summaryrefslogtreecommitdiffstats
path: root/plugins/check_http.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_http.c')
-rw-r--r--plugins/check_http.c3570
1 files changed, 1824 insertions, 1746 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 425ce86b..d264b95d 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -1,38 +1,38 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2 *
3* Monitoring check_http plugin 3 * Monitoring check_http plugin
4* 4 *
5* License: GPL 5 * License: GPL
6* Copyright (c) 1999-2013 Monitoring Plugins Development Team 6 * Copyright (c) 1999-2024 Monitoring Plugins Development Team
7* 7 *
8* Description: 8 * Description:
9* 9 *
10* This file contains the check_http plugin 10 * This file contains the check_http plugin
11* 11 *
12* This plugin tests the HTTP service on the specified host. It can test 12 * This plugin tests the HTTP service on the specified host. It can test
13* normal (http) and secure (https) servers, follow redirects, search for 13 * normal (http) and secure (https) servers, follow redirects, search for
14* strings and regular expressions, check connection times, and report on 14 * strings and regular expressions, check connection times, and report on
15* certificate expiration times. 15 * certificate expiration times.
16* 16 *
17* 17 *
18* This program is free software: you can redistribute it and/or modify 18 * This program is free software: you can redistribute it and/or modify
19* it under the terms of the GNU General Public License as published by 19 * it under the terms of the GNU General Public License as published by
20* the Free Software Foundation, either version 3 of the License, or 20 * the Free Software Foundation, either version 3 of the License, or
21* (at your option) any later version. 21 * (at your option) any later version.
22* 22 *
23* This program is distributed in the hope that it will be useful, 23 * This program is distributed in the hope that it will be useful,
24* but WITHOUT ANY WARRANTY; without even the implied warranty of 24 * but WITHOUT ANY WARRANTY; without even the implied warranty of
25* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26* GNU General Public License for more details. 26 * GNU General Public License for more details.
27* 27 *
28* You should have received a copy of the GNU General Public License 28 * You should have received a copy of the GNU General Public License
29* along with this program. If not, see <http://www.gnu.org/licenses/>. 29 * along with this program. If not, see <http://www.gnu.org/licenses/>.
30* 30 *
31* 31 *
32*****************************************************************************/ 32 *****************************************************************************/
33 33
34const char *progname = "check_http"; 34const char *progname = "check_http";
35const char *copyright = "1999-2022"; 35const char *copyright = "1999-2024";
36const char *email = "devel@monitoring-plugins.org"; 36const char *email = "devel@monitoring-plugins.org";
37 37
38// Do NOT sort those headers, it will break the build 38// Do NOT sort those headers, it will break the build
@@ -41,7 +41,6 @@ const char *email = "devel@monitoring-plugins.org";
41#include "base64.h" 41#include "base64.h"
42#include "netutils.h" 42#include "netutils.h"
43#include "utils.h" 43#include "utils.h"
44#include "base64.h"
45#include <ctype.h> 44#include <ctype.h>
46 45
47#define STICKY_NONE 0 46#define STICKY_NONE 0
@@ -50,1336 +49,1394 @@ const char *email = "devel@monitoring-plugins.org";
50 49
51#define HTTP_EXPECT "HTTP/1." 50#define HTTP_EXPECT "HTTP/1."
52enum { 51enum {
53 MAX_IPV4_HOSTLENGTH = 255, 52 MAX_IPV4_HOSTLENGTH = 255,
54 HTTP_PORT = 80, 53 HTTP_PORT = 80,
55 HTTPS_PORT = 443, 54 HTTPS_PORT = 443,
56 MAX_PORT = 65535, 55 MAX_PORT = 65535,
57 DEFAULT_MAX_REDIRS = 15 56 DEFAULT_MAX_REDIRS = 15
58}; 57};
59 58
60#ifdef HAVE_SSL 59#ifdef HAVE_SSL
61bool check_cert = false; 60static bool check_cert = false;
62bool continue_after_check_cert = false; 61static bool continue_after_check_cert = false;
63int ssl_version = 0; 62static int ssl_version = 0;
64int days_till_exp_warn, days_till_exp_crit; 63static int days_till_exp_warn, days_till_exp_crit;
65char *randbuff; 64# define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
66X509 *server_cert; 65# define my_send(buf, len) ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
67# define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
68# define my_send(buf, len) ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
69#else /* ifndef HAVE_SSL */ 66#else /* ifndef HAVE_SSL */
70# define my_recv(buf, len) read(sd, buf, len) 67# define my_recv(buf, len) read(sd, buf, len)
71# define my_send(buf, len) send(sd, buf, len, 0) 68# define my_send(buf, len) send(sd, buf, len, 0)
72#endif /* HAVE_SSL */ 69#endif /* HAVE_SSL */
73bool no_body = false; 70static bool no_body = false;
74int maximum_age = -1; 71static int maximum_age = -1;
75 72
76enum { 73enum {
77 REGS = 2, 74 REGS = 2,
78 MAX_RE_SIZE = 1024 75 MAX_RE_SIZE = 1024
79}; 76};
80#include "regex.h" 77#include "regex.h"
81regex_t preg; 78static regex_t preg;
82regmatch_t pmatch[REGS]; 79static regmatch_t pmatch[REGS];
83char regexp[MAX_RE_SIZE]; 80static char regexp[MAX_RE_SIZE];
84char errbuf[MAX_INPUT_BUFFER]; 81static char errbuf[MAX_INPUT_BUFFER];
85int cflags = REG_NOSUB | REG_EXTENDED | REG_NEWLINE; 82static int cflags = REG_NOSUB | REG_EXTENDED | REG_NEWLINE;
86int errcode; 83static int errcode;
87int invert_regex = 0; 84static int invert_regex = 0;
88 85static int state_regex = STATE_CRITICAL;
89struct timeval tv; 86
90struct timeval tv_temp; 87static struct timeval tv;
88static struct timeval tv_temp;
91 89
92#define HTTP_URL "/" 90#define HTTP_URL "/"
93#define CRLF "\r\n" 91#define CRLF "\r\n"
94 92
95bool specify_port = false; 93static bool specify_port = false;
96int server_port = HTTP_PORT; 94static int server_port = HTTP_PORT;
97int virtual_port = 0; 95static int virtual_port = 0;
98char server_port_text[6] = ""; 96static char server_type[6] = "http";
99char server_type[6] = "http"; 97static char *server_address;
100char *server_address; 98static char *host_name;
101char *host_name; 99static int host_name_length;
102int host_name_length; 100static char *server_url;
103char *server_url; 101static char *user_agent;
104char *user_agent; 102static int server_url_length;
105int server_url_length; 103static int server_expect_yn = 0;
106int server_expect_yn = 0; 104static char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
107char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; 105static char header_expect[MAX_INPUT_BUFFER] = "";
108char header_expect[MAX_INPUT_BUFFER] = ""; 106static char string_expect[MAX_INPUT_BUFFER] = "";
109char string_expect[MAX_INPUT_BUFFER] = ""; 107static char *warning_thresholds = NULL;
110char *warning_thresholds = NULL; 108static char *critical_thresholds = NULL;
111char *critical_thresholds = NULL; 109static thresholds *thlds;
112thresholds *thlds; 110static char user_auth[MAX_INPUT_BUFFER] = "";
113char user_auth[MAX_INPUT_BUFFER] = ""; 111static char proxy_auth[MAX_INPUT_BUFFER] = "";
114char proxy_auth[MAX_INPUT_BUFFER] = ""; 112static bool display_html = false;
115bool display_html = false; 113static char **http_opt_headers;
116char **http_opt_headers; 114static int http_opt_headers_count = 0;
117int http_opt_headers_count = 0; 115static int onredirect = STATE_OK;
118int onredirect = STATE_OK; 116static int followsticky = STICKY_NONE;
119int followsticky = STICKY_NONE; 117static bool use_ssl = false;
120bool use_ssl = false; 118static bool use_sni = false;
121bool use_sni = false; 119static bool verbose = false;
122bool verbose = false; 120static bool show_extended_perfdata = false;
123bool show_extended_perfdata = false; 121static bool show_body = false;
124bool show_body = false; 122static int sd;
125int sd; 123static int min_page_len = 0;
126int min_page_len = 0; 124static int max_page_len = 0;
127int max_page_len = 0; 125static int redir_depth = 0;
128int redir_depth = 0; 126static int max_depth = DEFAULT_MAX_REDIRS;
129int max_depth = DEFAULT_MAX_REDIRS; 127static char *http_method;
130char *http_method; 128static char *http_method_proxy;
131char *http_method_proxy; 129static char *http_post_data;
132char *http_post_data; 130static char *http_content_type;
133char *http_content_type; 131static char buffer[MAX_INPUT_BUFFER];
134char buffer[MAX_INPUT_BUFFER]; 132static char *client_cert = NULL;
135char *client_cert = NULL; 133static char *client_privkey = NULL;
136char *client_privkey = NULL;
137 134
138// Forward function declarations 135// Forward function declarations
139bool process_arguments (int, char **); 136static bool process_arguments(int /*argc*/, char ** /*argv*/);
140int check_http (void); 137static int check_http(void);
141void redir (char *pos, char *status_line); 138static void redir(char *pos, char *status_line);
142bool server_type_check(const char *type); 139static bool server_type_check(const char *type);
143int server_port_check(int ssl_flag); 140static int server_port_check(int ssl_flag);
144char *perfd_time (double microsec); 141static char *perfd_time(double elapsed_time);
145char *perfd_time_connect (double microsec); 142static char *perfd_time_connect(double elapsed_time_connect);
146char *perfd_time_ssl (double microsec); 143static char *perfd_time_ssl(double elapsed_time_ssl);
147char *perfd_time_firstbyte (double microsec); 144static char *perfd_time_firstbyte(double elapsed_time_firstbyte);
148char *perfd_time_headers (double microsec); 145static char *perfd_time_headers(double elapsed_time_headers);
149char *perfd_time_transfer (double microsec); 146static char *perfd_time_transfer(double elapsed_time_transfer);
150char *perfd_size (int page_len); 147static char *perfd_size(int page_len);
151void print_help (void); 148void print_help(void);
152void print_usage (void); 149void print_usage(void);
153char *unchunk_content(const char *content); 150static char *unchunk_content(const char *content);
154 151
155int 152int main(int argc, char **argv) {
156main (int argc, char **argv) 153 int result = STATE_UNKNOWN;
157{ 154
158 int result = STATE_UNKNOWN; 155 setlocale(LC_ALL, "");
159 156 bindtextdomain(PACKAGE, LOCALEDIR);
160 setlocale (LC_ALL, ""); 157 textdomain(PACKAGE);
161 bindtextdomain (PACKAGE, LOCALEDIR); 158
162 textdomain (PACKAGE); 159 /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */
163 160 server_url = strdup(HTTP_URL);
164 /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */ 161 server_url_length = strlen(server_url);
165 server_url = strdup(HTTP_URL); 162 xasprintf(&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", NP_VERSION,
166 server_url_length = strlen(server_url); 163 VERSION);
167 xasprintf (&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", 164
168 NP_VERSION, VERSION); 165 /* Parse extra opts if any */
169 166 argv = np_extra_opts(&argc, argv, progname);
170 /* Parse extra opts if any */ 167
171 argv=np_extra_opts (&argc, argv, progname); 168 if (!process_arguments(argc, argv)) {
172 169 usage4(_("Could not parse arguments"));
173 if (process_arguments (argc, argv) == false) 170 }
174 usage4 (_("Could not parse arguments")); 171
175 172 if (display_html) {
176 if (display_html == true) 173 printf("<A HREF=\"%s://%s:%d%s\" target=\"_blank\">", use_ssl ? "https" : "http",
177 printf ("<A HREF=\"%s://%s:%d%s\" target=\"_blank\">", 174 host_name ? host_name : server_address, server_port, server_url);
178 use_ssl ? "https" : "http", host_name ? host_name : server_address, 175 }
179 server_port, server_url); 176
180 177 /* initialize alarm signal handling, set socket timeout, start timer */
181 /* initialize alarm signal handling, set socket timeout, start timer */ 178 (void)signal(SIGALRM, socket_timeout_alarm_handler);
182 (void) signal (SIGALRM, socket_timeout_alarm_handler); 179 (void)alarm(socket_timeout);
183 (void) alarm (socket_timeout); 180 gettimeofday(&tv, NULL);
184 gettimeofday (&tv, NULL); 181
185 182 result = check_http();
186 result = check_http (); 183 return result;
187 return result;
188} 184}
189 185
190/* check whether a file exists */ 186/* check whether a file exists */
191void 187void test_file(char *path) {
192test_file (char *path) 188 if (access(path, R_OK) == 0) {
193{ 189 return;
194 if (access(path, R_OK) == 0) 190 }
195 return; 191 usage2(_("file does not exist or is not readable"), path);
196 usage2 (_("file does not exist or is not readable"), path);
197} 192}
198 193
199/* 194/*
200 * process command-line arguments 195 * process command-line arguments
201 * returns true on success, false otherwise 196 * returns true on success, false otherwise
202 */ 197 */
203bool process_arguments (int argc, char **argv) 198bool process_arguments(int argc, char **argv) {
204{ 199 int c = 1;
205 int c = 1; 200 char *p;
206 char *p; 201 char *temp;
207 char *temp; 202
208 203 enum {
209 enum { 204 INVERT_REGEX = CHAR_MAX + 1,
210 INVERT_REGEX = CHAR_MAX + 1, 205 SNI_OPTION,
211 SNI_OPTION, 206 MAX_REDIRS_OPTION,
212 MAX_REDIRS_OPTION, 207 CONTINUE_AFTER_CHECK_CERT,
213 CONTINUE_AFTER_CHECK_CERT 208 STATE_REGEX
214 }; 209 };
215 210
216 int option = 0; 211 int option = 0;
217 static struct option longopts[] = { 212 static struct option longopts[] = {
218 STD_LONG_OPTS, 213 STD_LONG_OPTS,
219 {"link", no_argument, 0, 'L'}, 214 {"link", no_argument, 0, 'L'},
220 {"nohtml", no_argument, 0, 'n'}, 215 {"nohtml", no_argument, 0, 'n'},
221 {"ssl", optional_argument, 0, 'S'}, 216 {"ssl", optional_argument, 0, 'S'},
222 {"sni", no_argument, 0, SNI_OPTION}, 217 {"sni", no_argument, 0, SNI_OPTION},
223 {"post", required_argument, 0, 'P'}, 218 {"post", required_argument, 0, 'P'},
224 {"method", required_argument, 0, 'j'}, 219 {"method", required_argument, 0, 'j'},
225 {"IP-address", required_argument, 0, 'I'}, 220 {"IP-address", required_argument, 0, 'I'},
226 {"url", required_argument, 0, 'u'}, 221 {"url", required_argument, 0, 'u'},
227 {"port", required_argument, 0, 'p'}, 222 {"port", required_argument, 0, 'p'},
228 {"authorization", required_argument, 0, 'a'}, 223 {"authorization", required_argument, 0, 'a'},
229 {"proxy-authorization", required_argument, 0, 'b'}, 224 {"proxy-authorization", required_argument, 0, 'b'},
230 {"header-string", required_argument, 0, 'd'}, 225 {"header-string", required_argument, 0, 'd'},
231 {"string", required_argument, 0, 's'}, 226 {"string", required_argument, 0, 's'},
232 {"expect", required_argument, 0, 'e'}, 227 {"expect", required_argument, 0, 'e'},
233 {"regex", required_argument, 0, 'r'}, 228 {"regex", required_argument, 0, 'r'},
234 {"ereg", required_argument, 0, 'r'}, 229 {"ereg", required_argument, 0, 'r'},
235 {"eregi", required_argument, 0, 'R'}, 230 {"eregi", required_argument, 0, 'R'},
