diff options
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/check_fping.c | 2 | ||||
| -rw-r--r-- | plugins/check_http.c | 45 | ||||
| -rw-r--r-- | plugins/check_ldap.c | 95 | ||||
| -rw-r--r-- | plugins/check_snmp.c | 3 | ||||
| -rw-r--r-- | plugins/check_tcp.c | 3 | ||||
| -rw-r--r-- | plugins/sslutils.c | 33 | ||||
| -rw-r--r-- | plugins/t/NPTest.cache.travis | 4 | ||||
| -rw-r--r-- | plugins/t/check_http.t | 43 | ||||
| -rw-r--r-- | plugins/t/check_ldap.t | 80 | ||||
| -rwxr-xr-x | plugins/tests/check_snmp.t | 22 | ||||
| -rw-r--r-- | plugins/utils.c | 40 |
11 files changed, 322 insertions, 48 deletions
diff --git a/plugins/check_fping.c b/plugins/check_fping.c index 46046b4..274dd75 100644 --- a/plugins/check_fping.c +++ b/plugins/check_fping.c | |||
| @@ -105,7 +105,7 @@ main (int argc, char **argv) | |||
| 105 | xasprintf(&option_string, "%s-I %s ", option_string, sourceif); | 105 | xasprintf(&option_string, "%s-I %s ", option_string, sourceif); |
| 106 | 106 | ||
| 107 | #ifdef PATH_TO_FPING6 | 107 | #ifdef PATH_TO_FPING6 |
| 108 | if (address_family == AF_INET6) | 108 | if (address_family != AF_INET && is_inet6_addr(server)) |
| 109 | fping_prog = strdup(PATH_TO_FPING6); | 109 | fping_prog = strdup(PATH_TO_FPING6); |
| 110 | else | 110 | else |
| 111 | fping_prog = strdup(PATH_TO_FPING); | 111 | fping_prog = strdup(PATH_TO_FPING); |
diff --git a/plugins/check_http.c b/plugins/check_http.c index 5167997..2437406 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
| @@ -875,11 +875,35 @@ check_http (void) | |||
| 875 | if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) | 875 | if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) |
| 876 | die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); | 876 | die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); |
| 877 | microsec_connect = deltime (tv_temp); | 877 | microsec_connect = deltime (tv_temp); |
| 878 | |||
| 879 | /* if we are called with the -I option, the -j method is CONNECT and */ | ||
| 880 | /* we received -S for SSL, then we tunnel the request through a proxy*/ | ||
| 881 | /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ | ||
| 882 | |||
| 883 | if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 | ||
| 884 | && host_name != NULL && use_ssl == TRUE) { | ||
| 885 | |||
| 886 | if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); | ||
| 887 | asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); | ||
| 888 | asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); | ||
| 889 | asprintf (&buf, "%sHost: %s\r\n", buf, host_name); | ||
| 890 | /* we finished our request, send empty line with CRLF */ | ||
| 891 | asprintf (&buf, "%s%s", buf, CRLF); | ||
| 892 | if (verbose) printf ("%s\n", buf); | ||
| 893 | send(sd, buf, strlen (buf), 0); | ||
| 894 | buf[0]='\0'; | ||
| 895 | |||
| 896 | if (verbose) printf ("Receive response from proxy\n"); | ||
| 897 | read (sd, buffer, MAX_INPUT_BUFFER-1); | ||
| 898 | if (verbose) printf ("%s", buffer); | ||
| 899 | /* Here we should check if we got HTTP/1.1 200 Connection established */ | ||
| 900 | } | ||
| 878 | #ifdef HAVE_SSL | 901 | #ifdef HAVE_SSL |
| 879 | elapsed_time_connect = (double)microsec_connect / 1.0e6; | 902 | elapsed_time_connect = (double)microsec_connect / 1.0e6; |
| 880 | if (use_ssl == TRUE) { | 903 | if (use_ssl == TRUE) { |
| 881 | gettimeofday (&tv_temp, NULL); | 904 | gettimeofday (&tv_temp, NULL); |
| 882 | result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); | 905 | result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); |
| 906 | if (verbose) printf ("SSL initialized\n"); | ||
| 883 | if (result != STATE_OK) | 907 | if (result != STATE_OK) |
| 884 | die (STATE_CRITICAL, NULL); | 908 | die (STATE_CRITICAL, NULL); |
| 885 | microsec_ssl = deltime (tv_temp); | 909 | microsec_ssl = deltime (tv_temp); |
| @@ -893,7 +917,11 @@ check_http (void) | |||
| 893 | } | 917 | } |
| 894 | #endif /* HAVE_SSL */ | 918 | #endif /* HAVE_SSL */ |
| 895 | 919 | ||
| 896 | xasprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | 920 | if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 |
| 921 | && host_name != NULL && use_ssl == TRUE) | ||
| 922 | asprintf (&buf, "%s %s %s\r\n%s\r\n", "GET", server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | ||
| 923 | else | ||
| 924 | asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); | ||
| 897 | 925 | ||
| 898 | /* tell HTTP/1.1 servers not to keep the connection alive */ | 926 | /* tell HTTP/1.1 servers not to keep the connection alive */ |
| 899 | xasprintf (&buf, "%sConnection: close\r\n", buf); | 927 | xasprintf (&buf, "%sConnection: close\r\n", buf); |
| @@ -906,7 +934,9 @@ check_http (void) | |||
| 906 | * (default) port is explicitly specified in the "Host:" header line. | 934 | * (default) port is explicitly specified in the "Host:" header line. |
| 907 | */ | 935 | */ |
| 908 | if ((use_ssl == FALSE && server_port == HTTP_PORT) || | 936 | if ((use_ssl == FALSE && server_port == HTTP_PORT) || |
| 909 | (use_ssl == TRUE && server_port == HTTPS_PORT)) | 937 | (use_ssl == TRUE && server_port == HTTPS_PORT) || |
| 938 | ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 | ||
| 939 | && host_name != NULL && use_ssl == TRUE)) | ||
