summaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'plugins')
-rw-r--r--plugins/Makefile.am2
-rw-r--r--plugins/check_apt.c4
-rw-r--r--plugins/check_by_ssh.c4
-rw-r--r--plugins/check_cluster.c2
-rw-r--r--plugins/check_dbi.c4
-rw-r--r--plugins/check_dig.c4
-rw-r--r--plugins/check_disk.c47
-rw-r--r--plugins/check_dns.c4
-rw-r--r--plugins/check_dummy.c4
-rw-r--r--plugins/check_fping.c6
-rw-r--r--plugins/check_game.c4
-rw-r--r--plugins/check_hpjd.c4
-rw-r--r--plugins/check_http.c108
-rw-r--r--plugins/check_ide_smart.c6
-rw-r--r--plugins/check_ldap.c99
-rw-r--r--plugins/check_load.c4
-rw-r--r--plugins/check_mrtg.c4
-rw-r--r--plugins/check_mrtgtraf.c18
-rw-r--r--plugins/check_mysql.c4
-rw-r--r--plugins/check_mysql_query.c4
-rw-r--r--plugins/check_nagios.c4
-rw-r--r--plugins/check_nt.c55
-rw-r--r--plugins/check_ntp.c4
-rw-r--r--plugins/check_ntp_peer.c4
-rw-r--r--plugins/check_ntp_time.c4
-rw-r--r--plugins/check_nwstat.c4
-rw-r--r--plugins/check_overcr.c4
-rw-r--r--plugins/check_pgsql.c4
-rw-r--r--plugins/check_ping.c4
-rw-r--r--plugins/check_procs.c4
-rw-r--r--plugins/check_radius.c4
-rw-r--r--plugins/check_real.c12
-rw-r--r--plugins/check_smtp.c17
-rw-r--r--plugins/check_snmp.c61
-rw-r--r--plugins/check_ssh.c16
-rw-r--r--plugins/check_swap.c7
-rw-r--r--plugins/check_tcp.c9
-rw-r--r--plugins/check_time.c4
-rw-r--r--plugins/check_ups.c4
-rw-r--r--plugins/check_users.c4
-rw-r--r--plugins/netutils.c12
-rw-r--r--plugins/netutils.h10
-rw-r--r--plugins/sslutils.c113
-rw-r--r--plugins/t/NPTest.cache.travis2
-rw-r--r--plugins/t/check_http.t43
-rw-r--r--plugins/t/check_ldap.t80
-rwxr-xr-xplugins/tests/check_http.t8
-rwxr-xr-xplugins/tests/check_snmp.t22
-rw-r--r--plugins/utils.c42
49 files changed, 678 insertions, 219 deletions
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index 0ddf9bd1..41906c53 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -71,7 +71,7 @@ check_apt_LDADD = $(BASEOBJS)
71check_cluster_LDADD = $(BASEOBJS) 71check_cluster_LDADD = $(BASEOBJS)
72check_dbi_LDADD = $(NETLIBS) $(DBILIBS) 72check_dbi_LDADD = $(NETLIBS) $(DBILIBS)
73check_dig_LDADD = $(NETLIBS) 73check_dig_LDADD = $(NETLIBS)
74check_disk_LDADD = $(BASEOBJS) 74check_disk_LDADD = $(BASEOBJS) $(THREADLIBS)
75check_dns_LDADD = $(NETLIBS) 75check_dns_LDADD = $(NETLIBS)
76check_dummy_LDADD = $(BASEOBJS) 76check_dummy_LDADD = $(BASEOBJS)
77check_fping_LDADD = $(NETLIBS) 77check_fping_LDADD = $(NETLIBS)
diff --git a/plugins/check_apt.c b/plugins/check_apt.c
index 8747f904..a639a411 100644
--- a/plugins/check_apt.c
+++ b/plugins/check_apt.c
@@ -160,10 +160,10 @@ int process_arguments (int argc, char **argv) {
160 switch(c) { 160 switch(c) {
161 case 'h': 161 case 'h':
162 print_help(); 162 print_help();
163 exit(STATE_OK); 163 exit(STATE_UNKNOWN);
164 case 'V': 164 case 'V':
165 print_revision(progname, NP_VERSION); 165 print_revision(progname, NP_VERSION);
166 exit(STATE_OK); 166 exit(STATE_UNKNOWN);
167 case 'v': 167 case 'v':
168 verbose++; 168 verbose++;
169 break; 169 break;
diff --git a/plugins/check_by_ssh.c b/plugins/check_by_ssh.c
index a877f888..04bce38d 100644
--- a/plugins/check_by_ssh.c
+++ b/plugins/check_by_ssh.c
@@ -209,10 +209,10 @@ process_arguments (int argc, char **argv)
209 switch (c) { 209 switch (c) {
210 case 'V': /* version */ 210 case 'V': /* version */
211 print_revision (progname, NP_VERSION); 211 print_revision (progname, NP_VERSION);
212 exit (STATE_OK); 212 exit (STATE_UNKNOWN);
213 case 'h': /* help */ 213 case 'h': /* help */
214 print_help (); 214 print_help ();
215 exit (STATE_OK); 215 exit (STATE_UNKNOWN);
216 case 'v': /* help */ 216 case 'v': /* help */
217 verbose = TRUE; 217 verbose = TRUE;
218 break; 218 break;
diff --git a/plugins/check_cluster.c b/plugins/check_cluster.c
index cf699e1f..b86e501d 100644
--- a/plugins/check_cluster.c
+++ b/plugins/check_cluster.c
@@ -200,7 +200,7 @@ int process_arguments(int argc, char **argv){
200 200
201 case 'V': /* version */ 201 case 'V': /* version */
202 print_revision (progname, NP_VERSION); 202 print_revision (progname, NP_VERSION);
203 exit (STATE_OK); 203 exit (STATE_UNKNOWN);
204 break; 204 break;
205 205
206 case 'H': /* help */ 206 case 'H': /* help */
diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c
index a3d033f4..826eb8d9 100644
--- a/plugins/check_dbi.c
+++ b/plugins/check_dbi.c
@@ -368,10 +368,10 @@ process_arguments (int argc, char **argv)
368 usage5 (); 368 usage5 ();
369 case 'h': /* help */ 369 case 'h': /* help */
370 print_help (); 370 print_help ();
371 exit (STATE_OK); 371 exit (STATE_UNKNOWN);
372 case 'V': /* version */ 372 case 'V': /* version */
373 print_revision (progname, NP_VERSION); 373 print_revision (progname, NP_VERSION);
374 exit (STATE_OK); 374 exit (STATE_UNKNOWN);
375 375
376 case 'c': /* critical range */ 376 case 'c': /* critical range */
377 critical_range = optarg; 377 critical_range = optarg;
diff --git a/plugins/check_dig.c b/plugins/check_dig.c
index d899b119..db4b20eb 100644
--- a/plugins/check_dig.c
+++ b/plugins/check_dig.c
@@ -223,10 +223,10 @@ process_arguments (int argc, char **argv)
223 switch (c) { 223 switch (c) {
224 case 'h': /* help */ 224 case 'h': /* help */
225 print_help (); 225 print_help ();
226 exit (STATE_OK); 226 exit (STATE_UNKNOWN);
227 case 'V': /* version */ 227 case 'V': /* version */
228 print_revision (progname, NP_VERSION); 228 print_revision (progname, NP_VERSION);
229 exit (STATE_OK); 229 exit (STATE_UNKNOWN);
230 case 'H': /* hostname */ 230 case 'H': /* hostname */
231 host_or_die(optarg); 231 host_or_die(optarg);
232 dns_server = optarg; 232 dns_server = optarg;
diff --git a/plugins/check_disk.c b/plugins/check_disk.c
index 0d73a4f1..9693bad3 100644
--- a/plugins/check_disk.c
+++ b/plugins/check_disk.c
@@ -51,6 +51,9 @@ const char *email = "devel@monitoring-plugins.org";
51# include <limits.h> 51# include <limits.h>
52#endif 52#endif
53#include "regex.h" 53#include "regex.h"
54#if HAVE_PTHREAD_H
55# include <pthread.h>
56#endif
54 57
55#ifdef __CYGWIN__ 58#ifdef __CYGWIN__
56# include <windows.h> 59# include <windows.h>
@@ -130,6 +133,7 @@ void print_help (void);
130void print_usage (void); 133void print_usage (void);
131double calculate_percent(uintmax_t, uintmax_t); 134double calculate_percent(uintmax_t, uintmax_t);
132void stat_path (struct parameter_list *p); 135void stat_path (struct parameter_list *p);
136void *do_stat_path (void *p);
133void get_stats (struct parameter_list *p, struct fs_usage *fsp); 137void get_stats (struct parameter_list *p, struct fs_usage *fsp);
134void get_path_stats (struct parameter_list *p, struct fs_usage *fsp); 138void get_path_stats (struct parameter_list *p, struct fs_usage *fsp);
135 139
@@ -762,10 +766,10 @@ process_arguments (int argc, char **argv)
762 break; 766 break;
763 case 'V': /* version */ 767 case 'V': /* version */
764 print_revision (progname, NP_VERSION); 768 print_revision (progname, NP_VERSION);
765 exit (STATE_OK); 769 exit (STATE_UNKNOWN);
766 case 'h': /* help */ 770 case 'h': /* help */
767 print_help (); 771 print_help ();
768 exit (STATE_OK); 772 exit (STATE_UNKNOWN);
769 case '?': /* help */ 773 case '?': /* help */
770 usage (_("Unknown argument")); 774 usage (_("Unknown argument"));
771 } 775 }
@@ -968,6 +972,44 @@ print_usage (void)
968void 972void
969stat_path (struct parameter_list *p) 973stat_path (struct parameter_list *p)
970{ 974{
975#ifdef HAVE_PTHREAD_H
976 pthread_t stat_thread;
977 int statdone = 0;
978 int timer = timeout_interval;
979 struct timespec req, rem;
980
981 req.tv_sec = 0;
982 pthread_create(&stat_thread, NULL, do_stat_path, p);
983 while (timer-- > 0) {
984 req.tv_nsec = 10000000;
985 nanosleep(&req, &rem);
986 if (pthread_kill(stat_thread, 0)) {
987 statdone = 1;
988 break;
989 } else {
990 req.tv_nsec = 990000000;
991 nanosleep(&req, &rem);
992 }
993 }
994 if (statdone == 1) {
995 pthread_join(stat_thread, NULL);
996 } else {
997 pthread_detach(stat_thread);
998 if (verbose >= 3)
999 printf("stat did not return within %ds on %s\n", timeout_interval, p->name);
1000 printf("DISK %s - ", _("CRITICAL"));
1001 die (STATE_CRITICAL, _("%s %s: %s\n"), p->name, _("hangs"), _("Timeout"));
1002 }
1003#else
1004 do_stat_path(p);
1005#endif
1006}
1007
1008void *
1009do_stat_path (void *in)
1010{
1011 struct parameter_list *p = in;
1012
971 /* Stat entry to check that dir exists and is accessible */ 1013 /* Stat entry to check that dir exists and is accessible */
972 if (verbose >= 3) 1014 if (verbose >= 3)
973 printf("calling stat on %s\n", p->name); 1015 printf("calling stat on %s\n", p->name);
@@ -977,6 +1019,7 @@ stat_path (struct parameter_list *p)
