diff options
| author | William Leibzon <william@leibzon.org> | 2012-05-22 01:46:45 (GMT) |
|---|---|---|
| committer | Sven Nierlein <sven@nierlein.de> | 2012-06-25 10:05:16 (GMT) |
| commit | fa3d2a4074e1bd8526e37ba5e1a214ae4a1774cf (patch) | |
| tree | 1d0c780a61db8e719502aed2a7bd9311afd23ac4 /plugins/check_tcp.c | |
| parent | 88fdf3a8a8e17f9212e10befe1f24ff3fa1aa8e6 (diff) | |
| download | monitoring-plugins-fa3d2a4074e1bd8526e37ba5e1a214ae4a1774cf.tar.gz | |
applied patch that adds both critical and warning thresholds to certificate expiration checks of check_tcp, check_http, check_smtp
Diffstat (limited to 'plugins/check_tcp.c')
| -rw-r--r-- | plugins/check_tcp.c | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index d3c92a4..7b0f7f8 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c | |||
| @@ -39,7 +39,7 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net"; | |||
| 39 | 39 | ||
| 40 | #ifdef HAVE_SSL | 40 | #ifdef HAVE_SSL |
| 41 | static int check_cert = FALSE; | 41 | static int check_cert = FALSE; |
| 42 | static int days_till_exp; | 42 | static int days_till_exp_warn, days_till_exp_crit; |
| 43 | # define my_recv(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) | 43 | # define my_recv(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) |
| 44 | # define my_send(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) | 44 | # define my_send(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) |
| 45 | #else | 45 | #else |
| @@ -235,7 +235,7 @@ main (int argc, char **argv) | |||
| 235 | if (flags & FLAG_SSL){ | 235 | if (flags & FLAG_SSL){ |
| 236 | result = np_net_ssl_init(sd); | 236 | result = np_net_ssl_init(sd); |
| 237 | if (result == STATE_OK && check_cert == TRUE) { | 237 | if (result == STATE_OK && check_cert == TRUE) { |
| 238 | result = np_net_ssl_check_cert(days_till_exp); | 238 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); |
| 239 | } | 239 | } |
| 240 | } | 240 | } |
| 241 | if(result != STATE_OK || check_cert == TRUE){ | 241 | if(result != STATE_OK || check_cert == TRUE){ |
| @@ -380,6 +380,7 @@ process_arguments (int argc, char **argv) | |||
| 380 | { | 380 | { |
| 381 | int c; | 381 | int c; |
| 382 | int escape = 0; | 382 | int escape = 0; |
| 383 | char *temp; | ||
| 383 | 384 | ||
| 384 | int option = 0; | 385 | int option = 0; |
| 385 | static struct option longopts[] = { | 386 | static struct option longopts[] = { |
| @@ -552,9 +553,22 @@ process_arguments (int argc, char **argv) | |||
| 552 | case 'D': /* Check SSL cert validity - days 'til certificate expiration */ | 553 | case 'D': /* Check SSL cert validity - days 'til certificate expiration */ |
| 553 | #ifdef HAVE_SSL | 554 | #ifdef HAVE_SSL |
| 554 | # ifdef USE_OPENSSL /* XXX */ | 555 | # ifdef USE_OPENSSL /* XXX */ |
| 555 | if (!is_intnonneg (optarg)) | 556 | if ((temp=strchr(optarg,','))!=NULL) { |
| 557 | *temp='\0'; | ||
| 558 | if (!is_intnonneg (temp)) | ||
| 559 | usage2 (_("Invalid certificate expiration period"), optarg); days_till_exp_warn = atoi(optarg); | ||
| 560 | *temp=','; | ||
| 561 | temp++; | ||
| 562 | if (!is_intnonneg (temp)) | ||
| 563 | usage2 (_("Invalid certificate expiration period"), temp); | ||
| 564 | days_till_exp_crit = atoi (temp); | ||
| 565 | } | ||
| 566 | else { | ||
| 567 | days_till_exp_crit=0; | ||
| 568 | if (!is_intnonneg (optarg)) | ||
| 556 | usage2 (_("Invalid certificate expiration period"), optarg); | 569 | usage2 (_("Invalid certificate expiration period"), optarg); |
| 557 | days_till_exp = atoi (optarg); | 570 | days_till_exp_warn = atoi (optarg); |
| 571 | } | ||
| 558 | check_cert = TRUE; | 572 | check_cert = TRUE; |
| 559 | flags |= FLAG_SSL; | 573 | flags |= FLAG_SSL; |
| 560 | break; | 574 | break; |
| @@ -626,8 +640,9 @@ print_help (void) | |||
| 626 | printf (" %s\n", _("Seconds to wait between sending string and polling for response")); | 640 | printf (" %s\n", _("Seconds to wait between sending string and polling for response")); |
| 627 | 641 | ||
| 628 | #ifdef HAVE_SSL | 642 | #ifdef HAVE_SSL |
| 629 | printf (" %s\n", "-D, --certificate=INTEGER"); | 643 | printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); |
| 630 | printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); | 644 | printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); |
| 645 | printf (" %s\n", _("1st is #days for warning, 2nd is critical (if not specified - 0).")); | ||
| 631 | printf (" %s\n", "-S, --ssl"); | 646 | printf (" %s\n", "-S, --ssl"); |
| 632 | printf (" %s\n", _("Use SSL for the connection.")); | 647 | printf (" %s\n", _("Use SSL for the connection.")); |
| 633 | #endif | 648 | #endif |
| @@ -649,6 +664,6 @@ print_usage (void) | |||
| 649 | printf ("%s -H host -p port [-w <warning time>] [-c <critical time>] [-s <send string>]\n",progname); | 664 | printf ("%s -H host -p port [-w <warning time>] [-c <critical time>] [-s <send string>]\n",progname); |
| 650 | printf ("[-e <expect string>] [-q <quit string>][-m <maximum bytes>] [-d <delay>]\n"); | 665 | printf ("[-e <expect string>] [-q <quit string>][-m <maximum bytes>] [-d <delay>]\n"); |
| 651 | printf ("[-t <timeout seconds>] [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n"); | 666 | printf ("[-t <timeout seconds>] [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n"); |
| 652 | printf ("[-D <days to cert expiry>] [-S <use SSL>] [-E]\n"); | 667 | printf ("[-D <warn days cert expire>[,<crit days cert expire>]] [-S <use SSL>] [-E]\n"); |
| 653 | } | 668 | } |
| 654 | 669 | ||