port))) { | 100 | if (!(ld = ldap_open(config.ld_host, config.ld_port))) { |
| 137 | if (verbose) { | 101 | if (verbose) { |
| 138 | ldap_perror(ld, "ldap_open"); | 102 | ldap_perror(ldap_connection, "ldap_open"); |
| 139 | } | 103 | } |
| 140 | printf(_("Could not connect to the server at port %i\n"), ld_port); | 104 | printf(_("Could not connect to the server at port %i\n"), config.ld_port); |
| 141 | return STATE_CRITICAL; | 105 | return STATE_CRITICAL; |
| 142 | } | 106 | } |
| 143 | #endif /* HAVE_LDAP_INIT */ | 107 | #endif /* HAVE_LDAP_INIT */ |
| 144 | 108 | ||
| 145 | #ifdef HAVE_LDAP_SET_OPTION | 109 | #ifdef HAVE_LDAP_SET_OPTION |
| 146 | /* set ldap options */ | 110 | /* set ldap options */ |
| 147 | if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ld_protocol) != LDAP_OPT_SUCCESS) { | 111 | if (ldap_set_option(ldap_connection, LDAP_OPT_PROTOCOL_VERSION, &config.ld_protocol) != LDAP_OPT_SUCCESS) { |
| 148 | printf(_("Could not set protocol version %d\n"), ld_protocol); | 112 | printf(_("Could not set protocol version %d\n"), config.ld_protocol); |
| 149 | return STATE_CRITICAL; | 113 | return STATE_CRITICAL; |
| 150 | } | 114 | } |
| 151 | #endif | 115 | #endif |
| 152 | 116 | ||
| 153 | if (ld_port == LDAPS_PORT || ssl_on_connect) { | 117 | int version = 3; |
| 154 | xasprintf(&SERVICE, "LDAPS"); | 118 | int tls; |
| 119 | if (config.ld_port == LDAPS_PORT || config.ssl_on_connect) { | ||
| 155 | #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_X_TLS) | 120 | #if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_X_TLS) |
| 156 | /* ldaps: set option tls */ | 121 | /* ldaps: set option tls */ |
| 157 | tls = LDAP_OPT_X_TLS_HARD; | 122 | tls = LDAP_OPT_X_TLS_HARD; |
| 158 | 123 | ||
| 159 | if (ldap_set_option(ld, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS) { | 124 | if (ldap_set_option(ldap_connection, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS) { |
| 160 | if (verbose) { | 125 | if (verbose) { |
| 161 | ldap_perror(ld, "ldaps_option"); | 126 | ldap_perror(ldap_connection, "ldaps_option"); |
| 162 | } | 127 | } |
| 163 | printf(_("Could not init TLS at port %i!\n"), ld_port); | 128 | printf(_("Could not init TLS at port %i!\n"), config.ld_port); |
| 164 | return STATE_CRITICAL; | 129 | return STATE_CRITICAL; |
| 165 | } | 130 | } |
| 166 | #else | 131 | #else |
| 167 | printf(_("TLS not supported by the libraries!\n")); | 132 | printf(_("TLS not supported by the libraries!\n")); |
| 168 | return STATE_CRITICAL; | 133 | return STATE_CRITICAL; |
| 169 | #endif /* LDAP_OPT_X_TLS */ | 134 | #endif /* LDAP_OPT_X_TLS */ |
| 170 | } else if (starttls) { | 135 | } else if (config.starttls) { |
| 171 | xasprintf(&SERVICE, "LDAP-TLS"); | ||
| 172 | #if defined(HAVE_LDAP_SET_OPTION) && defined(HAVE_LDAP_START_TLS_S) | 136 | #if defined(HAVE_LDAP_SET_OPTION) && defined(HAVE_LDAP_START_TLS_S) |
| 173 | /* ldap with startTLS: set option version */ | 137 | /* ldap with startTLS: set option version */ |
