1 files changed, 431 insertions, 0 deletions
diff --git a/contrib/check_citrix b/contrib/check_citrix
new file mode 100755
index 0000000..42d582e
--- /dev/null
+++ b/contrib/check_citrix
@@ -0,0 +1,431 @@
+#!/usr/bin/perl -w
+# $Id$
+# $Log$
+# Revision 1.1  2002/11/29 12:02:00  stanleyhopcroft
+# New plugin to check the ICA browse service (used by Citrix Metaframe servers) from
+# Ed Rolison and Tom De Blende.
+#
+# Ed Rolison 15/06/02
+# ed@nightstalker.net
+# If it doesn't work, please let me know, I've only had access to my
+# environment so I'm not 100% sure.
+#
+# If you want to mess around with this script, then please feel free
+# to do so.
+# However, if you add anything 'funky' then I'd really appreciate
+# hearing about it.
+#
+# Oh, and if you do ever make huge amounts of money out of it, cut me
+# in :)
+use strict ;
+use IO::Socket;
+use IO::Select;
+use FileHandle;
+use Getopt::Long ;
+use vars qw($opt_H $opt_B $opt_W $opt_T $debug @citrix_servers $crit_pub_apps $warn_pub_apps $long_list);
+use utils qw(%ERRORS &print_revision &support &usage);
+my $PROGNAME = 'check_citrix' ;
+sub print_help ();
+sub print_usage ();
+sub help ();
+sub version ();
+delete @ENV{'PATH', 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
+# You might have to change this...
+use constant PACKET_TIMEOUT     => 1;
+                                # Number of seconds to wait for further UDP packets
+use constant TEST_COUNT         => 2;
+                                # Number of datagrams sent without reply 
+use constant BUFFER_SIZE        => 1500;
+                                # buffer size used for 'recv' calls.
+use constant LONG_LIST          => 0 ;
+                                # this is for if you have many published applications.
+                                # if you set it, it won't do any harm, but may slow the test
+                                # down a little. (Since it does a 'recv' twice instead of 
+                                # once and therefore may have to wait for a timeout).
+use constant ICA_PORT   => 1604;
+                                # what port ICA runs on. Unlikely to change.
+# End user config.
+Getopt::Long::Configure('bundling', 'no_ignore_case');
+GetOptions
+        ("V|version"     => \&version,
+         "h|help"        => \&help,
+         "d|debug"       => \$debug,
+         "B|broadcast_addr:s"   => \$opt_B,
+         "C|citrix_servers:s"   => \@citrix_servers,
+         "L|long_list"  => \$long_list,
+         "P|crit_pub_apps:s"    => \$crit_pub_apps,
+         "T|Packet_timeout:i"   => \$opt_T,
+         "W|warn_pub_apps:s"    => \$warn_pub_apps,
+) ;
+# configuration section
+my $broadcast_addr = $1 if $opt_B and $opt_B =~ m#(\d+\.\d+\.\d+\.\d+)# ;
+usage("Invalid broadcast address: $opt_B\n") if $opt_B and not defined($broadcast_addr)  ;
+usage("You must provide either the names of citrix servers or the broadcast address of the subnet containing them\n")
+  unless (@citrix_servers or $broadcast_addr) ;
+my @target = defined $broadcast_addr ? ($broadcast_addr) : @citrix_servers ;
+usage("You must provide the names of the published applications that the Citrix browser should be advertising\n")
+  unless $crit_pub_apps or $warn_pub_apps ;
+my $Timeout = $opt_T            if defined $opt_T ;
+$Timeout = PACKET_TIMEOUT       unless defined $Timeout ;
+$long_list = LONG_LIST          unless defined $long_list ;
+my @crit_pub_apps = $crit_pub_apps ? split(/,/, $crit_pub_apps) : () ;
+my @warn_pub_apps = $warn_pub_apps ? split(/,/, $warn_pub_apps) : () ;
+# definitions of query strings. Change at your own risk :)
+# this info was gathered with tcpdump whilst trying to use an ICA client,
+# so I'm not 100% sure of what each value is.
+my @bcast_helo = &tethereal2list(<<'End_of_Tethereal_trace', '1e') ;
+0020  ff ff 04 d6 06 44 00 26 4a 76 1e 00 01 30 02 fd   .....D.&Jv...0..
+0030  a8 e3 00 02 f5 95 9f f5 30 07 00 00 00 00 00 00   ........0.......
+0040  00 00 00 00 00 00 01 00
+End_of_Tethereal_trace
+my @bcast_query_app = &tethereal2list(<<'End_of_Tethereal_trace', '24') ;
+0020  64 17 04 50 06 44 00 2c 85 6a 24 00 01 32 02 fd   d..P.D.,.j$..2..