977 printf("DISK %s - ", _("CRITICAL")); 1019 printf("DISK %s - ", _("CRITICAL"));
978 die (STATE_CRITICAL, _("%s %s: %s\n"), p->name, _("is not accessible"), strerror(errno)); 1020 die (STATE_CRITICAL, _("%s %s: %s\n"), p->name, _("is not accessible"), strerror(errno));
979 } 1021 }
1022 return NULL;
980} 1023}
981 1024
982 1025
diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index 22121226..d6bd2c0f 100644
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
@@ -395,10 +395,10 @@ process_arguments (int argc, char **argv)
395 switch (c) { 395 switch (c) {
396 case 'h': /* help */ 396 case 'h': /* help */
397 print_help (); 397 print_help ();
398 exit (STATE_OK); 398 exit (STATE_UNKNOWN);
399 case 'V': /* version */ 399 case 'V': /* version */
400 print_revision (progname, NP_VERSION); 400 print_revision (progname, NP_VERSION);
401 exit (STATE_OK); 401 exit (STATE_UNKNOWN);
402 case 'v': /* version */ 402 case 'v': /* version */
403 verbose = TRUE; 403 verbose = TRUE;
404 break; 404 break;
diff --git a/plugins/check_dummy.c b/plugins/check_dummy.c
index 3ed68717..212a1344 100644
--- a/plugins/check_dummy.c
+++ b/plugins/check_dummy.c
@@ -52,11 +52,11 @@ main (int argc, char **argv)
52 usage4 (_("Could not parse arguments")); 52 usage4 (_("Could not parse arguments"));
53 else if (strcmp (argv[1], "-V") == 0 || strcmp (argv[1], "--version") == 0) { 53 else if (strcmp (argv[1], "-V") == 0 || strcmp (argv[1], "--version") == 0) {
54 print_revision (progname, NP_VERSION); 54 print_revision (progname, NP_VERSION);
55 exit (STATE_OK); 55 exit (STATE_UNKNOWN);
56 } 56 }
57 else if (strcmp (argv[1], "-h") == 0 || strcmp (argv[1], "--help") == 0) { 57 else if (strcmp (argv[1], "-h") == 0 || strcmp (argv[1], "--help") == 0) {
58 print_help (); 58 print_help ();
59 exit (STATE_OK); 59 exit (STATE_UNKNOWN);
60 } 60 }
61 else if (!is_integer (argv[1])) 61 else if (!is_integer (argv[1]))
62 usage4 (_("Arguments to check_dummy must be an integer")); 62 usage4 (_("Arguments to check_dummy must be an integer"));
diff --git a/plugins/check_fping.c b/plugins/check_fping.c
index 46046b4f..da1ce1a6 100644
--- a/plugins/check_fping.c
+++ b/plugins/check_fping.c
@@ -105,7 +105,7 @@ main (int argc, char **argv)
105 xasprintf(&option_string, "%s-I %s ", option_string, sourceif); 105 xasprintf(&option_string, "%s-I %s ", option_string, sourceif);
106 106
107#ifdef PATH_TO_FPING6 107#ifdef PATH_TO_FPING6
108 if (address_family == AF_INET6) 108 if (address_family != AF_INET && is_inet6_addr(server))
109 fping_prog = strdup(PATH_TO_FPING6); 109 fping_prog = strdup(PATH_TO_FPING6);
110 else 110 else
111 fping_prog = strdup(PATH_TO_FPING); 111 fping_prog = strdup(PATH_TO_FPING);
@@ -314,10 +314,10 @@ process_arguments (int argc, char **argv)
314 usage5 (); 314 usage5 ();
315 case 'h': /* help */ 315 case 'h': /* help */
316 print_help (); 316 print_help ();
317 exit (STATE_OK); 317 exit (STATE_UNKNOWN);
318 case 'V': /* version */ 318 case 'V': /* version */
319 print_revision (progname, NP_VERSION); 319 print_revision (progname, NP_VERSION);
320 exit (STATE_OK); 320 exit (STATE_UNKNOWN);
321 case 'v': /* verbose mode */ 321 case 'v': /* verbose mode */
322 verbose = TRUE; 322 verbose = TRUE;
323 break; 323 break;
diff --git a/plugins/check_game.c b/plugins/check_game.c
index 29e59e2f..709dae1b 100644
--- a/plugins/check_game.c
+++ b/plugins/check_game.c
@@ -196,10 +196,10 @@ process_arguments (int argc, char **argv)
196 switch (c) { 196 switch (c) {
197 case 'h': /* help */ 197 case 'h': /* help */
198 print_help (); 198 print_help ();
199 exit (STATE_OK); 199 exit (STATE_UNKNOWN);
200 case 'V': /* version */ 200 case 'V': /* version */
201 print_revision (progname, NP_VERSION); 201 print_revision (progname, NP_VERSION);
202 exit (STATE_OK); 202 exit (STATE_UNKNOWN);
203 case 'v': /* version */ 203 case 'v': /* version */
204 verbose = TRUE; 204 verbose = TRUE;
205 break; 205 break;
diff --git a/plugins/check_hpjd.c b/plugins/check_hpjd.c
index 5fe06984..f159f5a2 100644
--- a/plugins/check_hpjd.c
+++ b/plugins/check_hpjd.c
@@ -350,10 +350,10 @@ process_arguments (int argc, char **argv)
350 break; 350 break;
351 case 'V': /* version */ 351 case 'V': /* version */
352 print_revision (progname, NP_VERSION); 352 print_revision (progname, NP_VERSION);
353 exit (STATE_OK); 353 exit (STATE_UNKNOWN);
354 case 'h': /* help */ 354 case 'h': /* help */
355 print_help (); 355 print_help ();
356 exit (STATE_OK); 356 exit (STATE_UNKNOWN);
357 case '?': /* help */ 357 case '?': /* help */
358 usage5 (); 358 usage5 ();
359 } 359 }
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 51679975..2038f4a1 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -267,11 +267,11 @@ process_arguments (int argc, char **argv)
267 break; 267 break;
268 case 'h': /* help */ 268 case 'h': /* help */
269 print_help (); 269 print_help ();
270 exit (STATE_OK); 270 exit (STATE_UNKNOWN);
271 break; 271 break;
272 case 'V': /* version */ 272 case 'V': /* version */
273 print_revision (progname, NP_VERSION); 273 print_revision (progname, NP_VERSION);
274 exit (STATE_OK); 274 exit (STATE_UNKNOWN);
275 break; 275 break;
276 case 't': /* timeout period */ 276 case 't': /* timeout period */
277 if (!is_intnonneg (optarg)) 277 if (!is_intnonneg (optarg))
@@ -343,9 +343,20 @@ process_arguments (int argc, char **argv)
343 parameters, like -S and -C combinations */ 343 parameters, like -S and -C combinations */
344 use_ssl = TRUE; 344 use_ssl = TRUE;
345 if (c=='S' && optarg != NULL) { 345 if (c=='S' && optarg != NULL) {
346 ssl_version = atoi(optarg); 346 int got_plus = strchr(optarg, '+') != NULL;
347 if (ssl_version < 1 || ssl_version > 3) 347
348 usage4 (_("Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 (SSLv3)")); 348 if (!strncmp (optarg, "1.2", 3))
349 ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2;
350 else if (!strncmp (optarg, "1.1", 3))
351 ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1;
352 else if (optarg[0] == '1')
353 ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1;
354 else if (optarg[0] == '3')
355 ssl_version = got_plus ? MP_SSLv3_OR_NEWER : MP_SSLv3;
356 else if (optarg[0] == '2')
357 ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2;
358 else
359 usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)"));
349 } 360 }
350 if (specify_port == FALSE) 361 if (specify_port == FALSE)
351 server_port = HTTPS_PORT; 362 server_port = HTTPS_PORT;
@@ -869,17 +880,42 @@ check_http (void)
869 double elapsed_time_transfer = 0.0; 880 double elapsed_time_transfer = 0.0;
870 int page_len = 0; 881 int page_len = 0;
871 int result = STATE_OK; 882 int result = STATE_OK;
883 char *force_host_header = NULL;
872 884
873 /* try to connect to the host at the given port number */ 885 /* try to connect to the host at the given port number */
874 gettimeofday (&tv_temp, NULL); 886 gettimeofday (&tv_temp, NULL);
875 if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) 887 if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
876 die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); 888 die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
877 microsec_connect = deltime (tv_temp); 889 microsec_connect = deltime (tv_temp);
890
891 /* if we are called with the -I option, the -j method is CONNECT and */
892 /* we received -S for SSL, then we tunnel the request through a proxy*/
893 /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
894
895 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
896 && host_name != NULL && use_ssl == TRUE) {
897
898 if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
899 asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
900 asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf);
901 asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
902 /* we finished our request, send empty line with CRLF */
903 asprintf (&buf, "%s%s", buf, CRLF);
904 if (verbose) printf ("%s\n", buf);
905 send(sd, buf, strlen (buf), 0);
906 buf[0]='\0';
907
908 if (verbose) printf ("Receive response from proxy\n");
909 read (sd, buffer, MAX_INPUT_BUFFER-1);
910 if (verbose) printf ("%s", buffer);
911 /* Here we should check if we got HTTP/1.1 200 Connection established */
912 }
878#ifdef HAVE_SSL 913#ifdef HAVE_SSL
879 elapsed_time_connect = (double)microsec_connect / 1.0e6; 914 elapsed_time_connect = (double)microsec_connect / 1.0e6;
880 if (use_ssl == TRUE) { 915 if (use_ssl == TRUE) {
881 gettimeofday (&tv_temp, NULL); 916 gettimeofday (&tv_temp, NULL);
882 result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); 917 result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
