diff options
| author | Johannes Engel <jcnengel@gmail.com> | 2013-12-26 19:13:26 (GMT) |
|---|---|---|
| committer | Holger Weiss <holger@zedat.fu-berlin.de> | 2014-11-28 12:05:16 (GMT) |
| commit | 7a33e28e4e104c6121e6c209d504141f4a876015 (patch) | |
| tree | 87630e1e799d07d7db409ee75ede5d6cb4882b61 /plugins/check_snmp.c | |
| parent | 5a75f0b332fd569843c2abfae9f1ab8fcbd86b25 (diff) | |
| download | monitoring-plugins-7a33e28e4e104c6121e6c209d504141f4a876015.tar.gz | |
Introduce support for SNMPv3 context in check_snmp
snmpget already supports using SNMPv3 contexts using the option "-n".
Thus all we need to do is introduce a new argument to check_snmp and
pass the argument on to snmpget using snmpget's option "-n".
Since "-n" is already in use for check_snmp for a different purpose,
we use "-N" instead.
Diffstat (limited to 'plugins/check_snmp.c')
| -rw-r--r-- | plugins/check_snmp.c | 42 |
1 files changed, 31 insertions, 11 deletions
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index ba5b1d3..9d966fa 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c | |||
| @@ -104,6 +104,8 @@ int errcode, excode; | |||
| 104 | 104 | ||
| 105 | char *server_address = NULL; | 105 | char *server_address = NULL; |
| 106 | char *community = NULL; | 106 | char *community = NULL; |
| 107 | char **contextargs = NULL; | ||
| 108 | char *context = NULL; | ||
| 107 | char **authpriv = NULL; | 109 | char **authpriv = NULL; |
| 108 | char *proto = NULL; | 110 | char *proto = NULL; |
| 109 | char *seclevel = NULL; | 111 | char *seclevel = NULL; |
| @@ -128,6 +130,7 @@ size_t nunits = 0; | |||
| 128 | size_t unitv_size = OID_COUNT_STEP; | 130 | size_t unitv_size = OID_COUNT_STEP; |
| 129 | int numoids = 0; | 131 | int numoids = 0; |
| 130 | int numauthpriv = 0; | 132 | int numauthpriv = 0; |
| 133 | int numcontext = 0; | ||
| 131 | int verbose = 0; | 134 | int verbose = 0; |
| 132 | int usesnmpgetnext = FALSE; | 135 | int usesnmpgetnext = FALSE; |
| 133 | char *warning_thresholds = NULL; | 136 | char *warning_thresholds = NULL; |
| @@ -297,8 +300,8 @@ main (int argc, char **argv) | |||
| 297 | snmpcmd = strdup (PATH_TO_SNMPGET); | 300 | snmpcmd = strdup (PATH_TO_SNMPGET); |
| 298 | } | 301 | } |
| 299 | 302 | ||
| 300 | /* 10 arguments to pass before authpriv options + 1 for host and numoids. Add one for terminating NULL */ | 303 | /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */ |
| 301 | command_line = calloc (10 + numauthpriv + 1 + numoids + 1, sizeof (char *)); | 304 | command_line = calloc (10 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *)); |
| 302 | command_line[0] = snmpcmd; | 305 | command_line[0] = snmpcmd; |
| 303 | command_line[1] = strdup ("-Le"); | 306 | command_line[1] = strdup ("-Le"); |
| 304 | command_line[2] = strdup ("-t"); | 307 | command_line[2] = strdup ("-t"); |
| @@ -310,23 +313,27 @@ main (int argc, char **argv) | |||
| 310 | command_line[8] = "-v"; | 313 | command_line[8] = "-v"; |
| 311 | command_line[9] = strdup (proto); | 314 | command_line[9] = strdup (proto); |
| 312 | 315 | ||
| 316 | for (i = 0; i < numcontext; i++) { | ||
| 317 | command_line[10 + i] = contextargs[i]; | ||
| 318 | } | ||
| 319 | |||
| 313 | for (i = 0; i < numauthpriv; i++) { | 320 | for (i = 0; i < numauthpriv; i++) { |
| 314 | command_line[10 + i] = authpriv[i]; | 321 | command_line[10 + numcontext + i] = authpriv[i]; |
| 315 | } | 322 | } |
| 316 | 323 | ||
| 317 | xasprintf (&command_line[10 + numauthpriv], "%s:%s", server_address, port); | 324 | xasprintf (&command_line[10 + numcontext + numauthpriv], "%s:%s", server_address, port); |
| 318 | 325 | ||
| 319 | /* This is just for display purposes, so it can remain a string */ | 326 | /* This is just for display purposes, so it can remain a string */ |
| 320 | xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s:%s", | 327 | xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s", |
| 321 | snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[authpriv]", | 328 | snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]", |
| 322 | server_address, port); | 329 | server_address, port); |
| 323 | 330 | ||
| 324 | for (i = 0; i < numoids; i++) { | 331 | for (i = 0; i < numoids; i++) { |
| 325 | command_line[10 + numauthpriv + 1 + i] = oids[i]; | 332 | command_line[10 + numcontext + numauthpriv + 1 + i] = oids[i]; |
| 326 | xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); | 333 | xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); |
| 327 | } | 334 | } |
| 328 | 335 | ||
