diff options
-rw-r--r-- | plugins/check_http.c | 86 |
1 files changed, 46 insertions, 40 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c index 306e4a2e..733388b8 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
@@ -177,7 +177,7 @@ int errcode; | |||
177 | #define HTTP_EXPECT "HTTP/1." | 177 | #define HTTP_EXPECT "HTTP/1." |
178 | #define HTTP_URL "/" | 178 | #define HTTP_URL "/" |
179 | 179 | ||
180 | char timestamp[10] = ""; | 180 | char timestamp[17] = ""; |
181 | int specify_port = FALSE; | 181 | int specify_port = FALSE; |
182 | int server_port = HTTP_PORT; | 182 | int server_port = HTTP_PORT; |
183 | char server_port_text[6] = ""; | 183 | char server_port_text[6] = ""; |
@@ -434,7 +434,7 @@ process_arguments (int argc, char **argv) | |||
434 | regexp[MAX_RE_SIZE - 1] = 0; | 434 | regexp[MAX_RE_SIZE - 1] = 0; |
435 | errcode = regcomp (&preg, regexp, cflags); | 435 | errcode = regcomp (&preg, regexp, cflags); |
436 | if (errcode != 0) { | 436 | if (errcode != 0) { |
437 | regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); | 437 | (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); |
438 | printf ("Could Not Compile Regular Expression: %s", errbuf); | 438 | printf ("Could Not Compile Regular Expression: %s", errbuf); |
439 | return ERROR; | 439 | return ERROR; |
440 | } | 440 | } |
@@ -530,7 +530,10 @@ check_http (void) | |||
530 | int i = 0; | 530 | int i = 0; |
531 | size_t pagesize = 0; | 531 | size_t pagesize = 0; |
532 | char *full_page = NULL; | 532 | char *full_page = NULL; |
533 | char *buf = NULL; | ||
533 | char *pos = NULL; | 534 | char *pos = NULL; |
535 | char *x = NULL; | ||
536 | char *orig_url = NULL; | ||
534 | 537 | ||
535 | /* try to connect to the host at the given port number */ | 538 | /* try to connect to the host at the given port number */ |
536 | #ifdef HAVE_SSL | 539 | #ifdef HAVE_SSL |
@@ -549,25 +552,25 @@ check_http (void) | |||
549 | return STATE_CRITICAL; | 552 | return STATE_CRITICAL; |
550 | } | 553 | } |
551 | 554 | ||
552 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url); | 555 | buf = ssprintf (buf, "%s %s HTTP/1.0\r\n", http_method, server_url); |
553 | if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { | 556 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { |
554 | ERR_print_errors_fp (stderr); | 557 | ERR_print_errors_fp (stderr); |
555 | return STATE_CRITICAL; | 558 | return STATE_CRITICAL; |
556 | } | 559 | } |
557 | 560 | ||
558 | /* optionally send the host header info (not clear if it's usable) */ | 561 | /* optionally send the host header info (not clear if it's usable) */ |
559 | if (strcmp (host_name, "")) { | 562 | if (strcmp (host_name, "")) { |
560 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name); | 563 | buf = ssprintf (buf, "Host: %s\r\n", host_name); |
561 | if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { | 564 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { |
562 | ERR_print_errors_fp (stderr); | 565 | ERR_print_errors_fp (stderr); |
563 | return STATE_CRITICAL; | 566 | return STATE_CRITICAL; |
564 | } | 567 | } |
565 | } | 568 | } |
566 | 569 | ||
567 | /* send user agent */ | 570 | /* send user agent */ |
568 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "User-Agent: check_http/%s (nagios-plugins %s)\r\n", | 571 | buf = ssprintf (buf, "User-Agent: check_http/%s (nagios-plugins %s)\r\n", |
569 | clean_revstring (REVISION), PACKAGE_VERSION); | 572 | clean_revstring (REVISION), PACKAGE_VERSION); |
570 | if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { | 573 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { |
571 | ERR_print_errors_fp (stderr); | 574 | ERR_print_errors_fp (stderr); |
572 | return STATE_CRITICAL; | 575 | return STATE_CRITICAL; |
573 | } | 576 | } |
@@ -575,8 +578,8 @@ check_http (void) | |||
575 | /* optionally send the authentication info */ | 578 | /* optionally send the authentication info */ |
576 | if (strcmp (user_auth, "")) { | 579 | if (strcmp (user_auth, "")) { |
577 | auth = base64 (user_auth, strlen (user_auth)); | 580 | auth = base64 (user_auth, strlen (user_auth)); |
578 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth); | 581 | buf = ssprintf (buf, "Authorization: Basic %s\r\n", auth); |
579 | if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { | 582 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { |
