summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.travis.yml6
-rw-r--r--NEWS1
-rw-r--r--THANKS.in1
-rw-r--r--doc/RELEASING6
-rw-r--r--perlmods/Monitoring-Plugin-0.37.tar.gzbin62278 -> 0 bytes
-rw-r--r--perlmods/Monitoring-Plugin-0.39.tar.gzbin0 -> 62733 bytes
-rw-r--r--plugins-root/check_icmp.c5
-rwxr-xr-xplugins-scripts/check_breeze.pl1
-rwxr-xr-xplugins-scripts/check_disk_smb.pl1
-rwxr-xr-xplugins-scripts/check_file_age.pl1
-rwxr-xr-xplugins-scripts/check_flexlm.pl1
-rwxr-xr-xplugins-scripts/check_ifoperstatus.pl1
-rwxr-xr-xplugins-scripts/check_ifstatus.pl1
-rwxr-xr-xplugins-scripts/check_ircd.pl1
-rwxr-xr-xplugins-scripts/check_mailq.pl1
-rwxr-xr-xplugins-scripts/check_mssql.pl1
-rwxr-xr-xplugins-scripts/check_netdns.pl3
-rwxr-xr-xplugins-scripts/check_rpc.pl1
-rwxr-xr-xplugins-scripts/check_wave.pl1
-rw-r--r--plugins/check_fping.c2
-rw-r--r--plugins/check_http.c45
-rw-r--r--plugins/check_ldap.c95
-rw-r--r--plugins/check_snmp.c3
-rw-r--r--plugins/check_tcp.c3
-rw-r--r--plugins/sslutils.c33
-rw-r--r--plugins/t/NPTest.cache.travis4
-rw-r--r--plugins/t/check_http.t43
-rw-r--r--plugins/t/check_ldap.t80
-rwxr-xr-xplugins/tests/check_snmp.t22
-rw-r--r--plugins/utils.c40
30 files changed, 337 insertions, 66 deletions
diff --git a/.travis.yml b/.travis.yml
index 2275be3..c892eb2 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -9,13 +9,15 @@ before_install:
9 9
10install: 10install:
11 - sudo apt-get install -qq --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev libmysqlclient-dev libfreeradius-client-dev libkrb5-dev libnet-snmp-perl procps 11 - sudo apt-get install -qq --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev libmysqlclient-dev libfreeradius-client-dev libkrb5-dev libnet-snmp-perl procps
12 - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader 12 - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd
13 - sudo apt-get install -qq --no-install-recommends fping snmp netcat smbclient fping pure-ftpd apache2 postfix libhttp-daemon-ssl-perl 13 - sudo apt-get install -qq --no-install-recommends fping snmp netcat smbclient fping pure-ftpd apache2 postfix libhttp-daemon-ssl-perl
14 - sudo apt-get install -qq --no-install-recommends slapd ldap-utils
14 - sudo apt-get install -qq --no-install-recommends autoconf automake 15 - sudo apt-get install -qq --no-install-recommends autoconf automake
16 - sudo apt-get install -qq --no-install-recommends faketime
15 17
16before_script: 18before_script:
17 - tools/setup 19 - tools/setup
18 - ./configure 20 - ./configure --enable-libtap
19 - make 21 - make
20 - export NPTEST_CACHE="$(pwd)/plugins/t/NPTest.cache.travis" 22 - export NPTEST_CACHE="$(pwd)/plugins/t/NPTest.cache.travis"
21 - ssh-keygen -t dsa -N "" -f ~/.ssh/id_dsa 23 - ssh-keygen -t dsa -N "" -f ~/.ssh/id_dsa
diff --git a/NEWS b/NEWS
index b3d2f1f..1a4aead 100644
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,7 @@ This file documents the major additions and syntax changes between releases.
8 New check_nt "-l" parameters: seconds|minutes|hours|days 8 New check_nt "-l" parameters: seconds|minutes|hours|days
9 Make sure check_disk won't hang on hanging (network) file systems 9 Make sure check_disk won't hang on hanging (network) file systems
10 New check_mailq -s option which tells the plugin to use sudo(8) 10 New check_mailq -s option which tells the plugin to use sudo(8)
11 New -W/-C option for check_ldap to check number of entries (Gerhard Lausser)
11 12
12 FIXES 13 FIXES
13 Let check_real terminate lines with CRLF when talking to the server, as 14 Let check_real terminate lines with CRLF when talking to the server, as
diff --git a/THANKS.in b/THANKS.in
index 9a9ca3f..59c90fe 100644
--- a/THANKS.in
+++ b/THANKS.in
@@ -335,3 +335,4 @@ Jonas Genannt
335Nick Peelman 335Nick Peelman
336Sebastian Herbszt 336Sebastian Herbszt
337Christopher Schultz 337Christopher Schultz
338Matthias Hähnel
diff --git a/doc/RELEASING b/doc/RELEASING
index eee53d7..30c81cc 100644
--- a/doc/RELEASING
+++ b/doc/RELEASING
@@ -19,15 +19,15 @@ git push origin master
19git push origin v2.1.1 19git push origin v2.1.1
20 20
21*** Checkout new version 21*** Checkout new version
22rm -fr /tmp/monitoringlug 22rm -fr /tmp/monitoringplug
23# If you need to checkout the tag, don't forget to "checkout master" later to 23# If you need to checkout the tag, don't forget to "checkout master" later to
24# get back to your development branch: 24# get back to your development branch:
25git checkout tags/v2.1.1 25git checkout tags/v2.1.1
26# Beware: the trailing slash of --prefix is REQUIRED 26# Beware: the trailing slash of --prefix is REQUIRED
27git checkout-index --prefix=/tmp/monitoringlug/ -a 27git checkout-index --prefix=/tmp/monitoringplug/ -a
28 28
29*** Build the tarball 29*** Build the tarball
30cd /tmp/monitoringlug 30cd /tmp/monitoringplug
31tools/setup 31tools/setup
32./configure 32./configure
33make dist 33make dist
diff --git a/perlmods/Monitoring-Plugin-0.37.tar.gz b/perlmods/Monitoring-Plugin-0.37.tar.gz
deleted file mode 100644
index bb6fe69..0000000
--- a/perlmods/Monitoring-Plugin-0.37.tar.gz
+++ /dev/null
Binary files differ
diff --git a/perlmods/Monitoring-Plugin-0.39.tar.gz b/perlmods/Monitoring-Plugin-0.39.tar.gz
new file mode 100644
index 0000000..7a35d9e
--- /dev/null
+++ b/perlmods/Monitoring-Plugin-0.39.tar.gz
Binary files differ
diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c
index 3982def..f420837 100644
--- a/plugins-root/check_icmp.c
+++ b/plugins-root/check_icmp.c
@@ -880,7 +880,12 @@ send_icmp_ping(int sock, struct rta_host *host)
880 hdr.msg_iov = &iov; 880 hdr.msg_iov = &iov;
