diff options
Diffstat (limited to 'plugins/check_ldap.c')
-rw-r--r-- | plugins/check_ldap.c | 291 |
1 files changed, 291 insertions, 0 deletions
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c new file mode 100644 index 00000000..d3f06158 --- /dev/null +++ b/plugins/check_ldap.c | |||
@@ -0,0 +1,291 @@ | |||
1 | /***************************************************************************** * | ||
2 | * CHECK_LDAP.C | ||
3 | * | ||
4 | * Program: Ldap plugin for Nagios | ||
5 | * License: GPL | ||
6 | * Copyright (c) 1999 Didi Rieder (adrieder@sbox.tu-graz.ac.at) | ||
7 | * | ||
8 | * Last Modified: $Date$ | ||
9 | * | ||
10 | * Command line: check_ldap -h <host> -b <base_dn> -p <port> -w <warn_time> -w <crit_time> | ||
11 | * | ||
12 | * Description: | ||
13 | * | ||
14 | * This plugin is for testing a ldap server. | ||
15 | * | ||
16 | * Modifications: | ||
17 | * | ||
18 | * 08-25-1999 Ethan Galstad (nagios@nagios.org) | ||
19 | * Modified to use common plugin include file | ||
20 | * | ||
21 | *****************************************************************************/ | ||
22 | |||
23 | #define PROGNAME "check_ldap" | ||
24 | #define REVISION "$Revision$" | ||
25 | |||
26 | #include "config.h" | ||
27 | #include "common.h" | ||
28 | #include "netutils.h" | ||
29 | #include "utils.h" | ||
30 | |||
31 | #include <lber.h> | ||
32 | #include <ldap.h> | ||
33 | |||
34 | #define UNKNOWN -1 | ||
35 | |||
36 | int process_arguments (int, char **); | ||
37 | int call_getopt (int, char **); | ||
38 | int validate_arguments (void); | ||
39 | static void print_help (void); | ||
40 | static void print_usage (void); | ||
41 | |||
42 | char ld_defattr[] = "(objectclass=*)"; | ||
43 | char *ld_attr = ld_defattr; | ||
44 | char *ld_host = NULL, *ld_base = NULL, *ld_passwd = NULL, *ld_binddn = NULL; | ||
45 | unsigned int ld_port = 389; | ||
46 | int warn_time = UNKNOWN, crit_time = UNKNOWN; | ||
47 | |||
48 | int | ||
49 | main (int argc, char *argv[]) | ||
50 | { | ||
51 | |||
52 | LDAP *ld; | ||
53 | LDAPMessage *result; | ||
54 | |||
55 | int t_diff; | ||
56 | time_t time0, time1; | ||
57 | |||
58 | if (process_arguments (argc, argv) == ERROR) | ||
59 | usage ("check_ldap: could not parse arguments\n"); | ||
60 | |||
61 | /* initialize alarm signal handling */ | ||
62 | signal (SIGALRM, socket_timeout_alarm_handler); | ||
63 | |||
64 | /* set socket timeout */ | ||
65 | alarm (socket_timeout); | ||
66 | |||
67 | /* get the start time */ | ||
68 | time (&time0); | ||
69 | |||
70 | /* initialize ldap */ | ||
71 | if (!(ld = ldap_open (ld_host, ld_port))) { | ||
72 | /*ldap_perror(ld, "ldap_open"); */ | ||
73 | printf ("Could not connect to the server at port %i\n", ld_port); | ||
74 | return STATE_CRITICAL; | ||
75 | } | ||
76 | |||
77 | /* bind to the ldap server */ | ||
78 | if (ldap_bind_s (ld, ld_binddn, ld_passwd, LDAP_AUTH_SIMPLE) != | ||
79 | LDAP_SUCCESS) { | ||
80 | /*ldap_perror(ld, "ldap_bind"); */ | ||
81 | printf ("Could not bind to the ldap-server\n"); | ||
82 | return STATE_CRITICAL; | ||
83 | } | ||
84 | |||
85 | /* do a search of all objectclasses in the base dn */ | ||
