summaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorJan Wagner <waja@cyconet.org>2023-10-17 13:39:37 +0200
committerJan Wagner <waja@cyconet.org>2023-10-17 13:39:37 +0200
commit2a047014385022c8dc06dad4da0428db14898689 (patch)
tree00abea46325decf0c72870ee8f9ec1472e8e5344 /plugins
parentf39211c26408af582121f519d89c8abf70e6d437 (diff)
parente23a75d954311b3be429a9020e4d317b89615ee7 (diff)
downloadmonitoring-plugins-2a04701.tar.gz
Merge branch 'master' of github.com:monitoring-plugins/monitoring-plugins
Diffstat (limited to 'plugins')
-rw-r--r--plugins/Makefile.am2
-rw-r--r--plugins/check_curl.c32
-rw-r--r--plugins/check_disk.c53
-rw-r--r--plugins/check_http.c4
-rw-r--r--plugins/check_ldap.c3
-rw-r--r--plugins/check_mysql.c35
-rw-r--r--plugins/check_ntp.c2
-rw-r--r--plugins/check_procs.c5
-rw-r--r--plugins/check_radius.c2
-rw-r--r--plugins/check_smtp.c57
-rw-r--r--plugins/check_snmp.c73
-rw-r--r--plugins/check_users.c37
-rw-r--r--plugins/common.h14
-rw-r--r--plugins/netutils.h2
-rw-r--r--plugins/popen.c16
-rw-r--r--plugins/popen.h2
-rw-r--r--plugins/runcmd.c12
-rw-r--r--plugins/sslutils.c77
-rw-r--r--plugins/t/check_imap.t2
-rw-r--r--plugins/t/check_smtp.t40
-rw-r--r--plugins/t/check_snmp.t68
-rw-r--r--plugins/t/check_users.t2
-rwxr-xr-xplugins/tests/check_curl.t2
-rw-r--r--plugins/utils.c16
-rw-r--r--plugins/utils.h2
25 files changed, 323 insertions, 237 deletions
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index ab59eb73..49086b7a 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -112,7 +112,7 @@ check_tcp_LDADD = $(SSLOBJS)
112check_time_LDADD = $(NETLIBS) 112check_time_LDADD = $(NETLIBS)
113check_ntp_time_LDADD = $(NETLIBS) $(MATHLIBS) 113check_ntp_time_LDADD = $(NETLIBS) $(MATHLIBS)
114check_ups_LDADD = $(NETLIBS) 114check_ups_LDADD = $(NETLIBS)
115check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) 115check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) $(SYSTEMDLIBS)
116check_by_ssh_LDADD = $(NETLIBS) 116check_by_ssh_LDADD = $(NETLIBS)
117check_ide_smart_LDADD = $(BASEOBJS) 117check_ide_smart_LDADD = $(BASEOBJS)
118negate_LDADD = $(BASEOBJS) 118negate_LDADD = $(BASEOBJS)
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index d0871c48..153e492f 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -239,10 +239,10 @@ void print_help (void);
239void print_usage (void); 239void print_usage (void);
240void print_curl_version (void); 240void print_curl_version (void);
241int curlhelp_initwritebuffer (curlhelp_write_curlbuf*); 241int curlhelp_initwritebuffer (curlhelp_write_curlbuf*);
242int curlhelp_buffer_write_callback (void*, size_t , size_t , void*); 242size_t curlhelp_buffer_write_callback(void*, size_t , size_t , void*);
243void curlhelp_freewritebuffer (curlhelp_write_curlbuf*); 243void curlhelp_freewritebuffer (curlhelp_write_curlbuf*);
244int curlhelp_initreadbuffer (curlhelp_read_curlbuf *, const char *, size_t); 244int curlhelp_initreadbuffer (curlhelp_read_curlbuf *, const char *, size_t);
245int curlhelp_buffer_read_callback (void *, size_t , size_t , void *); 245size_t curlhelp_buffer_read_callback(void *, size_t , size_t , void *);
246void curlhelp_freereadbuffer (curlhelp_read_curlbuf *); 246void curlhelp_freereadbuffer (curlhelp_read_curlbuf *);
247curlhelp_ssl_library curlhelp_get_ssl_library (); 247curlhelp_ssl_library curlhelp_get_ssl_library ();
248const char* curlhelp_get_ssl_library_string (curlhelp_ssl_library); 248const char* curlhelp_get_ssl_library_string (curlhelp_ssl_library);
@@ -485,7 +485,7 @@ check_http (void)
485 485
486 /* register cleanup function to shut down libcurl properly */ 486 /* register cleanup function to shut down libcurl properly */
487 atexit (cleanup); 487 atexit (cleanup);
488 488
489 if (verbose >= 1) 489 if (verbose >= 1)
490 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_VERBOSE, 1), "CURLOPT_VERBOSE"); 490 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_VERBOSE, 1), "CURLOPT_VERBOSE");
491 491
@@ -805,7 +805,7 @@ check_http (void)
805 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_INFILESIZE, (curl_off_t)strlen (http_post_data)), "CURLOPT_INFILESIZE"); 805 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_INFILESIZE, (curl_off_t)strlen (http_post_data)), "CURLOPT_INFILESIZE");
806 } 806 }
807 } 807 }
808 808
809 /* cookie handling */ 809 /* cookie handling */
810 if (cookie_jar_file != NULL) { 810 if (cookie_jar_file != NULL) {
811 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_COOKIEJAR, cookie_jar_file), "CURLOPT_COOKIEJAR"); 811 handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_COOKIEJAR, cookie_jar_file), "CURLOPT_COOKIEJAR");
@@ -1167,7 +1167,7 @@ GOT_FIRST_CERT:
1167 else 1167 else
1168 msg[strlen(msg)-3] = '\0'; 1168 msg[strlen(msg)-3] = '\0';
1169 } 1169 }
1170 1170
1171 /* TODO: separate _() msg and status code: die (result, "HTTP %s: %s\n", state_text(result), msg); */ 1171 /* TODO: separate _() msg and status code: die (result, "HTTP %s: %s\n", state_text(result), msg); */
1172 die (result, "HTTP %s: %s %d %s%s%s - %d bytes in %.3f second response time %s|%s\n%s%s", 1172 die (result, "HTTP %s: %s %d %s%s%s - %d bytes in %.3f second response time %s|%s\n%s%s",
1173 state_text(result), string_statuscode (status_line.http_major, status_line.http_minor), 1173 state_text(result), string_statuscode (status_line.http_major, status_line.http_minor),
@@ -1218,6 +1218,10 @@ redir (curlhelp_write_curlbuf* header_buf)
1218 &status_line.http_major, &status_line.http_minor, &status_line.http_code, &status_line.msg, &msglen, 1218 &status_line.http_major, &status_line.http_minor, &status_line.http_code, &status_line.msg, &msglen,
1219 headers, &nof_headers, 0); 1219 headers, &nof_headers, 0);
1220 1220
1221 if (res == -1) {
1222 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Failed to parse Response\n"));
1223 }
1224
1221 location = get_header_value (headers, nof_headers, "location"); 1225 location = get_header_value (headers, nof_headers, "location");
1222 1226
1223 if (verbose >= 2) 1227 if (verbose >= 2)
@@ -1694,7 +1698,7 @@ process_arguments (int argc, char **argv)
1694 else { 1698 else {
1695 max_depth = atoi (optarg); 1699 max_depth = atoi (optarg);
1696 } 1700 }
1697 break; 1701 break;
1698 case 'f': /* onredirect */ 1702 case 'f': /* onredirect */
1699 if (!strcmp (optarg, "ok")) 1703 if (!strcmp (optarg, "ok"))
1700 onredirect = STATE_OK; 1704 onredirect = STATE_OK;
@@ -2171,8 +2175,7 @@ curlhelp_initwritebuffer (curlhelp_write_curlbuf *buf)
2171 return 0; 2175 return 0;
2172} 2176}
2173 2177
2174int 2178size_t curlhelp_buffer_write_callback (void *buffer, size_t size, size_t nmemb, void *stream)
2175curlhelp_buffer_write_callback (void *buffer, size_t size, size_t nmemb, void *stream)
2176{ 2179{
2177 curlhelp_write_curlbuf *buf = (curlhelp_write_curlbuf *)stream; 2180 curlhelp_write_curlbuf *buf = (curlhelp_write_curlbuf *)stream;
2178 2181
@@ -2192,8 +2195,7 @@ curlhelp_buffer_write_callback (void *buffer, size_t size, size_t nmemb, void *s
2192 return (int)(size * nmemb); 2195 return (int)(size * nmemb);
2193} 2196}
2194 2197
2195int 2198size_t curlhelp_buffer_read_callback(void *buffer, size_t size, size_t nmemb, void *stream)
2196curlhelp_buffer_read_callback (void *buffer, size_t size, size_t nmemb, void *stream)
2197{ 2199{
2198 curlhelp_read_curlbuf *buf = (curlhelp_read_curlbuf *)stream; 2200 curlhelp_read_curlbuf *buf = (curlhelp_read_curlbuf *)stream;
2199 2201
@@ -2390,6 +2392,10 @@ check_document_dates (const curlhelp_write_curlbuf *header_buf, char (*msg)[DEFA
2390 &status_line.http_major, &status_line.http_minor, &status_line.http_code, &status_line.msg, &msglen, 2392 &status_line.http_major, &status_line.http_minor, &status_line.http_code, &status_line.msg, &msglen,
2391 headers, &nof_headers, 0); 2393 headers, &nof_headers, 0);
2392 2394
2395 if (res == -1) {
2396 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Failed to parse Response\n"));
2397 }
2398
2393 server_date = get_header_value (headers, nof_headers, "date"); 2399 server_date = get_header_value (headers, nof_headers, "date");
2394 document_date = get_header_value (headers, nof_headers, "last-modified"); 2400 document_date = get_header_value (headers, nof_headers, "last-modified");
2395 2401
@@ -2465,9 +2471,7 @@ check_document_dates (const curlhelp_write_curlbuf *header_buf, char (*msg)[DEFA
2465int 2471int
2466get_content_length (const curlhelp_write_curlbuf* header_buf, const curlhelp_write_curlbuf* body_buf) 2472get_content_length (const curlhelp_write_curlbuf* header_buf, const curlhelp_write_curlbuf* body_buf)
2467{ 2473{
2468 const char *s;
2469 int content_length = 0; 2474 int content_length = 0;
2470 char *copy;
2471 struct phr_header headers[255]; 2475 struct phr_header headers[255];
2472 size_t nof_headers = 255; 2476 size_t nof_headers = 255;
2473 size_t msglen; 2477 size_t msglen;
@@ -2478,6 +2482,10 @@ get_content_length (const curlhelp_write_curlbuf* header_buf, const curlhelp_wri
2478 &status_line.http_major, &status_line.http_minor, &status_line.http_code, &status_line.msg, &msglen, 2482 &status_line.http_major, &status_line.http_minor, &status_line.http_code, &status_line.msg, &msglen,
2479 headers, &nof_headers, 0); 2483 headers, &nof_headers, 0);
2480 2484
2485 if (res == -1) {
2486 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Failed to parse Response\n"));
2487 }
2488
2481 content_length_s = get_header_value (headers, nof_headers, "content-length"); 2489 content_length_s = get_header_value (headers, nof_headers, "content-length");
2482 if (!content_length_s) { 2490 if (!content_length_s) {
2483 return header_buf->buflen + body_buf->buflen; 2491 return header_buf->buflen + body_buf->buflen;
diff --git a/plugins/check_disk.c b/plugins/check_disk.c
index 39dc6cd2..2f066c7b 100644
--- a/plugins/check_disk.c
+++ b/plugins/check_disk.c
@@ -93,11 +93,11 @@ static int stat_remote_fs = 0;
93 93
94/* Linked list of filesystem types to omit. 94/* Linked list of filesystem types to omit.
