summaryrefslogtreecommitdiffstats
path: root/plugins/check_http.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_http.c')
-rw-r--r--plugins/check_http.c430
1 files changed, 316 insertions, 114 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 86a36c20..718c8ee7 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -31,13 +31,14 @@
31* 31*
32*****************************************************************************/ 32*****************************************************************************/
33 33
34/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */
35
36const char *progname = "check_http"; 34const char *progname = "check_http";
37const char *copyright = "1999-2013"; 35const char *copyright = "1999-2022";
38const char *email = "devel@monitoring-plugins.org"; 36const char *email = "devel@monitoring-plugins.org";
39 37
38// Do NOT sort those headers, it will break the build
39// TODO: Fix this
40#include "common.h" 40#include "common.h"
41#include "base64.h"
41#include "netutils.h" 42#include "netutils.h"
42#include "utils.h" 43#include "utils.h"
43#include "base64.h" 44#include "base64.h"
@@ -52,11 +53,13 @@ enum {
52 MAX_IPV4_HOSTLENGTH = 255, 53 MAX_IPV4_HOSTLENGTH = 255,
53 HTTP_PORT = 80, 54 HTTP_PORT = 80,
54 HTTPS_PORT = 443, 55 HTTPS_PORT = 443,
55 MAX_PORT = 65535 56 MAX_PORT = 65535,
57 DEFAULT_MAX_REDIRS = 15
56}; 58};
57 59
58#ifdef HAVE_SSL 60#ifdef HAVE_SSL
59int check_cert = FALSE; 61bool check_cert = false;
62bool continue_after_check_cert = false;
60int ssl_version = 0; 63int ssl_version = 0;
61int days_till_exp_warn, days_till_exp_crit; 64int days_till_exp_warn, days_till_exp_crit;
62char *randbuff; 65char *randbuff;
@@ -67,12 +70,12 @@ X509 *server_cert;
67# define my_recv(buf, len) read(sd, buf, len) 70# define my_recv(buf, len) read(sd, buf, len)
68# define my_send(buf, len) send(sd, buf, len, 0) 71# define my_send(buf, len) send(sd, buf, len, 0)
69#endif /* HAVE_SSL */ 72#endif /* HAVE_SSL */
70int no_body = FALSE; 73bool no_body = false;
71int maximum_age = -1; 74int maximum_age = -1;
72 75
73enum { 76enum {
74 REGS = 2, 77 REGS = 2,
75 MAX_RE_SIZE = 256 78 MAX_RE_SIZE = 1024
76}; 79};
77#include "regex.h" 80#include "regex.h"
78regex_t preg; 81regex_t preg;
@@ -89,7 +92,7 @@ struct timeval tv_temp;
89#define HTTP_URL "/" 92#define HTTP_URL "/"
90#define CRLF "\r\n" 93#define CRLF "\r\n"
91 94
92int specify_port = FALSE; 95bool specify_port = false;
93int server_port = HTTP_PORT; 96int server_port = HTTP_PORT;
94int virtual_port = 0; 97int virtual_port = 0;
95char server_port_text[6] = ""; 98char server_port_text[6] = "";
@@ -104,38 +107,39 @@ int server_expect_yn = 0;
104char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; 107char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
105char header_expect[MAX_INPUT_BUFFER] = ""; 108char header_expect[MAX_INPUT_BUFFER] = "";
106char string_expect[MAX_INPUT_BUFFER] = ""; 109char string_expect[MAX_INPUT_BUFFER] = "";
107char output_header_search[30] = "";
108char output_string_search[30] = "";
109char *warning_thresholds = NULL; 110char *warning_thresholds = NULL;
110char *critical_thresholds = NULL; 111char *critical_thresholds = NULL;
111thresholds *thlds; 112thresholds *thlds;
112char user_auth[MAX_INPUT_BUFFER] = ""; 113char user_auth[MAX_INPUT_BUFFER] = "";
113char proxy_auth[MAX_INPUT_BUFFER] = ""; 114char proxy_auth[MAX_INPUT_BUFFER] = "";
114int display_html = FALSE; 115bool display_html = false;
115char **http_opt_headers; 116char **http_opt_headers;
116int http_opt_headers_count = 0; 117int http_opt_headers_count = 0;
117int onredirect = STATE_OK; 118int onredirect = STATE_OK;
118int followsticky = STICKY_NONE; 119int followsticky = STICKY_NONE;
119int use_ssl = FALSE; 120bool use_ssl = false;
120int use_sni = FALSE; 121bool use_sni = false;
121int verbose = FALSE; 122bool verbose = false;
122int show_extended_perfdata = FALSE; 123bool show_extended_perfdata = false;
124bool show_body = false;
123int sd; 125int sd;
124int min_page_len = 0; 126int min_page_len = 0;
125int max_page_len = 0; 127int max_page_len = 0;
126int redir_depth = 0; 128int redir_depth = 0;
127int max_depth = 15; 129int max_depth = DEFAULT_MAX_REDIRS;
128char *http_method; 130char *http_method;
131char *http_method_proxy;
129char *http_post_data; 132char *http_post_data;
130char *http_content_type; 133char *http_content_type;
131char buffer[MAX_INPUT_BUFFER]; 134char buffer[MAX_INPUT_BUFFER];
132char *client_cert = NULL; 135char *client_cert = NULL;
133char *client_privkey = NULL; 136char *client_privkey = NULL;
134 137
135int process_arguments (int, char **); 138// Forward function declarations
139bool process_arguments (int, char **);
136int check_http (void); 140int check_http (void);
137void redir (char *pos, char *status_line); 141void redir (char *pos, char *status_line);
138int server_type_check(const char *type); 142bool server_type_check(const char *type);
139int server_port_check(int ssl_flag); 143int server_port_check(int ssl_flag);
140char *perfd_time (double microsec); 144char *perfd_time (double microsec);
