diff options
Diffstat (limited to 'plugins/check_http.c')
-rw-r--r-- | plugins/check_http.c | 62 |
1 files changed, 53 insertions, 9 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c index e5ef7cc4..34fb4f01 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
@@ -72,7 +72,7 @@ int maximum_age = -1; | |||
72 | 72 | ||
73 | enum { | 73 | enum { |
74 | REGS = 2, | 74 | REGS = 2, |
75 | MAX_RE_SIZE = 256 | 75 | MAX_RE_SIZE = 1024 |
76 | }; | 76 | }; |
77 | #include "regex.h" | 77 | #include "regex.h" |
78 | regex_t preg; | 78 | regex_t preg; |
@@ -120,12 +120,14 @@ int use_ssl = FALSE; | |||
120 | int use_sni = FALSE; | 120 | int use_sni = FALSE; |
121 | int verbose = FALSE; | 121 | int verbose = FALSE; |
122 | int show_extended_perfdata = FALSE; | 122 | int show_extended_perfdata = FALSE; |
123 | int show_body = FALSE; | ||
123 | int sd; | 124 | int sd; |
124 | int min_page_len = 0; | 125 | int min_page_len = 0; |
125 | int max_page_len = 0; | 126 | int max_page_len = 0; |
126 | int redir_depth = 0; | 127 | int redir_depth = 0; |
127 | int max_depth = 15; | 128 | int max_depth = 15; |
128 | char *http_method; | 129 | char *http_method; |
130 | char *http_method_proxy; | ||
129 | char *http_post_data; | 131 | char *http_post_data; |
130 | char *http_content_type; | 132 | char *http_content_type; |
131 | char buffer[MAX_INPUT_BUFFER]; | 133 | char buffer[MAX_INPUT_BUFFER]; |
@@ -239,6 +241,7 @@ process_arguments (int argc, char **argv) | |||
239 | {"use-ipv4", no_argument, 0, '4'}, | 241 | {"use-ipv4", no_argument, 0, '4'}, |
240 | {"use-ipv6", no_argument, 0, '6'}, | 242 | {"use-ipv6", no_argument, 0, '6'}, |
241 | {"extended-perfdata", no_argument, 0, 'E'}, | 243 | {"extended-perfdata", no_argument, 0, 'E'}, |
244 | {"show-body", no_argument, 0, 'B'}, | ||
242 | {0, 0, 0, 0} | 245 | {0, 0, 0, 0} |
243 | }; | 246 | }; |
244 | 247 | ||
@@ -259,7 +262,7 @@ process_arguments (int argc, char **argv) | |||
259 | } | 262 | } |
260 | 263 | ||
261 | while (1) { | 264 | while (1) { |
262 | c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NE", longopts, &option); | 265 | c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option); |
263 | if (c == -1 || c == EOF) | 266 | if (c == -1 || c == EOF) |
264 | break; | 267 | break; |
265 | 268 | ||
@@ -446,6 +449,12 @@ process_arguments (int argc, char **argv) | |||
446 | if (http_method) | 449 | if (http_method) |
447 | free(http_method); | 450 | free(http_method); |
448 | http_method = strdup (optarg); | 451 | http_method = strdup (optarg); |
452 | char *tmp; | ||
453 | if ((tmp = strstr(http_method, ":")) > 0) { | ||
454 | tmp[0] = '\0'; | ||
455 | http_method = http_method; | ||
456 | http_method_proxy = ++tmp; | ||
457 | } | ||
449 | break; | 458 | break; |
450 | case 'd': /* string or substring */ | 459 | case 'd': /* string or substring */ |
451 | strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); | 460 | strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); |
@@ -540,6 +549,9 @@ process_arguments (int argc, char **argv) | |||
540 | case 'E': /* show extended perfdata */ | 549 | case 'E': /* show extended perfdata */ |
541 | show_extended_perfdata = TRUE; | 550 | show_extended_perfdata = TRUE; |
542 | break; | 551 | break; |
552 | case 'B': /* print body content after status line */ | ||
553 | show_body = TRUE; | ||
554 | break; | ||
543 | } | 555 | } |
544 | } | 556 | } |
545 | 557 | ||
@@ -566,6 +578,9 @@ process_arguments (int argc, char **argv) | |||
566 | if (http_method == NULL) | 578 | if (http_method == NULL) |
567 | http_method = strdup ("GET"); | 579 | http_method = strdup ("GET"); |
568 | 580 | ||
581 | if (http_method_proxy == NULL) | ||
582 | http_method_proxy = strdup ("GET"); | ||
583 | |||
569 | if (client_cert && !client_privkey) | 584 | if (client_cert && !client_privkey) |
570 | usage4 (_("If you use a client certificate you must also specify a private key file")); | 585 | usage4 (_("If you use a client certificate you must also specify a private key file")); |
571 | 586 | ||
@@ -916,6 +931,21 @@ check_http (void) | |||
916 | 931 | ||
917 | if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); | 932 | if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); |
918 | asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); | 933 | asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); |