+0030  a8 e3 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
+0040  00 00 00 00 00 00 21 00 02 00 00 00 00 00         ......!......
+End_of_Tethereal_trace
+my @direct_helo = &tethereal2list(<<'End_of_Tethereal_trace', '20') ;
+0020  64 17 05 0f 06 44 00 28 ab b5 20 00 01 30 02 fd   d....D.(.. ..0..
+0030  a8 e3 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
+0040  00 00 00 00 00 00 00 00 00 00
+End_of_Tethereal_trace
+my @direct_query_app = &tethereal2list(<<'End_of_Tethereal_trace', '2c') ;
+0020  64 17 05 10 06 44 00 34 7a 9a 2c 00 02 32 02 fd   d....D.4z.,..2..
+0030  a8 e3 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
+0040  00 00 00 00 00 00 21 00 02 00 01 00 00 00 00 00   ......!.........
+0050  00 00 00 00 00 00
+End_of_Tethereal_trace
+my $Udp =  IO::Socket::INET->new( Proto => 'udp' ) || die "Socket failure: $!";
+# select is here to allow us to set timeouts on the connections.  Otherwise they 
+# just 'stop' until a server appears.
+my $select =  IO::Select->new($Udp) || die "Select failure: $!";
+# helo needs to be broadcast, but query does not.
+$Udp->sockopt(SO_BROADCAST, 1 );
+$Udp->autoflush(1);
+my ($remote_host, $buff, $buff2, $raddr, $rport, $rhost, @remote_response);
+my (@query_message, $send_addr, $this_test) ;
+$buff = $buff2 = '';
+$this_test = 0;
+# If there is no response to the first helo packet it will be resent
+# up to TEST_COUNT (see at the top).
+while ( ++$this_test <= TEST_COUNT && !$buff ) {
+  print "Sending helo datagram. datagram number: ", $this_test, "\n" if $debug ;
+  # if we have multiple targets, we probe each of them until we get a 
+  # response...
+  foreach my $destination (@target) { 
+     @query_message = ( $broadcast_addr ? @bcast_helo : @direct_helo) ;
+     print "Querying $destination for master browser\n" if  $debug  ;
+     $send_addr = sockaddr_in(ICA_PORT, inet_aton($destination) );
+     &dump(pack('C*', @query_message)) if $debug ;
+     $Udp->send( pack('C*', @query_message), 0, $send_addr ); 
+     if ( $select->can_read($Timeout) ) {
+       $remote_host = $Udp->recv($buff, BUFFER_SIZE, 0 );
+     }
+     last if $buff ;
+     sleep 1 ;
+  } # foreach destination
+} # while loop
+# ok we've looped several times, looking for a response. If we don't have one 
+# yet, we simply mark the whole lot as being unavailable.
+unless ( $buff ) {
+  print "Failed. No response to helo datagram (master browser query) from ", $broadcast_addr ? $broadcast_addr : "@citrix_servers", ".\n" ;
+  exit $ERRORS{CRITICAL} ;
+}
+($rport, $raddr) = sockaddr_in( $remote_host );
+$rhost = gethostbyaddr( $raddr, AF_INET );
+my @tmpbuf = unpack('C*', $buff );
+if ( $debug ) {
+  print "$rhost:$rport responded with: ",length($buff), " bytes\n";
+  &dump($buff) ;
+} #if debug
+# now we have a response, then we need to figure out the master browser, and 
+# query it for published applications...
+my $master_browser = join '.', @tmpbuf[32..35] ;
+     
+# ok should probably error check this, because it's remotely possible
+# that a server response might be completely wrong...
+      
+print "Master browser = $master_browser\n" if  $debug ;
+$send_addr = sockaddr_in(ICA_PORT, inet_aton($master_browser));
+if ( $broadcast_addr ) {
+  print "using broadcast query\n" if $debug ;
+  @query_message = @bcast_query_app;
+} else {
+  print "using directed query\n" if $debug ;
+  @query_message = @direct_query_app;
+}
+   
+# now we send the appropriate query string, to the master browser we've found.