141char *perfd_time_connect (double microsec); 145char *perfd_time_connect (double microsec);
@@ -146,6 +150,7 @@ char *perfd_time_transfer (double microsec);
146char *perfd_size (int page_len); 150char *perfd_size (int page_len);
147void print_help (void); 151void print_help (void);
148void print_usage (void); 152void print_usage (void);
153char *unchunk_content(const char *content);
149 154
150int 155int
151main (int argc, char **argv) 156main (int argc, char **argv)
@@ -165,10 +170,10 @@ main (int argc, char **argv)
165 /* Parse extra opts if any */ 170 /* Parse extra opts if any */
166 argv=np_extra_opts (&argc, argv, progname); 171 argv=np_extra_opts (&argc, argv, progname);
167 172
168 if (process_arguments (argc, argv) == ERROR) 173 if (process_arguments (argc, argv) == false)
169 usage4 (_("Could not parse arguments")); 174 usage4 (_("Could not parse arguments"));
170 175
171 if (display_html == TRUE) 176 if (display_html == true)
172 printf ("<A HREF=\"%s://%s:%d%s\" target=\"_blank\">", 177 printf ("<A HREF=\"%s://%s:%d%s\" target=\"_blank\">",
173 use_ssl ? "https" : "http", host_name ? host_name : server_address, 178 use_ssl ? "https" : "http", host_name ? host_name : server_address,
174 server_port, server_url); 179 server_port, server_url);
@@ -191,9 +196,11 @@ test_file (char *path)
191 usage2 (_("file does not exist or is not readable"), path); 196 usage2 (_("file does not exist or is not readable"), path);
192} 197}
193 198
194/* process command-line arguments */ 199/*
195int 200 * process command-line arguments
196process_arguments (int argc, char **argv) 201 * returns true on success, false otherwise
202 */
203bool process_arguments (int argc, char **argv)
197{ 204{
198 int c = 1; 205 int c = 1;
199 char *p; 206 char *p;
@@ -201,7 +208,9 @@ process_arguments (int argc, char **argv)
201 208
202 enum { 209 enum {
203 INVERT_REGEX = CHAR_MAX + 1, 210 INVERT_REGEX = CHAR_MAX + 1,
204 SNI_OPTION 211 SNI_OPTION,
212 MAX_REDIRS_OPTION,
213 CONTINUE_AFTER_CHECK_CERT
205 }; 214 };
206 215
207 int option = 0; 216 int option = 0;
@@ -229,6 +238,7 @@ process_arguments (int argc, char **argv)
229 {"certificate", required_argument, 0, 'C'}, 238 {"certificate", required_argument, 0, 'C'},
230 {"client-cert", required_argument, 0, 'J'}, 239 {"client-cert", required_argument, 0, 'J'},
231 {"private-key", required_argument, 0, 'K'}, 240 {"private-key", required_argument, 0, 'K'},
241 {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT},
232 {"useragent", required_argument, 0, 'A'}, 242 {"useragent", required_argument, 0, 'A'},
233 {"header", required_argument, 0, 'k'}, 243 {"header", required_argument, 0, 'k'},
234 {"no-body", no_argument, 0, 'N'}, 244 {"no-body", no_argument, 0, 'N'},
@@ -239,11 +249,13 @@ process_arguments (int argc, char **argv)
239 {"use-ipv4", no_argument, 0, '4'}, 249 {"use-ipv4", no_argument, 0, '4'},
240 {"use-ipv6", no_argument, 0, '6'}, 250 {"use-ipv6", no_argument, 0, '6'},
241 {"extended-perfdata", no_argument, 0, 'E'}, 251 {"extended-perfdata", no_argument, 0, 'E'},
252 {"show-body", no_argument, 0, 'B'},
253 {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION},
242 {0, 0, 0, 0} 254 {0, 0, 0, 0}
243 }; 255 };
244 256
245 if (argc < 2) 257 if (argc < 2)
246 return ERROR; 258 return false;
247 259
248 for (c = 1; c < argc; c++) { 260 for (c = 1; c < argc; c++) {
249 if (strcmp ("-to", argv[c]) == 0) 261 if (strcmp ("-to", argv[c]) == 0)
@@ -259,7 +271,7 @@ process_arguments (int argc, char **argv)
259 } 271 }
260 272
261 while (1) { 273 while (1) {
262 c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NE", longopts, &option); 274 c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option);
263 if (c == -1 || c == EOF) 275 if (c == -1 || c == EOF)
264 break; 276 break;
265 277
@@ -299,10 +311,10 @@ process_arguments (int argc, char **argv)
299 /* xasprintf (&http_opt_headers, "%s", optarg); */ 311 /* xasprintf (&http_opt_headers, "%s", optarg); */
300 break; 312 break;
301 case 'L': /* show html link */ 313 case 'L': /* show html link */
302 display_html = TRUE; 314 display_html = true;
303 break; 315 break;
304 case 'n': /* do not show html link */ 316 case 'n': /* do not show html link */
305 display_html = FALSE; 317 display_html = false;
306 break; 318 break;
307 case 'C': /* Check SSL cert validity */ 319 case 'C': /* Check SSL cert validity */
308#ifdef HAVE_SSL 320#ifdef HAVE_SSL
@@ -323,9 +335,14 @@ process_arguments (int argc, char **argv)
323 usage2 (_("Invalid certificate expiration period"), optarg); 335 usage2 (_("Invalid certificate expiration period"), optarg);
324 days_till_exp_warn = atoi (optarg); 336 days_till_exp_warn = atoi (optarg);
325 } 337 }
326 check_cert = TRUE; 338 check_cert = true;
327 goto enable_ssl; 339 goto enable_ssl;
328#endif 340#endif
341 case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */
342#ifdef HAVE_SSL
343 continue_after_check_cert = true;
344 break;
345#endif
329 case 'J': /* use client certificate */ 346 case 'J': /* use client certificate */
330#ifdef HAVE_SSL 347#ifdef HAVE_SSL