| 174 | if (ldap_get_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) { | 138 | if (ldap_get_option(ldap_connection, LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS) { |
| 175 | if (version < LDAP_VERSION3) { | 139 | if (version < LDAP_VERSION3) { |
| 176 | version = LDAP_VERSION3; | 140 | version = LDAP_VERSION3; |
| 177 | ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); | 141 | ldap_set_option(ldap_connection, LDAP_OPT_PROTOCOL_VERSION, &version); |
| 178 | } | 142 | } |
| 179 | } | 143 | } |
| 180 | /* call start_tls */ | 144 | /* call start_tls */ |
| 181 | if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) { | 145 | if (ldap_start_tls_s(ldap_connection, NULL, NULL) != LDAP_SUCCESS) { |
| 182 | if (verbose) { | 146 | if (verbose) { |
| 183 | ldap_perror(ld, "ldap_start_tls"); | 147 | ldap_perror(ldap_connection, "ldap_start_tls"); |
| 184 | } | 148 | } |
| 185 | printf(_("Could not init startTLS at port %i!\n"), ld_port); | 149 | printf(_("Could not init startTLS at port %i!\n"), config.ld_port); |
| 186 | return STATE_CRITICAL; | 150 | return STATE_CRITICAL; |
| 187 | } | 151 | } |
| 188 | #else | 152 | #else |
| @@ -192,51 +156,56 @@ int main(int argc, char *argv[]) { | |||
| 192 | } | 156 | } |
| 193 | 157 | ||
| 194 | /* bind to the ldap server */ | 158 | /* bind to the ldap server */ |
| 195 | if (ldap_bind_s(ld, ld_binddn, ld_passwd, LDAP_AUTH_SIMPLE) != LDAP_SUCCESS) { | 159 | if (ldap_bind_s(ldap_connection, config.ld_binddn, config.ld_passwd, LDAP_AUTH_SIMPLE) != LDAP_SUCCESS) { |
| 196 | if (verbose) { | 160 | if (verbose) { |
| 197 | ldap_perror(ld, "ldap_bind"); | 161 | ldap_perror(ldap_connection, "ldap_bind"); |
| 198 | } | 162 | } |
| 199 | printf(_("Could not bind to the LDAP server\n")); | 163 | printf(_("Could not bind to the LDAP server\n")); |
| 200 | return STATE_CRITICAL; | 164 | return STATE_CRITICAL; |
| 201 | } | 165 | } |
| 202 | 166 | ||
| 167 | LDAPMessage *result; | ||
| 168 | int num_entries = 0; | ||
| 203 | /* do a search of all objectclasses in the base dn */ | 169 | /* do a search of all objectclasses in the base dn */ |
| 204 | if (ldap_search_s(ld, ld_base, (crit_entries != NULL || warn_entries != NULL) ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE, ld_attr, NULL, 0, | 170 | if (ldap_search_s(ldap_connection, config.ld_base, |
| 205 | &result) != LDAP_SUCCESS) { | 171 | (config.crit_entries != NULL || config.warn_entries != NULL) ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE, config.ld_attr, |
| 172 | NULL, 0, &result) != LDAP_SUCCESS) { | ||
| 206 | if (verbose) { | 173 | if (verbose) { |
| 207 | ldap_perror(ld, "ldap_search"); | 174 | ldap_perror(ldap_connection, "ldap_search"); |
| 208 | } | 175 | } |
| 209 | printf(_("Could not search/find objectclasses in %s\n"), ld_base); | 176 | printf(_("Could not search/find objectclasses in %s\n"), config.ld_base); |
| 210 | return STATE_CRITICAL; | 177 | return STATE_CRITICAL; |
| 211 | } else if (crit_entries != NULL || warn_entries != NULL) { | 178 | } |
| 212 | num_entries = ldap_count_entries(ld, result); | 179 | |