95 If the list is empty, don't exclude any types. */ 95 If the list is empty, don't exclude any types. */
96static struct name_list *fs_exclude_list; 96static struct regex_list *fs_exclude_list = NULL;
97 97
98/* Linked list of filesystem types to check. 98/* Linked list of filesystem types to check.
99 If the list is empty, include all types. */ 99 If the list is empty, include all types. */
100static struct name_list *fs_include_list; 100static struct regex_list *fs_include_list;
101 101
102static struct name_list *dp_exclude_list; 102static struct name_list *dp_exclude_list;
103 103
@@ -131,9 +131,6 @@ bool stat_path (struct parameter_list *p);
131void get_stats (struct parameter_list *p, struct fs_usage *fsp); 131void get_stats (struct parameter_list *p, struct fs_usage *fsp);
132void get_path_stats (struct parameter_list *p, struct fs_usage *fsp); 132void get_path_stats (struct parameter_list *p, struct fs_usage *fsp);
133 133
134double w_dfp = -1.0;
135double c_dfp = -1.0;
136char *path;
137char *exclude_device; 134char *exclude_device;
138char *units; 135char *units;
139uintmax_t mult = 1024 * 1024; 136uintmax_t mult = 1024 * 1024;
@@ -303,7 +300,7 @@ main (int argc, char **argv)
303 } else if (me->me_dummy && !show_all_fs) { 300 } else if (me->me_dummy && !show_all_fs) {
304 continue; 301 continue;
305 /* Skip excluded fstypes */ 302 /* Skip excluded fstypes */
306 } else if (fs_exclude_list && np_find_name (fs_exclude_list, me->me_type)) { 303 } else if (fs_exclude_list && np_find_regmatch (fs_exclude_list, me->me_type)) {
307 continue; 304 continue;
308 /* Skip excluded fs's */ 305 /* Skip excluded fs's */
309 } else if (dp_exclude_list && 306 } else if (dp_exclude_list &&
@@ -311,7 +308,7 @@ main (int argc, char **argv)
311 np_find_name (dp_exclude_list, me->me_mountdir))) { 308 np_find_name (dp_exclude_list, me->me_mountdir))) {
312 continue; 309 continue;
313 /* Skip not included fstypes */ 310 /* Skip not included fstypes */
314 } else if (fs_include_list && !np_find_name (fs_include_list, me->me_type)) { 311 } else if (fs_include_list && !np_find_regmatch(fs_include_list, me->me_type)) {
315 continue; 312 continue;
316 } 313 }
317 } 314 }
@@ -546,7 +543,7 @@ process_arguments (int argc, char **argv)
546 if (argc < 2) 543 if (argc < 2)
547 return ERROR; 544 return ERROR;
548 545
549 np_add_name(&fs_exclude_list, "iso9660"); 546 np_add_regex(&fs_exclude_list, "iso9660", REG_EXTENDED);
550 547
551 for (c = 1; c < argc; c++) 548 for (c = 1; c < argc; c++)
552 if (strcmp ("-to", argv[c]) == 0) 549 if (strcmp ("-to", argv[c]) == 0)
@@ -719,10 +716,18 @@ process_arguments (int argc, char **argv)
719 np_add_name(&dp_exclude_list, optarg); 716 np_add_name(&dp_exclude_list, optarg);
720 break; 717 break;
721 case 'X': /* exclude file system type */ 718 case 'X': /* exclude file system type */
722 np_add_name(&fs_exclude_list, optarg); 719 err = np_add_regex(&fs_exclude_list, optarg, REG_EXTENDED);
720 if (err != 0) {
721 regerror (err, &fs_exclude_list->regex, errbuf, MAX_INPUT_BUFFER);
722 die (STATE_UNKNOWN, "DISK %s: %s - %s\n",_("UNKNOWN"), _("Could not compile regular expression"), errbuf);
723 }
723 break; 724 break;
724 case 'N': /* include file system type */ 725 case 'N': /* include file system type */
725 np_add_name(&fs_include_list, optarg); 726 err = np_add_regex(&fs_include_list, optarg, REG_EXTENDED);
727 if (err != 0) {
728 regerror (err, &fs_exclude_list->regex, errbuf, MAX_INPUT_BUFFER);
729 die (STATE_UNKNOWN, "DISK %s: %s - %s\n",_("UNKNOWN"), _("Could not compile regular expression"), errbuf);
730 }
726 break; 731 break;
727 case 'v': /* verbose */ 732 case 'v': /* verbose */
728 verbose++; 733 verbose++;
@@ -801,7 +806,7 @@ process_arguments (int argc, char **argv)
801 crit_freespace_percent || warn_usedspace_units || crit_usedspace_units || 806 crit_freespace_percent || warn_usedspace_units || crit_usedspace_units ||
802 warn_usedspace_percent || crit_usedspace_percent || warn_usedinodes_percent || 807 warn_usedspace_percent || crit_usedspace_percent || warn_usedinodes_percent ||
803 crit_usedinodes_percent || warn_freeinodes_percent || crit_freeinodes_percent )) { 808 crit_usedinodes_percent || warn_freeinodes_percent || crit_freeinodes_percent )) {
804 die (STATE_UNKNOWN, "DISK %s: %s", _("UNKNOWN"), _("Must set a threshold value before using -r/-R\n")); 809 die (STATE_UNKNOWN, "DISK %s: %s", _("UNKNOWN"), _("Must set a threshold value before using -r/-R/-A (--ereg-path/--eregi-path/--all)\n"));
805 } 810 }
806 811
807 err = regcomp(&re, optarg, cflags); 812 err = regcomp(&re, optarg, cflags);
@@ -889,7 +894,7 @@ process_arguments (int argc, char **argv)
889 if (crit_usedspace_percent == NULL && argc > c && is_intnonneg (argv[c])) 894 if (crit_usedspace_percent == NULL && argc > c && is_intnonneg (argv[c]))
890 crit_usedspace_percent = argv[c++]; 895 crit_usedspace_percent = argv[c++];
891 896
892 if (argc > c && path == NULL) { 897 if (argc > c) {
893 se = np_add_parameter(&path_select_list, strdup(argv[c++])); 898 se = np_add_parameter(&path_select_list, strdup(argv[c++]));
894 path_selected = TRUE; 899 path_selected = TRUE;
895 set_all_thresholds(se); 900 set_all_thresholds(se);
@@ -1006,18 +1011,26 @@ print_help (void)
1006 printf (" %s\n", "-u, --units=STRING"); 1011 printf (" %s\n", "-u, --units=STRING");
1007 printf (" %s\n", _("Choose bytes, kB, MB, GB, TB (default: MB)")); 1012 printf (" %s\n", _("Choose bytes, kB, MB, GB, TB (default: MB)"));
1008 printf (UT_VERBOSE); 1013 printf (UT_VERBOSE);
1009 printf (" %s\n", "-X, --exclude-type=TYPE"); 1014 printf (" %s\n", "-X, --exclude-type=TYPE_REGEX");
1010 printf (" %s\n", _("Ignore all filesystems of indicated type (may be repeated)")); 1015 printf (" %s\n", _("Ignore all filesystems of types matching given regex(7) (may be repeated)"));
1011 printf (" %s\n", "-N, --include-type=TYPE"); 1016 printf (" %s\n", "-N, --include-type=TYPE_REGEX");
1012 printf (" %s\n", _("Check only filesystems of indicated type (may be repeated)")); 1017 printf (" %s\n", _("Check only filesystems where the type matches this given regex(7) (may be repeated)"));
1018
1019 printf ("\n");
1020 printf ("%s\n", _("General usage hints:"));
1021 printf (" %s\n", _("- Arguments are positional! \"-w 5 -c 1 -p /foo -w6 -c2 -p /bar\" is not the same as"));
1022 printf (" %s\n", _("\"-w 5 -c 1 -p /bar w6 -c2 -p /foo\"."));
1023 printf (" %s\n", _("- The syntax is broadly: \"{thresholds a} {paths a} -C {thresholds b} {thresholds b} ...\""));
1024
1025
1013 1026
1014 printf ("\n"); 1027 printf ("\n");
1015 printf ("%s\n", _("Examples:")); 1028 printf ("%s\n", _("Examples:"));
1016 printf (" %s\n", "check_disk -w 10% -c 5% -p /tmp -p /var -C -w 100000 -c 50000 -p /"); 1029 printf (" %s\n", "check_disk -w 10% -c 5% -p /tmp -p /var -C -w 100000 -c 50000 -p /");
1017 printf (" %s\n", _("Checks /tmp and /var at 10% and 5%, and / at 100MB and 50MB")); 1030 printf (" %s\n\n", _("Checks /tmp and /var at 10% and 5%, and / at 100MB and 50MB"));
1018 printf (" %s\n", "check_disk -w 100 -c 50 -C -w 1000 -c 500 -g sidDATA -r '^/oracle/SID/data.*$'"); 1031 printf (" %s\n", "check_disk -w 100 -c 50 -C -w 1000 -c 500 -g sidDATA -r '^/oracle/SID/data.*$'");
1019 printf (" %s\n", _("Checks all filesystems not matching -r at 100M and 50M. The fs matching the -r regex")); 1032 printf (" %s\n", _("Checks all filesystems not matching -r at 100M and 50M. The fs matching the -r regex"));
1020 printf (" %s\n", _("are grouped which means the freespace thresholds are applied to all disks together")); 1033 printf (" %s\n\n", _("are grouped which means the freespace thresholds are applied to all disks together"));
1021 printf (" %s\n", "check_disk -w 100 -c 50 -C -w 1000 -c 500 -p /foo -C -w 5% -c 3% -p /bar"); 1034 printf (" %s\n", "check_disk -w 100 -c 50 -C -w 1000 -c 500 -p /foo -C -w 5% -c 3% -p /bar");
1022 printf (" %s\n", _("Checks /foo for 1000M/500M and /bar for 5/3%. All remaining volumes use 100M/50M")); 1035 printf (" %s\n", _("Checks /foo for 1000M/500M and /bar for 5/3%. All remaining volumes use 100M/50M"));
1023 1036
@@ -1030,9 +1043,9 @@ void
1030print_usage (void) 1043print_usage (void)
1031{ 1044{
1032 printf ("%s\n", _("Usage:")); 1045 printf ("%s\n", _("Usage:"));
1033 printf (" %s {-w absolute_limit |-w percentage_limit% | -W inode_percentage_limit } {-c absolute_limit|-c percentage_limit% | -K inode_percentage_limit } {-p path | -x device}\n", progname); 1046 printf (" %s {-w absolute_limit |-w percentage_limit%% | -W inode_percentage_limit } {-c absolute_limit|-c percentage_limit%% | -K inode_percentage_limit } {-p path | -x device}\n", progname);
1034 printf ("[-C] [-E] [-e] [-f] [-g group ] [-k] [-l] [-M] [-m] [-R path ] [-r path ]\n"); 1047 printf ("[-C] [-E] [-e] [-f] [-g group ] [-k] [-l] [-M] [-m] [-R path ] [-r path ]\n");
1035 printf ("[-t timeout] [-u unit] [-v] [-X type] [-N type]\n"); 1048 printf ("[-t timeout] [-u unit] [-v] [-X type_regex] [-N type]\n");
1036} 1049}
1037 1050
1038bool 1051bool
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 1288c415..b9d8145c 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -1094,7 +1094,7 @@ check_http (void)
1094 microsec_firstbyte = deltime (tv_temp); 1094 microsec_firstbyte = deltime (tv_temp);
1095 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; 1095 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
1096 } 1096 }
1097 while (pos = memchr(buffer, '\0', i)) { 1097 while ((pos = memchr(buffer, '\0', i))) {
1098 /* replace nul character with a blank */ 1098 /* replace nul character with a blank */
1099 *pos = ' '; 1099 *pos = ' ';
1100 } 1100 }
@@ -1279,7 +1279,7 @@ check_http (void)
1279 1279
1280 regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found 1280 regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found
1281 1281
1282 if (regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) { 1282 if (!no_body && regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) {
1283 if (verbose) { 1283 if (verbose) {
1284 printf("Found chunked content\n"); 1284 printf("Found chunked content\n");
1285 } 1285 }
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c
index a1bfe1be..15113b1f 100644
--- a/plugins/check_ldap.c
+++ b/plugins/check_ldap.c
@@ -97,9 +97,6 @@ main (int argc, char *argv[])
97 int tls; 97 int tls;
98 int version=3; 98 int version=3;
99 99
100 /* for entry counting */
101
102 LDAPMessage *next_entry;
103 int status_entries = STATE_OK; 100 int status_entries = STATE_OK;
104 int num_entries = 0; 101 int num_entries = 0;
105 102
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 91e150fb..7d855544 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -34,7 +34,7 @@ const char *progname = "check_mysql";
34const char *copyright = "1999-2011"; 34const char *copyright = "1999-2011";
35const char *email = "devel@monitoring-plugins.org"; 35const char *email = "devel@monitoring-plugins.org";
36 36
37#define SLAVERESULTSIZE 70 37#define SLAVERESULTSIZE 96