+$buff = '';
+$this_test = 0 ;
+print "Querying master browser for published application list\n" if  $debug  ;
+while ( ++$this_test <= TEST_COUNT && !$buff ) {
+  print "Sending application query datagram.  datagram number: ", $this_test, "\n" if $debug ;
+  &dump(pack('C*', @query_message)) if $debug ;
+  $Udp->send( pack ('C*', @query_message), 0, $send_addr ); 
+  if ( $select->can_read($Timeout) ) {
+    $remote_host = $Udp->recv($buff, BUFFER_SIZE, 0 );
+    # $buff = substr($buff, 32) ;
+                                                # Hope that ICA preamble is first 32 bytes
+   }
+  # long application lists are delivered in multiple packets
+  
+  my $buff2 = '' ;
+  while ( $long_list && $select->can_read($Timeout) ) {
+    $remote_host = $Udp->recv($buff2, BUFFER_SIZE, 0 );
+    $buff .= $buff2 if $buff2 ;
+    # $buff .= substr($buff2, 32) if $buff2 ;
+                                                # Hope that ICA preamble is first 32 bytes
+  }
+  last if $buff ;
+  sleep 1 ;
+} # while test_count
+unless ( $buff ) {
+  print "Failed. No response to application query datagram from ", $master_browser, ".\n" ;
+  exit $ERRORS{CRITICAL} ;
+}
+# we got a response from a couple of retries of the app query
+($rport, $raddr) = sockaddr_in ( $remote_host );
+$rhost = gethostbyaddr ( $raddr, AF_INET );
+if ( $debug ) {
+  print "$rhost:$rport responded to app query with: ",length($buff), " bytes\n";
+  &dump($buff) ;
+} #debug
+my $app_list = $buff ;
+                                                # delete nulls in unicode
+                                                # but only if there is unicode (usually from
+                                                # broadcast query)
+$app_list =~ s/(?:(\w| |-)\x00)/$1/g
+  if $app_list =~ /(?:(?:(?:\w| |-)\x00){3,})/ ;
+                                                # FIXME an application name is
+                                                # 3 or more unicoded characters
+                                                # FIXME locale
+                                                # extract null terminated strings
+my (@clean_app_list, $clean_app_list) ;
+$clean_app_list = join(',', @clean_app_list = $app_list =~ m#([A-Za-z](?:\w| |-|[�������])+?(?=\x00))#g ) ;
+                                                # patch for German umlauts et al from Herr Mike Gerber.
+# $clean_app_list = join(',', @clean_app_list = $app_list =~ m#([A-Z](?:\w| |-)+?(?=\x00))#g ) ;
+                                                # FIXME everyones apps don't start with caps
+print qq(Received list of applications: "$clean_app_list".\n) if $debug ;
+if ( scalar @crit_pub_apps and my @missing = &simple_diff(\@clean_app_list, \@crit_pub_apps) ) {
+  print qq(Failed. "@missing" not found in list of published applications), 
+        qq( "$clean_app_list" from master browser "$master_browser".\n) ;
+  exit $ERRORS{CRITICAL} ;
+}
+if ( my @missing = &simple_diff(\@clean_app_list, \@warn_pub_apps) ) {
+  print qq(Warning. "@missing" not found in list of published applications), 
+        qq( "$clean_app_list" from master browser "$master_browser".\n) ;
+  exit $ERRORS{WARNING} ;
+}
+my @x = (@crit_pub_apps, @warn_pub_apps) ;
+my $blah = ( scalar(@x) == 1 ? 'the published application "' . join(',', @x) . '" is available' :
+                               'the published applications "' . join(',', @x) . '" are available' ) ;
+ 
+print qq(Ok. Citrix master browser "$master_browser" reported that $blah.\n) ;
+exit $ERRORS{OK} ;
+# sleep $Timeout;
+                                                # because otherwise we can get responses from
+                                                # the WRONG servers. DOH
+close $Udp;
+sub print_usage () {
+        print "Usage: $PROGNAME (-B <broadcast_address>| -C <citrix_server>..) -W <pub_app1,pub_app2..> -P <pub_app1,pub_app2,>\n";
+}
+sub print_help () {
+        print_revision($PROGNAME,'$Revision$ ');
+        print "Copyright (c) 2002 Ed Rolison/Tom De Blende/Karl DeBisschop/S Hopcroft
+Perl Check Citrix plugin for NetSaint.
+Returns OK if the Citrix master browser returns  a 'published application' list that contain names specified by the -W or -P options
+The plugin works by
+  If the -B option is specified, sending a broadcast helo to find the address of the Citrix master browser in the specified subnet.
+    return critical if there is no reply;
+  Else if the -C option is specified 
+    send a direct helo to the specified server until there is a response (containing the address of the Citrix master browser)
+  Query the master browser (using a 'broadcast published applications query ' if -B) and compare the published applications returned
+    to those specified by -W and -P options
+  return Critical if the published applications specified by -P is not a subset of the query responses; 
+  return Warning  if the published applications specified by -W is not a subset of the query responses; 
+  return OK
+";
+        print_usage();
+        print '
+-B, --broadcast_address=STRING
+   The broadcast address that should contain Citrix master browser. This option takes precedence over -C.
