summaryrefslogtreecommitdiffstats
path: root/plugins/check_http.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_http.c')
-rw-r--r--plugins/check_http.c62
1 files changed, 53 insertions, 9 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index e5ef7cc4..34fb4f01 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -72,7 +72,7 @@ int maximum_age = -1;
72 72
73enum { 73enum {
74 REGS = 2, 74 REGS = 2,
75 MAX_RE_SIZE = 256 75 MAX_RE_SIZE = 1024
76}; 76};
77#include "regex.h" 77#include "regex.h"
78regex_t preg; 78regex_t preg;
@@ -120,12 +120,14 @@ int use_ssl = FALSE;
120int use_sni = FALSE; 120int use_sni = FALSE;
121int verbose = FALSE; 121int verbose = FALSE;
122int show_extended_perfdata = FALSE; 122int show_extended_perfdata = FALSE;
123int show_body = FALSE;
123int sd; 124int sd;
124int min_page_len = 0; 125int min_page_len = 0;
125int max_page_len = 0; 126int max_page_len = 0;
126int redir_depth = 0; 127int redir_depth = 0;
127int max_depth = 15; 128int max_depth = 15;
128char *http_method; 129char *http_method;
130char *http_method_proxy;
129char *http_post_data; 131char *http_post_data;
130char *http_content_type; 132char *http_content_type;
131char buffer[MAX_INPUT_BUFFER]; 133char buffer[MAX_INPUT_BUFFER];
@@ -239,6 +241,7 @@ process_arguments (int argc, char **argv)
239 {"use-ipv4", no_argument, 0, '4'}, 241 {"use-ipv4", no_argument, 0, '4'},
240 {"use-ipv6", no_argument, 0, '6'}, 242 {"use-ipv6", no_argument, 0, '6'},
241 {"extended-perfdata", no_argument, 0, 'E'}, 243 {"extended-perfdata", no_argument, 0, 'E'},
244 {"show-body", no_argument, 0, 'B'},
242 {0, 0, 0, 0} 245 {0, 0, 0, 0}
243 }; 246 };
244 247
@@ -259,7 +262,7 @@ process_arguments (int argc, char **argv)
259 } 262 }
260 263
261 while (1) { 264 while (1) {
262 c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NE", longopts, &option); 265 c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option);
263 if (c == -1 || c == EOF) 266 if (c == -1 || c == EOF)
264 break; 267 break;
265 268
@@ -446,6 +449,12 @@ process_arguments (int argc, char **argv)
446 if (http_method) 449 if (http_method)
447 free(http_method); 450 free(http_method);
448 http_method = strdup (optarg); 451 http_method = strdup (optarg);
452 char *tmp;
453 if ((tmp = strstr(http_method, ":")) > 0) {
454 tmp[0] = '\0';
455 http_method = http_method;
456 http_method_proxy = ++tmp;
457 }
449 break; 458 break;
450 case 'd': /* string or substring */ 459 case 'd': /* string or substring */
451 strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); 460 strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1);
@@ -540,6 +549,9 @@ process_arguments (int argc, char **argv)
540 case 'E': /* show extended perfdata */ 549 case 'E': /* show extended perfdata */
541 show_extended_perfdata = TRUE; 550 show_extended_perfdata = TRUE;
542 break; 551 break;
552 case 'B': /* print body content after status line */
553 show_body = TRUE;
554 break;
543 } 555 }
544 } 556 }
545 557
@@ -566,6 +578,9 @@ process_arguments (int argc, char **argv)
566 if (http_method == NULL) 578 if (http_method == NULL)
567 http_method = strdup ("GET"); 579 http_method = strdup ("GET");
568 580
581 if (http_method_proxy == NULL)
582 http_method_proxy = strdup ("GET");
583
569 if (client_cert && !client_privkey) 584 if (client_cert && !client_privkey)
570 usage4 (_("If you use a client certificate you must also specify a private key file")); 585 usage4 (_("If you use a client certificate you must also specify a private key file"));
571 586
@@ -916,6 +931,21 @@ check_http (void)
916 931
917 if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); 932 if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
918 asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); 933 asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
934 if (strlen(proxy_auth)) {
935 base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth);
936 xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
937 }
938 /* optionally send any other header tag */
939 if (http_opt_headers_count) {
940 for (i = 0; i < http_opt_headers_count ; i++) {
941 if (force_host_header != http_opt_headers[i]) {
942 xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
943 }
944 }
945 /* This cannot be free'd here because a redirection will then try to access this and segfault */
946 /* Covered in a testcase in tests/check_http.t */
947 /* free(http_opt_headers); */
948 }
919 asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); 949 asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf);
920 asprintf (&buf, "%sHost: %s\r\n", buf, host_name); 950 asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
921 /* we finished our request, send empty line with CRLF */ 951 /* we finished our request, send empty line with CRLF */
@@ -950,7 +980,7 @@ check_http (void)
950 980
951 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 981 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
952 && host_name != NULL && use_ssl == TRUE) 982 && host_name != NULL && use_ssl == TRUE)
953 asprintf (&buf, "%s %s %s\r\n%s\r\n", "GET", server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 983 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
954 else 984 else
955 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 985 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
956 986
@@ -1140,6 +1170,8 @@ check_http (void)
1140 xasprintf (&msg, 1170 xasprintf (&msg,
1141 _("Invalid HTTP response received from host on port %d: %s\n"), 1171 _("Invalid HTTP response received from host on port %d: %s\n"),
1142 server_port, status_line); 1172 server_port, status_line);
1173 if (show_body)
1174 xasprintf (&msg, _("%s\n%s"), msg, page);
1143 die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); 1175 die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
1144 } 1176 }
1145 1177
@@ -1290,6 +1322,9 @@ check_http (void)
