summaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'plugins')
-rw-r--r--plugins/Makefile.am2
-rw-r--r--plugins/check_by_ssh.c7
-rw-r--r--plugins/check_dig.c6
-rw-r--r--plugins/check_disk.c71
-rw-r--r--plugins/check_dns.c8
-rw-r--r--plugins/check_http.c80
-rw-r--r--plugins/check_ide_smart.c26
-rw-r--r--plugins/check_ldap.c2
-rw-r--r--plugins/check_load.c2
-rw-r--r--plugins/check_ntp.c6
-rw-r--r--plugins/check_ntp_time.c8
-rw-r--r--plugins/check_radius.c36
-rw-r--r--plugins/check_smtp.c25
-rw-r--r--plugins/check_snmp.c19
-rw-r--r--plugins/check_tcp.c4
-rw-r--r--plugins/check_ups.c12
-rw-r--r--plugins/check_users.c60
-rw-r--r--plugins/common.h7
-rw-r--r--plugins/negate.c4
-rw-r--r--plugins/netutils.c15
-rw-r--r--plugins/netutils.h17
-rw-r--r--plugins/sslutils.c96
-rw-r--r--plugins/t/NPTest.cache.travis4
-rw-r--r--plugins/t/check_http.t34
-rw-r--r--plugins/t/check_snmp.t12
-rw-r--r--plugins/t/check_users.t4
-rwxr-xr-xplugins/tests/check_http.t10
-rw-r--r--plugins/utils.c41
-rw-r--r--plugins/utils.h34
29 files changed, 383 insertions, 269 deletions
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index 41906c53..0ddf9bd1 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -71,7 +71,7 @@ check_apt_LDADD = $(BASEOBJS)
71check_cluster_LDADD = $(BASEOBJS) 71check_cluster_LDADD = $(BASEOBJS)
72check_dbi_LDADD = $(NETLIBS) $(DBILIBS) 72check_dbi_LDADD = $(NETLIBS) $(DBILIBS)
73check_dig_LDADD = $(NETLIBS) 73check_dig_LDADD = $(NETLIBS)
74check_disk_LDADD = $(BASEOBJS) $(THREADLIBS) 74check_disk_LDADD = $(BASEOBJS)
75check_dns_LDADD = $(NETLIBS) 75check_dns_LDADD = $(NETLIBS)
76check_dummy_LDADD = $(BASEOBJS) 76check_dummy_LDADD = $(BASEOBJS)
77check_fping_LDADD = $(NETLIBS) 77check_fping_LDADD = $(NETLIBS)
diff --git a/plugins/check_by_ssh.c b/plugins/check_by_ssh.c
index 04bce38d..13d8bc3b 100644
--- a/plugins/check_by_ssh.c
+++ b/plugins/check_by_ssh.c
@@ -100,6 +100,13 @@ main (int argc, char **argv)
100 100
101 result = cmd_run_array (commargv, &chld_out, &chld_err, 0); 101 result = cmd_run_array (commargv, &chld_out, &chld_err, 0);
102 102
103 if (verbose) {
104 for(i = 0; i < chld_out.lines; i++)
105 printf("stdout: %s\n", chld_out.line[i]);
106 for(i = 0; i < chld_err.lines; i++)
107 printf("stderr: %s\n", chld_err.line[i]);
108 }
109
103 if (skip_stdout == -1) /* --skip-stdout specified without argument */ 110 if (skip_stdout == -1) /* --skip-stdout specified without argument */
104 skip_stdout = chld_out.lines; 111 skip_stdout = chld_out.lines;
105 if (skip_stderr == -1) /* --skip-stderr specified without argument */ 112 if (skip_stderr == -1) /* --skip-stderr specified without argument */
diff --git a/plugins/check_dig.c b/plugins/check_dig.c
index db4b20eb..da4f0ded 100644
--- a/plugins/check_dig.c
+++ b/plugins/check_dig.c
@@ -48,7 +48,7 @@ void print_usage (void);
48 48
49#define UNDEFINED 0 49#define UNDEFINED 0
50#define DEFAULT_PORT 53 50#define DEFAULT_PORT 53
51#define DEFAULT_TRIES 3 51#define DEFAULT_TRIES 2
52 52
53char *query_address = NULL; 53char *query_address = NULL;
54char *record_type = "A"; 54char *record_type = "A";
@@ -94,7 +94,7 @@ main (int argc, char **argv)
94 timeout_interval_dig = timeout_interval / number_tries + number_tries; 94 timeout_interval_dig = timeout_interval / number_tries + number_tries;
95 95
96 /* get the command to run */ 96 /* get the command to run */
97 xasprintf (&command_line, "%s %s %s -p %d @%s %s %s +tries=%d +time=%d", 97 xasprintf (&command_line, "%s %s %s -p %d @%s %s %s +retry=%d +time=%d",
98 PATH_TO_DIG, dig_args, query_transport, server_port, dns_server, query_address, record_type, number_tries, timeout_interval_dig); 98 PATH_TO_DIG, dig_args, query_transport, server_port, dns_server, query_address, record_type, number_tries, timeout_interval_dig);
99 99
100 alarm (timeout_interval); 100 alarm (timeout_interval);
@@ -125,7 +125,7 @@ main (int argc, char **argv)
125 if (verbose) 125 if (verbose)
126 printf ("%s\n", chld_out.line[i]); 126 printf ("%s\n", chld_out.line[i]);
127 127
128 if (strstr (chld_out.line[i], (expected_address == NULL ? query_address : expected_address)) != NULL) { 128 if (strcasestr (chld_out.line[i], (expected_address == NULL ? query_address : expected_address)) != NULL) {
129 msg = chld_out.line[i]; 129 msg = chld_out.line[i];
130 result = STATE_OK; 130 result = STATE_OK;
131 131
diff --git a/plugins/check_disk.c b/plugins/check_disk.c
index 9693bad3..4b5ba5fe 100644
--- a/plugins/check_disk.c
+++ b/plugins/check_disk.c
@@ -51,9 +51,6 @@ const char *email = "devel@monitoring-plugins.org";
51# include <limits.h> 51# include <limits.h>
52#endif 52#endif
53#include "regex.h" 53#include "regex.h"
54#if HAVE_PTHREAD_H
55# include <pthread.h>
56#endif
57 54
58#ifdef __CYGWIN__ 55#ifdef __CYGWIN__
59# include <windows.h> 56# include <windows.h>
@@ -61,9 +58,6 @@ const char *email = "devel@monitoring-plugins.org";
61# define ERROR -1 58# define ERROR -1
62#endif 59#endif
63 60
64/* If nonzero, show inode information. */
65static int inode_format = 1;
66
67/* If nonzero, show even filesystems with zero size or 61/* If nonzero, show even filesystems with zero size or
68 uninteresting types. */ 62 uninteresting types. */
69static int show_all_fs = 1; 63static int show_all_fs = 1;
@@ -133,7 +127,6 @@ void print_help (void);
133void print_usage (void); 127void print_usage (void);
134double calculate_percent(uintmax_t, uintmax_t); 128double calculate_percent(uintmax_t, uintmax_t);
135void stat_path (struct parameter_list *p); 129void stat_path (struct parameter_list *p);
136void *do_stat_path (void *p);
137void get_stats (struct parameter_list *p, struct fs_usage *fsp); 130void get_stats (struct parameter_list *p, struct fs_usage *fsp);
138void get_path_stats (struct parameter_list *p, struct fs_usage *fsp); 131void get_path_stats (struct parameter_list *p, struct fs_usage *fsp);
139 132
@@ -172,6 +165,7 @@ main (int argc, char **argv)
172 int result = STATE_UNKNOWN; 165 int result = STATE_UNKNOWN;
173 int disk_result = STATE_UNKNOWN; 166 int disk_result = STATE_UNKNOWN;
174 char *output; 167 char *output;
168 char *ko_output;
175 char *details; 169 char *details;
176 char *perf; 170 char *perf;
177 char *preamble; 171 char *preamble;
@@ -182,7 +176,7 @@ main (int argc, char **argv)
182 int temp_result; 176 int temp_result;
183 177
184 struct mount_entry *me; 178 struct mount_entry *me;
185 struct fs_usage fsp, tmpfsp; 179 struct fs_usage fsp;
186 struct parameter_list *temp_list, *path; 180 struct parameter_list *temp_list, *path;
187 181
188#ifdef __CYGWIN__ 182#ifdef __CYGWIN__
@@ -191,6 +185,7 @@ main (int argc, char **argv)
191 185
192 preamble = strdup (" - free space:"); 186 preamble = strdup (" - free space:");
193 output = strdup (""); 187 output = strdup ("");
188 ko_output = strdup ("");
194 details = strdup (""); 189 details = strdup ("");
195 perf = strdup (""); 190 perf = strdup ("");
196 stat_buf = malloc(sizeof *stat_buf); 191 stat_buf = malloc(sizeof *stat_buf);
@@ -355,9 +350,6 @@ main (int argc, char **argv)
355 TRUE, 0, 350 TRUE, 0,
356 TRUE, path->dtotal_units)); 351 TRUE, path->dtotal_units));
357 352
358 if (disk_result==STATE_OK && erronly && !verbose)
359 continue;
360
361 if(disk_result && verbose >= 1) { 353 if(disk_result && verbose >= 1) {
362 xasprintf(&flag_header, " %s [", state_text (disk_result)); 354 xasprintf(&flag_header, " %s [", state_text (disk_result));
363 } else { 355 } else {
@@ -383,15 +375,27 @@ main (int argc, char **argv)
383 (unsigned long)w_df, (unsigned long)c_df, w_dfp, c_dfp); 375 (unsigned long)w_df, (unsigned long)c_df, w_dfp, c_dfp);
384 */ 376 */
385 377
378 /* OS: #1420 save all not ok paths to different output, but only in case of error only option */
379 if (disk_result!=STATE_OK && erronly) {
380 xasprintf (&ko_output, "%s%s %s %.0f %s (%.0f%%",
381 ko_output, flag_header,
382 (!strcmp(me->me_mountdir, "none") || display_mntp) ? me->me_devname : me->me_mountdir,
383 path->dfree_units,
384 units,
385 path->dfree_pct);
386 }
387
386 } 388 }
387 389
390 /* OS: #1420 only show offending paths if error only option is set, but show all paths if everything is ok */
391 output = (erronly && result!=STATE_OK) ? ko_output : output;
388 } 392 }
389 393
390 if (verbose >= 2) 394 if (verbose >= 2)
391 xasprintf (&output, "%s%s", output, details); 395 xasprintf (&output, "%s%s", output, details);
392 396
393 397
394 printf ("DISK %s%s%s|%s\n", state_text (result), (erronly && result==STATE_OK) ? "" : preamble, output, perf); 398 printf ("DISK %s%s%s|%s\n", state_text (result), preamble, output, perf);
395 return result; 399 return result;
396} 400}
397 401