918 if (verbose) printf ("SSL initialized\n");
883 if (result != STATE_OK) 919 if (result != STATE_OK)
884 die (STATE_CRITICAL, NULL); 920 die (STATE_CRITICAL, NULL);
885 microsec_ssl = deltime (tv_temp); 921 microsec_ssl = deltime (tv_temp);
@@ -893,29 +929,51 @@ check_http (void)
893 } 929 }
894#endif /* HAVE_SSL */ 930#endif /* HAVE_SSL */
895 931
896 xasprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 932 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
933 && host_name != NULL && use_ssl == TRUE)
934 asprintf (&buf, "%s %s %s\r\n%s\r\n", "GET", server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
935 else
936 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
897 937
898 /* tell HTTP/1.1 servers not to keep the connection alive */ 938 /* tell HTTP/1.1 servers not to keep the connection alive */
899 xasprintf (&buf, "%sConnection: close\r\n", buf); 939 xasprintf (&buf, "%sConnection: close\r\n", buf);
900 940
941 /* check if Host header is explicitly set in options */
942 if (http_opt_headers_count) {
943 for (i = 0; i < http_opt_headers_count ; i++) {
944 if (strncmp(http_opt_headers[i], "Host:", 5) == 0) {
945 force_host_header = http_opt_headers[i];
946 }
947 }
948 }
949
901 /* optionally send the host header info */ 950 /* optionally send the host header info */
902 if (host_name) { 951 if (host_name) {
903 /* 952 if (force_host_header) {
904 * Specify the port only if we're using a non-default port (see RFC 2616, 953 xasprintf (&buf, "%s%s\r\n", buf, force_host_header);
905 * 14.23). Some server applications/configurations cause trouble if the 954 }
906 * (default) port is explicitly specified in the "Host:" header line. 955 else {
907 */ 956 /*
908 if ((use_ssl == FALSE && server_port == HTTP_PORT) || 957 * Specify the port only if we're using a non-default port (see RFC 2616,
909 (use_ssl == TRUE && server_port == HTTPS_PORT)) 958 * 14.23). Some server applications/configurations cause trouble if the
910 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); 959 * (default) port is explicitly specified in the "Host:" header line.
911 else 960 */
912 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port); 961 if ((use_ssl == FALSE && server_port == HTTP_PORT) ||
962 (use_ssl == TRUE && server_port == HTTPS_PORT) ||
963 (server_address != NULL && strcmp(http_method, "CONNECT") == 0
964 && host_name != NULL && use_ssl == TRUE))
965 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
966 else
967 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port);
968 }
913 } 969 }
914 970
915 /* optionally send any other header tag */ 971 /* optionally send any other header tag */
916 if (http_opt_headers_count) { 972 if (http_opt_headers_count) {
917 for (i = 0; i < http_opt_headers_count ; i++) { 973 for (i = 0; i < http_opt_headers_count ; i++) {
918 xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); 974 if (force_host_header != http_opt_headers[i]) {
975 xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
976 }
919 } 977 }
920 /* This cannot be free'd here because a redirection will then try to access this and segfault */ 978 /* This cannot be free'd here because a redirection will then try to access this and segfault */
921 /* Covered in a testcase in tests/check_http.t */ 979 /* Covered in a testcase in tests/check_http.t */
@@ -1467,9 +1525,10 @@ print_help (void)
1467 printf (UT_IPv46); 1525 printf (UT_IPv46);
1468 1526
1469#ifdef HAVE_SSL 1527#ifdef HAVE_SSL
1470 printf (" %s\n", "-S, --ssl=VERSION"); 1528 printf (" %s\n", "-S, --ssl=VERSION[+]");
1471 printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); 1529 printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents"));
1472 printf (" %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3).")); 1530 printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
1531 printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted."));
1473 printf (" %s\n", "--sni"); 1532 printf (" %s\n", "--sni");
1474 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); 1533 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
1475 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); 1534 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
@@ -1496,7 +1555,7 @@ print_help (void)
1496 printf (" %s\n", _("URL to GET or POST (default: /)")); 1555 printf (" %s\n", _("URL to GET or POST (default: /)"));
1497 printf (" %s\n", "-P, --post=STRING"); 1556 printf (" %s\n", "-P, --post=STRING");
1498 printf (" %s\n", _("URL encoded http POST data")); 1557 printf (" %s\n", _("URL encoded http POST data"));
1499 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE)"); 1558 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)");
1500 printf (" %s\n", _("Set HTTP method.")); 1559 printf (" %s\n", _("Set HTTP method."));
1501 printf (" %s\n", "-N, --no-body"); 1560 printf (" %s\n", "-N, --no-body");
1502 printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); 1561 printf (" %s\n", _("Don't wait for document body: stop reading after headers."));
@@ -1570,7 +1629,7 @@ print_help (void)
1570 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); 1629 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));
1571 printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); 1630 printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
1572 printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); 1631 printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));
1573 printf (" %s\n", _("the certificate is expired.")); 1632 printf (" %s\n\n", _("the certificate is expired."));
1574 printf ("\n"); 1633 printf ("\n");
1575 printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); 1634 printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
1576 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); 1635 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,"));
@@ -1578,6 +1637,13 @@ print_help (void)
1578 printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); 1637 printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned."));
1579 printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); 1638 printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days"));
1580 1639
1640 printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
1641 printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com "));
1642 printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>"));
1643 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
1644 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
1645 printf (" %s\n", _("a STATE_CRITICAL will be returned."));
1646
1581#endif 1647#endif
1582 1648
1583 printf (UT_SUPPORT); 1649 printf (UT_SUPPORT);
diff --git a/plugins/check_ide_smart.c b/plugins/check_ide_smart.c
index 47605e96..8d540ca1 100644
--- a/plugins/check_ide_smart.c
+++ b/plugins/check_ide_smart.c
@@ -234,10 +234,10 @@ main (int argc, char *argv[])
234 break; 234 break;
235 case 'h': 235 case 'h':
236 print_help (); 236 print_help ();
237 return STATE_OK; 237 return STATE_UNKNOWN;
238 case 'V': 238 case 'V':
239 print_revision (progname, NP_VERSION); 239 print_revision (progname, NP_VERSION);
240 return STATE_OK; 240 return STATE_UNKNOWN;
241 default: 241 default:
242 usage5 (); 242 usage5 ();
243 } 243 }
@@ -249,7 +249,7 @@ main (int argc, char *argv[])
249 249
250 if (!device) { 250 if (!device) {
251 print_help (); 251 print_help ();
252 return STATE_OK; 252 return STATE_UNKNOWN;
253 } 253 }
254 254
255 fd = open (device, OPEN_MODE); 255 fd = open (device, OPEN_MODE);
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c
index c371be97..e70d6a51 100644
--- a/plugins/check_ldap.c
+++ b/plugins/check_ldap.c
@@ -1,29 +1,29 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2*
3* Monitoring check_ldap plugin 3* Monitoring check_ldap plugin
4* 4*
5* License: GPL 5* License: GPL
6* Copyright (c) 2000-2008 Monitoring Plugins Development Team 6* Copyright (c) 2000-2008 Monitoring Plugins Development Team
7* 7*
8* Description: 8* Description:
9* 9*
10* This file contains the check_ldap plugin 10* This file contains the check_ldap plugin
11* 11*
12* 12*
13* This program is free software: you can redistribute it and/or modify 13* This program is free software: you can redistribute it and/or modify
14* it under the terms of the GNU General Public License as published by 14* it under the terms of the GNU General Public License as published by
15* the Free Software Foundation, either version 3 of the License, or 15* the Free Software Foundation, either version 3 of the License, or
16* (at your option) any later version. 16* (at your option) any later version.