| 910 | xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); | 940 | xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); |
| 911 | else | 941 | else |
| 912 | xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port); | 942 | xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port); |
| @@ -1496,7 +1526,7 @@ print_help (void) | |||
| 1496 | printf (" %s\n", _("URL to GET or POST (default: /)")); | 1526 | printf (" %s\n", _("URL to GET or POST (default: /)")); |
| 1497 | printf (" %s\n", "-P, --post=STRING"); | 1527 | printf (" %s\n", "-P, --post=STRING"); |
| 1498 | printf (" %s\n", _("URL encoded http POST data")); | 1528 | printf (" %s\n", _("URL encoded http POST data")); |
| 1499 | printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE)"); | 1529 | printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)"); |
| 1500 | printf (" %s\n", _("Set HTTP method.")); | 1530 | printf (" %s\n", _("Set HTTP method.")); |
| 1501 | printf (" %s\n", "-N, --no-body"); | 1531 | printf (" %s\n", "-N, --no-body"); |
| 1502 | printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); | 1532 | printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); |
| @@ -1570,7 +1600,7 @@ print_help (void) | |||
| 1570 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); | 1600 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); |
| 1571 | printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); | 1601 | printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); |
| 1572 | printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); | 1602 | printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); |
| 1573 | printf (" %s\n", _("the certificate is expired.")); | 1603 | printf (" %s\n\n", _("the certificate is expired.")); |
| 1574 | printf ("\n"); | 1604 | printf ("\n"); |
| 1575 | printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); | 1605 | printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); |
| 1576 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); | 1606 | printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); |
| @@ -1578,6 +1608,13 @@ print_help (void) | |||
| 1578 | printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); | 1608 | printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); |
| 1579 | printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); | 1609 | printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); |
| 1580 | 1610 | ||
| 1611 | printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); | ||
| 1612 | printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); | ||
| 1613 | printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); | ||
| 1614 | printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); | ||
| 1615 | printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); | ||
| 1616 | printf (" %s\n", _("a STATE_CRITICAL will be returned.")); | ||
| 1617 | |||
| 1581 | #endif | 1618 | #endif |
| 1582 | 1619 | ||
| 1583 | printf (UT_SUPPORT); | 1620 | printf (UT_SUPPORT); |
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c index c371be9..cfc8222 100644 --- a/plugins/check_ldap.c +++ b/plugins/check_ldap.c | |||
| @@ -1,29 +1,29 @@ | |||
| 1 | /***************************************************************************** | 1 | /***************************************************************************** |
| 2 | * | 2 | * |
| 3 | * Monitoring check_ldap plugin | 3 | * Monitoring check_ldap plugin |
| 4 | * | 4 | * |
| 5 | * License: GPL | 5 | * License: GPL |
| 6 | * Copyright (c) 2000-2008 Monitoring Plugins Development Team | 6 | * Copyright (c) 2000-2008 Monitoring Plugins Development Team |
| 7 | * | 7 | * |
| 8 | * Description: | 8 | * Description: |
| 9 | * | 9 | * |
| 10 | * This file contains the check_ldap plugin | 10 | * This file contains the check_ldap plugin |
| 11 | * | 11 | * |
| 12 | * | 12 | * |
| 13 | * This program is free software: you can redistribute it and/or modify | 13 | * This program is free software: you can redistribute it and/or modify |
| 14 | * it under the terms of the GNU General Public License as published by | 14 | * it under the terms of the GNU General Public License as published by |
| 15 | * the Free Software Foundation, either version 3 of the License, or | 15 | * the Free Software Foundation, either version 3 of the License, or |
| 16 | * (at your option) any later version. | 16 | * (at your option) any later version. |
| 17 | * | 17 | * |
| 18 | * This program is distributed in the hope that it will be useful, | 18 | * This program is distributed in the hope that it will be useful, |
| 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | 19 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 20 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 21 | * GNU General Public License for more details. | 21 | * GNU General Public License for more details. |
| 22 | * | 22 | * |
| 23 | * You should have received a copy of the GNU General Public License | 23 | * You should have received a copy of the GNU General Public License |
| 24 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | 24 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 25 | * | 25 | * |
| 26 | * | 26 | * |
| 27 | *****************************************************************************/ | 27 | *****************************************************************************/ |
