diff options
| author | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2025-03-08 13:05:57 +0100 |
|---|---|---|
| committer | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2025-03-09 12:04:40 +0100 |
| commit | 65794e31374b3aa6e1f2c03d090b52e137df13e6 (patch) | |
| tree | 1b7e90bcff95401af6f2730f6de9115dbba4fdfa /plugins | |
| parent | 230054f94d8b6f90076c3cc25c9c36e7b3747c74 (diff) | |
| download | monitoring-plugins-65794e31374b3aa6e1f2c03d090b52e137df13e6.tar.gz | |
Refactor check_dns
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/check_dns.c | 240 | ||||
| -rw-r--r-- | plugins/check_dns.d/config.h | 34 |
2 files changed, 158 insertions, 116 deletions
diff --git a/plugins/check_dns.c b/plugins/check_dns.c index b3d4a6e5..7071c01f 100644 --- a/plugins/check_dns.c +++ b/plugins/check_dns.c | |||
| @@ -39,26 +39,22 @@ const char *email = "devel@monitoring-plugins.org"; | |||
| 39 | #include "netutils.h" | 39 | #include "netutils.h" |
| 40 | #include "runcmd.h" | 40 | #include "runcmd.h" |
| 41 | 41 | ||
| 42 | static int process_arguments(int /*argc*/, char ** /*argv*/); | 42 | #include "states.h" |
| 43 | static int validate_arguments(void); | 43 | #include "check_dns.d/config.h" |
| 44 | static int error_scan(char * /*input_buffer*/, bool *); | 44 | |
| 45 | typedef struct { | ||
| 46 | int errorcode; | ||
| 47 | check_dns_config config; | ||
| 48 | } check_dns_config_wrapper; | ||
| 49 | static check_dns_config_wrapper process_arguments(int /*argc*/, char ** /*argv*/); | ||
| 50 | static check_dns_config_wrapper validate_arguments(check_dns_config_wrapper /*config_wrapper*/); | ||
| 51 | static mp_state_enum error_scan(char * /*input_buffer*/, bool * /*is_nxdomain*/, const char /*dns_server*/[ADDRESS_LENGTH]); | ||
| 45 | static bool ip_match_cidr(const char * /*addr*/, const char * /*cidr_ro*/); | 52 | static bool ip_match_cidr(const char * /*addr*/, const char * /*cidr_ro*/); |
| 46 | static unsigned long ip2long(const char * /*src*/); | 53 | static unsigned long ip2long(const char * /*src*/); |
| 47 | static void print_help(void); | 54 | static void print_help(void); |
| 48 | void print_usage(void); | 55 | void print_usage(void); |
| 49 | 56 | ||
| 50 | #define ADDRESS_LENGTH 256 | ||
| 51 | static char query_address[ADDRESS_LENGTH] = ""; | ||
| 52 | static char dns_server[ADDRESS_LENGTH] = ""; | ||
| 53 | static char ptr_server[ADDRESS_LENGTH] = ""; | ||
| 54 | static bool verbose = false; | 57 | static bool verbose = false; |
| 55 | static char **expected_address = NULL; | ||
| 56 | static int expected_address_cnt = 0; | ||
| 57 | static bool expect_nxdomain = false; | ||
| 58 | |||
| 59 | static bool expect_authority = false; | ||
| 60 | static bool all_match = false; | ||
| 61 | static thresholds *time_thresholds = NULL; | ||
| 62 | 58 | ||
| 63 | static int qstrcmp(const void *p1, const void *p2) { | 59 | static int qstrcmp(const void *p1, const void *p2) { |
| 64 | /* The actual arguments to this function are "pointers to | 60 | /* The actual arguments to this function are "pointers to |
| @@ -68,23 +64,6 @@ static int qstrcmp(const void *p1, const void *p2) { | |||
| 68 | } | 64 | } |
| 69 | 65 | ||
| 70 | int main(int argc, char **argv) { | 66 | int main(int argc, char **argv) { |
| 71 | char *command_line = NULL; | ||
| 72 | char input_buffer[MAX_INPUT_BUFFER]; | ||
| 73 | char *address = NULL; /* comma separated str with addrs/ptrs (sorted) */ | ||
| 74 | char **addresses = NULL; | ||
| 75 | int n_addresses = 0; | ||
| 76 | char *msg = NULL; | ||
| 77 | char *temp_buffer = NULL; | ||
| 78 | bool non_authoritative = false; | ||
| 79 | int result = STATE_UNKNOWN; | ||
| 80 | double elapsed_time; | ||
| 81 | long microsec; | ||
| 82 | struct timeval tv; | ||