17* 17*
18* This program is distributed in the hope that it will be useful, 18* This program is distributed in the hope that it will be useful,
19* but WITHOUT ANY WARRANTY; without even the implied warranty of 19* but WITHOUT ANY WARRANTY; without even the implied warranty of
20* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21* GNU General Public License for more details. 21* GNU General Public License for more details.
22* 22*
23* You should have received a copy of the GNU General Public License 23* You should have received a copy of the GNU General Public License
24* along with this program. If not, see <http://www.gnu.org/licenses/>. 24* along with this program. If not, see <http://www.gnu.org/licenses/>.
25* 25*
26* 26*
27*****************************************************************************/ 27*****************************************************************************/
28 28
29/* progname may be check_ldaps */ 29/* progname may be check_ldaps */
@@ -67,7 +67,10 @@ int ld_protocol = DEFAULT_PROTOCOL;
67#endif 67#endif
68double warn_time = UNDEFINED; 68double warn_time = UNDEFINED;
69double crit_time = UNDEFINED; 69double crit_time = UNDEFINED;
70thresholds *entries_thresholds = NULL;
70struct timeval tv; 71struct timeval tv;
72char* warn_entries = NULL;
73char* crit_entries = NULL;
71int starttls = FALSE; 74int starttls = FALSE;
72int ssl_on_connect = FALSE; 75int ssl_on_connect = FALSE;
73int verbose = 0; 76int verbose = 0;
@@ -94,6 +97,12 @@ main (int argc, char *argv[])
94 int tls; 97 int tls;
95 int version=3; 98 int version=3;
96 99
100 /* for entry counting */
101
102 LDAPMessage *next_entry;
103 int status_entries = STATE_OK;
104 int num_entries = 0;
105
97 setlocale (LC_ALL, ""); 106 setlocale (LC_ALL, "");
98 bindtextdomain (PACKAGE, LOCALEDIR); 107 bindtextdomain (PACKAGE, LOCALEDIR);
99 textdomain (PACKAGE); 108 textdomain (PACKAGE);
@@ -197,12 +206,14 @@ main (int argc, char *argv[])
197 } 206 }
198 207
199 /* do a search of all objectclasses in the base dn */ 208 /* do a search of all objectclasses in the base dn */
200 if (ldap_search_s (ld, ld_base, LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) 209 if (ldap_search_s (ld, ld_base, (crit_entries!=NULL || warn_entries!=NULL) ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result)
201 != LDAP_SUCCESS) { 210 != LDAP_SUCCESS) {
202 if (verbose) 211 if (verbose)
203 ldap_perror(ld, "ldap_search"); 212 ldap_perror(ld, "ldap_search");
204 printf (_("Could not search/find objectclasses in %s\n"), ld_base); 213 printf (_("Could not search/find objectclasses in %s\n"), ld_base);
205 return STATE_CRITICAL; 214 return STATE_CRITICAL;
215 } else if (crit_entries!=NULL || warn_entries!=NULL) {
216 num_entries = ldap_count_entries(ld, result);
206 } 217 }
207 218
208 /* unbind from the ldap server */ 219 /* unbind from the ldap server */
@@ -223,14 +234,42 @@ main (int argc, char *argv[])
223 else 234 else
224 status = STATE_OK; 235 status = STATE_OK;
225 236
237 if(entries_thresholds != NULL) {
238 if (verbose) {
239 printf ("entries found: %d\n", num_entries);
240 print_thresholds("entry threasholds", entries_thresholds);
241 }
242 status_entries = get_status(num_entries, entries_thresholds);
243 if (status_entries == STATE_CRITICAL) {
244 status = STATE_CRITICAL;
245 } else if (status != STATE_CRITICAL) {
246 status = status_entries;
247 }
248 }
249
226 /* print out the result */ 250 /* print out the result */
227 printf (_("LDAP %s - %.3f seconds response time|%s\n"), 251 if (crit_entries!=NULL || warn_entries!=NULL) {
228 state_text (status), 252 printf (_("LDAP %s - found %d entries in %.3f seconds|%s %s\n"),
229 elapsed_time, 253 state_text (status),
230 fperfdata ("time", elapsed_time, "s", 254 num_entries,
231 (int)warn_time, warn_time, 255 elapsed_time,
232 (int)crit_time, crit_time, 256 fperfdata ("time", elapsed_time, "s",
233 TRUE, 0, FALSE, 0)); 257 (int)warn_time, warn_time,
258 (int)crit_time, crit_time,
259 TRUE, 0, FALSE, 0),
260 sperfdata ("entries", (double)num_entries, "",
261 warn_entries,
262 crit_entries,
263 TRUE, 0.0, FALSE, 0.0));
264 } else {
265 printf (_("LDAP %s - %.3f seconds response time|%s\n"),
266 state_text (status),
267 elapsed_time,
268 fperfdata ("time", elapsed_time, "s",
269 (int)warn_time, warn_time,
270 (int)crit_time, crit_time,
271 TRUE, 0, FALSE, 0));
272 }
234 273
235 return status; 274 return status;
236} 275}
@@ -263,6 +302,8 @@ process_arguments (int argc, char **argv)
263 {"port", required_argument, 0, 'p'}, 302 {"port", required_argument, 0, 'p'},
264 {"warn", required_argument, 0, 'w'}, 303 {"warn", required_argument, 0, 'w'},
265 {"crit", required_argument, 0, 'c'}, 304 {"crit", required_argument, 0, 'c'},
305 {"warn-entries", required_argument, 0, 'W'},
306 {"crit-entries", required_argument, 0, 'C'},
266 {"verbose", no_argument, 0, 'v'}, 307 {"verbose", no_argument, 0, 'v'},
267 {0, 0, 0, 0} 308 {0, 0, 0, 0}
268 }; 309 };
@@ -276,7 +317,7 @@ process_arguments (int argc, char **argv)
276 } 317 }
277 318
278 while (1) { 319 while (1) {
279 c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:", longopts, &option); 320 c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option);
280 321
281 if (c == -1 || c == EOF) 322 if (c == -1 || c == EOF)
282 break; 323 break;
@@ -284,10 +325,10 @@ process_arguments (int argc, char **argv)
284 switch (c) { 325 switch (c) {
285 case 'h': /* help */ 326 case 'h': /* help */
286 print_help (); 327 print_help ();
287 exit (STATE_OK); 328 exit (STATE_UNKNOWN);
288 case 'V': /* version */ 329 case 'V': /* version */
289 print_revision (progname, NP_VERSION); 330 print_revision (progname, NP_VERSION);
290 exit (STATE_OK); 331 exit (STATE_UNKNOWN);
291 case 't': /* timeout period */ 332 case 't': /* timeout period */
292 if (!is_intnonneg (optarg)) 333 if (!is_intnonneg (optarg))
293 usage2 (_("Timeout interval must be a positive integer"), optarg); 334 usage2 (_("Timeout interval must be a positive integer"), optarg);
@@ -318,6 +359,12 @@ process_arguments (int argc, char **argv)
318 case 'c': 359 case 'c':
319 crit_time = strtod (optarg, NULL); 360 crit_time = strtod (optarg, NULL);
320 break; 361 break;
362 case 'W':
363 warn_entries = optarg;
364 break;
365 case 'C':
366 crit_entries = optarg;
367 break;
321#ifdef HAVE_LDAP_SET_OPTION 368#ifdef HAVE_LDAP_SET_OPTION
322 case '2': 369 case '2':
323 ld_protocol = 2; 370 ld_protocol = 2;
@@ -381,6 +428,10 @@ validate_arguments ()
381 if (ld_base==NULL) 428 if (ld_base==NULL)
382 usage4 (_("Please specify the LDAP base\n")); 429 usage4 (_("Please specify the LDAP base\n"));
383 430
431 if (crit_entries!=NULL || warn_entries!=NULL) {
432 set_thresholds(&entries_thresholds,
433 warn_entries, crit_entries);
434 }
384 return OK; 435 return OK;
385} 436}
386 437
@@ -430,6 +481,11 @@ print_help (void)
430 481
431 printf (UT_WARN_CRIT); 482 printf (UT_WARN_CRIT);
432 483
484 printf (" %s\n", "-W [--warn-entries]");
485 printf (" %s\n", _("Number of found entries to result in warning status"));
486 printf (" %s\n", "-W [--crit-entries]");
487 printf (" %s\n", _("Number of found entries to result in critical status"));
488
433 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 489 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
434 490
435 printf (UT_VERBOSE); 491 printf (UT_VERBOSE);
@@ -441,6 +497,7 @@ print_help (void)