236 {"linespan", no_argument, 0, 'l'}, 231 {"linespan", no_argument, 0, 'l'},
237 {"onredirect", required_argument, 0, 'f'}, 232 {"onredirect", required_argument, 0, 'f'},
238 {"certificate", required_argument, 0, 'C'}, 233 {"certificate", required_argument, 0, 'C'},
239 {"client-cert", required_argument, 0, 'J'}, 234 {"client-cert", required_argument, 0, 'J'},
240 {"private-key", required_argument, 0, 'K'}, 235 {"private-key", required_argument, 0, 'K'},
241 {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, 236 {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT},
242 {"useragent", required_argument, 0, 'A'}, 237 {"useragent", required_argument, 0, 'A'},
243 {"header", required_argument, 0, 'k'}, 238 {"header", required_argument, 0, 'k'},
244 {"no-body", no_argument, 0, 'N'}, 239 {"no-body", no_argument, 0, 'N'},
245 {"max-age", required_argument, 0, 'M'}, 240 {"max-age", required_argument, 0, 'M'},
246 {"content-type", required_argument, 0, 'T'}, 241 {"content-type", required_argument, 0, 'T'},
247 {"pagesize", required_argument, 0, 'm'}, 242 {"pagesize", required_argument, 0, 'm'},
248 {"invert-regex", no_argument, NULL, INVERT_REGEX}, 243 {"invert-regex", no_argument, NULL, INVERT_REGEX},
249 {"use-ipv4", no_argument, 0, '4'}, 244 {"state-regex", required_argument, 0, STATE_REGEX},
250 {"use-ipv6", no_argument, 0, '6'}, 245 {"use-ipv4", no_argument, 0, '4'},
251 {"extended-perfdata", no_argument, 0, 'E'}, 246 {"use-ipv6", no_argument, 0, '6'},
252 {"show-body", no_argument, 0, 'B'}, 247 {"extended-perfdata", no_argument, 0, 'E'},
253 {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, 248 {"show-body", no_argument, 0, 'B'},
254 {0, 0, 0, 0} 249 {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION},
255 }; 250 {0, 0, 0, 0}};
256 251
257 if (argc < 2) 252 if (argc < 2) {
258 return false; 253 return false;
259 254 }
260 for (c = 1; c < argc; c++) { 255
261 if (strcmp ("-to", argv[c]) == 0) 256 for (c = 1; c < argc; c++) {
262 strcpy (argv[c], "-t"); 257 if (strcmp("-to", argv[c]) == 0) {
263 if (strcmp ("-hn", argv[c]) == 0) 258 strcpy(argv[c], "-t");
264 strcpy (argv[c], "-H"); 259 }
265 if (strcmp ("-wt", argv[c]) == 0) 260 if (strcmp("-hn", argv[c]) == 0) {
266 strcpy (argv[c], "-w"); 261 strcpy(argv[c], "-H");
267 if (strcmp ("-ct", argv[c]) == 0) 262 }
268 strcpy (argv[c], "-c"); 263 if (strcmp("-wt", argv[c]) == 0) {
269 if (strcmp ("-nohtml", argv[c]) == 0) 264 strcpy(argv[c], "-w");
270 strcpy (argv[c], "-n"); 265 }
271 } 266 if (strcmp("-ct", argv[c]) == 0) {
272 267 strcpy(argv[c], "-c");
273 while (1) { 268 }
274 c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option); 269 if (strcmp("-nohtml", argv[c]) == 0) {
275 if (c == -1 || c == EOF) 270 strcpy(argv[c], "-n");
276 break; 271 }
277 272 }
278 switch (c) { 273
279 case '?': /* usage */ 274 while (1) {
280 usage5 (); 275 c = getopt_long(argc, argv,
281 break; 276 "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB",
282 case 'h': /* help */ 277 longopts, &option);
283 print_help (); 278 if (c == -1 || c == EOF) {
284 exit (STATE_UNKNOWN); 279 break;
285 break; 280 }
286 case 'V': /* version */ 281
287 print_revision (progname, NP_VERSION); 282 switch (c) {
288 exit (STATE_UNKNOWN); 283 case '?': /* usage */
289 break; 284 usage5();
290 case 't': /* timeout period */ 285 break;
291 if (!is_intnonneg (optarg)) 286 case 'h': /* help */
292 usage2 (_("Timeout interval must be a positive integer"), optarg); 287 print_help();
293 else 288 exit(STATE_UNKNOWN);
294 socket_timeout = atoi (optarg); 289 break;
295 break; 290 case 'V': /* version */
296 case 'c': /* critical time threshold */ 291 print_revision(progname, NP_VERSION);
297 critical_thresholds = optarg; 292 exit(STATE_UNKNOWN);
298 break; 293 break;
299 case 'w': /* warning time threshold */ 294 case 't': /* timeout period */
300 warning_thresholds = optarg; 295 if (!is_intnonneg(optarg)) {
301 break; 296 usage2(_("Timeout interval must be a positive integer"), optarg);
302 case 'A': /* User Agent String */ 297 } else {
303 xasprintf (&user_agent, "User-Agent: %s", optarg); 298 socket_timeout = atoi(optarg);
304 break; 299 }
305 case 'k': /* Additional headers */ 300 break;
306 if (http_opt_headers_count == 0) 301 case 'c': /* critical time threshold */
307 http_opt_headers = malloc (sizeof (char *) * (++http_opt_headers_count)); 302 critical_thresholds = optarg;
308 else 303 break;
309 http_opt_headers = realloc (http_opt_headers, sizeof (char *) * (++http_opt_headers_count)); 304 case 'w': /* warning time threshold */
310 http_opt_headers[http_opt_headers_count - 1] = optarg; 305 warning_thresholds = optarg;
311 /* xasprintf (&http_opt_headers, "%s", optarg); */ 306 break;
312 break; 307 case 'A': /* User Agent String */
313 case 'L': /* show html link */ 308 xasprintf(&user_agent, "User-Agent: %s", optarg);
314 display_html = true; 309 break;
315 break; 310 case 'k': /* Additional headers */
316 case 'n': /* do not show html link */ 311 if (http_opt_headers_count == 0) {
317 display_html = false; 312 http_opt_headers = malloc(sizeof(char *) * (++http_opt_headers_count));
318 break; 313 } else {
319 case 'C': /* Check SSL cert validity */ 314 http_opt_headers =
315 realloc(http_opt_headers, sizeof(char *) * (++http_opt_headers_count));
316 }
317 http_opt_headers[http_opt_headers_count - 1] = optarg;
318 /* xasprintf (&http_opt_headers, "%s", optarg); */
319 break;
320 case 'L': /* show html link */
321 display_html = true;
322 break;
323 case 'n': /* do not show html link */
324 display_html = false;
325 break;
326 case 'C': /* Check SSL cert validity */
320#ifdef HAVE_SSL 327#ifdef HAVE_SSL
321 if ((temp=strchr(optarg,','))!=NULL) { 328 if ((temp = strchr(optarg, ',')) != NULL) {
322 *temp='\0'; 329 *temp = '\0';
323 if (!is_intnonneg (optarg)) 330 if (!is_intnonneg(optarg)) {
324 usage2 (_("Invalid certificate expiration period"), optarg); 331 usage2(_("Invalid certificate expiration period"), optarg);
325 days_till_exp_warn = atoi(optarg); 332 }
326 *temp=','; 333 days_till_exp_warn = atoi(optarg);
327 temp++; 334 *temp = ',';
328 if (!is_intnonneg (temp)) 335 temp++;
329 usage2 (_("Invalid certificate expiration period"), temp); 336 if (!is_intnonneg(temp)) {
330 days_till_exp_crit = atoi (temp); 337 usage2(_("Invalid certificate expiration period"), temp);
331 } 338 }
332 else { 339 days_till_exp_crit = atoi(temp);
333 days_till_exp_crit=0; 340 } else {
334 if (!is_intnonneg (optarg)) 341 days_till_exp_crit = 0;
335 usage2 (_("Invalid certificate expiration period"), optarg); 342 if (!is_intnonneg(optarg)) {
336 days_till_exp_warn = atoi (optarg); 343 usage2(_("Invalid certificate expiration period"), optarg);
337 } 344 }
338 check_cert = true; 345 days_till_exp_warn = atoi(optarg);
339 goto enable_ssl; 346 }
347 check_cert = true;
348 goto enable_ssl;
340#endif 349#endif
341 case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ 350 case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */
342#ifdef HAVE_SSL 351#ifdef HAVE_SSL
343 continue_after_check_cert = true; 352 continue_after_check_cert = true;
344 break; 353 break;
345#endif 354#endif
346 case 'J': /* use client certificate */ 355 case 'J': /* use client certificate */
347#ifdef HAVE_SSL 356#ifdef HAVE_SSL
348 test_file(optarg); 357 test_file(optarg);
349 client_cert = optarg; 358 client_cert = optarg;
350 goto enable_ssl; 359 goto enable_ssl;
351#endif 360#endif
352 case 'K': /* use client private key */ 361 case 'K': /* use client private key */
353#ifdef HAVE_SSL 362#ifdef HAVE_SSL
354 test_file(optarg); 363 test_file(optarg);
355 client_privkey = optarg; 364 client_privkey = optarg;
356 goto enable_ssl; 365 goto enable_ssl;
357#endif 366#endif
358 case 'S': /* use SSL */ 367 case 'S': /* use SSL */
359#ifdef HAVE_SSL 368#ifdef HAVE_SSL
360 enable_ssl: 369 enable_ssl:
361 /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple 370 /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps
362 parameters, like -S and -C combinations */ 371 when we include multiple parameters, like -S and -C combinations */
363 use_ssl = true; 372 use_ssl = true;
364 if (c=='S' && optarg != NULL) { 373 if (c == 'S' && optarg != NULL) {
365 int got_plus = strchr(optarg, '+') != NULL; 374 int got_plus = strchr(optarg, '+') != NULL;
366 375
367 if (!strncmp (optarg, "1.2", 3)) 376 if (!strncmp(optarg, "1.2", 3)) {
368 ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2; 377 ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2;
369 else if (!strncmp (optarg, "1.1", 3)) 378 } else if (!strncmp(optarg, "1.1", 3)) {
370 ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1; 379 ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1;
371 else if (optarg[0] == '1') 380 } else if (optarg[0] == '1') {
372 ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1; 381 ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1;
373 else if (optarg[0] == '3') 382 } else if (optarg[0] == '3') {
374 ssl_version = got_plus ? MP_SSLv3_OR_NEWER : MP_SSLv3; 383 ssl_version = got_plus ? MP_SSLv3_OR_NEWER : MP_SSLv3;
375 else if (optarg[0] == '2') 384 } else if (optarg[0] == '2') {
376 ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2; 385 ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2;
377 else 386 } else {
378 usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); 387 usage4(_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with "
379 } 388 "optional '+' suffix)"));
380 if (specify_port == false) 389 }
381 server_port = HTTPS_PORT; 390 }
391 if (!specify_port) {
392 server_port = HTTPS_PORT;
393 }
382#else 394#else
383 /* -C -J and -K fall through to here without SSL */ 395 /* -C -J and -K fall through to here without SSL */
384 usage4 (_("Invalid option - SSL is not available")); 396 usage4(_("Invalid option - SSL is not available"));
385#endif 397#endif
386 break; 398 break;
387 case SNI_OPTION: 399 case SNI_OPTION:
388 use_sni = true; 400 use_sni = true;
389 break; 401 break;
390 case MAX_REDIRS_OPTION: 402 case MAX_REDIRS_OPTION:
391 if (!is_intnonneg (optarg)) 403 if (!is_intnonneg(optarg)) {
392 usage2 (_("Invalid max_redirs count"), optarg); 404 usage2(_("Invalid max_redirs count"), optarg);
393 else { 405 } else {
394 max_depth = atoi (optarg); 406 max_depth = atoi(optarg);
395 } 407 }
396 break; 408 break;
397 case 'f': /* onredirect */ 409 case 'f': /* onredirect */
398 if (!strcmp (optarg, "stickyport")) 410 if (!strcmp(optarg, "stickyport")) {
399 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; 411 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST | STICKY_PORT;
400 else if (!strcmp (optarg, "sticky")) 412 } else if (!strcmp(optarg, "sticky")) {
401 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST; 413 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST;
402 else if (!strcmp (optarg, "follow")) 414 } else if (!strcmp(optarg, "follow")) {
403 onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE; 415 onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE;
404 else if (!strcmp (optarg, "unknown")) 416 } else if (!strcmp(optarg, "unknown")) {
405 onredirect = STATE_UNKNOWN; 417 onredirect = STATE_UNKNOWN;
406 else if (!strcmp (optarg, "ok")) 418 } else if (!strcmp(optarg, "ok")) {
407 onredirect = STATE_OK; 419 onredirect = STATE_OK;
408 else if (!strcmp (optarg, "warning")) 420 } else if (!strcmp(optarg, "warning")) {
409 onredirect = STATE_WARNING; 421 onredirect = STATE_WARNING;
410 else if (!strcmp (optarg, "critical")) 422 } else if (!strcmp(optarg, "critical")) {
411 onredirect = STATE_CRITICAL; 423 onredirect = STATE_CRITICAL;
412 else usage2 (_("Invalid onredirect option"), optarg); 424 } else {
413 if (verbose) 425 usage2(_("Invalid onredirect option"), optarg);
414 printf(_("option f:%d \n"), onredirect); 426 }
415 break; 427 if (verbose) {
416 /* Note: H, I, and u must be malloc'd or will fail on redirects */ 428 printf(_("option f:%d \n"), onredirect);
417 case 'H': /* Host Name (virtual host) */ 429 }
418 host_name = strdup (optarg); 430 break;
419 if (host_name[0] == '[') { 431 /* Note: H, I, and u must be malloc'd or will fail on redirects */
420 if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */ 432 case 'H': /* Host Name (virtual host) */
421 virtual_port = atoi (p + 2); 433 host_name = strdup(optarg);
422 /* cut off the port */ 434 if (host_name[0] == '[') {
423 host_name_length = strlen (host_name) - strlen (p) - 1; 435 if ((p = strstr(host_name, "]:")) != NULL) { /* [IPv6]:port */
424 free (host_name); 436 virtual_port = atoi(p + 2);
425 host_name = strndup (optarg, host_name_length); 437 /* cut off the port */
426 if (specify_port == false) 438 host_name_length = strlen(host_name) - strlen(p) - 1;
427 server_port = virtual_port; 439 free(host_name);
428 } 440 host_name = strndup(optarg, host_name_length);
429 } else if ((p = strchr (host_name, ':')) != NULL 441 if (!specify_port) {
430 && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */ 442 server_port = virtual_port;
431 virtual_port = atoi (p); 443 }
432 /* cut off the port */ 444 }
433 host_name_length = strlen (host_name) - strlen (p) - 1; 445 } else if ((p = strchr(host_name, ':')) != NULL &&
434 free (host_name); 446 strchr(++p, ':') == NULL) { /* IPv4:port or host:port */
435 host_name = strndup (optarg, host_name_length); 447 virtual_port = atoi(p);
436 if (specify_port == false) 448 /* cut off the port */
437 server_port = virtual_port; 449 host_name_length = strlen(host_name) - strlen(p) - 1;
438 } 450 free(host_name);
439 break; 451 host_name = strndup(optarg, host_name_length);
440 case 'I': /* Server IP-address */ 452 if (!specify_port) {
441 server_address = strdup (optarg); 453 server_port = virtual_port;
442 break; 454 }
443 case 'u': /* URL path */ 455 }
444 server_url = strdup (optarg); 456 break;
445 server_url_length = strlen (server_url); 457 case 'I': /* Server IP-address */
446 break; 458 server_address = strdup(optarg);
447 case 'p': /* Server port */ 459 break;
448 if (!is_intnonneg (optarg)) 460 case 'u': /* URL path */
449 usage2 (_("Invalid port number"), optarg); 461 server_url = strdup(optarg);
450 else { 462 server_url_length = strlen(server_url);
451 server_port = atoi (optarg); 463 break;
452 specify_port = true; 464 case 'p': /* Server port */
453 } 465 if (!is_intnonneg(optarg)) {
454 break; 466 usage2(_("Invalid port number"), optarg);
455 case 'a': /* authorization info */ 467 } else {
456 strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1); 468 server_port = atoi(optarg);
457 user_auth[MAX_INPUT_BUFFER - 1] = 0; 469 specify_port = true;
458 break; 470 }
459 case 'b': /* proxy-authorization info */ 471 break;
460 strncpy (proxy_auth, optarg, MAX_INPUT_BUFFER - 1); 472 case 'a': /* authorization info */
461 proxy_auth[MAX_INPUT_BUFFER - 1] = 0; 473 strncpy(user_auth, optarg, MAX_INPUT_BUFFER - 1);