| 180 | if (config.crit_entries != NULL || config.warn_entries != NULL) { | ||
| 181 | num_entries = ldap_count_entries(ldap_connection, result); | ||
| 213 | } | 182 | } |
| 214 | 183 | ||
| 215 | /* unbind from the ldap server */ | 184 | /* unbind from the ldap server */ |
| 216 | ldap_unbind(ld); | 185 | ldap_unbind(ldap_connection); |
| 217 | 186 | ||
| 218 | /* reset the alarm handler */ | 187 | /* reset the alarm handler */ |
| 219 | alarm(0); | 188 | alarm(0); |
| 220 | 189 | ||
| 221 | /* calculate the elapsed time and compare to thresholds */ | 190 | /* calculate the elapsed time and compare to thresholds */ |
| 222 | 191 | ||
| 223 | microsec = deltime(tv); | 192 | long microsec = deltime(start_time); |
| 224 | elapsed_time = (double)microsec / 1.0e6; | 193 | double elapsed_time = (double)microsec / 1.0e6; |
| 225 | 194 | mp_state_enum status = STATE_UNKNOWN; | |
| 226 | if (crit_time != UNDEFINED && elapsed_time > crit_time) { | 195 | if (config.crit_time_set && elapsed_time > config.crit_time) { |
| 227 | status = STATE_CRITICAL; | 196 | status = STATE_CRITICAL; |
| 228 | } else if (warn_time != UNDEFINED && elapsed_time > warn_time) { | 197 | } else if (config.warn_time_set && elapsed_time > config.warn_time) { |
| 229 | status = STATE_WARNING; | 198 | status = STATE_WARNING; |
| 230 | } else { | 199 | } else { |
| 231 | status = STATE_OK; | 200 | status = STATE_OK; |
| 232 | } | 201 | } |
| 233 | 202 | ||
| 234 | if (entries_thresholds != NULL) { | 203 | if (config.entries_thresholds != NULL) { |
| 235 | if (verbose) { | 204 | if (verbose) { |
| 236 | printf("entries found: %d\n", num_entries); | 205 | printf("entries found: %d\n", num_entries); |
| 237 | print_thresholds("entry thresholds", entries_thresholds); | 206 | print_thresholds("entry thresholds", config.entries_thresholds); |
| 238 | } | 207 | } |
| 239 | status_entries = get_status(num_entries, entries_thresholds); | 208 | mp_state_enum status_entries = get_status(num_entries, config.entries_thresholds); |
| 240 | if (status_entries == STATE_CRITICAL) { | 209 | if (status_entries == STATE_CRITICAL) { |
| 241 | status = STATE_CRITICAL; | 210 | status = STATE_CRITICAL; |
| 242 | } else if (status != STATE_CRITICAL) { | 211 | } else if (status != STATE_CRITICAL) { |
| @@ -245,23 +214,22 @@ int main(int argc, char *argv[]) { | |||
| 245 | } | 214 | } |
| 246 | 215 | ||
| 247 | /* print out the result */ | 216 | /* print out the result */ |
| 248 | if (crit_entries != NULL || warn_entries != NULL) { | 217 | if (config.crit_entries != NULL || config.warn_entries != NULL) { |
| 249 | printf(_("LDAP %s - found %d entries in %.3f seconds|%s %s\n"), state_text(status), num_entries, elapsed_time, | 218 | printf(_("LDAP %s - found %d entries in %.3f seconds|%s %s\n"), state_text(status), num_entries, elapsed_time, |
| 250 | fperfdata("time", elapsed_time, "s", (int)warn_time, warn_time, (int)crit_time, crit_time, true, 0, false, 0), | 219 | fperfdata("time", elapsed_time, "s", config.warn_time_set, config.warn_time, config.crit_time_set, config.crit_time, true, 0, |