881 hdr.msg_iovlen = 1; 881 hdr.msg_iovlen = 1;
882 882
883/* MSG_CONFIRM is a linux thing and only available on linux kernels >= 2.3.15, see send(2) */
884#ifdef MSG_CONFIRM
883 len = sendmsg(sock, &hdr, MSG_CONFIRM); 885 len = sendmsg(sock, &hdr, MSG_CONFIRM);
886#else
887 len = sendmsg(sock, &hdr, 0);
888#endif
884 889
885 if(len < 0 || (unsigned int)len != icmp_pkt_size) { 890 if(len < 0 || (unsigned int)len != icmp_pkt_size) {
886 if(debug) printf("Failed to send ping to %s\n", 891 if(debug) printf("Failed to send ping to %s\n",
diff --git a/plugins-scripts/check_breeze.pl b/plugins-scripts/check_breeze.pl
index 1a3aceb..12a60ee 100755
--- a/plugins-scripts/check_breeze.pl
+++ b/plugins-scripts/check_breeze.pl
@@ -6,7 +6,6 @@ use Getopt::Long;
6use vars qw($opt_V $opt_h $opt_w $opt_c $opt_H $opt_C $PROGNAME); 6use vars qw($opt_V $opt_h $opt_w $opt_c $opt_H $opt_C $PROGNAME);
7use FindBin; 7use FindBin;
8use lib "$FindBin::Bin"; 8use lib "$FindBin::Bin";
9use lib '@libexecdir@';
10use utils qw(%ERRORS &print_revision &support &usage); 9use utils qw(%ERRORS &print_revision &support &usage);
11 10
12$PROGNAME = "check_breeze"; 11$PROGNAME = "check_breeze";
diff --git a/plugins-scripts/check_disk_smb.pl b/plugins-scripts/check_disk_smb.pl
index 4805434..99948a4 100755
--- a/plugins-scripts/check_disk_smb.pl
+++ b/plugins-scripts/check_disk_smb.pl
@@ -26,7 +26,6 @@ use vars qw($opt_P $opt_V $opt_h $opt_H $opt_s $opt_W $opt_u $opt_p $opt_w $opt_
26use vars qw($PROGNAME); 26use vars qw($PROGNAME);
27use FindBin; 27use FindBin;
28use lib "$FindBin::Bin"; 28use lib "$FindBin::Bin";
29use lib '@libexecdir@';
30use utils qw($TIMEOUT %ERRORS &print_revision &support &usage); 29use utils qw($TIMEOUT %ERRORS &print_revision &support &usage);
31 30
32sub print_help (); 31sub print_help ();
diff --git a/plugins-scripts/check_file_age.pl b/plugins-scripts/check_file_age.pl
index 4415fdf..15330f7 100755
--- a/plugins-scripts/check_file_age.pl
+++ b/plugins-scripts/check_file_age.pl
@@ -27,7 +27,6 @@ use File::stat;
27use vars qw($PROGNAME); 27use vars qw($PROGNAME);
28use FindBin; 28use FindBin;
29use lib "$FindBin::Bin"; 29use lib "$FindBin::Bin";
30use lib '@libexecdir@';
31use utils qw (%ERRORS &print_revision &support); 30use utils qw (%ERRORS &print_revision &support);
32 31
33sub print_help (); 32sub print_help ();
diff --git a/plugins-scripts/check_flexlm.pl b/plugins-scripts/check_flexlm.pl
index 5f3ed59..49d674d 100755
--- a/plugins-scripts/check_flexlm.pl
+++ b/plugins-scripts/check_flexlm.pl
@@ -37,7 +37,6 @@ use Getopt::Long;
37use vars qw($opt_V $opt_h $opt_F $opt_t $verbose $PROGNAME); 37use vars qw($opt_V $opt_h $opt_F $opt_t $verbose $PROGNAME);
38use FindBin; 38use FindBin;
39use lib "$FindBin::Bin"; 39use lib "$FindBin::Bin";
40use lib '@libexecdir@';
41use utils qw(%ERRORS &print_revision &support &usage); 40use utils qw(%ERRORS &print_revision &support &usage);
42 41
43$PROGNAME="check_flexlm"; 42$PROGNAME="check_flexlm";
diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl
index cf2c7b5..1a7fbba 100755
--- a/plugins-scripts/check_ifoperstatus.pl
+++ b/plugins-scripts/check_ifoperstatus.pl
@@ -37,7 +37,6 @@ use POSIX;
37use strict; 37use strict;
38use FindBin; 38use FindBin;
39use lib "$FindBin::Bin"; 39use lib "$FindBin::Bin";
40use lib '@libexecdir@';
41use utils qw($TIMEOUT %ERRORS &print_revision &support); 40use utils qw($TIMEOUT %ERRORS &print_revision &support);
42 41
43use Net::SNMP; 42use Net::SNMP;
diff --git a/plugins-scripts/check_ifstatus.pl b/plugins-scripts/check_ifstatus.pl
index 6ec71d1..2c76d0c 100755
--- a/plugins-scripts/check_ifstatus.pl
+++ b/plugins-scripts/check_ifstatus.pl
@@ -35,7 +35,6 @@ use POSIX;
35use strict; 35use strict;
36use FindBin; 36use FindBin;
37use lib "$FindBin::Bin"; 37use lib "$FindBin::Bin";
38use lib '@libexecdir@';
39use utils qw($TIMEOUT %ERRORS &print_revision &support); 38use utils qw($TIMEOUT %ERRORS &print_revision &support);
40 39
41use Net::SNMP; 40use Net::SNMP;
diff --git a/plugins-scripts/check_ircd.pl b/plugins-scripts/check_ircd.pl
index 6d40cf5..afedfb9 100755
--- a/plugins-scripts/check_ircd.pl
+++ b/plugins-scripts/check_ircd.pl
@@ -51,7 +51,6 @@ use vars qw($opt_V $opt_h $opt_t $opt_p $opt_H $opt_w $opt_c $verbose);
51use vars qw($PROGNAME); 51use vars qw($PROGNAME);
52use FindBin; 52use FindBin;
53use lib "$FindBin::Bin"; 53use lib "$FindBin::Bin";
54use lib '@libexecdir@';
55use utils qw($TIMEOUT %ERRORS &print_revision &support &usage); 54use utils qw($TIMEOUT %ERRORS &print_revision &support &usage);
56 55
57# ----------------------------------------------------[ Function Prototypes ]-- 56# ----------------------------------------------------[ Function Prototypes ]--
diff --git a/plugins-scripts/check_mailq.pl b/plugins-scripts/check_mailq.pl
index 417c4bf..3086e94 100755
--- a/plugins-scripts/check_mailq.pl
+++ b/plugins-scripts/check_mailq.pl
@@ -33,7 +33,6 @@ use vars qw($opt_V $opt_h $opt_v $verbose $PROGNAME $opt_w $opt_c $opt_t $opt_s
33 %srcdomains %dstdomains); 33 %srcdomains %dstdomains);
34use FindBin; 34use FindBin;
35use lib "$FindBin::Bin"; 35use lib "$FindBin::Bin";
36use lib '@libexecdir@';
37use utils qw(%ERRORS &print_revision &support &usage ); 36use utils qw(%ERRORS &print_revision &support &usage );
38 37
39my ($sudo); 38my ($sudo);
diff --git a/plugins-scripts/check_mssql.pl b/plugins-scripts/check_mssql.pl
index 1f38788..a436a8f 100755
--- a/plugins-scripts/check_mssql.pl
+++ b/plugins-scripts/check_mssql.pl
@@ -31,7 +31,6 @@ use DBD::Sybase;
31use Getopt::Long; 31use Getopt::Long;