462 break; 474 user_auth[MAX_INPUT_BUFFER - 1] = 0;
463 case 'P': /* HTTP POST data in URL encoded format; ignored if settings already */ 475 break;
464 if (! http_post_data) 476 case 'b': /* proxy-authorization info */
465 http_post_data = strdup (optarg); 477 strncpy(proxy_auth, optarg, MAX_INPUT_BUFFER - 1);
466 if (! http_method) 478 proxy_auth[MAX_INPUT_BUFFER - 1] = 0;
467 http_method = strdup("POST"); 479 break;
468 break; 480 case 'P': /* HTTP POST data in URL encoded format; ignored if settings already */
469 case 'j': /* Set HTTP method */ 481 if (!http_post_data) {
470 if (http_method) 482 http_post_data = strdup(optarg);
471 free(http_method); 483 }
472 http_method = strdup (optarg); 484 if (!http_method) {
473 char *tmp; 485 http_method = strdup("POST");
474 if ((tmp = strstr(http_method, ":")) != NULL) { 486 }
475 tmp[0] = '\0'; // set the ":" in the middle to 0 487 break;
476 http_method_proxy = ++tmp; // this points to the second part 488 case 'j': /* Set HTTP method */
477 } 489 if (http_method) {
478 break; 490 free(http_method);
479 case 'd': /* string or substring */ 491 }
480 strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); 492 http_method = strdup(optarg);
481 header_expect[MAX_INPUT_BUFFER - 1] = 0; 493 char *tmp;
482 break; 494 if ((tmp = strstr(http_method, ":")) != NULL) {
483 case 's': /* string or substring */ 495 tmp[0] = '\0'; // set the ":" in the middle to 0
484 strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); 496 http_method_proxy = ++tmp; // this points to the second part
485 string_expect[MAX_INPUT_BUFFER - 1] = 0; 497 }
486 break; 498 break;
487 case 'e': /* string or substring */ 499 case 'd': /* string or substring */
488 strncpy (server_expect, optarg, MAX_INPUT_BUFFER - 1); 500 strncpy(header_expect, optarg, MAX_INPUT_BUFFER - 1);
489 server_expect[MAX_INPUT_BUFFER - 1] = 0; 501 header_expect[MAX_INPUT_BUFFER - 1] = 0;
490 server_expect_yn = 1; 502 break;
491 break; 503 case 's': /* string or substring */
492 case 'T': /* Content-type */ 504 strncpy(string_expect, optarg, MAX_INPUT_BUFFER - 1);
493 xasprintf (&http_content_type, "%s", optarg); 505 string_expect[MAX_INPUT_BUFFER - 1] = 0;
494 break; 506 break;
495 case 'l': /* linespan */ 507 case 'e': /* string or substring */
496 cflags &= ~REG_NEWLINE; 508 strncpy(server_expect, optarg, MAX_INPUT_BUFFER - 1);
497 break; 509 server_expect[MAX_INPUT_BUFFER - 1] = 0;
498 case 'R': /* regex */ 510 server_expect_yn = 1;
499 cflags |= REG_ICASE; 511 break;
512 case 'T': /* Content-type */
513 xasprintf(&http_content_type, "%s", optarg);
514 break;
515 case 'l': /* linespan */
516 cflags &= ~REG_NEWLINE;
517 break;
518 case 'R': /* regex */
519 cflags |= REG_ICASE;
500 // fall through 520 // fall through
501 case 'r': /* regex */ 521 case 'r': /* regex */
502 strncpy (regexp, optarg, MAX_RE_SIZE - 1); 522 strncpy(regexp, optarg, MAX_RE_SIZE - 1);
503 regexp[MAX_RE_SIZE - 1] = 0; 523 regexp[MAX_RE_SIZE - 1] = 0;
504 errcode = regcomp (&preg, regexp, cflags); 524 errcode = regcomp(&preg, regexp, cflags);
505 if (errcode != 0) { 525 if (errcode != 0) {
506 (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); 526 (void)regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
507 printf (_("Could Not Compile Regular Expression: %s"), errbuf); 527 printf(_("Could Not Compile Regular Expression: %s"), errbuf);
508 return false; 528 return false;
509 } 529 }
510 break; 530 break;
511 case INVERT_REGEX: 531 case INVERT_REGEX:
512 invert_regex = 1; 532 invert_regex = 1;
513 break; 533 break;
514 case '4': 534 case STATE_REGEX:
515 address_family = AF_INET; 535 if (!strcmp(optarg, "critical")) {
516 break; 536 state_regex = STATE_CRITICAL;
517 case '6': 537 } else if (!strcmp(optarg, "warning")) {
538 state_regex = STATE_WARNING;
539 } else {
540 usage2(_("Invalid state-regex option"), optarg);
541 }
542 break;
543 case '4':
544 address_family = AF_INET;
545 break;
546 case '6':
518#ifdef USE_IPV6 547#ifdef USE_IPV6
519 address_family = AF_INET6; 548 address_family = AF_INET6;
520#else 549#else
521 usage4 (_("IPv6 support not available")); 550 usage4(_("IPv6 support not available"));
522#endif 551#endif
523 break; 552 break;
524 case 'v': /* verbose */ 553 case 'v': /* verbose */
525 verbose = true; 554 verbose = true;
526 break; 555 break;
527 case 'm': /* min_page_length */ 556 case 'm': /* min_page_length */
528 { 557 {
529 char *tmp; 558 char *tmp;
530 if (strchr(optarg, ':') != (char *)NULL) { 559 if (strchr(optarg, ':') != (char *)NULL) {
531 /* range, so get two values, min:max */ 560 /* range, so get two values, min:max */
532 tmp = strtok(optarg, ":"); 561 tmp = strtok(optarg, ":");
533 if (tmp == NULL) { 562 if (tmp == NULL) {
534 printf("Bad format: try \"-m min:max\"\n"); 563 printf("Bad format: try \"-m min:max\"\n");
535 exit (STATE_WARNING); 564 exit(STATE_WARNING);
536 } else 565 } else {
537 min_page_len = atoi(tmp); 566 min_page_len = atoi(tmp);
538 567 }
539 tmp = strtok(NULL, ":"); 568
540 if (tmp == NULL) { 569 tmp = strtok(NULL, ":");
541 printf("Bad format: try \"-m min:max\"\n"); 570 if (tmp == NULL) {
542 exit (STATE_WARNING); 571 printf("Bad format: try \"-m min:max\"\n");
543 } else 572 exit(STATE_WARNING);
544 max_page_len = atoi(tmp); 573 } else {
545 } else 574 max_page_len = atoi(tmp);
546 min_page_len = atoi (optarg); 575 }
547 break; 576 } else {
548 } 577 min_page_len = atoi(optarg);
549 case 'N': /* no-body */ 578 }
550 no_body = true; 579 break;
551 break; 580 }
552 case 'M': /* max-age */ 581 case 'N': /* no-body */
553 { 582 no_body = true;
554 int L = strlen(optarg); 583 break;
555 if (L && optarg[L-1] == 'm') 584 case 'M': /* max-age */
556 maximum_age = atoi (optarg) * 60; 585 {
557 else if (L && optarg[L-1] == 'h') 586 int L = strlen(optarg);
558 maximum_age = atoi (optarg) * 60 * 60; 587 if (L && optarg[L - 1] == 'm') {
559 else if (L && optarg[L-1] == 'd') 588 maximum_age = atoi(optarg) * 60;
560 maximum_age = atoi (optarg) * 60 * 60 * 24; 589 } else if (L && optarg[L - 1] == 'h') {
561 else if (L && (optarg[L-1] == 's' || 590 maximum_age = atoi(optarg) * 60 * 60;
562 isdigit (optarg[L-1]))) 591 } else if (L && optarg[L - 1] == 'd') {
563 maximum_age = atoi (optarg); 592 maximum_age = atoi(optarg) * 60 * 60 * 24;
564 else { 593 } else if (L && (optarg[L - 1] == 's' || isdigit(optarg[L - 1]))) {
565 fprintf (stderr, "unparsable max-age: %s\n", optarg); 594 maximum_age = atoi(optarg);
566 exit (STATE_WARNING); 595 } else {
567 } 596 fprintf(stderr, "unparsable max-age: %s\n", optarg);
568 } 597 exit(STATE_WARNING);
569 break; 598 }
570 case 'E': /* show extended perfdata */ 599 } break;
571 show_extended_perfdata = true; 600 case 'E': /* show extended perfdata */
572 break; 601 show_extended_perfdata = true;
573 case 'B': /* print body content after status line */ 602 break;
574 show_body = true; 603 case 'B': /* print body content after status line */
575 break; 604 show_body = true;
576 } 605 break;
577 } 606 }
578 607 }
579 c = optind; 608
580 609 c = optind;
581 if (server_address == NULL && c < argc)
582 server_address = strdup (argv[c++]);
583
584 if (host_name == NULL && c < argc)
585 host_name = strdup (argv[c++]);
586
587 if (server_address == NULL) {
588 if (host_name == NULL)
589 usage4 (_("You must specify a server address or host name"));
590 else
591 server_address = strdup (host_name);
592 }
593
594 set_thresholds(&thlds, warning_thresholds, critical_thresholds);
595
596 if (critical_thresholds && thlds->critical->end>(double)socket_timeout)
597 socket_timeout = (int)thlds->critical->end + 1;
598
599 if (http_method == NULL)
600 http_method = strdup ("GET");
601
602 if (http_method_proxy == NULL)
603 http_method_proxy = strdup ("GET");
604
605 if (client_cert && !client_privkey)
606 usage4 (_("If you use a client certificate you must also specify a private key file"));
607
608 if (virtual_port == 0)
609 virtual_port = server_port;
610
611 return true;
612}
613 610
611 if (server_address == NULL && c < argc) {
612 server_address = strdup(argv[c++]);
613 }
614 614
615 if (host_name == NULL && c < argc) {
616 host_name = strdup(argv[c++]);
617 }
618
619 if (server_address == NULL) {
620 if (host_name == NULL) {
621 usage4(_("You must specify a server address or host name"));
622 } else {
623 server_address = strdup(host_name);
624 }
625 }
626
627 set_thresholds(&thlds, warning_thresholds, critical_thresholds);
628
629 if (critical_thresholds && thlds->critical->end > (double)socket_timeout) {
630 socket_timeout = (int)thlds->critical->end + 1;
631 }
632
633 if (http_method == NULL) {
634 http_method = strdup("GET");
635 }
636
637 if (http_method_proxy == NULL) {
638 http_method_proxy = strdup("GET");
639 }
640
641 if (client_cert && !client_privkey) {
642 usage4(_("If you use a client certificate you must also specify a private key file"));
643 }
644
645 if (virtual_port == 0) {
646 virtual_port = server_port;
647 }
648
649 return true;
650}
615 651
616/* Returns 1 if we're done processing the document body; 0 to keep going */ 652/* Returns 1 if we're done processing the document body; 0 to keep going */
617static int 653static int document_headers_done(char *full_page) {
618document_headers_done (char *full_page) 654 const char *body;
619{
620 const char *body;
621 655
622 for (body = full_page; *body; body++) { 656 for (body = full_page; *body; body++) {
623 if (!strncmp (body, "\n\n", 2) || !strncmp (body, "\n\r\n", 3)) 657 if (!strncmp(body, "\n\n", 2) || !strncmp(body, "\n\r\n", 3)) {
624 break; 658 break;
625 } 659 }
660 }
626 661
627 if (!*body) 662 if (!*body) {
628 return 0; /* haven't read end of headers yet */ 663 return 0; /* haven't read end of headers yet */
664 }
629 665
630 full_page[body - full_page] = 0; 666 full_page[body - full_page] = 0;
631 return 1; 667 return 1;
632} 668}
633 669
634static time_t 670static time_t parse_time_string(const char *string) {
635parse_time_string (const char *string) 671 struct tm tm;
636{ 672 time_t t;
637 struct tm tm; 673 memset(&tm, 0, sizeof(tm));
638 time_t t; 674
639 memset (&tm, 0, sizeof(tm)); 675 /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */
640 676
641 /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */ 677 if (isupper(string[0]) && /* Tue */
642 678 islower(string[1]) && islower(string[2]) && ',' == string[3] && ' ' == string[4] &&
643 if (isupper (string[0]) && /* Tue */ 679 (isdigit(string[5]) || string[5] == ' ') && /* 25 */
644 islower (string[1]) && 680 isdigit(string[6]) && ' ' == string[7] && isupper(string[8]) && /* Dec */
645 islower (string[2]) && 681 islower(string[9]) && islower(string[10]) && ' ' == string[11] &&
646 ',' == string[3] && 682 isdigit(string[12]) && /* 2001 */
647 ' ' == string[4] && 683 isdigit(string[13]) && isdigit(string[14]) && isdigit(string[15]) && ' ' == string[16] &&
648 (isdigit(string[5]) || string[5] == ' ') && /* 25 */ 684 isdigit(string[17]) && /* 02: */
649 isdigit (string[6]) && 685 isdigit(string[18]) && ':' == string[19] && isdigit(string[20]) && /* 59: */
650 ' ' == string[7] && 686 isdigit(string[21]) && ':' == string[22] && isdigit(string[23]) && /* 03 */
651 isupper (string[8]) && /* Dec */ 687 isdigit(string[24]) && ' ' == string[25] && 'G' == string[26] && /* GMT */
652 islower (string[9]) && 688 'M' == string[27] && /* GMT */
653 islower (string[10]) && 689 'T' == string[28]) {
654 ' ' == string[11] && 690
655 isdigit (string[12]) && /* 2001 */ 691 tm.tm_sec = 10 * (string[23] - '0') + (string[24] - '0');
656 isdigit (string[13]) && 692 tm.tm_min = 10 * (string[20] - '0') + (string[21] - '0');
657 isdigit (string[14]) && 693 tm.tm_hour = 10 * (string[17] - '0') + (string[18] - '0');
658 isdigit (string[15]) && 694 tm.tm_mday = 10 * (string[5] == ' ' ? 0 : string[5] - '0') + (string[6] - '0');
659 ' ' == string[16] && 695 tm.tm_mon = (!strncmp(string + 8, "Jan", 3) ? 0
660 isdigit (string[17]) && /* 02: */ 696 : !strncmp(string + 8, "Feb", 3) ? 1
661 isdigit (string[18]) && 697 : !strncmp(string + 8, "Mar", 3) ? 2
662 ':' == string[19] && 698 : !strncmp(string + 8, "Apr", 3) ? 3
663 isdigit (string[20]) && /* 59: */ 699 : !strncmp(string + 8, "May", 3) ? 4
664 isdigit (string[21]) && 700 : !strncmp(string + 8, "Jun", 3) ? 5
665 ':' == string[22] && 701 : !strncmp(string + 8, "Jul", 3) ? 6
666 isdigit (string[23]) && /* 03 */ 702 : !strncmp(string + 8, "Aug", 3) ? 7
667 isdigit (string[24]) && 703 : !strncmp(string + 8, "Sep", 3) ? 8
668 ' ' == string[25] && 704 : !strncmp(string + 8, "Oct", 3) ? 9
669 'G' == string[26] && /* GMT */ 705 : !strncmp(string + 8, "Nov", 3) ? 10
670 'M' == string[27] && /* GMT */ 706 : !strncmp(string + 8, "Dec", 3) ? 11
671 'T' == string[28]) { 707 : -1);
672 708 tm.tm_year = ((1000 * (string[12] - '0') + 100 * (string[13] - '0') +
673 tm.tm_sec = 10 * (string[23]-'0') + (string[24]-'0'); 709 10 * (string[14] - '0') + (string[15] - '0')) -
674 tm.tm_min = 10 * (string[20]-'0') + (string[21]-'0'); 710 1900);
675 tm.tm_hour = 10 * (string[17]-'0') + (string[18]-'0'); 711
676 tm.tm_mday = 10 * (string[5] == ' ' ? 0 : string[5]-'0') + (string[6]-'0'); 712 tm.tm_isdst = 0; /* GMT is never in DST, right? */
677 tm.tm_mon = (!strncmp (string+8, "Jan", 3) ? 0 : 713
678 !strncmp (string+8, "Feb", 3) ? 1 : 714 if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31) {
679 !strncmp (string+8, "Mar", 3) ? 2 : 715 return 0;
680 !strncmp (string+8, "Apr", 3) ? 3 : 716 }
681 !strncmp (string+8, "May", 3) ? 4 : 717
682 !strncmp (string+8, "Jun", 3) ? 5 : 718 /*
683 !strncmp (string+8, "Jul", 3) ? 6 : 719 This is actually wrong: we need to subtract the local timezone
684 !strncmp (string+8, "Aug", 3) ? 7 : 720 offset from GMT from this value. But, that's ok in this usage,
685 !strncmp (string+8, "Sep", 3) ? 8 : 721 because we only comparing these two GMT dates against each other,
686 !strncmp (string+8, "Oct", 3) ? 9 : 722 so it doesn't matter what time zone we parse them in.
687 !strncmp (string+8, "Nov", 3) ? 10 : 723 */
688 !strncmp (string+8, "Dec", 3) ? 11 : 724
689 -1); 725 t = mktime(&tm);
690 tm.tm_year = ((1000 * (string[12]-'0') + 726 if (t == (time_t)-1) {
691 100 * (string[13]-'0') + 727 t = 0;
692 10 * (string[14]-'0') + 728 }
693 (string[15]-'0')) 729
694 - 1900); 730 if (verbose) {
695 731 const char *s = string;
696 tm.tm_isdst = 0; /* GMT is never in DST, right? */ 732 while (*s && *s != '\r' && *s != '\n') {
697 733 fputc(*s++, stdout);
698 if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31) 734 }
699 return 0; 735 printf(" ==> %lu\n", (unsigned long)t);
700 736 }
701 /* 737
702 This is actually wrong: we need to subtract the local timezone 738 return t;
703 offset from GMT from this value. But, that's ok in this usage, 739 }
704 because we only comparing these two GMT dates against each other, 740 return 0;
705 so it doesn't matter what time zone we parse them in.