| 251 | sperfdata("entries", (double)num_entries, "", warn_entries, crit_entries, true, 0.0, false, 0.0)); | 220 | false, 0), |
| 221 | sperfdata("entries", (double)num_entries, "", config.warn_entries, config.crit_entries, true, 0.0, false, 0.0)); | ||
| 252 | } else { | 222 | } else { |
| 253 | printf(_("LDAP %s - %.3f seconds response time|%s\n"), state_text(status), elapsed_time, | 223 | printf(_("LDAP %s - %.3f seconds response time|%s\n"), state_text(status), elapsed_time, |
| 254 | fperfdata("time", elapsed_time, "s", (int)warn_time, warn_time, (int)crit_time, crit_time, true, 0, false, 0)); | 224 | fperfdata("time", elapsed_time, "s", config.warn_time_set, config.warn_time, config.crit_time_set, config.crit_time, true, 0, |
| 225 | false, 0)); | ||
| 255 | } | 226 | } |
| 256 | 227 | ||
| 257 | return status; | 228 | exit(status); |
| 258 | } | 229 | } |
| 259 | 230 | ||
| 260 | /* process command-line arguments */ | 231 | /* process command-line arguments */ |
| 261 | int process_arguments(int argc, char **argv) { | 232 | check_ldap_config_wrapper process_arguments(int argc, char **argv) { |
| 262 | int c; | ||
| 263 | |||
| 264 | int option = 0; | ||
| 265 | /* initialize the long option struct */ | 233 | /* initialize the long option struct */ |
| 266 | static struct option longopts[] = {{"help", no_argument, 0, 'h'}, | 234 | static struct option longopts[] = {{"help", no_argument, 0, 'h'}, |
| 267 | {"version", no_argument, 0, 'V'}, | 235 | {"version", no_argument, 0, 'V'}, |
| @@ -287,24 +255,31 @@ int process_arguments(int argc, char **argv) { | |||
| 287 | {"verbose", no_argument, 0, 'v'}, | 255 | {"verbose", no_argument, 0, 'v'}, |
| 288 | {0, 0, 0, 0}}; | 256 | {0, 0, 0, 0}}; |
| 289 | 257 | ||
| 258 | check_ldap_config_wrapper result = { | ||
| 259 | .errorcode = OK, | ||
| 260 | .config = check_ldap_config_init(), | ||
| 261 | }; | ||
| 262 | |||
| 290 | if (argc < 2) { | 263 | if (argc < 2) { |
| 291 | return ERROR; | 264 | result.errorcode = ERROR; |
| 265 | return result; | ||
| 292 | } | 266 | } |
| 293 | 267 | ||
| 294 | for (c = 1; c < argc; c++) { | 268 | for (int index = 1; index < argc; index++) { |
| 295 | if (strcmp("-to", argv[c]) == 0) { | 269 | if (strcmp("-to", argv[index]) == 0) { |
| 296 | strcpy(argv[c], "-t"); | 270 | strcpy(argv[index], "-t"); |
| 297 | } | 271 | } |
| 298 | } | 272 | } |
| 299 | 273 | ||
| 274 | int option = 0; | ||
| 300 | while (true) { | 275 | while (true) { |
| 301 | c = getopt_long(argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option); | 276 | int option_index = getopt_long(argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option); |
| 302 | 277 | ||
| 303 | if (c == -1 || c == EOF) { | 278 | if (option_index == -1 || option_index == EOF) { |
| 304 | break; | 279 | break; |
| 305 | } | 280 | } |
| 306 | 281 | ||
| 307 | switch (c) { | 282 | switch (option_index) { |
| 308 | case 'h': /* help */ | 283 | case 'h': /* help */ |
| 309 | print_help(); | 284 | print_help(); |