441 printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called.")); 497 printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called."));
442 printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags")); 498 printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags"));
443 printf (" %s\n", _("to define the behaviour explicitly instead.")); 499 printf (" %s\n", _("to define the behaviour explicitly instead."));
500 printf (" %s\n", _("The parameters --warn-entries and --crit-entries are optional."));
444 501
445 printf (UT_SUPPORT); 502 printf (UT_SUPPORT);
446} 503}
diff --git a/plugins/check_load.c b/plugins/check_load.c
index cde63e56..a96435f4 100644
--- a/plugins/check_load.c
+++ b/plugins/check_load.c
@@ -251,10 +251,10 @@ process_arguments (int argc, char **argv)
251 break; 251 break;
252 case 'V': /* version */ 252 case 'V': /* version */
253 print_revision (progname, NP_VERSION); 253 print_revision (progname, NP_VERSION);
254 exit (STATE_OK); 254 exit (STATE_UNKNOWN);
255 case 'h': /* help */ 255 case 'h': /* help */
256 print_help (); 256 print_help ();
257 exit (STATE_OK); 257 exit (STATE_UNKNOWN);
258 case '?': /* help */ 258 case '?': /* help */
259 usage5 (); 259 usage5 ();
260 } 260 }
diff --git a/plugins/check_mrtg.c b/plugins/check_mrtg.c
index cf3fe044..1fda5492 100644
--- a/plugins/check_mrtg.c
+++ b/plugins/check_mrtg.c
@@ -234,10 +234,10 @@ process_arguments (int argc, char **argv)
234 break; 234 break;
235 case 'V': /* version */ 235 case 'V': /* version */
236 print_revision (progname, NP_VERSION); 236 print_revision (progname, NP_VERSION);
237 exit (STATE_OK); 237 exit (STATE_UNKNOWN);
238 case 'h': /* help */ 238 case 'h': /* help */
239 print_help (); 239 print_help ();
240 exit (STATE_OK); 240 exit (STATE_UNKNOWN);
241 case '?': /* help */ 241 case '?': /* help */
242 usage5 (); 242 usage5 ();
243 } 243 }
diff --git a/plugins/check_mrtgtraf.c b/plugins/check_mrtgtraf.c
index 32ba0507..eb66f622 100644
--- a/plugins/check_mrtgtraf.c
+++ b/plugins/check_mrtgtraf.c
@@ -148,37 +148,37 @@ main (int argc, char **argv)
148 148
149 /* report incoming traffic in Bytes/sec */ 149 /* report incoming traffic in Bytes/sec */
150 if (incoming_rate < 1024) { 150 if (incoming_rate < 1024) {
151 strcpy (incoming_speed_rating, "B/s"); 151 strcpy (incoming_speed_rating, "B");
152 adjusted_incoming_rate = (double) incoming_rate; 152 adjusted_incoming_rate = (double) incoming_rate;
153 } 153 }
154 154
155 /* report incoming traffic in KBytes/sec */ 155 /* report incoming traffic in KBytes/sec */
156 else if (incoming_rate < (1024 * 1024)) { 156 else if (incoming_rate < (1024 * 1024)) {
157 strcpy (incoming_speed_rating, "KB/s"); 157 strcpy (incoming_speed_rating, "KB");
158 adjusted_incoming_rate = (double) (incoming_rate / 1024.0); 158 adjusted_incoming_rate = (double) (incoming_rate / 1024.0);
159 } 159 }
160 160
161 /* report incoming traffic in MBytes/sec */ 161 /* report incoming traffic in MBytes/sec */
162 else { 162 else {
163 strcpy (incoming_speed_rating, "MB/s"); 163 strcpy (incoming_speed_rating, "MB");
164 adjusted_incoming_rate = (double) (incoming_rate / 1024.0 / 1024.0); 164 adjusted_incoming_rate = (double) (incoming_rate / 1024.0 / 1024.0);
165 } 165 }
166 166
167 /* report outgoing traffic in Bytes/sec */ 167 /* report outgoing traffic in Bytes/sec */
168 if (outgoing_rate < 1024) { 168 if (outgoing_rate < 1024) {
169 strcpy (outgoing_speed_rating, "B/s"); 169 strcpy (outgoing_speed_rating, "B");
170 adjusted_outgoing_rate = (double) outgoing_rate; 170 adjusted_outgoing_rate = (double) outgoing_rate;
171 } 171 }
172 172
173 /* report outgoing traffic in KBytes/sec */ 173 /* report outgoing traffic in KBytes/sec */
174 else if (outgoing_rate < (1024 * 1024)) { 174 else if (outgoing_rate < (1024 * 1024)) {
175 strcpy (outgoing_speed_rating, "KB/s"); 175 strcpy (outgoing_speed_rating, "KB");
176 adjusted_outgoing_rate = (double) (outgoing_rate / 1024.0); 176 adjusted_outgoing_rate = (double) (outgoing_rate / 1024.0);
177 } 177 }
178 178
179 /* report outgoing traffic in MBytes/sec */ 179 /* report outgoing traffic in MBytes/sec */
180 else { 180 else {
181 strcpy (outgoing_speed_rating, "MB/s"); 181 strcpy (outgoing_speed_rating, "MB");
182 adjusted_outgoing_rate = (double) (outgoing_rate / 1024.0 / 1024.0); 182 adjusted_outgoing_rate = (double) (outgoing_rate / 1024.0 / 1024.0);
183 } 183 }
184 184
@@ -191,7 +191,7 @@ main (int argc, char **argv)
191 result = STATE_WARNING; 191 result = STATE_WARNING;
192 } 192 }
193 193
194 xasprintf (&error_message, _("%s. In = %0.1f %s, %s. Out = %0.1f %s|%s %s\n"), 194 xasprintf (&error_message, _("%s. In = %0.1f %s/s, %s. Out = %0.1f %s/s|%s %s\n"),
195 (use_average == TRUE) ? _("Avg") : _("Max"), adjusted_incoming_rate, 195 (use_average == TRUE) ? _("Avg") : _("Max"), adjusted_incoming_rate,
196 incoming_speed_rating, (use_average == TRUE) ? _("Avg") : _("Max"), 196 incoming_speed_rating, (use_average == TRUE) ? _("Avg") : _("Max"),
197 adjusted_outgoing_rate, outgoing_speed_rating, 197 adjusted_outgoing_rate, outgoing_speed_rating,
@@ -270,10 +270,10 @@ process_arguments (int argc, char **argv)
270 break; 270 break;
271 case 'V': /* version */ 271 case 'V': /* version */
272 print_revision (progname, NP_VERSION); 272 print_revision (progname, NP_VERSION);
273 exit (STATE_OK); 273 exit (STATE_UNKNOWN);
274 case 'h': /* help */ 274 case 'h': /* help */
275 print_help (); 275 print_help ();
276 exit (STATE_OK); 276 exit (STATE_UNKNOWN);
277 case '?': /* help */ 277 case '?': /* help */
278 usage5 (); 278 usage5 ();
279 } 279 }
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 216626bc..5773afd9 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -444,10 +444,10 @@ process_arguments (int argc, char **argv)
444 break; 444 break;
445 case 'V': /* version */ 445 case 'V': /* version */
446 print_revision (progname, NP_VERSION); 446 print_revision (progname, NP_VERSION);
447 exit (STATE_OK); 447 exit (STATE_UNKNOWN);
448 case 'h': /* help */ 448 case 'h': /* help */
449 print_help (); 449 print_help ();
450 exit (STATE_OK); 450 exit (STATE_UNKNOWN);
451 case 'v': 451 case 'v':
452 verbose++; 452 verbose++;
453 break; 453 break;
diff --git a/plugins/check_mysql_query.c b/plugins/check_mysql_query.c
index 71ab7768..49a14dd3 100644
--- a/plugins/check_mysql_query.c
+++ b/plugins/check_mysql_query.c
@@ -250,10 +250,10 @@ process_arguments (int argc, char **argv)
250 break; 250 break;
251 case 'V': /* version */ 251 case 'V': /* version */
252 print_revision (progname, NP_VERSION); 252 print_revision (progname, NP_VERSION);
253 exit (STATE_OK); 253 exit (STATE_UNKNOWN);
254 case 'h': /* help */ 254 case 'h': /* help */
255 print_help (); 255 print_help ();
256 exit (STATE_OK); 256 exit (STATE_UNKNOWN);
257 case 'q': 257 case 'q':
258 xasprintf(&sql_query, "%s", optarg); 258 xasprintf(&sql_query, "%s", optarg);
259 break; 259 break;
diff --git a/plugins/check_nagios.c b/plugins/check_nagios.c
index 791b6dbe..40d68f03 100644
--- a/plugins/check_nagios.c
+++ b/plugins/check_nagios.c
@@ -235,10 +235,10 @@ process_arguments (int argc, char **argv)
235 switch (c) { 235 switch (c) {
236 case 'h': /* help */ 236 case 'h': /* help */
237 print_help (); 237 print_help ();
238 exit (STATE_OK); 238 exit (STATE_UNKNOWN);
239 case 'V': /* version */ 239 case 'V': /* version */
240 print_revision (progname, NP_VERSION); 240 print_revision (progname, NP_VERSION);