706 */
707
708 t = mktime (&tm);
709 if (t == (time_t) -1) t = 0;
710
711 if (verbose) {
712 const char *s = string;
713 while (*s && *s != '\r' && *s != '\n')
714 fputc (*s++, stdout);
715 printf (" ==> %lu\n", (unsigned long) t);
716 }
717
718 return t;
719
720 } else {
721 return 0;
722 }
723} 741}
724 742
725/* Checks if the server 'reply' is one of the expected 'statuscodes' */ 743/* Checks if the server 'reply' is one of the expected 'statuscodes' */
726static int 744static int expected_statuscode(const char *reply, const char *statuscodes) {
727expected_statuscode (const char *reply, const char *statuscodes) 745 char *expected;
728{ 746 char *code;
729 char *expected, *code; 747 int result = 0;
730 int result = 0; 748
731 749 if ((expected = strdup(statuscodes)) == NULL) {
732 if ((expected = strdup (statuscodes)) == NULL) 750 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
733 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); 751 }
734 752
735 for (code = strtok (expected, ","); code != NULL; code = strtok (NULL, ",")) 753 for (code = strtok(expected, ","); code != NULL; code = strtok(NULL, ",")) {
736 if (strstr (reply, code) != NULL) { 754 if (strstr(reply, code) != NULL) {
737 result = 1; 755 result = 1;
738 break; 756 break;
739 } 757 }
740 758 }
741 free (expected); 759
742 return result; 760 free(expected);
761 return result;
743} 762}
744 763
745static int 764static int check_document_dates(const char *headers, char **msg) {
746check_document_dates (const char *headers, char **msg) 765 const char *s;
747{ 766 char *server_date = 0;
748 const char *s; 767 char *document_date = 0;
749 char *server_date = 0; 768 int date_result = STATE_OK;
750 char *document_date = 0; 769
751 int date_result = STATE_OK; 770 s = headers;
752 771 while (*s) {
753 s = headers; 772 const char *field = s;
754 while (*s) { 773 const char *value = 0;
755 const char *field = s; 774
756 const char *value = 0; 775 /* Find the end of the header field */
757 776 while (*s && !isspace(*s) && *s != ':') {
758 /* Find the end of the header field */ 777 s++;
759 while (*s && !isspace(*s) && *s != ':') 778 }
760 s++; 779
761 780 /* Remember the header value, if any. */
762 /* Remember the header value, if any. */ 781 if (*s == ':') {
763 if (*s == ':') 782 value = ++s;
764 value = ++s; 783 }
765 784
766 /* Skip to the end of the header, including continuation lines. */ 785 /* Skip to the end of the header, including continuation lines. */
767 while (*s && !(*s == '\n' && (s[1] != ' ' && s[1] != '\t'))) 786 while (*s && !(*s == '\n' && (s[1] != ' ' && s[1] != '\t'))) {
768 s++; 787 s++;
769 788 }
770 /* Avoid stepping over end-of-string marker */ 789
771 if (*s) 790 /* Avoid stepping over end-of-string marker */
772 s++; 791 if (*s) {
773 792 s++;
774 /* Process this header. */ 793 }
775 if (value && value > field+2) { 794
776 char *ff = (char *) malloc (value-field); 795 /* Process this header. */
777 char *ss = ff; 796 if (value && value > field + 2) {
778 while (field < value-1) 797 char *ff = (char *)malloc(value - field);
779 *ss++ = tolower(*field++); 798 char *ss = ff;
780 *ss++ = 0; 799 while (field < value - 1) {
781 800 *ss++ = tolower(*field++);
782 if (!strcmp (ff, "date") || !strcmp (ff, "last-modified")) { 801 }
783 const char *e; 802 *ss++ = 0;
784 while (*value && isspace (*value)) 803
785 value++; 804 if (!strcmp(ff, "date") || !strcmp(ff, "last-modified")) {
786 for (e = value; *e && *e != '\r' && *e != '\n'; e++) 805 const char *e;
787 ; 806 while (*value && isspace(*value)) {
788 ss = (char *) malloc (e - value + 1); 807 value++;
789 strncpy (ss, value, e - value); 808 }
790 ss[e - value] = 0; 809 for (e = value; *e && *e != '\r' && *e != '\n'; e++) {
791 if (!strcmp (ff, "date")) { 810 ;
792 if (server_date) free (server_date); 811 }
793 server_date = ss; 812 ss = (char *)malloc(e - value + 1);
794 } else { 813 strncpy(ss, value, e - value);
795 if (document_date) free (document_date); 814 ss[e - value] = 0;
796 document_date = ss; 815 if (!strcmp(ff, "date")) {
797 } 816 if (server_date) {
798 } 817 free(server_date);
799 free (ff); 818 }
800 } 819 server_date = ss;
801 } 820 } else {
802 821 if (document_date) {
803 /* Done parsing the body. Now check the dates we (hopefully) parsed. */ 822 free(document_date);
804 if (!server_date || !*server_date) { 823 }
805 xasprintf (msg, _("%sServer date unknown, "), *msg); 824 document_date = ss;
806 date_result = max_state_alt(STATE_UNKNOWN, date_result); 825 }
807 } else if (!document_date || !*document_date) { 826 }
808 xasprintf (msg, _("%sDocument modification date unknown, "), *msg); 827 free(ff);
809 date_result = max_state_alt(STATE_CRITICAL, date_result); 828 }
810 } else { 829 }
811 time_t srv_data = parse_time_string (server_date); 830
812 time_t doc_data = parse_time_string (document_date); 831 /* Done parsing the body. Now check the dates we (hopefully) parsed. */
813 832 if (!server_date || !*server_date) {
814 if (srv_data <= 0) { 833 xasprintf(msg, _("%sServer date unknown, "), *msg);
815 xasprintf (msg, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); 834 date_result = max_state_alt(STATE_UNKNOWN, date_result);
816 date_result = max_state_alt(STATE_CRITICAL, date_result); 835 } else if (!document_date || !*document_date) {
817 } else if (doc_data <= 0) { 836 xasprintf(msg, _("%sDocument modification date unknown, "), *msg);
818 xasprintf (msg, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); 837 date_result = max_state_alt(STATE_CRITICAL, date_result);
819 date_result = max_state_alt(STATE_CRITICAL, date_result); 838 } else {
820 } else if (doc_data > srv_data + 30) { 839 time_t srv_data = parse_time_string(server_date);
821 xasprintf (msg, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); 840 time_t doc_data = parse_time_string(document_date);
822 date_result = max_state_alt(STATE_CRITICAL, date_result); 841
823 } else if (doc_data < srv_data - maximum_age) { 842 if (srv_data <= 0) {
824 int n = (srv_data - doc_data); 843 xasprintf(msg, _("%sServer date \"%100s\" unparsable, "), *msg, server_date);
825 if (n > (60 * 60 * 24 * 2)) { 844 date_result = max_state_alt(STATE_CRITICAL, date_result);
826 xasprintf (msg, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); 845 } else if (doc_data <= 0) {
827 date_result = max_state_alt(STATE_CRITICAL, date_result); 846 xasprintf(msg, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date);
828 } else { 847 date_result = max_state_alt(STATE_CRITICAL, date_result);
829 xasprintf (msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); 848 } else if (doc_data > srv_data + 30) {
830 date_result = max_state_alt(STATE_CRITICAL, date_result); 849 xasprintf(msg, _("%sDocument is %d seconds in the future, "), *msg,
831 } 850 (int)doc_data - (int)srv_data);
832 } 851 date_result = max_state_alt(STATE_CRITICAL, date_result);
833 free (server_date); 852 } else if (doc_data < srv_data - maximum_age) {
834 free (document_date); 853 int n = (srv_data - doc_data);
835 } 854 if (n > (60 * 60 * 24 * 2)) {
836 return date_result; 855 xasprintf(msg, _("%sLast modified %.1f days ago, "), *msg,
856 ((float)n) / (60 * 60 * 24));
857 date_result = max_state_alt(STATE_CRITICAL, date_result);
858 } else {
859 xasprintf(msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60),
860 (n / 60) % 60, n % 60);
861 date_result = max_state_alt(STATE_CRITICAL, date_result);
862 }
863 }
864 free(server_date);
865 free(document_date);
866 }
867 return date_result;
837} 868}
838 869
839int 870int get_content_length(const char *headers) {
840get_content_length (const char *headers) 871 const char *s;
841{ 872 int content_length = 0;
842 const char *s; 873
843 int content_length = 0; 874 s = headers;
844 875 while (*s) {
845 s = headers; 876 const char *field = s;
846 while (*s) { 877 const char *value = 0;
847 const char *field = s; 878
848 const char *value = 0; 879 /* Find the end of the header field */
849 880 while (*s && !isspace(*s) && *s != ':') {
850 /* Find the end of the header field */ 881 s++;
851 while (*s && !isspace(*s) && *s != ':') 882 }
852 s++; 883
853 884 /* Remember the header value, if any. */
854 /* Remember the header value, if any. */ 885 if (*s == ':') {
855 if (*s == ':') 886 value = ++s;
856 value = ++s; 887 }
857 888
858 /* Skip to the end of the header, including continuation lines. */ 889 /* Skip to the end of the header, including continuation lines. */
859 while (*s && !(*s == '\n' && (s[1] != ' ' && s[1] != '\t'))) 890 while (*s && !(*s == '\n' && (s[1] != ' ' && s[1] != '\t'))) {
860 s++; 891 s++;
861 892 }
862 /* Avoid stepping over end-of-string marker */ 893
863 if (*s) 894 /* Avoid stepping over end-of-string marker */
864 s++; 895 if (*s) {
865 896 s++;
866 /* Process this header. */ 897 }
867 if (value && value > field+2) { 898
868 char *ff = (char *) malloc (value-field); 899 /* Process this header. */
869 char *ss = ff; 900 if (value && value > field + 2) {
870 while (field < value-1) 901 char *ff = (char *)malloc(value - field);
871 *ss++ = tolower(*field++); 902 char *ss = ff;
872 *ss++ = 0; 903 while (field < value - 1) {
873 904 *ss++ = tolower(*field++);
874 if (!strcmp (ff, "content-length")) { 905 }
875 const char *e; 906 *ss++ = 0;
876 while (*value && isspace (*value)) 907
877 value++; 908 if (!strcmp(ff, "content-length")) {
878 for (e = value; *e && *e != '\r' && *e != '\n'; e++) 909 const char *e;
879 ; 910 while (*value && isspace(*value)) {
880 ss = (char *) malloc (e - value + 1); 911 value++;
881 strncpy (ss, value, e - value); 912 }
882 ss[e - value] = 0; 913 for (e = value; *e && *e != '\r' && *e != '\n'; e++) {
883 content_length = atoi(ss); 914 ;
884 free (ss); 915 }
885 } 916 ss = (char *)malloc(e - value + 1);
886 free (ff); 917 strncpy(ss, value, e - value);
887 } 918 ss[e - value] = 0;
888 } 919 content_length = atoi(ss);
889 return (content_length); 920 free(ss);
921 }
922 free(ff);
923 }
924 }
925 return (content_length);
890} 926}
891 927
892char * 928char *prepend_slash(char *path) {
893prepend_slash (char *path) 929 char *newpath;
894{
895 char *newpath;
896 930
897 if (path[0] == '/') 931 if (path[0] == '/') {
898 return path; 932 return path;
933 }
899 934
900 if ((newpath = malloc (strlen(path) + 2)) == NULL) 935 if ((newpath = malloc(strlen(path) + 2)) == NULL) {
901 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); 936 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
902 newpath[0] = '/'; 937 }
903 strcpy (newpath + 1, path); 938 newpath[0] = '/';
904 free (path); 939 strcpy(newpath + 1, path);
905 return newpath; 940 free(path);
941 return newpath;
906} 942}
907 943
908int 944int check_http(void) {
909check_http (void) 945 char *msg;
910{ 946 char *status_line;
911 char *msg; 947 char *status_code;
912 char *status_line; 948 char *header;
913 char *status_code; 949 char *page;
914 char *header; 950 char *auth;
915 char *page; 951 int http_status;
916 char *auth; 952 int i = 0;
917 int http_status; 953 size_t pagesize = 0;
918 int i = 0; 954 char *full_page;
919 size_t pagesize = 0; 955 char *full_page_new;
920 char *full_page; 956 char *buf;
921 char *full_page_new; 957 char *pos;
922 char *buf; 958 long microsec = 0L;
923 char *pos; 959 double elapsed_time = 0.0;
924 long microsec = 0L; 960 long microsec_connect = 0L;
925 double elapsed_time = 0.0; 961 double elapsed_time_connect = 0.0;
926 long microsec_connect = 0L; 962 long microsec_ssl = 0L;
927 double elapsed_time_connect = 0.0; 963 double elapsed_time_ssl = 0.0;
928 long microsec_ssl = 0L; 964 long microsec_firstbyte = 0L;
929 double elapsed_time_ssl = 0.0; 965 double elapsed_time_firstbyte = 0.0;
930 long microsec_firstbyte = 0L; 966 long microsec_headers = 0L;
931 double elapsed_time_firstbyte = 0.0; 967 double elapsed_time_headers = 0.0;
932 long microsec_headers = 0L; 968 long microsec_transfer = 0L;
933 double elapsed_time_headers = 0.0; 969 double elapsed_time_transfer = 0.0;
934 long microsec_transfer = 0L; 970 int page_len = 0;
935 double elapsed_time_transfer = 0.0; 971 int result = STATE_OK;
936 int page_len = 0; 972 char *force_host_header = NULL;
937 int result = STATE_OK; 973
938 char *force_host_header = NULL; 974 /* try to connect to the host at the given port number */
939 975 gettimeofday(&tv_temp, NULL);
940 /* try to connect to the host at the given port number */ 976 if (my_tcp_connect(server_address, server_port, &sd) != STATE_OK) {
941 gettimeofday (&tv_temp, NULL); 977 die(STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
942 if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) 978 }
943 die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); 979 microsec_connect = deltime(tv_temp);
944 microsec_connect = deltime (tv_temp); 980
945 981 /* if we are called with the -I option, the -j method is CONNECT and */
946 /* if we are called with the -I option, the -j method is CONNECT and */ 982 /* we received -S for SSL, then we tunnel the request through a proxy*/
947 /* we received -S for SSL, then we tunnel the request through a proxy*/ 983 /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
948 /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ 984
949 985 if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && host_name != NULL &&
950 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 986 use_ssl) {
951 && host_name != NULL && use_ssl == true) { 987
952 988 if (verbose) {
953 if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); 989 printf("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address,
954 asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); 990 server_port, host_name, HTTPS_PORT);
955 if (strlen(proxy_auth)) { 991 }
956 base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); 992 asprintf(&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT,
957 xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); 993 user_agent);
958 } 994 if (strlen(proxy_auth)) {
959 /* optionally send any other header tag */ 995 base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth);
960 if (http_opt_headers_count) { 996 xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
961 for (i = 0; i < http_opt_headers_count ; i++) { 997 }
962 if (force_host_header != http_opt_headers[i]) { 998 /* optionally send any other header tag */
963 xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); 999 if (http_opt_headers_count) {
964 } 1000 for (i = 0; i < http_opt_headers_count; i++) {
965 } 1001 if (force_host_header != http_opt_headers[i]) {
966 /* This cannot be free'd here because a redirection will then try to access this and segfault */ 1002 xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]);
967 /* Covered in a testcase in tests/check_http.t */ 1003 }
968 /* free(http_opt_headers); */ 1004 }
969 } 1005 /* This cannot be free'd here because a redirection will then try to access this and
970 asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); 1006 * segfault */
971 asprintf (&buf, "%sHost: %s\r\n", buf, host_name); 1007 /* Covered in a testcase in tests/check_http.t */
972 /* we finished our request, send empty line with CRLF */ 1008 /* free(http_opt_headers); */
973 asprintf (&buf, "%s%s", buf, CRLF); 1009 }
974 if (verbose) printf ("%s\n", buf); 1010 asprintf(&buf, "%sProxy-Connection: keep-alive\r\n", buf);
975 send(sd, buf, strlen (buf), 0); 1011 asprintf(&buf, "%sHost: %s\r\n", buf, host_name);
976 buf[0]='\0'; 1012 /* we finished our request, send empty line with CRLF */
977 1013 asprintf(&buf, "%s%s", buf, CRLF);
978 if (verbose) printf ("Receive response from proxy\n"); 1014 if (verbose) {
979 read (sd, buffer, MAX_INPUT_BUFFER-1); 1015 printf("%s\n", buf);
980 if (verbose) printf ("%s", buffer); 1016 }
981 /* Here we should check if we got HTTP/1.1 200 Connection established */ 1017 send(sd, buf, strlen(buf), 0);
982 } 1018 buf[0] = '\0';
1019
1020 if (verbose) {
1021 printf("Receive response from proxy\n");
1022 }
1023 read(sd, buffer, MAX_INPUT_BUFFER - 1);
1024 if (verbose) {
1025 printf("%s", buffer);
1026 }
1027 /* Here we should check if we got HTTP/1.1 200 Connection established */
1028 }
983#ifdef HAVE_SSL 1029#ifdef HAVE_SSL
984 elapsed_time_connect = (double)microsec_connect / 1.0e6; 1030 elapsed_time_connect = (double)microsec_connect / 1.0e6;
985 if (use_ssl == true) { 1031 if (use_ssl) {
986 gettimeofday (&tv_temp, NULL); 1032 gettimeofday(&tv_temp, NULL);
987 result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); 1033 result = np_net_ssl_init_with_hostname_version_and_cert(
988 if (verbose) printf ("SSL initialized\n"); 1034 sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
989 if (result != STATE_OK) 1035 if (verbose) {
990 die (STATE_CRITICAL, NULL); 1036 printf("SSL initialized\n");
991 microsec_ssl = deltime (tv_temp); 1037 }
992 elapsed_time_ssl = (double)microsec_ssl / 1.0e6; 1038 if (result != STATE_OK) {
993 if (check_cert == true) { 1039 die(STATE_CRITICAL, NULL);
994 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 1040 }
995 if (continue_after_check_cert == false) { 1041 microsec_ssl = deltime(tv_temp);
996 if (sd) close(sd); 1042 elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
997 np_net_ssl_cleanup(); 1043 if (check_cert) {
998 return result; 1044 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
999 } 1045 if (!continue_after_check_cert) {
1000 } 1046 if (sd) {
1001 } 1047 close(sd);
1048 }
1049 np_net_ssl_cleanup();
1050 return result;
1051 }
1052 }
1053 }
1002#endif /* HAVE_SSL */ 1054#endif /* HAVE_SSL */
1003 1055
1004 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 1056 if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && host_name != NULL &&
1005 && host_name != NULL && use_ssl == true) 1057 use_ssl) {
1006 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 1058 asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url,
1007 else 1059 host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
1008 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 1060 } else {
1009 1061 asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method, server_url,
1010 /* tell HTTP/1.1 servers not to keep the connection alive */ 1062 host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
1011 xasprintf (&buf, "%sConnection: close\r\n", buf); 1063 }
1012 1064
1013 /* check if Host header is explicitly set in options */ 1065 /* tell HTTP/1.1 servers not to keep the connection alive */
1014 if (http_opt_headers_count) { 1066 xasprintf(&buf, "%sConnection: close\r\n", buf);
1015 for (i = 0; i < http_opt_headers_count ; i++) { 1067
1016 if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { 1068 /* check if Host header is explicitly set in options */
1017 force_host_header = http_opt_headers[i]; 1069 if (http_opt_headers_count) {
1018 } 1070 for (i = 0; i < http_opt_headers_count; i++) {
1019 } 1071 if (strncmp(http_opt_headers[i], "Host:", 5) == 0) {
1020 } 1072 force_host_header = http_opt_headers[i];
1021 1073 }
1022 /* optionally send the host header info */ 1074 }
1023 if (host_name) { 1075 }
1024 if (force_host_header) { 1076
1025 xasprintf (&buf, "%s%s\r\n", buf, force_host_header); 1077 /* optionally send the host header info */
1026 } 1078 if (host_name) {
1027 else { 1079 if (force_host_header) {
1028 /* 1080 xasprintf(&buf, "%s%s\r\n", buf, force_host_header);
1029 * Specify the port only if we're using a non-default port (see RFC 2616, 1081 } else {
1030 * 14.23). Some server applications/configurations cause trouble if the 1082 /*
1031 * (default) port is explicitly specified in the "Host:" header line. 1083 * Specify the port only if we're using a non-default port (see RFC 2616,
1032 */ 1084 * 14.23). Some server applications/configurations cause trouble if the
1033 if ((use_ssl == false && virtual_port == HTTP_PORT) || 1085 * (default) port is explicitly specified in the "Host:" header line.