@@ -427,9 +431,7 @@ process_arguments (int argc, char **argv)
427 int c, err; 431 int c, err;
428 struct parameter_list *se; 432 struct parameter_list *se;
429 struct parameter_list *temp_list = NULL, *previous = NULL; 433 struct parameter_list *temp_list = NULL, *previous = NULL;
430 struct parameter_list *temp_path_select_list = NULL; 434 struct mount_entry *me;
431 struct mount_entry *me, *temp_me;
432 int result = OK;
433 regex_t re; 435 regex_t re;
434 int cflags = REG_NOSUB | REG_EXTENDED; 436 int cflags = REG_NOSUB | REG_EXTENDED;
435 int default_cflags = cflags; 437 int default_cflags = cflags;
@@ -972,44 +974,6 @@ print_usage (void)
972void 974void
973stat_path (struct parameter_list *p) 975stat_path (struct parameter_list *p)
974{ 976{
975#ifdef HAVE_PTHREAD_H
976 pthread_t stat_thread;
977 int statdone = 0;
978 int timer = timeout_interval;
979 struct timespec req, rem;
980
981 req.tv_sec = 0;
982 pthread_create(&stat_thread, NULL, do_stat_path, p);
983 while (timer-- > 0) {
984 req.tv_nsec = 10000000;
985 nanosleep(&req, &rem);
986 if (pthread_kill(stat_thread, 0)) {
987 statdone = 1;
988 break;
989 } else {
990 req.tv_nsec = 990000000;
991 nanosleep(&req, &rem);
992 }
993 }
994 if (statdone == 1) {
995 pthread_join(stat_thread, NULL);
996 } else {
997 pthread_detach(stat_thread);
998 if (verbose >= 3)
999 printf("stat did not return within %ds on %s\n", timeout_interval, p->name);
1000 printf("DISK %s - ", _("CRITICAL"));
1001 die (STATE_CRITICAL, _("%s %s: %s\n"), p->name, _("hangs"), _("Timeout"));
1002 }
1003#else
1004 do_stat_path(p);
1005#endif
1006}
1007
1008void *
1009do_stat_path (void *in)
1010{
1011 struct parameter_list *p = in;
1012
1013 /* Stat entry to check that dir exists and is accessible */ 977 /* Stat entry to check that dir exists and is accessible */
1014 if (verbose >= 3) 978 if (verbose >= 3)
1015 printf("calling stat on %s\n", p->name); 979 printf("calling stat on %s\n", p->name);
@@ -1019,7 +983,6 @@ do_stat_path (void *in)
1019 printf("DISK %s - ", _("CRITICAL")); 983 printf("DISK %s - ", _("CRITICAL"));
1020 die (STATE_CRITICAL, _("%s %s: %s\n"), p->name, _("is not accessible"), strerror(errno)); 984 die (STATE_CRITICAL, _("%s %s: %s\n"), p->name, _("is not accessible"), strerror(errno));
1021 } 985 }
1022 return NULL;
1023} 986}
1024 987
1025 988
diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index d6bd2c0f..54ce7d16 100644
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
@@ -81,7 +81,6 @@ main (int argc, char **argv)
81 double elapsed_time; 81 double elapsed_time;
82 long microsec; 82 long microsec;
83 struct timeval tv; 83 struct timeval tv;
84 int multi_address;
85 int parse_address = FALSE; /* This flag scans for Address: but only after Name: */ 84 int parse_address = FALSE; /* This flag scans for Address: but only after Name: */
86 output chld_out, chld_err; 85 output chld_out, chld_err;
87 size_t i; 86 size_t i;
@@ -127,7 +126,7 @@ main (int argc, char **argv)
127 if (verbose) 126 if (verbose)
128 puts(chld_out.line[i]); 127 puts(chld_out.line[i]);
129 128
130 if (strstr (chld_out.line[i], ".in-addr.arpa")) { 129 if (strcasestr (chld_out.line[i], ".in-addr.arpa")) {
131 if ((temp_buffer = strstr (chld_out.line[i], "name = "))) 130 if ((temp_buffer = strstr (chld_out.line[i], "name = ")))
132 addresses[n_addresses++] = strdup (temp_buffer + 7); 131 addresses[n_addresses++] = strdup (temp_buffer + 7);
133 else { 132 else {
@@ -249,11 +248,6 @@ main (int argc, char **argv)
249 elapsed_time = (double)microsec / 1.0e6; 248 elapsed_time = (double)microsec / 1.0e6;
250 249
251 if (result == STATE_OK) { 250 if (result == STATE_OK) {
252 if (strchr (address, ',') == NULL)
253 multi_address = FALSE;
254 else
255 multi_address = TRUE;
256
257 result = get_status(elapsed_time, time_thresholds); 251 result = get_status(elapsed_time, time_thresholds);
258 if (result == STATE_OK) { 252 if (result == STATE_OK) {
259 printf ("DNS %s: ", _("OK")); 253 printf ("DNS %s: ", _("OK"));
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 68b470ce..e5ef7cc4 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -91,10 +91,12 @@ struct timeval tv_temp;
91 91
92int specify_port = FALSE; 92int specify_port = FALSE;
93int server_port = HTTP_PORT; 93int server_port = HTTP_PORT;
94int virtual_port = 0;
94char server_port_text[6] = ""; 95char server_port_text[6] = "";
95char server_type[6] = "http"; 96char server_type[6] = "http";
96char *server_address; 97char *server_address;
97char *host_name; 98char *host_name;
99int host_name_length;
98char *server_url; 100char *server_url;
99char *user_agent; 101char *user_agent;
100int server_url_length; 102int server_url_length;
@@ -343,9 +345,20 @@ process_arguments (int argc, char **argv)
343 parameters, like -S and -C combinations */ 345 parameters, like -S and -C combinations */
344 use_ssl = TRUE; 346 use_ssl = TRUE;
345 if (c=='S' && optarg != NULL) { 347 if (c=='S' && optarg != NULL) {
346 ssl_version = atoi(optarg); 348 int got_plus = strchr(optarg, '+') != NULL;
347 if (ssl_version < 1 || ssl_version > 3) 349
348 usage4 (_("Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 (SSLv3)")); 350 if (!strncmp (optarg, "1.2", 3))
351 ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2;
352 else if (!strncmp (optarg, "1.1", 3))
353 ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1;
354 else if (optarg[0] == '1')
355 ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1;
356 else if (optarg[0] == '3')
357 ssl_version = got_plus ? MP_SSLv3_OR_NEWER : MP_SSLv3;
358 else if (optarg[0] == '2')
359 ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2;
360 else
361 usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)"));
349 } 362 }
350 if (specify_port == FALSE) 363 if (specify_port == FALSE)
351 server_port = HTTPS_PORT; 364 server_port = HTTPS_PORT;
@@ -380,11 +393,25 @@ process_arguments (int argc, char **argv)
380 case 'H': /* Host Name (virtual host) */ 393 case 'H': /* Host Name (virtual host) */
381 host_name = strdup (optarg); 394 host_name = strdup (optarg);
382 if (host_name[0] == '[') { 395 if (host_name[0] == '[') {
383 if ((p = strstr (host_name, "]:")) != NULL) /* [IPv6]:port */ 396 if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */
384 server_port = atoi (p + 2); 397 virtual_port = atoi (p + 2);
398 /* cut off the port */
399 host_name_length = strlen (host_name) - strlen (p) - 1;
400 free (host_name);
401 host_name = strndup (optarg, host_name_length);
402 if (specify_port == FALSE)
403 server_port = virtual_port;
404 }
385 } else if ((p = strchr (host_name, ':')) != NULL 405 } else if ((p = strchr (host_name, ':')) != NULL
386 && strchr (++p, ':') == NULL) /* IPv4:port or host:port */ 406 && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */
387 server_port = atoi (p); 407 virtual_port = atoi (p);
408 /* cut off the port */
409 host_name_length = strlen (host_name) - strlen (p) - 1;
410 free (host_name);
411 host_name = strndup (optarg, host_name_length);
412 if (specify_port == FALSE)
413 server_port = virtual_port;
414 }
388 break; 415 break;
389 case 'I': /* Server IP-address */ 416 case 'I': /* Server IP-address */
390 server_address = strdup (optarg); 417 server_address = strdup (optarg);
@@ -539,9 +566,12 @@ process_arguments (int argc, char **argv)
539 if (http_method == NULL) 566 if (http_method == NULL)
540 http_method = strdup ("GET"); 567 http_method = strdup ("GET");
541 568
542 if (client_cert && !client_privkey) 569 if (client_cert && !client_privkey)
543 usage4 (_("If you use a client certificate you must also specify a private key file")); 570 usage4 (_("If you use a client certificate you must also specify a private key file"));
544 571
572 if (virtual_port == 0)
573 virtual_port = server_port;
574
545 return TRUE; 575 return TRUE;
546} 576}
547 577
@@ -911,8 +941,8 @@ check_http (void)
911 elapsed_time_ssl = (double)microsec_ssl / 1.0e6; 941 elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
912 if (check_cert == TRUE) { 942 if (check_cert == TRUE) {
913 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 943 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
914 np_net_ssl_cleanup();
915 if (sd) close(sd); 944 if (sd) close(sd);
945 np_net_ssl_cleanup();
916 return result; 946 return result;
917 } 947 }
918 } 948 }
@@ -947,13 +977,13 @@ check_http (void)
947 * 14.23). Some server applications/configurations cause trouble if the 977 * 14.23). Some server applications/configurations cause trouble if the
948 * (default) port is explicitly specified in the "Host:" header line. 978 * (default) port is explicitly specified in the "Host:" header line.