| 83 | bool parse_address = false; /* This flag scans for Address: but only after Name: */ | ||
| 84 | output chld_out; | ||
| 85 | output chld_err; | ||
| 86 | bool is_nxdomain = false; | ||
| 87 | |||
| 88 | setlocale(LC_ALL, ""); | 67 | setlocale(LC_ALL, ""); |
| 89 | bindtextdomain(PACKAGE, LOCALEDIR); | 68 | bindtextdomain(PACKAGE, LOCALEDIR); |
| 90 | textdomain(PACKAGE); | 69 | textdomain(PACKAGE); |
| @@ -97,13 +76,19 @@ int main(int argc, char **argv) { | |||
| 97 | /* Parse extra opts if any */ | 76 | /* Parse extra opts if any */ |
| 98 | argv = np_extra_opts(&argc, argv, progname); | 77 | argv = np_extra_opts(&argc, argv, progname); |
| 99 | 78 | ||
| 100 | if (process_arguments(argc, argv) == ERROR) { | 79 | check_dns_config_wrapper tmp = process_arguments(argc, argv); |
| 80 | |||
| 81 | if (tmp.errorcode == ERROR) { | ||
| 101 | usage_va(_("Could not parse arguments")); | 82 | usage_va(_("Could not parse arguments")); |
| 102 | } | 83 | } |
| 103 | 84 | ||
| 85 | const check_dns_config config = tmp.config; | ||
| 86 | |||
| 87 | char *command_line = NULL; | ||
| 104 | /* get the command to run */ | 88 | /* get the command to run */ |
| 105 | xasprintf(&command_line, "%s %s %s", NSLOOKUP_COMMAND, query_address, dns_server); | 89 | xasprintf(&command_line, "%s %s %s", NSLOOKUP_COMMAND, config.query_address, config.dns_server); |
| 106 | 90 | ||
| 91 | struct timeval tv; | ||
| 107 | alarm(timeout_interval); | 92 | alarm(timeout_interval); |
| 108 | gettimeofday(&tv, NULL); | 93 | gettimeofday(&tv, NULL); |
| 109 | 94 | ||
| @@ -111,12 +96,23 @@ int main(int argc, char **argv) { | |||
| 111 | printf("%s\n", command_line); | 96 | printf("%s\n", command_line); |
| 112 | } | 97 | } |
| 113 | 98 | ||
| 99 | output chld_out; | ||
| 100 | output chld_err; | ||
| 101 | char *msg = NULL; | ||
| 102 | mp_state_enum result = STATE_UNKNOWN; | ||
| 114 | /* run the command */ | 103 | /* run the command */ |
| 115 | if ((np_runcmd(command_line, &chld_out, &chld_err, 0)) != 0) { | 104 | if ((np_runcmd(command_line, &chld_out, &chld_err, 0)) != 0) { |
| 116 | msg = (char *)_("nslookup returned an error status"); | 105 | msg = (char *)_("nslookup returned an error status"); |
| 117 | result = STATE_WARNING; | 106 | result = STATE_WARNING; |
| 118 | } | 107 | } |
| 119 | 108 | ||
| 109 | char *address = NULL; /* comma separated str with addrs/ptrs (sorted) */ | ||
| 110 | char **addresses = NULL; | ||
| 111 | size_t n_addresses = 0; | ||
| 112 | bool non_authoritative = false; | ||
| 113 | bool is_nxdomain = false; | ||
| 114 | char *temp_buffer = NULL; | ||
| 115 | bool parse_address = false; /* This flag scans for Address: but only after Name: */ | ||
| 120 | /* scan stdout */ | 116 | /* scan stdout */ |
| 121 | for (size_t i = 0; i < chld_out.lines; i++) { | 117 | for (size_t i = 0; i < chld_out.lines; i++) { |
| 122 | if (addresses == NULL) { | 118 | if (addresses == NULL) { |
| @@ -140,21 +136,22 @@ int main(int argc, char **argv) { | |||
| 140 | 136 | ||
| 141 | /* bug ID: 2946553 - Older versions of bind will use all available dns | 137 | /* bug ID: 2946553 - Older versions of bind will use all available dns |
| 142 | servers, we have to match the one specified */ | 138 | servers, we have to match the one specified */ |
| 143 | if (strstr(chld_out.line[i], "Server:") && strlen(dns_server) > 0) { | 139 | if (strstr(chld_out.line[i], "Server:") && strlen(config.dns_server) > 0) { |
| 144 | temp_buffer = strchr(chld_out.line[i], ':'); | 140 | temp_buffer = strchr(chld_out.line[i], ':'); |
| 145 | temp_buffer++; | 141 | temp_buffer++; |
| 146 | 142 | ||
| 147 | /* Strip leading tabs */ | 143 | /* Strip leading tabs */ |
| 148 | for (; *temp_buffer != '\0' && *temp_buffer == '\t'; temp_buffer++) | 144 | for (; *temp_buffer != '\0' && *temp_buffer == '\t'; temp_buffer++) { |
