diff options
-rw-r--r-- | plugins/check_curl.c | 70 |
1 files changed, 54 insertions, 16 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 1b9064e..209b449 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c | |||
@@ -96,6 +96,7 @@ char *critical_thresholds = NULL; | |||
96 | thresholds *thlds; | 96 | thresholds *thlds; |
97 | char user_agent[DEFAULT_BUFFER_SIZE]; | 97 | char user_agent[DEFAULT_BUFFER_SIZE]; |
98 | int verbose = 0; | 98 | int verbose = 0; |
99 | char *http_method = NULL; | ||
99 | CURL *curl; | 100 | CURL *curl; |
100 | struct curl_slist *header_list = NULL; | 101 | struct curl_slist *header_list = NULL; |
101 | curlhelp_curlbuf body_buf; | 102 | curlhelp_curlbuf body_buf; |
@@ -122,6 +123,7 @@ char *client_privkey = NULL; | |||
122 | char *ca_cert = NULL; | 123 | char *ca_cert = NULL; |
123 | 124 | ||
124 | int process_arguments (int, char**); | 125 | int process_arguments (int, char**); |
126 | int check_http (void); | ||
125 | void print_help (void); | 127 | void print_help (void); |
126 | void print_usage (void); | 128 | void print_usage (void); |
127 | void print_curl_version (void); | 129 | void print_curl_version (void); |
@@ -138,7 +140,7 @@ void test_file (char *); | |||
138 | int | 140 | int |
139 | main (int argc, char **argv) | 141 | main (int argc, char **argv) |
140 | { | 142 | { |
141 | int result = STATE_OK; | 143 | int result = STATE_UNKNOWN; |
142 | 144 | ||
143 | setlocale (LC_ALL, ""); | 145 | setlocale (LC_ALL, ""); |
144 | bindtextdomain (PACKAGE, LOCALEDIR); | 146 | bindtextdomain (PACKAGE, LOCALEDIR); |
@@ -155,6 +157,15 @@ main (int argc, char **argv) | |||
155 | if (process_arguments (argc, argv) == ERROR) | 157 | if (process_arguments (argc, argv) == ERROR) |
156 | usage4 (_("Could not parse arguments")); | 158 | usage4 (_("Could not parse arguments")); |
157 | 159 | ||
160 | result = check_http (); | ||
161 | return result; | ||
162 | } | ||
163 | |||
164 | int | ||
165 | check_http (void) | ||
166 | { | ||
167 | int result = STATE_OK; | ||
168 | |||
158 | /* initialize curl */ | 169 | /* initialize curl */ |
159 | if (curl_global_init (CURL_GLOBAL_DEFAULT) != CURLE_OK) | 170 | if (curl_global_init (CURL_GLOBAL_DEFAULT) != CURLE_OK) |
160 | die (STATE_UNKNOWN, "HTTP UNKNOWN - curl_global_init failed\n"); | 171 | die (STATE_UNKNOWN, "HTTP UNKNOWN - curl_global_init failed\n"); |
@@ -192,11 +203,26 @@ main (int argc, char **argv) | |||
192 | /* set port */ | 203 | /* set port */ |
193 | curl_easy_setopt (curl, CURLOPT_PORT, server_port); | 204 | curl_easy_setopt (curl, CURLOPT_PORT, server_port); |
194 | 205 | ||
195 | /* compose HTTP headers */ | 206 | /* set HTTP method */ |
207 | if (http_method) { | ||
208 | if (!strcmp(http_method, "POST")) | ||
209 | curl_easy_setopt (curl, CURLOPT_POST, 1); | ||
210 | else if (!strcmp(http_method, "PUT")) | ||
211 | curl_easy_setopt (curl, CURLOPT_PUT, 1); | ||
212 | curl_easy_setopt (curl, CURLOPT_CUSTOMREQUEST, http_method); | ||
213 | } | ||
214 | |||
215 | /* set hostname (virtual hosts) */ | ||
196 | snprintf (http_header, DEFAULT_BUFFER_SIZE, "Host: %s", host_name); | 216 | snprintf (http_header, DEFAULT_BUFFER_SIZE, "Host: %s", host_name); |
197 | header_list = curl_slist_append (header_list, http_header); | 217 | header_list = curl_slist_append (header_list, http_header); |
198 | curl_easy_setopt( curl, CURLOPT_HTTPHEADER, header_list ); | ||
199 | 218 | ||
219 | /* always close connection, be nice to servers */ | ||
220 | snprintf (http_header, DEFAULT_BUFFER_SIZE, "Connection: close"); | ||
221 | header_list = curl_slist_append (header_list, http_header); | ||
222 | |||
223 | /* set HTTP headers */ | ||
224 | curl_easy_setopt( curl, CURLOPT_HTTPHEADER, header_list ); | ||
225 | |||
200 | /* set SSL version, warn about unsecure or unsupported versions */ | 226 | /* set SSL version, warn about unsecure or unsupported versions */ |
201 | if (use_ssl) { | 227 | if (use_ssl) { |
202 | curl_easy_setopt (curl, CURLOPT_SSLVERSION, ssl_version); | 228 | curl_easy_setopt (curl, CURLOPT_SSLVERSION, ssl_version); |
@@ -407,7 +433,7 @@ test_file (char *path) | |||
407 | int | 433 | int |
408 | process_arguments (int argc, char **argv) | 434 | process_arguments (int argc, char **argv) |
409 | { | 435 | { |
410 | int c; | 436 | int c = 1; |
411 | 437 | ||
412 | enum { | 438 | enum { |
413 | INVERT_REGEX = CHAR_MAX + 1, | 439 | INVERT_REGEX = CHAR_MAX + 1, |
@@ -415,10 +441,12 @@ process_arguments (int argc, char **argv) | |||