32use FindBin; 32use FindBin;
33use lib "$FindBin::Bin"; 33use lib "$FindBin::Bin";
34use lib '@libexecdir@';
35use utils qw($TIMEOUT %ERRORS &print_revision &support); 34use utils qw($TIMEOUT %ERRORS &print_revision &support);
36use strict; 35use strict;
37 36
diff --git a/plugins-scripts/check_netdns.pl b/plugins-scripts/check_netdns.pl
index 59c81a9..af1456b 100755
--- a/plugins-scripts/check_netdns.pl
+++ b/plugins-scripts/check_netdns.pl
@@ -29,8 +29,7 @@ use Getopt::Long;
29use Net::DNS; 29use Net::DNS;
30use FindBin; 30use FindBin;
31use lib "$FindBin::Bin"; 31use lib "$FindBin::Bin";
32use lib '@libexecdir@'; 32use utils;
33use utils ;
34 33
35my $PROGNAME = "check_netdns"; 34my $PROGNAME = "check_netdns";
36 35
diff --git a/plugins-scripts/check_rpc.pl b/plugins-scripts/check_rpc.pl
index b1c6147..cbdeceb 100755
--- a/plugins-scripts/check_rpc.pl
+++ b/plugins-scripts/check_rpc.pl
@@ -22,7 +22,6 @@
22use strict; 22use strict;
23use FindBin; 23use FindBin;
24use lib "$FindBin::Bin"; 24use lib "$FindBin::Bin";
25use lib '@libexecdir@';
26use utils qw($TIMEOUT %ERRORS &print_revision &support); 25use utils qw($TIMEOUT %ERRORS &print_revision &support);
27use vars qw($PROGNAME); 26use vars qw($PROGNAME);
28my ($verbose,@proto,%prognum,$host,$response,$prognum,$port,$cmd,$progver,$state); 27my ($verbose,@proto,%prognum,$host,$response,$prognum,$port,$cmd,$progver,$state);
diff --git a/plugins-scripts/check_wave.pl b/plugins-scripts/check_wave.pl
index ee0fda4..979416e 100755
--- a/plugins-scripts/check_wave.pl
+++ b/plugins-scripts/check_wave.pl
@@ -5,7 +5,6 @@
5use strict; 5use strict;
6use FindBin; 6use FindBin;
7use lib "$FindBin::Bin"; 7use lib "$FindBin::Bin";
8use lib '@libexecdir@';
9use utils qw($TIMEOUT %ERRORS &print_revision &support); 8use utils qw($TIMEOUT %ERRORS &print_revision &support);
10use vars qw($PROGNAME); 9use vars qw($PROGNAME);
11use Getopt::Long; 10use Getopt::Long;
diff --git a/plugins/check_fping.c b/plugins/check_fping.c
index 46046b4..274dd75 100644
--- a/plugins/check_fping.c
+++ b/plugins/check_fping.c
@@ -105,7 +105,7 @@ main (int argc, char **argv)
105 xasprintf(&option_string, "%s-I %s ", option_string, sourceif); 105 xasprintf(&option_string, "%s-I %s ", option_string, sourceif);
106 106
107#ifdef PATH_TO_FPING6 107#ifdef PATH_TO_FPING6
108 if (address_family == AF_INET6) 108 if (address_family != AF_INET && is_inet6_addr(server))
109 fping_prog = strdup(PATH_TO_FPING6); 109 fping_prog = strdup(PATH_TO_FPING6);
110 else 110 else
111 fping_prog = strdup(PATH_TO_FPING); 111 fping_prog = strdup(PATH_TO_FPING);
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 5167997..2437406 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -875,11 +875,35 @@ check_http (void)
875 if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) 875 if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
876 die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); 876 die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
877 microsec_connect = deltime (tv_temp); 877 microsec_connect = deltime (tv_temp);
878
879 /* if we are called with the -I option, the -j method is CONNECT and */
880 /* we received -S for SSL, then we tunnel the request through a proxy*/
881 /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
882
883 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
884 && host_name != NULL && use_ssl == TRUE) {
885
886 if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
887 asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
888 asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf);
889 asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
890 /* we finished our request, send empty line with CRLF */
891 asprintf (&buf, "%s%s", buf, CRLF);
892 if (verbose) printf ("%s\n", buf);
893 send(sd, buf, strlen (buf), 0);
894 buf[0]='\0';
895
896 if (verbose) printf ("Receive response from proxy\n");
897 read (sd, buffer, MAX_INPUT_BUFFER-1);
898 if (verbose) printf ("%s", buffer);
899 /* Here we should check if we got HTTP/1.1 200 Connection established */
900 }
878#ifdef HAVE_SSL 901#ifdef HAVE_SSL
879 elapsed_time_connect = (double)microsec_connect / 1.0e6; 902 elapsed_time_connect = (double)microsec_connect / 1.0e6;
880 if (use_ssl == TRUE) { 903 if (use_ssl == TRUE) {
881 gettimeofday (&tv_temp, NULL); 904 gettimeofday (&tv_temp, NULL);
882 result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); 905 result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
906 if (verbose) printf ("SSL initialized\n");
883 if (result != STATE_OK) 907 if (result != STATE_OK)
884 die (STATE_CRITICAL, NULL); 908 die (STATE_CRITICAL, NULL);
885 microsec_ssl = deltime (tv_temp); 909 microsec_ssl = deltime (tv_temp);
@@ -893,7 +917,11 @@ check_http (void)
893 } 917 }
894#endif /* HAVE_SSL */ 918#endif /* HAVE_SSL */
895 919
896 xasprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 920 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
921 && host_name != NULL && use_ssl == TRUE)
922 asprintf (&buf, "%s %s %s\r\n%s\r\n", "GET", server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
923 else
924 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
897 925
898 /* tell HTTP/1.1 servers not to keep the connection alive */ 926 /* tell HTTP/1.1 servers not to keep the connection alive */
899 xasprintf (&buf, "%sConnection: close\r\n", buf); 927 xasprintf (&buf, "%sConnection: close\r\n", buf);
@@ -906,7 +934,9 @@ check_http (void)
906 * (default) port is explicitly specified in the "Host:" header line. 934 * (default) port is explicitly specified in the "Host:" header line.