+-C, --citrix_server:STRING
+   Optional __name(s)__ of Citrix servers that could be the master browser (used when broadcast not possible).
+-L, --long_list
+   Set this if you have heaps of published applications (ie more than will fit in _one_ UDP packet)
+-P, --crit_published_app=STRING
+   Optional comma separated list of published application that must be in the response from the master browser.
+   Check returns critical otherwise.
+-T, --packet-timeout:INTEGER
+   Time to wait for UDP packets (default 1 sec).
+-W, --warn_published_app=STRING
+   Optional comma separated list of published application that should be in the response from the master browser.
+   Check returns warning otherwise.
+-d, --debug
+   Debugging output.
+-h, --help
+   This stuff.
+';
+        support();
+}
+sub version () {
+        print_revision($PROGNAME,'$Revision$ ');
+        exit $ERRORS{'OK'};
+}
+sub help () {
+        print_help();
+        exit $ERRORS{'OK'};
+}
+sub dump {
+  my ($x) = shift @_ ;
+  my (@x, @y, $y, $i, $rowcount) ;
+  my ($nr, $j, $number_in_row, $number_of_bytes) ;
+  my $dump ;
+  $number_in_row = 16 ;
+  $number_of_bytes = length $x ;
+  $nr = 0 ;
+  # styled on tethereal.
+  foreach $j (1 .. int( $number_of_bytes / $number_in_row) ) {
+    $y = substr($x, ($j - 1)*$number_in_row, $number_in_row) ; 
+    @y = unpack("C*", $y) ;
+    $y =~ tr /\x00-\x19/./ ;
+    $rowcount = sprintf("%4.4x", ($j - 1) * 0x10 ) ;
+    $dump .= sprintf "%s  %s   %s\n", $rowcount, join(" ", map { sprintf "%2.2x", $_} @y), $y ;
+    $nr++ ;
+  }
+  if ( $number_of_bytes % $number_in_row > 0 ) {
+    my $spaces_to_text = $number_in_row * 3 - 1 + 3 ;
+    $rowcount = sprintf("%4.4x", $nr * 0x10 ) ;
+    $y = substr($x, $nr * $number_in_row ) ;
+    @y = unpack("C*", $y) ;
+    my $bytes = join(" ", map { sprintf "%2.2x", $_} @y) ;
+    my $spaces = ' ' x ($spaces_to_text - length($bytes)) ;
+    $dump .= sprintf "%s  %s%s%s\n", $rowcount, $bytes, $spaces, $y ;
+  }
+  print $dump, "\n" ;
+  
+}
+sub tethereal2list {
+  my ($tethereal_dump, $start_byte) = @_ ;
+  # return an array containing qw(0xef 0xab 0x00 ...) from a tethereal trace.
+  # skip all stuff until the first byte given by $start_byte.
+  return undef unless $tethereal_dump =~ /\d\d\d\d  \S\S(?: \S\S){1,15}/ ;
+  my $hex_start_byte = hex($start_byte) ;
+  my @x = $tethereal_dump =~ m#(.+)#g ;
+  my @y = map unpack("x6 a47", $_), @x ;
+  my @z = map { my $y = $_; $y =~ s/(\S\S)/hex($1)/eg; my @a = split(' ', $y); @a  } @y ;
+  shift @z, while $z[0] ne $hex_start_byte ;
+  @z ;
+}
+sub simple_diff {
+  my ( $a_list, $b_list) = @_ ;
+  # simple set difference 'Recipe 4.7 Perl Cookbook', Christiansen and Torkington
+  my (%seen, @missing) ;
+  @seen{@$a_list} = () ;
+  foreach my $item (@$b_list) {
+    push @missing, $item unless exists $seen{$item} ;
+  }
+  @missing ;
+}

diff --git a/contrib/check_citrix b/contrib/check_citrix new file mode 100755 index 0000000..42d582e --- /dev/null +++ b/contrib/check_citrix
@@ -0,0 +1,431 @@
	1	#!/usr/bin/perl -w
	2
	3	# $Id$
	4
	5	# $Log$
	6	# Revision 1.1 2002/11/29 12:02:00 stanleyhopcroft
	7	# New plugin to check the ICA browse service (used by Citrix Metaframe servers) from
	8	# Ed Rolison and Tom De Blende.
	9	#
	10
	11	# Ed Rolison 15/06/02
	12	# ed@nightstalker.net
	13	# If it doesn't work, please let me know, I've only had access to my
	14	# environment so I'm not 100% sure.
	15	#
	16	# If you want to mess around with this script, then please feel free
	17	# to do so.
