summaryrefslogtreecommitdiffstats
path: root/plugins/check_radius.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_radius.c')
-rw-r--r--plugins/check_radius.c189
1 files changed, 84 insertions, 105 deletions
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index c71f3b4c..3aa5ae71 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -1,45 +1,60 @@
1/****************************************************************************** 1/******************************************************************************
2 * 2
3 * Program: radius server check plugin for Nagios 3 This program is free software; you can redistribute it and/or modify
4 * License: GPL 4 it under the terms of the GNU General Public License as published by
5 * 5 the Free Software Foundation; either version 2 of the License, or
6 * License Information: 6 (at your option) any later version.
7 * 7
8 * This program is free software; you can redistribute it and/or modify 8 This program is distributed in the hope that it will be useful,
9 * it under the terms of the GNU General Public License as published by 9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * the Free Software Foundation; either version 2 of the License, or 10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * (at your option) any later version. 11 GNU General Public License for more details.
12 * 12
13 * This program is distributed in the hope that it will be useful, 13 You should have received a copy of the GNU General Public License
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 14 along with this program; if not, write to the Free Software
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
16 * GNU General Public License for more details. 16
17 * 17 ******************************************************************************/
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 *
22 * $Id$
23 *
24 *****************************************************************************/
25 18
26const char *progname = "check_radius"; 19const char *progname = "check_radius";
27#define REVISION "$Revision$" 20const char *revision = "$Revision$";
28#define COPYRIGHT "1999-2001" 21const char *copyright = "2000-2003";
29#define AUTHORS "Robert August Vincent II/Karl DeBisschop" 22const char *email = "nagiosplug-devel@lists.sourceforge.net";
30#define EMAIL "kdebisschop@users.sourceforge.net" 23
31#define SUMMARY "Tests to see if a radius server is accepting connections.\n" 24#include "config.h"
32 25#include "common.h"
33#define OPTIONS "\ 26#include "utils.h"
34-H host -F config_file -u username -p password\'\ 27#include <radiusclient.h>
35 [-P port] [-t timeout] [-r retries] [-e expect]" 28
36 29void
37#define LONGOPTIONS "\ 30print_usage (void)
38 -H, --hostname=HOST\n\ 31{
39 Host name argument for servers using host headers (use numeric\n\ 32 printf ("\
40 address if possible to bypass DNS lookup).\n\ 33Usage: %s -H host -F config_file -u username -p password [-P port]\n\
41 -P, --port=INTEGER\n\ 34 [-t timeout] [-r retries] [-e expect]\n", progname);
42 Port number (default: %d)\n\ 35 printf (_(UT_HLP_VRS), progname, progname);
36}
37
38void
39print_help (void)
40{
41 char *myport;
42 asprintf (&myport, "%d", PW_AUTH_UDP_PORT);
43
44 print_revision (progname, revision);
45
46 printf (_("Copyright (c) 1999 Robert August Vincent II\n"));
47 printf (_(COPYRIGHT), copyright, email);
48
49 printf(_("Tests to see if a radius server is accepting connections.\n\n"));
50
51 print_usage ();
52
53 printf (_(UT_HELP_VRSN));
54
55 printf (_(UT_HOST_PORT), 'P', myport);
56
57 printf (_("\
43 -u, --username=STRING\n\ 58 -u, --username=STRING\n\
44 The user to authenticate\n\ 59 The user to authenticate\n\
45 -p, --password=STRING\n\ 60 -p, --password=STRING\n\
@@ -49,48 +64,38 @@ const char *progname = "check_radius";
49 -e, --expect=STRING\n\ 64 -e, --expect=STRING\n\
50 Response string to expect from the server\n\ 65 Response string to expect from the server\n\
51 -r, --retries=INTEGER\n\ 66 -r, --retries=INTEGER\n\
52 Number of times to retry a failed connection\n\ 67 Number of times to retry a failed connection\n"));
53 -t, --timeout=INTEGER\n\ 68
54 Seconds before connection times out (default: %d)\n\ 69 printf (_(UT_TIMEOUT), timeout_interval);
55 -v, --verbose\n\ 70
56 Show details for command-line debugging (do not use with nagios server)\n\ 71 printf (_("\n\
57 -h, --help\n\