949 */ 979 */
950 if ((use_ssl == FALSE && server_port == HTTP_PORT) || 980 if ((use_ssl == FALSE && virtual_port == HTTP_PORT) ||
951 (use_ssl == TRUE && server_port == HTTPS_PORT) || 981 (use_ssl == TRUE && virtual_port == HTTPS_PORT) ||
952 (server_address != NULL && strcmp(http_method, "CONNECT") == 0 982 (server_address != NULL && strcmp(http_method, "CONNECT") == 0
953 && host_name != NULL && use_ssl == TRUE)) 983 && host_name != NULL && use_ssl == TRUE))
954 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); 984 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
955 else 985 else
956 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port); 986 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
957 } 987 }
958 } 988 }
959 989
@@ -1011,6 +1041,10 @@ check_http (void)
1011 microsec_firstbyte = deltime (tv_temp); 1041 microsec_firstbyte = deltime (tv_temp);
1012 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; 1042 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
1013 } 1043 }
1044 while (pos = memchr(buffer, '\0', i)) {
1045 /* replace nul character with a blank */
1046 *pos = ' ';
1047 }
1014 buffer[i] = '\0'; 1048 buffer[i] = '\0';
1015 xasprintf (&full_page_new, "%s%s", full_page, buffer); 1049 xasprintf (&full_page_new, "%s%s", full_page, buffer);
1016 free (full_page); 1050 free (full_page);
@@ -1052,10 +1086,10 @@ check_http (void)
1052 die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); 1086 die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n"));
1053 1087
1054 /* close the connection */ 1088 /* close the connection */
1089 if (sd) close(sd);
1055#ifdef HAVE_SSL 1090#ifdef HAVE_SSL
1056 np_net_ssl_cleanup(); 1091 np_net_ssl_cleanup();
1057#endif 1092#endif
1058 if (sd) close(sd);
1059 1093
1060 /* Save check time */ 1094 /* Save check time */
1061 microsec = deltime (tv); 1095 microsec = deltime (tv);
@@ -1410,6 +1444,9 @@ redir (char *pos, char *status_line)
1410 MAX_PORT, server_type, server_address, server_port, server_url, 1444 MAX_PORT, server_type, server_address, server_port, server_url,
1411 display_html ? "</A>" : ""); 1445 display_html ? "</A>" : "");
1412 1446
1447 /* reset virtual port */
1448 virtual_port = server_port;
1449
1413 if (verbose) 1450 if (verbose)
1414 printf (_("Redirection to %s://%s:%d%s\n"), server_type, 1451 printf (_("Redirection to %s://%s:%d%s\n"), server_type,
1415 host_name ? host_name : server_address, server_port, server_url); 1452 host_name ? host_name : server_address, server_port, server_url);
@@ -1442,32 +1479,32 @@ char *perfd_time (double elapsed_time)
1442 return fperfdata ("time", elapsed_time, "s", 1479 return fperfdata ("time", elapsed_time, "s",
1443 thlds->warning?TRUE:FALSE, thlds->warning?thlds->warning->end:0, 1480 thlds->warning?TRUE:FALSE, thlds->warning?thlds->warning->end:0,
1444 thlds->critical?TRUE:FALSE, thlds->critical?thlds->critical->end:0, 1481 thlds->critical?TRUE:FALSE, thlds->critical?thlds->critical->end:0,
1445 TRUE, 0, FALSE, 0); 1482 TRUE, 0, TRUE, socket_timeout);
1446} 1483}
1447 1484
1448char *perfd_time_connect (double elapsed_time_connect) 1485char *perfd_time_connect (double elapsed_time_connect)
1449{ 1486{
1450 return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1487 return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1451} 1488}
1452 1489
1453char *perfd_time_ssl (double elapsed_time_ssl) 1490char *perfd_time_ssl (double elapsed_time_ssl)
1454{ 1491{
1455 return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1492 return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1456} 1493}
1457 1494
1458char *perfd_time_headers (double elapsed_time_headers) 1495char *perfd_time_headers (double elapsed_time_headers)
1459{ 1496{
1460 return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1497 return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1461} 1498}
1462 1499
1463char *perfd_time_firstbyte (double elapsed_time_firstbyte) 1500char *perfd_time_firstbyte (double elapsed_time_firstbyte)
1464{ 1501{
1465 return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1502 return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1466} 1503}
1467 1504
1468char *perfd_time_transfer (double elapsed_time_transfer) 1505char *perfd_time_transfer (double elapsed_time_transfer)
1469{ 1506{
1470 return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0); 1507 return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
1471} 1508}
1472 1509
1473char *perfd_size (int page_len) 1510char *perfd_size (int page_len)
@@ -1514,9 +1551,10 @@ print_help (void)
1514 printf (UT_IPv46); 1551 printf (UT_IPv46);
1515 1552
1516#ifdef HAVE_SSL 1553#ifdef HAVE_SSL
1517 printf (" %s\n", "-S, --ssl=VERSION"); 1554 printf (" %s\n", "-S, --ssl=VERSION[+]");
1518 printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); 1555 printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents"));
1519 printf (" %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3).")); 1556 printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
1557 printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted."));
1520 printf (" %s\n", "--sni"); 1558 printf (" %s\n", "--sni");
1521 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); 1559 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
1522 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); 1560 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
diff --git a/plugins/check_ide_smart.c b/plugins/check_ide_smart.c
index 8d540ca1..46621318 100644
--- a/plugins/check_ide_smart.c
+++ b/plugins/check_ide_smart.c
@@ -166,7 +166,6 @@ enum SmartCommand
166 166
167char *get_offline_text (int); 167char *get_offline_text (int);
168int smart_read_values (int, values_t *); 168int smart_read_values (int, values_t *);
169int values_not_passed (values_t *, thresholds_t *);
170int nagios (values_t *, thresholds_t *); 169int nagios (values_t *, thresholds_t *);
171void print_value (value_t *, threshold_t *); 170void print_value (value_t *, threshold_t *);
172void print_values (values_t *, thresholds_t *); 171void print_values (values_t *, thresholds_t *);
@@ -340,31 +339,6 @@ smart_read_values (int fd, values_t * values)
340 339
341 340
342int 341int
343values_not_passed (values_t * p, thresholds_t * t)
344{
345 value_t * value = p->values;
346 threshold_t * threshold = t->thresholds;
347 int failed = 0;
348 int passed = 0;
349 int i;
350 for (i = 0; i < NR_ATTRIBUTES; i++) {
351 if (value->id && threshold->id && value->id == threshold->id) {
352 if (value->value < threshold->threshold) {
353 ++failed;
354 }
355 else {
356 ++passed;
357 }
358 }
359 ++value;
360 ++threshold;
361 }
362 return (passed ? -failed : 2);
363}
364
365
366
367int
368nagios (values_t * p, thresholds_t * t) 342nagios (values_t * p, thresholds_t * t)
369{ 343{
370 value_t * value = p->values; 344 value_t * value = p->values;
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c
index e70d6a51..66be4b46 100644
--- a/plugins/check_ldap.c
+++ b/plugins/check_ldap.c
@@ -483,7 +483,7 @@ print_help (void)
483 483
484 printf (" %s\n", "-W [--warn-entries]"); 484 printf (" %s\n", "-W [--warn-entries]");
485 printf (" %s\n", _("Number of found entries to result in warning status")); 485 printf (" %s\n", _("Number of found entries to result in warning status"));
486 printf (" %s\n", "-W [--crit-entries]"); 486 printf (" %s\n", "-C [--crit-entries]");
487 printf (" %s\n", _("Number of found entries to result in critical status")); 487 printf (" %s\n", _("Number of found entries to result in critical status"));
488 488
489 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 489 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
diff --git a/plugins/check_load.c b/plugins/check_load.c
index a96435f4..b1cc498f 100644
--- a/plugins/check_load.c
+++ b/plugins/check_load.c
@@ -160,7 +160,7 @@ main (int argc, char **argv)
160 sscanf (input_buffer, "%*[^l]load averages: %lf, %lf, %lf", &la1, &la5, &la15); 160 sscanf (input_buffer, "%*[^l]load averages: %lf, %lf, %lf", &la1, &la5, &la15);
161 } 161 }
162 else { 162 else {
163 printf (_("could not parse load from uptime: %s\n"), result, PATH_TO_UPTIME); 163 printf (_("could not parse load from uptime %s: %s\n"), PATH_TO_UPTIME, result);
164 return STATE_UNKNOWN; 164 return STATE_UNKNOWN;
165 } 165 }
166 166
diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
index 75efc289..5ac6c65b 100644
--- a/plugins/check_ntp.c
+++ b/plugins/check_ntp.c
@@ -297,7 +297,7 @@ void setup_request(ntp_message *p){
297 * this is done by filtering servers based on stratum, dispersion, and 297 * this is done by filtering servers based on stratum, dispersion, and
298 * finally round-trip delay. */ 298 * finally round-trip delay. */
299int best_offset_server(const ntp_server_results *slist, int nservers){ 299int best_offset_server(const ntp_server_results *slist, int nservers){
300 int i=0, cserver=0, best_server=-1; 300 int cserver=0, best_server=-1;