241 exit (STATE_OK); 241 exit (STATE_UNKNOWN);
242 case 'F': /* status log */ 242 case 'F': /* status log */
243 status_log = optarg; 243 status_log = optarg;
244 break; 244 break;
diff --git a/plugins/check_nt.c b/plugins/check_nt.c
index fefbfb7a..59c135db 100644
--- a/plugins/check_nt.c
+++ b/plugins/check_nt.c
@@ -197,19 +197,40 @@ int main(int argc, char **argv){
197 197
198 case CHECK_UPTIME: 198 case CHECK_UPTIME:
199 199
200 xasprintf(&send_buffer, "%s&3", req_password); 200 if (value_list == NULL) {
201 fetch_data (server_address, server_port, send_buffer); 201 value_list = "minutes";
202 uptime=strtoul(recv_buffer,NULL,10); 202 }
203 updays = uptime / 86400; 203 if (strncmp(value_list, "seconds", strlen("seconds") + 1 ) &&
204 uphours = (uptime % 86400) / 3600; 204 strncmp(value_list, "minutes", strlen("minutes") + 1) &&
205 upminutes = ((uptime % 86400) % 3600) / 60; 205 strncmp(value_list, "hours", strlen("hours") + 1) &&
206 xasprintf(&output_message,_("System Uptime - %u day(s) %u hour(s) %u minute(s)|uptime=%lu"), updays, uphours, upminutes, uptime); 206 strncmp(value_list, "days", strlen("days") + 1)) {
207 if (check_critical_value==TRUE && uptime <= critical_value) 207
208 return_code=STATE_CRITICAL; 208 output_message = strdup (_("wrong -l argument"));
209 else if (check_warning_value==TRUE && uptime <= warning_value) 209 } else {
210 return_code=STATE_WARNING; 210 xasprintf(&send_buffer, "%s&3", req_password);
211 else 211 fetch_data (server_address, server_port, send_buffer);
212 return_code=STATE_OK; 212 uptime=strtoul(recv_buffer,NULL,10);
213 updays = uptime / 86400;
214 uphours = (uptime % 86400) / 3600;
215 upminutes = ((uptime % 86400) % 3600) / 60;
216
217 if (!strncmp(value_list, "minutes", strlen("minutes")))
218 uptime = uptime / 60;
219 else if (!strncmp(value_list, "hours", strlen("hours")))
220 uptime = uptime / 3600;
221 else if (!strncmp(value_list, "days", strlen("days")))
222 uptime = uptime / 86400;
223 /* else uptime in seconds, nothing to do */
224
225 xasprintf(&output_message,_("System Uptime - %u day(s) %u hour(s) %u minute(s) |uptime=%lu"),updays, uphours, upminutes, uptime);
226
227 if (check_critical_value==TRUE && uptime <= critical_value)
228 return_code=STATE_CRITICAL;
229 else if (check_warning_value==TRUE && uptime <= warning_value)
230 return_code=STATE_WARNING;
231 else
232 return_code=STATE_OK;
233 }
213 break; 234 break;
214 235
215 case CHECK_USEDDISKSPACE: 236 case CHECK_USEDDISKSPACE:
@@ -532,10 +553,10 @@ int process_arguments(int argc, char **argv){
532 usage5 (); 553 usage5 ();
533 case 'h': /* help */ 554 case 'h': /* help */
534 print_help(); 555 print_help();
535 exit(STATE_OK); 556 exit(STATE_UNKNOWN);
536 case 'V': /* version */ 557 case 'V': /* version */
537 print_revision(progname, NP_VERSION); 558 print_revision(progname, NP_VERSION);
538 exit(STATE_OK); 559 exit(STATE_UNKNOWN);
539 case 'H': /* hostname */ 560 case 'H': /* hostname */
540 server_address = optarg; 561 server_address = optarg;
541 break; 562 break;
@@ -713,7 +734,9 @@ void print_help(void)
713 printf (" %s\n", "ie: -l 60,90,95,120,90,95"); 734 printf (" %s\n", "ie: -l 60,90,95,120,90,95");
714 printf (" %s\n", "UPTIME ="); 735 printf (" %s\n", "UPTIME =");
715 printf (" %s\n", _("Get the uptime of the machine.")); 736 printf (" %s\n", _("Get the uptime of the machine."));
716 printf (" %s\n", _("No specific parameters. No warning or critical threshold")); 737 printf (" %s\n", _("-l <unit> "));
738 printf (" %s\n", _("<unit> = seconds, minutes, hours, or days. (default: minutes)"));
739 printf (" %s\n", _("Thresholds will use the unit specified above."));
717 printf (" %s\n", "USEDDISKSPACE ="); 740 printf (" %s\n", "USEDDISKSPACE =");
718 printf (" %s\n", _("Size and percentage of disk use.")); 741 printf (" %s\n", _("Size and percentage of disk use."));
719 printf (" %s\n", _("Request a -l parameter containing the drive letter only.")); 742 printf (" %s\n", _("Request a -l parameter containing the drive letter only."));
diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c
index a7d278de..75efc289 100644
--- a/plugins/check_ntp.c
+++ b/plugins/check_ntp.c
@@ -691,11 +691,11 @@ int process_arguments(int argc, char **argv){
691 switch (c) { 691 switch (c) {
692 case 'h': 692 case 'h':
693 print_help(); 693 print_help();
694 exit(STATE_OK); 694 exit(STATE_UNKNOWN);
695 break; 695 break;
696 case 'V': 696 case 'V':
697 print_revision(progname, NP_VERSION); 697 print_revision(progname, NP_VERSION);
698 exit(STATE_OK); 698 exit(STATE_UNKNOWN);
699 break; 699 break;
700 case 'v': 700 case 'v':
701 verbose++; 701 verbose++;
diff --git a/plugins/check_ntp_peer.c b/plugins/check_ntp_peer.c
index 44424af5..c656b0f5 100644
--- a/plugins/check_ntp_peer.c
+++ b/plugins/check_ntp_peer.c
@@ -448,11 +448,11 @@ int process_arguments(int argc, char **argv){
448 switch (c) { 448 switch (c) {
449 case 'h': 449 case 'h':
450 print_help(); 450 print_help();
451 exit(STATE_OK); 451 exit(STATE_UNKNOWN);
452 break; 452 break;
453 case 'V': 453 case 'V':
454 print_revision(progname, NP_VERSION); 454 print_revision(progname, NP_VERSION);
455 exit(STATE_OK); 455 exit(STATE_UNKNOWN);
456 break; 456 break;
457 case 'v': 457 case 'v':
458 verbose++; 458 verbose++;
diff --git a/plugins/check_ntp_time.c b/plugins/check_ntp_time.c
index e344f8b7..295f86f6 100644
--- a/plugins/check_ntp_time.c
+++ b/plugins/check_ntp_time.c
@@ -477,11 +477,11 @@ int process_arguments(int argc, char **argv){
477 switch (c) { 477 switch (c) {
478 case 'h': 478 case 'h':
479 print_help(); 479 print_help();
480 exit(STATE_OK); 480 exit(STATE_UNKNOWN);
481 break; 481 break;
482 case 'V': 482 case 'V':
483 print_revision(progname, NP_VERSION); 483 print_revision(progname, NP_VERSION);
484 exit(STATE_OK); 484 exit(STATE_UNKNOWN);
485 break; 485 break;
486 case 'v': 486 case 'v':
487 verbose++; 487 verbose++;
diff --git a/plugins/check_nwstat.c b/plugins/check_nwstat.c
index 1a7bfa16..e7e8de05 100644
--- a/plugins/check_nwstat.c
+++ b/plugins/check_nwstat.c
@@ -1354,10 +1354,10 @@ int process_arguments(int argc, char **argv) {
1354 usage5 (); 1354 usage5 ();
1355 case 'h': /* help */ 1355 case 'h': /* help */
1356 print_help(); 1356 print_help();
1357 exit(STATE_OK); 1357 exit(STATE_UNKNOWN);
1358 case 'V': /* version */ 1358 case 'V': /* version */
1359 print_revision(progname, NP_VERSION); 1359 print_revision(progname, NP_VERSION);
1360 exit(STATE_OK); 1360 exit(STATE_UNKNOWN);
1361 case 'H': /* hostname */ 1361 case 'H': /* hostname */
1362 server_address=optarg; 1362 server_address=optarg;
1363 break; 1363 break;
diff --git a/plugins/check_overcr.c b/plugins/check_overcr.c
index af5eb9b9..9a4d25fa 100644
--- a/plugins/check_overcr.c
+++ b/plugins/check_overcr.c
@@ -340,10 +340,10 @@ process_arguments (int argc, char **argv)
340 usage5 (); 340 usage5 ();
341 case 'h': /* help */ 341 case 'h': /* help */
342 print_help (); 342 print_help ();
343 exit (STATE_OK); 343 exit (STATE_UNKNOWN);
344 case 'V': /* version */ 344 case 'V': /* version */
345 print_revision (progname, NP_VERSION); 345 print_revision (progname, NP_VERSION);
346 exit (STATE_OK); 346 exit (STATE_UNKNOWN);
347 case 'H': /* hostname */ 347 case 'H': /* hostname */
348 server_address = optarg; 348 server_address = optarg;
349 break; 349 break;
diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c
index 9bad1ec5..2eb699e8 100644
--- a/plugins/check_pgsql.c