415 | CA_CERT_OPTION | 441 | CA_CERT_OPTION |
416 | }; | 442 | }; |
417 | 443 | ||
418 | int option=0; | 444 | int option = 0; |
419 | static struct option longopts[] = { | 445 | static struct option longopts[] = { |
446 | STD_LONG_OPTS, | ||
420 | {"ssl", optional_argument, 0, 'S'}, | 447 | {"ssl", optional_argument, 0, 'S'}, |
421 | {"sni", no_argument, 0, SNI_OPTION}, | 448 | {"sni", no_argument, 0, SNI_OPTION}, |
449 | {"method", required_argument, 0, 'j'}, | ||
422 | {"IP-address", required_argument, 0, 'I'}, | 450 | {"IP-address", required_argument, 0, 'I'}, |
423 | {"url", required_argument, 0, 'u'}, | 451 | {"url", required_argument, 0, 'u'}, |
424 | {"port", required_argument, 0, 'p'}, | 452 | {"port", required_argument, 0, 'p'}, |
@@ -426,20 +454,20 @@ process_arguments (int argc, char **argv) | |||
426 | {"string", required_argument, 0, 's'}, | 454 | {"string", required_argument, 0, 's'}, |
427 | {"regex", required_argument, 0, 'r'}, | 455 | {"regex", required_argument, 0, 'r'}, |
428 | {"onredirect", required_argument, 0, 'f'}, | 456 | {"onredirect", required_argument, 0, 'f'}, |
457 | {"certificate", required_argument, 0, 'C'}, | ||
429 | {"client-cert", required_argument, 0, 'J'}, | 458 | {"client-cert", required_argument, 0, 'J'}, |
430 | {"private-key", required_argument, 0, 'K'}, | 459 | {"private-key", required_argument, 0, 'K'}, |
431 | {"ca-cert", required_argument, 0, CA_CERT_OPTION}, | 460 | {"ca-cert", required_argument, 0, CA_CERT_OPTION}, |
432 | {"useragent", required_argument, 0, 'A'}, | 461 | {"useragent", required_argument, 0, 'A'}, |
433 | {"invert-regex", no_argument, NULL, INVERT_REGEX}, | 462 | {"invert-regex", no_argument, NULL, INVERT_REGEX}, |
434 | {"certificate", required_argument, 0, 'C'}, | ||
435 | {0, 0, 0, 0} | 463 | {0, 0, 0, 0} |
436 | }; | 464 | }; |
437 | 465 | ||
438 | if (argc < 2) | 466 | if (argc < 2) |
439 | usage ("\n"); | 467 | return ERROR; |
440 | 468 | ||
441 | while (1) { | 469 | while (1) { |
442 | c = getopt_long (argc, argv, "Vvht:c:w:A:H:I:a:p:s:r:u:f:C:J:K:S::", longopts, &option); | 470 | c = getopt_long (argc, argv, "Vvht:c:w:A:H:j:I:a:p:s:r:u:f:C:J:K:S::", longopts, &option); |
443 | if (c == -1 || c == EOF || c == 1) | 471 | if (c == -1 || c == EOF || c == 1) |
444 | break; | 472 | break; |
445 | 473 | ||
@@ -490,6 +518,11 @@ process_arguments (int argc, char **argv) | |||
490 | strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1); | 518 | strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1); |
491 | user_auth[MAX_INPUT_BUFFER - 1] = 0; | 519 | user_auth[MAX_INPUT_BUFFER - 1] = 0; |
492 | break; | 520 | break; |
521 | case 'j': /* Set HTTP method */ | ||
522 | if (http_method) | ||
523 | free(http_method); | ||
524 | http_method = strdup (optarg); | ||
525 | break; | ||
493 | case 'A': /* useragent */ | 526 | case 'A': /* useragent */ |
494 | snprintf (user_agent, DEFAULT_BUFFER_SIZE, optarg); | 527 | snprintf (user_agent, DEFAULT_BUFFER_SIZE, optarg); |
495 | break; | 528 | break; |
@@ -612,8 +645,8 @@ process_arguments (int argc, char **argv) | |||
612 | if (verbose >= 2) | 645 | if (verbose >= 2) |
613 | printf ("* Socket timeout set to %d seconds\n", socket_timeout); | 646 | printf ("* Socket timeout set to %d seconds\n", socket_timeout); |
614 | 647 | ||
615 | //~ if (http_method == NULL) | 648 | if (http_method == NULL) |
616 | //~ http_method = strdup ("GET"); | 649 | http_method = strdup ("GET"); |
617 | 650 | ||
618 | if (client_cert && !client_privkey) | 651 | if (client_cert && !client_privkey) |
619 | usage4 (_("If you use a client certificate you must also specify a private key file")); | 652 | usage4 (_("If you use a client certificate you must also specify a private key file")); |
@@ -627,7 +660,7 @@ process_arguments (int argc, char **argv) | |||
627 | void | 660 | void |
628 | print_help (void) | 661 | print_help (void) |
629 | { | 662 | { |
630 | print_revision(progname, NP_VERSION); | 663 | print_revision (progname, NP_VERSION); |
631 | 664 | ||
632 | printf ("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); | 665 | printf ("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); |
633 | printf ("Copyright (c) 2017 Andreas Baumann <abaumann@yahoo.com>\n"); | 666 | printf ("Copyright (c) 2017 Andreas Baumann <abaumann@yahoo.com>\n"); |
@@ -643,7 +676,7 @@ print_help (void) | |||
643 | 676 | ||
644 | printf ("\n\n"); | 677 | printf ("\n\n"); |
645 | 678 | ||
646 | print_usage(); | 679 | print_usage (); |
647 | 680 | ||