331 test_file(optarg); 348 test_file(optarg);
@@ -343,7 +360,7 @@ process_arguments (int argc, char **argv)
343 enable_ssl: 360 enable_ssl:
344 /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple 361 /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple
345 parameters, like -S and -C combinations */ 362 parameters, like -S and -C combinations */
346 use_ssl = TRUE; 363 use_ssl = true;
347 if (c=='S' && optarg != NULL) { 364 if (c=='S' && optarg != NULL) {
348 int got_plus = strchr(optarg, '+') != NULL; 365 int got_plus = strchr(optarg, '+') != NULL;
349 366
@@ -360,7 +377,7 @@ process_arguments (int argc, char **argv)
360 else 377 else
361 usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); 378 usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)"));
362 } 379 }
363 if (specify_port == FALSE) 380 if (specify_port == false)
364 server_port = HTTPS_PORT; 381 server_port = HTTPS_PORT;
365#else 382#else
366 /* -C -J and -K fall through to here without SSL */ 383 /* -C -J and -K fall through to here without SSL */
@@ -368,8 +385,15 @@ process_arguments (int argc, char **argv)
368#endif 385#endif
369 break; 386 break;
370 case SNI_OPTION: 387 case SNI_OPTION:
371 use_sni = TRUE; 388 use_sni = true;
372 break; 389 break;
390 case MAX_REDIRS_OPTION:
391 if (!is_intnonneg (optarg))
392 usage2 (_("Invalid max_redirs count"), optarg);
393 else {
394 max_depth = atoi (optarg);
395 }
396 break;
373 case 'f': /* onredirect */ 397 case 'f': /* onredirect */
374 if (!strcmp (optarg, "stickyport")) 398 if (!strcmp (optarg, "stickyport"))
375 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; 399 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT;
@@ -399,7 +423,7 @@ process_arguments (int argc, char **argv)
399 host_name_length = strlen (host_name) - strlen (p) - 1; 423 host_name_length = strlen (host_name) - strlen (p) - 1;
400 free (host_name); 424 free (host_name);
401 host_name = strndup (optarg, host_name_length); 425 host_name = strndup (optarg, host_name_length);
402 if (specify_port == FALSE) 426 if (specify_port == false)
403 server_port = virtual_port; 427 server_port = virtual_port;
404 } 428 }
405 } else if ((p = strchr (host_name, ':')) != NULL 429 } else if ((p = strchr (host_name, ':')) != NULL
@@ -409,7 +433,7 @@ process_arguments (int argc, char **argv)
409 host_name_length = strlen (host_name) - strlen (p) - 1; 433 host_name_length = strlen (host_name) - strlen (p) - 1;
410 free (host_name); 434 free (host_name);
411 host_name = strndup (optarg, host_name_length); 435 host_name = strndup (optarg, host_name_length);
412 if (specify_port == FALSE) 436 if (specify_port == false)
413 server_port = virtual_port; 437 server_port = virtual_port;
414 } 438 }
415 break; 439 break;
@@ -425,7 +449,7 @@ process_arguments (int argc, char **argv)
425 usage2 (_("Invalid port number"), optarg); 449 usage2 (_("Invalid port number"), optarg);
426 else { 450 else {
427 server_port = atoi (optarg); 451 server_port = atoi (optarg);
428 specify_port = TRUE; 452 specify_port = true;
429 } 453 }
430 break; 454 break;
431 case 'a': /* authorization info */ 455 case 'a': /* authorization info */
@@ -446,6 +470,12 @@ process_arguments (int argc, char **argv)
446 if (http_method) 470 if (http_method)
447 free(http_method); 471 free(http_method);
448 http_method = strdup (optarg); 472 http_method = strdup (optarg);
473 char *tmp;
474 if ((tmp = strstr(http_method, ":")) > 0) {
475 tmp[0] = '\0';
476 http_method = http_method;
477 http_method_proxy = ++tmp;
478 }
449 break; 479 break;
450 case 'd': /* string or substring */ 480 case 'd': /* string or substring */
451 strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); 481 strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1);
@@ -468,6 +498,7 @@ process_arguments (int argc, char **argv)
468 break; 498 break;
469 case 'R': /* regex */ 499 case 'R': /* regex */
470 cflags |= REG_ICASE; 500 cflags |= REG_ICASE;
501 // fall through
471 case 'r': /* regex */ 502 case 'r': /* regex */
472 strncpy (regexp, optarg, MAX_RE_SIZE - 1); 503 strncpy (regexp, optarg, MAX_RE_SIZE - 1);
473 regexp[MAX_RE_SIZE - 1] = 0; 504 regexp[MAX_RE_SIZE - 1] = 0;
@@ -475,7 +506,7 @@ process_arguments (int argc, char **argv)
475 if (errcode != 0) { 506 if (errcode != 0) {
476 (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); 507 (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
477 printf (_("Could Not Compile Regular Expression: %s"), errbuf); 508 printf (_("Could Not Compile Regular Expression: %s"), errbuf);
478 return ERROR; 509 return false;
479 } 510 }
480 break; 511 break;
481 case INVERT_REGEX: 512 case INVERT_REGEX:
@@ -492,7 +523,7 @@ process_arguments (int argc, char **argv)
492#endif 523#endif
493 break; 524 break;
494 case 'v': /* verbose */ 525 case 'v': /* verbose */
495 verbose = TRUE; 526 verbose = true;
496 break; 527 break;
497 case 'm': /* min_page_length */ 528 case 'm': /* min_page_length */
498 { 529 {
@@ -517,7 +548,7 @@ process_arguments (int argc, char **argv)
517 break; 548 break;
518 } 549 }