	18	# However, if you add anything 'funky' then I'd really appreciate
	19	# hearing about it.
	20	#
	21	# Oh, and if you do ever make huge amounts of money out of it, cut me
	22	# in :)
	23
	24	use strict ;
	25
	26	use IO::Socket;
	27	use IO::Select;
	28	use FileHandle;
	29	use Getopt::Long ;
	30
	31	use vars qw($opt_H $opt_B $opt_W $opt_T $debug @citrix_servers $crit_pub_apps $warn_pub_apps $long_list);
	32	use utils qw(%ERRORS &print_revision &support &usage);
	33
	34	my $PROGNAME = 'check_citrix' ;
	35
	36	sub print_help ();
	37	sub print_usage ();
	38	sub help ();
	39	sub version ();
	40
	41	delete @ENV{'PATH', 'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};
	42
	43	# You might have to change this...
	44
	45	use constant PACKET_TIMEOUT => 1;
	46	# Number of seconds to wait for further UDP packets
	47	use constant TEST_COUNT => 2;
	48	# Number of datagrams sent without reply
	49	use constant BUFFER_SIZE => 1500;
	50	# buffer size used for 'recv' calls.
	51	use constant LONG_LIST => 0 ;
	52	# this is for if you have many published applications.
	53	# if you set it, it won't do any harm, but may slow the test
	54	# down a little. (Since it does a 'recv' twice instead of
	55	# once and therefore may have to wait for a timeout).
	56	use constant ICA_PORT => 1604;
	57	# what port ICA runs on. Unlikely to change.
	58
	59	# End user config.
	60
	61	Getopt::Long::Configure('bundling', 'no_ignore_case');
	62	GetOptions
	63	("V\|version" => \&version,
	64	"h\|help" => \&help,
	65	"d\|debug" => \$debug,
	66	"B\|broadcast_addr:s" => \$opt_B,
	67	"C\|citrix_servers:s" => \@citrix_servers,
	68	"L\|long_list" => \$long_list,
	69	"P\|crit_pub_apps:s" => \$crit_pub_apps,
	70	"T\|Packet_timeout:i" => \$opt_T,
	71	"W\|warn_pub_apps:s" => \$warn_pub_apps,
	72	) ;
	73
	74	# configuration section
	75
	76	my $broadcast_addr = $1 if $opt_B and $opt_B =~ m#(\d+\.\d+\.\d+\.\d+)# ;
	77	usage("Invalid broadcast address: $opt_B\n") if $opt_B and not defined($broadcast_addr) ;
	78
	79	usage("You must provide either the names of citrix servers or the broadcast address of the subnet containing them\n")
	80	unless (@citrix_servers or $broadcast_addr) ;
	81
	82	my @target = defined $broadcast_addr ? ($broadcast_addr) : @citrix_servers ;
	83
	84	usage("You must provide the names of the published applications that the Citrix browser should be advertising\n")
	85	unless $crit_pub_apps or $warn_pub_apps ;
	86
	87	my $Timeout = $opt_T if defined $opt_T ;
	88	$Timeout = PACKET_TIMEOUT unless defined $Timeout ;
	89	$long_list = LONG_LIST unless defined $long_list ;
	90
	91	my @crit_pub_apps = $crit_pub_apps ? split(/,/, $crit_pub_apps) : () ;
	92	my @warn_pub_apps = $warn_pub_apps ? split(/,/, $warn_pub_apps) : () ;
	93
	94	# definitions of query strings. Change at your own risk :)
	95	# this info was gathered with tcpdump whilst trying to use an ICA client,
	96	# so I'm not 100% sure of what each value is.
	97
	98	my @bcast_helo = &tethereal2list(<<'End_of_Tethereal_trace', '1e') ;
	99	0020 ff ff 04 d6 06 44 00 26 4a 76 1e 00 01 30 02 fd .....D.&Jv...0..
	100	0030 a8 e3 00 02 f5 95 9f f5 30 07 00 00 00 00 00 00 ........0.......
	101	0040 00 00 00 00 00 00 01 00
	102	End_of_Tethereal_trace
	103
	104	my @bcast_query_app = &tethereal2list(<<'End_of_Tethereal_trace', '24') ;
	105	0020 64 17 04 50 06 44 00 2c 85 6a 24 00 01 32 02 fd d..P.D.,.j$..2..
	106	0030 a8 e3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
	107	0040 00 00 00 00 00 00 21 00 02 00 00 00 00 00 ......!......
	108	End_of_Tethereal_trace
	109
	110	my @direct_helo = &tethereal2list(<<'End_of_Tethereal_trace', '20') ;
	111	0020 64 17 05 0f 06 44 00 28 ab b5 20 00 01 30 02 fd d....D.(.. ..0..
