summaryrefslogtreecommitdiffstats
path: root/plugins/check_http.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_http.c')
-rw-r--r--plugins/check_http.c80
1 files changed, 59 insertions, 21 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 68b470ce..e5ef7cc4 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -91,10 +91,12 @@ struct timeval tv_temp;
91 91
92int specify_port = FALSE; 92int specify_port = FALSE;
93int server_port = HTTP_PORT; 93int server_port = HTTP_PORT;
94int virtual_port = 0;
94char server_port_text[6] = ""; 95char server_port_text[6] = "";
95char server_type[6] = "http"; 96char server_type[6] = "http";
96char *server_address; 97char *server_address;
97char *host_name; 98char *host_name;
99int host_name_length;
98char *server_url; 100char *server_url;
99char *user_agent; 101char *user_agent;
100int server_url_length; 102int server_url_length;
@@ -343,9 +345,20 @@ process_arguments (int argc, char **argv)
343 parameters, like -S and -C combinations */ 345 parameters, like -S and -C combinations */
344 use_ssl = TRUE; 346 use_ssl = TRUE;
345 if (c=='S' && optarg != NULL) { 347 if (c=='S' && optarg != NULL) {
346 ssl_version = atoi(optarg); 348 int got_plus = strchr(optarg, '+') != NULL;
347 if (ssl_version < 1 || ssl_version > 3) 349
348 usage4 (_("Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 (SSLv3)")); 350 if (!strncmp (optarg, "1.2", 3))
351 ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2;
352 else if (!strncmp (optarg, "1.1", 3))
353 ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1;
354 else if (optarg[0] == '1')
355 ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1;
356 else if (optarg[0] == '3')
357 ssl_version = got_plus ? MP_SSLv3_OR_NEWER : MP_SSLv3;
358 else if (optarg[0] == '2')
359 ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2;
360 else
361 usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)"));
349 } 362 }
350 if (specify_port == FALSE) 363 if (specify_port == FALSE)
351 server_port = HTTPS_PORT; 364 server_port = HTTPS_PORT;
@@ -380,11 +393,25 @@ process_arguments (int argc, char **argv)
380 case 'H': /* Host Name (virtual host) */ 393 case 'H': /* Host Name (virtual host) */
381 host_name = strdup (optarg); 394 host_name = strdup (optarg);
382 if (host_name[0] == '[') { 395 if (host_name[0] == '[') {
383 if ((p = strstr (host_name, "]:")) != NULL) /* [IPv6]:port */ 396 if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */
384 server_port = atoi (p + 2); 397 virtual_port = atoi (p + 2);
398 /* cut off the port */
399 host_name_length = strlen (host_name) - strlen (p) - 1;
400 free (host_name);
401 host_name = strndup (optarg, host_name_length);
402 if (specify_port == FALSE)
403 server_port = virtual_port;
404 }
385 } else if ((p = strchr (host_name, ':')) != NULL 405 } else if ((p = strchr (host_name, ':')) != NULL
386 && strchr (++p, ':') == NULL) /* IPv4:port or host:port */ 406 && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */
387 server_port = atoi (p); 407 virtual_port = atoi (p);
408 /* cut off the port */
409 host_name_length = strlen (host_name) - strlen (p) - 1;
410 free (host_name);
411 host_name = strndup (optarg, host_name_length);
412 if (specify_port == FALSE)
413 server_port = virtual_port;
414 }
388 break; 415 break;
389 case 'I': /* Server IP-address */ 416 case 'I': /* Server IP-address */
390 server_address = strdup (optarg); 417 server_address = strdup (optarg);
@@ -539,9 +566,12 @@ process_arguments (int argc, char **argv)
539 if (http_method == NULL) 566 if (http_method == NULL)
540 http_method = strdup ("GET"); 567 http_method = strdup ("GET");
541 568
542 if (client_cert && !client_privkey) 569 if (client_cert && !client_privkey)
543 usage4 (_("If you use a client certificate you must also specify a private key file")); 570 usage4 (_("If you use a client certificate you must also specify a private key file"));
544 571
572 if (virtual_port == 0)
573 virtual_port = server_port;
574
545 return TRUE; 575 return TRUE;
546} 576}
547 577
@@ -911,8 +941,8 @@ check_http (void)
911 elapsed_time_ssl = (double)microsec_ssl / 1.0e6; 941 elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
912 if (check_cert == TRUE) { 942 if (check_cert == TRUE) {
913 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 943 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
914 np_net_ssl_cleanup();
915 if (sd) close(sd); 944 if (sd) close(sd);
945 np_net_ssl_cleanup();
916 return result; 946 return result;
917 } 947 }
918 } 948 }
@@ -947,13 +977,13 @@ check_http (void)
947 * 14.23). Some server applications/configurations cause trouble if the 977 * 14.23). Some server applications/configurations cause trouble if the
948 * (default) port is explicitly specified in the "Host:" header line. 978 * (default) port is explicitly specified in the "Host:" header line.