519 case 'N': /* no-body */ 550 case 'N': /* no-body */
520 no_body = TRUE; 551 no_body = true;
521 break; 552 break;
522 case 'M': /* max-age */ 553 case 'M': /* max-age */
523 { 554 {
@@ -538,7 +569,10 @@ process_arguments (int argc, char **argv)
538 } 569 }
539 break; 570 break;
540 case 'E': /* show extended perfdata */ 571 case 'E': /* show extended perfdata */
541 show_extended_perfdata = TRUE; 572 show_extended_perfdata = true;
573 break;
574 case 'B': /* print body content after status line */
575 show_body = true;
542 break; 576 break;
543 } 577 }
544 } 578 }
@@ -566,13 +600,16 @@ process_arguments (int argc, char **argv)
566 if (http_method == NULL) 600 if (http_method == NULL)
567 http_method = strdup ("GET"); 601 http_method = strdup ("GET");
568 602
603 if (http_method_proxy == NULL)
604 http_method_proxy = strdup ("GET");
605
569 if (client_cert && !client_privkey) 606 if (client_cert && !client_privkey)
570 usage4 (_("If you use a client certificate you must also specify a private key file")); 607 usage4 (_("If you use a client certificate you must also specify a private key file"));
571 608
572 if (virtual_port == 0) 609 if (virtual_port == 0)
573 virtual_port = server_port; 610 virtual_port = server_port;
574 611
575 return TRUE; 612 return true;
576} 613}
577 614
578 615
@@ -912,10 +949,25 @@ check_http (void)
912 /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ 949 /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
913 950
914 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 951 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
915 && host_name != NULL && use_ssl == TRUE) { 952 && host_name != NULL && use_ssl == true) {
916 953
917 if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); 954 if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
918 asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); 955 asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
956 if (strlen(proxy_auth)) {
957 base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth);
958 xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
959 }
960 /* optionally send any other header tag */
961 if (http_opt_headers_count) {
962 for (i = 0; i < http_opt_headers_count ; i++) {
963 if (force_host_header != http_opt_headers[i]) {
964 xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
965 }
966 }
967 /* This cannot be free'd here because a redirection will then try to access this and segfault */
968 /* Covered in a testcase in tests/check_http.t */
969 /* free(http_opt_headers); */
970 }
919 asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); 971 asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf);
920 asprintf (&buf, "%sHost: %s\r\n", buf, host_name); 972 asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
921 /* we finished our request, send empty line with CRLF */ 973 /* we finished our request, send empty line with CRLF */
@@ -931,7 +983,7 @@ check_http (void)
931 } 983 }
932#ifdef HAVE_SSL 984#ifdef HAVE_SSL
933 elapsed_time_connect = (double)microsec_connect / 1.0e6; 985 elapsed_time_connect = (double)microsec_connect / 1.0e6;
934 if (use_ssl == TRUE) { 986 if (use_ssl == true) {
935 gettimeofday (&tv_temp, NULL); 987 gettimeofday (&tv_temp, NULL);
936 result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); 988 result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
937 if (verbose) printf ("SSL initialized\n"); 989 if (verbose) printf ("SSL initialized\n");
@@ -939,18 +991,20 @@ check_http (void)
939 die (STATE_CRITICAL, NULL); 991 die (STATE_CRITICAL, NULL);
940 microsec_ssl = deltime (tv_temp); 992 microsec_ssl = deltime (tv_temp);
941 elapsed_time_ssl = (double)microsec_ssl / 1.0e6; 993 elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
942 if (check_cert == TRUE) { 994 if (check_cert == true) {
943 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 995 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
944 if (sd) close(sd); 996 if (continue_after_check_cert == false) {
945 np_net_ssl_cleanup(); 997 if (sd) close(sd);
946 return result; 998 np_net_ssl_cleanup();
999 return result;
1000 }
947 } 1001 }
948 } 1002 }
949#endif /* HAVE_SSL */ 1003#endif /* HAVE_SSL */
950 1004
951 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 1005 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
952 && host_name != NULL && use_ssl == TRUE) 1006 && host_name != NULL && use_ssl == true)
953 asprintf (&buf, "%s %s %s\r\n%s\r\n", "GET", server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 1007 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
954 else 1008 else
955 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 1009 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
956 1010
@@ -977,10 +1031,10 @@ check_http (void)
977 * 14.23). Some server applications/configurations cause trouble if the 1031 * 14.23). Some server applications/configurations cause trouble if the
978 * (default) port is explicitly specified in the "Host:" header line. 1032 * (default) port is explicitly specified in the "Host:" header line.