580 | ERR_print_errors_fp (stderr); | 583 | ERR_print_errors_fp (stderr); |
581 | return STATE_CRITICAL; | 584 | return STATE_CRITICAL; |
582 | } | 585 | } |
@@ -584,13 +587,13 @@ check_http (void) | |||
584 | 587 | ||
585 | /* optionally send http POST data */ | 588 | /* optionally send http POST data */ |
586 | if (http_post_data) { | 589 | if (http_post_data) { |
587 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n"); | 590 | buf = ssprintf (buf, "Content-Type: application/x-www-form-urlencoded\r\n"); |
588 | if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { | 591 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { |
589 | ERR_print_errors_fp (stderr); | 592 | ERR_print_errors_fp (stderr); |
590 | return STATE_CRITICAL; | 593 | return STATE_CRITICAL; |
591 | } | 594 | } |
592 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); | 595 | buf = ssprintf (buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); |
593 | if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { | 596 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { |
594 | ERR_print_errors_fp (stderr); | 597 | ERR_print_errors_fp (stderr); |
595 | return STATE_CRITICAL; | 598 | return STATE_CRITICAL; |
596 | } | 599 | } |
@@ -602,8 +605,8 @@ check_http (void) | |||
602 | } | 605 | } |
603 | 606 | ||
604 | /* send a newline so the server knows we're done with the request */ | 607 | /* send a newline so the server knows we're done with the request */ |
605 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n"); | 608 | buf = ssprintf (buf, "\r\n\r\n"); |
606 | if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { | 609 | if (SSL_write (ssl, buf, strlen (buf)) == -1) { |
607 | ERR_print_errors_fp (stderr); | 610 | ERR_print_errors_fp (stderr); |
608 | return STATE_CRITICAL; | 611 | return STATE_CRITICAL; |
609 | } | 612 | } |
@@ -615,44 +618,44 @@ check_http (void) | |||
615 | msg = ssprintf (msg, "Unable to open TCP socket"); | 618 | msg = ssprintf (msg, "Unable to open TCP socket"); |
616 | terminate (STATE_CRITICAL, msg); | 619 | terminate (STATE_CRITICAL, msg); |
617 | } | 620 | } |
618 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url); | 621 | buf = ssprintf (buf, "%s %s HTTP/1.0\r\n", http_method, server_url); |
619 | send (sd, buffer, strlen (buffer), 0); | 622 | send (sd, buf, strlen (buf), 0); |
620 | 623 | ||
621 | 624 | ||
622 | 625 | ||
623 | /* optionally send the host header info */ | 626 | /* optionally send the host header info */ |
624 | if (strcmp (host_name, "")) { | 627 | if (strcmp (host_name, "")) { |
625 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name); | 628 | buf = ssprintf (buf, "Host: %s\r\n", host_name); |
626 | send (sd, buffer, strlen (buffer), 0); | 629 | send (sd, buf, strlen (buf), 0); |
627 | } | 630 | } |
628 | 631 | ||
629 | /* send user agent */ | 632 | /* send user agent */ |
630 | snprintf (buffer, MAX_INPUT_BUFFER - 1, | 633 | buf = ssprintf (buf, |
631 | "User-Agent: check_http/%s (nagios-plugins %s)\r\n", | 634 | "User-Agent: check_http/%s (nagios-plugins %s)\r\n", |
632 | clean_revstring (REVISION), PACKAGE_VERSION); | 635 | clean_revstring (REVISION), PACKAGE_VERSION); |
633 | send (sd, buffer, strlen (buffer), 0); | 636 | send (sd, buf, strlen (buf), 0); |
634 | 637 | ||
635 | /* optionally send the authentication info */ | 638 | /* optionally send the authentication info */ |
636 | if (strcmp (user_auth, "")) { | 639 | if (strcmp (user_auth, "")) { |
637 | auth = base64 (user_auth, strlen (user_auth)); | 640 | auth = base64 (user_auth, strlen (user_auth)); |
638 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth); | 641 | buf = ssprintf (buf, "Authorization: Basic %s\r\n", auth); |
639 | send (sd, buffer, strlen (buffer), 0); | 642 | send (sd, buf, strlen (buf), 0); |
640 | } | 643 | } |
641 | 644 | ||
642 | /* optionally send http POST data */ | 645 | /* optionally send http POST data */ |
643 | /* written by Chris Henesy <lurker@shadowtech.org> */ | 646 | /* written by Chris Henesy <lurker@shadowtech.org> */ |
644 | if (http_post_data) { | 647 | if (http_post_data) { |
645 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n"); | 648 | buf = ssprintf (buf, "Content-Type: application/x-www-form-urlencoded\r\n"); |
646 | send (sd, buffer, strlen (buffer), 0); | 649 | send (sd, buf, strlen (buf), 0); |
647 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); | 650 | buf = ssprintf (buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); |
