diff options
author | Alexander A. Klimov <grandmaster@al2klimov.de> | 2020-01-07 20:57:24 +0100 |
---|---|---|
committer | Sven Nierlein <sven@nierlein.org> | 2020-01-07 21:32:15 +0100 |
commit | f53ea7afd8e124690871ebdb79a1432e4dd14488 (patch) | |
tree | 7952857f78609e686c7bea600b913e41565b6ca1 /plugins/check_tcp.c | |
parent | 9da7cd76813870632ff93659d176ead0848b8ee9 (diff) | |
download | monitoring-plugins-f53ea7afd8e124690871ebdb79a1432e4dd14488.tar.gz |
check_tcp: add --sni
Diffstat (limited to 'plugins/check_tcp.c')
-rw-r--r-- | plugins/check_tcp.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 61333bd7..1365b9cb 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c | |||
@@ -86,6 +86,11 @@ static char buffer[MAXBUF]; | |||
86 | static int expect_mismatch_state = STATE_WARNING; | 86 | static int expect_mismatch_state = STATE_WARNING; |
87 | static int match_flags = NP_MATCH_EXACT; | 87 | static int match_flags = NP_MATCH_EXACT; |
88 | 88 | ||
89 | #ifdef HAVE_SSL | ||
90 | static char *sni = NULL; | ||
91 | static int sni_specified = FALSE; | ||
92 | #endif | ||
93 | |||
89 | #define FLAG_SSL 0x01 | 94 | #define FLAG_SSL 0x01 |
90 | #define FLAG_VERBOSE 0x02 | 95 | #define FLAG_VERBOSE 0x02 |
91 | #define FLAG_TIME_WARN 0x04 | 96 | #define FLAG_TIME_WARN 0x04 |
@@ -241,7 +246,7 @@ main (int argc, char **argv) | |||
241 | 246 | ||
242 | #ifdef HAVE_SSL | 247 | #ifdef HAVE_SSL |
243 | if (flags & FLAG_SSL){ | 248 | if (flags & FLAG_SSL){ |
244 | result = np_net_ssl_init(sd); | 249 | result = np_net_ssl_init_with_hostname(sd, (sni_specified ? sni : NULL)); |
245 | if (result == STATE_OK && check_cert == TRUE) { | 250 | if (result == STATE_OK && check_cert == TRUE) { |
246 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); | 251 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); |
247 | } | 252 | } |
@@ -401,6 +406,10 @@ process_arguments (int argc, char **argv) | |||
401 | int escape = 0; | 406 | int escape = 0; |
402 | char *temp; | 407 | char *temp; |
403 | 408 | ||
409 | enum { | ||
410 | SNI_OPTION = CHAR_MAX + 1 | ||
411 | }; | ||
412 | |||
404 | int option = 0; | 413 | int option = 0; |
405 | static struct option longopts[] = { | 414 | static struct option longopts[] = { |
406 | {"hostname", required_argument, 0, 'H'}, | 415 | {"hostname", required_argument, 0, 'H'}, |
@@ -427,6 +436,7 @@ process_arguments (int argc, char **argv) | |||
427 | {"version", no_argument, 0, 'V'}, | 436 | {"version", no_argument, 0, 'V'}, |
428 | {"help", no_argument, 0, 'h'}, | 437 | {"help", no_argument, 0, 'h'}, |
429 | {"ssl", no_argument, 0, 'S'}, | 438 | {"ssl", no_argument, 0, 'S'}, |
439 | {"sni", required_argument, 0, SNI_OPTION}, | ||
430 | {"certificate", required_argument, 0, 'D'}, | 440 | {"certificate", required_argument, 0, 'D'}, |
431 | {0, 0, 0, 0} | 441 | {0, 0, 0, 0} |
432 | }; | 442 | }; |
@@ -604,6 +614,15 @@ process_arguments (int argc, char **argv) | |||
604 | die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); | 614 | die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); |
605 | #endif | 615 | #endif |
606 | break; | 616 | break; |
617 | case SNI_OPTION: | ||
618 | #ifdef HAVE_SSL | ||
619 | flags |= FLAG_SSL; | ||
620 | sni_specified = TRUE; | ||
621 | sni = optarg; | ||
622 | #else | ||
623 | die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); | ||
624 | #endif | ||
625 | break; | ||
607 | case 'A': | 626 | case 'A': |
608 | match_flags |= NP_MATCH_ALL; | 627 | match_flags |= NP_MATCH_ALL; |
609 | break; | 628 | break; |
@@ -671,6 +690,8 @@ print_help (void) | |||
671 | printf (" %s\n", _("1st is #days for warning, 2nd is critical (if not specified - 0).")); | 690 | printf (" %s\n", _("1st is #days for warning, 2nd is critical (if not specified - 0).")); |
672 | printf (" %s\n", "-S, --ssl"); | 691 | printf (" %s\n", "-S, --ssl"); |
673 | printf (" %s\n", _("Use SSL for the connection.")); | 692 | printf (" %s\n", _("Use SSL for the connection.")); |
693 | printf (" %s\n", "--sni=STRING"); | ||
694 | printf (" %s\n", _("SSL server_name")); | ||
674 | #endif | 695 | #endif |
675 | 696 | ||
676 | printf (UT_WARN_CRIT); | 697 | printf (UT_WARN_CRIT); |