979 */ 1033 */
980 if ((use_ssl == FALSE && virtual_port == HTTP_PORT) || 1034 if ((use_ssl == false && virtual_port == HTTP_PORT) ||
981 (use_ssl == TRUE && virtual_port == HTTPS_PORT) || 1035 (use_ssl == true && virtual_port == HTTPS_PORT) ||
982 (server_address != NULL && strcmp(http_method, "CONNECT") == 0 1036 (server_address != NULL && strcmp(http_method, "CONNECT") == 0
983 && host_name != NULL && use_ssl == TRUE)) 1037 && host_name != NULL && use_ssl == true))
984 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); 1038 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
985 else 1039 else
986 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); 1040 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
@@ -1020,9 +1074,8 @@ check_http (void)
1020 } 1074 }
1021 1075
1022 xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data)); 1076 xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data));
1023 xasprintf (&buf, "%s%s%s", buf, http_post_data, CRLF); 1077 xasprintf (&buf, "%s%s", buf, http_post_data);
1024 } 1078 } else {
1025 else {
1026 /* or just a newline so the server knows we're done with the request */ 1079 /* or just a newline so the server knows we're done with the request */
1027 xasprintf (&buf, "%s%s", buf, CRLF); 1080 xasprintf (&buf, "%s%s", buf, CRLF);
1028 } 1081 }
@@ -1046,9 +1099,14 @@ check_http (void)
1046 *pos = ' '; 1099 *pos = ' ';
1047 } 1100 }
1048 buffer[i] = '\0'; 1101 buffer[i] = '\0';
1049 xasprintf (&full_page_new, "%s%s", full_page, buffer); 1102
1050 free (full_page); 1103 if ((full_page_new = realloc(full_page, pagesize + i + 1)) == NULL)
1104 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate memory for full_page\n"));
1105
1106 memmove(&full_page_new[pagesize], buffer, i + 1);
1107
1051 full_page = full_page_new; 1108 full_page = full_page_new;
1109
1052 pagesize += i; 1110 pagesize += i;
1053 1111
1054 if (no_body && document_headers_done (full_page)) { 1112 if (no_body && document_headers_done (full_page)) {
@@ -1060,25 +1118,7 @@ check_http (void)
1060 elapsed_time_transfer = (double)microsec_transfer / 1.0e6; 1118 elapsed_time_transfer = (double)microsec_transfer / 1.0e6;
1061 1119
1062 if (i < 0 && errno != ECONNRESET) { 1120 if (i < 0 && errno != ECONNRESET) {
1063#ifdef HAVE_SSL 1121 die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
1064 /*
1065 if (use_ssl) {
1066 sslerr=SSL_get_error(ssl, i);
1067 if ( sslerr == SSL_ERROR_SSL ) {
1068 die (STATE_WARNING, _("HTTP WARNING - Client Certificate Required\n"));
1069 } else {
1070 die (STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
1071 }
1072 }
1073 else {
1074 */
1075#endif
1076 die (STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
1077#ifdef HAVE_SSL
1078 /* XXX
1079 }
1080 */
1081#endif
1082 } 1122 }
1083 1123
1084 /* return a CRITICAL status if we couldn't read any data */ 1124 /* return a CRITICAL status if we couldn't read any data */
@@ -1140,6 +1180,8 @@ check_http (void)
1140 xasprintf (&msg, 1180 xasprintf (&msg,
1141 _("Invalid HTTP response received from host on port %d: %s\n"), 1181 _("Invalid HTTP response received from host on port %d: %s\n"),
1142 server_port, status_line); 1182 server_port, status_line);
1183 if (show_body)
1184 xasprintf (&msg, _("%s\n%s"), msg, page);
1143 die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); 1185 die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
1144 } 1186 }
1145 1187
@@ -1201,32 +1243,73 @@ check_http (void)
1201 } 1243 }
1202 1244
1203 /* Page and Header content checks go here */ 1245 /* Page and Header content checks go here */
1204 if (strlen (header_expect)) { 1246 if (strlen(header_expect) > 0) {
1205 if (!strstr (header, header_expect)) { 1247 if (strstr(header, header_expect) == NULL) {
1206 strncpy(&output_header_search[0],header_expect,sizeof(output_header_search)); 1248 // We did not find the header, the rest is for building the output and setting the state
1207 if(output_header_search[sizeof(output_header_search)-1]!='\0') { 1249 char output_header_search[30] = "";
1208 bcopy("...",&output_header_search[sizeof(output_header_search)-4],4); 1250
1251 strncpy(&output_header_search[0], header_expect,
1252 sizeof(output_header_search));
1253
1254 if (output_header_search[sizeof(output_header_search) - 1] != '\0') {
1255 bcopy("...",
1256 &output_header_search[sizeof(output_header_search) - 4],
1257 4);
1209 } 1258 }
1210 xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); 1259
1260 xasprintf (&msg,
1261 _("%sheader '%s' not found on '%s://%s:%d%s', "),
1262 msg,
1263 output_header_search, use_ssl ? "https" : "http",
1264 host_name ? host_name : server_address, server_port,
1265 server_url);
1266
1211 result = STATE_CRITICAL; 1267 result = STATE_CRITICAL;
1212 } 1268 }
1213 } 1269 }
1214 1270
1271 // At this point we should test if the content is chunked and unchunk it, so
1272 // it can be searched (and possibly printed)
1273 const char *chunked_header_regex_string = "Transfer-Encoding: *chunked *";
1274 regex_t chunked_header_regex;
1275
1276 if (regcomp(&chunked_header_regex, chunked_header_regex_string, REG_ICASE)) {
1277 die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to compile chunked_header_regex regex");
1278 }
1279
1280 regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found
1215 1281
1216 if (strlen (string_expect)) { 1282 if (!no_body && regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) {
1217 if (!strstr (page, string_expect)) { 1283 if (verbose) {
1218 strncpy(&output_string_search[0],string_expect,sizeof(output_string_search)); 1284 printf("Found chunked content\n");
1219 if(output_string_search[sizeof(output_string_search)-1]!='\0') { 1285 }