+++ b/plugins/check_pgsql.c
@@ -302,10 +302,10 @@ process_arguments (int argc, char **argv)
302 usage5 (); 302 usage5 ();
303 case 'h': /* help */ 303 case 'h': /* help */
304 print_help (); 304 print_help ();
305 exit (STATE_OK); 305 exit (STATE_UNKNOWN);
306 case 'V': /* version */ 306 case 'V': /* version */
307 print_revision (progname, NP_VERSION); 307 print_revision (progname, NP_VERSION);
308 exit (STATE_OK); 308 exit (STATE_UNKNOWN);
309 case 't': /* timeout period */ 309 case 't': /* timeout period */
310 if (!is_integer (optarg)) 310 if (!is_integer (optarg))
311 usage2 (_("Timeout interval must be a positive integer"), optarg); 311 usage2 (_("Timeout interval must be a positive integer"), optarg);
diff --git a/plugins/check_ping.c b/plugins/check_ping.c
index dbc5c3e4..423ecbe5 100644
--- a/plugins/check_ping.c
+++ b/plugins/check_ping.c
@@ -224,11 +224,11 @@ process_arguments (int argc, char **argv)
224 usage5 (); 224 usage5 ();
225 case 'h': /* help */ 225 case 'h': /* help */
226 print_help (); 226 print_help ();
227 exit (STATE_OK); 227 exit (STATE_UNKNOWN);
228 break; 228 break;
229 case 'V': /* version */ 229 case 'V': /* version */
230 print_revision (progname, NP_VERSION); 230 print_revision (progname, NP_VERSION);
231 exit (STATE_OK); 231 exit (STATE_UNKNOWN);
232 break; 232 break;
233 case 't': /* timeout period */ 233 case 't': /* timeout period */
234 timeout_interval = atoi (optarg); 234 timeout_interval = atoi (optarg);
diff --git a/plugins/check_procs.c b/plugins/check_procs.c
index 402aac53..4bcc56bc 100644
--- a/plugins/check_procs.c
+++ b/plugins/check_procs.c
@@ -428,10 +428,10 @@ process_arguments (int argc, char **argv)
428 usage5 (); 428 usage5 ();
429 case 'h': /* help */ 429 case 'h': /* help */
430 print_help (); 430 print_help ();
431 exit (STATE_OK); 431 exit (STATE_UNKNOWN);
432 case 'V': /* version */ 432 case 'V': /* version */
433 print_revision (progname, NP_VERSION); 433 print_revision (progname, NP_VERSION);
434 exit (STATE_OK); 434 exit (STATE_UNKNOWN);
435 case 't': /* timeout period */ 435 case 't': /* timeout period */
436 if (!is_integer (optarg)) 436 if (!is_integer (optarg))
437 usage2 (_("Timeout interval must be a positive integer"), optarg); 437 usage2 (_("Timeout interval must be a positive integer"), optarg);
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index b2943475..03cbb8b0 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -259,10 +259,10 @@ process_arguments (int argc, char **argv)
259 usage5 (); 259 usage5 ();
260 case 'h': /* help */ 260 case 'h': /* help */
261 print_help (); 261 print_help ();
262 exit (OK); 262 exit (STATE_UNKNOWN);
263 case 'V': /* version */ 263 case 'V': /* version */
264 print_revision (progname, NP_VERSION); 264 print_revision (progname, NP_VERSION);
265 exit (OK); 265 exit (STATE_UNKNOWN);
266 case 'v': /* verbose mode */ 266 case 'v': /* verbose mode */
267 verbose = TRUE; 267 verbose = TRUE;
268 break; 268 break;
diff --git a/plugins/check_real.c b/plugins/check_real.c
index 1816bf56..6491e6e9 100644
--- a/plugins/check_real.c
+++ b/plugins/check_real.c
@@ -163,17 +163,17 @@ main (int argc, char **argv)
163 163
164 /* Part I - Server Check */ 164 /* Part I - Server Check */
165 165
166 /* send the OPTIONS request */ 166 /* send the DESCRIBE request */
167 sprintf (buffer, "DESCRIBE rtsp://%s:%d%s RTSP/1.0\n", host_name, 167 sprintf (buffer, "DESCRIBE rtsp://%s:%d%s RTSP/1.0\r\n", host_name,
168 server_port, server_url); 168 server_port, server_url);
169 result = send (sd, buffer, strlen (buffer), 0); 169 result = send (sd, buffer, strlen (buffer), 0);
170 170
171 /* send the header sync */ 171 /* send the header sync */
172 sprintf (buffer, "CSeq: 2\n"); 172 sprintf (buffer, "CSeq: 2\r\n");
173 result = send (sd, buffer, strlen (buffer), 0); 173 result = send (sd, buffer, strlen (buffer), 0);
174 174
175 /* send a newline so the server knows we're done with the request */ 175 /* send a newline so the server knows we're done with the request */
176 sprintf (buffer, "\n"); 176 sprintf (buffer, "\r\n");
177 result = send (sd, buffer, strlen (buffer), 0); 177 result = send (sd, buffer, strlen (buffer), 0);
178 178
179 /* watch for the REAL connection string */ 179 /* watch for the REAL connection string */
@@ -359,10 +359,10 @@ process_arguments (int argc, char **argv)
359 break; 359 break;
360 case 'V': /* version */ 360 case 'V': /* version */
361 print_revision (progname, NP_VERSION); 361 print_revision (progname, NP_VERSION);
362 exit (STATE_OK); 362 exit (STATE_UNKNOWN);
363 case 'h': /* help */ 363 case 'h': /* help */
364 print_help (); 364 print_help ();
365 exit (STATE_OK); 365 exit (STATE_UNKNOWN);
366 case '?': /* usage */ 366 case '?': /* usage */
367 usage5 (); 367 usage5 ();
368 } 368 }
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 24304534..1996c6d3 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -231,7 +231,7 @@ main (int argc, char **argv)
231 send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); 231 send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0);
232 232
233 recvlines(buffer, MAX_INPUT_BUFFER); /* wait for it */ 233 recvlines(buffer, MAX_INPUT_BUFFER); /* wait for it */
234 if (!strstr (buffer, server_expect)) { 234 if (!strstr (buffer, SMTP_EXPECT)) {
235 printf (_("Server does not support STARTTLS\n")); 235 printf (_("Server does not support STARTTLS\n"));
236 smtp_quit(); 236 smtp_quit();
237 return STATE_UNKNOWN; 237 return STATE_UNKNOWN;
@@ -276,6 +276,7 @@ main (int argc, char **argv)
276# ifdef USE_OPENSSL 276# ifdef USE_OPENSSL
277 if ( check_cert ) { 277 if ( check_cert ) {
278 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 278 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
279 smtp_quit();
279 my_close(); 280 my_close();
280 return result; 281 return result;
281 } 282 }
@@ -581,11 +582,6 @@ process_arguments (int argc, char **argv)
581 usage4 (_("Timeout interval must be a positive integer")); 582 usage4 (_("Timeout interval must be a positive integer"));
582 } 583 }
583 break; 584 break;
584 case 'S':
585 /* starttls */
586 use_ssl = TRUE;
587 use_ehlo = TRUE;
588 break;
589 case 'D': 585 case 'D':
590 /* Check SSL cert validity */ 586 /* Check SSL cert validity */
591#ifdef USE_OPENSSL 587#ifdef USE_OPENSSL
@@ -607,9 +603,14 @@ process_arguments (int argc, char **argv)
607 days_till_exp_warn = atoi (optarg); 603 days_till_exp_warn = atoi (optarg);
608 } 604 }
609 check_cert = TRUE; 605 check_cert = TRUE;
606 ignore_send_quit_failure = TRUE;
610#else 607#else
611 usage (_("SSL support not available - install OpenSSL and recompile")); 608 usage (_("SSL support not available - install OpenSSL and recompile"));
612#endif 609#endif
610 case 'S':
611 /* starttls */
612 use_ssl = TRUE;
613 use_ehlo = TRUE;
613 break; 614 break;
614 case '4': 615 case '4':
615 address_family = AF_INET; 616 address_family = AF_INET;
@@ -623,10 +624,10 @@ process_arguments (int argc, char **argv)
623 break; 624 break;
624 case 'V': /* version */ 625 case 'V': /* version */
625 print_revision (progname, NP_VERSION); 626 print_revision (progname, NP_VERSION);
626 exit (STATE_OK); 627 exit (STATE_UNKNOWN);
627 case 'h': /* help */ 628 case 'h': /* help */
628 print_help (); 629 print_help ();
629 exit (STATE_OK); 630 exit (STATE_UNKNOWN);
630 case '?': /* help */ 631 case '?': /* help */
631 usage5 (); 632 usage5 ();
632 } 633 }
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c