58 Print detailed help screen\n\
59 -V, --version\n\
60 Print version information\n"
61
62#define DESCRIPTION "\
63This plugin tests a radius server to see if it is accepting connections.\n\ 72This plugin tests a radius server to see if it is accepting connections.\n\
64\n\ 73\n\
65The server to test must be specified in the invocation, as well as a user\n\ 74The server to test must be specified in the invocation, as well as a user\n\
66name and password. A configuration file may also be present. The format of\n\ 75name and password. A configuration file may also be present. The format of\n\
67the configuration file is described in the radiusclient library sources.\n\ 76the configuration file is described in the radiusclient library sources.\n\n"));
68\n\ 77
78 printf (_("\
69The password option presents a substantial security issue because the\n\ 79The password option presents a substantial security issue because the\n\
70password can be determined by careful watching of the command line in\n\ 80password can be determined by careful watching of the command line in\n\
71a process listing. This risk is exacerbated because nagios will\n\ 81a process listing. This risk is exacerbated because nagios will\n\
72run the plugin at regular prdictable intervals. Please be sure that\n\ 82run the plugin at regular prdictable intervals. Please be sure that\n\
73the password used does not allow access to sensitive system resources,\n\ 83the password used does not allow access to sensitive system resources,\n\
74otherwise compormise could occur.\n" 84otherwise compormise could occur.\n"));
75
76#include "config.h"
77#include "common.h"
78#include "utils.h"
79#include <radiusclient.h>
80 85
86 printf (_(UT_SUPPORT));
87}
88
81int process_arguments (int, char **); 89int process_arguments (int, char **);
82void print_usage (void);
83void print_help (void);
84 90
85char *server = NULL; 91char *server = NULL;
86int port = PW_AUTH_UDP_PORT;
87char *username = NULL; 92char *username = NULL;
88char *password = NULL; 93char *password = NULL;
89char *expect = NULL; 94char *expect = NULL;
90char *config_file = NULL; 95char *config_file = NULL;
96int port = PW_AUTH_UDP_PORT;
91int retries = 1; 97int retries = 1;
92int verbose = FALSE; 98int verbose = FALSE;
93
94ENV *env = NULL; 99ENV *env = NULL;
95 100
96/****************************************************************************** 101/******************************************************************************
@@ -151,23 +156,23 @@ main (int argc, char **argv)
151{ 156{
152 UINT4 service; 157 UINT4 service;
153 char msg[BUFFER_LEN]; 158 char msg[BUFFER_LEN];
154 SEND_DATA data = { 0 }; 159 SEND_DATA data;
155 int result; 160 int result;
156 UINT4 client_id; 161 UINT4 client_id;
157 162
158 if (process_arguments (argc, argv) == ERROR) 163 if (process_arguments (argc, argv) == ERROR)
159 usage ("Could not parse arguments\n"); 164 usage (_("Could not parse arguments\n"));
160 165
161 if ((config_file && rc_read_config (config_file)) || 166 if ((config_file && rc_read_config (config_file)) ||
162 rc_read_dictionary (rc_conf_str ("dictionary"))) 167 rc_read_dictionary (rc_conf_str ("dictionary")))
163 terminate (STATE_UNKNOWN, "Config file error"); 168 terminate (STATE_UNKNOWN, _("Config file error"));
164 169
165 service = PW_AUTHENTICATE_ONLY; 170 service = PW_AUTHENTICATE_ONLY;
166 171
167 if (!(rc_avpair_add (&data.send_pairs, PW_SERVICE_TYPE, &service, 0) && 172 if (!(rc_avpair_add (&data.send_pairs, PW_SERVICE_TYPE, &service, 0) &&
168 rc_avpair_add (&data.send_pairs, PW_USER_NAME, username, 0) && 173 rc_avpair_add (&data.send_pairs, PW_USER_NAME, username, 0) &&
169 rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0))) 174 rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0)))
170 terminate (STATE_UNKNOWN, "Out of Memory?"); 175 terminate (STATE_UNKNOWN, _("Out of Memory?"));
171 176
172 /* 177 /*
173 * Fill in NAS-IP-Address 178 * Fill in NAS-IP-Address
@@ -188,15 +193,15 @@ main (int argc, char **argv)
188 rc_avpair_free (data.receive_pairs); 193 rc_avpair_free (data.receive_pairs);
189 194
190 if (result == TIMEOUT_RC) 195 if (result == TIMEOUT_RC)
191 terminate (STATE_CRITICAL, "Timeout"); 196 terminate (STATE_CRITICAL, _("Timeout"));
192 if (result == ERROR_RC) 197 if (result == ERROR_RC)
193 terminate (STATE_CRITICAL, "Auth Error"); 198 terminate (STATE_CRITICAL, _("Auth Error"));