907 */ 935 */
908 if ((use_ssl == FALSE && server_port == HTTP_PORT) || 936 if ((use_ssl == FALSE && server_port == HTTP_PORT) ||
909 (use_ssl == TRUE && server_port == HTTPS_PORT)) 937 (use_ssl == TRUE && server_port == HTTPS_PORT) ||
938 ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
939 && host_name != NULL && use_ssl == TRUE))
910 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); 940 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
911 else 941 else
912 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port); 942 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port);
@@ -1496,7 +1526,7 @@ print_help (void)
1496 printf (" %s\n", _("URL to GET or POST (default: /)")); 1526 printf (" %s\n", _("URL to GET or POST (default: /)"));
1497 printf (" %s\n", "-P, --post=STRING"); 1527 printf (" %s\n", "-P, --post=STRING");
1498 printf (" %s\n", _("URL encoded http POST data")); 1528 printf (" %s\n", _("URL encoded http POST data"));
1499 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE)"); 1529 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)");
1500 printf (" %s\n", _("Set HTTP method.")); 1530 printf (" %s\n", _("Set HTTP method."));
1501 printf (" %s\n", "-N, --no-body"); 1531 printf (" %s\n", "-N, --no-body");
1502 printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); 1532 printf (" %s\n", _("Don't wait for document body: stop reading after headers."));
@@ -1570,7 +1600,7 @@ print_help (void)
1570 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); 1600 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));
1571 printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); 1601 printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
1572 printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); 1602 printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));
1573 printf (" %s\n", _("the certificate is expired.")); 1603 printf (" %s\n\n", _("the certificate is expired."));
1574 printf ("\n"); 1604 printf ("\n");
1575 printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); 1605 printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
1576 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); 1606 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,"));
@@ -1578,6 +1608,13 @@ print_help (void)
1578 printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); 1608 printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned."));
1579 printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); 1609 printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days"));
1580 1610
1611 printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
1612 printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com "));
1613 printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>"));
1614 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
1615 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
1616 printf (" %s\n", _("a STATE_CRITICAL will be returned."));
1617
1581#endif 1618#endif
1582 1619
1583 printf (UT_SUPPORT); 1620 printf (UT_SUPPORT);
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c
index c371be9..cfc8222 100644
--- a/plugins/check_ldap.c
+++ b/plugins/check_ldap.c
@@ -1,29 +1,29 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2*
3* Monitoring check_ldap plugin 3* Monitoring check_ldap plugin
4* 4*
5* License: GPL 5* License: GPL
6* Copyright (c) 2000-2008 Monitoring Plugins Development Team 6* Copyright (c) 2000-2008 Monitoring Plugins Development Team
7* 7*
8* Description: 8* Description:
9* 9*
10* This file contains the check_ldap plugin 10* This file contains the check_ldap plugin
11* 11*
12* 12*
13* This program is free software: you can redistribute it and/or modify 13* This program is free software: you can redistribute it and/or modify
14* it under the terms of the GNU General Public License as published by 14* it under the terms of the GNU General Public License as published by
15* the Free Software Foundation, either version 3 of the License, or 15* the Free Software Foundation, either version 3 of the License, or
16* (at your option) any later version. 16* (at your option) any later version.
17* 17*
18* This program is distributed in the hope that it will be useful, 18* This program is distributed in the hope that it will be useful,
19* but WITHOUT ANY WARRANTY; without even the implied warranty of 19* but WITHOUT ANY WARRANTY; without even the implied warranty of
20* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21* GNU General Public License for more details. 21* GNU General Public License for more details.
22* 22*
23* You should have received a copy of the GNU General Public License 23* You should have received a copy of the GNU General Public License
24* along with this program. If not, see <http://www.gnu.org/licenses/>. 24* along with this program. If not, see <http://www.gnu.org/licenses/>.
25* 25*
26* 26*
27*****************************************************************************/ 27*****************************************************************************/
28 28
29/* progname may be check_ldaps */ 29/* progname may be check_ldaps */
@@ -67,7 +67,10 @@ int ld_protocol = DEFAULT_PROTOCOL;
67#endif 67#endif
68double warn_time = UNDEFINED; 68double warn_time = UNDEFINED;
69double crit_time = UNDEFINED; 69double crit_time = UNDEFINED;
70thresholds *entries_thresholds = NULL;
70struct timeval tv; 71struct timeval tv;
72char* warn_entries = NULL;
73char* crit_entries = NULL;
71int starttls = FALSE; 74int starttls = FALSE;
72int ssl_on_connect = FALSE; 75int ssl_on_connect = FALSE;
73int verbose = 0; 76int verbose = 0;
@@ -94,6 +97,12 @@ main (int argc, char *argv[])
94 int tls; 97 int tls;
95 int version=3; 98 int version=3;
96 99
100 /* for entry counting */
101
102 LDAPMessage *next_entry;
103 int status_entries = STATE_OK;
104 int num_entries = 0;
105
97 setlocale (LC_ALL, ""); 106 setlocale (LC_ALL, "");
98 bindtextdomain (PACKAGE, LOCALEDIR); 107 bindtextdomain (PACKAGE, LOCALEDIR);
99 textdomain (PACKAGE); 108 textdomain (PACKAGE);
@@ -197,12 +206,14 @@ main (int argc, char *argv[])
197 } 206 }
198 207
199 /* do a search of all objectclasses in the base dn */ 208 /* do a search of all objectclasses in the base dn */
200 if (ldap_search_s (ld, ld_base, LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) 209 if (ldap_search_s (ld, ld_base, (crit_entries!=NULL || warn_entries!=NULL) ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result)