| 149 | /* NOOP */; | 145 | /* NOOP */; |
| 146 | } | ||
| 150 | 147 | ||
| 151 | strip(temp_buffer); | 148 | strip(temp_buffer); |
| 152 | if (temp_buffer == NULL || strlen(temp_buffer) == 0) { | 149 | if (temp_buffer == NULL || strlen(temp_buffer) == 0) { |
| 153 | die(STATE_CRITICAL, _("DNS CRITICAL - '%s' returned empty server string\n"), NSLOOKUP_COMMAND); | 150 | die(STATE_CRITICAL, _("DNS CRITICAL - '%s' returned empty server string\n"), NSLOOKUP_COMMAND); |
| 154 | } | 151 | } |
| 155 | 152 | ||
| 156 | if (strcmp(temp_buffer, dns_server) != 0) { | 153 | if (strcmp(temp_buffer, config.dns_server) != 0) { |
| 157 | die(STATE_CRITICAL, _("DNS CRITICAL - No response from DNS %s\n"), dns_server); | 154 | die(STATE_CRITICAL, _("DNS CRITICAL - No response from DNS %s\n"), config.dns_server); |
| 158 | } | 155 | } |
| 159 | } | 156 | } |
| 160 | 157 | ||
| @@ -180,7 +177,7 @@ int main(int argc, char **argv) { | |||
| 180 | non_authoritative = true; | 177 | non_authoritative = true; |
| 181 | } | 178 | } |
| 182 | 179 | ||
| 183 | result = error_scan(chld_out.line[i], &is_nxdomain); | 180 | result = error_scan(chld_out.line[i], &is_nxdomain, config.dns_server); |
| 184 | if (result != STATE_OK) { | 181 | if (result != STATE_OK) { |
| 185 | msg = strchr(chld_out.line[i], ':'); | 182 | msg = strchr(chld_out.line[i], ':'); |
| 186 | if (msg) { | 183 | if (msg) { |
| @@ -190,14 +187,15 @@ int main(int argc, char **argv) { | |||
| 190 | } | 187 | } |
| 191 | } | 188 | } |
| 192 | 189 | ||
| 190 | char input_buffer[MAX_INPUT_BUFFER]; | ||
| 193 | /* scan stderr */ | 191 | /* scan stderr */ |
| 194 | for (size_t i = 0; i < chld_err.lines; i++) { | 192 | for (size_t i = 0; i < chld_err.lines; i++) { |
| 195 | if (verbose) { | 193 | if (verbose) { |
| 196 | puts(chld_err.line[i]); | 194 | puts(chld_err.line[i]); |
| 197 | } | 195 | } |
| 198 | 196 | ||
| 199 | if (error_scan(chld_err.line[i], &is_nxdomain) != STATE_OK) { | 197 | if (error_scan(chld_err.line[i], &is_nxdomain, config.dns_server) != STATE_OK) { |
| 200 | result = max_state(result, error_scan(chld_err.line[i], &is_nxdomain)); | 198 | result = max_state(result, error_scan(chld_err.line[i], &is_nxdomain, config.dns_server)); |
| 201 | msg = strchr(input_buffer, ':'); | 199 | msg = strchr(input_buffer, ':'); |
| 202 | if (msg) { | 200 | if (msg) { |
| 203 | msg++; | 201 | msg++; |
| @@ -207,20 +205,19 @@ int main(int argc, char **argv) { | |||
| 207 | } | 205 | } |
| 208 | } | 206 | } |
| 209 | 207 | ||
| 210 | if (is_nxdomain && !expect_nxdomain) { | 208 | if (is_nxdomain && !config.expect_nxdomain) { |
| 211 | die(STATE_CRITICAL, _("Domain '%s' was not found by the server\n"), query_address); | 209 | die(STATE_CRITICAL, _("Domain '%s' was not found by the server\n"), config.query_address); |
| 212 | } | 210 | } |
| 213 | 211 | ||
| 214 | if (addresses) { | 212 | if (addresses) { |
| 215 | int i; | 213 | size_t slen = 1; |
| 216 | int slen; | 214 | char *adrp = NULL; |
| 217 | char *adrp; | ||
| 218 | qsort(addresses, n_addresses, sizeof(*addresses), qstrcmp); | 215 | qsort(addresses, n_addresses, sizeof(*addresses), qstrcmp); |
| 219 | for (i = 0, slen = 1; i < n_addresses; i++) { | 216 | for (size_t i = 0; i < n_addresses; i++) { |
| 220 | slen += strlen(addresses[i]) + 1; | 217 | slen += strlen(addresses[i]) + 1; |
| 221 | } | 218 | } |
| 222 | adrp = address = malloc(slen); | 219 | adrp = address = malloc(slen); |
| 223 | for (i = 0; i < n_addresses; i++) { | 220 | for (size_t i = 0; i < n_addresses; i++) { |
| 224 | if (i) { | 221 | if (i) { |
| 225 | *adrp++ = ','; | 222 | *adrp++ = ','; |
| 226 | } | 223 | } |
| @@ -233,17 +230,16 @@ int main(int argc, char **argv) { | |||
| 233 | } | 230 | } |
| 234 | 231 | ||