| 28 | 28 | ||
| 29 | /* progname may be check_ldaps */ | 29 | /* progname may be check_ldaps */ |
| @@ -67,7 +67,10 @@ int ld_protocol = DEFAULT_PROTOCOL; | |||
| 67 | #endif | 67 | #endif |
| 68 | double warn_time = UNDEFINED; | 68 | double warn_time = UNDEFINED; |
| 69 | double crit_time = UNDEFINED; | 69 | double crit_time = UNDEFINED; |
| 70 | thresholds *entries_thresholds = NULL; | ||
| 70 | struct timeval tv; | 71 | struct timeval tv; |
| 72 | char* warn_entries = NULL; | ||
| 73 | char* crit_entries = NULL; | ||
| 71 | int starttls = FALSE; | 74 | int starttls = FALSE; |
| 72 | int ssl_on_connect = FALSE; | 75 | int ssl_on_connect = FALSE; |
| 73 | int verbose = 0; | 76 | int verbose = 0; |
| @@ -94,6 +97,12 @@ main (int argc, char *argv[]) | |||
| 94 | int tls; | 97 | int tls; |
| 95 | int version=3; | 98 | int version=3; |
| 96 | 99 | ||
| 100 | /* for entry counting */ | ||
| 101 | |||
| 102 | LDAPMessage *next_entry; | ||
| 103 | int status_entries = STATE_OK; | ||
| 104 | int num_entries = 0; | ||
| 105 | |||
| 97 | setlocale (LC_ALL, ""); | 106 | setlocale (LC_ALL, ""); |
| 98 | bindtextdomain (PACKAGE, LOCALEDIR); | 107 | bindtextdomain (PACKAGE, LOCALEDIR); |
| 99 | textdomain (PACKAGE); | 108 | textdomain (PACKAGE); |
| @@ -197,12 +206,14 @@ main (int argc, char *argv[]) | |||
| 197 | } | 206 | } |
| 198 | 207 | ||
| 199 | /* do a search of all objectclasses in the base dn */ | 208 | /* do a search of all objectclasses in the base dn */ |
| 200 | if (ldap_search_s (ld, ld_base, LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) | 209 | if (ldap_search_s (ld, ld_base, (crit_entries!=NULL || warn_entries!=NULL) ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) |
| 201 | != LDAP_SUCCESS) { | 210 | != LDAP_SUCCESS) { |
| 202 | if (verbose) | 211 | if (verbose) |
| 203 | ldap_perror(ld, "ldap_search"); | 212 | ldap_perror(ld, "ldap_search"); |
| 204 | printf (_("Could not search/find objectclasses in %s\n"), ld_base); | 213 | printf (_("Could not search/find objectclasses in %s\n"), ld_base); |
| 205 | return STATE_CRITICAL; | 214 | return STATE_CRITICAL; |
| 215 | } else if (crit_entries!=NULL || warn_entries!=NULL) { | ||
| 216 | num_entries = ldap_count_entries(ld, result); | ||
| 206 | } | 217 | } |
| 207 | 218 | ||
| 208 | /* unbind from the ldap server */ | 219 | /* unbind from the ldap server */ |
| @@ -223,14 +234,42 @@ main (int argc, char *argv[]) | |||
| 223 | else | 234 | else |
| 224 | status = STATE_OK; | 235 | status = STATE_OK; |
| 225 | 236 | ||
| 237 | if(entries_thresholds != NULL) { | ||
| 238 | if (verbose) { | ||
| 239 | printf ("entries found: %d\n", num_entries); | ||
| 240 | print_thresholds("entry threasholds", entries_thresholds); | ||
| 241 | } | ||
| 242 | status_entries = get_status(num_entries, entries_thresholds); | ||
| 243 | if (status_entries == STATE_CRITICAL) { | ||
| 244 | status = STATE_CRITICAL; | ||
| 245 | } else if (status != STATE_CRITICAL) { | ||
| 246 | status = status_entries; | ||
| 247 | } | ||
| 248 | } | ||
| 249 | |||
| 226 | /* print out the result */ | 250 | /* print out the result */ |
| 227 | printf (_("LDAP %s - %.3f seconds response time|%s\n"), | 251 | if (crit_entries!=NULL || warn_entries!=NULL) { |
| 228 | state_text (status), | 252 | printf (_("LDAP %s - found %d entries in %.3f seconds|%s %s\n"), |
| 229 | elapsed_time, | 253 | state_text (status), |
| 230 | fperfdata ("time", elapsed_time, "s", | 254 | num_entries, |
| 231 | (int)warn_time, warn_time, | 255 | elapsed_time, |
| 232 | (int)crit_time, crit_time, | 256 | fperfdata ("time", elapsed_time, "s", |
| 233 | TRUE, 0, FALSE, 0)); | 257 | (int)warn_time, warn_time, |
| 258 | (int)crit_time, crit_time, | ||
| 259 | TRUE, 0, FALSE, 0), | ||
| 260 | sperfdata ("entries", (double)num_entries, "", | ||
| 261 | warn_entries, | ||
| 262 | crit_entries, | ||
| 263 | TRUE, 0.0, FALSE, 0.0)); | ||
| 264 | } else { | ||
| 265 | printf (_("LDAP %s - %.3f seconds response time|%s\n"), | ||
| 266 | state_text (status), | ||
| 267 | elapsed_time, | ||
| 268 | fperfdata ("time", elapsed_time, "s", | ||
| 269 | (int)warn_time, warn_time, | ||
| 270 | (int)crit_time, crit_time, | ||
| 271 | TRUE, 0, FALSE, 0)); | ||
| 272 | } | ||
| 234 | 273 | ||
| 235 | return status; | 274 | return status; |
| 236 | } | 275 | } |
| @@ -263,6 +302,8 @@ process_arguments (int argc, char **argv) | |||
| 263 | {"port", required_argument, 0, 'p'}, | 302 | {"port", required_argument, 0, 'p'}, |
| 264 | {"warn", required_argument, 0, 'w'}, | 303 | {"warn", required_argument, 0, 'w'}, |
| 265 | {"crit", required_argument, 0, 'c'}, | 304 | {"crit", required_argument, 0, 'c'}, |
| 305 | {"warn-entries", required_argument, 0, 'W'}, | ||
| 306 | {"crit-entries", required_argument, 0, 'C'}, | ||
| 266 | {"verbose", no_argument, 0, 'v'}, | 307 | {"verbose", no_argument, 0, 'v'}, |
| 267 | {0, 0, 0, 0} | 308 | {0, 0, 0, 0} |
| 268 | }; | 309 | }; |
| @@ -276,7 +317,7 @@ process_arguments (int argc, char **argv) | |||
| 276 | } | 317 | } |
| 277 | 318 | ||
| 278 | while (1) { | 319 | while (1) { |
| 279 | c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:", longopts, &option); | 320 | c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option); |