38 38
39#include "common.h" 39#include "common.h"
40#include "utils.h" 40#include "utils.h"
@@ -89,6 +89,8 @@ static const char *metric_counter[LENGTH_METRIC_COUNTER] = {
89 "Uptime" 89 "Uptime"
90}; 90};
91 91
92#define MYSQLDUMP_THREADS_QUERY "SELECT COUNT(1) mysqldumpThreads FROM information_schema.processlist WHERE info LIKE 'SELECT /*!40001 SQL_NO_CACHE */%'"
93
92thresholds *my_threshold = NULL; 94thresholds *my_threshold = NULL;
93 95
94int process_arguments (int, char **); 96int process_arguments (int, char **);
@@ -108,7 +110,7 @@ main (int argc, char **argv)
108 110
109 char *result = NULL; 111 char *result = NULL;
110 char *error = NULL; 112 char *error = NULL;
111 char slaveresult[SLAVERESULTSIZE]; 113 char slaveresult[SLAVERESULTSIZE] = { 0 };
112 char* perf; 114 char* perf;
113 115
114 perf = strdup (""); 116 perf = strdup ("");
@@ -278,11 +280,30 @@ main (int argc, char **argv)
278 /* Save slave status in slaveresult */ 280 /* Save slave status in slaveresult */
279 snprintf (slaveresult, SLAVERESULTSIZE, "Slave IO: %s Slave SQL: %s Seconds Behind Master: %s", row[slave_io_field], row[slave_sql_field], seconds_behind_field!=-1?row[seconds_behind_field]:"Unknown"); 281 snprintf (slaveresult, SLAVERESULTSIZE, "Slave IO: %s Slave SQL: %s Seconds Behind Master: %s", row[slave_io_field], row[slave_sql_field], seconds_behind_field!=-1?row[seconds_behind_field]:"Unknown");
280 282
281 /* Raise critical error if SQL THREAD or IO THREAD are stopped */ 283 /* Raise critical error if SQL THREAD or IO THREAD are stopped, but only if there are no mysqldump threads running */
282 if (strcmp (row[slave_io_field], "Yes") != 0 || strcmp (row[slave_sql_field], "Yes") != 0) { 284 if (strcmp (row[slave_io_field], "Yes") != 0 || strcmp (row[slave_sql_field], "Yes") != 0) {
283 mysql_free_result (res); 285 MYSQL_RES *res_mysqldump;
284 mysql_close (&mysql); 286 MYSQL_ROW row_mysqldump;
285 die (STATE_CRITICAL, "%s\n", slaveresult); 287 unsigned int mysqldump_threads = 0;
288
289 if (mysql_query (&mysql, MYSQLDUMP_THREADS_QUERY) == 0) {
290 /* store the result */
291 if ( (res_mysqldump = mysql_store_result (&mysql)) != NULL) {
292 if (mysql_num_rows(res_mysqldump) == 1) {
293 if ( (row_mysqldump = mysql_fetch_row (res_mysqldump)) != NULL) {
294 mysqldump_threads = atoi(row_mysqldump[0]);
295 }
296 }
297 /* free the result */
298 mysql_free_result (res_mysqldump);
299 }
300 mysql_close (&mysql);
301 }
302 if (mysqldump_threads == 0) {
303 die (STATE_CRITICAL, "%s\n", slaveresult);
304 } else {
305 strncat(slaveresult, " Mysqldump: in progress", SLAVERESULTSIZE-1);
306 }
286 } 307 }
287 308
288 if (verbose >=3) { 309 if (verbose >=3) {
@@ -294,7 +315,7 @@ main (int argc, char **argv)
294 } 315 }
295 316
296 /* Check Seconds Behind against threshold */ 317 /* Check Seconds Behind against threshold */
297 if ((seconds_behind_field != -1) && (strcmp (row[seconds_behind_field], "NULL") != 0)) { 318 if ((seconds_behind_field != -1) && (row[seconds_behind_field] != NULL && strcmp (row[seconds_behind_field], "NULL") != 0)) {
298 double value = atof(row[seconds_behind_field]); 319 double value = atof(row[seconds_behind_field]);
299 int status; 320 int status;
300 321
diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
index 36146505..99537c88 100644
--- a/plugins/check_ntp.c
+++ b/plugins/check_ntp.c
@@ -486,7 +486,7 @@ double offset_request(const char *host, int *status){
486 } 486 }
487 487
488 /* cleanup */ 488 /* cleanup */
489 /* FIXME: Not closing the socket to avoid re-use of the local port 489 /* FIXME: Not closing the socket to avoid reuse of the local port
490 * which can cause old NTP packets to be read instead of NTP control 490 * which can cause old NTP packets to be read instead of NTP control
491 * packets in jitter_request(). THERE MUST BE ANOTHER WAY... 491 * packets in jitter_request(). THERE MUST BE ANOTHER WAY...
492 * for(j=0; j<num_hosts; j++){ close(socklist[j]); } */ 492 * for(j=0; j<num_hosts; j++){ close(socklist[j]); } */
diff --git a/plugins/check_procs.c b/plugins/check_procs.c
index c17c6996..1637e3e3 100644
--- a/plugins/check_procs.c
+++ b/plugins/check_procs.c
@@ -241,8 +241,9 @@ main (int argc, char **argv)
241 241
242 /* Ignore self */ 242 /* Ignore self */
243 if ((usepid && mypid == procpid) || 243 if ((usepid && mypid == procpid) ||
244 (!usepid && ((ret = stat_exe(procpid, &statbuf) != -1) && statbuf.st_dev == mydev && statbuf.st_ino == myino) || 244 ( ((!usepid) && ((ret = stat_exe(procpid, &statbuf) != -1) && statbuf.st_dev == mydev && statbuf.st_ino == myino)) ||
245 (ret == -1 && errno == ENOENT))) { 245 (ret == -1 && errno == ENOENT))
246 ) {
246 if (verbose >= 3) 247 if (verbose >= 3)
247 printf("not considering - is myself or gone\n"); 248 printf("not considering - is myself or gone\n");
248 continue; 249 continue;
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index 984aa37e..b1b4938c 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -381,7 +381,7 @@ print_help (void)
381 printf ("\n"); 381 printf ("\n");
382 printf ("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections.")); 382 printf ("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections."));
383 printf ("%s\n", _("The server to test must be specified in the invocation, as well as a user")); 383 printf ("%s\n", _("The server to test must be specified in the invocation, as well as a user"));
384 printf ("%s\n", _("name and password. A configuration file may also be present. The format of")); 384 printf ("%s\n", _("name and password. A configuration file must be present. The format of"));
385 printf ("%s\n", _("the configuration file is described in the radiusclient library sources.")); 385 printf ("%s\n", _("the configuration file is described in the radiusclient library sources."));
386 printf ("%s\n", _("The password option presents a substantial security issue because the")); 386 printf ("%s\n", _("The password option presents a substantial security issue because the"));
387 printf ("%s\n", _("password can possibly be determined by careful watching of the command line")); 387 printf ("%s\n", _("password can possibly be determined by careful watching of the command line"));
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 996bd875..fc0ae2c4 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -42,15 +42,16 @@ const char *email = "devel@monitoring-plugins.org";
42#ifdef HAVE_SSL 42#ifdef HAVE_SSL
43int check_cert = FALSE; 43int check_cert = FALSE;
44int days_till_exp_warn, days_till_exp_crit; 44int days_till_exp_warn, days_till_exp_crit;
45# define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) 45# define my_recv(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
46# define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) 46# define my_send(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
47#else /* ifndef HAVE_SSL */ 47#else /* ifndef HAVE_SSL */
48# define my_recv(buf, len) read(sd, buf, len) 48# define my_recv(buf, len) read(sd, buf, len)
49# define my_send(buf, len) send(sd, buf, len, 0) 49# define my_send(buf, len) send(sd, buf, len, 0)
50#endif 50#endif
51 51
52enum { 52enum {
53 SMTP_PORT = 25 53 SMTP_PORT = 25,
54 SMTPS_PORT = 465
54}; 55};
55#define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n" 56#define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n"
56#define SMTP_EXPECT "220" 57#define SMTP_EXPECT "220"
@@ -83,6 +84,7 @@ int eflags = 0;
83int errcode, excode; 84int errcode, excode;
84 85
85int server_port = SMTP_PORT; 86int server_port = SMTP_PORT;
87int server_port_option = 0;
86char *server_address = NULL; 88char *server_address = NULL;
87char *server_expect = NULL; 89char *server_expect = NULL;
88char *mail_command = NULL; 90char *mail_command = NULL;
@@ -103,6 +105,7 @@ double critical_time = 0;
103int check_critical_time = FALSE; 105int check_critical_time = FALSE;
104int verbose = 0; 106int verbose = 0;
105int use_ssl = FALSE; 107int use_ssl = FALSE;
108int use_starttls = FALSE;
106int use_sni = FALSE; 109int use_sni = FALSE;
107short use_proxy_prefix = FALSE; 110short use_proxy_prefix = FALSE;
108short use_ehlo = FALSE; 111short use_ehlo = FALSE;
@@ -186,14 +189,27 @@ main (int argc, char **argv)
186 result = my_tcp_connect (server_address, server_port, &sd); 189 result = my_tcp_connect (server_address, server_port, &sd);
187 190
188 if (result == STATE_OK) { /* we connected */ 191 if (result == STATE_OK) { /* we connected */
189
190 /* If requested, send PROXY header */ 192 /* If requested, send PROXY header */
191 if (use_proxy_prefix) { 193 if (use_proxy_prefix) {
192 if (verbose) 194 if (verbose)
193 printf ("Sending header %s\n", PROXY_PREFIX); 195 printf ("Sending header %s\n", PROXY_PREFIX);
194 send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0); 196 my_send(PROXY_PREFIX, strlen(PROXY_PREFIX));
195 } 197 }
196 198
199#ifdef HAVE_SSL
200 if (use_ssl) {
201 result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL));
202 if (result != STATE_OK) {
203 printf (_("CRITICAL - Cannot create SSL context.\n"));
204 close(sd);
205 np_net_ssl_cleanup();
206 return STATE_CRITICAL;
207 } else {
208 ssl_established = 1;
209 }
210 }
211#endif
212
197 /* watch for the SMTP connection string and */ 213 /* watch for the SMTP connection string and */
198 /* return a WARNING status if we couldn't read any data */ 214 /* return a WARNING status if we couldn't read any data */
199 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { 215 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
@@ -205,7 +221,7 @@ main (int argc, char **argv)
205 xasprintf(&server_response, "%s", buffer); 221 xasprintf(&server_response, "%s", buffer);
206 222
207 /* send the HELO/EHLO command */ 223 /* send the HELO/EHLO command */
208 send(sd, helocmd, strlen(helocmd), 0); 224 my_send(helocmd, strlen(helocmd));
209 225
210 /* allow for response to helo command to reach us */ 226 /* allow for response to helo command to reach us */
211 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { 227 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
@@ -218,14 +234,14 @@ main (int argc, char **argv)
218 } 234 }
219 } 235 }
220 236
221 if(use_ssl && ! supports_tls){ 237 if(use_starttls && ! supports_tls){
222 printf(_("WARNING - TLS not supported by server\n")); 238 printf(_("WARNING - TLS not supported by server\n"));
223 smtp_quit(); 239 smtp_quit();
224 return STATE_WARNING; 240 return STATE_WARNING;
225 } 241 }
226 242
227#ifdef HAVE_SSL 243#ifdef HAVE_SSL
228 if(use_ssl) { 244 if(use_starttls) {
229 /* send the STARTTLS command */ 245 /* send the STARTTLS command */
230 send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); 246 send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0);
231 247
@@ -489,6 +505,8 @@ process_arguments (int argc, char **argv)
489 {"use-ipv6", no_argument, 0, '6'}, 505 {"use-ipv6", no_argument, 0, '6'},
490 {"help", no_argument, 0, 'h'}, 506 {"help", no_argument, 0, 'h'},
