diff options
Diffstat (limited to 'plugins/check_http.c')
-rw-r--r-- | plugins/check_http.c | 42 |
1 files changed, 34 insertions, 8 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c index 34fb4f01..f8ec853b 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
@@ -52,11 +52,13 @@ enum { | |||
52 | MAX_IPV4_HOSTLENGTH = 255, | 52 | MAX_IPV4_HOSTLENGTH = 255, |
53 | HTTP_PORT = 80, | 53 | HTTP_PORT = 80, |
54 | HTTPS_PORT = 443, | 54 | HTTPS_PORT = 443, |
55 | MAX_PORT = 65535 | 55 | MAX_PORT = 65535, |
56 | DEFAULT_MAX_REDIRS = 15 | ||
56 | }; | 57 | }; |
57 | 58 | ||
58 | #ifdef HAVE_SSL | 59 | #ifdef HAVE_SSL |
59 | int check_cert = FALSE; | 60 | int check_cert = FALSE; |
61 | int continue_after_check_cert = FALSE; | ||
60 | int ssl_version = 0; | 62 | int ssl_version = 0; |
61 | int days_till_exp_warn, days_till_exp_crit; | 63 | int days_till_exp_warn, days_till_exp_crit; |
62 | char *randbuff; | 64 | char *randbuff; |
@@ -125,7 +127,7 @@ int sd; | |||
125 | int min_page_len = 0; | 127 | int min_page_len = 0; |
126 | int max_page_len = 0; | 128 | int max_page_len = 0; |
127 | int redir_depth = 0; | 129 | int redir_depth = 0; |
128 | int max_depth = 15; | 130 | int max_depth = DEFAULT_MAX_REDIRS; |
129 | char *http_method; | 131 | char *http_method; |
130 | char *http_method_proxy; | 132 | char *http_method_proxy; |
131 | char *http_post_data; | 133 | char *http_post_data; |
@@ -203,7 +205,9 @@ process_arguments (int argc, char **argv) | |||
203 | 205 | ||
204 | enum { | 206 | enum { |
205 | INVERT_REGEX = CHAR_MAX + 1, | 207 | INVERT_REGEX = CHAR_MAX + 1, |
206 | SNI_OPTION | 208 | SNI_OPTION, |
209 | MAX_REDIRS_OPTION, | ||
210 | CONTINUE_AFTER_CHECK_CERT | ||
207 | }; | 211 | }; |
208 | 212 | ||
209 | int option = 0; | 213 | int option = 0; |
@@ -231,6 +235,7 @@ process_arguments (int argc, char **argv) | |||
231 | {"certificate", required_argument, 0, 'C'}, | 235 | {"certificate", required_argument, 0, 'C'}, |
232 | {"client-cert", required_argument, 0, 'J'}, | 236 | {"client-cert", required_argument, 0, 'J'}, |
233 | {"private-key", required_argument, 0, 'K'}, | 237 | {"private-key", required_argument, 0, 'K'}, |
238 | {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, | ||
234 | {"useragent", required_argument, 0, 'A'}, | 239 | {"useragent", required_argument, 0, 'A'}, |
235 | {"header", required_argument, 0, 'k'}, | 240 | {"header", required_argument, 0, 'k'}, |
236 | {"no-body", no_argument, 0, 'N'}, | 241 | {"no-body", no_argument, 0, 'N'}, |
@@ -242,6 +247,7 @@ process_arguments (int argc, char **argv) | |||
242 | {"use-ipv6", no_argument, 0, '6'}, | 247 | {"use-ipv6", no_argument, 0, '6'}, |
243 | {"extended-perfdata", no_argument, 0, 'E'}, | 248 | {"extended-perfdata", no_argument, 0, 'E'}, |
244 | {"show-body", no_argument, 0, 'B'}, | 249 | {"show-body", no_argument, 0, 'B'}, |
250 | {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, | ||
245 | {0, 0, 0, 0} | 251 | {0, 0, 0, 0} |
246 | }; | 252 | }; |
247 | 253 | ||
@@ -329,6 +335,11 @@ process_arguments (int argc, char **argv) | |||
329 | check_cert = TRUE; | 335 | check_cert = TRUE; |
330 | goto enable_ssl; | 336 | goto enable_ssl; |
331 | #endif | 337 | #endif |
338 | case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ | ||
339 | #ifdef HAVE_SSL | ||
340 | continue_after_check_cert = TRUE; | ||
341 | break; | ||
342 | #endif | ||
332 | case 'J': /* use client certificate */ | 343 | case 'J': /* use client certificate */ |
333 | #ifdef HAVE_SSL | 344 | #ifdef HAVE_SSL |
334 | test_file(optarg); | 345 | test_file(optarg); |
@@ -373,6 +384,13 @@ process_arguments (int argc, char **argv) | |||
373 | case SNI_OPTION: | 384 | case SNI_OPTION: |