| 280 | 321 | ||
| 281 | if (c == -1 || c == EOF) | 322 | if (c == -1 || c == EOF) |
| 282 | break; | 323 | break; |
| @@ -318,6 +359,12 @@ process_arguments (int argc, char **argv) | |||
| 318 | case 'c': | 359 | case 'c': |
| 319 | crit_time = strtod (optarg, NULL); | 360 | crit_time = strtod (optarg, NULL); |
| 320 | break; | 361 | break; |
| 362 | case 'W': | ||
| 363 | warn_entries = optarg; | ||
| 364 | break; | ||
| 365 | case 'C': | ||
| 366 | crit_entries = optarg; | ||
| 367 | break; | ||
| 321 | #ifdef HAVE_LDAP_SET_OPTION | 368 | #ifdef HAVE_LDAP_SET_OPTION |
| 322 | case '2': | 369 | case '2': |
| 323 | ld_protocol = 2; | 370 | ld_protocol = 2; |
| @@ -381,6 +428,10 @@ validate_arguments () | |||
| 381 | if (ld_base==NULL) | 428 | if (ld_base==NULL) |
| 382 | usage4 (_("Please specify the LDAP base\n")); | 429 | usage4 (_("Please specify the LDAP base\n")); |
| 383 | 430 | ||
| 431 | if (crit_entries!=NULL || warn_entries!=NULL) { | ||
| 432 | set_thresholds(&entries_thresholds, | ||
| 433 | warn_entries, crit_entries); | ||
| 434 | } | ||
| 384 | return OK; | 435 | return OK; |
| 385 | } | 436 | } |
| 386 | 437 | ||
| @@ -430,6 +481,11 @@ print_help (void) | |||
| 430 | 481 | ||
| 431 | printf (UT_WARN_CRIT); | 482 | printf (UT_WARN_CRIT); |
| 432 | 483 | ||
| 484 | printf (" %s\n", "-W [--warn-entries]"); | ||
| 485 | printf (" %s\n", _("Number of found entries to result in warning status")); | ||
| 486 | printf (" %s\n", "-W [--crit-entries]"); | ||
| 487 | printf (" %s\n", _("Number of found entries to result in critical status")); | ||
| 488 | |||
| 433 | printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); | 489 | printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); |
| 434 | 490 | ||
| 435 | printf (UT_VERBOSE); | 491 | printf (UT_VERBOSE); |
| @@ -441,6 +497,7 @@ print_help (void) | |||
| 441 | printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called.")); | 497 | printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called.")); |
| 442 | printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags")); | 498 | printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags")); |
| 443 | printf (" %s\n", _("to define the behaviour explicitly instead.")); | 499 | printf (" %s\n", _("to define the behaviour explicitly instead.")); |
| 500 | printf (" %s\n", _("The parameters --warn-entries and --crit-entries are optional.")); | ||
| 444 | 501 | ||
| 445 | printf (UT_SUPPORT); | 502 | printf (UT_SUPPORT); |
| 446 | } | 503 | } |
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 9d966fa..62e6b8b 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c | |||
| @@ -418,6 +418,9 @@ main (int argc, char **argv) | |||
| 418 | else if (strstr (response, "INTEGER: ")) { | 418 | else if (strstr (response, "INTEGER: ")) { |
| 419 | show = strstr (response, "INTEGER: ") + 9; | 419 | show = strstr (response, "INTEGER: ") + 9; |
| 420 | } | 420 | } |
| 421 | else if (strstr (response, "OID: ")) { | ||
| 422 | show = strstr (response, "OID: ") + 5; | ||
| 423 | } | ||
| 421 | else if (strstr (response, "STRING: ")) { | 424 | else if (strstr (response, "STRING: ")) { |
| 422 | show = strstr (response, "STRING: ") + 8; | 425 | show = strstr (response, "STRING: ") + 8; |
| 423 | conv = "%.10g"; | 426 | conv = "%.10g"; |
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 63f9fd9..a18c37a 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c | |||
| @@ -577,7 +577,8 @@ process_arguments (int argc, char **argv) | |||
| 577 | if ((temp=strchr(optarg,','))!=NULL) { | 577 | if ((temp=strchr(optarg,','))!=NULL) { |
| 578 | *temp='\0'; | 578 | *temp='\0'; |
| 579 | if (!is_intnonneg (optarg)) | 579 | if (!is_intnonneg (optarg)) |
| 580 | usage2 (_("Invalid certificate expiration period"), optarg); days_till_exp_warn = atoi(optarg); | 580 | usage2 (_("Invalid certificate expiration period"), optarg); |
| 581 | days_till_exp_warn = atoi (optarg); | ||
| 581 | *temp=','; | 582 | *temp=','; |
| 582 | temp++; | 583 | temp++; |
| 583 | if (!is_intnonneg (temp)) | 584 | if (!is_intnonneg (temp)) |
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index d0ae474..c9882c6 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
| @@ -144,7 +144,9 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | |||
| 144 | # ifdef USE_OPENSSL | 144 | # ifdef USE_OPENSSL |
| 145 | X509 *certificate=NULL; | 145 | X509 *certificate=NULL; |
| 146 | X509_NAME *subj=NULL; | 146 | X509_NAME *subj=NULL; |
| 147 | char timestamp[50] = ""; | ||
| 147 | char cn[MAX_CN_LENGTH]= ""; | 148 | char cn[MAX_CN_LENGTH]= ""; |
| 149 | |||
| 148 | int cnlen =-1; | 150 | int cnlen =-1; |
| 149 | int status=STATE_UNKNOWN; | 151 | int status=STATE_UNKNOWN; |
| 150 | 152 | ||
| @@ -153,7 +155,7 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | |||
| 153 | struct tm stamp; | 155 | struct tm stamp; |
| 154 | float time_left; | 156 | float time_left; |
| 155 | int days_left; | 157 | int days_left; |
| 156 | char timestamp[50] = ""; | 158 | int time_remaining; |
| 157 | time_t tm_t; | 159 | time_t tm_t; |
| 158 | 160 | ||
| 159 | certificate=SSL_get_peer_certificate(s); | 161 | certificate=SSL_get_peer_certificate(s); |
| @@ -207,7 +209,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | |||