1290 perfd_time (elapsed_time), 1322 perfd_time (elapsed_time),
1291 perfd_size (page_len)); 1323 perfd_size (page_len));
1292 1324
1325 if (show_body)
1326 xasprintf (&msg, _("%s\n%s"), msg, page);
1327
1293 result = max_state_alt(get_status(elapsed_time, thlds), result); 1328 result = max_state_alt(get_status(elapsed_time, thlds), result);
1294 1329
1295 die (result, "HTTP %s: %s\n", state_text(result), msg); 1330 die (result, "HTTP %s: %s\n", state_text(result), msg);
@@ -1418,8 +1453,8 @@ redir (char *pos, char *status_line)
1418 !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && 1453 !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
1419 (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && 1454 (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) &&
1420 !strcmp(server_url, url)) 1455 !strcmp(server_url, url))
1421 die (STATE_WARNING, 1456 die (STATE_CRITICAL,
1422 _("HTTP WARNING - redirection creates an infinite loop - %s://%s:%d%s%s\n"), 1457 _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"),
1423 type, addr, i, url, (display_html ? "</A>" : "")); 1458 type, addr, i, url, (display_html ? "</A>" : ""));
1424 1459
1425 strcpy (server_type, type); 1460 strcpy (server_type, type);
@@ -1532,6 +1567,10 @@ print_help (void)
1532 1567
1533 print_usage (); 1568 print_usage ();
1534 1569
1570#ifdef HAVE_SSL
1571 printf (_("In the first form, make an HTTP request."));
1572 printf (_("In the second form, connect to the server and check the TLS certificate."));
1573#endif
1535 printf (_("NOTE: One or both of -H and -I must be specified")); 1574 printf (_("NOTE: One or both of -H and -I must be specified"));
1536 1575
1537 printf ("\n"); 1576 printf ("\n");
@@ -1581,7 +1620,7 @@ print_help (void)
1581 printf (" %s\n", _("URL to GET or POST (default: /)")); 1620 printf (" %s\n", _("URL to GET or POST (default: /)"));
1582 printf (" %s\n", "-P, --post=STRING"); 1621 printf (" %s\n", "-P, --post=STRING");
1583 printf (" %s\n", _("URL encoded http POST data")); 1622 printf (" %s\n", _("URL encoded http POST data"));
1584 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)"); 1623 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)");
1585 printf (" %s\n", _("Set HTTP method.")); 1624 printf (" %s\n", _("Set HTTP method."));
1586 printf (" %s\n", "-N, --no-body"); 1625 printf (" %s\n", "-N, --no-body");
1587 printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); 1626 printf (" %s\n", _("Don't wait for document body: stop reading after headers."));
@@ -1611,6 +1650,8 @@ print_help (void)
1611 printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); 1650 printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers"));
1612 printf (" %s\n", "-E, --extended-perfdata"); 1651 printf (" %s\n", "-E, --extended-perfdata");
1613 printf (" %s\n", _("Print additional performance data")); 1652 printf (" %s\n", _("Print additional performance data"));
1653 printf (" %s\n", "-B, --show-body");
1654 printf (" %s\n", _("Print body content below status line"));
1614 printf (" %s\n", "-L, --link"); 1655 printf (" %s\n", "-L, --link");
1615 printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); 1656 printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
1616 printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); 1657 printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>");
@@ -1629,7 +1670,7 @@ print_help (void)
1629 printf ("%s\n", _("Notes:")); 1670 printf ("%s\n", _("Notes:"));
1630 printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host.")); 1671 printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host."));
1631 printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL")); 1672 printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL"));
1632 printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect reponse")); 1673 printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response"));
1633 printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are")); 1674 printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are"));
1634 printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN")); 1675 printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN"));
1635 printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument.")); 1676 printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument."));
@@ -1668,7 +1709,8 @@ print_help (void)
1668 printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); 1709 printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>"));
1669 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); 1710 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
1670 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); 1711 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
1671 printf (" %s\n", _("a STATE_CRITICAL will be returned.")); 1712 printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used"));
1713 printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST"));
1672 1714
1673#endif 1715#endif
1674 1716
@@ -1688,6 +1730,8 @@ print_usage (void)
1688 printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n"); 1730 printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n");
1689 printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); 1731 printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n");
1690 printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); 1732 printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n");
1691 printf (" [-A string] [-k string] [-S <version>] [--sni] [-C <warn_age>[,<crit_age>]]\n"); 1733 printf (" [-A string] [-k string] [-S <version>] [--sni]\n");
1692 printf (" [-T <content-type>] [-j method]\n"); 1734 printf (" [-T <content-type>] [-j method]\n");
1735 printf (" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n",progname);
1736 printf (" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n");
1693} 1737}