| 235 | /* compare to expected address */ | 232 | /* compare to expected address */ |
| 236 | if (result == STATE_OK && expected_address_cnt > 0) { | 233 | if (result == STATE_OK && config.expected_address_cnt > 0) { |
| 237 | result = STATE_CRITICAL; | 234 | result = STATE_CRITICAL; |
| 238 | temp_buffer = ""; | 235 | temp_buffer = ""; |
| 239 | unsigned long expect_match = (1 << expected_address_cnt) - 1; | 236 | unsigned long expect_match = (1 << config.expected_address_cnt) - 1; |
| 240 | unsigned long addr_match = (1 << n_addresses) - 1; | 237 | unsigned long addr_match = (1 << n_addresses) - 1; |
| 241 | 238 | ||
| 242 | for (int i = 0; i < expected_address_cnt; i++) { | 239 | for (size_t i = 0; i < config.expected_address_cnt; i++) { |
| 243 | int j; | ||
| 244 | /* check if we get a match on 'raw' ip or cidr */ | 240 | /* check if we get a match on 'raw' ip or cidr */ |
| 245 | for (j = 0; j < n_addresses; j++) { | 241 | for (size_t j = 0; j < n_addresses; j++) { |
| 246 | if (strcmp(addresses[j], expected_address[i]) == 0 || ip_match_cidr(addresses[j], expected_address[i])) { | 242 | if (strcmp(addresses[j], config.expected_address[i]) == 0 || ip_match_cidr(addresses[j], config.expected_address[i])) { |
| 247 | result = STATE_OK; | 243 | result = STATE_OK; |
| 248 | addr_match &= ~(1 << j); | 244 | addr_match &= ~(1 << j); |
| 249 | expect_match &= ~(1 << i); | 245 | expect_match &= ~(1 << i); |
| @@ -251,10 +247,10 @@ int main(int argc, char **argv) { | |||
| 251 | } | 247 | } |
| 252 | 248 | ||
| 253 | /* prepare an error string */ | 249 | /* prepare an error string */ |
| 254 | xasprintf(&temp_buffer, "%s%s; ", temp_buffer, expected_address[i]); | 250 | xasprintf(&temp_buffer, "%s%s; ", temp_buffer, config.expected_address[i]); |
| 255 | } | 251 | } |
| 256 | /* check if expected_address must cover all in addresses and none may be missing */ | 252 | /* check if expected_address must cover all in addresses and none may be missing */ |
| 257 | if (all_match && (expect_match != 0 || addr_match != 0)) { | 253 | if (config.all_match && (expect_match != 0 || addr_match != 0)) { |
| 258 | result = STATE_CRITICAL; | 254 | result = STATE_CRITICAL; |
| 259 | } | 255 | } |
| 260 | if (result == STATE_CRITICAL) { | 256 | if (result == STATE_CRITICAL) { |
| @@ -264,10 +260,10 @@ int main(int argc, char **argv) { | |||
| 264 | } | 260 | } |
| 265 | } | 261 | } |
| 266 | 262 | ||
| 267 | if (expect_nxdomain) { | 263 | if (config.expect_nxdomain) { |
| 268 | if (!is_nxdomain) { | 264 | if (!is_nxdomain) { |
| 269 | result = STATE_CRITICAL; | 265 | result = STATE_CRITICAL; |
| 270 | xasprintf(&msg, _("Domain '%s' was found by the server: '%s'\n"), query_address, address); | 266 | xasprintf(&msg, _("Domain '%s' was found by the server: '%s'\n"), config.query_address, address); |
| 271 | } else { | 267 | } else { |
| 272 | if (address != NULL) { | 268 | if (address != NULL) { |
| 273 | free(address); | 269 | free(address); |
| @@ -277,16 +273,16 @@ int main(int argc, char **argv) { | |||
| 277 | } | 273 | } |
| 278 | 274 | ||
| 279 | /* check if authoritative */ | 275 | /* check if authoritative */ |
| 280 | if (result == STATE_OK && expect_authority && non_authoritative) { | 276 | if (result == STATE_OK && config.expect_authority && non_authoritative) { |
| 281 | result = STATE_CRITICAL; | 277 | result = STATE_CRITICAL; |
| 282 | xasprintf(&msg, _("server %s is not authoritative for %s"), dns_server, query_address); | 278 | xasprintf(&msg, _("server %s is not authoritative for %s"), config.dns_server, config.query_address); |
| 283 | } | 279 | } |
| 284 | 280 | ||
| 285 | microsec = deltime(tv); | 281 | long microsec = deltime(tv); |
| 286 | elapsed_time = (double)microsec / 1.0e6; | 282 | double elapsed_time = (double)microsec / 1.0e6; |