1034 (use_ssl == true && virtual_port == HTTPS_PORT) || 1086 */
1035 (server_address != NULL && strcmp(http_method, "CONNECT") == 0 1087 if ((!use_ssl && virtual_port == HTTP_PORT) ||
1036 && host_name != NULL && use_ssl == true)) 1088 (use_ssl && virtual_port == HTTPS_PORT) ||
1037 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); 1089 (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
1038 else 1090 host_name != NULL && use_ssl)) {
1039 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); 1091 xasprintf(&buf, "%sHost: %s\r\n", buf, host_name);
1040 } 1092 } else {
1041 } 1093 xasprintf(&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
1042 1094 }
1043 /* optionally send any other header tag */ 1095 }
1044 if (http_opt_headers_count) { 1096 }
1045 for (i = 0; i < http_opt_headers_count ; i++) { 1097
1046 if (force_host_header != http_opt_headers[i]) { 1098 /* optionally send any other header tag */
1047 xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); 1099 if (http_opt_headers_count) {
1048 } 1100 for (i = 0; i < http_opt_headers_count; i++) {
1049 } 1101 if (force_host_header != http_opt_headers[i]) {
1050 /* This cannot be free'd here because a redirection will then try to access this and segfault */ 1102 xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]);
1051 /* Covered in a testcase in tests/check_http.t */ 1103 }
1052 /* free(http_opt_headers); */ 1104 }
1053 } 1105 /* This cannot be free'd here because a redirection will then try to access this and
1054 1106 * segfault */
1055 /* optionally send the authentication info */ 1107 /* Covered in a testcase in tests/check_http.t */
1056 if (strlen(user_auth)) { 1108 /* free(http_opt_headers); */
1057 base64_encode_alloc (user_auth, strlen (user_auth), &auth); 1109 }
1058 xasprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth); 1110
1059 } 1111 /* optionally send the authentication info */
1060 1112 if (strlen(user_auth)) {
1061 /* optionally send the proxy authentication info */ 1113 base64_encode_alloc(user_auth, strlen(user_auth), &auth);
1062 if (strlen(proxy_auth)) { 1114 xasprintf(&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
1063 base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); 1115 }
1064 xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); 1116
1065 } 1117 /* optionally send the proxy authentication info */
1066 1118 if (strlen(proxy_auth)) {
1067 /* either send http POST data (any data, not only POST)*/ 1119 base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth);
1068 if (http_post_data) { 1120 xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
1069 if (http_content_type) { 1121 }
1070 xasprintf (&buf, "%sContent-Type: %s\r\n", buf, http_content_type); 1122
1071 } else { 1123 /* either send http POST data (any data, not only POST)*/
1072 xasprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf); 1124 if (http_post_data) {
1073 } 1125 if (http_content_type) {
1074 1126 xasprintf(&buf, "%sContent-Type: %s\r\n", buf, http_content_type);
1075 xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data)); 1127 } else {
1076 xasprintf (&buf, "%s%s", buf, http_post_data); 1128 xasprintf(&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf);
1077 } else { 1129 }
1078 /* or just a newline so the server knows we're done with the request */ 1130
1079 xasprintf (&buf, "%s%s", buf, CRLF); 1131 xasprintf(&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen(http_post_data));
1080 } 1132 xasprintf(&buf, "%s%s", buf, http_post_data);
1081 1133 } else {
1082 if (verbose) printf ("%s\n", buf); 1134 /* or just a newline so the server knows we're done with the request */
1083 gettimeofday (&tv_temp, NULL); 1135 xasprintf(&buf, "%s%s", buf, CRLF);
1084 my_send (buf, strlen (buf)); 1136 }
1085 microsec_headers = deltime (tv_temp); 1137
1086 elapsed_time_headers = (double)microsec_headers / 1.0e6; 1138 if (verbose) {
1087 1139 printf("%s\n", buf);
1088 /* fetch the page */ 1140 }
1089 full_page = strdup(""); 1141 gettimeofday(&tv_temp, NULL);
1090 gettimeofday (&tv_temp, NULL); 1142 my_send(buf, strlen(buf));
1091 while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) { 1143 microsec_headers = deltime(tv_temp);
1092 if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) { 1144 elapsed_time_headers = (double)microsec_headers / 1.0e6;
1093 microsec_firstbyte = deltime (tv_temp); 1145
1094 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; 1146 /* fetch the page */
1095 } 1147 full_page = strdup("");
1096 while ((pos = memchr(buffer, '\0', i))) { 1148 gettimeofday(&tv_temp, NULL);
1097 /* replace nul character with a blank */ 1149 while ((i = my_recv(buffer, MAX_INPUT_BUFFER - 1)) > 0) {
1098 *pos = ' '; 1150 if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) {
1099 } 1151 microsec_firstbyte = deltime(tv_temp);
1100 buffer[i] = '\0'; 1152 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
1101 1153 }
1102 if ((full_page_new = realloc(full_page, pagesize + i + 1)) == NULL) 1154 while ((pos = memchr(buffer, '\0', i))) {
1103 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate memory for full_page\n")); 1155 /* replace nul character with a blank */
1104 1156 *pos = ' ';
1105 memmove(&full_page_new[pagesize], buffer, i + 1); 1157 }
1106 1158 buffer[i] = '\0';
1107 full_page = full_page_new; 1159
1108 1160 if ((full_page_new = realloc(full_page, pagesize + i + 1)) == NULL) {
1109 pagesize += i; 1161 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate memory for full_page\n"));
1110 1162 }
1111 if (no_body && document_headers_done (full_page)) { 1163
1112 i = 0; 1164 memmove(&full_page_new[pagesize], buffer, i + 1);
1113 break; 1165
1114 } 1166 full_page = full_page_new;
1115 } 1167
1116 microsec_transfer = deltime (tv_temp); 1168 pagesize += i;
1117 elapsed_time_transfer = (double)microsec_transfer / 1.0e6; 1169
1118 1170 if (no_body && document_headers_done(full_page)) {
1119 if (i < 0 && errno != ECONNRESET) { 1171 i = 0;
1120 die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n")); 1172 break;
1121 } 1173 }
1122 1174 }
1123 /* return a CRITICAL status if we couldn't read any data */ 1175 microsec_transfer = deltime(tv_temp);
1124 if (pagesize == (size_t) 0) 1176 elapsed_time_transfer = (double)microsec_transfer / 1.0e6;
1125 die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); 1177
1126 1178 if (i < 0 && errno != ECONNRESET) {
1127 /* close the connection */ 1179 die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
1128 if (sd) close(sd); 1180 }
1181
1182 /* return a CRITICAL status if we couldn't read any data */
1183 if (pagesize == (size_t)0) {
1184 die(STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n"));
1185 }
1186
1187 /* close the connection */
1188 if (sd) {
1189 close(sd);
1190 }
1129#ifdef HAVE_SSL 1191#ifdef HAVE_SSL
1130 np_net_ssl_cleanup(); 1192 np_net_ssl_cleanup();
1131#endif 1193#endif
1132 1194
1133 /* Save check time */ 1195 /* Save check time */
1134 microsec = deltime (tv); 1196 microsec = deltime(tv);
1135 elapsed_time = (double)microsec / 1.0e6; 1197 elapsed_time = (double)microsec / 1.0e6;
1136 1198
1137 /* leave full_page untouched so we can free it later */ 1199 /* leave full_page untouched so we can free it later */
1138 page = full_page; 1200 page = full_page;
1139 1201
1140 if (verbose) 1202 if (verbose) {
1141 printf ("%s://%s:%d%s is %d characters\n", 1203 printf("%s://%s:%d%s is %d characters\n", use_ssl ? "https" : "http", server_address,
1142 use_ssl ? "https" : "http", server_address, 1204 server_port, server_url, (int)pagesize);
1143 server_port, server_url, (int)pagesize); 1205 }
1144 1206
1145 /* find status line and null-terminate it */ 1207 /* find status line and null-terminate it */
1146 status_line = page; 1208 status_line = page;
1147 page += (size_t) strcspn (page, "\r\n"); 1209 page += (size_t)strcspn(page, "\r\n");
1148 pos = page; 1210 pos = page;
1149 page += (size_t) strspn (page, "\r\n"); 1211 page += (size_t)strspn(page, "\r\n");
1150 status_line[strcspn(status_line, "\r\n")] = 0; 1212 status_line[strcspn(status_line, "\r\n")] = 0;
1151 strip (status_line); 1213 strip(status_line);
1152 if (verbose) 1214 if (verbose) {
1153 printf ("STATUS: %s\n", status_line); 1215 printf("STATUS: %s\n", status_line);
1154 1216 }
1155 /* find header info and null-terminate it */ 1217
1156 header = page; 1218 /* find header info and null-terminate it */
1157 while (strcspn (page, "\r\n") > 0) { 1219 header = page;
1158 page += (size_t) strcspn (page, "\r\n"); 1220 while (strcspn(page, "\r\n") > 0) {
1159 pos = page; 1221 page += (size_t)strcspn(page, "\r\n");
1160 if ((strspn (page, "\r") == 1 && strspn (page, "\r\n") >= 2) || 1222 pos = page;
1161 (strspn (page, "\n") == 1 && strspn (page, "\r\n") >= 2)) 1223 if ((strspn(page, "\r") == 1 && strspn(page, "\r\n") >= 2) ||
1162 page += (size_t) 2; 1224 (strspn(page, "\n") == 1 && strspn(page, "\r\n") >= 2)) {
1163 else 1225 page += (size_t)2;
1164 page += (size_t) 1; 1226 } else {
1165 } 1227 page += (size_t)1;
1166 page += (size_t) strspn (page, "\r\n"); 1228 }
1167 header[pos - header] = 0; 1229 }
1168 if (verbose) 1230 page += (size_t)strspn(page, "\r\n");
1169 printf ("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header, 1231 header[pos - header] = 0;
1170 (no_body ? " [[ skipped ]]" : page)); 1232 if (verbose) {
1171 1233 printf("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header,
1172 /* make sure the status line matches the response we are looking for */ 1234 (no_body ? " [[ skipped ]]" : page));
1173 if (!expected_statuscode (status_line, server_expect)) { 1235 }
1174 if (server_port == HTTP_PORT) 1236
1175 xasprintf (&msg, 1237 /* make sure the status line matches the response we are looking for */
1176 _("Invalid HTTP response received from host: %s\n"), 1238 if (!expected_statuscode(status_line, server_expect)) {
1177 status_line); 1239 if (server_port == HTTP_PORT) {
1178 else 1240 xasprintf(&msg, _("Invalid HTTP response received from host: %s\n"), status_line);
1179 xasprintf (&msg, 1241 } else {
1180 _("Invalid HTTP response received from host on port %d: %s\n"), 1242 xasprintf(&msg, _("Invalid HTTP response received from host on port %d: %s\n"),
1181 server_port, status_line); 1243 server_port, status_line);
1182 if (show_body) 1244 }
1183 xasprintf (&msg, _("%s\n%s"), msg, page); 1245 if (show_body) {
1184 die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); 1246 xasprintf(&msg, _("%s\n%s"), msg, page);
1185 } 1247 }
1186 1248 die(STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
1187 /* Bypass normal status line check if server_expect was set by user and not default */ 1249 }
1188 /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string */ 1250
1189 if ( server_expect_yn ) { 1251 /* Bypass normal status line check if server_expect was set by user and not default */
1190 xasprintf (&msg, 1252 /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string */
1191 _("Status line output matched \"%s\" - "), server_expect); 1253 if (server_expect_yn) {
1192 if (verbose) 1254 xasprintf(&msg, _("Status line output matched \"%s\" - "), server_expect);
1193 printf ("%s\n",msg); 1255 if (verbose) {
1194 } 1256 printf("%s\n", msg);
1195 else { 1257 }
1196 /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */ 1258 } else {
1197 /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */ 1259 /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */
1198 /* Status-Code = 3 DIGITS */ 1260 /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */
1199 1261 /* Status-Code = 3 DIGITS */
1200 status_code = strchr (status_line, ' ') + sizeof (char); 1262
1201 if (strspn (status_code, "1234567890") != 3) 1263 status_code = strchr(status_line, ' ') + sizeof(char);
1202 die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), status_line); 1264 if (strspn(status_code, "1234567890") != 3) {
1203 1265 die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), status_line);
1204 http_status = atoi (status_code); 1266 }
1205 1267
1206 /* check the return code */ 1268 http_status = atoi(status_code);
1207 1269
1208 if (http_status >= 600 || http_status < 100) { 1270 /* check the return code */
1209 die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), status_line); 1271
1210 } 1272 if (http_status >= 600 || http_status < 100) {
1211 /* server errors result in a critical state */ 1273 die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), status_line);
1212 else if (http_status >= 500) { 1274 }
1213 xasprintf (&msg, _("%s - "), status_line); 1275 /* server errors result in a critical state */