| 207 | (tm->data[6 + offset] - '0') * 10 + (tm->data[7 + offset] - '0'); | 209 | (tm->data[6 + offset] - '0') * 10 + (tm->data[7 + offset] - '0'); |
| 208 | stamp.tm_min = | 210 | stamp.tm_min = |
| 209 | (tm->data[8 + offset] - '0') * 10 + (tm->data[9 + offset] - '0'); | 211 | (tm->data[8 + offset] - '0') * 10 + (tm->data[9 + offset] - '0'); |
| 210 | stamp.tm_sec = 0; | 212 | stamp.tm_sec = |
| 213 | (tm->data[10 + offset] - '0') * 10 + (tm->data[11 + offset] - '0'); | ||
| 211 | stamp.tm_isdst = -1; | 214 | stamp.tm_isdst = -1; |
| 212 | 215 | ||
| 213 | time_left = difftime(timegm(&stamp), time(NULL)); | 216 | time_left = difftime(timegm(&stamp), time(NULL)); |
| @@ -218,21 +221,35 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | |||
| 218 | if (days_left > 0 && days_left <= days_till_exp_warn) { | 221 | if (days_left > 0 && days_left <= days_till_exp_warn) { |
| 219 | printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); | 222 | printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); |
| 220 | if (days_left > days_till_exp_crit) | 223 | if (days_left > days_till_exp_crit) |
| 221 | return STATE_WARNING; | 224 | status = STATE_WARNING; |
| 222 | else | 225 | else |
| 223 | return STATE_CRITICAL; | 226 | status = STATE_CRITICAL; |
| 227 | } else if (days_left == 0 && time_left > 0) { | ||
| 228 | if (time_left >= 3600) | ||
| 229 | time_remaining = (int) time_left / 3600; | ||
| 230 | else | ||
| 231 | time_remaining = (int) time_left / 60; | ||
| 232 | |||
| 233 | printf (_("%s - Certificate '%s' expires in %u %s (%s)\n"), | ||
| 234 | (days_left>days_till_exp_crit) ? "WARNING" : "CRITICAL", cn, time_remaining, | ||
| 235 | time_left >= 3600 ? "hours" : "minutes", timestamp); | ||
| 236 | |||
| 237 | if ( days_left > days_till_exp_crit) | ||
| 238 | status = STATE_WARNING; | ||
| 239 | else | ||
| 240 | status = STATE_CRITICAL; | ||
| 224 | } else if (time_left < 0) { | 241 | } else if (time_left < 0) { |
| 225 | printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); | 242 | printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); |
| 226 | status=STATE_CRITICAL; | 243 | status=STATE_CRITICAL; |
| 227 | } else if (days_left == 0) { | 244 | } else if (days_left == 0) { |
| 228 | printf (_("%s - Certificate '%s' expires today (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp); | 245 | printf (_("%s - Certificate '%s' just expired (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp); |
| 229 | if (days_left > days_till_exp_crit) | 246 | if (days_left > days_till_exp_crit) |
| 230 | return STATE_WARNING; | 247 | status = STATE_WARNING; |
| 231 | else | 248 | else |
| 232 | return STATE_CRITICAL; | 249 | status = STATE_CRITICAL; |
| 233 | } else { | 250 | } else { |
| 234 | printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); | 251 | printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); |
| 235 | status=STATE_OK; | 252 | status = STATE_OK; |
| 236 | } | 253 | } |
| 237 | X509_free(certificate); | 254 | X509_free(certificate); |
| 238 | return status; | 255 | return status; |
diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis index 4ebfb90..fe8aabd 100644 --- a/plugins/t/NPTest.cache.travis +++ b/plugins/t/NPTest.cache.travis | |||
| @@ -17,13 +17,15 @@ | |||
| 17 | 'NP_HOST_HPJD_PORT_INVALID' => '161', | 17 | 'NP_HOST_HPJD_PORT_INVALID' => '161', |
| 18 | 'NP_HOST_HPJD_PORT_VALID' => '', | 18 | 'NP_HOST_HPJD_PORT_VALID' => '', |
| 19 | 'NP_HOST_TCP_HTTP' => 'localhost', | 19 | 'NP_HOST_TCP_HTTP' => 'localhost', |
| 20 | 'NP_HOST_TCP_HTTP2' => 'labs.consol.de', | 20 | 'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org', |
| 21 | 'NP_HOST_TCP_IMAP' => 'imap.web.de', | 21 | 'NP_HOST_TCP_IMAP' => 'imap.web.de', |
| 22 | 'NP_HOST_TCP_LDAP' => 'localhost', | ||
| 22 | 'NP_HOST_TCP_POP' => 'pop.web.de', | 23 | 'NP_HOST_TCP_POP' => 'pop.web.de', |
| 23 | 'NP_HOST_TCP_SMTP' => 'localhost', | 24 | 'NP_HOST_TCP_SMTP' => 'localhost', |
| 24 | 'NP_HOST_TCP_SMTP_NOTLS' => '', | 25 | 'NP_HOST_TCP_SMTP_NOTLS' => '', |
| 25 | 'NP_HOST_TCP_SMTP_TLS' => '', | 26 | 'NP_HOST_TCP_SMTP_TLS' => '', |
| 26 | 'NP_INTERNET_ACCESS' => 'yes', | 27 | 'NP_INTERNET_ACCESS' => 'yes', |
| 28 | 'NP_LDAP_BASE_DN' => 'cn=admin,dc=nodomain', | ||
| 27 | 'NP_MOUNTPOINT2_VALID' => '', | 29 | 'NP_MOUNTPOINT2_VALID' => '', |
| 28 | 'NP_MOUNTPOINT_VALID' => '/', | 30 | 'NP_MOUNTPOINT_VALID' => '/', |
| 29 | 'NP_MYSQL_SERVER' => 'localhost', | 31 | 'NP_MYSQL_SERVER' => 'localhost', |
diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t index 2539a28..c2caec6 100644 --- a/plugins/t/check_http.t +++ b/plugins/t/check_http.t | |||
| @@ -6,9 +6,10 @@ | |||
| 6 | 6 | ||
| 7 | use strict; | 7 | use strict; |
| 8 | use Test::More; | 8 | use Test::More; |
| 9 | use POSIX qw/mktime strftime/; | ||
| 9 | use NPTest; | 10 | use NPTest; |
| 10 | 11 | ||
| 11 | plan tests => 30; | 12 | plan tests => 42; |
| 12 | 13 | ||
| 13 | my $successOutput = '/OK.*HTTP.*second/'; | 14 | my $successOutput = '/OK.*HTTP.*second/'; |
| 14 | 15 | ||
| @@ -34,6 +35,8 @@ my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2", | |||
| 34 | "A host providing an index page containing the string 'monitoring'", | 35 | "A host providing an index page containing the string 'monitoring'", |
