summaryrefslogtreecommitdiffstats
path: root/plugins/check_radius.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_radius.c')
-rw-r--r--plugins/check_radius.c61
1 files changed, 34 insertions, 27 deletions
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index e54105b0..b2943475 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -1,9 +1,9 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2*
3* Nagios check_radius plugin 3* Monitoring check_radius plugin
4* 4*
5* License: GPL 5* License: GPL
6* Copyright (c) 1999-2008 Nagios Plugins Development Team 6* Copyright (c) 1999-2008 Monitoring Plugins Development Team
7* 7*
8* Description: 8* Description:
9* 9*
@@ -30,15 +30,16 @@
30 30
31const char *progname = "check_radius"; 31const char *progname = "check_radius";
32const char *copyright = "2000-2008"; 32const char *copyright = "2000-2008";
33const char *email = "nagiosplug-devel@lists.sourceforge.net"; 33const char *email = "devel@monitoring-plugins.org";
34 34
35#include "common.h" 35#include "common.h"
36#include "utils.h" 36#include "utils.h"
37#include "netutils.h" 37#include "netutils.h"
38 38
39#ifdef HAVE_LIBRADIUSCLIENT_NG 39#if defined(HAVE_LIBFREERADIUS_CLIENT)
40#include <freeradius-client.h>
41#elif defined(HAVE_LIBRADIUSCLIENT_NG)
40#include <radiusclient-ng.h> 42#include <radiusclient-ng.h>
41rc_handle *rch = NULL;
42#else 43#else
43#include <radiusclient.h> 44#include <radiusclient.h>
44#endif 45#endif
@@ -47,11 +48,14 @@ int process_arguments (int, char **);
47void print_help (void); 48void print_help (void);
48void print_usage (void); 49void print_usage (void);
49 50
50/* libradiusclient(-ng) wrapper functions */ 51#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG)
51#ifdef HAVE_LIBRADIUSCLIENT_NG
52#define my_rc_conf_str(a) rc_conf_str(rch,a) 52#define my_rc_conf_str(a) rc_conf_str(rch,a)
53#define my_rc_send_server(a,b) rc_send_server(rch,a,b) 53#define my_rc_send_server(a,b) rc_send_server(rch,a,b)
54#ifdef HAVE_LIBFREERADIUS_CLIENT
55#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,(a)->secret,e,f)
56#else
54#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,e,f) 57#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,e,f)
58#endif
55#define my_rc_own_ipaddress() rc_own_ipaddress(rch) 59#define my_rc_own_ipaddress() rc_own_ipaddress(rch)
56#define my_rc_avpair_add(a,b,c,d) rc_avpair_add(rch,a,b,c,-1,d) 60#define my_rc_avpair_add(a,b,c,d) rc_avpair_add(rch,a,b,c,-1,d)
57#define my_rc_read_dictionary(a) rc_read_dictionary(rch, a) 61#define my_rc_read_dictionary(a) rc_read_dictionary(rch, a)
@@ -72,6 +76,10 @@ void print_usage (void);
72 76
73int my_rc_read_config(char *); 77int my_rc_read_config(char *);
74 78
79#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG)
80rc_handle *rch = NULL;
81#endif
82
75char *server = NULL; 83char *server = NULL;
76char *username = NULL; 84char *username = NULL;
77char *password = NULL; 85char *password = NULL;
@@ -142,11 +150,10 @@ Please note that all tags must be lowercase to use the DocBook XML DTD.
142int 150int
143main (int argc, char **argv) 151main (int argc, char **argv)
144{ 152{
145 UINT4 service;
146 char msg[BUFFER_LEN]; 153 char msg[BUFFER_LEN];
147 SEND_DATA data; 154 SEND_DATA data;
148 int result = STATE_UNKNOWN; 155 int result = STATE_UNKNOWN;
149 UINT4 client_id; 156 uint32_t client_id, service;
150 char *str; 157 char *str;
151 158
152 setlocale (LC_ALL, ""); 159 setlocale (LC_ALL, "");
@@ -162,7 +169,7 @@ main (int argc, char **argv)
162 str = strdup ("dictionary"); 169 str = strdup ("dictionary");
163 if ((config_file && my_rc_read_config (config_file)) || 170 if ((config_file && my_rc_read_config (config_file)) ||
164 my_rc_read_dictionary (my_rc_conf_str (str))) 171 my_rc_read_dictionary (my_rc_conf_str (str)))
165 die (STATE_UNKNOWN, _("Config file error")); 172 die (STATE_UNKNOWN, _("Config file error\n"));
166 173
167 service = PW_AUTHENTICATE_ONLY; 174 service = PW_AUTHENTICATE_ONLY;
168 175
@@ -171,24 +178,24 @@ main (int argc, char **argv)
171 my_rc_avpair_add (&data.send_pairs, PW_USER_NAME, username, 0) && 178 my_rc_avpair_add (&data.send_pairs, PW_USER_NAME, username, 0) &&
172 my_rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0) 179 my_rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0)
173 )) 180 ))
174 die (STATE_UNKNOWN, _("Out of Memory?")); 181 die (STATE_UNKNOWN, _("Out of Memory?\n"));
175 182
176 if (nasid != NULL) { 183 if (nasid != NULL) {
177 if (!(my_rc_avpair_add (&data.send_pairs, PW_NAS_IDENTIFIER, nasid, 0))) 184 if (!(my_rc_avpair_add (&data.send_pairs, PW_NAS_IDENTIFIER, nasid, 0)))
178 die (STATE_UNKNOWN, _("Invalid NAS-Identifier")); 185 die (STATE_UNKNOWN, _("Invalid NAS-Identifier\n"));
179 } 186 }
180 187