491 {"lmtp", no_argument, 0, 'L'}, 507 {"lmtp", no_argument, 0, 'L'},
508 {"ssl", no_argument, 0, 's'},
509 {"tls", no_argument, 0, 's'},
492 {"starttls",no_argument,0,'S'}, 510 {"starttls",no_argument,0,'S'},
493 {"sni", no_argument, 0, SNI_OPTION}, 511 {"sni", no_argument, 0, SNI_OPTION},
494 {"certificate",required_argument,0,'D'}, 512 {"certificate",required_argument,0,'D'},
@@ -510,7 +528,7 @@ process_arguments (int argc, char **argv)
510 } 528 }
511 529
512 while (1) { 530 while (1) {
513 c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q", 531 c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q",
514 longopts, &option); 532 longopts, &option);
515 533
516 if (c == -1 || c == EOF) 534 if (c == -1 || c == EOF)
@@ -527,7 +545,7 @@ process_arguments (int argc, char **argv)
527 break; 545 break;
528 case 'p': /* port */ 546 case 'p': /* port */
529 if (is_intpos (optarg)) 547 if (is_intpos (optarg))
530 server_port = atoi (optarg); 548 server_port_option = atoi (optarg);
531 else 549 else
532 usage4 (_("Port must be a positive integer")); 550 usage4 (_("Port must be a positive integer"));
533 break; 551 break;
@@ -632,10 +650,14 @@ process_arguments (int argc, char **argv)
632#else 650#else
633 usage (_("SSL support not available - install OpenSSL and recompile")); 651 usage (_("SSL support not available - install OpenSSL and recompile"));
634#endif 652#endif
635 // fall through 653 case 's':
654 /* ssl */
655 use_ssl = TRUE;
656 server_port = SMTPS_PORT;
657 break;
636 case 'S': 658 case 'S':
637 /* starttls */ 659 /* starttls */
638 use_ssl = TRUE; 660 use_starttls = TRUE;
639 use_ehlo = TRUE; 661 use_ehlo = TRUE;
640 break; 662 break;
641 case SNI_OPTION: 663 case SNI_OPTION:
@@ -694,6 +716,14 @@ process_arguments (int argc, char **argv)
694 if (from_arg==NULL) 716 if (from_arg==NULL)
695 from_arg = strdup(" "); 717 from_arg = strdup(" ");
696 718
719 if (use_starttls && use_ssl) {
720 usage4 (_("Set either -s/--ssl/--tls or -S/--starttls"));
721 }
722
723 if (server_port_option != 0) {
724 server_port = server_port_option;
725 }
726
697 return validate_arguments (); 727 return validate_arguments ();
698} 728}
699 729
@@ -851,6 +881,9 @@ print_help (void)
851#ifdef HAVE_SSL 881#ifdef HAVE_SSL
852 printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); 882 printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]");
853 printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); 883 printf (" %s\n", _("Minimum number of days a certificate has to be valid."));
884 printf (" %s\n", "-s, --ssl, --tls");
885 printf (" %s\n", _("Use SSL/TLS for the connection."));
886 printf (_(" Sets default port to %d.\n"), SMTPS_PORT);
854 printf (" %s\n", "-S, --starttls"); 887 printf (" %s\n", "-S, --starttls");
855 printf (" %s\n", _("Use STARTTLS for the connection.")); 888 printf (" %s\n", _("Use STARTTLS for the connection."));
856 printf (" %s\n", "--sni"); 889 printf (" %s\n", "--sni");
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c
index 04dc6c6f..56a586ad 100644
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -65,6 +65,7 @@ const char *email = "devel@monitoring-plugins.org";
65#define L_RATE_MULTIPLIER CHAR_MAX+2 65#define L_RATE_MULTIPLIER CHAR_MAX+2
66#define L_INVERT_SEARCH CHAR_MAX+3 66#define L_INVERT_SEARCH CHAR_MAX+3
67#define L_OFFSET CHAR_MAX+4 67#define L_OFFSET CHAR_MAX+4
68#define L_IGNORE_MIB_PARSING_ERRORS CHAR_MAX+5
68 69
69/* Gobble to string - stop incrementing c when c[0] match one of the 70/* Gobble to string - stop incrementing c when c[0] match one of the
70 * characters in s */ 71 * characters in s */
@@ -158,7 +159,9 @@ int perf_labels = 1;
158char* ip_version = ""; 159char* ip_version = "";
159double multiplier = 1.0; 160double multiplier = 1.0;
160char *fmtstr = ""; 161char *fmtstr = "";
162bool fmtstr_set = false;
161char buffer[DEFAULT_BUFFER_SIZE]; 163char buffer[DEFAULT_BUFFER_SIZE];
164bool ignore_mib_parsing_errors = false;
162 165
163static char *fix_snmp_range(char *th) 166static char *fix_snmp_range(char *th)
164{ 167{
@@ -306,42 +309,55 @@ main (int argc, char **argv)
306 } 309 }
307 310
308 /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */ 311 /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */
309 command_line = calloc (10 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *)); 312
310 command_line[0] = snmpcmd; 313 unsigned index = 0;
311 command_line[1] = strdup ("-Le"); 314 command_line = calloc (11 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *));
312 command_line[2] = strdup ("-t"); 315
313 xasprintf (&command_line[3], "%d", timeout_interval); 316 command_line[index++] = snmpcmd;
314 command_line[4] = strdup ("-r"); 317 command_line[index++] = strdup ("-Le");
315 xasprintf (&command_line[5], "%d", retries); 318 command_line[index++] = strdup ("-t");
316 command_line[6] = strdup ("-m"); 319 xasprintf (&command_line[index++], "%d", timeout_interval);
317 command_line[7] = strdup (miblist); 320 command_line[index++] = strdup ("-r");
318 command_line[8] = "-v"; 321 xasprintf (&command_line[index++], "%d", retries);
319 command_line[9] = strdup (proto); 322 command_line[index++] = strdup ("-m");
323 command_line[index++] = strdup (miblist);
324 command_line[index++] = "-v";
325 command_line[index++] = strdup (proto);
326
327 xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s",
328 snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto);
329
330 if (ignore_mib_parsing_errors) {
331 command_line[index++] = "-Pe";
332 xasprintf(&cl_hidden_auth, "%s -Pe", cl_hidden_auth);
333 }
334
320 335
321 for (i = 0; i < numcontext; i++) { 336 for (i = 0; i < numcontext; i++) {
322 command_line[10 + i] = contextargs[i]; 337 command_line[index++] = contextargs[i];
323 } 338 }
324 339
325 for (i = 0; i < numauthpriv; i++) { 340 for (i = 0; i < numauthpriv; i++) {
326 command_line[10 + numcontext + i] = authpriv[i]; 341 command_line[index++] = authpriv[i];
327 } 342 }
328 343
329 xasprintf (&command_line[10 + numcontext + numauthpriv], "%s:%s", server_address, port); 344 xasprintf (&command_line[index++], "%s:%s", server_address, port);
330 345
331 /* This is just for display purposes, so it can remain a string */ 346 xasprintf(&cl_hidden_auth, "%s [context] [authpriv] %s:%s",
332 xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s", 347 cl_hidden_auth,
333 snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]", 348 server_address,
334 server_address, port); 349 port);
335 350
336 for (i = 0; i < numoids; i++) { 351 for (i = 0; i < numoids; i++) {
337 command_line[10 + numcontext + numauthpriv + 1 + i] = oids[i]; 352 command_line[index++] = oids[i];
338 xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); 353 xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]);
339 } 354 }
340 355
341 command_line[10 + numcontext + numauthpriv + 1 + numoids] = NULL; 356 command_line[index++] = NULL;
342 357
343 if (verbose) 358 if (verbose) {
344 printf ("%s\n", cl_hidden_auth); 359 printf ("%s\n", cl_hidden_auth);
360 }
345 361
346 /* Set signal handling and alarm */ 362 /* Set signal handling and alarm */
347 if (signal (SIGALRM, runcmd_timeout_alarm_handler) == SIG_ERR) { 363 if (signal (SIGALRM, runcmd_timeout_alarm_handler) == SIG_ERR) {
@@ -422,7 +438,8 @@ main (int argc, char **argv)
422 } 438 }
423 else if (strstr (response, "INTEGER: ")) { 439 else if (strstr (response, "INTEGER: ")) {
424 show = multiply (strstr (response, "INTEGER: ") + 9); 440 show = multiply (strstr (response, "INTEGER: ") + 9);
425 if (fmtstr != "") { 441
442 if (fmtstr_set) {
426 conv = fmtstr; 443 conv = fmtstr;
427 } 444 }
428 } 445 }
@@ -596,8 +613,9 @@ main (int argc, char **argv)
596 len = sizeof(perfstr)-strlen(perfstr)-1; 613 len = sizeof(perfstr)-strlen(perfstr)-1;
597 strncat(perfstr, show, len>ptr-show ? ptr-show : len); 614 strncat(perfstr, show, len>ptr-show ? ptr-show : len);
598 615
599 if (type) 616 if (strcmp(type, "") != 0) {
600 strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1); 617 strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1);
618 }
601 619
602 if (warning_thresholds) { 620 if (warning_thresholds) {
603 strncat(perfstr, ";", sizeof(perfstr)-strlen(perfstr)-1); 621 strncat(perfstr, ";", sizeof(perfstr)-strlen(perfstr)-1);
@@ -708,6 +726,7 @@ process_arguments (int argc, char **argv)
708 {"ipv6", no_argument, 0, '6'}, 726 {"ipv6", no_argument, 0, '6'},
709 {"multiplier", required_argument, 0, 'M'}, 727 {"multiplier", required_argument, 0, 'M'},
710 {"fmtstr", required_argument, 0, 'f'}, 728 {"fmtstr", required_argument, 0, 'f'},
729 {"ignore-mib-parsing-errors", no_argument, false, L_IGNORE_MIB_PARSING_ERRORS},
711 {0, 0, 0, 0} 730 {0, 0, 0, 0}
712 }; 731 };
713 732
@@ -972,8 +991,11 @@ process_arguments (int argc, char **argv)
972 case 'f': 991 case 'f':
973 if (multiplier != 1.0) { 992 if (multiplier != 1.0) {
974 fmtstr=optarg; 993 fmtstr=optarg;
994 fmtstr_set = true;
975 } 995 }
976 break; 996 break;
997 case L_IGNORE_MIB_PARSING_ERRORS:
998 ignore_mib_parsing_errors = true;
977 } 999 }
978 } 1000 }
979 1001
@@ -1186,7 +1208,7 @@ multiply (char *str)
1186 if(verbose>2) 1208 if(verbose>2)
1187 printf(" multiply extracted double: %f\n", val); 1209 printf(" multiply extracted double: %f\n", val);
1188 val *= multiplier; 1210 val *= multiplier;
1189 if (fmtstr != "") { 1211 if (fmtstr_set) {
1190 conv = fmtstr; 1212 conv = fmtstr;
1191 } 1213 }
1192 if (val == (int)val) { 1214 if (val == (int)val) {
@@ -1307,6 +1329,9 @@ print_help (void)
1307 printf (" %s\n", "-O, --perf-oids"); 1329 printf (" %s\n", "-O, --perf-oids");
1308 printf (" %s\n", _("Label performance data with OIDs instead of --label's")); 1330 printf (" %s\n", _("Label performance data with OIDs instead of --label's"));
1309 1331
1332 printf (" %s\n", "--ignore-mib-parsing-errors");
1333 printf (" %s\n", _("Tell snmpget to not print errors encountered when parsing MIB files"));
1334
1310 printf (UT_VERBOSE); 1335 printf (UT_VERBOSE);
1311 1336
1312 printf ("\n"); 1337 printf ("\n");
diff --git a/plugins/check_users.c b/plugins/check_users.c
index f6f4b362..2a9ee986 100644
--- a/plugins/check_users.c
+++ b/plugins/check_users.c
@@ -1,33 +1,33 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2*
3* Monitoring check_users plugin 3* Monitoring check_users plugin
4* 4*
5* License: GPL 5* License: GPL
6* Copyright (c) 2000-2012 Monitoring Plugins Development Team 6* Copyright (c) 2000-2012 Monitoring Plugins Development Team
7* 7*
8* Description: 8* Description:
9* 9*
10* This file contains the check_users plugin 10* This file contains the check_users plugin
11* 11*
12* This plugin checks the number of users currently logged in on the local 12* This plugin checks the number of users currently logged in on the local
13* system and generates an error if the number exceeds the thresholds 13* system and generates an error if the number exceeds the thresholds
14* specified. 14* specified.