201 != LDAP_SUCCESS) { 210 != LDAP_SUCCESS) {
202 if (verbose) 211 if (verbose)
203 ldap_perror(ld, "ldap_search"); 212 ldap_perror(ld, "ldap_search");
204 printf (_("Could not search/find objectclasses in %s\n"), ld_base); 213 printf (_("Could not search/find objectclasses in %s\n"), ld_base);
205 return STATE_CRITICAL; 214 return STATE_CRITICAL;
215 } else if (crit_entries!=NULL || warn_entries!=NULL) {
216 num_entries = ldap_count_entries(ld, result);
206 } 217 }
207 218
208 /* unbind from the ldap server */ 219 /* unbind from the ldap server */
@@ -223,14 +234,42 @@ main (int argc, char *argv[])
223 else 234 else
224 status = STATE_OK; 235 status = STATE_OK;
225 236
237 if(entries_thresholds != NULL) {
238 if (verbose) {
239 printf ("entries found: %d\n", num_entries);
240 print_thresholds("entry threasholds", entries_thresholds);
241 }
242 status_entries = get_status(num_entries, entries_thresholds);
243 if (status_entries == STATE_CRITICAL) {
244 status = STATE_CRITICAL;
245 } else if (status != STATE_CRITICAL) {
246 status = status_entries;
247 }
248 }
249
226 /* print out the result */ 250 /* print out the result */
227 printf (_("LDAP %s - %.3f seconds response time|%s\n"), 251 if (crit_entries!=NULL || warn_entries!=NULL) {
228 state_text (status), 252 printf (_("LDAP %s - found %d entries in %.3f seconds|%s %s\n"),
229 elapsed_time, 253 state_text (status),
230 fperfdata ("time", elapsed_time, "s", 254 num_entries,
231 (int)warn_time, warn_time, 255 elapsed_time,
232 (int)crit_time, crit_time, 256 fperfdata ("time", elapsed_time, "s",
233 TRUE, 0, FALSE, 0)); 257 (int)warn_time, warn_time,
258 (int)crit_time, crit_time,
259 TRUE, 0, FALSE, 0),
260 sperfdata ("entries", (double)num_entries, "",
261 warn_entries,
262 crit_entries,
263 TRUE, 0.0, FALSE, 0.0));
264 } else {
265 printf (_("LDAP %s - %.3f seconds response time|%s\n"),
266 state_text (status),
267 elapsed_time,
268 fperfdata ("time", elapsed_time, "s",
269 (int)warn_time, warn_time,
270 (int)crit_time, crit_time,
271 TRUE, 0, FALSE, 0));
272 }
234 273
235 return status; 274 return status;
236} 275}
@@ -263,6 +302,8 @@ process_arguments (int argc, char **argv)
263 {"port", required_argument, 0, 'p'}, 302 {"port", required_argument, 0, 'p'},
264 {"warn", required_argument, 0, 'w'}, 303 {"warn", required_argument, 0, 'w'},
265 {"crit", required_argument, 0, 'c'}, 304 {"crit", required_argument, 0, 'c'},
305 {"warn-entries", required_argument, 0, 'W'},
306 {"crit-entries", required_argument, 0, 'C'},
266 {"verbose", no_argument, 0, 'v'}, 307 {"verbose", no_argument, 0, 'v'},
267 {0, 0, 0, 0} 308 {0, 0, 0, 0}
268 }; 309 };
@@ -276,7 +317,7 @@ process_arguments (int argc, char **argv)
276 } 317 }
277 318
278 while (1) { 319 while (1) {
279 c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:", longopts, &option); 320 c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option);
280 321
281 if (c == -1 || c == EOF) 322 if (c == -1 || c == EOF)
282 break; 323 break;
@@ -318,6 +359,12 @@ process_arguments (int argc, char **argv)
318 case 'c': 359 case 'c':
319 crit_time = strtod (optarg, NULL); 360 crit_time = strtod (optarg, NULL);
320 break; 361 break;
362 case 'W':
363 warn_entries = optarg;
364 break;
365 case 'C':
366 crit_entries = optarg;
367 break;
321#ifdef HAVE_LDAP_SET_OPTION 368#ifdef HAVE_LDAP_SET_OPTION
322 case '2': 369 case '2':
323 ld_protocol = 2; 370 ld_protocol = 2;
@@ -381,6 +428,10 @@ validate_arguments ()
381 if (ld_base==NULL) 428 if (ld_base==NULL)
382 usage4 (_("Please specify the LDAP base\n")); 429 usage4 (_("Please specify the LDAP base\n"));
383 430
431 if (crit_entries!=NULL || warn_entries!=NULL) {
432 set_thresholds(&entries_thresholds,
433 warn_entries, crit_entries);
434 }
384 return OK; 435 return OK;
385} 436}
386 437
@@ -430,6 +481,11 @@ print_help (void)
430 481
431 printf (UT_WARN_CRIT); 482 printf (UT_WARN_CRIT);
432 483
484 printf (" %s\n", "-W [--warn-entries]");
485 printf (" %s\n", _("Number of found entries to result in warning status"));
486 printf (" %s\n", "-W [--crit-entries]");
487 printf (" %s\n", _("Number of found entries to result in critical status"));
488
433 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 489 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
434 490
435 printf (UT_VERBOSE); 491 printf (UT_VERBOSE);
@@ -441,6 +497,7 @@ print_help (void)
441 printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called.")); 497 printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called."));
442 printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags")); 498 printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags"));
443 printf (" %s\n", _("to define the behaviour explicitly instead.")); 499 printf (" %s\n", _("to define the behaviour explicitly instead."));
500 printf (" %s\n", _("The parameters --warn-entries and --crit-entries are optional."));
444 501
445 printf (UT_SUPPORT); 502 printf (UT_SUPPORT);
446} 503}
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c
index 9d966fa..62e6b8b 100644
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -418,6 +418,9 @@ main (int argc, char **argv)
418 else if (strstr (response, "INTEGER: ")) { 418 else if (strstr (response, "INTEGER: ")) {
419 show = strstr (response, "INTEGER: ") + 9; 419 show = strstr (response, "INTEGER: ") + 9;
420 } 420 }
421 else if (strstr (response, "OID: ")) {
422 show = strstr (response, "OID: ") + 5;
423 }
421 else if (strstr (response, "STRING: ")) { 424 else if (strstr (response, "STRING: ")) {
422 show = strstr (response, "STRING: ") + 8; 425 show = strstr (response, "STRING: ") + 8;
423 conv = "%.10g"; 426 conv = "%.10g";
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 63f9fd9..a18c37a 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -577,7 +577,8 @@ process_arguments (int argc, char **argv)
577 if ((temp=strchr(optarg,','))!=NULL) { 577 if ((temp=strchr(optarg,','))!=NULL) {
578 *temp='\0'; 578 *temp='\0';
579 if (!is_intnonneg (optarg)) 579 if (!is_intnonneg (optarg))
580 usage2 (_("Invalid certificate expiration period"), optarg); days_till_exp_warn = atoi(optarg); 580 usage2 (_("Invalid certificate expiration period"), optarg);
581 days_till_exp_warn = atoi (optarg);
581 *temp=','; 582 *temp=',';
582 temp++; 583 temp++;
583 if (!is_intnonneg (temp)) 584 if (!is_intnonneg (temp))