301 301
302 /* for each server */ 302 /* for each server */
303 for(cserver=0; cserver<nservers; cserver++){ 303 for(cserver=0; cserver<nservers; cserver++){
@@ -356,7 +356,7 @@ int best_offset_server(const ntp_server_results *slist, int nservers){
356 * we have to do it in a way that our lazy macros don't handle currently :( */ 356 * we have to do it in a way that our lazy macros don't handle currently :( */
357double offset_request(const char *host, int *status){ 357double offset_request(const char *host, int *status){
358 int i=0, j=0, ga_result=0, num_hosts=0, *socklist=NULL, respnum=0; 358 int i=0, j=0, ga_result=0, num_hosts=0, *socklist=NULL, respnum=0;
359 int servers_completed=0, one_written=0, one_read=0, servers_readable=0, best_index=-1; 359 int servers_completed=0, one_read=0, servers_readable=0, best_index=-1;
360 time_t now_time=0, start_ts=0; 360 time_t now_time=0, start_ts=0;
361 ntp_message *req=NULL; 361 ntp_message *req=NULL;
362 double avg_offset=0.; 362 double avg_offset=0.;
@@ -421,7 +421,6 @@ double offset_request(const char *host, int *status){
421 * been touched in the past second or so and is still lacking 421 * been touched in the past second or so and is still lacking
422 * some responses. for each of these servers, send a new request, 422 * some responses. for each of these servers, send a new request,
423 * and update the "waiting" timestamp with the current time. */ 423 * and update the "waiting" timestamp with the current time. */
424 one_written=0;
425 now_time=time(NULL); 424 now_time=time(NULL);
426 425
427 for(i=0; i<num_hosts; i++){ 426 for(i=0; i<num_hosts; i++){
@@ -431,7 +430,6 @@ double offset_request(const char *host, int *status){
431 setup_request(&req[i]); 430 setup_request(&req[i]);
432 write(socklist[i], &req[i], sizeof(ntp_message)); 431 write(socklist[i], &req[i], sizeof(ntp_message));
433 servers[i].waiting=now_time; 432 servers[i].waiting=now_time;
434 one_written=1;
435 break; 433 break;
436 } 434 }
437 } 435 }
diff --git a/plugins/check_ntp_time.c b/plugins/check_ntp_time.c
index 295f86f6..391b2df2 100644
--- a/plugins/check_ntp_time.c
+++ b/plugins/check_ntp_time.c
@@ -244,7 +244,7 @@ void setup_request(ntp_message *p){
244 * this is done by filtering servers based on stratum, dispersion, and 244 * this is done by filtering servers based on stratum, dispersion, and
245 * finally round-trip delay. */ 245 * finally round-trip delay. */
246int best_offset_server(const ntp_server_results *slist, int nservers){ 246int best_offset_server(const ntp_server_results *slist, int nservers){
247 int i=0, cserver=0, best_server=-1; 247 int cserver=0, best_server=-1;
248 248
249 /* for each server */ 249 /* for each server */
250 for(cserver=0; cserver<nservers; cserver++){ 250 for(cserver=0; cserver<nservers; cserver++){
@@ -303,7 +303,7 @@ int best_offset_server(const ntp_server_results *slist, int nservers){
303 * we have to do it in a way that our lazy macros don't handle currently :( */ 303 * we have to do it in a way that our lazy macros don't handle currently :( */
304double offset_request(const char *host, int *status){ 304double offset_request(const char *host, int *status){
305 int i=0, j=0, ga_result=0, num_hosts=0, *socklist=NULL, respnum=0; 305 int i=0, j=0, ga_result=0, num_hosts=0, *socklist=NULL, respnum=0;
306 int servers_completed=0, one_written=0, one_read=0, servers_readable=0, best_index=-1; 306 int servers_completed=0, one_read=0, servers_readable=0, best_index=-1;
307 time_t now_time=0, start_ts=0; 307 time_t now_time=0, start_ts=0;
308 ntp_message *req=NULL; 308 ntp_message *req=NULL;
309 double avg_offset=0.; 309 double avg_offset=0.;
@@ -368,7 +368,6 @@ double offset_request(const char *host, int *status){
368 * been touched in the past second or so and is still lacking 368 * been touched in the past second or so and is still lacking
369 * some responses. For each of these servers, send a new request, 369 * some responses. For each of these servers, send a new request,
370 * and update the "waiting" timestamp with the current time. */ 370 * and update the "waiting" timestamp with the current time. */
371 one_written=0;
372 now_time=time(NULL); 371 now_time=time(NULL);
373 372
374 for(i=0; i<num_hosts; i++){ 373 for(i=0; i<num_hosts; i++){
@@ -378,7 +377,6 @@ double offset_request(const char *host, int *status){
378 setup_request(&req[i]); 377 setup_request(&req[i]);
379 write(socklist[i], &req[i], sizeof(ntp_message)); 378 write(socklist[i], &req[i], sizeof(ntp_message));
380 servers[i].waiting=now_time; 379 servers[i].waiting=now_time;
381 one_written=1;
382 break; 380 break;
383 } 381 }
384 } 382 }
@@ -635,7 +633,7 @@ void print_help(void){
635 printf("%s\n", _("Notes:")); 633 printf("%s\n", _("Notes:"));
636 printf(" %s\n", _("If you'd rather want to monitor an NTP server, please use")); 634 printf(" %s\n", _("If you'd rather want to monitor an NTP server, please use"));
637 printf(" %s\n", _("check_ntp_peer.")); 635 printf(" %s\n", _("check_ntp_peer."));
638 printf(" %s\n", _("--time-offset is usefull for compensating for servers with known")); 636 printf(" %s\n", _("--time-offset is useful for compensating for servers with known"));
639 printf(" %s\n", _("and expected clock skew.")); 637 printf(" %s\n", _("and expected clock skew."));
640 printf("\n"); 638 printf("\n");
641 printf(UT_THRESHOLDS_NOTES); 639 printf(UT_THRESHOLDS_NOTES);
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index 03cbb8b0..b3b8c829 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -36,7 +36,9 @@ const char *email = "devel@monitoring-plugins.org";
36#include "utils.h" 36#include "utils.h"
37#include "netutils.h" 37#include "netutils.h"
38 38
39#if defined(HAVE_LIBFREERADIUS_CLIENT) 39#if defined(HAVE_LIBRADCLI)
40#include <radcli/radcli.h>
41#elif defined(HAVE_LIBFREERADIUS_CLIENT)
40#include <freeradius-client.h> 42#include <freeradius-client.h>
41#elif defined(HAVE_LIBRADIUSCLIENT_NG) 43#elif defined(HAVE_LIBRADIUSCLIENT_NG)
42#include <radiusclient-ng.h> 44#include <radiusclient-ng.h>
@@ -48,22 +50,24 @@ int process_arguments (int, char **);
48void print_help (void); 50void print_help (void);
49void print_usage (void); 51void print_usage (void);
50 52
51#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) 53#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || defined(HAVE_LIBRADCLI)
52#define my_rc_conf_str(a) rc_conf_str(rch,a) 54#define my_rc_conf_str(a) rc_conf_str(rch,a)
55#if defined(HAVE_LIBRADCLI)
56#define my_rc_send_server(a,b) rc_send_server(rch,a,b,AUTH)
57#else
53#define my_rc_send_server(a,b) rc_send_server(rch,a,b) 58#define my_rc_send_server(a,b) rc_send_server(rch,a,b)
54#ifdef HAVE_LIBFREERADIUS_CLIENT 59#endif
60#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADCLI)
55#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,(a)->secret,e,f) 61#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,(a)->secret,e,f)
56#else 62#else
57#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,e,f) 63#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,e,f)
58#endif 64#endif
59#define my_rc_own_ipaddress() rc_own_ipaddress(rch)
60#define my_rc_avpair_add(a,b,c,d) rc_avpair_add(rch,a,b,c,-1,d) 65#define my_rc_avpair_add(a,b,c,d) rc_avpair_add(rch,a,b,c,-1,d)
61#define my_rc_read_dictionary(a) rc_read_dictionary(rch, a) 66#define my_rc_read_dictionary(a) rc_read_dictionary(rch, a)
62#else 67#else
63#define my_rc_conf_str(a) rc_conf_str(a) 68#define my_rc_conf_str(a) rc_conf_str(a)
64#define my_rc_send_server(a,b) rc_send_server(a, b) 69#define my_rc_send_server(a,b) rc_send_server(a, b)
65#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(a,b,c,d,e,f) 70#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(a,b,c,d,e,f)
66#define my_rc_own_ipaddress() rc_own_ipaddress()
67#define my_rc_avpair_add(a,b,c,d) rc_avpair_add(a, b, c, d) 71#define my_rc_avpair_add(a,b,c,d) rc_avpair_add(a, b, c, d)
68#define my_rc_read_dictionary(a) rc_read_dictionary(a) 72#define my_rc_read_dictionary(a) rc_read_dictionary(a)
69#endif 73#endif
@@ -76,7 +80,7 @@ void print_usage (void);
76 80
77int my_rc_read_config(char *); 81int my_rc_read_config(char *);
78 82
79#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) 83#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || defined(HAVE_LIBRADCLI)
80rc_handle *rch = NULL; 84rc_handle *rch = NULL;
81#endif 85#endif
82 86
@@ -90,7 +94,6 @@ char *config_file = NULL;
90unsigned short port = PW_AUTH_UDP_PORT; 94unsigned short port = PW_AUTH_UDP_PORT;
91int retries = 1; 95int retries = 1;
92int verbose = FALSE; 96int verbose = FALSE;
93ENV *env = NULL;
94 97
95/****************************************************************************** 98/******************************************************************************
96 99
@@ -150,6 +153,8 @@ Please note that all tags must be lowercase to use the DocBook XML DTD.