| 310 | exit(STATE_UNKNOWN); | 285 | exit(STATE_UNKNOWN); |
| @@ -319,61 +294,63 @@ int process_arguments(int argc, char **argv) { | |||
| 319 | } | 294 | } |
| 320 | break; | 295 | break; |
| 321 | case 'H': | 296 | case 'H': |
| 322 | ld_host = optarg; | 297 | result.config.ld_host = optarg; |
| 323 | break; | 298 | break; |
| 324 | case 'b': | 299 | case 'b': |
| 325 | ld_base = optarg; | 300 | result.config.ld_base = optarg; |
| 326 | break; | 301 | break; |
| 327 | case 'p': | 302 | case 'p': |
| 328 | ld_port = atoi(optarg); | 303 | result.config.ld_port = atoi(optarg); |
| 329 | break; | 304 | break; |
| 330 | case 'a': | 305 | case 'a': |
| 331 | ld_attr = optarg; | 306 | result.config.ld_attr = optarg; |
| 332 | break; | 307 | break; |
| 333 | case 'D': | 308 | case 'D': |
| 334 | ld_binddn = optarg; | 309 | result.config.ld_binddn = optarg; |
| 335 | break; | 310 | break; |
| 336 | case 'P': | 311 | case 'P': |
| 337 | ld_passwd = optarg; | 312 | result.config.ld_passwd = optarg; |
| 338 | break; | 313 | break; |
| 339 | case 'w': | 314 | case 'w': |
| 340 | warn_time = strtod(optarg, NULL); | 315 | result.config.warn_time_set = true; |
| 316 | result.config.warn_time = strtod(optarg, NULL); | ||
| 341 | break; | 317 | break; |
| 342 | case 'c': | 318 | case 'c': |
| 343 | crit_time = strtod(optarg, NULL); | 319 | result.config.crit_time_set = true; |
| 320 | result.config.crit_time = strtod(optarg, NULL); | ||
| 344 | break; | 321 | break; |
| 345 | case 'W': | 322 | case 'W': |
| 346 | warn_entries = optarg; | 323 | result.config.warn_entries = optarg; |
| 347 | break; | 324 | break; |
| 348 | case 'C': | 325 | case 'C': |
| 349 | crit_entries = optarg; | 326 | result.config.crit_entries = optarg; |
| 350 | break; | 327 | break; |
| 351 | #ifdef HAVE_LDAP_SET_OPTION | 328 | #ifdef HAVE_LDAP_SET_OPTION |
| 352 | case '2': | 329 | case '2': |
| 353 | ld_protocol = 2; | 330 | result.config.ld_protocol = 2; |
| 354 | break; | 331 | break; |
| 355 | case '3': | 332 | case '3': |
| 356 | ld_protocol = 3; | 333 | result.config.ld_protocol = 3; |
| 357 | break; | 334 | break; |
| 358 | #endif | 335 | #endif // HAVE_LDAP_SET_OPTION |
| 359 | case '4': | 336 | case '4': |
| 360 | address_family = AF_INET; | 337 | address_family = AF_INET; |
| 361 | break; | 338 | break; |
| 362 | case 'v': | 339 | case 'v': |
| 363 | verbose = true; | 340 | verbose++; |
| 364 | break; | 341 | break; |
| 365 | case 'T': | 342 | case 'T': |
| 366 | if (!ssl_on_connect) { | 343 | if (!result.config.ssl_on_connect) { |
| 367 | starttls = true; | 344 | result.config.starttls = true; |
| 368 | } else { | 345 | } else { |
| 369 | usage_va(_("%s cannot be combined with %s"), "-T/--starttls", "-S/--ssl"); | 346 | usage_va(_("%s cannot be combined with %s"), "-T/--starttls", "-S/--ssl"); |
| 370 | } | 347 | } |
| 371 | break; | 348 | break; |
| 372 | case 'S': | 349 | case 'S': |
| 373 | if (!starttls) { | 350 | if (!result.config.starttls) { |
| 374 | ssl_on_connect = true; | 351 | result.config.ssl_on_connect = true; |