181 if (nasipaddress != NULL) { 188 if (nasipaddress != NULL) {
182 if (rc_good_ipaddr (nasipaddress)) 189 if (rc_good_ipaddr (nasipaddress))
183 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address")); 190 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n"));
184 if ((client_id = rc_get_ipaddr(nasipaddress)) == 0) 191 if ((client_id = rc_get_ipaddr(nasipaddress)) == 0)
185 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address")); 192 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n"));
186 } else { 193 } else {
187 if ((client_id = my_rc_own_ipaddress ()) == 0) 194 if ((client_id = my_rc_own_ipaddress ()) == 0)
188 die (STATE_UNKNOWN, _("Can't find local IP for NAS-IP-Address")); 195 die (STATE_UNKNOWN, _("Can't find local IP for NAS-IP-Address\n"));
189 } 196 }
190 if (my_rc_avpair_add (&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL) 197 if (my_rc_avpair_add (&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL)
191 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address")); 198 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n"));
192 199
193 my_rc_buildreq (&data, PW_ACCESS_REQUEST, server, port, (int)timeout_interval, 200 my_rc_buildreq (&data, PW_ACCESS_REQUEST, server, port, (int)timeout_interval,
194 retries); 201 retries);
@@ -199,19 +206,19 @@ main (int argc, char **argv)
199 rc_avpair_free (data.receive_pairs); 206 rc_avpair_free (data.receive_pairs);
200 207
201 if (result == TIMEOUT_RC) 208 if (result == TIMEOUT_RC)
202 die (STATE_CRITICAL, _("Timeout")); 209 die (STATE_CRITICAL, _("Timeout\n"));
203 if (result == ERROR_RC) 210 if (result == ERROR_RC)
204 die (STATE_CRITICAL, _("Auth Error")); 211 die (STATE_CRITICAL, _("Auth Error\n"));
205 if (result == REJECT_RC) 212 if (result == REJECT_RC)
206 die (STATE_WARNING, _("Auth Failed")); 213 die (STATE_WARNING, _("Auth Failed\n"));
207 if (result == BADRESP_RC) 214 if (result == BADRESP_RC)
208 die (STATE_WARNING, _("Bad Response")); 215 die (STATE_WARNING, _("Bad Response\n"));
209 if (expect && !strstr (msg, expect)) 216 if (expect && !strstr (msg, expect))
210 die (STATE_WARNING, "%s", msg); 217 die (STATE_WARNING, "%s\n", msg);
211 if (result == OK_RC) 218 if (result == OK_RC)
212 die (STATE_OK, _("Auth OK")); 219 die (STATE_OK, _("Auth OK\n"));
213 (void)snprintf(msg, sizeof(msg), _("Unexpected result code %d"), result); 220 (void)snprintf(msg, sizeof(msg), _("Unexpected result code %d"), result);
214 die (STATE_UNKNOWN, "%s", msg); 221 die (STATE_UNKNOWN, "%s\n", msg);
215} 222}
216 223
217 224
@@ -361,7 +368,7 @@ print_help (void)
361 printf (" %s\n", "-r, --retries=INTEGER"); 368 printf (" %s\n", "-r, --retries=INTEGER");
362 printf (" %s\n", _("Number of times to retry a failed connection")); 369 printf (" %s\n", _("Number of times to retry a failed connection"));
363 370
364 printf (UT_TIMEOUT, timeout_interval); 371 printf (UT_CONN_TIMEOUT, timeout_interval);
365 372
366 printf ("\n"); 373 printf ("\n");
367 printf ("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections.")); 374 printf ("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections."));
@@ -370,8 +377,8 @@ print_help (void)
370 printf ("%s\n", _("the configuration file is described in the radiusclient library sources.")); 377 printf ("%s\n", _("the configuration file is described in the radiusclient library sources."));
371 printf ("%s\n", _("The password option presents a substantial security issue because the")); 378 printf ("%s\n", _("The password option presents a substantial security issue because the"));
372 printf ("%s\n", _("password can possibly be determined by careful watching of the command line")); 379 printf ("%s\n", _("password can possibly be determined by careful watching of the command line"));
373 printf ("%s\n", _("in a process listing. This risk is exacerbated because nagios will")); 380 printf ("%s\n", _("in a process listing. This risk is exacerbated because the plugin will"));
374 printf ("%s\n", _("run the plugin at regular predictable intervals. Please be sure that")); 381 printf ("%s\n", _("typically be executed at regular predictable intervals. Please be sure that"));
375 printf ("%s\n", _("the password used does not allow access to sensitive system resources.")); 382 printf ("%s\n", _("the password used does not allow access to sensitive system resources."));
376 383
377 printf (UT_SUPPORT); 384 printf (UT_SUPPORT);
@@ -392,7 +399,7 @@ print_usage (void)
392 399
393int my_rc_read_config(char * a) 400int my_rc_read_config(char * a)
394{ 401{
395#ifdef HAVE_LIBRADIUSCLIENT_NG 402#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG)
396 rch = rc_read_config(a); 403 rch = rc_read_config(a);
397 return (rch == NULL) ? 1 : 0; 404 return (rch == NULL) ? 1 : 0;
398#else 405#else