| 287 | 283 | ||
| 288 | if (result == STATE_OK) { | 284 | if (result == STATE_OK) { |
| 289 | result = get_status(elapsed_time, time_thresholds); | 285 | result = get_status(elapsed_time, config.time_thresholds); |
| 290 | if (result == STATE_OK) { | 286 | if (result == STATE_OK) { |
| 291 | printf("DNS %s: ", _("OK")); | 287 | printf("DNS %s: ", _("OK")); |
| 292 | } else if (result == STATE_WARNING) { | 288 | } else if (result == STATE_WARNING) { |
| @@ -295,14 +291,14 @@ int main(int argc, char **argv) { | |||
| 295 | printf("DNS %s: ", _("CRITICAL")); | 291 | printf("DNS %s: ", _("CRITICAL")); |
| 296 | } | 292 | } |
| 297 | printf(ngettext("%.3f second response time", "%.3f seconds response time", elapsed_time), elapsed_time); | 293 | printf(ngettext("%.3f second response time", "%.3f seconds response time", elapsed_time), elapsed_time); |
| 298 | printf(_(". %s returns %s"), query_address, address); | 294 | printf(_(". %s returns %s"), config.query_address, address); |
| 299 | if ((time_thresholds->warning != NULL) && (time_thresholds->critical != NULL)) { | 295 | if ((config.time_thresholds->warning != NULL) && (config.time_thresholds->critical != NULL)) { |
| 300 | printf("|%s\n", fperfdata("time", elapsed_time, "s", true, time_thresholds->warning->end, true, time_thresholds->critical->end, | 296 | printf("|%s\n", fperfdata("time", elapsed_time, "s", true, config.time_thresholds->warning->end, true, |
| 301 | true, 0, false, 0)); | 297 | config.time_thresholds->critical->end, true, 0, false, 0)); |
| 302 | } else if ((time_thresholds->warning == NULL) && (time_thresholds->critical != NULL)) { | 298 | } else if ((config.time_thresholds->warning == NULL) && (config.time_thresholds->critical != NULL)) { |
| 303 | printf("|%s\n", fperfdata("time", elapsed_time, "s", false, 0, true, time_thresholds->critical->end, true, 0, false, 0)); | 299 | printf("|%s\n", fperfdata("time", elapsed_time, "s", false, 0, true, config.time_thresholds->critical->end, true, 0, false, 0)); |
| 304 | } else if ((time_thresholds->warning != NULL) && (time_thresholds->critical == NULL)) { | 300 | } else if ((config.time_thresholds->warning != NULL) && (config.time_thresholds->critical == NULL)) { |
| 305 | printf("|%s\n", fperfdata("time", elapsed_time, "s", true, time_thresholds->warning->end, false, 0, true, 0, false, 0)); | 301 | printf("|%s\n", fperfdata("time", elapsed_time, "s", true, config.time_thresholds->warning->end, false, 0, true, 0, false, 0)); |
| 306 | } else { | 302 | } else { |
| 307 | printf("|%s\n", fperfdata("time", elapsed_time, "s", false, 0, false, 0, true, 0, false, 0)); | 303 | printf("|%s\n", fperfdata("time", elapsed_time, "s", false, 0, false, 0, true, 0, false, 0)); |
| 308 | } | 304 | } |
| @@ -314,7 +310,7 @@ int main(int argc, char **argv) { | |||
| 314 | printf(_("DNS UNKNOWN - %s\n"), !strcmp(msg, "") ? _(" Probably a non-existent host/domain") : msg); | 310 | printf(_("DNS UNKNOWN - %s\n"), !strcmp(msg, "") ? _(" Probably a non-existent host/domain") : msg); |
| 315 | } | 311 | } |
| 316 | 312 | ||
| 317 | return result; | 313 | exit(result); |
| 318 | } | 314 | } |
| 319 | 315 | ||
| 320 | bool ip_match_cidr(const char *addr, const char *cidr_ro) { | 316 | bool ip_match_cidr(const char *addr, const char *cidr_ro) { |
| @@ -342,7 +338,7 @@ unsigned long ip2long(const char *src) { | |||
| 342 | : 0; | 338 | : 0; |
| 343 | } | 339 | } |
| 344 | 340 | ||
| 345 | int error_scan(char *input_buffer, bool *is_nxdomain) { | 341 | mp_state_enum error_scan(char *input_buffer, bool *is_nxdomain, const char dns_server[ADDRESS_LENGTH]) { |
| 346 | 342 | ||
| 347 | const int nxdomain = strstr(input_buffer, "Non-existent") || strstr(input_buffer, "** server can't find") || | 343 | const int nxdomain = strstr(input_buffer, "Non-existent") || strstr(input_buffer, "** server can't find") || |