15* 15*
16* 16*
17* This program is free software: you can redistribute it and/or modify 17* This program is free software: you can redistribute it and/or modify
18* it under the terms of the GNU General Public License as published by 18* it under the terms of the GNU General Public License as published by
19* the Free Software Foundation, either version 3 of the License, or 19* the Free Software Foundation, either version 3 of the License, or
20* (at your option) any later version. 20* (at your option) any later version.
21* 21*
22* This program is distributed in the hope that it will be useful, 22* This program is distributed in the hope that it will be useful,
23* but WITHOUT ANY WARRANTY; without even the implied warranty of 23* but WITHOUT ANY WARRANTY; without even the implied warranty of
24* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 24* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25* GNU General Public License for more details. 25* GNU General Public License for more details.
26* 26*
27* You should have received a copy of the GNU General Public License 27* You should have received a copy of the GNU General Public License
28* along with this program. If not, see <http://www.gnu.org/licenses/>. 28* along with this program. If not, see <http://www.gnu.org/licenses/>.
29* 29*
30* 30*
31*****************************************************************************/ 31*****************************************************************************/
32 32
33const char *progname = "check_users"; 33const char *progname = "check_users";
@@ -48,6 +48,11 @@ const char *email = "devel@monitoring-plugins.org";
48# include "popen.h" 48# include "popen.h"
49#endif 49#endif
50 50
51#ifdef HAVE_LIBSYSTEMD
52#include <systemd/sd-daemon.h>
53#include <systemd/sd-login.h>
54#endif
55
51#define possibly_set(a,b) ((a) == 0 ? (b) : 0) 56#define possibly_set(a,b) ((a) == 0 ? (b) : 0)
52 57
53int process_arguments (int, char **); 58int process_arguments (int, char **);
@@ -85,6 +90,11 @@ main (int argc, char **argv)
85 90
86 users = 0; 91 users = 0;
87 92
93#ifdef HAVE_LIBSYSTEMD
94 if (sd_booted () > 0)
95 users = sd_get_sessions (NULL);
96 else {
97#endif
88#if HAVE_WTSAPI32_H 98#if HAVE_WTSAPI32_H
89 if (!WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 99 if (!WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE,
90 0, 1, &wtsinfo, &wtscount)) { 100 0, 1, &wtsinfo, &wtscount)) {
@@ -156,6 +166,9 @@ main (int argc, char **argv)
156 if (spclose (child_process)) 166 if (spclose (child_process))
157 result = possibly_set (result, STATE_UNKNOWN); 167 result = possibly_set (result, STATE_UNKNOWN);
158#endif 168#endif
169#ifdef HAVE_LIBSYSTEMD
170 }
171#endif
159 172
160 /* check the user count against warning and critical thresholds */ 173 /* check the user count against warning and critical thresholds */
161 result = get_status((double)users, thlds); 174 result = get_status((double)users, thlds);
@@ -163,7 +176,7 @@ main (int argc, char **argv)
163 if (result == STATE_UNKNOWN) 176 if (result == STATE_UNKNOWN)
164 printf ("%s\n", _("Unable to read output")); 177 printf ("%s\n", _("Unable to read output"));
165 else { 178 else {
166 printf (_("USERS %s - %d users currently logged in |%s\n"), 179 printf (_("USERS %s - %d users currently logged in |%s\n"),
167 state_text(result), users, 180 state_text(result), users,
168 sperfdata_int("users", users, "", warning_range, 181 sperfdata_int("users", users, "", warning_range,
169 critical_range, TRUE, 0, FALSE, 0)); 182 critical_range, TRUE, 0, FALSE, 0));
diff --git a/plugins/common.h b/plugins/common.h
index 0f08e2f6..6bf4fca4 100644
--- a/plugins/common.h
+++ b/plugins/common.h
@@ -225,18 +225,4 @@ enum {
225# define __attribute__(x) /* do nothing */ 225# define __attribute__(x) /* do nothing */
226#endif 226#endif
227 227
228/* Try sysconf(_SC_OPEN_MAX) first, as it can be higher than OPEN_MAX.
229 * If that fails and the macro isn't defined, we fall back to an educated
230 * guess. There's no guarantee that our guess is adequate and the program
231 * will die with SIGSEGV if it isn't and the upper boundary is breached. */
232#define DEFAULT_MAXFD 256 /* fallback value if no max open files value is set */
233#define MAXFD_LIMIT 8192 /* upper limit of open files */
234#ifdef _SC_OPEN_MAX
235static long maxfd = 0;
236#elif defined(OPEN_MAX)
237# define maxfd OPEN_MAX
238#else /* sysconf macro unavailable, so guess (may be wildly inaccurate) */
239# define maxfd DEFAULT_MAXFD
240#endif
241
242#endif /* _COMMON_H_ */ 228#endif /* _COMMON_H_ */
diff --git a/plugins/netutils.h b/plugins/netutils.h
index d7ee0ddd..ea653e72 100644
--- a/plugins/netutils.h
+++ b/plugins/netutils.h
@@ -92,7 +92,7 @@ extern int econn_refuse_state;
92extern int was_refused; 92extern int was_refused;
93extern int address_family; 93extern int address_family;
94 94
95RETSIGTYPE socket_timeout_alarm_handler (int) __attribute__((noreturn)); 95void socket_timeout_alarm_handler (int) __attribute__((noreturn));
96 96
97/* SSL-Related functionality */ 97/* SSL-Related functionality */
98#ifdef HAVE_SSL 98#ifdef HAVE_SSL
diff --git a/plugins/popen.c b/plugins/popen.c
index 723817d5..036bc608 100644
--- a/plugins/popen.c
+++ b/plugins/popen.c
@@ -38,8 +38,9 @@
38* 38*
39*****************************************************************************/ 39*****************************************************************************/
40 40
41#include "common.h" 41#include "./common.h"
42#include "utils.h" 42#include "./utils.h"
43#include "../lib/maxfd.h"
43 44
44/* extern so plugin has pid to kill exec'd process on timeouts */ 45/* extern so plugin has pid to kill exec'd process on timeouts */
45extern pid_t *childpid; 46extern pid_t *childpid;
@@ -49,9 +50,9 @@ extern FILE *child_process;
49FILE *spopen (const char *); 50FILE *spopen (const char *);
50int spclose (FILE *); 51int spclose (FILE *);
51#ifdef REDHAT_SPOPEN_ERROR 52#ifdef REDHAT_SPOPEN_ERROR
52RETSIGTYPE popen_sigchld_handler (int); 53void popen_sigchld_handler (int);
53#endif 54#endif
54RETSIGTYPE popen_timeout_alarm_handler (int); 55void popen_timeout_alarm_handler (int);
55 56
56#include <stdarg.h> /* ANSI C header file */ 57#include <stdarg.h> /* ANSI C header file */
57#include <fcntl.h> 58#include <fcntl.h>
@@ -177,8 +178,7 @@ spopen (const char *cmdstring)
177 } 178 }
178 argv[i] = NULL; 179 argv[i] = NULL;
179 180
180 if(maxfd == 0) 181 long maxfd = mp_open_max();
181 maxfd = open_max();
182 182
183 if (childpid == NULL) { /* first time through */ 183 if (childpid == NULL) { /* first time through */
184 if ((childpid = calloc ((size_t)maxfd, sizeof (pid_t))) == NULL) 184 if ((childpid = calloc ((size_t)maxfd, sizeof (pid_t))) == NULL)
@@ -266,7 +266,7 @@ spclose (FILE * fp)
266} 266}
267 267
268#ifdef REDHAT_SPOPEN_ERROR 268#ifdef REDHAT_SPOPEN_ERROR
269RETSIGTYPE 269void
270popen_sigchld_handler (int signo) 270popen_sigchld_handler (int signo)
271{ 271{
272 if (signo == SIGCHLD) 272 if (signo == SIGCHLD)
@@ -274,7 +274,7 @@ popen_sigchld_handler (int signo)
274} 274}
275#endif 275#endif
276 276
277RETSIGTYPE 277void
278popen_timeout_alarm_handler (int signo) 278popen_timeout_alarm_handler (int signo)
279{ 279{
280 int fh; 280 int fh;
diff --git a/plugins/popen.h b/plugins/popen.h
index a5dd8fa7..1ea69632 100644
--- a/plugins/popen.h
+++ b/plugins/popen.h
@@ -5,7 +5,7 @@
5 5
6FILE *spopen (const char *); 6FILE *spopen (const char *);
7int spclose (FILE *); 7int spclose (FILE *);
8RETSIGTYPE popen_timeout_alarm_handler (int); 8void popen_timeout_alarm_handler (int);
9 9
10pid_t *childpid=NULL; 10pid_t *childpid=NULL;
11int *child_stderr_array=NULL; 11int *child_stderr_array=NULL;
diff --git a/plugins/runcmd.c b/plugins/runcmd.c
index c1d675d0..4f3e349b 100644
--- a/plugins/runcmd.c
+++ b/plugins/runcmd.c
@@ -60,6 +60,8 @@
60# define SIG_ERR ((Sigfunc *)-1) 60# define SIG_ERR ((Sigfunc *)-1)
61#endif 61#endif
62 62
63#include "../lib/maxfd.h"
64
63/* This variable must be global, since there's no way the caller 65/* This variable must be global, since there's no way the caller
64 * can forcibly slay a dead or ungainly running program otherwise. 66 * can forcibly slay a dead or ungainly running program otherwise.