949 */ 979 */
950 if ((use_ssl == FALSE && server_port == HTTP_PORT) || 980 if ((use_ssl == FALSE && virtual_port == HTTP_PORT) ||
951 (use_ssl == TRUE && server_port == HTTPS_PORT) || 981 (use_ssl == TRUE && virtual_port == HTTPS_PORT) ||
952 (server_address != NULL && strcmp(http_method, "CONNECT") == 0 982 (server_address != NULL && strcmp(http_method, "CONNECT") == 0
953 && host_name != NULL && use_ssl == TRUE)) 983 && host_name != NULL && use_ssl == TRUE))
954 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); 984 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
955 else 985 else
956 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port); 986 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
957 } 987 }
958 } 988 }
959 989
@@ -1011,6 +1041,10 @@ check_http (void)
1011 microsec_firstbyte = deltime (tv_temp); 1041 microsec_firstbyte = deltime (tv_temp);
1012 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; 1042 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
1013 } 1043 }
1044 while (pos = memchr(buffer, '\0', i)) {
1045 /* replace nul character with a blank */
1046 *pos = ' ';
1047 }
1014 buffer[i] = '\0'; 1048 buffer[i] = '\0';
1015 xasprintf (&full_page_new, "%s%s", full_page, buffer); 1049 xasprintf (&full_page_new, "%s%s", full_page, buffer);
1016 free (full_page); 1050 free (full_page);
@@ -1052,10 +1086,10 @@ check_http (void)
1052 die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); 1086 die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n"));
1053 1087
1054 /* close the connection */ 1088 /* close the connection */
1089 if (sd) close(sd);
1055#ifdef HAVE_SSL 1090#ifdef HAVE_SSL
1056 np_net_ssl_cleanup(); 1091 np_net_ssl_cleanup();
1057#endif 1092#endif
1058 if (sd) close(sd);
1059 1093
1060 /* Save check time */ 1094 /* Save check time */
1061 microsec = deltime (tv); 1095 microsec = deltime (tv);
@@ -1410,6 +1444,9 @@ redir (char *pos, char *status_line)
1410 MAX_PORT, server_type, server_address, server_port, server_url, 1444 MAX_PORT, server_type, server_address, server_port, server_url,
1411 display_html ? "</A>" : ""); 1445 display_html ? "</A>" : "");
1412 1446
1447 /* reset virtual port */
1448 virtual_port = server_port;
1449
1413 if (verbose) 1450 if (verbose)
1414 printf (_("Redirection to %s://%s:%d%s\n"), server_type, 1451 printf (_("Redirection to %s://%s:%d%s\n"), server_type,
1415 host_name ? host_name : server_address, server_port, server_url); 1452 host_name ? host_name : server_address, server_port, server_url);
@@ -1442,32 +1479,32 @@ char *perfd_time (double elapsed_time)
1442 return fperfdata ("time", elapsed_time, "s", 1479 return fperfdata ("time", elapsed_time, "s",
1443 thlds->warning?TRUE:FALSE, thlds->warning?thlds->warning->end:0, 1480 thlds->warning?TRUE:FALSE, thlds->warning?thlds->warning->end:0,
1444 thlds->critical?TRUE:FALSE, thlds->critical?thlds->critical->end:0, 1481 thlds->critical?TRUE:FALSE, thlds->critical?thlds->critical->end:0,
1445 TRUE, 0, FALSE, 0); 1482 TRUE, 0, TRUE, socket_timeout);
1446} 1483}
1447 1484
1448char *perfd_time_connect (double elapsed_time_connect) 1485char *perfd_time_connect (double elapsed_time_connect)
1449{ 1486{
1450 return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1487 return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1451} 1488}
1452 1489
1453char *perfd_time_ssl (double elapsed_time_ssl) 1490char *perfd_time_ssl (double elapsed_time_ssl)
1454{ 1491{
1455 return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1492 return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1456} 1493}
1457 1494
1458char *perfd_time_headers (double elapsed_time_headers) 1495char *perfd_time_headers (double elapsed_time_headers)
1459{ 1496{
1460 return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1497 return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1461} 1498}
1462 1499
1463char *perfd_time_firstbyte (double elapsed_time_firstbyte) 1500char *perfd_time_firstbyte (double elapsed_time_firstbyte)
1464{ 1501{
1465 return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1502 return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1466} 1503}
1467 1504
1468char *perfd_time_transfer (double elapsed_time_transfer) 1505char *perfd_time_transfer (double elapsed_time_transfer)
1469{ 1506{
1470 return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1507 return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1471} 1508}
1472 1509
1473char *perfd_size (int page_len) 1510char *perfd_size (int page_len)
@@ -1514,9 +1551,10 @@ print_help (void)
1514 printf (UT_IPv46); 1551 printf (UT_IPv46);
1515 1552
1516#ifdef HAVE_SSL 1553#ifdef HAVE_SSL
1517 printf (" %s\n", "-S, --ssl=VERSION"); 1554 printf (" %s\n", "-S, --ssl=VERSION[+]");
1518 printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); 1555 printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents"));
1519 printf (" %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3).")); 1556 printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
1557 printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted."));
1520 printf (" %s\n", "--sni"); 1558 printf (" %s\n", "--sni");
1521 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); 1559 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
1522 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); 1560 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");