1220 bcopy("...",&output_string_search[sizeof(output_string_search)-4],4); 1286 // We actually found the chunked header
1287 char *tmp = unchunk_content(page);
1288 if (tmp == NULL) {
1289 die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to unchunk message body");
1290 }
1291 page = tmp;
1292 }
1293
1294 if (strlen(string_expect) > 0) {
1295 if (!strstr(page, string_expect)) {
1296 // We found the string the body, the rest is for building the output
1297 char output_string_search[30] = "";
1298 strncpy(&output_string_search[0], string_expect,
1299 sizeof(output_string_search));
1300 if (output_string_search[sizeof(output_string_search) - 1] != '\0') {
1301 bcopy("...", &output_string_search[sizeof(output_string_search) - 4],
1302 4);
1221 } 1303 }
1222 xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); 1304 xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
1223 result = STATE_CRITICAL; 1305 result = STATE_CRITICAL;
1224 } 1306 }
1225 } 1307 }
1226 1308
1227 if (strlen (regexp)) { 1309 if (strlen(regexp) > 0) {
1228 errcode = regexec (&preg, page, REGS, pmatch, 0); 1310 errcode = regexec(&preg, page, REGS, pmatch, 0);
1229 if ((errcode == 0 && invert_regex == 0) || (errcode == REG_NOMATCH && invert_regex == 1)) { 1311 if ((errcode == 0 && invert_regex == 0) ||
1312 (errcode == REG_NOMATCH && invert_regex == 1)) {
1230 /* OK - No-op to avoid changing the logic around it */ 1313 /* OK - No-op to avoid changing the logic around it */
1231 result = max_state_alt(STATE_OK, result); 1314 result = max_state_alt(STATE_OK, result);
1232 } 1315 }
@@ -1278,7 +1361,7 @@ check_http (void)
1278 perfd_time (elapsed_time), 1361 perfd_time (elapsed_time),
1279 perfd_size (page_len), 1362 perfd_size (page_len),
1280 perfd_time_connect (elapsed_time_connect), 1363 perfd_time_connect (elapsed_time_connect),
1281 use_ssl == TRUE ? perfd_time_ssl (elapsed_time_ssl) : "", 1364 use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "",
1282 perfd_time_headers (elapsed_time_headers), 1365 perfd_time_headers (elapsed_time_headers),
1283 perfd_time_firstbyte (elapsed_time_firstbyte), 1366 perfd_time_firstbyte (elapsed_time_firstbyte),
1284 perfd_time_transfer (elapsed_time_transfer)); 1367 perfd_time_transfer (elapsed_time_transfer));
@@ -1290,6 +1373,9 @@ check_http (void)
1290 perfd_time (elapsed_time), 1373 perfd_time (elapsed_time),
1291 perfd_size (page_len)); 1374 perfd_size (page_len));
1292 1375
1376 if (show_body)
1377 xasprintf (&msg, _("%s\n%s"), msg, page);
1378
1293 result = max_state_alt(get_status(elapsed_time, thlds), result); 1379 result = max_state_alt(get_status(elapsed_time, thlds), result);
1294 1380
1295 die (result, "HTTP %s: %s\n", state_text(result), msg); 1381 die (result, "HTTP %s: %s\n", state_text(result), msg);
@@ -1297,7 +1383,94 @@ check_http (void)
1297 return STATE_UNKNOWN; 1383 return STATE_UNKNOWN;
1298} 1384}
1299 1385
1386/* Receivces a pointer to the beginning of the body of a HTTP message
1387 * which is chunked and returns a pointer to a freshly allocated memory
1388 * region containing the unchunked body or NULL if something failed.
1389 * The result must be freed by the caller.
1390 */
1391char *unchunk_content(const char *content) {
1392 // https://en.wikipedia.org/wiki/Chunked_transfer_encoding
1393 // https://www.rfc-editor.org/rfc/rfc7230#section-4.1
1394 char *result = NULL;
1395 char *start_of_chunk;
1396 char* end_of_chunk;
1397 long size_of_chunk;
1398 const char *pointer = content;
1399 char *endptr;
1400 long length_of_chunk = 0;
1401 size_t overall_size = 0;
1402
1403 while (true) {
1404 size_of_chunk = strtol(pointer, &endptr, 16);
1405 if (size_of_chunk == LONG_MIN || size_of_chunk == LONG_MAX) {
1406 // Apparently underflow or overflow, should not happen
1407 if (verbose) {
1408 printf("Got an underflow or overflow from strtol at: %u\n", __LINE__);
1409 }
1410 return NULL;
1411 }
1412 if (endptr == pointer) {
1413 // Apparently this was not a number
1414 if (verbose) {
1415 printf("Chunked content did not start with a number at all (Line: %u)\n", __LINE__);
1416 }
1417 return NULL;
1418 }
1419
1420 // So, we got the length of the chunk
1421 if (*endptr == ';') {
1422 // Chunk extension starts here
1423 while (*endptr != '\r') {
1424 endptr++;
1425 }
1426 }
1427
1428 start_of_chunk = endptr + 2;
1429 end_of_chunk = start_of_chunk + size_of_chunk;
1430 length_of_chunk = (long)(end_of_chunk - start_of_chunk);
1431 pointer = end_of_chunk + 2; //Next number should be here
1432
1433 if (length_of_chunk == 0) {
1434 // Chunk length is 0, so this is the last one
1435 break;
1436 }
1300 1437
1438 overall_size += length_of_chunk;
1439
1440 if (result == NULL) {
1441 // Size of the chunk plus the ending NULL byte
1442 result = (char *)malloc(length_of_chunk +1);
1443 if (result == NULL) {
1444 if (verbose) {
1445 printf("Failed to allocate memory for unchunked body\n");
1446 }
1447 return NULL;
1448 }
1449 } else {
1450 // Enlarge memory to the new size plus the ending NULL byte
1451 void *tmp = realloc(result, overall_size +1);
1452 if (tmp == NULL) {
1453 if (verbose) {
1454 printf("Failed to allocate memory for unchunked body\n");
1455 }
1456 return NULL;
1457 } else {
1458 result = tmp;
1459 }
1460 }
1461
1462 memcpy(result + (overall_size - size_of_chunk), start_of_chunk, size_of_chunk);
1463 }
1464
1465 if (overall_size == 0 && result == NULL) {
1466 // We might just have received the end chunk without previous content, so result is never allocated
1467 result = calloc(1, sizeof(char));
1468 // No error handling here, we can only return NULL anyway
1469 } else {
1470 result[overall_size] = '\0';
1471 }
1472 return result;
1473}
1301 1474
1302/* per RFC 2396 */ 1475/* per RFC 2396 */
1303#define URI_HTTP "%5[HTPShtps]" 1476#define URI_HTTP "%5[HTPShtps]"
