summaryrefslogtreecommitdiffstats
path: root/plugins/check_tcp.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_tcp.c')
-rw-r--r--plugins/check_tcp.c33
1 files changed, 24 insertions, 9 deletions
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index d3c92a49..f464b15f 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -39,7 +39,7 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net";
39 39
40#ifdef HAVE_SSL 40#ifdef HAVE_SSL
41static int check_cert = FALSE; 41static int check_cert = FALSE;
42static int days_till_exp; 42static int days_till_exp_warn, days_till_exp_crit;
43# define my_recv(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) 43# define my_recv(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
44# define my_send(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) 44# define my_send(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
45#else 45#else
@@ -235,10 +235,10 @@ main (int argc, char **argv)
235 if (flags & FLAG_SSL){ 235 if (flags & FLAG_SSL){
236 result = np_net_ssl_init(sd); 236 result = np_net_ssl_init(sd);
237 if (result == STATE_OK && check_cert == TRUE) { 237 if (result == STATE_OK && check_cert == TRUE) {
238 result = np_net_ssl_check_cert(days_till_exp); 238 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
239 } 239 }
240 } 240 }
241 if(result != STATE_OK || check_cert == TRUE){ 241 if(result != STATE_OK){
242 np_net_ssl_cleanup(); 242 np_net_ssl_cleanup();
243 if(sd) close(sd); 243 if(sd) close(sd);
244 return result; 244 return result;
@@ -380,6 +380,7 @@ process_arguments (int argc, char **argv)
380{ 380{
381 int c; 381 int c;
382 int escape = 0; 382 int escape = 0;
383 char *temp;
383 384
384 int option = 0; 385 int option = 0;
385 static struct option longopts[] = { 386 static struct option longopts[] = {
@@ -501,7 +502,7 @@ process_arguments (int argc, char **argv)
501 if (escape) 502 if (escape)
502 server_send = np_escaped_string(optarg); 503 server_send = np_escaped_string(optarg);
503 else 504 else
504 asprintf(&server_send, "%s", optarg); 505 xasprintf(&server_send, "%s", optarg);
505 break; 506 break;
506 case 'e': /* expect string (may be repeated) */ 507 case 'e': /* expect string (may be repeated) */
507 flags &= ~FLAG_EXACT_MATCH; 508 flags &= ~FLAG_EXACT_MATCH;
@@ -521,7 +522,7 @@ process_arguments (int argc, char **argv)
521 if (escape) 522 if (escape)
522 server_quit = np_escaped_string(optarg); 523 server_quit = np_escaped_string(optarg);
523 else 524 else
524 asprintf(&server_quit, "%s\r\n", optarg); 525 xasprintf(&server_quit, "%s\r\n", optarg);
525 break; 526 break;
526 case 'r': 527 case 'r':
527 if (!strncmp(optarg,"ok",2)) 528 if (!strncmp(optarg,"ok",2))
@@ -552,9 +553,22 @@ process_arguments (int argc, char **argv)
552 case 'D': /* Check SSL cert validity - days 'til certificate expiration */ 553 case 'D': /* Check SSL cert validity - days 'til certificate expiration */
553#ifdef HAVE_SSL 554#ifdef HAVE_SSL
554# ifdef USE_OPENSSL /* XXX */ 555# ifdef USE_OPENSSL /* XXX */
555 if (!is_intnonneg (optarg)) 556 if ((temp=strchr(optarg,','))!=NULL) {
557 *temp='\0';
558 if (!is_intnonneg (temp))
559 usage2 (_("Invalid certificate expiration period"), optarg); days_till_exp_warn = atoi(optarg);
560 *temp=',';
561 temp++;
562 if (!is_intnonneg (temp))
563 usage2 (_("Invalid certificate expiration period"), temp);
564 days_till_exp_crit = atoi (temp);
565 }
566 else {
567 days_till_exp_crit=0;
568 if (!is_intnonneg (optarg))
556 usage2 (_("Invalid certificate expiration period"), optarg); 569 usage2 (_("Invalid certificate expiration period"), optarg);
557 days_till_exp = atoi (optarg); 570 days_till_exp_warn = atoi (optarg);
571 }
558 check_cert = TRUE; 572 check_cert = TRUE;
559 flags |= FLAG_SSL; 573 flags |= FLAG_SSL;
560 break; 574 break;
@@ -626,8 +640,9 @@ print_help (void)
626 printf (" %s\n", _("Seconds to wait between sending string and polling for response")); 640 printf (" %s\n", _("Seconds to wait between sending string and polling for response"));
627 641
628#ifdef HAVE_SSL 642#ifdef HAVE_SSL
629 printf (" %s\n", "-D, --certificate=INTEGER"); 643 printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]");
630 printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); 644 printf (" %s\n", _("Minimum number of days a certificate has to be valid."));
645 printf (" %s\n", _("1st is #days for warning, 2nd is critical (if not specified - 0)."));
631 printf (" %s\n", "-S, --ssl"); 646 printf (" %s\n", "-S, --ssl");
632 printf (" %s\n", _("Use SSL for the connection.")); 647 printf (" %s\n", _("Use SSL for the connection."));
633#endif 648#endif
@@ -649,6 +664,6 @@ print_usage (void)
649 printf ("%s -H host -p port [-w <warning time>] [-c <critical time>] [-s <send string>]\n",progname); 664 printf ("%s -H host -p port [-w <warning time>] [-c <critical time>] [-s <send string>]\n",progname);
650 printf ("[-e <expect string>] [-q <quit string>][-m <maximum bytes>] [-d <delay>]\n"); 665 printf ("[-e <expect string>] [-q <quit string>][-m <maximum bytes>] [-d <delay>]\n");
651 printf ("[-t <timeout seconds>] [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n"); 666 printf ("[-t <timeout seconds>] [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n");
652 printf ("[-D <days to cert expiry>] [-S <use SSL>] [-E]\n"); 667 printf ("[-D <warn days cert expire>[,<crit days cert expire>]] [-S <use SSL>] [-E]\n");
653} 668}
654 669