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index d0ae474..c9882c6 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -144,7 +144,9 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
144# ifdef USE_OPENSSL 144# ifdef USE_OPENSSL
145 X509 *certificate=NULL; 145 X509 *certificate=NULL;
146 X509_NAME *subj=NULL; 146 X509_NAME *subj=NULL;
147 char timestamp[50] = "";
147 char cn[MAX_CN_LENGTH]= ""; 148 char cn[MAX_CN_LENGTH]= "";
149
148 int cnlen =-1; 150 int cnlen =-1;
149 int status=STATE_UNKNOWN; 151 int status=STATE_UNKNOWN;
150 152
@@ -153,7 +155,7 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
153 struct tm stamp; 155 struct tm stamp;
154 float time_left; 156 float time_left;
155 int days_left; 157 int days_left;
156 char timestamp[50] = ""; 158 int time_remaining;
157 time_t tm_t; 159 time_t tm_t;
158 160
159 certificate=SSL_get_peer_certificate(s); 161 certificate=SSL_get_peer_certificate(s);
@@ -207,7 +209,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
207 (tm->data[6 + offset] - '0') * 10 + (tm->data[7 + offset] - '0'); 209 (tm->data[6 + offset] - '0') * 10 + (tm->data[7 + offset] - '0');
208 stamp.tm_min = 210 stamp.tm_min =
209 (tm->data[8 + offset] - '0') * 10 + (tm->data[9 + offset] - '0'); 211 (tm->data[8 + offset] - '0') * 10 + (tm->data[9 + offset] - '0');
210 stamp.tm_sec = 0; 212 stamp.tm_sec =
213 (tm->data[10 + offset] - '0') * 10 + (tm->data[11 + offset] - '0');
211 stamp.tm_isdst = -1; 214 stamp.tm_isdst = -1;
212 215
213 time_left = difftime(timegm(&stamp), time(NULL)); 216 time_left = difftime(timegm(&stamp), time(NULL));
@@ -218,21 +221,35 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
218 if (days_left > 0 && days_left <= days_till_exp_warn) { 221 if (days_left > 0 && days_left <= days_till_exp_warn) {
219 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); 222 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp);
220 if (days_left > days_till_exp_crit) 223 if (days_left > days_till_exp_crit)
221 return STATE_WARNING; 224 status = STATE_WARNING;
222 else 225 else
223 return STATE_CRITICAL; 226 status = STATE_CRITICAL;
227 } else if (days_left == 0 && time_left > 0) {
228 if (time_left >= 3600)
229 time_remaining = (int) time_left / 3600;
230 else
231 time_remaining = (int) time_left / 60;
232
233 printf (_("%s - Certificate '%s' expires in %u %s (%s)\n"),
234 (days_left>days_till_exp_crit) ? "WARNING" : "CRITICAL", cn, time_remaining,
235 time_left >= 3600 ? "hours" : "minutes", timestamp);
236
237 if ( days_left > days_till_exp_crit)
238 status = STATE_WARNING;
239 else
240 status = STATE_CRITICAL;
224 } else if (time_left < 0) { 241 } else if (time_left < 0) {
225 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); 242 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp);
226 status=STATE_CRITICAL; 243 status=STATE_CRITICAL;
227 } else if (days_left == 0) { 244 } else if (days_left == 0) {
228 printf (_("%s - Certificate '%s' expires today (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp); 245 printf (_("%s - Certificate '%s' just expired (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp);
229 if (days_left > days_till_exp_crit) 246 if (days_left > days_till_exp_crit)
230 return STATE_WARNING; 247 status = STATE_WARNING;
231 else 248 else
232 return STATE_CRITICAL; 249 status = STATE_CRITICAL;
233 } else { 250 } else {
234 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); 251 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp);
235 status=STATE_OK; 252 status = STATE_OK;
236 } 253 }
237 X509_free(certificate); 254 X509_free(certificate);
238 return status; 255 return status;
diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis
index 4ebfb90..fe8aabd 100644
--- a/plugins/t/NPTest.cache.travis
+++ b/plugins/t/NPTest.cache.travis
@@ -17,13 +17,15 @@
17 'NP_HOST_HPJD_PORT_INVALID' => '161', 17 'NP_HOST_HPJD_PORT_INVALID' => '161',
18 'NP_HOST_HPJD_PORT_VALID' => '', 18 'NP_HOST_HPJD_PORT_VALID' => '',
19 'NP_HOST_TCP_HTTP' => 'localhost', 19 'NP_HOST_TCP_HTTP' => 'localhost',
20 'NP_HOST_TCP_HTTP2' => 'labs.consol.de', 20 'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org',
21 'NP_HOST_TCP_IMAP' => 'imap.web.de', 21 'NP_HOST_TCP_IMAP' => 'imap.web.de',
22 'NP_HOST_TCP_LDAP' => 'localhost',
22 'NP_HOST_TCP_POP' => 'pop.web.de', 23 'NP_HOST_TCP_POP' => 'pop.web.de',
23 'NP_HOST_TCP_SMTP' => 'localhost', 24 'NP_HOST_TCP_SMTP' => 'localhost',
24 'NP_HOST_TCP_SMTP_NOTLS' => '', 25 'NP_HOST_TCP_SMTP_NOTLS' => '',
25 'NP_HOST_TCP_SMTP_TLS' => '', 26 'NP_HOST_TCP_SMTP_TLS' => '',
26 'NP_INTERNET_ACCESS' => 'yes', 27 'NP_INTERNET_ACCESS' => 'yes',
28 'NP_LDAP_BASE_DN' => 'cn=admin,dc=nodomain',
27 'NP_MOUNTPOINT2_VALID' => '', 29 'NP_MOUNTPOINT2_VALID' => '',
28 'NP_MOUNTPOINT_VALID' => '/', 30 'NP_MOUNTPOINT_VALID' => '/',
29 'NP_MYSQL_SERVER' => 'localhost', 31 'NP_MYSQL_SERVER' => 'localhost',
diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t
index 2539a28..c2caec6 100644
--- a/plugins/t/check_http.t
+++ b/plugins/t/check_http.t
@@ -6,9 +6,10 @@
6 6
7use strict; 7use strict;
8use Test::More; 8use Test::More;
9use POSIX qw/mktime strftime/;
9use NPTest; 10use NPTest;
10 11
11plan tests => 30; 12plan tests => 42;
12 13
13my $successOutput = '/OK.*HTTP.*second/'; 14my $successOutput = '/OK.*HTTP.*second/';
14 15
@@ -34,6 +35,8 @@ my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2",
34 "A host providing an index page containing the string 'monitoring'", 35 "A host providing an index page containing the string 'monitoring'",
35 "test.monitoring-plugins.org" ); 36 "test.monitoring-plugins.org" );
36 37
38my $faketime = -x '/usr/bin/faketime' ? 1 : 0;
39
37 40
38$res = NPTest->testCmd( 41$res = NPTest->testCmd(
39 "./check_http $host_tcp_http -wt 300 -ct 600" 42 "./check_http $host_tcp_http -wt 300 -ct 600"
@@ -47,10 +50,10 @@ $res = NPTest->testCmd(
47like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); 50like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" );
48 51
49$res = NPTest->testCmd( 52$res = NPTest->testCmd(
50 "./check_http $host_nonresponsive -wt 1 -ct 2" 53 "./check_http $host_nonresponsive -wt 1 -ct 2 -t 3"
51 ); 54 );
52cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); 55cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" );
53cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 10 seconds", "Output OK"); 56cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK");