@@ -1308,7 +1481,9 @@ check_http (void)
1308#define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH 1481#define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH
1309#define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT 1482#define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT
1310#define HD4 URI_HTTP "://" URI_HOST 1483#define HD4 URI_HTTP "://" URI_HOST
1311#define HD5 URI_PATH 1484/* relative reference redirect like //www.site.org/test https://tools.ietf.org/html/rfc3986 */
1485#define HD5 "//" URI_HOST "/" URI_PATH
1486#define HD6 URI_PATH
1312 1487
1313void 1488void
1314redir (char *pos, char *status_line) 1489redir (char *pos, char *status_line)
@@ -1385,9 +1560,21 @@ redir (char *pos, char *status_line)
1385 use_ssl = server_type_check (type); 1560 use_ssl = server_type_check (type);
1386 i = server_port_check (use_ssl); 1561 i = server_port_check (use_ssl);
1387 } 1562 }
1563 /* URI_HTTP, URI_HOST, URI_PATH */
1564 else if (sscanf (pos, HD5, addr, url) == 2) {
1565 if(use_ssl){
1566 strcpy (type,"https");
1567 }
1568 else{
1569 strcpy (type, server_type);
1570 }
1571 xasprintf (&url, "/%s", url);
1572 use_ssl = server_type_check (type);
1573 i = server_port_check (use_ssl);
1574 }
1388 1575
1389 /* URI_PATH */ 1576 /* URI_PATH */
1390 else if (sscanf (pos, HD5, url) == 1) { 1577 else if (sscanf (pos, HD6, url) == 1) {
1391 /* relative url */ 1578 /* relative url */
1392 if ((url[0] != '/')) { 1579 if ((url[0] != '/')) {
1393 if ((x = strrchr(server_url, '/'))) 1580 if ((x = strrchr(server_url, '/')))
@@ -1418,8 +1605,8 @@ redir (char *pos, char *status_line)
1418 !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && 1605 !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
1419 (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && 1606 (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) &&
1420 !strcmp(server_url, url)) 1607 !strcmp(server_url, url))
1421 die (STATE_WARNING, 1608 die (STATE_CRITICAL,
1422 _("HTTP WARNING - redirection creates an infinite loop - %s://%s:%d%s%s\n"), 1609 _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"),
1423 type, addr, i, url, (display_html ? "</A>" : "")); 1610 type, addr, i, url, (display_html ? "</A>" : ""));
1424 1611
1425 strcpy (server_type, type); 1612 strcpy (server_type, type);
@@ -1456,13 +1643,13 @@ redir (char *pos, char *status_line)
1456} 1643}
1457 1644
1458 1645
1459int 1646bool
1460server_type_check (const char *type) 1647server_type_check (const char *type)
1461{ 1648{
1462 if (strcmp (type, "https")) 1649 if (strcmp (type, "https"))
1463 return FALSE; 1650 return false;
1464 else 1651 else
1465 return TRUE; 1652 return true;
1466} 1653}
1467 1654
1468int 1655int
@@ -1477,42 +1664,42 @@ server_port_check (int ssl_flag)
1477char *perfd_time (double elapsed_time) 1664char *perfd_time (double elapsed_time)
1478{ 1665{
1479 return fperfdata ("time", elapsed_time, "s", 1666 return fperfdata ("time", elapsed_time, "s",
1480 thlds->warning?TRUE:FALSE, thlds->warning?thlds->warning->end:0, 1667 thlds->warning?true:false, thlds->warning?thlds->warning->end:0,
1481 thlds->critical?TRUE:FALSE, thlds->critical?thlds->critical->end:0, 1668 thlds->critical?true:false, thlds->critical?thlds->critical->end:0,
1482 TRUE, 0, TRUE, socket_timeout); 1669 true, 0, true, socket_timeout);
1483} 1670}
1484 1671
1485char *perfd_time_connect (double elapsed_time_connect) 1672char *perfd_time_connect (double elapsed_time_connect)
1486{ 1673{
1487 return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); 1674 return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout);
1488} 1675}
1489 1676
1490char *perfd_time_ssl (double elapsed_time_ssl) 1677char *perfd_time_ssl (double elapsed_time_ssl)
1491{ 1678{
1492 return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); 1679 return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout);
1493} 1680}
1494 1681
1495char *perfd_time_headers (double elapsed_time_headers) 1682char *perfd_time_headers (double elapsed_time_headers)
1496{ 1683{
1497 return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); 1684 return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout);
1498} 1685}
1499 1686
1500char *perfd_time_firstbyte (double elapsed_time_firstbyte) 1687char *perfd_time_firstbyte (double elapsed_time_firstbyte)
1501{ 1688{
1502 return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); 1689 return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout);
1503} 1690}
1504 1691
1505char *perfd_time_transfer (double elapsed_time_transfer) 1692char *perfd_time_transfer (double elapsed_time_transfer)
1506{ 1693{
1507 return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); 1694 return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout);
1508} 1695}
1509 1696
1510char *perfd_size (int page_len) 1697char *perfd_size (int page_len)
1511{ 1698{
1512 return perfdata ("size", page_len, "B", 1699 return perfdata ("size", page_len, "B",
1513 (min_page_len>0?TRUE:FALSE), min_page_len, 1700 (min_page_len>0?true:false), min_page_len,
1514 (min_page_len>0?TRUE:FALSE), 0, 1701 (min_page_len>0?true:false), 0,
1515 TRUE, 0, FALSE, 0); 1702 true, 0, false, 0);
1516} 1703}
1517 1704
1518void 1705void
@@ -1532,6 +1719,10 @@ print_help (void)
1532 1719
1533 print_usage (); 1720 print_usage ();
1534 1721
1722#ifdef HAVE_SSL
1723 printf (_("In the first form, make an HTTP request."));
1724 printf (_("In the second form, connect to the server and check the TLS certificate."));
1725#endif
1535 printf (_("NOTE: One or both of -H and -I must be specified")); 1726 printf (_("NOTE: One or both of -H and -I must be specified"));
1536 1727
1537 printf ("\n"); 1728 printf ("\n");
@@ -1559,7 +1750,11 @@ print_help (void)