1214 result = STATE_CRITICAL; 1276 else if (http_status >= 500) {
1215 } 1277 xasprintf(&msg, _("%s - "), status_line);
1216 /* client errors result in a warning state */ 1278 result = STATE_CRITICAL;
1217 else if (http_status >= 400) { 1279 }
1218 xasprintf (&msg, _("%s - "), status_line); 1280 /* client errors result in a warning state */
1219 result = max_state_alt(STATE_WARNING, result); 1281 else if (http_status >= 400) {
1220 } 1282 xasprintf(&msg, _("%s - "), status_line);
1221 /* check redirected page if specified */ 1283 result = max_state_alt(STATE_WARNING, result);
1222 else if (http_status >= 300) { 1284 }
1223 1285 /* check redirected page if specified */
1224 if (onredirect == STATE_DEPENDENT) 1286 else if (http_status >= 300) {
1225 redir (header, status_line); 1287
1226 else 1288 if (onredirect == STATE_DEPENDENT) {
1227 result = max_state_alt(onredirect, result); 1289 redir(header, status_line);
1228 xasprintf (&msg, _("%s - "), status_line); 1290 } else {
1229 } /* end if (http_status >= 300) */ 1291 result = max_state_alt(onredirect, result);
1230 else { 1292 }
1231 /* Print OK status anyway */ 1293 xasprintf(&msg, _("%s - "), status_line);
1232 xasprintf (&msg, _("%s - "), status_line); 1294 } /* end if (http_status >= 300) */
1233 } 1295 else {
1234 1296 /* Print OK status anyway */
1235 } /* end else (server_expect_yn) */ 1297 xasprintf(&msg, _("%s - "), status_line);
1236 1298 }
1237 /* reset the alarm - must be called *after* redir or we'll never die on redirects! */ 1299
1238 alarm (0); 1300 } /* end else (server_expect_yn) */
1239 1301
1240 if (maximum_age >= 0) { 1302 /* reset the alarm - must be called *after* redir or we'll never die on redirects! */
1241 result = max_state_alt(check_document_dates(header, &msg), result); 1303 alarm(0);
1242 } 1304
1243 1305 if (maximum_age >= 0) {
1244 /* Page and Header content checks go here */ 1306 result = max_state_alt(check_document_dates(header, &msg), result);
1245 if (strlen(header_expect) > 0) { 1307 }
1246 if (strstr(header, header_expect) == NULL) { 1308
1247 // We did not find the header, the rest is for building the output and setting the state 1309 /* Page and Header content checks go here */
1248 char output_header_search[30] = ""; 1310 if (strlen(header_expect) > 0) {
1249 1311 if (strstr(header, header_expect) == NULL) {
1250 strncpy(&output_header_search[0], header_expect, 1312 // We did not find the header, the rest is for building the output and setting the state
1251 sizeof(output_header_search)); 1313 char output_header_search[30] = "";
1252 1314
1253 if (output_header_search[sizeof(output_header_search) - 1] != '\0') { 1315 strncpy(&output_header_search[0], header_expect, sizeof(output_header_search));
1254 bcopy("...", 1316
1255 &output_header_search[sizeof(output_header_search) - 4], 1317 if (output_header_search[sizeof(output_header_search) - 1] != '\0') {
1256 4); 1318 bcopy("...", &output_header_search[sizeof(output_header_search) - 4], 4);
1257 } 1319 }
1258 1320
1259 xasprintf (&msg, 1321 xasprintf(&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg,
1260 _("%sheader '%s' not found on '%s://%s:%d%s', "), 1322 output_header_search, use_ssl ? "https" : "http",
1261 msg, 1323 host_name ? host_name : server_address, server_port, server_url);
1262 output_header_search, use_ssl ? "https" : "http", 1324
1263 host_name ? host_name : server_address, server_port, 1325 result = STATE_CRITICAL;
1264 server_url); 1326 }
1265 1327 }
1266 result = STATE_CRITICAL; 1328
1267 } 1329 // At this point we should test if the content is chunked and unchunk it, so
1268 } 1330 // it can be searched (and possibly printed)
1269 1331 const char *chunked_header_regex_string = "Transfer-Encoding: *chunked *";
1270 // At this point we should test if the content is chunked and unchunk it, so 1332 regex_t chunked_header_regex;
1271 // it can be searched (and possibly printed) 1333
1272 const char *chunked_header_regex_string = "Transfer-Encoding: *chunked *"; 1334 if (regcomp(&chunked_header_regex, chunked_header_regex_string, REG_ICASE)) {
1273 regex_t chunked_header_regex; 1335 die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN),
1274 1336 "Failed to compile chunked_header_regex regex");
1275 if (regcomp(&chunked_header_regex, chunked_header_regex_string, REG_ICASE)) { 1337 }
1276 die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to compile chunked_header_regex regex"); 1338
1277 } 1339 regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF
1278 1340 // it was found
1279 regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found 1341
1280 1342 if (!no_body && regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) {
1281 if (!no_body && regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) { 1343 if (verbose) {
1282 if (verbose) { 1344 printf("Found chunked content\n");
1283 printf("Found chunked content\n"); 1345 }
1284 } 1346 // We actually found the chunked header
1285 // We actually found the chunked header 1347 char *tmp = unchunk_content(page);
1286 char *tmp = unchunk_content(page); 1348 if (tmp == NULL) {
1287 if (tmp == NULL) { 1349 die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN),
1288 die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to unchunk message body"); 1350 "Failed to unchunk message body");
1289 } 1351 }
1290 page = tmp; 1352 page = tmp;
1291 } 1353 }
1292 1354
1293 if (strlen(string_expect) > 0) { 1355 if (strlen(string_expect) > 0) {
1294 if (!strstr(page, string_expect)) { 1356 if (!strstr(page, string_expect)) {
1295 // We found the string the body, the rest is for building the output 1357 // We found the string the body, the rest is for building the output
1296 char output_string_search[30] = ""; 1358 char output_string_search[30] = "";
1297 strncpy(&output_string_search[0], string_expect, 1359 strncpy(&output_string_search[0], string_expect, sizeof(output_string_search));
1298 sizeof(output_string_search)); 1360 if (output_string_search[sizeof(output_string_search) - 1] != '\0') {
1299 if (output_string_search[sizeof(output_string_search) - 1] != '\0') { 1361 bcopy("...", &output_string_search[sizeof(output_string_search) - 4], 4);
1300 bcopy("...", &output_string_search[sizeof(output_string_search) - 4], 1362 }
1301 4); 1363 xasprintf(&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg,
1302 } 1364 output_string_search, use_ssl ? "https" : "http",
1303 xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); 1365 host_name ? host_name : server_address, server_port, server_url);
1304 result = STATE_CRITICAL; 1366 result = STATE_CRITICAL;
1305 } 1367 }
1306 } 1368 }
1307 1369
1308 if (strlen(regexp) > 0) { 1370 if (strlen(regexp) > 0) {
1309 errcode = regexec(&preg, page, REGS, pmatch, 0); 1371 errcode = regexec(&preg, page, REGS, pmatch, 0);
1310 if ((errcode == 0 && invert_regex == 0) || 1372 if ((errcode == 0 && invert_regex == 0) || (errcode == REG_NOMATCH && invert_regex == 1)) {
1311 (errcode == REG_NOMATCH && invert_regex == 1)) { 1373 /* OK - No-op to avoid changing the logic around it */
1312 /* OK - No-op to avoid changing the logic around it */ 1374 result = max_state_alt(STATE_OK, result);
1313 result = max_state_alt(STATE_OK, result); 1375 } else if ((errcode == REG_NOMATCH && invert_regex == 0) ||
1314 } 1376 (errcode == 0 && invert_regex == 1)) {
1315 else if ((errcode == REG_NOMATCH && invert_regex == 0) || (errcode == 0 && invert_regex == 1)) { 1377 if (invert_regex == 0) {
1316 if (invert_regex == 0) 1378 xasprintf(&msg, _("%spattern not found, "), msg);
1317 xasprintf (&msg, _("%spattern not found, "), msg); 1379 } else {
1318 else 1380 xasprintf(&msg, _("%spattern found, "), msg);
1319 xasprintf (&msg, _("%spattern found, "), msg); 1381 }
1320 result = STATE_CRITICAL; 1382 result = state_regex;
1321 } 1383 } else {
1322 else { 1384 /* FIXME: Shouldn't that be UNKNOWN? */
1323 /* FIXME: Shouldn't that be UNKNOWN? */ 1385 regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
1324 regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); 1386 xasprintf(&msg, _("%sExecute Error: %s, "), msg, errbuf);
1325 xasprintf (&msg, _("%sExecute Error: %s, "), msg, errbuf); 1387 result = STATE_CRITICAL;
1326 result = STATE_CRITICAL; 1388 }
1327 } 1389 }
1328 } 1390
1329 1391 /* make sure the page is of an appropriate size */
1330 /* make sure the page is of an appropriate size */ 1392 /* page_len = get_content_length(header); */
1331 /* page_len = get_content_length(header); */ 1393 /* FIXME: Will this work with -N ? IMHO we should use
1332 /* FIXME: Will this work with -N ? IMHO we should use 1394 * get_content_length(header) and always check if it's different than the
1333 * get_content_length(header) and always check if it's different than the 1395 * returned pagesize
1334 * returned pagesize 1396 */
1335 */ 1397 /* FIXME: IIRC pagesize returns headers - shouldn't we make
1336 /* FIXME: IIRC pagesize returns headers - shouldn't we make 1398 * it == get_content_length(header) ??
1337 * it == get_content_length(header) ?? 1399 */
1338 */ 1400 page_len = pagesize;
1339 page_len = pagesize; 1401 if ((max_page_len > 0) && (page_len > max_page_len)) {
1340 if ((max_page_len > 0) && (page_len > max_page_len)) { 1402 xasprintf(&msg, _("%spage size %d too large, "), msg, page_len);
1341 xasprintf (&msg, _("%spage size %d too large, "), msg, page_len); 1403 result = max_state_alt(STATE_WARNING, result);
1342 result = max_state_alt(STATE_WARNING, result); 1404 } else if ((min_page_len > 0) && (page_len < min_page_len)) {
1343 } else if ((min_page_len > 0) && (page_len < min_page_len)) { 1405 xasprintf(&msg, _("%spage size %d too small, "), msg, page_len);
1344 xasprintf (&msg, _("%spage size %d too small, "), msg, page_len); 1406 result = max_state_alt(STATE_WARNING, result);
1345 result = max_state_alt(STATE_WARNING, result); 1407 }
1346 } 1408
1347 1409 /* Cut-off trailing characters */
1348 /* Cut-off trailing characters */ 1410 if (msg[strlen(msg) - 2] == ',') {
1349 if(msg[strlen(msg)-2] == ',') 1411 msg[strlen(msg) - 2] = '\0';
1350 msg[strlen(msg)-2] = '\0'; 1412 } else {
1351 else 1413 msg[strlen(msg) - 3] = '\0';
1352 msg[strlen(msg)-3] = '\0'; 1414 }
1353 1415
1354 /* check elapsed time */ 1416 /* check elapsed time */
1355 if (show_extended_perfdata) 1417 if (show_extended_perfdata) {
1356 xasprintf (&msg, 1418 xasprintf(
1357 _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), 1419 &msg, _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), msg,
1358 msg, page_len, elapsed_time, 1420 page_len, elapsed_time, (display_html ? "</A>" : ""), perfd_time(elapsed_time),
1359 (display_html ? "</A>" : ""), 1421 perfd_size(page_len), perfd_time_connect(elapsed_time_connect),
1360 perfd_time (elapsed_time), 1422 use_ssl ? perfd_time_ssl(elapsed_time_ssl) : "",
1361 perfd_size (page_len), 1423 perfd_time_headers(elapsed_time_headers), perfd_time_firstbyte(elapsed_time_firstbyte),
1362 perfd_time_connect (elapsed_time_connect), 1424 perfd_time_transfer(elapsed_time_transfer));
1363 use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "", 1425 } else {
1364 perfd_time_headers (elapsed_time_headers), 1426 xasprintf(&msg, _("%s - %d bytes in %.3f second response time %s|%s %s"), msg, page_len,
1365 perfd_time_firstbyte (elapsed_time_firstbyte), 1427 elapsed_time, (display_html ? "</A>" : ""), perfd_time(elapsed_time),
1366 perfd_time_transfer (elapsed_time_transfer)); 1428 perfd_size(page_len));
1367 else 1429 }
1368 xasprintf (&msg, 1430
1369 _("%s - %d bytes in %.3f second response time %s|%s %s"), 1431 if (show_body) {
1370 msg, page_len, elapsed_time, 1432 xasprintf(&msg, _("%s\n%s"), msg, page);
1371 (display_html ? "</A>" : ""), 1433 }
1372 perfd_time (elapsed_time), 1434
1373 perfd_size (page_len)); 1435 result = max_state_alt(get_status(elapsed_time, thlds), result);
1374 1436
1375 if (show_body) 1437 die(result, "HTTP %s: %s\n", state_text(result), msg);
1376 xasprintf (&msg, _("%s\n%s"), msg, page); 1438 /* die failed? */
1377 1439 return STATE_UNKNOWN;
1378 result = max_state_alt(get_status(elapsed_time, thlds), result);
1379
1380 die (result, "HTTP %s: %s\n", state_text(result), msg);
1381 /* die failed? */
1382 return STATE_UNKNOWN;
1383} 1440}
1384 1441
1385/* Receivces a pointer to the beginning of the body of a HTTP message 1442/* Receivces a pointer to the beginning of the body of a HTTP message
@@ -1388,94 +1445,95 @@ check_http (void)
1388 * The result must be freed by the caller. 1445 * The result must be freed by the caller.