	112	0030 a8 e3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
	113	0040 00 00 00 00 00 00 00 00 00 00
	114	End_of_Tethereal_trace
	115
	116	my @direct_query_app = &tethereal2list(<<'End_of_Tethereal_trace', '2c') ;
	117	0020 64 17 05 10 06 44 00 34 7a 9a 2c 00 02 32 02 fd d....D.4z.,..2..
	118	0030 a8 e3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
	119	0040 00 00 00 00 00 00 21 00 02 00 01 00 00 00 00 00 ......!.........
	120	0050 00 00 00 00 00 00
	121	End_of_Tethereal_trace
	122
	123	my $Udp = IO::Socket::INET->new( Proto => 'udp' ) \|\| die "Socket failure: $!";
	124
	125	# select is here to allow us to set timeouts on the connections. Otherwise they
	126	# just 'stop' until a server appears.
	127
	128	my $select = IO::Select->new($Udp) \|\| die "Select failure: $!";
	129
	130	# helo needs to be broadcast, but query does not.
	131
	132	$Udp->sockopt(SO_BROADCAST, 1 );
	133	$Udp->autoflush(1);
	134
	135	my ($remote_host, $buff, $buff2, $raddr, $rport, $rhost, @remote_response);
	136	my (@query_message, $send_addr, $this_test) ;
	137
	138	$buff = $buff2 = '';
	139	$this_test = 0;
	140
	141	# If there is no response to the first helo packet it will be resent
	142	# up to TEST_COUNT (see at the top).
	143
	144	while ( ++$this_test <= TEST_COUNT && !$buff ) {
	145
	146	print "Sending helo datagram. datagram number: ", $this_test, "\n" if $debug ;
	147
	148	# if we have multiple targets, we probe each of them until we get a
	149	# response...
	150
	151	foreach my $destination (@target) {
	152	@query_message = ( $broadcast_addr ? @bcast_helo : @direct_helo) ;
	153	print "Querying $destination for master browser\n" if $debug ;
	154	$send_addr = sockaddr_in(ICA_PORT, inet_aton($destination) );
	155	&dump(pack('C*', @query_message)) if $debug ;
	156	$Udp->send( pack('C*', @query_message), 0, $send_addr );
	157	if ( $select->can_read($Timeout) ) {
	158	$remote_host = $Udp->recv($buff, BUFFER_SIZE, 0 );
	159	}
	160
	161	last if $buff ;
	162	sleep 1 ;
	163
	164	} # foreach destination
	165	} # while loop
	166
	167	# ok we've looped several times, looking for a response. If we don't have one
	168	# yet, we simply mark the whole lot as being unavailable.
	169
	170	unless ( $buff ) {
	171	print "Failed. No response to helo datagram (master browser query) from ", $broadcast_addr ? $broadcast_addr : "@citrix_servers", ".\n" ;
	172	exit $ERRORS{CRITICAL} ;
	173	}
	174
	175	($rport, $raddr) = sockaddr_in( $remote_host );
	176	$rhost = gethostbyaddr( $raddr, AF_INET );
	177	my @tmpbuf = unpack('C*', $buff );
	178	if ( $debug ) {
	179	print "$rhost:$rport responded with: ",length($buff), " bytes\n";
	180	&dump($buff) ;
	181	} #if debug
	182
	183	# now we have a response, then we need to figure out the master browser, and
	184	# query it for published applications...
	185
	186	my $master_browser = join '.', @tmpbuf[32..35] ;
	187
	188	# ok should probably error check this, because it's remotely possible
	189	# that a server response might be completely wrong...
	190
	191	print "Master browser = $master_browser\n" if $debug ;
	192
	193	$send_addr = sockaddr_in(ICA_PORT, inet_aton($master_browser));
	194
	195	if ( $broadcast_addr ) {
	196	print "using broadcast query\n" if $debug ;
	197	@query_message = @bcast_query_app;
	198	} else {
	199	print "using directed query\n" if $debug ;
	200	@query_message = @direct_query_app;
	201	}
	202
	203	# now we send the appropriate query string, to the master browser we've found.