1559 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); 1750 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
1560 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); 1751 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
1561 printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); 1752 printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443"));
1562 printf (" %s\n", _("(when this option is used the URL is not checked.)")); 1753 printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use"));
1754 printf (" %s\n", _(" --continue-after-certificate to override this behavior)"));
1755 printf (" %s\n", "--continue-after-certificate");
1756 printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check."));
1757 printf (" %s\n", _("Does nothing unless -C is used."));
1563 printf (" %s\n", "-J, --client-cert=FILE"); 1758 printf (" %s\n", "-J, --client-cert=FILE");
1564 printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); 1759 printf (" %s\n", _("Name of file that contains the client certificate (PEM format)"));
1565 printf (" %s\n", _("to be used in establishing the SSL session")); 1760 printf (" %s\n", _("to be used in establishing the SSL session"));
@@ -1581,7 +1776,7 @@ print_help (void)
1581 printf (" %s\n", _("URL to GET or POST (default: /)")); 1776 printf (" %s\n", _("URL to GET or POST (default: /)"));
1582 printf (" %s\n", "-P, --post=STRING"); 1777 printf (" %s\n", "-P, --post=STRING");
1583 printf (" %s\n", _("URL encoded http POST data")); 1778 printf (" %s\n", _("URL encoded http POST data"));
1584 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)"); 1779 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)");
1585 printf (" %s\n", _("Set HTTP method.")); 1780 printf (" %s\n", _("Set HTTP method."));
1586 printf (" %s\n", "-N, --no-body"); 1781 printf (" %s\n", "-N, --no-body");
1587 printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); 1782 printf (" %s\n", _("Don't wait for document body: stop reading after headers."));
@@ -1611,14 +1806,18 @@ print_help (void)
1611 printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); 1806 printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers"));
1612 printf (" %s\n", "-E, --extended-perfdata"); 1807 printf (" %s\n", "-E, --extended-perfdata");
1613 printf (" %s\n", _("Print additional performance data")); 1808 printf (" %s\n", _("Print additional performance data"));
1809 printf (" %s\n", "-B, --show-body");
1810 printf (" %s\n", _("Print body content below status line"));
1614 printf (" %s\n", "-L, --link"); 1811 printf (" %s\n", "-L, --link");
1615 printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); 1812 printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
1616 printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); 1813 printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>");
1617 printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); 1814 printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the"));
1618 printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); 1815 printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same."));
1816 printf (" %s\n", "--max-redirs=INTEGER");
1817 printf (" %s", _("Maximal number of redirects (default: "));
1818 printf ("%d)\n", DEFAULT_MAX_REDIRS);
1619 printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); 1819 printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
1620 printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); 1820 printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)"));
1621
1622 printf (UT_WARN_CRIT); 1821 printf (UT_WARN_CRIT);
1623 1822
1624 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 1823 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
@@ -1668,7 +1867,8 @@ print_help (void)
1668 printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); 1867 printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>"));
1669 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); 1868 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
1670 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); 1869 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
1671 printf (" %s\n", _("a STATE_CRITICAL will be returned.")); 1870 printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used"));
1871 printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST"));
1672 1872
1673#endif 1873#endif
1674 1874
@@ -1685,9 +1885,11 @@ print_usage (void)
1685 printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname); 1885 printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname);
1686 printf (" [-J <client certificate file>] [-K <private key>]\n"); 1886 printf (" [-J <client certificate file>] [-K <private key>]\n");
1687 printf (" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n"); 1887 printf (" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n");
1688 printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n"); 1888 printf (" [-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport>]\n");
1689 printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); 1889 printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n");
1690 printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); 1890 printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n");
1691 printf (" [-A string] [-k string] [-S <version>] [--sni] [-C <warn_age>[,<crit_age>]]\n"); 1891 printf (" [-A string] [-k string] [-S <version>] [--sni]\n");
1692 printf (" [-T <content-type>] [-j method]\n"); 1892 printf (" [-T <content-type>] [-j method]\n");
1893 printf (" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n",progname);
1894 printf (" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n");
1693} 1895}