| 35 | "test.monitoring-plugins.org" ); | 36 | "test.monitoring-plugins.org" ); |
| 36 | 37 | ||
| 38 | my $faketime = -x '/usr/bin/faketime' ? 1 : 0; | ||
| 39 | |||
| 37 | 40 | ||
| 38 | $res = NPTest->testCmd( | 41 | $res = NPTest->testCmd( |
| 39 | "./check_http $host_tcp_http -wt 300 -ct 600" | 42 | "./check_http $host_tcp_http -wt 300 -ct 600" |
| @@ -47,10 +50,10 @@ $res = NPTest->testCmd( | |||
| 47 | like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); | 50 | like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); |
| 48 | 51 | ||
| 49 | $res = NPTest->testCmd( | 52 | $res = NPTest->testCmd( |
| 50 | "./check_http $host_nonresponsive -wt 1 -ct 2" | 53 | "./check_http $host_nonresponsive -wt 1 -ct 2 -t 3" |
| 51 | ); | 54 | ); |
| 52 | cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); | 55 | cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); |
| 53 | cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 10 seconds", "Output OK"); | 56 | cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK"); |
| 54 | 57 | ||
| 55 | $res = NPTest->testCmd( | 58 | $res = NPTest->testCmd( |
| 56 | "./check_http $hostname_invalid -wt 1 -ct 2" | 59 | "./check_http $hostname_invalid -wt 1 -ct 2" |
| @@ -112,6 +115,40 @@ SKIP: { | |||
| 112 | $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" ); | 115 | $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" ); |
| 113 | cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); | 116 | cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); |
| 114 | 117 | ||
| 118 | # run some certificate checks with faketime | ||
| 119 | SKIP: { | ||
| 120 | skip "No faketime binary found", 12 if !$faketime; | ||
| 121 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 www.verisign.com"); | ||
| 122 | like($res->output, qr/OK - Certificate 'www.verisign.com' will expire on/, "Catch cert output"); | ||
| 123 | is( $res->return_code, 0, "Catch cert output exit code" ); | ||
| 124 | my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)\./); | ||
| 125 | if(!defined $year) { | ||
| 126 | die("parsing date failed from: ".$res); | ||
| 127 | } | ||
| 128 | my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; | ||
| 129 | my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); | ||
| 130 | my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); | ||
| 131 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_http -C 1 www.verisign.com"); | ||
| 132 | like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' just expired/, "Output on expire date"); | ||
| 133 | is( $res->return_code, 2, "Output on expire date" ); | ||
| 134 | |||
| 135 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_http -C 1 www.verisign.com"); | ||
| 136 | like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 0 minutes/, "cert expires in 1 second output"); | ||
| 137 | is( $res->return_code, 2, "cert expires in 1 second exit code" ); | ||
| 138 | |||
| 139 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_http -C 1 www.verisign.com"); | ||
| 140 | like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 minutes/, "cert expires in 2 minutes output"); | ||
| 141 | is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); | ||
| 142 | |||
| 143 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_http -C 1 www.verisign.com"); | ||
| 144 | like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 hours/, "cert expires in 2 hours output"); | ||
| 145 | is( $res->return_code, 2, "cert expires in 2 hours exit code" ); | ||
| 146 | |||
| 147 | $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_http -C 1 www.verisign.com"); | ||
| 148 | like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expired on/, "Certificate expired output"); | ||
| 149 | is( $res->return_code, 2, "Certificate expired exit code" ); | ||
| 150 | }; | ||
| 151 | |||
| 115 | $res = NPTest->testCmd( "./check_http --ssl www.verisign.com -E" ); | 152 | $res = NPTest->testCmd( "./check_http --ssl www.verisign.com -E" ); |
| 116 | like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); | 153 | like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); |
| 117 | like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); | 154 | like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); |
diff --git a/plugins/t/check_ldap.t b/plugins/t/check_ldap.t new file mode 100644 index 0000000..b8944d4 --- /dev/null +++ b/plugins/t/check_ldap.t | |||
| @@ -0,0 +1,80 @@ | |||
| 1 | #!/usr/bin/env perl -I .. | ||
| 2 | # | ||
| 3 | # Lightweight Directory Access Protocol (LDAP) Test via check_ldap | ||
| 4 | # | ||
| 5 | # | ||
| 6 | |||
| 7 | use strict; | ||
| 8 | use warnings; | ||
| 9 | use Test::More; | ||
| 10 | use NPTest; | ||
| 11 | |||
| 12 | my $host_tcp_ldap = getTestParameter("NP_HOST_TCP_LDAP", | ||
| 13 | "A host providing the LDAP Service", | ||
| 14 | "localhost" ); | ||
| 15 | |||
| 16 | my $ldap_base_dn = getTestParameter("NP_LDAP_BASE_DN", | ||
| 17 | "A base dn for the LDAP Service", | ||
| 18 | "cn=admin" ); | ||
| 19 | |||
| 20 | my $host_nonresponsive = getTestParameter("host_nonresponsive", "NP_HOST_NONRESPONSIVE", "10.0.0.1", | ||
| 21 | "The hostname of system not responsive to network requests" ); | ||
| 22 | |||