150int 153int
151main (int argc, char **argv) 154main (int argc, char **argv)
152{ 155{
156 struct sockaddr_storage ss;
157 char name[HOST_NAME_MAX];
153 char msg[BUFFER_LEN]; 158 char msg[BUFFER_LEN];
154 SEND_DATA data; 159 SEND_DATA data;
155 int result = STATE_UNKNOWN; 160 int result = STATE_UNKNOWN;
@@ -185,15 +190,14 @@ main (int argc, char **argv)
185 die (STATE_UNKNOWN, _("Invalid NAS-Identifier\n")); 190 die (STATE_UNKNOWN, _("Invalid NAS-Identifier\n"));
186 } 191 }
187 192
188 if (nasipaddress != NULL) { 193 if (nasipaddress == NULL) {
189 if (rc_good_ipaddr (nasipaddress)) 194 if (gethostname (name, sizeof(name)) != 0)
190 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); 195 die (STATE_UNKNOWN, _("gethostname() failed!\n"));
191 if ((client_id = rc_get_ipaddr(nasipaddress)) == 0) 196 nasipaddress = name;
192 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n"));
193 } else {
194 if ((client_id = my_rc_own_ipaddress ()) == 0)
195 die (STATE_UNKNOWN, _("Can't find local IP for NAS-IP-Address\n"));
196 } 197 }
198 if (!dns_lookup (nasipaddress, &ss, AF_INET)) /* TODO: Support IPv6. */
199 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n"));
200 client_id = ntohl (((struct sockaddr_in *)&ss)->sin_addr.s_addr);
197 if (my_rc_avpair_add (&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL) 201 if (my_rc_avpair_add (&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL)
198 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); 202 die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n"));
199 203
@@ -399,7 +403,7 @@ print_usage (void)
399 403
400int my_rc_read_config(char * a) 404int my_rc_read_config(char * a)
401{ 405{
402#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) 406#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || defined(HAVE_LIBRADCLI)
403 rch = rc_read_config(a); 407 rch = rc_read_config(a);
404 return (rch == NULL) ? 1 : 0; 408 return (rch == NULL) ? 1 : 0;
405#else 409#else
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 56040ff2..587a7245 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -59,10 +59,6 @@ enum {
59#define SMTP_STARTTLS "STARTTLS\r\n" 59#define SMTP_STARTTLS "STARTTLS\r\n"
60#define SMTP_AUTH_LOGIN "AUTH LOGIN\r\n" 60#define SMTP_AUTH_LOGIN "AUTH LOGIN\r\n"
61 61
62#ifndef HOST_MAX_BYTES
63#define HOST_MAX_BYTES 255
64#endif
65
66#define EHLO_SUPPORTS_STARTTLS 1 62#define EHLO_SUPPORTS_STARTTLS 1
67 63
68int process_arguments (int, char **); 64int process_arguments (int, char **);
@@ -231,7 +227,7 @@ main (int argc, char **argv)
231 send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); 227 send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0);
232 228
233 recvlines(buffer, MAX_INPUT_BUFFER); /* wait for it */ 229 recvlines(buffer, MAX_INPUT_BUFFER); /* wait for it */
234 if (!strstr (buffer, server_expect)) { 230 if (!strstr (buffer, SMTP_EXPECT)) {
235 printf (_("Server does not support STARTTLS\n")); 231 printf (_("Server does not support STARTTLS\n"));
236 smtp_quit(); 232 smtp_quit();
237 return STATE_UNKNOWN; 233 return STATE_UNKNOWN;
@@ -239,8 +235,8 @@ main (int argc, char **argv)
239 result = np_net_ssl_init(sd); 235 result = np_net_ssl_init(sd);
240 if(result != STATE_OK) { 236 if(result != STATE_OK) {
241 printf (_("CRITICAL - Cannot create SSL context.\n")); 237 printf (_("CRITICAL - Cannot create SSL context.\n"));
242 np_net_ssl_cleanup();
243 close(sd); 238 close(sd);
239 np_net_ssl_cleanup();
244 return STATE_CRITICAL; 240 return STATE_CRITICAL;
245 } else { 241 } else {
246 ssl_established = 1; 242 ssl_established = 1;
@@ -276,6 +272,7 @@ main (int argc, char **argv)
276# ifdef USE_OPENSSL 272# ifdef USE_OPENSSL
277 if ( check_cert ) { 273 if ( check_cert ) {
278 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 274 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
275 smtp_quit();
279 my_close(); 276 my_close();
280 return result; 277 return result;
281 } 278 }
@@ -581,11 +578,6 @@ process_arguments (int argc, char **argv)
581 usage4 (_("Timeout interval must be a positive integer")); 578 usage4 (_("Timeout interval must be a positive integer"));
582 } 579 }
583 break; 580 break;
584 case 'S':
585 /* starttls */
586 use_ssl = TRUE;
587 use_ehlo = TRUE;
588 break;
589 case 'D': 581 case 'D':
590 /* Check SSL cert validity */ 582 /* Check SSL cert validity */
591#ifdef USE_OPENSSL 583#ifdef USE_OPENSSL
@@ -607,9 +599,14 @@ process_arguments (int argc, char **argv)
607 days_till_exp_warn = atoi (optarg); 599 days_till_exp_warn = atoi (optarg);
608 } 600 }
609 check_cert = TRUE; 601 check_cert = TRUE;
602 ignore_send_quit_failure = TRUE;
610#else 603#else
611 usage (_("SSL support not available - install OpenSSL and recompile")); 604 usage (_("SSL support not available - install OpenSSL and recompile"));
612#endif 605#endif
606 case 'S':
607 /* starttls */
608 use_ssl = TRUE;
609 use_ehlo = TRUE;
613 break; 610 break;
614 case '4': 611 case '4':
615 address_family = AF_INET; 612 address_family = AF_INET;
@@ -763,10 +760,12 @@ recvlines(char *buf, size_t bufsize)
763int 760int
764my_close (void) 761my_close (void)
765{ 762{
763 int result;
764 result = close(sd);
766#ifdef HAVE_SSL 765#ifdef HAVE_SSL
767 np_net_ssl_cleanup(); 766 np_net_ssl_cleanup();
768#endif 767#endif
769 return close(sd); 768 return result;
770} 769}
771 770
772 771
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c
index 28cc44dd..da9638c4 100644
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -41,7 +41,6 @@ const char *email = "devel@monitoring-plugins.org";
41#define DEFAULT_PORT "161" 41#define DEFAULT_PORT "161"
42#define DEFAULT_MIBLIST "ALL" 42#define DEFAULT_MIBLIST "ALL"
43#define DEFAULT_PROTOCOL "1" 43#define DEFAULT_PROTOCOL "1"
44#define DEFAULT_TIMEOUT 1
45#define DEFAULT_RETRIES 5 44#define DEFAULT_RETRIES 5
46#define DEFAULT_AUTH_PROTOCOL "MD5" 45#define DEFAULT_AUTH_PROTOCOL "MD5"
47#define DEFAULT_PRIV_PROTOCOL "DES" 46#define DEFAULT_PRIV_PROTOCOL "DES"
@@ -153,7 +152,7 @@ state_data *previous_state;
153double *previous_value; 152double *previous_value;
154size_t previous_size = OID_COUNT_STEP; 153size_t previous_size = OID_COUNT_STEP;
155int perf_labels = 1; 154int perf_labels = 1;
156 155char* ip_version = "";
157 156
158static char *fix_snmp_range(char *th) 157static char *fix_snmp_range(char *th)
159{ 158{
@@ -227,7 +226,7 @@ main (int argc, char **argv)
227 outbuff = strdup (""); 226 outbuff = strdup ("");
228 delimiter = strdup (" = "); 227 delimiter = strdup (" = ");
229 output_delim = strdup (DEFAULT_OUTPUT_DELIMITER); 228 output_delim = strdup (DEFAULT_OUTPUT_DELIMITER);
230 timeout_interval = DEFAULT_TIMEOUT; 229 timeout_interval = DEFAULT_SOCKET_TIMEOUT;
231 retries = DEFAULT_RETRIES; 230 retries = DEFAULT_RETRIES;
232 231
233 np_init( (char *) progname, argc, argv ); 232 np_init( (char *) progname, argc, argv );
@@ -681,6 +680,8 @@ process_arguments (int argc, char **argv)
681 {"offset", required_argument, 0, L_OFFSET}, 680 {"offset", required_argument, 0, L_OFFSET},
682 {"invert-search", no_argument, 0, L_INVERT_SEARCH}, 681 {"invert-search", no_argument, 0, L_INVERT_SEARCH},
683 {"perf-oids", no_argument, 0, 'O'}, 682 {"perf-oids", no_argument, 0, 'O'},
683 {"ipv4", no_argument, 0, '4'},
684 {"ipv6", no_argument, 0, '6'},
684 {0, 0, 0, 0} 685 {0, 0, 0, 0}
685 }; 686 };
686 687
@@ -698,7 +699,7 @@ process_arguments (int argc, char **argv)
698 } 699 }
699 700
700 while (1) { 701 while (1) {
701 c = getopt_long (argc, argv, "nhvVOt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:", 702 c = getopt_long (argc, argv, "nhvVO46t:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:",
702 longopts, &option); 703 longopts, &option);
703 704
704 if (c == -1 || c == EOF) 705 if (c == -1 || c == EOF)
@@ -923,6 +924,13 @@ process_arguments (int argc, char **argv)
923 case 'O': 924 case 'O':
924 perf_labels=0; 925 perf_labels=0;
925 break; 926 break;
927 case '4':
928 break;
929 case '6':
930 xasprintf(&ip_version, "udp6:");
931 if(verbose>2)
932 printf("IPv6 detected! Will pass \"udp6:\" to snmpget.\n");
933 break;
926 } 934 }
927 } 935 }
928 936
@@ -1128,6 +1136,7 @@ print_help (void)
1128 1136
1129 printf (UT_HELP_VRSN); 1137 printf (UT_HELP_VRSN);
1130 printf (UT_EXTRA_OPTS); 1138 printf (UT_EXTRA_OPTS);
1139 printf (UT_IPv46);
1131 1140
1132 printf (UT_HOST_PORT, 'p', DEFAULT_PORT); 1141 printf (UT_HOST_PORT, 'p', DEFAULT_PORT);
1133 1142
@@ -1246,5 +1255,5 @@ print_usage (void)
1246 printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n"); 1255 printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n");
1247 printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n"); 1256 printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n");
1248 printf ("[-m miblist] [-P snmp version] [-N context] [-L seclevel] [-U secname]\n"); 1257 printf ("[-m miblist] [-P snmp version] [-N context] [-L seclevel] [-U secname]\n");
1249 printf ("[-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd]\n"); 1258 printf ("[-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd] [-4|6]\n");
1250} 1259}
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 6dc9aa96..61333bd7 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -247,8 +247,8 @@ main (int argc, char **argv)
247 } 247 }
248 } 248 }
249 if(result != STATE_OK){ 249 if(result != STATE_OK){
250 np_net_ssl_cleanup();
251 if(sd) close(sd); 250 if(sd) close(sd);
251 np_net_ssl_cleanup();
252 return result; 252 return result;
253 } 253 }
254#endif /* HAVE_SSL */ 254#endif /* HAVE_SSL */
@@ -321,10 +321,10 @@ main (int argc, char **argv)
321 if (server_quit != NULL) { 321 if (server_quit != NULL) {
322 my_send(server_quit, strlen(server_quit)); 322 my_send(server_quit, strlen(server_quit));