648 | send (sd, buffer, strlen (buffer), 0); | 651 | send (sd, buf, strlen (buf), 0); |
649 | http_post_data = strscat (http_post_data, "\r\n"); | 652 | http_post_data = strscat (http_post_data, "\r\n"); |
650 | send (sd, http_post_data, strlen (http_post_data), 0); | 653 | send (sd, http_post_data, strlen (http_post_data), 0); |
651 | } | 654 | } |
652 | 655 | ||
653 | /* send a newline so the server knows we're done with the request */ | 656 | /* send a newline so the server knows we're done with the request */ |
654 | snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n"); | 657 | buf = ssprintf (buf, "\r\n\r\n"); |
655 | send (sd, buffer, strlen (buffer), 0); | 658 | send (sd, buf, strlen (buf), 0); |
656 | #ifdef HAVE_SSL | 659 | #ifdef HAVE_SSL |
657 | } | 660 | } |
658 | #endif | 661 | #endif |
@@ -759,19 +762,20 @@ check_http (void) | |||
759 | strstr (status_line, "303") || | 762 | strstr (status_line, "303") || |
760 | strstr (status_line, "304")) { | 763 | strstr (status_line, "304")) { |
761 | if (onredirect == STATE_DEPENDENT) { | 764 | if (onredirect == STATE_DEPENDENT) { |
762 | 765 | ||
766 | orig_url = strscpy(NULL, server_url); | ||
763 | pos = header; | 767 | pos = header; |
764 | while (pos) { | 768 | while (pos) { |
765 | server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH); | 769 | server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH); |
766 | if (server_address == NULL) | 770 | if (server_address == NULL) |
767 | terminate (STATE_UNKNOWN, | 771 | terminate (STATE_UNKNOWN, |
768 | "HTTP UNKNOWN: could not allocate server_address"); | 772 | "HTTP UNKNOWN: could not allocate server_address"); |
769 | if (strspn (pos, "\r\n") > server_url_length) { | 773 | if (strcspn (pos, "\r\n") > server_url_length) { |
770 | server_url = realloc (server_url, strspn (pos, "\r\n")); | 774 | server_url = realloc (server_url, strcspn (pos, "\r\n")); |
771 | if (server_url == NULL) | 775 | if (server_url == NULL) |
772 | terminate (STATE_UNKNOWN, | 776 | terminate (STATE_UNKNOWN, |
773 | "HTTP UNKNOWN: could not allocate server_url"); | 777 | "HTTP UNKNOWN: could not allocate server_url"); |
774 | server_url_length = strspn (pos, "\r\n"); | 778 | server_url_length = strcspn (pos, "\r\n"); |
775 | } | 779 | } |
776 | if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) { | 780 | if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) { |
777 | host_name = strscpy (host_name, server_address); | 781 | host_name = strscpy (host_name, server_address); |
@@ -799,9 +803,13 @@ check_http (void) | |||
799 | server_port = server_port_check (use_ssl); | 803 | server_port = server_port_check (use_ssl); |
800 | check_http (); | 804 | check_http (); |
801 | } | 805 | } |
802 | else if (sscanf (pos, HDR_LOCATION URI_PATH, server_url) == 1) { | 806 | else if (sscanf (pos, HDR_LOCATION URI_PATH, server_url) == 1) { |
807 | if ((server_url[0] != '/') && (x = strrchr(orig_url, '/'))) { | ||
808 | *x = '\0'; | ||
809 | server_url = ssprintf (server_url, "%s/%s", orig_url, server_url); | ||
810 | } | ||
803 | check_http (); | 811 | check_http (); |
804 | } | 812 | } |
805 | pos += (size_t) strcspn (pos, "\r\n"); | 813 | pos += (size_t) strcspn (pos, "\r\n"); |
806 | pos += (size_t) strspn (pos, "\r\n"); | 814 | pos += (size_t) strspn (pos, "\r\n"); |
807 | } /* end while (pos) */ | 815 | } /* end while (pos) */ |
@@ -945,8 +953,6 @@ check_certificate (X509 ** certificate) | |||
945 | int offset; | 953 | int offset; |
946 | struct tm stamp; | 954 | struct tm stamp; |
947 | int days_left; | 955 | int days_left; |
948 | /* int result = STATE_OK; */ | ||
949 | /* char timestamp[14]; */ | ||
950 | 956 | ||
951 | 957 | ||
952 | /* Retrieve timestamp of certificate */ | 958 | /* Retrieve timestamp of certificate */ |
@@ -991,7 +997,7 @@ check_certificate (X509 ** certificate) | |||
991 | 997 | ||
992 | days_left = (mktime (&stamp) - time (NULL)) / 86400; | 998 | days_left = (mktime (&stamp) - time (NULL)) / 86400; |
993 | snprintf | 999 | snprintf |
994 | (timestamp, MAX_INPUT_BUFFER - 1, "%02d/%02d/%04d %02d:%02d", | 1000 | (timestamp, 16, "%02d/%02d/%04d %02d:%02d", |
995 | stamp.tm_mon + 1, | 1001 | stamp.tm_mon + 1, |
996 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); | 1002 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); |
997 | 1003 | ||