| 375 | if (ld_port == -1) { | 352 | if (result.config.ld_port == -1) { |
| 376 | ld_port = LDAPS_PORT; | 353 | result.config.ld_port = LDAPS_PORT; |
| 377 | } | 354 | } |
| 378 | } else { | 355 | } else { |
| 379 | usage_va(_("%s cannot be combined with %s"), "-S/--ssl", "-T/--starttls"); | 356 | usage_va(_("%s cannot be combined with %s"), "-S/--ssl", "-T/--starttls"); |
| @@ -391,39 +368,44 @@ int process_arguments(int argc, char **argv) { | |||
| 391 | } | 368 | } |
| 392 | } | 369 | } |
| 393 | 370 | ||
| 394 | c = optind; | 371 | int index = optind; |
| 395 | if (ld_host == NULL && is_host(argv[c])) { | 372 | if ((result.config.ld_host == NULL) && is_host(argv[index])) { |
| 396 | ld_host = strdup(argv[c++]); | 373 | result.config.ld_host = strdup(argv[index++]); |
| 374 | } | ||
| 375 | |||
| 376 | if ((result.config.ld_base == NULL) && argv[index]) { | ||
| 377 | result.config.ld_base = strdup(argv[index++]); | ||
| 397 | } | 378 | } |
| 398 | 379 | ||
| 399 | if (ld_base == NULL && argv[c]) { | 380 | if (result.config.ld_port == -1) { |
| 400 | ld_base = strdup(argv[c++]); | 381 | result.config.ld_port = DEFAULT_PORT; |
| 401 | } | 382 | } |
| 402 | 383 | ||
| 403 | if (ld_port == -1) { | 384 | if (strstr(argv[0], "check_ldaps") && !result.config.starttls && !result.config.ssl_on_connect) { |
| 404 | ld_port = DEFAULT_PORT; | 385 | result.config.starttls = true; |
| 405 | } | 386 | } |
| 406 | 387 | ||
| 407 | return validate_arguments(); | 388 | return validate_arguments(result); |
| 408 | } | 389 | } |
| 409 | 390 | ||
| 410 | int validate_arguments() { | 391 | check_ldap_config_wrapper validate_arguments(check_ldap_config_wrapper config_wrapper) { |
| 411 | if (ld_host == NULL || strlen(ld_host) == 0) { | 392 | if (config_wrapper.config.ld_host == NULL || strlen(config_wrapper.config.ld_host) == 0) { |
| 412 | usage4(_("Please specify the host name\n")); | 393 | usage4(_("Please specify the host name\n")); |
| 413 | } | 394 | } |
| 414 | 395 | ||
| 415 | if (ld_base == NULL) { | 396 | if (config_wrapper.config.ld_base == NULL) { |
| 416 | usage4(_("Please specify the LDAP base\n")); | 397 | usage4(_("Please specify the LDAP base\n")); |
| 417 | } | 398 | } |
| 418 | 399 | ||
| 419 | if (crit_entries != NULL || warn_entries != NULL) { | 400 | if (config_wrapper.config.crit_entries != NULL || config_wrapper.config.warn_entries != NULL) { |
| 420 | set_thresholds(&entries_thresholds, warn_entries, crit_entries); | 401 | set_thresholds(&config_wrapper.config.entries_thresholds, config_wrapper.config.warn_entries, config_wrapper.config.crit_entries); |
| 421 | } | 402 | } |
| 422 | if (ld_passwd == NULL) { | 403 | |
| 423 | ld_passwd = getenv("LDAP_PASSWORD"); | 404 | if (config_wrapper.config.ld_passwd == NULL) { |
| 405 | config_wrapper.config.ld_passwd = getenv("LDAP_PASSWORD"); | ||
| 424 | } | 406 | } |
| 425 | 407 | ||
| 426 | return OK; | 408 | return config_wrapper; |
| 427 | } | 409 | } |
| 428 | 410 | ||
| 429 | void print_help(void) { | 411 | void print_help(void) { |