	204
	205	$buff = '';
	206	$this_test = 0 ;
	207
	208	print "Querying master browser for published application list\n" if $debug ;
	209
	210	while ( ++$this_test <= TEST_COUNT && !$buff ) {
	211	print "Sending application query datagram. datagram number: ", $this_test, "\n" if $debug ;
	212	&dump(pack('C*', @query_message)) if $debug ;
	213	$Udp->send( pack ('C*', @query_message), 0, $send_addr );
	214
	215	if ( $select->can_read($Timeout) ) {
	216	$remote_host = $Udp->recv($buff, BUFFER_SIZE, 0 );
	217	# $buff = substr($buff, 32) ;
	218	# Hope that ICA preamble is first 32 bytes
	219	}
	220
	221	# long application lists are delivered in multiple packets
	222
	223	my $buff2 = '' ;
	224	while ( $long_list && $select->can_read($Timeout) ) {
	225	$remote_host = $Udp->recv($buff2, BUFFER_SIZE, 0 );
	226	$buff .= $buff2 if $buff2 ;
	227	# $buff .= substr($buff2, 32) if $buff2 ;
	228	# Hope that ICA preamble is first 32 bytes
	229	}
	230
	231	last if $buff ;
	232	sleep 1 ;
	233
	234	} # while test_count
	235
	236	unless ( $buff ) {
	237	print "Failed. No response to application query datagram from ", $master_browser, ".\n" ;
	238	exit $ERRORS{CRITICAL} ;
	239	}
	240
	241	# we got a response from a couple of retries of the app query
	242
	243	($rport, $raddr) = sockaddr_in ( $remote_host );
	244	$rhost = gethostbyaddr ( $raddr, AF_INET );
	245	if ( $debug ) {
	246	print "$rhost:$rport responded to app query with: ",length($buff), " bytes\n";
	247	&dump($buff) ;
	248	} #debug
	249
	250	my $app_list = $buff ;
	251	# delete nulls in unicode
	252	# but only if there is unicode (usually from
	253	# broadcast query)
	254
	255	$app_list =~ s/(?:(\w\| \|-)\x00)/$1/g
	256	if $app_list =~ /(?:(?:(?:\w\| \|-)\x00){3,})/ ;
	257	# FIXME an application name is
	258	# 3 or more unicoded characters
	259
	260	# FIXME locale
	261	# extract null terminated strings
	262
	263	my (@clean_app_list, $clean_app_list) ;
	264	$clean_app_list = join(',', @clean_app_list = $app_list =~ m#([A-Za-z](?:\w\| \|-\|[��])+?(?=\x00))#g ) ;
	265
	266	# patch for German umlauts et al from Herr Mike Gerber.
	267
	268	# $clean_app_list = join(',', @clean_app_list = $app_list =~ m#([A-Z](?:\w\| \|-)+?(?=\x00))#g ) ;
	269
	270	# FIXME everyones apps don't start with caps
	271
	272	print qq(Received list of applications: "$clean_app_list".\n) if $debug ;
	273
	274	if ( scalar @crit_pub_apps and my @missing = &simple_diff(\@clean_app_list, \@crit_pub_apps) ) {
	275	print qq(Failed. "@missing" not found in list of published applications),
	276	qq( "$clean_app_list" from master browser "$master_browser".\n) ;
	277	exit $ERRORS{CRITICAL} ;
	278	}
	279
	280	if ( my @missing = &simple_diff(\@clean_app_list, \@warn_pub_apps) ) {
	281	print qq(Warning. "@missing" not found in list of published applications),
	282	qq( "$clean_app_list" from master browser "$master_browser".\n) ;
	283	exit $ERRORS{WARNING} ;
	284	}
	285
	286	my @x = (@crit_pub_apps, @warn_pub_apps) ;
	287	my $blah = ( scalar(@x) == 1 ? 'the published application "' . join(',', @x) . '" is available' :
	288	'the published applications "' . join(',', @x) . '" are available' ) ;
	289
	290	print qq(Ok. Citrix master browser "$master_browser" reported that $blah.\n) ;
	291	exit $ERRORS{OK} ;
	292
	293	# sleep $Timeout;
	294	# because otherwise we can get responses from
	295	# the WRONG servers. DOH
	296	close $Udp;
	297
	298
	299	sub print_usage () {
	300	print "Usage: $PROGNAME (-B <broadcast_address>\| -C <citrix_server>..) -W <pub_app1,pub_app2..> -P <pub_app1,pub_app2,>\n";
	301	}
	302
	303	sub print_help () {
	304	print_revision($PROGNAME,'$Revision$ ');
	305	print "Copyright (c) 2002 Ed Rolison/Tom De Blende/Karl DeBisschop/S Hopcroft
	306
	307	Perl Check Citrix plugin for NetSaint.
	308
	309	Returns OK if the Citrix master browser returns a 'published application' list that contain names specified by the -W or -P options
	310
	311	The plugin works by
	312	If the -B option is specified, sending a broadcast helo to find the address of the Citrix master browser in the specified subnet.