374 | use_sni = TRUE; | 385 | use_sni = TRUE; |
375 | break; | 386 | break; |
387 | case MAX_REDIRS_OPTION: | ||
388 | if (!is_intnonneg (optarg)) | ||
389 | usage2 (_("Invalid max_redirs count"), optarg); | ||
390 | else { | ||
391 | max_depth = atoi (optarg); | ||
392 | } | ||
393 | break; | ||
376 | case 'f': /* onredirect */ | 394 | case 'f': /* onredirect */ |
377 | if (!strcmp (optarg, "stickyport")) | 395 | if (!strcmp (optarg, "stickyport")) |
378 | onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; | 396 | onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; |
@@ -971,9 +989,11 @@ check_http (void) | |||
971 | elapsed_time_ssl = (double)microsec_ssl / 1.0e6; | 989 | elapsed_time_ssl = (double)microsec_ssl / 1.0e6; |
972 | if (check_cert == TRUE) { | 990 | if (check_cert == TRUE) { |
973 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); | 991 | result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); |
974 | if (sd) close(sd); | 992 | if (continue_after_check_cert == FALSE) { |
975 | np_net_ssl_cleanup(); | 993 | if (sd) close(sd); |
976 | return result; | 994 | np_net_ssl_cleanup(); |
995 | return result; | ||
996 | } | ||
977 | } | 997 | } |
978 | } | 998 | } |
979 | #endif /* HAVE_SSL */ | 999 | #endif /* HAVE_SSL */ |
@@ -1598,7 +1618,11 @@ print_help (void) | |||
1598 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); | 1618 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); |
1599 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); | 1619 | printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); |
1600 | printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); | 1620 | printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); |
1601 | printf (" %s\n", _("(when this option is used the URL is not checked.)")); | 1621 | printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); |
1622 | printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); | ||
1623 | printf (" %s\n", "--continue-after-certificate"); | ||
1624 | printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); | ||
1625 | printf (" %s\n", _("Does nothing unless -C is used.")); | ||
1602 | printf (" %s\n", "-J, --client-cert=FILE"); | 1626 | printf (" %s\n", "-J, --client-cert=FILE"); |
1603 | printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); | 1627 | printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); |
1604 | printf (" %s\n", _("to be used in establishing the SSL session")); | 1628 | printf (" %s\n", _("to be used in establishing the SSL session")); |
@@ -1657,9 +1681,11 @@ print_help (void) | |||
1657 | printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); | 1681 | printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); |
1658 | printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); | 1682 | printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); |
1659 | printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); | 1683 | printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); |
1684 | printf (" %s\n", "--max-redirs=INTEGER"); | ||
1685 | printf (" %s", _("Maximal number of redirects (default: ")); | ||
1686 | printf ("%d)\n", DEFAULT_MAX_REDIRS); | ||
1660 | printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); | 1687 | printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); |
1661 | printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); | 1688 | printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); |
1662 | |||
1663 | printf (UT_WARN_CRIT); | 1689 | printf (UT_WARN_CRIT); |
1664 | 1690 | ||
1665 | printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); | 1691 | printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); |