65 * Multithreading apps and plugins can initialize it (via NP_RUNCMD_INIT) 67 * Multithreading apps and plugins can initialize it (via NP_RUNCMD_INIT)
@@ -88,8 +90,7 @@ extern void die (int, const char *, ...)
88 * through this api and thus achieve async-safeness throughout the api */ 90 * through this api and thus achieve async-safeness throughout the api */
89void np_runcmd_init(void) 91void np_runcmd_init(void)
90{ 92{
91 if(maxfd == 0) 93 long maxfd = mp_open_max();
92 maxfd = open_max();
93 if(!np_pids) np_pids = calloc(maxfd, sizeof(pid_t)); 94 if(!np_pids) np_pids = calloc(maxfd, sizeof(pid_t));
94} 95}
95 96
@@ -116,10 +117,6 @@ np_runcmd_open(const char *cmdstring, int *pfd, int *pfderr)
116 env[0] = strdup("LC_ALL=C"); 117 env[0] = strdup("LC_ALL=C");
117 env[1] = '\0'; 118 env[1] = '\0';
118 119
119 /* if no command was passed, return with no error */
120 if (cmdstring == NULL)
121 return -1;
122
123 /* make copy of command string so strtok() doesn't silently modify it */ 120 /* make copy of command string so strtok() doesn't silently modify it */
124 /* (the calling program may want to access it later) */ 121 /* (the calling program may want to access it later) */
125 cmdlen = strlen(cmdstring); 122 cmdlen = strlen(cmdstring);
@@ -196,6 +193,7 @@ np_runcmd_open(const char *cmdstring, int *pfd, int *pfderr)
196 /* close all descriptors in np_pids[] 193 /* close all descriptors in np_pids[]
197 * This is executed in a separate address space (pure child), 194 * This is executed in a separate address space (pure child),
198 * so we don't have to worry about async safety */ 195 * so we don't have to worry about async safety */
196 long maxfd = mp_open_max();
199 for (i = 0; i < maxfd; i++) 197 for (i = 0; i < maxfd; i++)
200 if(np_pids[i] > 0) 198 if(np_pids[i] > 0)
201 close (i); 199 close (i);
@@ -223,6 +221,7 @@ np_runcmd_close(int fd)
223 pid_t pid; 221 pid_t pid;
224 222
225 /* make sure this fd was opened by popen() */ 223 /* make sure this fd was opened by popen() */
224 long maxfd = mp_open_max();
226 if(fd < 0 || fd > maxfd || !np_pids || (pid = np_pids[fd]) == 0) 225 if(fd < 0 || fd > maxfd || !np_pids || (pid = np_pids[fd]) == 0)
227 return -1; 226 return -1;
228 227
@@ -246,6 +245,7 @@ runcmd_timeout_alarm_handler (int signo)
246 if (signo == SIGALRM) 245 if (signo == SIGALRM)
247 puts(_("CRITICAL - Plugin timed out while executing system call")); 246 puts(_("CRITICAL - Plugin timed out while executing system call"));
248 247
248 long maxfd = mp_open_max();
249 if(np_pids) for(i = 0; i < maxfd; i++) { 249 if(np_pids) for(i = 0; i < maxfd; i++) {
250 if(np_pids[i] != 0) kill(np_pids[i], SIGKILL); 250 if(np_pids[i] != 0) kill(np_pids[i], SIGKILL);
251 } 251 }
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index 666a0120..6bc0ba81 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -31,9 +31,8 @@
31#include "netutils.h" 31#include "netutils.h"
32 32
33#ifdef HAVE_SSL 33#ifdef HAVE_SSL
34static SSL_CTX *c=NULL; 34static SSL_CTX *ctx=NULL;
35static SSL *s=NULL; 35static SSL *s=NULL;
36static int initialized=0;
37 36
38int np_net_ssl_init(int sd) { 37int np_net_ssl_init(int sd) {
39 return np_net_ssl_init_with_hostname(sd, NULL); 38 return np_net_ssl_init_with_hostname(sd, NULL);
@@ -48,24 +47,24 @@ int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int versi
48} 47}
49 48
50int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) { 49int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) {
51 const SSL_METHOD *method = NULL;
52 long options = 0; 50 long options = 0;
53 51
52 if ((ctx = SSL_CTX_new(TLS_client_method())) == NULL) {
53 printf("%s\n", _("CRITICAL - Cannot create SSL context."));
54 return STATE_CRITICAL;
55 }
56
54 switch (version) { 57 switch (version) {
55 case MP_SSLv2: /* SSLv2 protocol */ 58 case MP_SSLv2: /* SSLv2 protocol */
56#if defined(USE_GNUTLS) || defined(OPENSSL_NO_SSL2)
57 printf("%s\n", _("UNKNOWN - SSL protocol version 2 is not supported by your SSL library.")); 59 printf("%s\n", _("UNKNOWN - SSL protocol version 2 is not supported by your SSL library."));
58 return STATE_UNKNOWN; 60 return STATE_UNKNOWN;
59#else
60 method = SSLv2_client_method();
61 break;
62#endif
63 case MP_SSLv3: /* SSLv3 protocol */ 61 case MP_SSLv3: /* SSLv3 protocol */
64#if defined(OPENSSL_NO_SSL3) 62#if defined(OPENSSL_NO_SSL3)
65 printf("%s\n", _("UNKNOWN - SSL protocol version 3 is not supported by your SSL library.")); 63 printf("%s\n", _("UNKNOWN - SSL protocol version 3 is not supported by your SSL library."));
66 return STATE_UNKNOWN; 64 return STATE_UNKNOWN;
67#else 65#else
68 method = SSLv3_client_method(); 66 SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION);
67 SSL_CTX_set_max_proto_version(ctx, SSL3_VERSION);
69 break; 68 break;
70#endif 69#endif
71 case MP_TLSv1: /* TLSv1 protocol */ 70 case MP_TLSv1: /* TLSv1 protocol */
@@ -73,7 +72,8 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
73 printf("%s\n", _("UNKNOWN - TLS protocol version 1 is not supported by your SSL library.")); 72 printf("%s\n", _("UNKNOWN - TLS protocol version 1 is not supported by your SSL library."));
74 return STATE_UNKNOWN; 73 return STATE_UNKNOWN;
75#else 74#else
76 method = TLSv1_client_method(); 75 SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
76 SSL_CTX_set_max_proto_version(ctx, TLS1_VERSION);
77 break; 77 break;
78#endif 78#endif
79 case MP_TLSv1_1: /* TLSv1.1 protocol */ 79 case MP_TLSv1_1: /* TLSv1.1 protocol */
@@ -81,7 +81,8 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
81 printf("%s\n", _("UNKNOWN - TLS protocol version 1.1 is not supported by your SSL library.")); 81 printf("%s\n", _("UNKNOWN - TLS protocol version 1.1 is not supported by your SSL library."));
82 return STATE_UNKNOWN; 82 return STATE_UNKNOWN;
83#else 83#else
84 method = TLSv1_1_client_method(); 84 SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION);
85 SSL_CTX_set_max_proto_version(ctx, TLS1_1_VERSION);
85 break; 86 break;
86#endif 87#endif
87 case MP_TLSv1_2: /* TLSv1.2 protocol */ 88 case MP_TLSv1_2: /* TLSv1.2 protocol */
@@ -89,7 +90,8 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
89 printf("%s\n", _("UNKNOWN - TLS protocol version 1.2 is not supported by your SSL library.")); 90 printf("%s\n", _("UNKNOWN - TLS protocol version 1.2 is not supported by your SSL library."));
90 return STATE_UNKNOWN; 91 return STATE_UNKNOWN;
91#else 92#else
92 method = TLSv1_2_client_method(); 93 SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
94 SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION);
93 break; 95 break;
94#endif 96#endif
95 case MP_TLSv1_2_OR_NEWER: 97 case MP_TLSv1_2_OR_NEWER:
@@ -97,56 +99,43 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
97 printf("%s\n", _("UNKNOWN - Disabling TLSv1.1 is not supported by your SSL library.")); 99 printf("%s\n", _("UNKNOWN - Disabling TLSv1.1 is not supported by your SSL library."));
98 return STATE_UNKNOWN; 100 return STATE_UNKNOWN;
99#else 101#else
100 options |= SSL_OP_NO_TLSv1_1; 102 SSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION);
103 break;
101#endif 104#endif
102 /* FALLTHROUGH */
103 case MP_TLSv1_1_OR_NEWER: 105 case MP_TLSv1_1_OR_NEWER:
104#if !defined(SSL_OP_NO_TLSv1) 106#if !defined(SSL_OP_NO_TLSv1)
105 printf("%s\n", _("UNKNOWN - Disabling TLSv1 is not supported by your SSL library.")); 107 printf("%s\n", _("UNKNOWN - Disabling TLSv1 is not supported by your SSL library."));
106 return STATE_UNKNOWN; 108 return STATE_UNKNOWN;
107#else 109#else
108 options |= SSL_OP_NO_TLSv1; 110 SSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION);
111 break;
109#endif 112#endif
110 /* FALLTHROUGH */
111 case MP_TLSv1_OR_NEWER: 113 case MP_TLSv1_OR_NEWER:
112#if defined(SSL_OP_NO_SSLv3) 114#if defined(SSL_OP_NO_SSLv3)
113 options |= SSL_OP_NO_SSLv3; 115 SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
116 break;
114#endif 117#endif
115 /* FALLTHROUGH */
116 case MP_SSLv3_OR_NEWER: 118 case MP_SSLv3_OR_NEWER:
117#if defined(SSL_OP_NO_SSLv2) 119#if defined(SSL_OP_NO_SSLv2)
118 options |= SSL_OP_NO_SSLv2; 120 SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION);
121 break;
119#endif 122#endif
120 case MP_SSLv2_OR_NEWER:
121 /* FALLTHROUGH */
122 default: /* Default to auto negotiation */
123 method = SSLv23_client_method();
124 }
125 if (!initialized) {
126 /* Initialize SSL context */
127 SSLeay_add_ssl_algorithms();
128 SSL_load_error_strings();
129 OpenSSL_add_all_algorithms();
130 initialized = 1;
131 }
132 if ((c = SSL_CTX_new(method)) == NULL) {
133 printf("%s\n", _("CRITICAL - Cannot create SSL context."));
134 return STATE_CRITICAL;
135 } 123 }
124
136 if (cert && privkey) { 125 if (cert && privkey) {
137#ifdef USE_OPENSSL 126#ifdef USE_OPENSSL
138 if (!SSL_CTX_use_certificate_chain_file(c, cert)) { 127 if (!SSL_CTX_use_certificate_chain_file(ctx, cert)) {
139#elif USE_GNUTLS 128#elif USE_GNUTLS
140 if (!SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM)) { 129 if (!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) {
141#else 130#else
142#error Unported for unknown SSL library 131#error Unported for unknown SSL library
143#endif 132#endif
144 printf ("%s\n", _("CRITICAL - Unable to open certificate chain file!\n")); 133 printf ("%s\n", _("CRITICAL - Unable to open certificate chain file!\n"));
145 return STATE_CRITICAL; 134 return STATE_CRITICAL;
146 } 135 }
147 SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); 136 SSL_CTX_use_PrivateKey_file(ctx, privkey, SSL_FILETYPE_PEM);
148#ifdef USE_OPENSSL 137#ifdef USE_OPENSSL
149 if (!SSL_CTX_check_private_key(c)) { 138 if (!SSL_CTX_check_private_key(ctx)) {
150 printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); 139 printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n"));
151 return STATE_CRITICAL; 140 return STATE_CRITICAL;
152 } 141 }
@@ -155,9 +144,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
155#ifdef SSL_OP_NO_TICKET 144#ifdef SSL_OP_NO_TICKET
156 options |= SSL_OP_NO_TICKET; 145 options |= SSL_OP_NO_TICKET;
157#endif 146#endif
158 SSL_CTX_set_options(c, options); 147 SSL_CTX_set_options(ctx, options);
159 SSL_CTX_set_mode(c, SSL_MODE_AUTO_RETRY); 148 SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
160 if ((s = SSL_new(c)) != NULL) { 149 if ((s = SSL_new(ctx)) != NULL) {
161#ifdef SSL_set_tlsext_host_name 150#ifdef SSL_set_tlsext_host_name
162 if (host_name != NULL) 151 if (host_name != NULL)
163 SSL_set_tlsext_host_name(s, host_name); 152 SSL_set_tlsext_host_name(s, host_name);
@@ -184,9 +173,9 @@ void np_net_ssl_cleanup() {
184#endif 173#endif
185 SSL_shutdown(s); 174 SSL_shutdown(s);
186 SSL_free(s); 175 SSL_free(s);
187 if (c) { 176 if (ctx) {
188 SSL_CTX_free(c); 177 SSL_CTX_free(ctx);
189 c=NULL; 178 ctx=NULL;
190 } 179 }
191 s=NULL; 180 s=NULL;
192 } 181 }
diff --git a/plugins/t/check_imap.t b/plugins/t/check_imap.t
index 7c74e564..cf2f81c8 100644
--- a/plugins/t/check_imap.t
+++ b/plugins/t/check_imap.t
@@ -25,7 +25,7 @@ $t = NPTest->testCmd( "./check_imap $host_tcp_imap -p 143 -wt 9 -ct 9 -to 10 -e
25cmp_ok( $t->return_code, '==', 0, "Check old parameter options" ); 25cmp_ok( $t->return_code, '==', 0, "Check old parameter options" );
26 26
27$t = NPTest->testCmd( "./check_imap $host_nonresponsive" ); 27$t = NPTest->testCmd( "./check_imap $host_nonresponsive" );
28cmp_ok( $t->return_code, '==', 2, "Get error with non reponsive host" ); 28cmp_ok( $t->return_code, '==', 2, "Get error with non responsive host" );
29 29
30$t = NPTest->testCmd( "./check_imap $hostname_invalid" ); 30$t = NPTest->testCmd( "./check_imap $hostname_invalid" );
31cmp_ok( $t->return_code, '==', 2, "Invalid hostname" ); 31cmp_ok( $t->return_code, '==', 2, "Invalid hostname" );