	313	return critical if there is no reply;
	314	Else if the -C option is specified
	315	send a direct helo to the specified server until there is a response (containing the address of the Citrix master browser)
	316
	317	Query the master browser (using a 'broadcast published applications query ' if -B) and compare the published applications returned
	318	to those specified by -W and -P options
	319
	320	return Critical if the published applications specified by -P is not a subset of the query responses;
	321	return Warning if the published applications specified by -W is not a subset of the query responses;
	322	return OK
	323
	324	";
	325	print_usage();
	326	print '
	327	-B, --broadcast_address=STRING
	328	The broadcast address that should contain Citrix master browser. This option takes precedence over -C.
	329	-C, --citrix_server:STRING
	330	Optional __name(s)__ of Citrix servers that could be the master browser (used when broadcast not possible).
	331	-L, --long_list
	332	Set this if you have heaps of published applications (ie more than will fit in _one_ UDP packet)
	333	-P, --crit_published_app=STRING
	334	Optional comma separated list of published application that must be in the response from the master browser.
	335	Check returns critical otherwise.
	336	-T, --packet-timeout:INTEGER
	337	Time to wait for UDP packets (default 1 sec).
	338	-W, --warn_published_app=STRING
	339	Optional comma separated list of published application that should be in the response from the master browser.
	340	Check returns warning otherwise.
	341	-d, --debug
	342	Debugging output.
	343	-h, --help
	344	This stuff.
	345
	346	';
	347	support();
	348	}
	349
	350	sub version () {
	351	print_revision($PROGNAME,'$Revision$ ');
	352	exit $ERRORS{'OK'};
	353	}
	354
	355	sub help () {
	356	print_help();
	357	exit $ERRORS{'OK'};
	358	}
	359
	360	sub dump {
	361	my ($x) = shift @_ ;
	362	my (@x, @y, $y, $i, $rowcount) ;
	363	my ($nr, $j, $number_in_row, $number_of_bytes) ;
	364	my $dump ;
	365
	366	$number_in_row = 16 ;
	367	$number_of_bytes = length $x ;
	368	$nr = 0 ;
	369
	370	# styled on tethereal.
	371
	372	foreach $j (1 .. int( $number_of_bytes / $number_in_row) ) {
	373	$y = substr($x, ($j - 1)*$number_in_row, $number_in_row) ;
	374	@y = unpack("C*", $y) ;
	375	$y =~ tr /\x00-\x19/./ ;
	376	$rowcount = sprintf("%4.4x", ($j - 1) * 0x10 ) ;
	377	$dump .= sprintf "%s %s %s\n", $rowcount, join(" ", map { sprintf "%2.2x", $_} @y), $y ;
	378	$nr++ ;
	379	}
	380
	381	if ( $number_of_bytes % $number_in_row > 0 ) {
	382	my $spaces_to_text = $number_in_row * 3 - 1 + 3 ;
	383	$rowcount = sprintf("%4.4x", $nr * 0x10 ) ;
	384	$y = substr($x, $nr * $number_in_row ) ;
	385	@y = unpack("C*", $y) ;
	386	my $bytes = join(" ", map { sprintf "%2.2x", $_} @y) ;
	387	my $spaces = ' ' x ($spaces_to_text - length($bytes)) ;
	388	$dump .= sprintf "%s %s%s%s\n", $rowcount, $bytes, $spaces, $y ;
	389	}
	390
	391	print $dump, "\n" ;
	392
	393	}
	394
	395	sub tethereal2list {
	396	my ($tethereal_dump, $start_byte) = @_ ;
	397
	398	# return an array containing qw(0xef 0xab 0x00 ...) from a tethereal trace.
	399	# skip all stuff until the first byte given by $start_byte.
	400
	401	return undef unless $tethereal_dump =~ /\d\d\d\d \S\S(?: \S\S){1,15}/ ;
	402
	403	my $hex_start_byte = hex($start_byte) ;
	404	my @x = $tethereal_dump =~ m#(.+)#g ;
	405	my @y = map unpack("x6 a47", $_), @x ;
	406	my @z = map { my $y = $_; $y =~ s/(\S\S)/hex($1)/eg; my @a = split(' ', $y); @a } @y ;
	407	shift @z, while $z[0] ne $hex_start_byte ;
	408
	409	@z ;
	410
	411	}
	412
	413	sub simple_diff {
	414
	415	my ( $a_list, $b_list) = @_ ;
	416
	417	# simple set difference 'Recipe 4.7 Perl Cookbook', Christiansen and Torkington
	418
	419	my (%seen, @missing) ;
	420
	421	@seen{@$a_list} = () ;
	422
	423	foreach my $item (@$b_list) {
	424	push @missing, $item unless exists $seen{$item} ;
	425	}
	426
	427	@missing ;
	428	}
	429
	430
	431