| 23 | my $hostname_invalid = getTestParameter("hostname_invalid", "NP_HOSTNAME_INVALID", "nosuchhost", | ||
| 24 | "An invalid (not known to DNS) hostname" ); | ||
| 25 | |||
| 26 | my($result, $cmd); | ||
| 27 | my $command = './check_ldap'; | ||
| 28 | |||
| 29 | plan tests => 16; | ||
| 30 | |||
| 31 | SKIP: { | ||
| 32 | skip "NP_HOST_NONRESPONSIVE not set", 2 if ! $host_nonresponsive; | ||
| 33 | |||
| 34 | $result = NPTest->testCmd("$command -H $host_nonresponsive -b ou=blah -t 2 -w 1 -c 1"); | ||
| 35 | is( $result->return_code, 2, "$command -H $host_nonresponsive -b ou=blah -t 5 -w 2 -c 3" ); | ||
| 36 | is( $result->output, 'CRITICAL - Socket timeout after 2 seconds', "output ok" ); | ||
| 37 | }; | ||
| 38 | |||
| 39 | SKIP: { | ||
| 40 | skip "NP_HOSTNAME_INVALID not set", 2 if ! $hostname_invalid; | ||
| 41 | |||
| 42 | $result = NPTest->testCmd("$command -H $hostname_invalid -b ou=blah -t 5"); | ||
| 43 | is( $result->return_code, 2, "$command -H $hostname_invalid -b ou=blah -t 5" ); | ||
| 44 | is( $result->output, 'Could not bind to the LDAP server', "output ok" ); | ||
| 45 | }; | ||
| 46 | |||
| 47 | SKIP: { | ||
| 48 | skip "NP_HOST_TCP_LDAP not set", 12 if ! $host_tcp_ldap; | ||
| 49 | skip "NP_LDAP_BASE_DN not set", 12 if ! $ldap_base_dn; | ||
| 50 | |||
| 51 | $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3"; | ||
| 52 | $result = NPTest->testCmd($cmd); | ||
| 53 | is( $result->return_code, 0, $cmd ); | ||
| 54 | like( $result->output, '/^LDAP OK - \d+.\d+ seconds response time\|time=\d+\.\d+s;2\.0+;3\.0+;0\.0+$/', "output ok" ); | ||
| 55 | |||
| 56 | $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000 -C 10000001"; | ||
| 57 | $result = NPTest->testCmd($cmd); | ||
| 58 | is( $result->return_code, 0, $cmd ); | ||
| 59 | like( $result->output, '/^LDAP OK - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000;10000001;0\.0+$/', "output ok" ); | ||
| 60 | |||
| 61 | $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000: -C 10000001:"; | ||
| 62 | $result = NPTest->testCmd($cmd); | ||
| 63 | is( $result->return_code, 2, $cmd ); | ||
| 64 | like( $result->output, '/^LDAP CRITICAL - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000:;10000001:;0\.0+$/', "output ok" ); | ||
| 65 | |||
| 66 | $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 0 -C 0"; | ||
| 67 | $result = NPTest->testCmd($cmd); | ||
| 68 | is( $result->return_code, 2, $cmd ); | ||
| 69 | like( $result->output, '/^LDAP CRITICAL - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;0;0;0\.0+$/', "output ok" ); | ||
| 70 | |||
| 71 | $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000: -C 10000001"; | ||
| 72 | $result = NPTest->testCmd($cmd); | ||
| 73 | is( $result->return_code, 1, $cmd ); | ||
| 74 | like( $result->output, '/^LDAP WARNING - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000:;10000001;0\.0+$/', "output ok" ); | ||
| 75 | |||
| 76 | $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -C 10000001"; | ||
| 77 | $result = NPTest->testCmd($cmd); | ||
| 78 | is( $result->return_code, 0, $cmd ); | ||
| 79 | like( $result->output, '/^LDAP OK - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;;10000001;0\.0+$/', "output ok" ); | ||
| 80 | }; | ||
diff --git a/plugins/tests/check_snmp.t b/plugins/tests/check_snmp.t index 2fd033d..73a68b2 100755 --- a/plugins/tests/check_snmp.t +++ b/plugins/tests/check_snmp.t | |||
| @@ -128,7 +128,7 @@ sleep 1; | |||
| 128 | 128 | ||
| 129 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); | 129 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); |
| 130 | is($res->return_code, 1, "WARNING - due to going above rate calculation" ); | 130 | is($res->return_code, 1, "WARNING - due to going above rate calculation" ); |
| 131 | is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666 "); | 131 | is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666;600 "); |
| 132 | 132 | ||
| 133 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); | 133 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); |
| 134 | is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" ); | 134 | is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" ); |
| @@ -209,7 +209,7 @@ is($res->output, 'SNMP OK - "stringtests" | ', "OK as inverted string no match" | |||
| 209 | 209 | ||
| 210 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.12 -w 4:5" ); | 210 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.12 -w 4:5" ); |
| 211 | is($res->return_code, 1, "Numeric in string test" ); | 211 | is($res->return_code, 1, "Numeric in string test" ); |
| 212 | is($res->output, 'SNMP WARNING - *3.5* | iso.3.6.1.4.1.8072.3.2.67.12=3.5 ', "WARNING threshold checks for string masquerading as number" ); | 212 | is($res->output, 'SNMP WARNING - *3.5* | iso.3.6.1.4.1.8072.3.2.67.12=3.5;4:5 ', "WARNING threshold checks for string masquerading as number" ); |
| 213 | 213 | ||
| 214 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.13" ); | 214 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.13" ); |
| 215 | is($res->return_code, 0, "Not really numeric test" ); | 215 | is($res->return_code, 0, "Not really numeric test" ); |
| @@ -225,29 +225,29 @@ is($res->output, 'SNMP OK - "CUSTOM CHECK OK: foo is 12345" | ', "String check w | |||
| 225 | 225 | ||