1389 */ 1446 */
1390char *unchunk_content(const char *content) { 1447char *unchunk_content(const char *content) {
1391 // https://en.wikipedia.org/wiki/Chunked_transfer_encoding 1448 // https://en.wikipedia.org/wiki/Chunked_transfer_encoding
1392 // https://www.rfc-editor.org/rfc/rfc7230#section-4.1 1449 // https://www.rfc-editor.org/rfc/rfc7230#section-4.1
1393 char *result = NULL; 1450 char *result = NULL;
1394 char *start_of_chunk; 1451 char *start_of_chunk;
1395 char* end_of_chunk; 1452 char *end_of_chunk;
1396 long size_of_chunk; 1453 long size_of_chunk;
1397 const char *pointer = content; 1454 const char *pointer = content;
1398 char *endptr; 1455 char *endptr;
1399 long length_of_chunk = 0; 1456 long length_of_chunk = 0;
1400 size_t overall_size = 0; 1457 size_t overall_size = 0;
1401 1458
1402 while (true) { 1459 while (true) {
1403 size_of_chunk = strtol(pointer, &endptr, 16); 1460 size_of_chunk = strtol(pointer, &endptr, 16);
1404 if (size_of_chunk == LONG_MIN || size_of_chunk == LONG_MAX) { 1461 if (size_of_chunk == LONG_MIN || size_of_chunk == LONG_MAX) {
1405 // Apparently underflow or overflow, should not happen 1462 // Apparently underflow or overflow, should not happen
1406 if (verbose) { 1463 if (verbose) {
1407 printf("Got an underflow or overflow from strtol at: %u\n", __LINE__); 1464 printf("Got an underflow or overflow from strtol at: %u\n", __LINE__);
1408 } 1465 }
1409 return NULL; 1466 return NULL;
1410 } 1467 }
1411 if (endptr == pointer) { 1468 if (endptr == pointer) {
1412 // Apparently this was not a number 1469 // Apparently this was not a number
1413 if (verbose) { 1470 if (verbose) {
1414 printf("Chunked content did not start with a number at all (Line: %u)\n", __LINE__); 1471 printf("Chunked content did not start with a number at all (Line: %u)\n", __LINE__);
1415 } 1472 }
1416 return NULL; 1473 return NULL;
1417 } 1474 }
1418 1475
1419 // So, we got the length of the chunk 1476 // So, we got the length of the chunk
1420 if (*endptr == ';') { 1477 if (*endptr == ';') {
1421 // Chunk extension starts here 1478 // Chunk extension starts here
1422 while (*endptr != '\r') { 1479 while (*endptr != '\r') {
1423 endptr++; 1480 endptr++;
1424 } 1481 }
1425 } 1482 }
1426 1483
1427 start_of_chunk = endptr + 2; 1484 start_of_chunk = endptr + 2;
1428 end_of_chunk = start_of_chunk + size_of_chunk; 1485 end_of_chunk = start_of_chunk + size_of_chunk;
1429 length_of_chunk = (long)(end_of_chunk - start_of_chunk); 1486 length_of_chunk = (long)(end_of_chunk - start_of_chunk);
1430 pointer = end_of_chunk + 2; //Next number should be here 1487 pointer = end_of_chunk + 2; // Next number should be here
1431 1488
1432 if (length_of_chunk == 0) { 1489 if (length_of_chunk == 0) {
1433 // Chunk length is 0, so this is the last one 1490 // Chunk length is 0, so this is the last one
1434 break; 1491 break;
1435 } 1492 }
1436 1493
1437 overall_size += length_of_chunk; 1494 overall_size += length_of_chunk;
1438 1495
1439 if (result == NULL) { 1496 if (result == NULL) {
1440 // Size of the chunk plus the ending NULL byte 1497 // Size of the chunk plus the ending NULL byte
1441 result = (char *)malloc(length_of_chunk +1); 1498 result = (char *)malloc(length_of_chunk + 1);
1442 if (result == NULL) { 1499 if (result == NULL) {
1443 if (verbose) { 1500 if (verbose) {
1444 printf("Failed to allocate memory for unchunked body\n"); 1501 printf("Failed to allocate memory for unchunked body\n");
1445 } 1502 }
1446 return NULL; 1503 return NULL;
1447 } 1504 }
1448 } else { 1505 } else {
1449 // Enlarge memory to the new size plus the ending NULL byte 1506 // Enlarge memory to the new size plus the ending NULL byte
1450 void *tmp = realloc(result, overall_size +1); 1507 void *tmp = realloc(result, overall_size + 1);
1451 if (tmp == NULL) { 1508 if (tmp == NULL) {
1452 if (verbose) { 1509 if (verbose) {
1453 printf("Failed to allocate memory for unchunked body\n"); 1510 printf("Failed to allocate memory for unchunked body\n");
1454 } 1511 }
1455 return NULL; 1512 return NULL;
1456 } else { 1513 }
1457 result = tmp; 1514 result = tmp;
1458 } 1515 }
1459 } 1516
1460 1517 memcpy(result + (overall_size - size_of_chunk), start_of_chunk, size_of_chunk);
1461 memcpy(result + (overall_size - size_of_chunk), start_of_chunk, size_of_chunk); 1518 }
1462 } 1519
1463 1520 if (overall_size == 0 && result == NULL) {
1464 if (overall_size == 0 && result == NULL) { 1521 // We might just have received the end chunk without previous content, so result is never
1465 // We might just have received the end chunk without previous content, so result is never allocated 1522 // allocated
1466 result = calloc(1, sizeof(char)); 1523 result = calloc(1, sizeof(char));
1467 // No error handling here, we can only return NULL anyway 1524 // No error handling here, we can only return NULL anyway
1468 } else { 1525 } else {
1469 result[overall_size] = '\0'; 1526 result[overall_size] = '\0';
1470 } 1527 }
1471 return result; 1528 return result;
1472} 1529}
1473 1530
1474/* per RFC 2396 */ 1531/* per RFC 2396 */
1475#define URI_HTTP "%5[HTPShtps]" 1532#define URI_HTTP "%5[HTPShtps]"
1476#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" 1533#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
1477#define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */ 1534#define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */
1478#define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" 1535#define URI_PATH \
1536 "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
1479#define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH 1537#define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH
1480#define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH 1538#define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH
1481#define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT 1539#define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT
@@ -1484,411 +1542,431 @@ char *unchunk_content(const char *content) {
1484#define HD5 "//" URI_HOST "/" URI_PATH 1542#define HD5 "//" URI_HOST "/" URI_PATH
1485#define HD6 URI_PATH 1543#define HD6 URI_PATH
1486 1544
1487void 1545void redir(char *pos, char *status_line) {
1488redir (char *pos, char *status_line) 1546 int i = 0;
1489{ 1547 char *x;
1490 int i = 0; 1548 char xx[2];
1491 char *x; 1549 char type[6];
1492 char xx[2]; 1550 char *addr;
1493 char type[6]; 1551 char *url;
1494 char *addr; 1552
1495 char *url; 1553 addr = malloc(MAX_IPV4_HOSTLENGTH + 1);
1496 1554 if (addr == NULL) {
1497 addr = malloc (MAX_IPV4_HOSTLENGTH + 1); 1555 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n"));
1498 if (addr == NULL) 1556 }
1499 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); 1557
1500 1558 memset(addr, 0, MAX_IPV4_HOSTLENGTH);
1501 memset(addr, 0, MAX_IPV4_HOSTLENGTH); 1559 url = malloc(strcspn(pos, "\r\n"));
1502 url = malloc (strcspn (pos, "\r\n")); 1560 if (url == NULL) {
1503 if (url == NULL) 1561 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
1504 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); 1562 }
1505 1563
1506 while (pos) { 1564 while (pos) {
1507 sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i); 1565 sscanf(pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i);
1508 if (i == 0) { 1566 if (i == 0) {
1509 pos += (size_t) strcspn (pos, "\r\n"); 1567 pos += (size_t)strcspn(pos, "\r\n");
1510 pos += (size_t) strspn (pos, "\r\n"); 1568 pos += (size_t)strspn(pos, "\r\n");
1511 if (strlen(pos) == 0) 1569 if (strlen(pos) == 0) {
1512 die (STATE_UNKNOWN, 1570 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"),
1513 _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"), 1571 status_line, (display_html ? "</A>" : ""));
1514 status_line, (display_html ? "</A>" : "")); 1572 }
1515 continue; 1573 continue;
1516 } 1574 }
1517 1575
1518 pos += i; 1576 pos += i;
1519 pos += strspn (pos, " \t"); 1577 pos += strspn(pos, " \t");
1520 1578
1521 /* 1579 /*
1522 * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by 1580 * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by
1523 * preceding each extra line with at least one SP or HT.'' 1581 * preceding each extra line with at least one SP or HT.''
1524 */ 1582 */
1525 for (; (i = strspn (pos, "\r\n")); pos += i) { 1583 for (; (i = strspn(pos, "\r\n")); pos += i) {
1526 pos += i; 1584 pos += i;
1527 if (!(i = strspn (pos, " \t"))) { 1585 if (!(i = strspn(pos, " \t"))) {
1528 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"), 1586 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"),
1529 display_html ? "</A>" : ""); 1587 display_html ? "</A>" : "");
1530 } 1588 }
1531 } 1589 }
1532 1590
1533 url = realloc (url, strcspn (pos, "\r\n") + 1); 1591 url = realloc(url, strcspn(pos, "\r\n") + 1);
1534 if (url == NULL) 1592 if (url == NULL) {
1535 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); 1593 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
1536 1594 }
1537 /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */ 1595
1538 if (sscanf (pos, HD1, type, addr, &i, url) == 4) { 1596 /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */
1539 url = prepend_slash (url); 1597 if (sscanf(pos, HD1, type, addr, &i, url) == 4) {
1540 use_ssl = server_type_check (type); 1598 url = prepend_slash(url);
1541 } 1599 use_ssl = server_type_check(type);
1542 1600 }
1543 /* URI_HTTP URI_HOST URI_PATH */ 1601
1544 else if (sscanf (pos, HD2, type, addr, url) == 3 ) { 1602 /* URI_HTTP URI_HOST URI_PATH */
1545 url = prepend_slash (url); 1603 else if (sscanf(pos, HD2, type, addr, url) == 3) {
1546 use_ssl = server_type_check (type); 1604 url = prepend_slash(url);
1547 i = server_port_check (use_ssl); 1605 use_ssl = server_type_check(type);
1548 } 1606 i = server_port_check(use_ssl);
1549 1607 }
1550 /* URI_HTTP URI_HOST URI_PORT */ 1608
1551 else if (sscanf (pos, HD3, type, addr, &i) == 3) { 1609 /* URI_HTTP URI_HOST URI_PORT */
1552 strcpy (url, HTTP_URL); 1610 else if (sscanf(pos, HD3, type, addr, &i) == 3) {
1553 use_ssl = server_type_check (type); 1611 strcpy(url, HTTP_URL);
1554 } 1612 use_ssl = server_type_check(type);
1555 1613 }
1556 /* URI_HTTP URI_HOST */ 1614
1557 else if (sscanf (pos, HD4, type, addr) == 2) { 1615 /* URI_HTTP URI_HOST */
1558 strcpy (url, HTTP_URL); 1616 else if (sscanf(pos, HD4, type, addr) == 2) {
1559 use_ssl = server_type_check (type); 1617 strcpy(url, HTTP_URL);
1560 i = server_port_check (use_ssl); 1618 use_ssl = server_type_check(type);
1561 } 1619 i = server_port_check(use_ssl);
1562 /* URI_HTTP, URI_HOST, URI_PATH */ 1620 }
1563 else if (sscanf (pos, HD5, addr, url) == 2) { 1621 /* URI_HTTP, URI_HOST, URI_PATH */
1564 if(use_ssl){ 1622 else if (sscanf(pos, HD5, addr, url) == 2) {
1565 strcpy (type,"https"); 1623 if (use_ssl) {
1566 } 1624 strcpy(type, "https");
1567 else{ 1625 } else {
1568 strcpy (type, server_type); 1626 strcpy(type, server_type);
1569 } 1627 }
1570 xasprintf (&url, "/%s", url); 1628 xasprintf(&url, "/%s", url);
1571 use_ssl = server_type_check (type); 1629 use_ssl = server_type_check(type);
1572 i = server_port_check (use_ssl); 1630 i = server_port_check(use_ssl);
1573 } 1631 }
1574 1632
1575 /* URI_PATH */ 1633 /* URI_PATH */
1576 else if (sscanf (pos, HD6, url) == 1) { 1634 else if (sscanf(pos, HD6, url) == 1) {
1577 /* relative url */ 1635 /* relative url */
1578 if ((url[0] != '/')) { 1636 if ((url[0] != '/')) {
1579 if ((x = strrchr(server_url, '/'))) 1637 if ((x = strrchr(server_url, '/'))) {
1580 *x = '\0'; 1638 *x = '\0';
1581 xasprintf (&url, "%s/%s", server_url, url); 1639 }
1582 } 1640 xasprintf(&url, "%s/%s", server_url, url);
1583 i = server_port; 1641 }
1584 strcpy (type, server_type); 1642 i = server_port;
1585 strcpy (addr, host_name ? host_name : server_address); 1643 strcpy(type, server_type);
1586 } 1644 strcpy(addr, host_name ? host_name : server_address);
1587 1645 }
1588 else { 1646
1589 die (STATE_UNKNOWN, 1647 else {
1590 _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), 1648 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), pos,
1591 pos, (display_html ? "</A>" : "")); 1649 (display_html ? "</A>" : ""));
1592 } 1650 }
1593 1651
1594 break; 1652 break;
1595 1653
1596 } /* end while (pos) */ 1654 } /* end while (pos) */
1597 1655
1598 if (++redir_depth > max_depth) 1656 if (++redir_depth > max_depth) {
1599 die (STATE_WARNING, 1657 die(STATE_WARNING,
1600 _("HTTP WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"), 1658 _("HTTP WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"), max_depth,
1601 max_depth, type, addr, i, url, (display_html ? "</A>" : "")); 1659 type, addr, i, url, (display_html ? "</A>" : ""));
1602 1660 }
1603 if (server_port==i && 1661
1604 !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && 1662 if (server_port == i && !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
1605 (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && 1663 (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && !strcmp(server_url, url)) {
1606 !strcmp(server_url, url)) 1664 die(STATE_CRITICAL,
1607 die (STATE_CRITICAL, 1665 _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"), type,
1608 _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"), 1666 addr, i, url, (display_html ? "</A>" : ""));
1609 type, addr, i, url, (display_html ? "</A>" : "")); 1667 }
1610 1668
1611 strcpy (server_type, type); 1669 strcpy(server_type, type);
1612 1670
1613 free (host_name); 1671 free(host_name);
1614 host_name = strndup (addr, MAX_IPV4_HOSTLENGTH); 1672 host_name = strndup(addr, MAX_IPV4_HOSTLENGTH);
1615 1673
1616 if (!(followsticky & STICKY_HOST)) { 1674 if (!(followsticky & STICKY_HOST)) {
1617 free (server_address); 1675 free(server_address);
1618 server_address = strndup (addr, MAX_IPV4_HOSTLENGTH); 1676 server_address = strndup(addr, MAX_IPV4_HOSTLENGTH);
1619 } 1677 }
1620 if (!(followsticky & STICKY_PORT)) { 1678 if (!(followsticky & STICKY_PORT)) {
1621 server_port = i; 1679 server_port = i;
1622 } 1680 }
1623 1681
1624 free (server_url); 1682 free(server_url);
1625 server_url = url; 1683 server_url = url;
1626 1684
1627 if (server_port > MAX_PORT) 1685 if (server_port > MAX_PORT) {
1628 die (STATE_UNKNOWN, 1686 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"),
1629 _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"), 1687 MAX_PORT, server_type, server_address, server_port, server_url,
1630 MAX_PORT, server_type, server_address, server_port, server_url, 1688 display_html ? "</A>" : "");
1631 display_html ? "</A>" : ""); 1689 }
1632
1633 /* reset virtual port */
1634 virtual_port = server_port;
1635
1636 if (verbose)
1637 printf (_("Redirection to %s://%s:%d%s\n"), server_type,
1638 host_name ? host_name : server_address, server_port, server_url);
1639
1640 free(addr);
1641 check_http ();
1642}
1643 1690
1691 /* reset virtual port */
1692 virtual_port = server_port;
1644 1693
1645bool 1694 if (verbose) {
1646server_type_check (const char *type) 1695 printf(_("Redirection to %s://%s:%d%s\n"), server_type,
1647{ 1696 host_name ? host_name : server_address, server_port, server_url);
1648 if (strcmp (type, "https")) 1697 }
1649 return false; 1698
1650 else 1699 free(addr);
1651 return true; 1700 check_http();
1652} 1701}
1653 1702
1654int 1703bool server_type_check(const char *type) { return (!(bool)strcmp(type, "https")); }
1655server_port_check (int ssl_flag) 1704
1656{ 1705int server_port_check(int ssl_flag) {
1657 if (ssl_flag) 1706 if (ssl_flag) {
1658 return HTTPS_PORT; 1707 return HTTPS_PORT;
1659 else 1708 }
1660 return HTTP_PORT; 1709 return HTTP_PORT;
1661} 1710}
1662 1711
1663char *perfd_time (double elapsed_time) 1712char *perfd_time(double elapsed_time) {
1664{ 1713 return fperfdata("time", elapsed_time, "s", thlds->warning,
1665 return fperfdata ("time", elapsed_time, "s", 1714 thlds->warning ? thlds->warning->end : 0, thlds->critical,
1666 thlds->warning?true:false, thlds->warning?thlds->warning->end:0, 1715 thlds->critical ? thlds->critical->end : 0, true, 0, true, socket_timeout);
1667 thlds->critical?true:false, thlds->critical?thlds->critical->end:0,
1668 true, 0, true, socket_timeout);
1669} 1716}
1670 1717
1671char *perfd_time_connect (double elapsed_time_connect) 1718char *perfd_time_connect(double elapsed_time_connect) {
1672{ 1719 return fperfdata("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true,
1673 return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1720 socket_timeout);
1674} 1721}
1675 1722
1676char *perfd_time_ssl (double elapsed_time_ssl) 1723char *perfd_time_ssl(double elapsed_time_ssl) {
1677{ 1724 return fperfdata("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true,
1678 return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1725 socket_timeout);
1679} 1726}
1680 1727
1681char *perfd_time_headers (double elapsed_time_headers) 1728char *perfd_time_headers(double elapsed_time_headers) {
1682{ 1729 return fperfdata("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true,
1683 return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1730 socket_timeout);
1684} 1731}
1685 1732
1686char *perfd_time_firstbyte (double elapsed_time_firstbyte) 1733char *perfd_time_firstbyte(double elapsed_time_firstbyte) {
1687{ 1734 return fperfdata("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0,
1688 return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1735 true, socket_timeout);
1689} 1736}
1690 1737
1691char *perfd_time_transfer (double elapsed_time_transfer) 1738char *perfd_time_transfer(double elapsed_time_transfer) {
1692{ 1739 return fperfdata("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0,
1693 return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1740 true, socket_timeout);
1694} 1741}
1695 1742
1696char *perfd_size (int page_len) 1743char *perfd_size(int page_len) {
1697{ 1744 return perfdata("size", page_len, "B", (min_page_len > 0), min_page_len, (min_page_len > 0), 0,
1698 return perfdata ("size", page_len, "B", 1745 true, 0, false, 0);
1699 (min_page_len>0?true:false), min_page_len,
1700 (min_page_len>0?true:false), 0,
1701 true, 0, false, 0);
1702} 1746}
1703 1747
1704void 1748void print_help(void) {
1705print_help (void) 1749 print_revision(progname, NP_VERSION);
1706{
1707 print_revision (progname, NP_VERSION);
1708 1750
1709 printf ("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); 1751 printf("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n");
1710 printf (COPYRIGHT, copyright, email); 1752 printf(COPYRIGHT, copyright, email);
1711 1753
1712 printf ("%s\n", _("This plugin tests the HTTP service on the specified host. It can test")); 1754 printf("%s\n", _("This plugin tests the HTTP service on the specified host. It can test"));
1713 printf ("%s\n", _("normal (http) and secure (https) servers, follow redirects, search for")); 1755 printf("%s\n", _("normal (http) and secure (https) servers, follow redirects, search for"));
1714 printf ("%s\n", _("strings and regular expressions, check connection times, and report on")); 1756 printf("%s\n", _("strings and regular expressions, check connection times, and report on"));
1715 printf ("%s\n", _("certificate expiration times.")); 1757 printf("%s\n", _("certificate expiration times."));
1716 1758
1717 printf ("\n\n"); 1759 printf("\n");
1760 printf("%s\n", _("ATTENTION!"));
1761 printf("\n");
1762 printf("%s\n", _("THIS PLUGIN IS DEPRECATED. The functionality was reimplemented by the"));
1763 printf("%s\n", _("check_curl plugin, which can be used as a drop-in replacement. You should"));