86 | if (ldap_search_s (ld, ld_base, LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) | ||
87 | != LDAP_SUCCESS) { | ||
88 | /*ldap_perror(ld, "ldap_search"); */ | ||
89 | printf ("Could not search/find objectclasses in %s\n", ld_base); | ||
90 | return STATE_CRITICAL; | ||
91 | } | ||
92 | |||
93 | /* unbind from the ldap server */ | ||
94 | ldap_unbind (ld); | ||
95 | |||
96 | /* reset the alarm handler */ | ||
97 | alarm (0); | ||
98 | |||
99 | /* get the finish time */ | ||
100 | time (&time1); | ||
101 | |||
102 | /* calcutate the elapsed time */ | ||
103 | t_diff = time1 - time0; | ||
104 | |||
105 | /* check if warn_time or crit_time was exceeded */ | ||
106 | if ((t_diff >= warn_time) && (t_diff < crit_time)) { | ||
107 | printf ("LDAP warning - %i seconds response time\n", t_diff); | ||
108 | return STATE_WARNING; | ||
109 | } | ||
110 | if (t_diff >= crit_time) { | ||
111 | printf ("LDAP critical - %i seconds response time\n", t_diff); | ||
112 | return STATE_CRITICAL; | ||
113 | } | ||
114 | |||
115 | /* print out the result */ | ||
116 | printf ("LDAP ok - %i seconds response time\n", t_diff); | ||
117 | |||
118 | return STATE_OK; | ||
119 | } | ||
120 | |||
121 | /* process command-line arguments */ | ||
122 | int | ||
123 | process_arguments (int argc, char **argv) | ||
124 | { | ||
125 | int c; | ||
126 | |||
127 | if (argc < 2) | ||
128 | return ERROR; | ||
129 | |||
130 | for (c = 1; c < argc; c++) { | ||
131 | if (strcmp ("-to", argv[c]) == 0) | ||
132 | strcpy (argv[c], "-t"); | ||
133 | } | ||
134 | |||
135 | c = 0; | ||
136 | while (c += (call_getopt (argc - c, &argv[c]))) { | ||
137 | if (argc <= c) | ||
138 | break; | ||
139 | if (ld_host[0] == 0) { | ||
140 | strncpy (ld_host, argv[c], sizeof (ld_host) - 1); | ||
141 | ld_host[sizeof (ld_host) - 1] = 0; | ||
142 | } | ||
143 | } | ||
144 | |||
145 | return c; | ||
146 | } | ||
147 | |||
148 | int | ||
149 | call_getopt (int argc, char **argv) | ||
150 | { | ||
151 | int c, i = 1; | ||
152 | #ifdef HAVE_GETOPT_H | ||
153 | int option_index = 0; | ||
154 | /* initialize the long option struct */ | ||
155 | static struct option long_options[] = { | ||
156 | {"help", no_argument, 0, 'h'}, | ||
157 | {"version", no_argument, 0, 'V'}, | ||
158 | {"timeout", required_argument, 0, 't'}, | ||
159 | {"host", required_argument, 0, 'H'}, | ||
160 | {"base", required_argument, 0, 'b'}, | ||
161 | {"attr", required_argument, 0, 'a'}, | ||
162 | {"bind", required_argument, 0, 'D'}, | ||
163 | {"pass", required_argument, 0, 'P'}, | ||
164 | {"port", required_argument, 0, 'p'}, | ||
165 | {"warn", required_argument, 0, 'w'}, | ||
166 | {"crit", required_argument, 0, 'c'}, | ||
167 | {0, 0, 0, 0} | ||
168 | }; | ||
169 | #endif | ||
170 | |||
171 | for (c = 1; c < argc; c++) | ||
172 | if (strcmp ("-to", argv[c]) == 0) | ||
173 | strcpy (argv[c], "-t"); | ||
174 | |||
175 | while (1) { | ||
176 | #ifdef HAVE_GETOPT_H | ||
177 | c = | ||
178 | getopt_long (argc, argv, "+hVt:c:w:H:b:p:a:D:P:", long_options, | ||
179 | &option_index); | ||
180 | #else | ||
181 | c = getopt (argc, argv, "+?hVt:c:w:H:b:p:a:D:P:"); | ||
182 | #endif | ||
183 | |||