934 | if (strlen(proxy_auth)) { | ||
935 | base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); | ||
936 | xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); | ||
937 | } | ||
938 | /* optionally send any other header tag */ | ||
939 | if (http_opt_headers_count) { | ||
940 | for (i = 0; i < http_opt_headers_count ; i++) { | ||
941 | if (force_host_header != http_opt_headers[i]) { | ||
942 | xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); | ||
943 | } | ||
944 | } | ||
945 | /* This cannot be free'd here because a redirection will then try to access this and segfault */ | ||
946 | /* Covered in a testcase in tests/check_http.t */ | ||
947 | /* free(http_opt_headers); */ | ||
948 | } | ||
919 | asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); | 949 | asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); |
920 | asprintf (&buf, "%sHost: %s\r\n", buf, host_name); | 950 | asprintf (&buf, "%sHost: %s\r\n", buf, host_name); |
921 | /* we finished our request, send empty line with CRLF */ | 951 | /* we finished our request, send empty line with CRLF */ |
@@ -950,7 +980,7 @@ check_http (void) | |||
950 | 980 | ||
951 | if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 | 981 | if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 |
952 | && host_name != NULL && use_ssl == TRUE) | 982 | && host_name != NULL && use_ssl == TRUE) |
953 | asprintf (&buf, "%s %s %s\r\n%s\r\n", "GET", server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | 983 | asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); |
954 | else | 984 | else |
955 | asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | 985 | asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); |
956 | 986 | ||
@@ -1140,6 +1170,8 @@ check_http (void) | |||
1140 | xasprintf (&msg, | 1170 | xasprintf (&msg, |
1141 | _("Invalid HTTP response received from host on port %d: %s\n"), | 1171 | _("Invalid HTTP response received from host on port %d: %s\n"), |
1142 | server_port, status_line); | 1172 | server_port, status_line); |
1173 | if (show_body) | ||
1174 | xasprintf (&msg, _("%s\n%s"), msg, page); | ||
1143 | die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); | 1175 | die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); |
1144 | } | 1176 | } |
1145 | 1177 | ||
@@ -1290,6 +1322,9 @@ check_http (void) | |||
1290 | perfd_time (elapsed_time), | 1322 | perfd_time (elapsed_time), |
1291 | perfd_size (page_len)); | 1323 | perfd_size (page_len)); |
1292 | 1324 | ||
1325 | if (show_body) | ||
1326 | xasprintf (&msg, _("%s\n%s"), msg, page); | ||
1327 | |||
1293 | result = max_state_alt(get_status(elapsed_time, thlds), result); | 1328 | result = max_state_alt(get_status(elapsed_time, thlds), result); |
1294 | 1329 | ||
1295 | die (result, "HTTP %s: %s\n", state_text(result), msg); | 1330 | die (result, "HTTP %s: %s\n", state_text(result), msg); |
@@ -1418,8 +1453,8 @@ redir (char *pos, char *status_line) | |||
1418 | !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && | 1453 | !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && |
1419 | (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && | 1454 | (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && |
1420 | !strcmp(server_url, url)) | 1455 | !strcmp(server_url, url)) |
1421 | die (STATE_WARNING, | 1456 | die (STATE_CRITICAL, |
1422 | _("HTTP WARNING - redirection creates an infinite loop - %s://%s:%d%s%s\n"), | 1457 | _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"), |
1423 | type, addr, i, url, (display_html ? "</A>" : "")); | 1458 | type, addr, i, url, (display_html ? "</A>" : "")); |
1424 | 1459 | ||
1425 | strcpy (server_type, type); | 1460 | strcpy (server_type, type); |
@@ -1532,6 +1567,10 @@ print_help (void) | |||
1532 | 1567 | ||
1533 | print_usage (); | 1568 | print_usage (); |
1534 | 1569 | ||
1570 | #ifdef HAVE_SSL | ||
1571 | printf (_("In the first form, make an HTTP request.")); | ||
1572 | printf (_("In the second form, connect to the server and check the TLS certificate.")); | ||
1573 | #endif | ||
1535 | printf (_("NOTE: One or both of -H and -I must be specified")); | 1574 | printf (_("NOTE: One or both of -H and -I must be specified")); |
1536 | 1575 | ||
1537 | printf ("\n"); | 1576 | printf ("\n"); |
@@ -1581,7 +1620,7 @@ print_help (void) | |||
1581 | printf (" %s\n", _("URL to GET or POST (default: /)")); | 1620 | printf (" %s\n", _("URL to GET or POST (default: /)")); |