diff --git a/plugins/t/check_smtp.t b/plugins/t/check_smtp.t
index aa6dae45..1a1ebe3e 100644
--- a/plugins/t/check_smtp.t
+++ b/plugins/t/check_smtp.t
@@ -8,12 +8,14 @@ use strict;
8use Test::More; 8use Test::More;
9use NPTest; 9use NPTest;
10 10
11my $host_tcp_smtp = getTestParameter( "NP_HOST_TCP_SMTP", 11my $host_tcp_smtp = getTestParameter( "NP_HOST_TCP_SMTP",
12 "A host providing an SMTP Service (a mail server)", "mailhost"); 12 "A host providing an SMTP Service (a mail server)", "mailhost");
13my $host_tcp_smtp_tls = getTestParameter( "NP_HOST_TCP_SMTP_TLS", 13my $host_tcp_smtp_starttls = getTestParameter( "NP_HOST_TCP_SMTP_STARTTLS",
14 "A host providing SMTP with STARTTLS", $host_tcp_smtp);
15my $host_tcp_smtp_nostarttls = getTestParameter( "NP_HOST_TCP_SMTP_NOSTARTTLS",
16 "A host providing SMTP without STARTTLS", "");
17my $host_tcp_smtp_tls = getTestParameter( "NP_HOST_TCP_SMTP_TLS",
14 "A host providing SMTP with TLS", $host_tcp_smtp); 18 "A host providing SMTP with TLS", $host_tcp_smtp);
15my $host_tcp_smtp_notls = getTestParameter( "NP_HOST_TCP_SMTP_NOTLS",
16 "A host providing SMTP without TLS", "");
17 19
18my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", 20my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE",
19 "The hostname of system not responsive to network requests", "10.0.0.1" ); 21 "The hostname of system not responsive to network requests", "10.0.0.1" );
@@ -22,7 +24,7 @@ my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID",
22 "An invalid (not known to DNS) hostname", "nosuchhost" ); 24 "An invalid (not known to DNS) hostname", "nosuchhost" );
23my $res; 25my $res;
24 26
25plan tests => 10; 27plan tests => 16;
26 28
27SKIP: { 29SKIP: {
28 skip "No SMTP server defined", 4 unless $host_tcp_smtp; 30 skip "No SMTP server defined", 4 unless $host_tcp_smtp;
@@ -42,22 +44,38 @@ SKIP: {
42 local $TODO = "Output is over two lines"; 44 local $TODO = "Output is over two lines";
43 like ( $res->output, qr/^SMTP WARNING/, "Correct error message" ); 45 like ( $res->output, qr/^SMTP WARNING/, "Correct error message" );
44 } 46 }
47
48 $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp --ssl -p 25" );
49 is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp with TLS on standard SMTP port" );
50 like ($res->output, qr/^CRITICAL - Cannot make SSL connection\./, "Check output of connecting to $host_tcp_smtp with TLS on standard SMTP port");
45} 51}
46 52
47SKIP: { 53SKIP: {
48 skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls; 54 skip "No SMTP server with STARTTLS defined", 1 unless $host_tcp_smtp_starttls;
49 # SSL connection for TLS 55 # SSL connection for STARTTLS
50 $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p 25 -S" ); 56 $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_starttls -p 25 -S" );
51 is ($res->return_code, 0, "OK, with STARTTLS" ); 57 is ($res->return_code, 0, "OK, with STARTTLS" );
52} 58}
53 59
54SKIP: { 60SKIP: {
55 skip "No SMTP server without TLS defined", 2 unless $host_tcp_smtp_notls; 61 skip "No SMTP server without STARTTLS defined", 2 unless $host_tcp_smtp_nostarttls;
56 $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_notls -p 25 -S" ); 62 $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_nostarttls -p 25 -S" );
57 is ($res->return_code, 1, "OK, got warning from server without TLS"); 63 is ($res->return_code, 1, "OK, got warning from server without STARTTLS");
58 is ($res->output, "WARNING - TLS not supported by server", "Right error message" ); 64 is ($res->output, "WARNING - TLS not supported by server", "Right error message" );
59} 65}
60 66
67SKIP: {
68 skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls;
69 $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls --ssl" );
70 is ($res->return_code, 0, "Check rc of connecting to $host_tcp_smtp_tls with TLS" );
71 like ($res->output, qr/^SMTP OK - /, "Check output of connecting to $host_tcp_smtp_tls with TLS" );
72
73 my $unused_port = 4465;
74 $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p $unused_port --ssl" );
75 is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port" );
76 like ($res->output, qr/^connect to address $host_tcp_smtp_tls and port $unused_port: Connection refused/, "Check output of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port");
77}
78
61$res = NPTest->testCmd( "./check_smtp $host_nonresponsive" ); 79$res = NPTest->testCmd( "./check_smtp $host_nonresponsive" );
62is ($res->return_code, 2, "CRITICAL - host non responding" ); 80is ($res->return_code, 2, "CRITICAL - host non responding" );
63 81
diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t
index f2f218fd..576cc506 100644
--- a/plugins/t/check_snmp.t
+++ b/plugins/t/check_snmp.t
@@ -26,22 +26,22 @@ $res = NPTest->testCmd( "./check_snmp -t 1" );
26is( $res->return_code, 3, "No host name" ); 26is( $res->return_code, 3, "No host name" );
27is( $res->output, "No host specified" ); 27is( $res->output, "No host specified" );
28 28
29$res = NPTest->testCmd( "./check_snmp -H fakehostname" ); 29$res = NPTest->testCmd( "./check_snmp -H fakehostname --ignore-mib-parsing-errors" );
30is( $res->return_code, 3, "No OIDs specified" ); 30is( $res->return_code, 3, "No OIDs specified" );
31is( $res->output, "No OIDs specified" ); 31is( $res->output, "No OIDs specified" );
32 32
33$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3 -U not_a_user --seclevel=rubbish" ); 33$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3 -U not_a_user --seclevel=rubbish" );
34is( $res->return_code, 3, "Invalid seclevel" ); 34is( $res->return_code, 3, "Invalid seclevel" );
35like( $res->output, "/check_snmp: Invalid seclevel - rubbish/" ); 35like( $res->output, "/check_snmp: Invalid seclevel - rubbish/" );
36 36
37$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3c" ); 37$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3c" );
38is( $res->return_code, 3, "Invalid protocol" ); 38is( $res->return_code, 3, "Invalid protocol" );
39like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" ); 39like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" );
40 40
41SKIP: { 41SKIP: {
42 skip "no snmp host defined", 50 if ( ! $host_snmp ); 42 skip "no snmp host defined", 50 if ( ! $host_snmp );
43 43
44 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:"); 44 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:");
45 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" ); 45 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" );
46 like($res->output, '/^SNMP OK - (\d+)/', "String contains SNMP OK"); 46 like($res->output, '/^SNMP OK - (\d+)/', "String contains SNMP OK");
47 $res->output =~ /^SNMP OK - (\d+)/; 47 $res->output =~ /^SNMP OK - (\d+)/;
@@ -51,111 +51,111 @@ SKIP: {
51 51
52 52
53 # some more threshold tests 53 # some more threshold tests
54 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1"); 54 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1");
55 cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1" ); 55 cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1" );
56 56
57 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:"); 57 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:");
58 cmp_ok( $res->return_code, '==', 0, "Threshold test -c 1:" ); 58 cmp_ok( $res->return_code, '==', 0, "Threshold test -c 1:" );
59 59
60 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c ~:1"); 60 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c ~:1");
61 cmp_ok( $res->return_code, '==', 2, "Threshold test -c ~:1" ); 61 cmp_ok( $res->return_code, '==', 2, "Threshold test -c ~:1" );
62 62
63 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:10"); 63 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:10");
64 cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1:10" ); 64 cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1:10" );
65 65
66 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c \@1:10"); 66 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c \@1:10");
67 cmp_ok( $res->return_code, '==', 0, "Threshold test -c \@1:10" ); 67 cmp_ok( $res->return_code, '==', 0, "Threshold test -c \@1:10" );
68 68
69 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 10:1"); 69 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 10:1");
70 cmp_ok( $res->return_code, '==', 0, "Threshold test -c 10:1" ); 70 cmp_ok( $res->return_code, '==', 0, "Threshold test -c 10:1" );
71 71
72 72
73 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:"); 73 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:");
74 cmp_ok( $res->return_code, '==', 0, "Test with numeric OID (no mibs loaded)" ); 74 cmp_ok( $res->return_code, '==', 0, "Test with numeric OID (no mibs loaded)" );
75 like($res->output, '/^SNMP OK - \d+/', "String contains SNMP OK"); 75 like($res->output, '/^SNMP OK - \d+/', "String contains SNMP OK");
76 76
77 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0"); 77 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0");
78 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying sysDescr" ); 78 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying sysDescr" );
79 unlike($res->perf_output, '/sysDescr/', "Perfdata doesn't contain string values"); 79 unlike($res->perf_output, '/sysDescr/', "Perfdata doesn't contain string values");
80 80
81 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0,system.sysDescr.0"); 81 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0,system.sysDescr.0");
82 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, comma-separated" ); 82 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, comma-separated" );
83 like($res->output, '/^SNMP OK - /', "String contains SNMP OK"); 83 like($res->output, '/^SNMP OK - /', "String contains SNMP OK");
84 84
85 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0"); 85 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0");
86 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, repeated option" ); 86 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, repeated option" );
87 like($res->output, '/^SNMP OK - /', "String contains SNMP OK"); 87 like($res->output, '/^SNMP OK - /', "String contains SNMP OK");
88 88
89 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1"); 89 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1");
90 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrSWRunIndex.1" ); 90 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrSWRunIndex.1" );
91 like($res->output, '/^SNMP OK - 1\s.*$/', "String fits SNMP OK and output format"); 91 like($res->output, '/^SNMP OK - 1\s.*$/', "String fits SNMP OK and output format");
92 92
93 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0 -c 1:"); 93 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0 -c 1:");
94 cmp_ok( $res->return_code, '==', 1, "Exit WARNING when querying hrSWRunIndex.1 and warn-th doesn't apply " ); 94 cmp_ok( $res->return_code, '==', 1, "Exit WARNING when querying hrSWRunIndex.1 and warn-th doesn't apply " );
95 like($res->output, '/^SNMP WARNING - \*1\*\s.*$/', "String matches SNMP WARNING and output format"); 95 like($res->output, '/^SNMP WARNING - \*1\*\s.*$/', "String matches SNMP WARNING and output format");
96 96
97 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w :0 -c 0"); 97 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w :0 -c 0");
98 cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL when querying hrSWRunIndex.1 and crit-th doesn't apply" ); 98 cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL when querying hrSWRunIndex.1 and crit-th doesn't apply" );
99 like($res->output, '/^SNMP CRITICAL - \*1\*\s.*$/', "String matches SNMP CRITICAL and output format"); 99 like($res->output, '/^SNMP CRITICAL - \*1\*\s.*$/', "String matches SNMP CRITICAL and output format");