323 } 323 }
324 if (sd) close (sd);
324#ifdef HAVE_SSL 325#ifdef HAVE_SSL
325 np_net_ssl_cleanup(); 326 np_net_ssl_cleanup();
326#endif 327#endif
327 if (sd) close (sd);
328 328
329 microsec = deltime (tv); 329 microsec = deltime (tv);
330 elapsed_time = (double)microsec / 1.0e6; 330 elapsed_time = (double)microsec / 1.0e6;
diff --git a/plugins/check_ups.c b/plugins/check_ups.c
index dc5a348b..e9e56a51 100644
--- a/plugins/check_ups.c
+++ b/plugins/check_ups.c
@@ -242,8 +242,8 @@ main (int argc, char **argv)
242 } 242 }
243 xasprintf (&data, "%s %s", data, 243 xasprintf (&data, "%s %s", data,
244 perfdata ("battery", (long)ups_battery_percent, "%", 244 perfdata ("battery", (long)ups_battery_percent, "%",
245 check_warn, (long)(1000*warning_value), 245 check_warn, (long)(warning_value),
246 check_crit, (long)(1000*critical_value), 246 check_crit, (long)(critical_value),
247 TRUE, 0, TRUE, 100)); 247 TRUE, 0, TRUE, 100));
248 } else { 248 } else {
249 xasprintf (&data, "%s %s", data, 249 xasprintf (&data, "%s %s", data,
@@ -271,8 +271,8 @@ main (int argc, char **argv)
271 } 271 }
272 xasprintf (&data, "%s %s", data, 272 xasprintf (&data, "%s %s", data,
273 perfdata ("load", (long)ups_load_percent, "%", 273 perfdata ("load", (long)ups_load_percent, "%",
274 check_warn, (long)(1000*warning_value), 274 check_warn, (long)(warning_value),
275 check_crit, (long)(1000*critical_value), 275 check_crit, (long)(critical_value),
276 TRUE, 0, TRUE, 100)); 276 TRUE, 0, TRUE, 100));
277 } else { 277 } else {
278 xasprintf (&data, "%s %s", data, 278 xasprintf (&data, "%s %s", data,
@@ -308,8 +308,8 @@ main (int argc, char **argv)
308 } 308 }
309 xasprintf (&data, "%s %s", data, 309 xasprintf (&data, "%s %s", data,
310 perfdata ("temp", (long)ups_temperature, tunits, 310 perfdata ("temp", (long)ups_temperature, tunits,
311 check_warn, (long)(1000*warning_value), 311 check_warn, (long)(warning_value),
312 check_crit, (long)(1000*critical_value), 312 check_crit, (long)(critical_value),
313 TRUE, 0, FALSE, 0)); 313 TRUE, 0, FALSE, 0));
314 } else { 314 } else {
315 xasprintf (&data, "%s %s", data, 315 xasprintf (&data, "%s %s", data,
diff --git a/plugins/check_users.c b/plugins/check_users.c
index 54415a48..f6f4b362 100644
--- a/plugins/check_users.c
+++ b/plugins/check_users.c
@@ -54,15 +54,15 @@ int process_arguments (int, char **);
54void print_help (void); 54void print_help (void);
55void print_usage (void); 55void print_usage (void);
56 56
57int wusers = -1; 57char *warning_range = NULL;
58int cusers = -1; 58char *critical_range = NULL;
59thresholds *thlds = NULL;
59 60
60int 61int
61main (int argc, char **argv) 62main (int argc, char **argv)
62{ 63{
63 int users = -1; 64 int users = -1;
64 int result = STATE_UNKNOWN; 65 int result = STATE_UNKNOWN;
65 char *perf;
66#if HAVE_WTSAPI32_H 66#if HAVE_WTSAPI32_H
67 WTS_SESSION_INFO *wtsinfo; 67 WTS_SESSION_INFO *wtsinfo;
68 DWORD wtscount; 68 DWORD wtscount;
@@ -77,8 +77,6 @@ main (int argc, char **argv)
77 bindtextdomain (PACKAGE, LOCALEDIR); 77 bindtextdomain (PACKAGE, LOCALEDIR);
78 textdomain (PACKAGE); 78 textdomain (PACKAGE);
79 79
80 perf = strdup ("");
81
82 /* Parse extra opts if any */ 80 /* Parse extra opts if any */
83 argv = np_extra_opts (&argc, argv, progname); 81 argv = np_extra_opts (&argc, argv, progname);
84 82
@@ -160,23 +158,15 @@ main (int argc, char **argv)
160#endif 158#endif
161 159
162 /* check the user count against warning and critical thresholds */ 160 /* check the user count against warning and critical thresholds */
163 if (users > cusers) 161 result = get_status((double)users, thlds);
164 result = STATE_CRITICAL;
165 else if (users > wusers)
166 result = STATE_WARNING;
167 else if (users >= 0)
168 result = STATE_OK;
169 162
170 if (result == STATE_UNKNOWN) 163 if (result == STATE_UNKNOWN)
171 printf ("%s\n", _("Unable to read output")); 164 printf ("%s\n", _("Unable to read output"));
172 else { 165 else {
173 xasprintf (&perf, "%s", perfdata ("users", users, "", 166 printf (_("USERS %s - %d users currently logged in |%s\n"),
174 TRUE, wusers, 167 state_text(result), users,
175 TRUE, cusers, 168 sperfdata_int("users", users, "", warning_range,
176 TRUE, 0, 169 critical_range, TRUE, 0, FALSE, 0));
177 FALSE, 0));
178 printf (_("USERS %s - %d users currently logged in |%s\n"), state_text (result),
179 users, perf);
180 } 170 }
181 171
182 return result; 172 return result;
@@ -215,33 +205,27 @@ process_arguments (int argc, char **argv)
215 print_revision (progname, NP_VERSION); 205 print_revision (progname, NP_VERSION);
216 exit (STATE_UNKNOWN); 206 exit (STATE_UNKNOWN);
217 case 'c': /* critical */ 207 case 'c': /* critical */
218 if (!is_intnonneg (optarg)) 208 critical_range = optarg;
219 usage4 (_("Critical threshold must be a positive integer"));
220 else
221 cusers = atoi (optarg);
222 break; 209 break;
223 case 'w': /* warning */ 210 case 'w': /* warning */
224 if (!is_intnonneg (optarg)) 211 warning_range = optarg;
225 usage4 (_("Warning threshold must be a positive integer"));
226 else
227 wusers = atoi (optarg);
228 break; 212 break;
229 } 213 }
230 } 214 }
231 215
232 c = optind; 216 c = optind;
233 if (wusers == -1 && argc > c) { 217 if (warning_range == NULL && argc > c)
234 if (is_intnonneg (argv[c]) == FALSE) 218 warning_range = argv[c++];
235 usage4 (_("Warning threshold must be a positive integer")); 219 if (critical_range == NULL && argc > c)
236 else 220 critical_range = argv[c++];
237 wusers = atoi (argv[c++]); 221
238 } 222 /* this will abort in case of invalid ranges */
239 if (cusers == -1 && argc > c) { 223 set_thresholds (&thlds, warning_range, critical_range);
240 if (is_intnonneg (argv[c]) == FALSE) 224
241 usage4 (_("Warning threshold must be a positive integer")); 225 if (thlds->warning->end < 0)
242 else 226 usage4 (_("Warning threshold must be a positive integer"));
243 cusers = atoi (argv[c]); 227 if (thlds->critical->end < 0)
244 } 228 usage4 (_("Critical threshold must be a positive integer"));
245 229
246 return OK; 230 return OK;
247} 231}
diff --git a/plugins/common.h b/plugins/common.h
index 01003b3b..8719b502 100644
--- a/plugins/common.h
+++ b/plugins/common.h
@@ -161,6 +161,13 @@
161# endif 161# endif
162#endif 162#endif
163 163
164/* openssl 1.1 does not set OPENSSL_NO_SSL2 by default but ships without ssl2 */
165#ifdef OPENSSL_VERSION_NUMBER
166# if OPENSSL_VERSION_NUMBER >= 0x10100000
167# define OPENSSL_NO_SSL2
168# endif
169#endif
170
164/* 171/*
165 * 172 *
166 * Standard Values 173 * Standard Values
diff --git a/plugins/negate.c b/plugins/negate.c
index beaed1ea..b320e356 100644
--- a/plugins/negate.c
+++ b/plugins/negate.c
@@ -59,8 +59,8 @@ static int state[4] = {
59int 59int
60main (int argc, char **argv) 60main (int argc, char **argv)
61{ 61{
62 int found = 0, result = STATE_UNKNOWN; 62 int result = STATE_UNKNOWN;
63 char *buf, *sub; 63 char *sub;
64 char **command_line; 64 char **command_line;
65 output chld_out, chld_err; 65 output chld_out, chld_err;
66 int i; 66 int i;
diff --git a/plugins/netutils.c b/plugins/netutils.c
index 705aaf09..1bb4f076 100644
--- a/plugins/netutils.c
+++ b/plugins/netutils.c
@@ -359,20 +359,21 @@ is_addr (const char *address)
359} 359}
360 360
361int 361int
362resolve_host_or_addr (const char *address, int family) 362dns_lookup (const char *in, struct sockaddr_storage *ss, int family)
363{ 363{
364 struct addrinfo hints; 364 struct addrinfo hints;
365 struct addrinfo *res; 365 struct addrinfo *res;
366 int retval; 366 int retval;
367 367
368 memset (&hints, 0, sizeof (hints)); 368 memset (&hints, 0, sizeof(struct addrinfo));
369 hints.ai_family = family; 369 hints.ai_family = family;
370 retval = getaddrinfo (address, NULL, &hints, &res);
371 370
371 retval = getaddrinfo (in, NULL, &hints, &res);
372 if (retval != 0) 372 if (retval != 0)
373 return FALSE; 373 return FALSE;
374 else { 374
375 freeaddrinfo (res); 375 if (ss != NULL)
376 return TRUE; 376 memcpy (ss, res->ai_addr, res->ai_addrlen);
377 } 377 freeaddrinfo (res);
378 return TRUE;
378} 379}
diff --git a/plugins/netutils.h b/plugins/netutils.h
index c6fce901..d7ee0ddd 100644
--- a/plugins/netutils.h
+++ b/plugins/netutils.h
@@ -45,6 +45,10 @@
45# endif /* UNIX_PATH_MAX */ 45# endif /* UNIX_PATH_MAX */
46#endif /* HAVE_SYS_UN_H */ 46#endif /* HAVE_SYS_UN_H */
47 47
48#ifndef HOST_MAX_BYTES
49# define HOST_MAX_BYTES 255
50#endif
51
48/* process_request and wrapper macros */ 52/* process_request and wrapper macros */
49#define process_tcp_request(addr, port, sbuf, rbuf, rsize) \ 53#define process_tcp_request(addr, port, sbuf, rbuf, rsize) \
50 process_request(addr, port, IPPROTO_TCP, sbuf, rbuf, rsize) 54 process_request(addr, port, IPPROTO_TCP, sbuf, rbuf, rsize)
@@ -71,8 +75,9 @@ int send_request (int sd, int proto, const char *send_buffer, char *recv_buffer,
71/* "is_*" wrapper macros and functions */ 75/* "is_*" wrapper macros and functions */
72int is_host (const char *); 76int is_host (const char *);
73int is_addr (const char *); 77int is_addr (const char *);
74int resolve_host_or_addr (const char *, int); 78int dns_lookup (const char *, struct sockaddr_storage *, int);
75void host_or_die(const char *str); 79void host_or_die(const char *str);
80#define resolve_host_or_addr(addr, family) dns_lookup(addr, NULL, family)
76#define is_inet_addr(addr) resolve_host_or_addr(addr, AF_INET) 81#define is_inet_addr(addr) resolve_host_or_addr(addr, AF_INET)
77#ifdef USE_IPV6 82#ifdef USE_IPV6
78# define is_inet6_addr(addr) resolve_host_or_addr(addr, AF_INET6) 83# define is_inet6_addr(addr) resolve_host_or_addr(addr, AF_INET6)
@@ -91,6 +96,16 @@ RETSIGTYPE socket_timeout_alarm_handler (int) __attribute__((noreturn));