| 348 | strstr(input_buffer, "** Can't find") || strstr(input_buffer, "NXDOMAIN"); | 344 | strstr(input_buffer, "** Can't find") || strstr(input_buffer, "NXDOMAIN"); |
| @@ -404,12 +400,7 @@ int error_scan(char *input_buffer, bool *is_nxdomain) { | |||
| 404 | } | 400 | } |
| 405 | 401 | ||
| 406 | /* process command-line arguments */ | 402 | /* process command-line arguments */ |
| 407 | int process_arguments(int argc, char **argv) { | 403 | check_dns_config_wrapper process_arguments(int argc, char **argv) { |
| 408 | int c; | ||
| 409 | char *warning = NULL; | ||
| 410 | char *critical = NULL; | ||
| 411 | |||
| 412 | int opt_index = 0; | ||
| 413 | static struct option long_opts[] = {{"help", no_argument, 0, 'h'}, | 404 | static struct option long_opts[] = {{"help", no_argument, 0, 'h'}, |
| 414 | {"version", no_argument, 0, 'V'}, | 405 | {"version", no_argument, 0, 'V'}, |
| 415 | {"verbose", no_argument, 0, 'v'}, | 406 | {"verbose", no_argument, 0, 'v'}, |
| @@ -425,24 +416,34 @@ int process_arguments(int argc, char **argv) { | |||
| 425 | {"critical", required_argument, 0, 'c'}, | 416 | {"critical", required_argument, 0, 'c'}, |
| 426 | {0, 0, 0, 0}}; | 417 | {0, 0, 0, 0}}; |
| 427 | 418 | ||
| 419 | check_dns_config_wrapper result = { | ||
| 420 | .config = check_dns_config_init(), | ||
| 421 | .errorcode = OK, | ||
| 422 | }; | ||
| 423 | |||
| 428 | if (argc < 2) { | 424 | if (argc < 2) { |
| 429 | return ERROR; | 425 | result.errorcode = ERROR; |
| 426 | return result; | ||
| 430 | } | 427 | } |
| 431 | 428 | ||
| 432 | for (c = 1; c < argc; c++) { | 429 | for (int index = 1; index < argc; index++) { |
| 433 | if (strcmp("-to", argv[c]) == 0) { | 430 | if (strcmp("-to", argv[index]) == 0) { |
| 434 | strcpy(argv[c], "-t"); | 431 | strcpy(argv[index], "-t"); |
| 435 | } | 432 | } |
| 436 | } | 433 | } |
| 437 | 434 | ||
| 438 | while (1) { | 435 | char *warning = NULL; |
| 439 | c = getopt_long(argc, argv, "hVvALnt:H:s:r:a:w:c:", long_opts, &opt_index); | 436 | char *critical = NULL; |
| 437 | int opt_index = 0; | ||
| 438 | int index = 0; | ||
| 439 | while (true) { | ||
| 440 | index = getopt_long(argc, argv, "hVvALnt:H:s:r:a:w:c:", long_opts, &opt_index); | ||
| 440 | 441 | ||
| 441 | if (c == -1 || c == EOF) { | 442 | if (index == -1 || index == EOF) { |
| 442 | break; | 443 | break; |
| 443 | } | 444 | } |
| 444 | 445 | ||
| 445 | switch (c) { | 446 | switch (index) { |
| 446 | case 'h': /* help */ | 447 | case 'h': /* help */ |
| 447 | print_help(); | 448 | print_help(); |
| 448 | exit(STATE_UNKNOWN); | 449 | exit(STATE_UNKNOWN); |
| @@ -459,7 +460,7 @@ int process_arguments(int argc, char **argv) { | |||
| 459 | if (strlen(optarg) >= ADDRESS_LENGTH) { | 460 | if (strlen(optarg) >= ADDRESS_LENGTH) { |
| 460 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); | 461 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); |
| 461 | } | 462 | } |
| 462 | strcpy(query_address, optarg); | 463 | strcpy(result.config.query_address, optarg); |
| 463 | break; | 464 | break; |
| 464 | case 's': /* server name */ | 465 | case 's': /* server name */ |
| 465 | /* TODO: this host_or_die check is probably unnecessary. | 466 | /* TODO: this host_or_die check is probably unnecessary. |
| @@ -468,14 +469,16 @@ int process_arguments(int argc, char **argv) { | |||
| 468 | if (strlen(optarg) >= ADDRESS_LENGTH) { | 469 | if (strlen(optarg) >= ADDRESS_LENGTH) { |
| 469 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); | 470 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); |
| 470 | } | 471 | } |
| 471 | strcpy(dns_server, optarg); | 472 | strcpy(result.config.dns_server, optarg); |
| 472 | break; | 473 | break; |