1582 | printf (" %s\n", "-P, --post=STRING"); | 1621 | printf (" %s\n", "-P, --post=STRING"); |
1583 | printf (" %s\n", _("URL encoded http POST data")); | 1622 | printf (" %s\n", _("URL encoded http POST data")); |
1584 | printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)"); | 1623 | printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)"); |
1585 | printf (" %s\n", _("Set HTTP method.")); | 1624 | printf (" %s\n", _("Set HTTP method.")); |
1586 | printf (" %s\n", "-N, --no-body"); | 1625 | printf (" %s\n", "-N, --no-body"); |
1587 | printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); | 1626 | printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); |
@@ -1611,6 +1650,8 @@ print_help (void) | |||
1611 | printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); | 1650 | printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); |
1612 | printf (" %s\n", "-E, --extended-perfdata"); | 1651 | printf (" %s\n", "-E, --extended-perfdata"); |
1613 | printf (" %s\n", _("Print additional performance data")); | 1652 | printf (" %s\n", _("Print additional performance data")); |
1653 | printf (" %s\n", "-B, --show-body"); | ||
1654 | printf (" %s\n", _("Print body content below status line")); | ||
1614 | printf (" %s\n", "-L, --link"); | 1655 | printf (" %s\n", "-L, --link"); |
1615 | printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); | 1656 | printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); |
1616 | printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); | 1657 | printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); |
@@ -1629,7 +1670,7 @@ print_help (void) | |||
1629 | printf ("%s\n", _("Notes:")); | 1670 | printf ("%s\n", _("Notes:")); |
1630 | printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host.")); | 1671 | printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host.")); |
1631 | printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL")); | 1672 | printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL")); |
1632 | printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect reponse")); | 1673 | printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response")); |
1633 | printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are")); | 1674 | printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are")); |
1634 | printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN")); | 1675 | printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN")); |
1635 | printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument.")); | 1676 | printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument.")); |
@@ -1668,7 +1709,8 @@ print_help (void) | |||
1668 | printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); | 1709 | printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); |
1669 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); | 1710 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); |
1670 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); | 1711 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); |
1671 | printf (" %s\n", _("a STATE_CRITICAL will be returned.")); | 1712 | printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used")); |
1713 | printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST")); | ||
1672 | 1714 | ||
1673 | #endif | 1715 | #endif |
1674 | 1716 | ||
@@ -1688,6 +1730,8 @@ print_usage (void) | |||
1688 | printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n"); | 1730 | printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n"); |
1689 | printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); | 1731 | printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); |
1690 | printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); | 1732 | printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); |
1691 | printf (" [-A string] [-k string] [-S <version>] [--sni] [-C <warn_age>[,<crit_age>]]\n"); | 1733 | printf (" [-A string] [-k string] [-S <version>] [--sni]\n"); |
1692 | printf (" [-T <content-type>] [-j method]\n"); | 1734 | printf (" [-T <content-type>] [-j method]\n"); |
1735 | printf (" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n",progname); | ||
1736 | printf (" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n"); | ||
1693 | } | 1737 | } |