91 96
92/* SSL-Related functionality */ 97/* SSL-Related functionality */
93#ifdef HAVE_SSL 98#ifdef HAVE_SSL
99# define MP_SSLv2 1
100# define MP_SSLv3 2
101# define MP_TLSv1 3
102# define MP_TLSv1_1 4
103# define MP_TLSv1_2 5
104# define MP_SSLv2_OR_NEWER 6
105# define MP_SSLv3_OR_NEWER 7
106# define MP_TLSv1_OR_NEWER 8
107# define MP_TLSv1_1_OR_NEWER 9
108# define MP_TLSv1_2_OR_NEWER 10
94/* maybe this could be merged with the above np_net_connect, via some flags */ 109/* maybe this could be merged with the above np_net_connect, via some flags */
95int np_net_ssl_init(int sd); 110int np_net_ssl_init(int sd);
96int np_net_ssl_init_with_hostname(int sd, char *host_name); 111int np_net_ssl_init_with_hostname(int sd, char *host_name);
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index c9882c69..b412ef3d 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -49,28 +49,78 @@ int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int versi
49 49
50int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) { 50int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) {
51 SSL_METHOD *method = NULL; 51 SSL_METHOD *method = NULL;
52 long options = 0;
52 53
53 switch (version) { 54 switch (version) {
54 case 0: /* Deafult to auto negotiation */ 55 case MP_SSLv2: /* SSLv2 protocol */
55 method = SSLv23_client_method();
56 break;
57 case 1: /* TLSv1 protocol */
58 method = TLSv1_client_method();
59 break;
60 case 2: /* SSLv2 protocol */
61#if defined(USE_GNUTLS) || defined(OPENSSL_NO_SSL2) 56#if defined(USE_GNUTLS) || defined(OPENSSL_NO_SSL2)
62 printf(("%s\n", _("CRITICAL - SSL protocol version 2 is not supported by your SSL library."))); 57 printf("%s\n", _("UNKNOWN - SSL protocol version 2 is not supported by your SSL library."));
63 return STATE_CRITICAL; 58 return STATE_UNKNOWN;
64#else 59#else
65 method = SSLv2_client_method(); 60 method = SSLv2_client_method();
66#endif
67 break; 61 break;
68 case 3: /* SSLv3 protocol */ 62#endif
63 case MP_SSLv3: /* SSLv3 protocol */
64#if defined(OPENSSL_NO_SSL3)
65 printf("%s\n", _("UNKNOWN - SSL protocol version 3 is not supported by your SSL library."));
66 return STATE_UNKNOWN;
67#else
69 method = SSLv3_client_method(); 68 method = SSLv3_client_method();
70 break; 69 break;
71 default: /* Unsupported */ 70#endif
72 printf("%s\n", _("CRITICAL - Unsupported SSL protocol version.")); 71 case MP_TLSv1: /* TLSv1 protocol */
73 return STATE_CRITICAL; 72#if defined(OPENSSL_NO_TLS1)
73 printf("%s\n", _("UNKNOWN - TLS protocol version 1 is not supported by your SSL library."));
74 return STATE_UNKNOWN;
75#else
76 method = TLSv1_client_method();
77 break;
78#endif
79 case MP_TLSv1_1: /* TLSv1.1 protocol */
80#if !defined(SSL_OP_NO_TLSv1_1)
81 printf("%s\n", _("UNKNOWN - TLS protocol version 1.1 is not supported by your SSL library."));
82 return STATE_UNKNOWN;
83#else
84 method = TLSv1_1_client_method();
85 break;
86#endif
87 case MP_TLSv1_2: /* TLSv1.2 protocol */
88#if !defined(SSL_OP_NO_TLSv1_2)
89 printf("%s\n", _("UNKNOWN - TLS protocol version 1.2 is not supported by your SSL library."));
90 return STATE_UNKNOWN;
91#else
92 method = TLSv1_2_client_method();
93 break;
94#endif
95 case MP_TLSv1_2_OR_NEWER:
96#if !defined(SSL_OP_NO_TLSv1_1)
97 printf("%s\n", _("UNKNOWN - Disabling TLSv1.1 is not supported by your SSL library."));
98 return STATE_UNKNOWN;
99#else
100 options |= SSL_OP_NO_TLSv1_1;
101#endif
102 /* FALLTHROUGH */
103 case MP_TLSv1_1_OR_NEWER:
104#if !defined(SSL_OP_NO_TLSv1)
105 printf("%s\n", _("UNKNOWN - Disabling TLSv1 is not supported by your SSL library."));
106 return STATE_UNKNOWN;
107#else
108 options |= SSL_OP_NO_TLSv1;
109#endif
110 /* FALLTHROUGH */
111 case MP_TLSv1_OR_NEWER:
112#if defined(SSL_OP_NO_SSLv3)
113 options |= SSL_OP_NO_SSLv3;
114#endif
115 /* FALLTHROUGH */
116 case MP_SSLv3_OR_NEWER:
117#if defined(SSL_OP_NO_SSLv2)
118 options |= SSL_OP_NO_SSLv2;
119#endif
120 case MP_SSLv2_OR_NEWER:
121 /* FALLTHROUGH */
122 default: /* Default to auto negotiation */
123 method = SSLv23_client_method();
74 } 124 }
75 if (!initialized) { 125 if (!initialized) {
76 /* Initialize SSL context */ 126 /* Initialize SSL context */
@@ -94,8 +144,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
94#endif 144#endif
95 } 145 }
96#ifdef SSL_OP_NO_TICKET 146#ifdef SSL_OP_NO_TICKET
97 SSL_CTX_set_options(c, SSL_OP_NO_TICKET); 147 options |= SSL_OP_NO_TICKET;
98#endif 148#endif
149 SSL_CTX_set_options(c, options);
99 SSL_CTX_set_mode(c, SSL_MODE_AUTO_RETRY); 150 SSL_CTX_set_mode(c, SSL_MODE_AUTO_RETRY);
100 if ((s = SSL_new(c)) != NULL) { 151 if ((s = SSL_new(c)) != NULL) {
101#ifdef SSL_set_tlsext_host_name 152#ifdef SSL_set_tlsext_host_name
@@ -146,6 +197,7 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
146 X509_NAME *subj=NULL; 197 X509_NAME *subj=NULL;
147 char timestamp[50] = ""; 198 char timestamp[50] = "";
148 char cn[MAX_CN_LENGTH]= ""; 199 char cn[MAX_CN_LENGTH]= "";
200 char *tz;
149 201
150 int cnlen =-1; 202 int cnlen =-1;
151 int status=STATE_UNKNOWN; 203 int status=STATE_UNKNOWN;
@@ -213,10 +265,18 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
213 (tm->data[10 + offset] - '0') * 10 + (tm->data[11 + offset] - '0'); 265 (tm->data[10 + offset] - '0') * 10 + (tm->data[11 + offset] - '0');
214 stamp.tm_isdst = -1; 266 stamp.tm_isdst = -1;
215 267
216 time_left = difftime(timegm(&stamp), time(NULL)); 268 tm_t = timegm(&stamp);
269 time_left = difftime(tm_t, time(NULL));
217 days_left = time_left / 86400; 270 days_left = time_left / 86400;
218 tm_t = mktime (&stamp); 271 tz = getenv("TZ");
219 strftime(timestamp, 50, "%c", localtime(&tm_t)); 272 setenv("TZ", "GMT", 1);
273 tzset();
274 strftime(timestamp, 50, "%c %z", localtime(&tm_t));
275 if (tz)
276 setenv("TZ", tz, 1);
277 else
278 unsetenv("TZ");
279 tzset();
220 280
221 if (days_left > 0 && days_left <= days_till_exp_warn) { 281 if (days_left > 0 && days_left <= days_till_exp_warn) {
222 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); 282 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp);
diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis
index fe8aabdb..5d9c5ff7 100644
--- a/plugins/t/NPTest.cache.travis
+++ b/plugins/t/NPTest.cache.travis
@@ -11,7 +11,7 @@
11 'NP_HOST_NONRESPONSIVE' => '10.0.0.1', 11 'NP_HOST_NONRESPONSIVE' => '10.0.0.1',
12 'NP_HOST_RESPONSIVE' => 'localhost', 12 'NP_HOST_RESPONSIVE' => 'localhost',
13 'NP_HOST_SMB' => '', 13 'NP_HOST_SMB' => '',
14 'NP_HOST_SNMP' => '', 14 'NP_HOST_SNMP' => 'localhost',
15 'NP_HOST_TCP_FTP' => '', 15 'NP_HOST_TCP_FTP' => '',
16 'NP_HOST_TCP_HPJD' => '', 16 'NP_HOST_TCP_HPJD' => '',
17 'NP_HOST_HPJD_PORT_INVALID' => '161', 17 'NP_HOST_HPJD_PORT_INVALID' => '161',
@@ -39,7 +39,7 @@
39 'NP_SMB_SHARE_SPC' => '', 39 'NP_SMB_SHARE_SPC' => '',
40 'NP_SMB_VALID_USER' => '', 40 'NP_SMB_VALID_USER' => '',
41 'NP_SMB_VALID_USER_PASS' => '', 41 'NP_SMB_VALID_USER_PASS' => '',
42 'NP_SNMP_COMMUNITY' => '', 42 'NP_SNMP_COMMUNITY' => 'public',
43 'NP_SSH_CONFIGFILE' => '~/.ssh/config', 43 'NP_SSH_CONFIGFILE' => '~/.ssh/config',
44 'NP_SSH_HOST' => 'localhost', 44 'NP_SSH_HOST' => 'localhost',
45 'NP_SSH_IDENTITY' => '~/.ssh/id_dsa', 45 'NP_SSH_IDENTITY' => '~/.ssh/id_dsa',
diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t
index c2caec60..5a90f02a 100644
--- a/plugins/t/check_http.t
+++ b/plugins/t/check_http.t
@@ -9,7 +9,7 @@ use Test::More;
9use POSIX qw/mktime strftime/; 9use POSIX qw/mktime strftime/;
10use NPTest; 10use NPTest;
11 11
12plan tests => 42; 12plan tests => 49;
13 13
14my $successOutput = '/OK.*HTTP.*second/'; 14my $successOutput = '/OK.*HTTP.*second/';
15 15
@@ -64,6 +64,32 @@ cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" );
64# Is also possible to get a socket timeout if DNS is not responding fast enough 64# Is also possible to get a socket timeout if DNS is not responding fast enough
65like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK"); 65like( $res->output, "/Unable to open TCP socket|Socket timeout after/", "Output OK");
66 66
67# host header checks
68$res = NPTest->testCmd("./check_http -v -H $host_tcp_http");
69like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" );
70
71$res = NPTest->testCmd("./check_http -v -H $host_tcp_http -p 80");
72like( $res->output, '/^Host: '.$host_tcp_http.'\s*$/ms', "Host Header OK" );
73
74$res = NPTest->testCmd("./check_http -v -H $host_tcp_http:8080 -p 80");
75like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" );
76
77$res = NPTest->testCmd("./check_http -v -H $host_tcp_http:8080 -p 80");
78like( $res->output, '/^Host: '.$host_tcp_http.':8080\s*$/ms', "Host Header OK" );
79
80SKIP: {
81 skip "No internet access", 3 if $internet_access eq "no";
82
83 $res = NPTest->testCmd("./check_http -v -H www.verisign.com -S");
84 like( $res->output, '/^Host: www.verisign.com\s*$/ms', "Host Header OK" );
85
86 $res = NPTest->testCmd("./check_http -v -H www.verisign.com:8080 -S -p 443");
87 like( $res->output, '/^Host: www.verisign.com:8080\s*$/ms', "Host Header OK" );
88
89 $res = NPTest->testCmd("./check_http -v -H www.verisign.com:443 -S -p 443");
90 like( $res->output, '/^Host: www.verisign.com\s*$/ms', "Host Header OK" );
91};
92
67SKIP: { 93SKIP: {
68 skip "No host serving monitoring in index file", 7 unless $host_tcp_http2; 94 skip "No host serving monitoring in index file", 7 unless $host_tcp_http2;
69 95
@@ -121,9 +147,9 @@ SKIP: {
121 $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 www.verisign.com"); 147 $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 www.verisign.com");
122 like($res->output, qr/OK - Certificate 'www.verisign.com' will expire on/, "Catch cert output"); 148 like($res->output, qr/OK - Certificate 'www.verisign.com' will expire on/, "Catch cert output");