| 473 | case 'r': /* reverse server name */ | 474 | case 'r': /* reverse server name */ |
| 474 | /* TODO: Is this host_or_die necessary? */ | 475 | /* TODO: Is this host_or_die necessary? */ |
| 476 | // TODO This does not do anything!!! 2025-03-08 rincewind | ||
| 475 | host_or_die(optarg); | 477 | host_or_die(optarg); |
| 476 | if (strlen(optarg) >= ADDRESS_LENGTH) { | 478 | if (strlen(optarg) >= ADDRESS_LENGTH) { |
| 477 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); | 479 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); |
| 478 | } | 480 | } |
| 481 | static char ptr_server[ADDRESS_LENGTH] = ""; | ||
| 479 | strcpy(ptr_server, optarg); | 482 | strcpy(ptr_server, optarg); |
| 480 | break; | 483 | break; |
| 481 | case 'a': /* expected address */ | 484 | case 'a': /* expected address */ |
| @@ -485,29 +488,32 @@ int process_arguments(int argc, char **argv) { | |||
| 485 | if (strchr(optarg, ',') != NULL) { | 488 | if (strchr(optarg, ',') != NULL) { |
| 486 | char *comma = strchr(optarg, ','); | 489 | char *comma = strchr(optarg, ','); |
| 487 | while (comma != NULL) { | 490 | while (comma != NULL) { |
| 488 | expected_address = (char **)realloc(expected_address, (expected_address_cnt + 1) * sizeof(char **)); | 491 | result.config.expected_address = |
| 489 | expected_address[expected_address_cnt] = strndup(optarg, comma - optarg); | 492 | (char **)realloc(result.config.expected_address, (result.config.expected_address_cnt + 1) * sizeof(char **)); |
| 490 | expected_address_cnt++; | 493 | result.config.expected_address[result.config.expected_address_cnt] = strndup(optarg, comma - optarg); |
| 494 | result.config.expected_address_cnt++; | ||
| 491 | optarg = comma + 1; | 495 | optarg = comma + 1; |
| 492 | comma = strchr(optarg, ','); | 496 | comma = strchr(optarg, ','); |
| 493 | } | 497 | } |
| 494 | expected_address = (char **)realloc(expected_address, (expected_address_cnt + 1) * sizeof(char **)); | 498 | result.config.expected_address = |
| 495 | expected_address[expected_address_cnt] = strdup(optarg); | 499 | (char **)realloc(result.config.expected_address, (result.config.expected_address_cnt + 1) * sizeof(char **)); |
| 496 | expected_address_cnt++; | 500 | result.config.expected_address[result.config.expected_address_cnt] = strdup(optarg); |
| 501 | result.config.expected_address_cnt++; | ||
| 497 | } else { | 502 | } else { |
| 498 | expected_address = (char **)realloc(expected_address, (expected_address_cnt + 1) * sizeof(char **)); | 503 | result.config.expected_address = |
| 499 | expected_address[expected_address_cnt] = strdup(optarg); | 504 | (char **)realloc(result.config.expected_address, (result.config.expected_address_cnt + 1) * sizeof(char **)); |
| 500 | expected_address_cnt++; | 505 | result.config.expected_address[result.config.expected_address_cnt] = strdup(optarg); |
| 506 | result.config.expected_address_cnt++; | ||
| 501 | } | 507 | } |
| 502 | break; | 508 | break; |
| 503 | case 'n': /* expect NXDOMAIN */ | 509 | case 'n': /* expect NXDOMAIN */ |
| 504 | expect_nxdomain = true; | 510 | result.config.expect_nxdomain = true; |
| 505 | break; | 511 | break; |
| 506 | case 'A': /* expect authority */ | 512 | case 'A': /* expect authority */ |
| 507 | expect_authority = true; | 513 | result.config.expect_authority = true; |
| 508 | break; | 514 | break; |
| 509 | case 'L': /* all must match */ | 515 | case 'L': /* all must match */ |
| 510 | all_match = true; | 516 | result.config.all_match = true; |
| 511 | break; | 517 | break; |
| 512 | case 'w': | 518 | case 'w': |
| 513 | warning = optarg; | 519 | warning = optarg; |
| @@ -520,40 +526,42 @@ int process_arguments(int argc, char **argv) { | |||
| 520 | } | 526 | } |
| 521 | } | 527 | } |
| 522 | 528 | ||
| 523 | c = optind; | 529 | index = optind; |
