summaryrefslogtreecommitdiffstats
path: root/plugins/check_http.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_http.c')
-rw-r--r--plugins/check_http.c42
1 files changed, 34 insertions, 8 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 34fb4f01..f8ec853b 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -52,11 +52,13 @@ enum {
52 MAX_IPV4_HOSTLENGTH = 255, 52 MAX_IPV4_HOSTLENGTH = 255,
53 HTTP_PORT = 80, 53 HTTP_PORT = 80,
54 HTTPS_PORT = 443, 54 HTTPS_PORT = 443,
55 MAX_PORT = 65535 55 MAX_PORT = 65535,
56 DEFAULT_MAX_REDIRS = 15
56}; 57};
57 58
58#ifdef HAVE_SSL 59#ifdef HAVE_SSL
59int check_cert = FALSE; 60int check_cert = FALSE;
61int continue_after_check_cert = FALSE;
60int ssl_version = 0; 62int ssl_version = 0;
61int days_till_exp_warn, days_till_exp_crit; 63int days_till_exp_warn, days_till_exp_crit;
62char *randbuff; 64char *randbuff;
@@ -125,7 +127,7 @@ int sd;
125int min_page_len = 0; 127int min_page_len = 0;
126int max_page_len = 0; 128int max_page_len = 0;
127int redir_depth = 0; 129int redir_depth = 0;
128int max_depth = 15; 130int max_depth = DEFAULT_MAX_REDIRS;
129char *http_method; 131char *http_method;
130char *http_method_proxy; 132char *http_method_proxy;
131char *http_post_data; 133char *http_post_data;
@@ -203,7 +205,9 @@ process_arguments (int argc, char **argv)
203 205
204 enum { 206 enum {
205 INVERT_REGEX = CHAR_MAX + 1, 207 INVERT_REGEX = CHAR_MAX + 1,
206 SNI_OPTION 208 SNI_OPTION,
209 MAX_REDIRS_OPTION,
210 CONTINUE_AFTER_CHECK_CERT
207 }; 211 };
208 212
209 int option = 0; 213 int option = 0;
@@ -231,6 +235,7 @@ process_arguments (int argc, char **argv)
231 {"certificate", required_argument, 0, 'C'}, 235 {"certificate", required_argument, 0, 'C'},
232 {"client-cert", required_argument, 0, 'J'}, 236 {"client-cert", required_argument, 0, 'J'},
233 {"private-key", required_argument, 0, 'K'}, 237 {"private-key", required_argument, 0, 'K'},
238 {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT},
234 {"useragent", required_argument, 0, 'A'}, 239 {"useragent", required_argument, 0, 'A'},
235 {"header", required_argument, 0, 'k'}, 240 {"header", required_argument, 0, 'k'},
236 {"no-body", no_argument, 0, 'N'}, 241 {"no-body", no_argument, 0, 'N'},
@@ -242,6 +247,7 @@ process_arguments (int argc, char **argv)
242 {"use-ipv6", no_argument, 0, '6'}, 247 {"use-ipv6", no_argument, 0, '6'},
243 {"extended-perfdata", no_argument, 0, 'E'}, 248 {"extended-perfdata", no_argument, 0, 'E'},
244 {"show-body", no_argument, 0, 'B'}, 249 {"show-body", no_argument, 0, 'B'},
250 {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION},
245 {0, 0, 0, 0} 251 {0, 0, 0, 0}
246 }; 252 };
247 253
@@ -329,6 +335,11 @@ process_arguments (int argc, char **argv)
329 check_cert = TRUE; 335 check_cert = TRUE;
330 goto enable_ssl; 336 goto enable_ssl;
331#endif 337#endif
338 case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */
339#ifdef HAVE_SSL
340 continue_after_check_cert = TRUE;
341 break;
342#endif
332 case 'J': /* use client certificate */ 343 case 'J': /* use client certificate */
333#ifdef HAVE_SSL 344#ifdef HAVE_SSL
334 test_file(optarg); 345 test_file(optarg);
@@ -373,6 +384,13 @@ process_arguments (int argc, char **argv)
373 case SNI_OPTION: 384 case SNI_OPTION:
374 use_sni = TRUE; 385 use_sni = TRUE;
375 break; 386 break;
387 case MAX_REDIRS_OPTION:
388 if (!is_intnonneg (optarg))
389 usage2 (_("Invalid max_redirs count"), optarg);
390 else {
391 max_depth = atoi (optarg);
392 }
393 break;
376 case 'f': /* onredirect */ 394 case 'f': /* onredirect */
377 if (!strcmp (optarg, "stickyport")) 395 if (!strcmp (optarg, "stickyport"))
378 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; 396 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT;
@@ -971,9 +989,11 @@ check_http (void)
971 elapsed_time_ssl = (double)microsec_ssl / 1.0e6; 989 elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
972 if (check_cert == TRUE) { 990 if (check_cert == TRUE) {
973 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 991 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
974 if (sd) close(sd); 992 if (continue_after_check_cert == FALSE) {
975 np_net_ssl_cleanup(); 993 if (sd) close(sd);
976 return result; 994 np_net_ssl_cleanup();
995 return result;
996 }
977 } 997 }
978 } 998 }
979#endif /* HAVE_SSL */ 999#endif /* HAVE_SSL */
@@ -1598,7 +1618,11 @@ print_help (void)
1598 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); 1618 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
1599 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); 1619 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
1600 printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); 1620 printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443"));
1601 printf (" %s\n", _("(when this option is used the URL is not checked.)")); 1621 printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use"));
1622 printf (" %s\n", _(" --continue-after-certificate to override this behavior)"));
1623 printf (" %s\n", "--continue-after-certificate");
1624 printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check."));
1625 printf (" %s\n", _("Does nothing unless -C is used."));
1602 printf (" %s\n", "-J, --client-cert=FILE"); 1626 printf (" %s\n", "-J, --client-cert=FILE");
1603 printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); 1627 printf (" %s\n", _("Name of file that contains the client certificate (PEM format)"));
1604 printf (" %s\n", _("to be used in establishing the SSL session")); 1628 printf (" %s\n", _("to be used in establishing the SSL session"));
@@ -1657,9 +1681,11 @@ print_help (void)
1657 printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); 1681 printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>");
1658 printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); 1682 printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the"));
1659 printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); 1683 printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same."));
1684 printf (" %s\n", "--max-redirs=INTEGER");
1685 printf (" %s", _("Maximal number of redirects (default: "));
1686 printf ("%d)\n", DEFAULT_MAX_REDIRS);
1660 printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); 1687 printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
1661 printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); 1688 printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)"));
1662
1663 printf (UT_WARN_CRIT); 1689 printf (UT_WARN_CRIT);
1664 1690
1665 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 1691 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);