648 | printf (_("NOTE: One or both of -H and -I must be specified")); | 681 | printf (_("NOTE: One or both of -H and -I must be specified")); |
649 | 682 | ||
@@ -691,6 +724,8 @@ print_help (void) | |||
691 | printf (" %s\n", _("String to expect in the content")); | 724 | printf (" %s\n", _("String to expect in the content")); |
692 | printf (" %s\n", "-u, --url=PATH"); | 725 | printf (" %s\n", "-u, --url=PATH"); |
693 | printf (" %s\n", _("URL to GET or POST (default: /)")); | 726 | printf (" %s\n", _("URL to GET or POST (default: /)")); |
727 | printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)"); | ||
728 | printf (" %s\n", _("Set HTTP method.")); | ||
694 | printf (" %s\n", "-r, --regex, --ereg=STRING"); | 729 | printf (" %s\n", "-r, --regex, --ereg=STRING"); |
695 | printf (" %s\n", _("Search page for regex STRING")); | 730 | printf (" %s\n", _("Search page for regex STRING")); |
696 | printf (" %s\n", "-a, --authorization=AUTH_PAIR"); | 731 | printf (" %s\n", "-a, --authorization=AUTH_PAIR"); |
@@ -726,26 +761,26 @@ print_help (void) | |||
726 | printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs.")); | 761 | printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs.")); |
727 | printf ("\n"); | 762 | printf ("\n"); |
728 | printf ("%s\n", _("Examples:")); | 763 | printf ("%s\n", _("Examples:")); |
729 | printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); | 764 | printf (" %s\n\n", "CHECK CONTENT: check_curl -w 5 -c 10 --ssl -H www.verisign.com"); |
730 | printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,")); | 765 | printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,")); |
731 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); | 766 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); |
732 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); | 767 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); |
733 | printf (" %s\n", _("a STATE_CRITICAL will be returned.")); | 768 | printf (" %s\n", _("a STATE_CRITICAL will be returned.")); |
734 | printf ("\n"); | 769 | printf ("\n"); |
735 | printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); | 770 | printf (" %s\n\n", "CHECK CERTIFICATE: check_curl -H www.verisign.com -C 14"); |
736 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); | 771 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); |
737 | printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); | 772 | printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); |
738 | printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); | 773 | printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); |
739 | printf (" %s\n\n", _("the certificate is expired.")); | 774 | printf (" %s\n\n", _("the certificate is expired.")); |
740 | printf ("\n"); | 775 | printf ("\n"); |
741 | printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); | 776 | printf (" %s\n\n", "CHECK CERTIFICATE: check_curl -H www.verisign.com -C 30,14"); |
742 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); | 777 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); |
743 | printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); | 778 | printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); |
744 | printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); | 779 | printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); |
745 | printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); | 780 | printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); |
746 | 781 | ||
747 | printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); | 782 | printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); |
748 | printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); | 783 | printf (" %s\n", _("check_curl -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); |
749 | printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); | 784 | printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); |
750 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); | 785 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); |
751 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); | 786 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); |
@@ -754,8 +789,11 @@ print_help (void) | |||
754 | #endif | 789 | #endif |
755 | 790 | ||
756 | printf (UT_SUPPORT); | 791 | printf (UT_SUPPORT); |
792 | |||
757 | } | 793 | } |
758 | 794 | ||
795 | |||
796 | |||
759 | void | 797 | void |
760 | print_usage (void) | 798 | print_usage (void) |
761 | { | 799 | { |