1764 printf("%s\n", _("migrate your checks over to check_curl, because check_http is going to be"));
1765 printf("%s\n", _("removed sooner than later. Just replace check_http with check_curl in your"));
1766 printf("%s\n", _("check command definitions."));
1767 printf("%s\n",
1768 _("Report issues to: https://github.com/monitoring-plugins/monitoring-plugins/issues"));
1718 1769
1719 print_usage (); 1770 printf("\n\n");
1771
1772 print_usage();
1720 1773
1721#ifdef HAVE_SSL 1774#ifdef HAVE_SSL
1722 printf (_("In the first form, make an HTTP request.")); 1775 printf(_("In the first form, make an HTTP request."));
1723 printf (_("In the second form, connect to the server and check the TLS certificate.")); 1776 printf(_("In the second form, connect to the server and check the TLS certificate."));
1724#endif 1777#endif
1725 printf (_("NOTE: One or both of -H and -I must be specified")); 1778 printf(_("NOTE: One or both of -H and -I must be specified"));
1726 1779
1727 printf ("\n"); 1780 printf("\n");
1728 1781
1729 printf (UT_HELP_VRSN); 1782 printf(UT_HELP_VRSN);
1730 printf (UT_EXTRA_OPTS); 1783 printf(UT_EXTRA_OPTS);
1731 1784
1732 printf (" %s\n", "-H, --hostname=ADDRESS"); 1785 printf(" %s\n", "-H, --hostname=ADDRESS");
1733 printf (" %s\n", _("Host name argument for servers using host headers (virtual host)")); 1786 printf(" %s\n", _("Host name argument for servers using host headers (virtual host)"));
1734 printf (" %s\n", _("Append a port to include it in the header (eg: example.com:5000)")); 1787 printf(" %s\n", _("Append a port to include it in the header (eg: example.com:5000)"));
1735 printf (" %s\n", "-I, --IP-address=ADDRESS"); 1788 printf(" %s\n", "-I, --IP-address=ADDRESS");
1736 printf (" %s\n", _("IP address or name (use numeric address if possible to bypass DNS lookup).")); 1789 printf(" %s\n",
1737 printf (" %s\n", "-p, --port=INTEGER"); 1790 _("IP address or name (use numeric address if possible to bypass DNS lookup)."));
1738 printf (" %s", _("Port number (default: ")); 1791 printf(" %s\n", "-p, --port=INTEGER");
1739 printf ("%d)\n", HTTP_PORT); 1792 printf(" %s", _("Port number (default: "));
1793 printf("%d)\n", HTTP_PORT);
1740 1794
1741 printf (UT_IPv46); 1795 printf(UT_IPv46);
1742 1796
1743#ifdef HAVE_SSL 1797#ifdef HAVE_SSL
1744 printf (" %s\n", "-S, --ssl=VERSION[+]"); 1798 printf(" %s\n", "-S, --ssl=VERSION[+]");
1745 printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); 1799 printf(" %s\n",
1746 printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); 1800 _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents"));
1747 printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted.")); 1801 printf(" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
1748 printf (" %s\n", "--sni"); 1802 printf(" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted."));
1749 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); 1803 printf(" %s\n", "--sni");
1750 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); 1804 printf(" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
1751 printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); 1805 printf(" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
1752 printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); 1806 printf(" %s\n",
1753 printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); 1807 _("Minimum number of days a certificate has to be valid. Port defaults to 443"));
1754 printf (" %s\n", "--continue-after-certificate"); 1808 printf(" %s\n",
1755 printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); 1809 _("(when this option is used the URL is not checked by default. You can use"));
1756 printf (" %s\n", _("Does nothing unless -C is used.")); 1810 printf(" %s\n", _(" --continue-after-certificate to override this behavior)"));
1757 printf (" %s\n", "-J, --client-cert=FILE"); 1811 printf(" %s\n", "--continue-after-certificate");
1758 printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); 1812 printf(" %s\n",
1759 printf (" %s\n", _("to be used in establishing the SSL session")); 1813 _("Allows the HTTP check to continue after performing the certificate check."));
1760 printf (" %s\n", "-K, --private-key=FILE"); 1814 printf(" %s\n", _("Does nothing unless -C is used."));
1761 printf (" %s\n", _("Name of file containing the private key (PEM format)")); 1815 printf(" %s\n", "-J, --client-cert=FILE");
1762 printf (" %s\n", _("matching the client certificate")); 1816 printf(" %s\n", _("Name of file that contains the client certificate (PEM format)"));
1817 printf(" %s\n", _("to be used in establishing the SSL session"));
1818 printf(" %s\n", "-K, --private-key=FILE");
1819 printf(" %s\n", _("Name of file containing the private key (PEM format)"));
1820 printf(" %s\n", _("matching the client certificate"));
1763#endif 1821#endif
1764 1822
1765 printf (" %s\n", "-e, --expect=STRING"); 1823 printf(" %s\n", "-e, --expect=STRING");
1766 printf (" %s\n", _("Comma-delimited list of strings, at least one of them is expected in")); 1824 printf(" %s\n", _("Comma-delimited list of strings, at least one of them is expected in"));
1767 printf (" %s", _("the first (status) line of the server response (default: ")); 1825 printf(" %s", _("the first (status) line of the server response (default: "));
1768 printf ("%s)\n", HTTP_EXPECT); 1826 printf("%s)\n", HTTP_EXPECT);
1769 printf (" %s\n", _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)")); 1827 printf(" %s\n",
1770 printf (" %s\n", "-d, --header-string=STRING"); 1828 _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)"));
1771 printf (" %s\n", _("String to expect in the response headers")); 1829 printf(" %s\n", "-d, --header-string=STRING");
1772 printf (" %s\n", "-s, --string=STRING"); 1830 printf(" %s\n", _("String to expect in the response headers"));
1773 printf (" %s\n", _("String to expect in the content")); 1831 printf(" %s\n", "-s, --string=STRING");
1774 printf (" %s\n", "-u, --url=PATH"); 1832 printf(" %s\n", _("String to expect in the content"));
1775 printf (" %s\n", _("URL to GET or POST (default: /)")); 1833 printf(" %s\n", "-u, --url=PATH");
1776 printf (" %s\n", "-P, --post=STRING"); 1834 printf(" %s\n", _("URL to GET or POST (default: /)"));
1777 printf (" %s\n", _("URL encoded http POST data")); 1835 printf(" %s\n", "-P, --post=STRING");
1778 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)"); 1836 printf(" %s\n", _("URL decoded http POST data"));
1779 printf (" %s\n", _("Set HTTP method.")); 1837 printf(" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, "
1780 printf (" %s\n", "-N, --no-body"); 1838 "CONNECT, CONNECT:POST)");
1781 printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); 1839 printf(" %s\n", _("Set HTTP method."));
1782 printf (" %s\n", _("(Note that this still does an HTTP GET or POST, not a HEAD.)")); 1840 printf(" %s\n", "-N, --no-body");
1783 printf (" %s\n", "-M, --max-age=SECONDS"); 1841 printf(" %s\n", _("Don't wait for document body: stop reading after headers."));
1784 printf (" %s\n", _("Warn if document is more than SECONDS old. the number can also be of")); 1842 printf(" %s\n", _("(Note that this still does an HTTP GET or POST, not a HEAD.)"));
1785 printf (" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or \"10d\" for days.")); 1843 printf(" %s\n", "-M, --max-age=SECONDS");
1786 printf (" %s\n", "-T, --content-type=STRING"); 1844 printf(" %s\n", _("Warn if document is more than SECONDS old. the number can also be of"));
1787 printf (" %s\n", _("specify Content-Type header media type when POSTing\n")); 1845 printf(" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or \"10d\" for days."));
1788 1846 printf(" %s\n", "-T, --content-type=STRING");
1789 printf (" %s\n", "-l, --linespan"); 1847 printf(" %s\n", _("specify Content-Type header media type when POSTing\n"));
1790 printf (" %s\n", _("Allow regex to span newlines (must precede -r or -R)")); 1848
1791 printf (" %s\n", "-r, --regex, --ereg=STRING"); 1849 printf(" %s\n", "-l, --linespan");
1792 printf (" %s\n", _("Search page for regex STRING")); 1850 printf(" %s\n", _("Allow regex to span newlines (must precede -r or -R)"));
1793 printf (" %s\n", "-R, --eregi=STRING"); 1851 printf(" %s\n", "-r, --regex, --ereg=STRING");
1794 printf (" %s\n", _("Search page for case-insensitive regex STRING")); 1852 printf(" %s\n", _("Search page for regex STRING"));
1795 printf (" %s\n", "--invert-regex"); 1853 printf(" %s\n", "-R, --eregi=STRING");
1796 printf (" %s\n", _("Return CRITICAL if found, OK if not\n")); 1854 printf(" %s\n", _("Search page for case-insensitive regex STRING"));
1797 1855 printf(" %s\n", "--invert-regex");
1798 printf (" %s\n", "-a, --authorization=AUTH_PAIR"); 1856 printf(" %s\n", _("Return STATE if found, OK if not (STATE is CRITICAL, per default)"));
1799 printf (" %s\n", _("Username:password on sites with basic authentication")); 1857 printf(" %s\n", _("can be changed with --state--regex)"));
1800 printf (" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); 1858 printf(" %s\n", "--state-regex=STATE");
1801 printf (" %s\n", _("Username:password on proxy-servers with basic authentication")); 1859 printf(" %s\n", _("Return STATE if regex is found, OK if not\n"));
1802 printf (" %s\n", "-A, --useragent=STRING"); 1860
1803 printf (" %s\n", _("String to be sent in http header as \"User Agent\"")); 1861 printf(" %s\n", "-a, --authorization=AUTH_PAIR");
1804 printf (" %s\n", "-k, --header=STRING"); 1862 printf(" %s\n", _("Username:password on sites with basic authentication"));
1805 printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); 1863 printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR");
1806 printf (" %s\n", "-E, --extended-perfdata"); 1864 printf(" %s\n", _("Username:password on proxy-servers with basic authentication"));
1807 printf (" %s\n", _("Print additional performance data")); 1865 printf(" %s\n", "-A, --useragent=STRING");
1808 printf (" %s\n", "-B, --show-body"); 1866 printf(" %s\n", _("String to be sent in http header as \"User Agent\""));
1809 printf (" %s\n", _("Print body content below status line")); 1867 printf(" %s\n", "-k, --header=STRING");
1810 printf (" %s\n", "-L, --link"); 1868 printf(
1811 printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); 1869 " %s\n",
1812 printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); 1870 _("Any other tags to be sent in http header. Use multiple times for additional headers"));
1813 printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); 1871 printf(" %s\n", "-E, --extended-perfdata");
1814 printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); 1872 printf(" %s\n", _("Print additional performance data"));
1815 printf (" %s\n", "--max-redirs=INTEGER"); 1873 printf(" %s\n", "-B, --show-body");
1816 printf (" %s", _("Maximal number of redirects (default: ")); 1874 printf(" %s\n", _("Print body content below status line"));
1817 printf ("%d)\n", DEFAULT_MAX_REDIRS); 1875 printf(" %s\n", "-L, --link");
1818 printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); 1876 printf(" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
1819 printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); 1877 printf(" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>");
1820 printf (UT_WARN_CRIT); 1878 printf(" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the"));
1821 1879 printf(" %s\n", _("specified IP address. stickyport also ensures port stays the same."));
1822 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 1880 printf(" %s\n", "--max-redirs=INTEGER");
1823 1881 printf(" %s", _("Maximal number of redirects (default: "));
1824 printf (UT_VERBOSE); 1882 printf("%d)\n", DEFAULT_MAX_REDIRS);
1825 1883 printf(" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
1826 printf ("\n"); 1884 printf(" %s\n",
1827 printf ("%s\n", _("Notes:")); 1885 _("Minimum page size required (bytes) : Maximum page size required (bytes)"));
1828 printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host.")); 1886 printf(UT_WARN_CRIT);
1829 printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL")); 1887
1830 printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response")); 1888 printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
1831 printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are")); 1889
1832 printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN")); 1890 printf(UT_VERBOSE);
1833 printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument.")); 1891
1892 printf("\n");
1893 printf("%s\n", _("Notes:"));
1894 printf(" %s\n", _("This plugin will attempt to open an HTTP connection with the host."));
1895 printf(" %s\n",
1896 _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL"));
1897 printf(" %s\n",
1898 _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response"));
1899 printf(" %s\n", _("messages from the host result in STATE_WARNING return values. If you are"));
1900 printf(" %s\n",
1901 _("checking a virtual server that uses 'host headers' you must supply the FQDN"));
1902 printf(" %s\n", _("(fully qualified domain name) as the [host_name] argument."));
1834 1903
1835#ifdef HAVE_SSL 1904#ifdef HAVE_SSL
1836 printf ("\n"); 1905 printf("\n");
1837 printf (" %s\n", _("This plugin can also check whether an SSL enabled web server is able to")); 1906 printf(" %s\n", _("This plugin can also check whether an SSL enabled web server is able to"));
1838 printf (" %s\n", _("serve content (optionally within a specified time) or whether the X509 ")); 1907 printf(" %s\n", _("serve content (optionally within a specified time) or whether the X509 "));
1839 printf (" %s\n", _("certificate is still valid for the specified number of days.")); 1908 printf(" %s\n", _("certificate is still valid for the specified number of days."));
1840 printf ("\n"); 1909 printf("\n");
1841 printf (" %s\n", _("Please note that this plugin does not check if the presented server")); 1910 printf(" %s\n", _("Please note that this plugin does not check if the presented server"));
1842 printf (" %s\n", _("certificate matches the hostname of the server, or if the certificate")); 1911 printf(" %s\n", _("certificate matches the hostname of the server, or if the certificate"));
1843 printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs.")); 1912 printf(" %s\n", _("has a valid chain of trust to one of the locally installed CAs."));
1844 printf ("\n"); 1913 printf("\n");
1845 printf ("%s\n", _("Examples:")); 1914 printf("%s\n", _("Examples:"));
1846 printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); 1915 printf(" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com");
1847 printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,")); 1916 printf(" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,"));
1848 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); 1917 printf(" %s\n",
1849 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); 1918 _("a STATE_OK will be returned. When the server returns its content but exceeds"));
1850 printf (" %s\n", _("a STATE_CRITICAL will be returned.")); 1919 printf(" %s\n",
1851 printf ("\n"); 1920 _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
1852 printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); 1921 printf(" %s\n", _("a STATE_CRITICAL will be returned."));
1853 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); 1922 printf("\n");
1854 printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); 1923 printf(" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");
1855 printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); 1924 printf(" %s\n",
1856 printf (" %s\n\n", _("the certificate is expired.")); 1925 _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));
1857 printf ("\n"); 1926 printf(" %s\n",
1858 printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); 1927 _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
1859 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); 1928 printf(" %s\n",
1860 printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); 1929 _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));
1861 printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); 1930 printf(" %s\n\n", _("the certificate is expired."));
1862 printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); 1931 printf("\n");
1863 1932 printf(" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
1864 printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); 1933 printf(" %s\n",
1865 printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); 1934 _("When the certificate of 'www.verisign.com' is valid for more than 30 days,"));
1866 printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); 1935 printf(" %s\n",
1867 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); 1936 _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
1868 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); 1937 printf(" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned."));
1869 printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used")); 1938 printf(" %s\n",
1870 printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST")); 1939 _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days"));
1940
1941 printf(" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
1942 printf(" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j "
1943 "CONNECT -H www.verisign.com "));
1944 printf(" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> "
1945 "-S(sl) -j CONNECT -H <webserver>"));
1946 printf(" %s\n",
1947 _("a STATE_OK will be returned. When the server returns its content but exceeds"));
1948 printf(" %s\n",
1949 _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
1950 printf(" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can "
1951 "set the method used"));
1952 printf(" %s\n", _("inside the proxied connection: -j CONNECT:POST"));
1871 1953
1872#endif 1954#endif
1873 1955
1874 printf (UT_SUPPORT); 1956 printf(UT_SUPPORT);
1875
1876} 1957}
1877 1958
1878 1959void print_usage(void) {
1879 1960 printf("%s\n", _("Usage:"));
1880void 1961 printf(" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n", progname);
1881print_usage (void) 1962 printf(" [-J <client certificate file>] [-K <private key>]\n");
1882{ 1963 printf(" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n");
1883 printf ("%s\n", _("Usage:")); 1964 printf(" [-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport>]\n");
1884 printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname); 1965 printf(" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive "
1885 printf (" [-J <client certificate file>] [-K <private key>]\n"); 1966 "regex>]\n");
1886 printf (" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n"); 1967 printf(" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n");
1887 printf (" [-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport>]\n"); 1968 printf(" [-A string] [-k string] [-S <version>] [--sni]\n");
1888 printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); 1969 printf(" [-T <content-type>] [-j method]\n");
1889 printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); 1970 printf(" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n", progname);
1890 printf (" [-A string] [-k string] [-S <version>] [--sni]\n"); 1971 printf(" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n");
1891 printf (" [-T <content-type>] [-j method]\n");
1892 printf (" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n",progname);
1893 printf (" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n");
1894} 1972}