| 524 | if (strlen(query_address) == 0 && c < argc) { | 530 | if (strlen(result.config.query_address) == 0 && index < argc) { |
| 525 | if (strlen(argv[c]) >= ADDRESS_LENGTH) { | 531 | if (strlen(argv[index]) >= ADDRESS_LENGTH) { |
| 526 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); | 532 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); |
| 527 | } | 533 | } |
| 528 | strcpy(query_address, argv[c++]); | 534 | strcpy(result.config.query_address, argv[index++]); |
| 529 | } | 535 | } |
| 530 | 536 | ||
| 531 | if (strlen(dns_server) == 0 && c < argc) { | 537 | if (strlen(result.config.dns_server) == 0 && index < argc) { |
| 532 | /* TODO: See -s option */ | 538 | /* TODO: See -s option */ |
| 533 | host_or_die(argv[c]); | 539 | host_or_die(argv[index]); |
| 534 | if (strlen(argv[c]) >= ADDRESS_LENGTH) { | 540 | if (strlen(argv[index]) >= ADDRESS_LENGTH) { |
| 535 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); | 541 | die(STATE_UNKNOWN, _("Input buffer overflow\n")); |
| 536 | } | 542 | } |
| 537 | strcpy(dns_server, argv[c++]); | 543 | strcpy(result.config.dns_server, argv[index++]); |
| 538 | } | 544 | } |
| 539 | 545 | ||
| 540 | set_thresholds(&time_thresholds, warning, critical); | 546 | set_thresholds(&result.config.time_thresholds, warning, critical); |
| 541 | 547 | ||
| 542 | return validate_arguments(); | 548 | return validate_arguments(result); |
| 543 | } | 549 | } |
| 544 | 550 | ||
| 545 | int validate_arguments(void) { | 551 | check_dns_config_wrapper validate_arguments(check_dns_config_wrapper config_wrapper) { |
| 546 | if (query_address[0] == 0) { | 552 | if (config_wrapper.config.query_address[0] == 0) { |
| 547 | printf("missing --host argument\n"); | 553 | printf("missing --host argument\n"); |
| 548 | return ERROR; | 554 | config_wrapper.errorcode = ERROR; |
| 555 | return config_wrapper; | ||
| 549 | } | 556 | } |
| 550 | 557 | ||
| 551 | if (expected_address_cnt > 0 && expect_nxdomain) { | 558 | if (config_wrapper.config.expected_address_cnt > 0 && config_wrapper.config.expect_nxdomain) { |
| 552 | printf("--expected-address and --expect-nxdomain cannot be combined\n"); | 559 | printf("--expected-address and --expect-nxdomain cannot be combined\n"); |
| 553 | return ERROR; | 560 | config_wrapper.errorcode = ERROR; |
| 561 | return config_wrapper; | ||
| 554 | } | 562 | } |
| 555 | 563 | ||
| 556 | return OK; | 564 | return config_wrapper; |
| 557 | } | 565 | } |
| 558 | 566 | ||
| 559 | void print_help(void) { | 567 | void print_help(void) { |
diff --git a/plugins/check_dns.d/config.h b/plugins/check_dns.d/config.h new file mode 100644 index 00000000..9ec4eb82 --- /dev/null +++ b/plugins/check_dns.d/config.h | |||
| @@ -0,0 +1,34 @@ | |||
| 1 | #pragma once | ||
| 2 | |||
| 3 | #include "../../config.h" | ||
| 4 | #include "thresholds.h" | ||
| 5 | #include <stddef.h> | ||
| 6 | |||
| 7 | #define ADDRESS_LENGTH 256 | ||
| 8 | |||
| 9 | typedef struct { | ||
| 10 | bool all_match; | ||
| 11 | char dns_server[ADDRESS_LENGTH]; | ||
| 12 | char query_address[ADDRESS_LENGTH]; | ||
| 13 | bool expect_nxdomain; | ||
| 14 | bool expect_authority; | ||
| 15 | char **expected_address; | ||
| 16 | size_t expected_address_cnt; | ||
| 17 | |||
| 18 | thresholds *time_thresholds; | ||
| 19 | } check_dns_config; | ||
| 20 | |||
| 21 | check_dns_config check_dns_config_init() { | ||
| 22 | check_dns_config tmp = { | ||
| 23 | .all_match = false, | ||
| 24 | .dns_server = "", | ||
| 25 | .query_address = "", | ||
| 26 | .expect_nxdomain = false, | ||
| 27 | .expect_authority = false, | ||
| 28 | .expected_address = NULL, | ||
| 29 | .expected_address_cnt = 0, | ||
| 30 | |||
| 31 | .time_thresholds = NULL, | ||
| 32 | }; | ||
| 33 | return tmp; | ||
| 34 | } | ||