54 57
55$res = NPTest->testCmd( 58$res = NPTest->testCmd(
56 "./check_http $hostname_invalid -wt 1 -ct 2" 59 "./check_http $hostname_invalid -wt 1 -ct 2"
@@ -112,6 +115,40 @@ SKIP: {
112 $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" ); 115 $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" );
113 cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); 116 cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works");
114 117
118 # run some certificate checks with faketime
119 SKIP: {
120 skip "No faketime binary found", 12 if !$faketime;
121 $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 www.verisign.com");
122 like($res->output, qr/OK - Certificate 'www.verisign.com' will expire on/, "Catch cert output");
123 is( $res->return_code, 0, "Catch cert output exit code" );
124 my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)\./);
125 if(!defined $year) {
126 die("parsing date failed from: ".$res);
127 }
128 my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11};
129 my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900);
130 my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts));
131 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_http -C 1 www.verisign.com");
132 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' just expired/, "Output on expire date");
133 is( $res->return_code, 2, "Output on expire date" );
134
135 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_http -C 1 www.verisign.com");
136 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 0 minutes/, "cert expires in 1 second output");
137 is( $res->return_code, 2, "cert expires in 1 second exit code" );
138
139 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_http -C 1 www.verisign.com");
140 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 minutes/, "cert expires in 2 minutes output");
141 is( $res->return_code, 2, "cert expires in 2 minutes exit code" );
142
143 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_http -C 1 www.verisign.com");
144 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 hours/, "cert expires in 2 hours output");
145 is( $res->return_code, 2, "cert expires in 2 hours exit code" );
146
147 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_http -C 1 www.verisign.com");
148 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expired on/, "Certificate expired output");
149 is( $res->return_code, 2, "Certificate expired exit code" );
150 };
151
115 $res = NPTest->testCmd( "./check_http --ssl www.verisign.com -E" ); 152 $res = NPTest->testCmd( "./check_http --ssl www.verisign.com -E" );
116 like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); 153 like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' );
117 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); 154 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' );
diff --git a/plugins/t/check_ldap.t b/plugins/t/check_ldap.t
new file mode 100644
index 0000000..b8944d4
--- /dev/null
+++ b/plugins/t/check_ldap.t
@@ -0,0 +1,80 @@
1#!/usr/bin/env perl -I ..
2#
3# Lightweight Directory Access Protocol (LDAP) Test via check_ldap
4#
5#
6
7use strict;
8use warnings;
9use Test::More;
10use NPTest;
11
12my $host_tcp_ldap = getTestParameter("NP_HOST_TCP_LDAP",
13 "A host providing the LDAP Service",
14 "localhost" );
15
16my $ldap_base_dn = getTestParameter("NP_LDAP_BASE_DN",
17 "A base dn for the LDAP Service",
18 "cn=admin" );
19
20my $host_nonresponsive = getTestParameter("host_nonresponsive", "NP_HOST_NONRESPONSIVE", "10.0.0.1",
21 "The hostname of system not responsive to network requests" );
22
23my $hostname_invalid = getTestParameter("hostname_invalid", "NP_HOSTNAME_INVALID", "nosuchhost",
24 "An invalid (not known to DNS) hostname" );
25
26my($result, $cmd);
27my $command = './check_ldap';
28
29plan tests => 16;
30
31SKIP: {
32 skip "NP_HOST_NONRESPONSIVE not set", 2 if ! $host_nonresponsive;
33
34 $result = NPTest->testCmd("$command -H $host_nonresponsive -b ou=blah -t 2 -w 1 -c 1");
35 is( $result->return_code, 2, "$command -H $host_nonresponsive -b ou=blah -t 5 -w 2 -c 3" );
36 is( $result->output, 'CRITICAL - Socket timeout after 2 seconds', "output ok" );
37};
38
39SKIP: {
40 skip "NP_HOSTNAME_INVALID not set", 2 if ! $hostname_invalid;
41
42 $result = NPTest->testCmd("$command -H $hostname_invalid -b ou=blah -t 5");
43 is( $result->return_code, 2, "$command -H $hostname_invalid -b ou=blah -t 5" );
44 is( $result->output, 'Could not bind to the LDAP server', "output ok" );
45};
46
47SKIP: {
48 skip "NP_HOST_TCP_LDAP not set", 12 if ! $host_tcp_ldap;
49 skip "NP_LDAP_BASE_DN not set", 12 if ! $ldap_base_dn;
50
51 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3";
52 $result = NPTest->testCmd($cmd);
53 is( $result->return_code, 0, $cmd );
54 like( $result->output, '/^LDAP OK - \d+.\d+ seconds response time\|time=\d+\.\d+s;2\.0+;3\.0+;0\.0+$/', "output ok" );
55
56 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000 -C 10000001";
57 $result = NPTest->testCmd($cmd);
58 is( $result->return_code, 0, $cmd );
59 like( $result->output, '/^LDAP OK - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000;10000001;0\.0+$/', "output ok" );
60
61 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000: -C 10000001:";
62 $result = NPTest->testCmd($cmd);
63 is( $result->return_code, 2, $cmd );
64 like( $result->output, '/^LDAP CRITICAL - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000:;10000001:;0\.0+$/', "output ok" );
65
66 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 0 -C 0";
67 $result = NPTest->testCmd($cmd);
68 is( $result->return_code, 2, $cmd );
69 like( $result->output, '/^LDAP CRITICAL - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;0;0;0\.0+$/', "output ok" );
70
71 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000: -C 10000001";
72 $result = NPTest->testCmd($cmd);
73 is( $result->return_code, 1, $cmd );
74 like( $result->output, '/^LDAP WARNING - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000:;10000001;0\.0+$/', "output ok" );
75
76 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -C 10000001";
77 $result = NPTest->testCmd($cmd);
78 is( $result->return_code, 0, $cmd );
79 like( $result->output, '/^LDAP OK - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;;10000001;0\.0+$/', "output ok" );
80};
diff --git a/plugins/tests/check_snmp.t b/plugins/tests/check_snmp.t
index 2fd033d..73a68b2 100755