100 100
101 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2"); 101 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2");
102 cmp_ok( $res->return_code, '==', 0, "Checking two OIDs at once" ); 102 cmp_ok( $res->return_code, '==', 0, "Checking two OIDs at once" );
103 like($res->output, "/^SNMP OK - 2 1/", "Got two values back" ); 103 like($res->output, "/^SNMP OK - 2 1/", "Got two values back" );
104 like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" ); 104 like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" );
105 like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" ); 105 like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" );
106 106
107 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2"); 107 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2");
108 cmp_ok( $res->return_code, '==', 2, "Checking critical threshold is passed if any one value crosses" ); 108 cmp_ok( $res->return_code, '==', 2, "Checking critical threshold is passed if any one value crosses" );
109 like($res->output, "/^SNMP CRITICAL - 2 *1*/", "Got two values back" ); 109 like($res->output, "/^SNMP CRITICAL - 2 *1*/", "Got two values back" );
110 like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" ); 110 like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" );
111 like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" ); 111 like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" );
112 112
113 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:"); 113 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:");
114 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrMemorySize and hrSystemProcesses"); 114 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrMemorySize and hrSystemProcesses");
115 like($res->output, '/^SNMP OK - \d+ \d+/', "String contains hrMemorySize and hrSystemProcesses"); 115 like($res->output, '/^SNMP OK - \d+ \d+/', "String contains hrMemorySize and hrSystemProcesses");
116 116
117 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0"); 117 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0");
118 cmp_ok( $res->return_code, '==', 0, "Exit OK with inside-range thresholds"); 118 cmp_ok( $res->return_code, '==', 0, "Exit OK with inside-range thresholds");
119 like($res->output, '/^SNMP OK - 1\s.*$/', "String matches SNMP OK and output format"); 119 like($res->output, '/^SNMP OK - 1\s.*$/', "String matches SNMP OK and output format");
120 120
121 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3"); 121 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3");
122 $res->output =~ m/^SNMP OK - (\d+\.\d{2})\s.*$/; 122 $res->output =~ m/^SNMP OK - (\d+\.\d{2})\s.*$/;
123 my $lower = $1 - 0.05; 123 my $lower = $1 - 0.05;
124 my $higher = $1 + 0.05; 124 my $higher = $1 + 0.05;
125 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher"); 125 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher");
126 cmp_ok( $res->return_code, '==', 1, "Exit WARNING with fractionnal arguments"); 126 cmp_ok( $res->return_code, '==', 1, "Exit WARNING with fractionnal arguments");
127 127
128 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2"); 128 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2");
129 cmp_ok( $res->return_code, '==', 1, "Exit WARNING on 2nd threshold"); 129 cmp_ok( $res->return_code, '==', 1, "Exit WARNING on 2nd threshold");
130 like($res->output, '/^SNMP WARNING - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s+\*1\*\s.*$/', "First OID returned as string, 2nd checked for thresholds"); 130 like($res->output, '/^SNMP WARNING - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s+\*1\*\s.*$/', "First OID returned as string, 2nd checked for thresholds");
131 131
132 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''"); 132 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''");
133 cmp_ok( $res->return_code, '==', 0, "Empty thresholds doesn't crash"); 133 cmp_ok( $res->return_code, '==', 0, "Empty thresholds doesn't crash");
134 134
135 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2"); 135 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2");
136 cmp_ok( $res->return_code, '==', 0, "Skipping first two thresholds on 2 OID check"); 136 cmp_ok( $res->return_code, '==', 0, "Skipping first two thresholds on 2 OID check");
137 like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping first two thresholds, result printed rather than parsed"); 137 like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping first two thresholds, result printed rather than parsed");
138 138
139 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,"); 139 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,");
140 cmp_ok( $res->return_code, '==', 0, "Skipping all thresholds"); 140 cmp_ok( $res->return_code, '==', 0, "Skipping all thresholds");
141 like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping all thresholds, result printed rather than parsed"); 141 like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping all thresholds, result printed rather than parsed");
142 142
143 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'"); 143 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'");
144 cmp_ok( $res->return_code, '==', 2, "Timetick used as a threshold"); 144 cmp_ok( $res->return_code, '==', 2, "Timetick used as a threshold");
145 like($res->output, '/^SNMP CRITICAL - \*\d+\* 1\/100 sec.*$/', "Timetick used as a threshold, parsed as numeric"); 145 like($res->output, '/^SNMP CRITICAL - \*\d+\* 1\/100 sec.*$/', "Timetick used as a threshold, parsed as numeric");
146 146
147 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0"); 147 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0");
148 cmp_ok( $res->return_code, '==', 0, "Timetick used as a string"); 148 cmp_ok( $res->return_code, '==', 0, "Timetick used as a string");
149 like($res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "Timetick used as a string, result printed rather than parsed"); 149 like($res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "Timetick used as a string, result printed rather than parsed");
150 150
151 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1"); 151 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1");
152 cmp_ok( $res->return_code, '==', 0, "snmp response without datatype"); 152 cmp_ok( $res->return_code, '==', 0, "snmp response without datatype");
153 like( $res->output, '/^SNMP OK - "(systemd|init)" \| $/', "snmp response without datatype" ); 153 like( $res->output, '/^SNMP OK - "(systemd|init)" \| $/', "snmp response without datatype" );
154} 154}
155 155
156SKIP: { 156SKIP: {
157 skip "no SNMP user defined", 1 if ( ! $user_snmp ); 157 skip "no SNMP user defined", 1 if ( ! $user_snmp );
158 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv"); 158 $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv");
159 like( $res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "noAuthNoPriv security level works properly" ); 159 like( $res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "noAuthNoPriv security level works properly" );
160} 160}
161 161
@@ -163,14 +163,14 @@ SKIP: {
163# the tests can run on hosts w/o snmp host/community in NPTest.cache. Execution will fail anyway 163# the tests can run on hosts w/o snmp host/community in NPTest.cache. Execution will fail anyway
164SKIP: { 164SKIP: {
165 skip "no non responsive host defined", 2 if ( ! $host_nonresponsive ); 165 skip "no non responsive host defined", 2 if ( ! $host_nonresponsive );
166 $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); 166 $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
167 cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL with non responsive host" ); 167 cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL with non responsive host" );
168 like($res->output, '/Plugin timed out while executing system call/', "String matches timeout problem"); 168 like($res->output, '/Plugin timed out while executing system call/', "String matches timeout problem");
169} 169}
170 170
171SKIP: { 171SKIP: {
172 skip "no non invalid host defined", 2 if ( ! $hostname_invalid ); 172 skip "no non invalid host defined", 2 if ( ! $hostname_invalid );
173 $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); 173 $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
174 cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" ); 174 cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" );
175 like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host)/', "String matches invalid host"); 175 like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host).*/s', "String matches invalid host");
176} 176}
diff --git a/plugins/t/check_users.t b/plugins/t/check_users.t
index 088f3b52..9ebc2fc6 100644
--- a/plugins/t/check_users.t
+++ b/plugins/t/check_users.t
@@ -2,7 +2,7 @@
2# 2#
3# Logged in Users Tests via check_users 3# Logged in Users Tests via check_users
4# 4#
5# Trick: This ckeck requires at least 1 user logged in. These commands should 5# Trick: This check requires at least 1 user logged in. These commands should
6# leave a session open forever in the background: 6# leave a session open forever in the background:
7# 7#
8# $ ssh -tt localhost </dev/null >/dev/null 2>/dev/null & 8# $ ssh -tt localhost </dev/null >/dev/null 2>/dev/null &
diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
index 72f2b7c2..3c914830 100755
--- a/plugins/tests/check_curl.t
+++ b/plugins/tests/check_curl.t
@@ -9,7 +9,7 @@
9# Country Name (2 letter code) [AU]:DE 9# Country Name (2 letter code) [AU]:DE
10# State or Province Name (full name) [Some-State]:Bavaria 10# State or Province Name (full name) [Some-State]:Bavaria
11# Locality Name (eg, city) []:Munich 11# Locality Name (eg, city) []:Munich
12# Organization Name (eg, company) [Internet Widgits Pty Ltd]:Monitoring Plugins 12# Organization Name (eg, company) [Internet Widgets Pty Ltd]:Monitoring Plugins
13# Organizational Unit Name (eg, section) []: 13# Organizational Unit Name (eg, section) []:
14# Common Name (e.g. server FQDN or YOUR name) []:Monitoring Plugins 14# Common Name (e.g. server FQDN or YOUR name) []:Monitoring Plugins
15# Email Address []:devel@monitoring-plugins.org 15# Email Address []:devel@monitoring-plugins.org
diff --git a/plugins/utils.c b/plugins/utils.c
index b4214c61..71c0bdd8 100644
--- a/plugins/utils.c
+++ b/plugins/utils.c
@@ -804,19 +804,3 @@ char *sperfdata_int (const char *label,
804 804
805 return data; 805 return data;
806} 806}
807
808int
809open_max (void)
810{
811 errno = 0;
812 if (maxfd > 0)
813 return(maxfd);
814
815 if ((maxfd = sysconf (_SC_OPEN_MAX)) < 0) {
816 if (errno == 0)
817 maxfd = DEFAULT_MAXFD; /* it's indeterminate */
818 else
819 die (STATE_UNKNOWN, _("sysconf error for _SC_OPEN_MAX\n"));
820 }
821 return(maxfd);
822}
diff --git a/plugins/utils.h b/plugins/utils.h
index c76b3216..cb979ce7 100644
--- a/plugins/utils.h
+++ b/plugins/utils.h
@@ -106,8 +106,6 @@ char *sperfdata (const char *, double, const char *, char *, char *,
106char *sperfdata_int (const char *, int, const char *, char *, char *, 106char *sperfdata_int (const char *, int, const char *, char *, char *,
107 int, int, int, int); 107 int, int, int, int);
108 108
109int open_max (void);
110
111/* The idea here is that, although not every plugin will use all of these, 109/* The idea here is that, although not every plugin will use all of these,
112 most will or should. Therefore, for consistency, these very common 110 most will or should. Therefore, for consistency, these very common
113 options should have only these meanings throughout the overall suite */ 111 options should have only these meanings throughout the overall suite */