184 | if (c == -1 || c == EOF) | ||
185 | break; | ||
186 | |||
187 | i++; | ||
188 | switch (c) { | ||
189 | case 't': | ||
190 | case 'c': | ||
191 | case 'w': | ||
192 | case 'H': | ||
193 | case 'b': | ||
194 | case 'p': | ||
195 | case 'a': | ||
196 | case 'D': | ||
197 | case 'P': | ||
198 | i++; | ||
199 | } | ||
200 | |||
201 | switch (c) { | ||
202 | case 'h': /* help */ | ||
203 | print_help (); | ||
204 | exit (STATE_OK); | ||
205 | case 'V': /* version */ | ||
206 | print_revision (PROGNAME, REVISION); | ||
207 | exit (STATE_OK); | ||
208 | case 't': /* timeout period */ | ||
209 | if (!is_intnonneg (optarg)) | ||
210 | usage2 ("timeout interval must be an integer", optarg); | ||
211 | socket_timeout = atoi (optarg); | ||
212 | break; | ||
213 | case 'H': | ||
214 | ld_host = optarg; | ||
215 | break; | ||
216 | case 'b': | ||
217 | ld_base = optarg; | ||
218 | break; | ||
219 | case 'p': | ||
220 | ld_port = atoi (optarg); | ||
221 | break; | ||
222 | case 'a': | ||
223 | ld_attr = optarg; | ||
224 | break; | ||
225 | case 'D': | ||
226 | ld_binddn = optarg; | ||
227 | break; | ||
228 | case 'P': | ||
229 | ld_passwd = optarg; | ||
230 | break; | ||
231 | case 'w': | ||
232 | warn_time = atoi (optarg); | ||
233 | break; | ||
234 | case 'c': | ||
235 | crit_time = atoi (optarg); | ||
236 | break; | ||
237 | default: | ||
238 | usage ("check_ldap: could not parse arguments\n"); | ||
239 | break; | ||
240 | } | ||
241 | } | ||
242 | return i; | ||
243 | } | ||
244 | |||
245 | int | ||
246 | validate_arguments () | ||
247 | { | ||
248 | if (ld_host[0] == 0 || | ||
249 | ld_base[0] == 0 || | ||
250 | ld_port == UNKNOWN || warn_time == UNKNOWN || crit_time == UNKNOWN) { | ||
251 | return ERROR; | ||
252 | } | ||
253 | else { | ||
254 | return OK; | ||
255 | } | ||
256 | } | ||
257 | |||
258 | |||
259 | |||
260 | /* function print_help */ | ||
261 | static void | ||
262 | print_help () | ||
263 | { | ||
264 | print_revision (PROGNAME, REVISION); | ||
265 | printf | ||
266 | ("Copyright (c) 1999 Didi Rieder (adrieder@sbox.tu-graz.ac.at)\n" | ||
267 | "License: GPL\n" "\n"); | ||
268 | print_usage (); | ||
269 | printf | ||
270 | ("\n" | ||
271 | "Options:\n" | ||
272 | "\t-H [--host] ... host\n" | ||
273 | "\t-a [--attr] ... ldap attribute to search (default: \"(objectclass=*)\"\n" | ||
274 | "\t-b [--base] ... ldap base (eg. ou=my unit, o=my org, c=at)\n" | ||
275 | "\t-D [--bind] ... ldap bind DN (if required)\n" | ||
276 | "\t-P [--pass] ... ldap password (if required)\n" | ||
277 | "\t-p [--port] ... ldap port (normaly 389)\n" | ||
278 | "\t-w [--warn] ... time in secs. - if the exceeds <warn> the STATE_WARNING will be returned\n" | ||
279 | "\t-c [--crit] ... time in secs. - if the exceeds <crit> the STATE_CRITICAL will be returned\n" | ||
280 | "\n"); | ||
281 | } | ||
282 | |||
283 | |||
284 | static void | ||
285 | print_usage () | ||
286 | { | ||
287 | printf | ||
288 | ("Usage: %s -H <host> -b <base_dn> -p <port> [-a <attr>] [-D <binddn>]\n" | ||
289 | " [-P <password>] [-w <warn_time>] [-c <crit_time>] [-t timeout]\n" | ||
290 | "(Note: all times are in seconds.)\n", PROGNAME); | ||
291 | } | ||