123 is( $res->return_code, 0, "Catch cert output exit code" ); 149 is( $res->return_code, 0, "Catch cert output exit code" );
124 my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)\./); 150 my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/);
125 if(!defined $year) { 151 if(!defined $year) {
126 die("parsing date failed from: ".$res); 152 die("parsing date failed from: ".$res->output);
127 } 153 }
128 my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; 154 my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11};
129 my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); 155 my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900);
@@ -154,7 +180,7 @@ SKIP: {
154 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); 180 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' );
155 181
156 $res = NPTest->testCmd( 182 $res = NPTest->testCmd(
157 "./check_http --ssl www.e-paycobalt.com" 183 "./check_http --ssl -H www.e-paycobalt.com"
158 ); 184 );
159 cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); 185 cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" );
160 186
diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t
index 2d6c44a7..eff46ea1 100644
--- a/plugins/t/check_snmp.t
+++ b/plugins/t/check_snmp.t
@@ -10,7 +10,7 @@ use NPTest;
10 10
11BEGIN { 11BEGIN {
12 plan skip_all => 'check_snmp is not compiled' unless -x "./check_snmp"; 12 plan skip_all => 'check_snmp is not compiled' unless -x "./check_snmp";
13 plan tests => 61; 13 plan tests => 63;
14} 14}
15 15
16my $res; 16my $res;
@@ -45,7 +45,7 @@ is( $res->return_code, 3, "Invalid protocol" );
45like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" ); 45like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" );
46 46
47SKIP: { 47SKIP: {
48 skip "no snmp host defined", 48 if ( ! $host_snmp ); 48 skip "no snmp host defined", 50 if ( ! $host_snmp );
49 49
50 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:"); 50 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:");
51 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" ); 51 cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" );
@@ -153,6 +153,10 @@ SKIP: {
153 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0"); 153 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0");
154 cmp_ok( $res->return_code, '==', 0, "Timetick used as a string"); 154 cmp_ok( $res->return_code, '==', 0, "Timetick used as a string");
155 like($res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "Timetick used as a string, result printed rather than parsed"); 155 like($res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "Timetick used as a string, result printed rather than parsed");
156
157 $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunParameters.1");
158 cmp_ok( $res->return_code, '==', 0, "Timetick used as a string");
159 is( $res->output, 'SNMP OK - "" | ', "snmp response without datatype" );
156} 160}
157 161
158SKIP: { 162SKIP: {
@@ -166,8 +170,8 @@ SKIP: {
166SKIP: { 170SKIP: {
167 skip "no non responsive host defined", 2 if ( ! $host_nonresponsive ); 171 skip "no non responsive host defined", 2 if ( ! $host_nonresponsive );
168 $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); 172 $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:");
169 cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" ); 173 cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL with non responsive host" );
170 like($res->output, '/External command error: Timeout: No Response from /', "String matches timeout problem"); 174 like($res->output, '/Plugin timed out while executing system call/', "String matches timeout problem");
171} 175}
172 176
173SKIP: { 177SKIP: {
diff --git a/plugins/t/check_users.t b/plugins/t/check_users.t
index 39044bb5..088f3b52 100644
--- a/plugins/t/check_users.t
+++ b/plugins/t/check_users.t
@@ -13,7 +13,7 @@ use Test;
13use NPTest; 13use NPTest;
14 14
15use vars qw($tests); 15use vars qw($tests);
16BEGIN {$tests = 4; plan tests => $tests} 16BEGIN {$tests = 8; plan tests => $tests}
17 17
18my $successOutput = '/^USERS OK - [0-9]+ users currently logged in/'; 18my $successOutput = '/^USERS OK - [0-9]+ users currently logged in/';
19my $failureOutput = '/^USERS CRITICAL - [0-9]+ users currently logged in/'; 19my $failureOutput = '/^USERS CRITICAL - [0-9]+ users currently logged in/';
@@ -22,6 +22,8 @@ my $t;
22 22
23$t += checkCmd( "./check_users 1000 1000", 0, $successOutput ); 23$t += checkCmd( "./check_users 1000 1000", 0, $successOutput );
24$t += checkCmd( "./check_users 0 0", 2, $failureOutput ); 24$t += checkCmd( "./check_users 0 0", 2, $failureOutput );
25$t += checkCmd( "./check_users -w 0:1000 -c 0:1000", 0, $successOutput );
26$t += checkCmd( "./check_users -w 0:0 -c 0:0", 2, $failureOutput );
25 27
26exit(0) if defined($Test::Harness::VERSION); 28exit(0) if defined($Test::Harness::VERSION);
27exit($tests - $t); 29exit($tests - $t);
diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t
index e72d243a..1bc0ecb7 100755
--- a/plugins/tests/check_http.t
+++ b/plugins/tests/check_http.t
@@ -17,6 +17,8 @@ use Test::More;
17use NPTest; 17use NPTest;
18use FindBin qw($Bin); 18use FindBin qw($Bin);
19 19
20$ENV{'LC_TIME'} = "C";
21
20my $common_tests = 70; 22my $common_tests = 70;
21my $ssl_only_tests = 8; 23my $ssl_only_tests = 8;
22# Check that all dependent modules are available 24# Check that all dependent modules are available
@@ -186,21 +188,21 @@ SKIP: {
186 188
187 $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); 189 $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
188 is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); 190 is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
189 is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:28 2019.', "output ok" ); 191 is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:28 2019 +0000.', "output ok" );
190 192
191 $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); 193 $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
192 is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); 194 is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
193 like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019\)./', "output ok" ); 195 like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" );
194 196
195 # Expired cert tests 197 # Expired cert tests
196 $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" ); 198 $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" );
197 is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" ); 199 is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" );
198 like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019\)./', "output ok" ); 200 like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" );
199 201
200 $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); 202 $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
201 is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); 203 is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
202 is( $result->output, 204 is( $result->output,
203 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:16 2009.', 205 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:16 2009 +0000.',
204 "output ok" ); 206 "output ok" );
205 207
206} 208}
diff --git a/plugins/utils.c b/plugins/utils.c
index a864e4aa..231af92b 100644
--- a/plugins/utils.c
+++ b/plugins/utils.c
@@ -668,3 +668,44 @@ char *sperfdata (const char *label,
668 668
669 return data; 669 return data;
670} 670}
671
672char *sperfdata_int (const char *label,
673 int val,
674 const char *uom,
675 char *warn,
676 char *crit,
677 int minp,
678 int minv,
679 int maxp,
680 int maxv)
681{
682 char *data = NULL;
683 if (strpbrk (label, "'= "))
684 xasprintf (&data, "'%s'=", label);
685 else
686 xasprintf (&data, "%s=", label);
687
688 xasprintf (&data, "%s%d", data, val);
689 xasprintf (&data, "%s%s;", data, uom);
690
691 if (warn!=NULL)
692 xasprintf (&data, "%s%s", data, warn);
693
694 xasprintf (&data, "%s;", data);
695
696 if (crit!=NULL)
697 xasprintf (&data, "%s%s", data, crit);
698
699 xasprintf (&data, "%s;", data);
700
701 if (minp)
702 xasprintf (&data, "%s%d", data, minv);
703
704 if (maxp) {
705 xasprintf (&data, "%s;", data);
706 xasprintf (&data, "%s%d", data, maxv);
707 }
708
709 return data;
710}
711
diff --git a/plugins/utils.h b/plugins/utils.h
index 4c4aaccc..a436e1ca 100644
--- a/plugins/utils.h
+++ b/plugins/utils.h
@@ -94,29 +94,17 @@ const char *state_text (int);
94#define max(a,b) (((a)>(b))?(a):(b)) 94#define max(a,b) (((a)>(b))?(a):(b))
95#define min(a,b) (((a)<(b))?(a):(b)) 95#define min(a,b) (((a)<(b))?(a):(b))
96 96
97char *perfdata (const char *, 97char *perfdata (const char *, long int, const char *, int, long int,
98 long int, 98 int, long int, int, long int, int, long int);
99 const char *, 99
100 int, 100char *fperfdata (const char *, double, const char *, int, double,
101 long int, 101 int, double, int, double, int, double);
102 int, 102
103 long int, 103char *sperfdata (const char *, double, const char *, char *, char *,
104 int, 104 int, double, int, double);
105 long int, 105
106 int, 106char *sperfdata_int (const char *, int, const char *, char *, char *,
107 long int); 107 int, int, int, int);
108
109char *fperfdata (const char *,
110 double,
111 const char *,
112 int,
113 double,
114 int,
115 double,
116 int,
117 double,
118 int,
119 double);
120 108
121/* The idea here is that, although not every plugin will use all of these, 109/* The idea here is that, although not every plugin will use all of these,
122 most will or should. Therefore, for consistency, these very common 110 most will or should. Therefore, for consistency, these very common