--- a/plugins/tests/check_snmp.t
+++ b/plugins/tests/check_snmp.t
@@ -128,7 +128,7 @@ sleep 1;
128 128
129$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); 129$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
130is($res->return_code, 1, "WARNING - due to going above rate calculation" ); 130is($res->return_code, 1, "WARNING - due to going above rate calculation" );
131is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666 "); 131is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666;600 ");
132 132
133$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); 133$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
134is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" ); 134is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" );
@@ -209,7 +209,7 @@ is($res->output, 'SNMP OK - "stringtests" | ', "OK as inverted string no match"
209 209
210$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.12 -w 4:5" ); 210$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.12 -w 4:5" );
211is($res->return_code, 1, "Numeric in string test" ); 211is($res->return_code, 1, "Numeric in string test" );
212is($res->output, 'SNMP WARNING - *3.5* | iso.3.6.1.4.1.8072.3.2.67.12=3.5 ', "WARNING threshold checks for string masquerading as number" ); 212is($res->output, 'SNMP WARNING - *3.5* | iso.3.6.1.4.1.8072.3.2.67.12=3.5;4:5 ', "WARNING threshold checks for string masquerading as number" );
213 213
214$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.13" ); 214$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.13" );
215is($res->return_code, 0, "Not really numeric test" ); 215is($res->return_code, 0, "Not really numeric test" );
@@ -225,29 +225,29 @@ is($res->output, 'SNMP OK - "CUSTOM CHECK OK: foo is 12345" | ', "String check w
225 225
226$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); 226$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" );
227is($res->return_code, 0, "Negative integer check OK" ); 227is($res->return_code, 0, "Negative integer check OK" );
228is($res->output, 'SNMP OK - -2 | iso.3.6.1.4.1.8072.3.2.67.16=-2 ', "Negative integer check OK output" ); 228is($res->output, 'SNMP OK - -2 | iso.3.6.1.4.1.8072.3.2.67.16=-2;-2:;-3: ', "Negative integer check OK output" );
229 229
230$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); 230$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" );
231is($res->return_code, 1, "Negative integer check WARNING" ); 231is($res->return_code, 1, "Negative integer check WARNING" );
232is($res->output, 'SNMP WARNING - *-3* | iso.3.6.1.4.1.8072.3.2.67.16=-3 ', "Negative integer check WARNING output" ); 232is($res->output, 'SNMP WARNING - *-3* | iso.3.6.1.4.1.8072.3.2.67.16=-3;-2:;-3: ', "Negative integer check WARNING output" );
233 233
234$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); 234$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" );
235is($res->return_code, 2, "Negative integer check CRITICAL" ); 235is($res->return_code, 2, "Negative integer check CRITICAL" );
236is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.16=-4 ', "Negative integer check CRITICAL output" ); 236is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.16=-4;-2:;-3: ', "Negative integer check CRITICAL output" );
237 237
238$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -3: -c -6:" ); 238$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -3: -c -6:" );
239is($res->return_code, 1, "Negative integer as string, WARNING" ); 239is($res->return_code, 1, "Negative integer as string, WARNING" );
240is($res->output, 'SNMP WARNING - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4 ', "Negative integer as string, WARNING output" ); 240is($res->output, 'SNMP WARNING - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4;-3:;-6: ', "Negative integer as string, WARNING output" );
241 241
242$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -2: -c -3:" ); 242$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -2: -c -3:" );
243is($res->return_code, 2, "Negative integer as string, CRITICAL" ); 243is($res->return_code, 2, "Negative integer as string, CRITICAL" );
244is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4 ', "Negative integer as string, CRITICAL output" ); 244is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4;-2:;-3: ', "Negative integer as string, CRITICAL output" );
245 245
246$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -c ~:-6.5" ); 246$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -c '~:-6.5'" );
247is($res->return_code, 0, "Negative float OK" ); 247is($res->return_code, 0, "Negative float OK" );
248is($res->output, 'SNMP OK - -6.6 | iso.3.6.1.4.1.8072.3.2.67.18=-6.6 ', "Negative float OK output" ); 248is($res->output, 'SNMP OK - -6.6 | iso.3.6.1.4.1.8072.3.2.67.18=-6.6;;~:-6.5 ', "Negative float OK output" );
249 249
250$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -w ~:-6.65 -c ~:-6.55" ); 250$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -w '~:-6.65' -c '~:-6.55'" );
251is($res->return_code, 1, "Negative float WARNING" ); 251is($res->return_code, 1, "Negative float WARNING" );
252is($res->output, 'SNMP WARNING - *-6.6* | iso.3.6.1.4.1.8072.3.2.67.18=-6.6 ', "Negative float WARNING output" ); 252is($res->output, 'SNMP WARNING - *-6.6* | iso.3.6.1.4.1.8072.3.2.67.18=-6.6;~:-6.65;~:-6.55 ', "Negative float WARNING output" );
253 253
diff --git a/plugins/utils.c b/plugins/utils.c
index 4b3c0c8..a864e4a 100644
--- a/plugins/utils.c
+++ b/plugins/utils.c
@@ -628,3 +628,43 @@ char *fperfdata (const char *label,
628 628
629 return data; 629 return data;
630} 630}
631
632char *sperfdata (const char *label,
633 double val,
634 const char *uom,
635 char *warn,
636 char *crit,
637 int minp,
638 double minv,
639 int maxp,
640 double maxv)
641{
642 char *data = NULL;
643 if (strpbrk (label, "'= "))
644 xasprintf (&data, "'%s'=", label);
645 else
646 xasprintf (&data, "%s=", label);
647
648 xasprintf (&data, "%s%f", data, val);
649 xasprintf (&data, "%s%s;", data, uom);
650
651 if (warn!=NULL)
652 xasprintf (&data, "%s%s", data, warn);
653
654 xasprintf (&data, "%s;", data);
655
656 if (crit!=NULL)
657 xasprintf (&data, "%s%s", data, crit);
658
659 xasprintf (&data, "%s;", data);
660
661 if (minp)
662 xasprintf (&data, "%s%f", data, minv);
663
664 if (maxp) {
665 xasprintf (&data, "%s;", data);
666 xasprintf (&data, "%s%f", data, maxv);
667 }
668
669 return data;
670}