| 329 | command_line[10 + numauthpriv + 1 + numoids] = NULL; | 336 | command_line[10 + numcontext + numauthpriv + 1 + numoids] = NULL; |
| 330 | 337 | ||
| 331 | if (verbose) | 338 | if (verbose) |
| 332 | printf ("%s\n", cl_hidden_auth); | 339 | printf ("%s\n", cl_hidden_auth); |
| @@ -658,6 +665,7 @@ process_arguments (int argc, char **argv) | |||
| 658 | {"retries", required_argument, 0, 'e'}, | 665 | {"retries", required_argument, 0, 'e'}, |
| 659 | {"miblist", required_argument, 0, 'm'}, | 666 | {"miblist", required_argument, 0, 'm'}, |
| 660 | {"protocol", required_argument, 0, 'P'}, | 667 | {"protocol", required_argument, 0, 'P'}, |
| 668 | {"context", required_argument, 0, 'N'}, | ||
| 661 | {"seclevel", required_argument, 0, 'L'}, | 669 | {"seclevel", required_argument, 0, 'L'}, |
| 662 | {"secname", required_argument, 0, 'U'}, | 670 | {"secname", required_argument, 0, 'U'}, |
| 663 | {"authproto", required_argument, 0, 'a'}, | 671 | {"authproto", required_argument, 0, 'a'}, |
| @@ -687,7 +695,7 @@ process_arguments (int argc, char **argv) | |||
| 687 | } | 695 | } |
| 688 | 696 | ||
| 689 | while (1) { | 697 | while (1) { |
| 690 | c = getopt_long (argc, argv, "nhvVOt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:L:U:a:x:A:X:", | 698 | c = getopt_long (argc, argv, "nhvVOt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:", |
| 691 | longopts, &option); | 699 | longopts, &option); |
| 692 | 700 | ||
| 693 | if (c == -1 || c == EOF) | 701 | if (c == -1 || c == EOF) |
| @@ -725,6 +733,9 @@ process_arguments (int argc, char **argv) | |||
| 725 | case 'P': /* SNMP protocol version */ | 733 | case 'P': /* SNMP protocol version */ |
| 726 | proto = optarg; | 734 | proto = optarg; |
| 727 | break; | 735 | break; |
| 736 | case 'N': /* SNMPv3 context */ | ||
| 737 | context = optarg; | ||
| 738 | break; | ||
| 728 | case 'L': /* security level */ | 739 | case 'L': /* security level */ |
| 729 | seclevel = optarg; | 740 | seclevel = optarg; |
| 730 | break; | 741 | break; |
| @@ -972,6 +983,13 @@ validate_arguments () | |||
| 972 | authpriv[1] = strdup (community); | 983 | authpriv[1] = strdup (community); |
| 973 | } | 984 | } |
| 974 | else if ( strcmp (proto, "3") == 0 ) { /* snmpv3 args */ | 985 | else if ( strcmp (proto, "3") == 0 ) { /* snmpv3 args */ |
| 986 | if (!(context == NULL)) { | ||
| 987 | numcontext = 2; | ||
| 988 | contextargs = calloc (numcontext, sizeof (char *)); | ||
| 989 | contextargs[0] = strdup ("-n"); | ||
| 990 | contextargs[1] = strdup (context); | ||
| 991 | } | ||
| 992 | |||
| 975 | if (seclevel == NULL) | 993 | if (seclevel == NULL) |
| 976 | xasprintf(&seclevel, "noAuthNoPriv"); | 994 | xasprintf(&seclevel, "noAuthNoPriv"); |
| 977 | 995 | ||
| @@ -1115,6 +1133,8 @@ print_help (void) | |||
| 1115 | printf (" %s\n", _("Use SNMP GETNEXT instead of SNMP GET")); | 1133 | printf (" %s\n", _("Use SNMP GETNEXT instead of SNMP GET")); |
| 1116 | printf (" %s\n", "-P, --protocol=[1|2c|3]"); | 1134 | printf (" %s\n", "-P, --protocol=[1|2c|3]"); |
| 1117 | printf (" %s\n", _("SNMP protocol version")); | 1135 | printf (" %s\n", _("SNMP protocol version")); |
| 1136 | printf (" %s\n", "-N, --context=CONTEXT"); | ||
| 1137 | printf (" %s\n", _("SNMPv3 context")); | ||
| 1118 | printf (" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]"); | 1138 | printf (" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]"); |
| 1119 | printf (" %s\n", _("SNMPv3 securityLevel")); | 1139 | printf (" %s\n", _("SNMPv3 securityLevel")); |
| 1120 | printf (" %s\n", "-a, --authproto=[MD5|SHA]"); | 1140 | printf (" %s\n", "-a, --authproto=[MD5|SHA]"); |
| @@ -1222,6 +1242,6 @@ print_usage (void) | |||
| 1222 | printf ("%s -H <ip_address> -o <OID> [-w warn_range] [-c crit_range]\n",progname); | 1242 | printf ("%s -H <ip_address> -o <OID> [-w warn_range] [-c crit_range]\n",progname); |
| 1223 | printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n"); | 1243 | printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n"); |
| 1224 | printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n"); | 1244 | printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n"); |
| 1225 | printf ("[-m miblist] [-P snmp version] [-L seclevel] [-U secname] [-a authproto]\n"); | 1245 | printf ("[-m miblist] [-P snmp version] [-N context] [-L seclevel] [-U secname]\n"); |
| 1226 | printf ("[-A authpasswd] [-x privproto] [-X privpasswd]\n"); | 1246 | printf ("[-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd]\n"); |
| 1227 | } | 1247 | } |