| 226 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); | 226 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); |
| 227 | is($res->return_code, 0, "Negative integer check OK" ); | 227 | is($res->return_code, 0, "Negative integer check OK" ); |
| 228 | is($res->output, 'SNMP OK - -2 | iso.3.6.1.4.1.8072.3.2.67.16=-2 ', "Negative integer check OK output" ); | 228 | is($res->output, 'SNMP OK - -2 | iso.3.6.1.4.1.8072.3.2.67.16=-2;-2:;-3: ', "Negative integer check OK output" ); |
| 229 | 229 | ||
| 230 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); | 230 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); |
| 231 | is($res->return_code, 1, "Negative integer check WARNING" ); | 231 | is($res->return_code, 1, "Negative integer check WARNING" ); |
| 232 | is($res->output, 'SNMP WARNING - *-3* | iso.3.6.1.4.1.8072.3.2.67.16=-3 ', "Negative integer check WARNING output" ); | 232 | is($res->output, 'SNMP WARNING - *-3* | iso.3.6.1.4.1.8072.3.2.67.16=-3;-2:;-3: ', "Negative integer check WARNING output" ); |
| 233 | 233 | ||
| 234 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); | 234 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); |
| 235 | is($res->return_code, 2, "Negative integer check CRITICAL" ); | 235 | is($res->return_code, 2, "Negative integer check CRITICAL" ); |
| 236 | is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.16=-4 ', "Negative integer check CRITICAL output" ); | 236 | is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.16=-4;-2:;-3: ', "Negative integer check CRITICAL output" ); |
| 237 | 237 | ||
| 238 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -3: -c -6:" ); | 238 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -3: -c -6:" ); |
| 239 | is($res->return_code, 1, "Negative integer as string, WARNING" ); | 239 | is($res->return_code, 1, "Negative integer as string, WARNING" ); |
| 240 | is($res->output, 'SNMP WARNING - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4 ', "Negative integer as string, WARNING output" ); | 240 | is($res->output, 'SNMP WARNING - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4;-3:;-6: ', "Negative integer as string, WARNING output" ); |
| 241 | 241 | ||
| 242 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -2: -c -3:" ); | 242 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -2: -c -3:" ); |
| 243 | is($res->return_code, 2, "Negative integer as string, CRITICAL" ); | 243 | is($res->return_code, 2, "Negative integer as string, CRITICAL" ); |
| 244 | is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4 ', "Negative integer as string, CRITICAL output" ); | 244 | is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4;-2:;-3: ', "Negative integer as string, CRITICAL output" ); |
| 245 | 245 | ||
| 246 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -c ~:-6.5" ); | 246 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -c '~:-6.5'" ); |
| 247 | is($res->return_code, 0, "Negative float OK" ); | 247 | is($res->return_code, 0, "Negative float OK" ); |
| 248 | is($res->output, 'SNMP OK - -6.6 | iso.3.6.1.4.1.8072.3.2.67.18=-6.6 ', "Negative float OK output" ); | 248 | is($res->output, 'SNMP OK - -6.6 | iso.3.6.1.4.1.8072.3.2.67.18=-6.6;;~:-6.5 ', "Negative float OK output" ); |
| 249 | 249 | ||
| 250 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -w ~:-6.65 -c ~:-6.55" ); | 250 | $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -w '~:-6.65' -c '~:-6.55'" ); |
| 251 | is($res->return_code, 1, "Negative float WARNING" ); | 251 | is($res->return_code, 1, "Negative float WARNING" ); |
| 252 | is($res->output, 'SNMP WARNING - *-6.6* | iso.3.6.1.4.1.8072.3.2.67.18=-6.6 ', "Negative float WARNING output" ); | 252 | is($res->output, 'SNMP WARNING - *-6.6* | iso.3.6.1.4.1.8072.3.2.67.18=-6.6;~:-6.65;~:-6.55 ', "Negative float WARNING output" ); |
| 253 | 253 | ||
diff --git a/plugins/utils.c b/plugins/utils.c index 4b3c0c8..a864e4a 100644 --- a/plugins/utils.c +++ b/plugins/utils.c | |||
| @@ -628,3 +628,43 @@ char *fperfdata (const char *label, | |||
| 628 | 628 | ||
| 629 | return data; | 629 | return data; |
| 630 | } | 630 | } |
| 631 | |||
| 632 | char *sperfdata (const char *label, | ||
| 633 | double val, | ||
| 634 | const char *uom, | ||
| 635 | char *warn, | ||
| 636 | char *crit, | ||
| 637 | int minp, | ||
| 638 | double minv, | ||
| 639 | int maxp, | ||
| 640 | double maxv) | ||
| 641 | { | ||
| 642 | char *data = NULL; | ||
| 643 | if (strpbrk (label, "'= ")) | ||
| 644 | xasprintf (&data, "'%s'=", label); | ||
| 645 | else | ||
| 646 | xasprintf (&data, "%s=", label); | ||
| 647 | |||
| 648 | xasprintf (&data, "%s%f", data, val); | ||
| 649 | xasprintf (&data, "%s%s;", data, uom); | ||
| 650 | |||
| 651 | if (warn!=NULL) | ||
| 652 | xasprintf (&data, "%s%s", data, warn); | ||
| 653 | |||
| 654 | xasprintf (&data, "%s;", data); | ||
| 655 | |||
| 656 | if (crit!=NULL) | ||
| 657 | xasprintf (&data, "%s%s", data, crit); | ||
| 658 | |||
| 659 | xasprintf (&data, "%s;", data); | ||
| 660 | |||
| 661 | if (minp) | ||
| 662 | xasprintf (&data, "%s%f", data, minv); | ||
| 663 | |||
| 664 | if (maxp) { | ||
| 665 | xasprintf (&data, "%s;", data); | ||
| 666 | xasprintf (&data, "%s%f", data, maxv); | ||
| 667 | } | ||
| 668 | |||
| 669 | return data; | ||
| 670 | } | ||