194 if (result == BADRESP_RC) 199 if (result == BADRESP_RC)
195 terminate (STATE_WARNING, "Auth Failed"); 200 terminate (STATE_WARNING, _("Auth Failed"));
196 if (expect && !strstr (msg, expect)) 201 if (expect && !strstr (msg, expect))
197 terminate (STATE_WARNING, msg); 202 terminate (STATE_WARNING, msg);
198 if (result == OK_RC) 203 if (result == OK_RC)
199 terminate (STATE_OK, "Auth OK"); 204 terminate (STATE_OK, _("Auth OK"));
200 return (0); 205 return (0);
201} 206}
202 207
@@ -234,16 +239,16 @@ process_arguments (int argc, char **argv)
234 if (is_intpos (argv[4])) 239 if (is_intpos (argv[4]))
235 timeout_interval = atoi (argv[4]); 240 timeout_interval = atoi (argv[4]);
236 else 241 else
237 usage ("Timeout interval must be a positive integer"); 242 usage (_("Timeout interval must be a positive integer"));
238 if (is_intpos (argv[5])) 243 if (is_intpos (argv[5]))
239 retries = atoi (argv[5]); 244 retries = atoi (argv[5]);
240 else 245 else
241 usage ("Number of retries must be a positive integer"); 246 usage (_("Number of retries must be a positive integer"));
242 server = argv[6]; 247 server = argv[6];
243 if (is_intpos (argv[7])) 248 if (is_intpos (argv[7]))
244 port = atoi (argv[7]); 249 port = atoi (argv[7]);
245 else 250 else
246 usage ("Server port must be a positive integer"); 251 usage (_("Server port must be a positive integer"));
247 expect = argv[8]; 252 expect = argv[8];
248 return OK; 253 return OK;
249 } 254 }
@@ -257,21 +262,21 @@ process_arguments (int argc, char **argv)
257 262
258 switch (c) { 263 switch (c) {
259 case '?': /* print short usage statement if args not parsable */ 264 case '?': /* print short usage statement if args not parsable */
260 printf ("%s: Unknown argument: %s\n\n", progname, optarg); 265 printf (_("%s: Unknown argument: %s\n\n"), progname, optarg);
261 print_usage (); 266 print_usage ();
262 exit (STATE_UNKNOWN); 267 exit (STATE_UNKNOWN);
263 case 'h': /* help */ 268 case 'h': /* help */
264 print_help (); 269 print_help ();
265 exit (OK); 270 exit (OK);
266 case 'V': /* version */ 271 case 'V': /* version */
267 print_revision (progname, "$Revision$"); 272 print_revision (progname, revision);
268 exit (OK); 273 exit (OK);
269 case 'v': /* verbose mode */ 274 case 'v': /* verbose mode */
270 verbose = TRUE; 275 verbose = TRUE;
271 break; 276 break;
272 case 'H': /* hostname */ 277 case 'H': /* hostname */
273 if (is_host (optarg) == FALSE) { 278 if (is_host (optarg) == FALSE) {
274 printf ("Invalid host name/address\n\n"); 279 printf (_("Invalid host name/address\n\n"));
275 print_usage (); 280 print_usage ();
276 exit (STATE_UNKNOWN); 281 exit (STATE_UNKNOWN);
277 } 282 }
@@ -281,7 +286,7 @@ process_arguments (int argc, char **argv)
281 if (is_intnonneg (optarg)) 286 if (is_intnonneg (optarg))
282 port = atoi (optarg); 287 port = atoi (optarg);
283 else 288 else
284 usage ("Server port must be a positive integer"); 289 usage (_("Server port must be a positive integer"));
285 break; 290 break;
286 case 'u': /* username */ 291 case 'u': /* username */
287 username = optarg; 292 username = optarg;
@@ -299,41 +304,15 @@ process_arguments (int argc, char **argv)
299 if (is_intpos (optarg)) 304 if (is_intpos (optarg))
300 retries = atoi (optarg); 305 retries = atoi (optarg);
301 else 306 else
302 usage ("Number of retries must be a positive integer"); 307 usage (_("Number of retries must be a positive integer"));
303 break; 308 break;
304 case 't': /* timeout */ 309 case 't': /* timeout */
305 if (is_intpos (optarg)) 310 if (is_intpos (optarg))
306 timeout_interval = atoi (optarg); 311 timeout_interval = atoi (optarg);
307 else 312 else
308 usage ("Timeout interval must be a positive integer"); 313 usage (_("Timeout interval must be a positive integer"));
309 break; 314 break;
310 } 315 }
311 } 316 }
312 return OK; 317 return OK;
313} 318}
314
315
316
317void
318print_help (void)
319{
320 print_revision (progname, REVISION);
321 printf
322 ("Copyright (c) %s %s <%s>\n\n%s\n",
323 COPYRIGHT, AUTHORS, EMAIL, SUMMARY);
324 print_usage ();
325 printf
326 ("\nOptions:\n" LONGOPTIONS "\n" DESCRIPTION "\n",
327 port, timeout_interval);
328 support ();
329}
330
331
332void
333print_usage (void)
334{
335 printf ("Usage:\n" " %s %s\n"
336 " %s (-h | --help) for detailed help\n"
337 " %s (-V | --version) for version information\n",
338 progname, OPTIONS, progname, progname);
339}