index 6d7ec6d9..9839d6e8 100644
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -103,6 +103,8 @@ int errcode, excode;
103 103
104char *server_address = NULL; 104char *server_address = NULL;
105char *community = NULL; 105char *community = NULL;
106char **contextargs = NULL;
107char *context = NULL;
106char **authpriv = NULL; 108char **authpriv = NULL;
107char *proto = NULL; 109char *proto = NULL;
108char *seclevel = NULL; 110char *seclevel = NULL;
@@ -127,6 +129,7 @@ size_t nunits = 0;
127size_t unitv_size = OID_COUNT_STEP; 129size_t unitv_size = OID_COUNT_STEP;
128int numoids = 0; 130int numoids = 0;
129int numauthpriv = 0; 131int numauthpriv = 0;
132int numcontext = 0;
130int verbose = 0; 133int verbose = 0;
131int usesnmpgetnext = FALSE; 134int usesnmpgetnext = FALSE;
132char *warning_thresholds = NULL; 135char *warning_thresholds = NULL;
@@ -296,8 +299,8 @@ main (int argc, char **argv)
296 snmpcmd = strdup (PATH_TO_SNMPGET); 299 snmpcmd = strdup (PATH_TO_SNMPGET);
297 } 300 }
298 301
299 /* 10 arguments to pass before authpriv options + 1 for host and numoids. Add one for terminating NULL */ 302 /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */
300 command_line = calloc (10 + numauthpriv + 1 + numoids + 1, sizeof (char *)); 303 command_line = calloc (10 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *));
301 command_line[0] = snmpcmd; 304 command_line[0] = snmpcmd;
302 command_line[1] = strdup ("-Le"); 305 command_line[1] = strdup ("-Le");
303 command_line[2] = strdup ("-t"); 306 command_line[2] = strdup ("-t");
@@ -309,23 +312,27 @@ main (int argc, char **argv)
309 command_line[8] = "-v"; 312 command_line[8] = "-v";
310 command_line[9] = strdup (proto); 313 command_line[9] = strdup (proto);
311 314
315 for (i = 0; i < numcontext; i++) {
316 command_line[10 + i] = contextargs[i];
317 }
318
312 for (i = 0; i < numauthpriv; i++) { 319 for (i = 0; i < numauthpriv; i++) {
313 command_line[10 + i] = authpriv[i]; 320 command_line[10 + numcontext + i] = authpriv[i];
314 } 321 }
315 322
316 xasprintf (&command_line[10 + numauthpriv], "%s:%s", server_address, port); 323 xasprintf (&command_line[10 + numcontext + numauthpriv], "%s:%s", server_address, port);
317 324
318 /* This is just for display purposes, so it can remain a string */ 325 /* This is just for display purposes, so it can remain a string */
319 xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s:%s", 326 xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s",
320 snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[authpriv]", 327 snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]",
321 server_address, port); 328 server_address, port);
322 329
323 for (i = 0; i < numoids; i++) { 330 for (i = 0; i < numoids; i++) {
324 command_line[10 + numauthpriv + 1 + i] = oids[i]; 331 command_line[10 + numcontext + numauthpriv + 1 + i] = oids[i];
325 xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); 332 xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]);
326 } 333 }
327 334
328 command_line[10 + numauthpriv + 1 + numoids] = NULL; 335 command_line[10 + numcontext + numauthpriv + 1 + numoids] = NULL;
329 336
330 if (verbose) 337 if (verbose)
331 printf ("%s\n", cl_hidden_auth); 338 printf ("%s\n", cl_hidden_auth);
@@ -410,6 +417,9 @@ main (int argc, char **argv)
410 else if (strstr (response, "INTEGER: ")) { 417 else if (strstr (response, "INTEGER: ")) {
411 show = strstr (response, "INTEGER: ") + 9; 418 show = strstr (response, "INTEGER: ") + 9;
412 } 419 }
420 else if (strstr (response, "OID: ")) {
421 show = strstr (response, "OID: ") + 5;
422 }
413 else if (strstr (response, "STRING: ")) { 423 else if (strstr (response, "STRING: ")) {
414 show = strstr (response, "STRING: ") + 8; 424 show = strstr (response, "STRING: ") + 8;
415 conv = "%.10g"; 425 conv = "%.10g";
@@ -566,6 +576,18 @@ main (int argc, char **argv)
566 len = sizeof(perfstr)-strlen(perfstr)-1; 576 len = sizeof(perfstr)-strlen(perfstr)-1;
567 strncat(perfstr, show, len>ptr-show ? ptr-show : len); 577 strncat(perfstr, show, len>ptr-show ? ptr-show : len);
568 578
579 if (warning_thresholds) {
580 strncat(perfstr, ";", sizeof(perfstr)-strlen(perfstr)-1);
581 strncat(perfstr, warning_thresholds, sizeof(perfstr)-strlen(perfstr)-1);
582 }
583
584 if (critical_thresholds) {
585 if (!warning_thresholds)
586 strncat(perfstr, ";", sizeof(perfstr)-strlen(perfstr)-1);
587 strncat(perfstr, ";", sizeof(perfstr)-strlen(perfstr)-1);
588 strncat(perfstr, critical_thresholds, sizeof(perfstr)-strlen(perfstr)-1);
589 }
590
569 if (type) 591 if (type)
570 strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1); 592 strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1);
571 strncat(perfstr, " ", sizeof(perfstr)-strlen(perfstr)-1); 593 strncat(perfstr, " ", sizeof(perfstr)-strlen(perfstr)-1);
@@ -645,6 +667,7 @@ process_arguments (int argc, char **argv)
645 {"retries", required_argument, 0, 'e'}, 667 {"retries", required_argument, 0, 'e'},
646 {"miblist", required_argument, 0, 'm'}, 668 {"miblist", required_argument, 0, 'm'},
647 {"protocol", required_argument, 0, 'P'}, 669 {"protocol", required_argument, 0, 'P'},
670 {"context", required_argument, 0, 'N'},
648 {"seclevel", required_argument, 0, 'L'}, 671 {"seclevel", required_argument, 0, 'L'},
649 {"secname", required_argument, 0, 'U'}, 672 {"secname", required_argument, 0, 'U'},
650 {"authproto", required_argument, 0, 'a'}, 673 {"authproto", required_argument, 0, 'a'},
@@ -674,7 +697,7 @@ process_arguments (int argc, char **argv)
674 } 697 }
675 698
676 while (1) { 699 while (1) {
677 c = getopt_long (argc, argv, "nhvVOt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:L:U:a:x:A:X:", 700 c = getopt_long (argc, argv, "nhvVOt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:",
678 longopts, &option); 701 longopts, &option);
679 702
680 if (c == -1 || c == EOF) 703 if (c == -1 || c == EOF)
@@ -685,10 +708,10 @@ process_arguments (int argc, char **argv)
685 usage5 (); 708 usage5 ();
686 case 'h': /* help */ 709 case 'h': /* help */
687 print_help (); 710 print_help ();
688 exit (STATE_OK); 711 exit (STATE_UNKNOWN);
689 case 'V': /* version */ 712 case 'V': /* version */
690 print_revision (progname, NP_VERSION); 713 print_revision (progname, NP_VERSION);
691 exit (STATE_OK); 714 exit (STATE_UNKNOWN);
692 case 'v': /* verbose */ 715 case 'v': /* verbose */
693 verbose++; 716 verbose++;
694 break; 717 break;
@@ -712,6 +735,9 @@ process_arguments (int argc, char **argv)
712 case 'P': /* SNMP protocol version */ 735 case 'P': /* SNMP protocol version */
713 proto = optarg; 736 proto = optarg;
714 break; 737 break;
738 case 'N': /* SNMPv3 context */
739 context = optarg;
740 break;
715 case 'L': /* security level */ 741 case 'L': /* security level */
716 seclevel = optarg; 742 seclevel = optarg;
717 break; 743 break;
@@ -959,6 +985,13 @@ validate_arguments ()
959 authpriv[1] = strdup (community); 985 authpriv[1] = strdup (community);
960 } 986 }
961 else if ( strcmp (proto, "3") == 0 ) { /* snmpv3 args */ 987 else if ( strcmp (proto, "3") == 0 ) { /* snmpv3 args */
988 if (!(context == NULL)) {
989 numcontext = 2;
990 contextargs = calloc (numcontext, sizeof (char *));
991 contextargs[0] = strdup ("-n");
992 contextargs[1] = strdup (context);
993 }
994
962 if (seclevel == NULL) 995 if (seclevel == NULL)
963 xasprintf(&seclevel, "noAuthNoPriv"); 996 xasprintf(&seclevel, "noAuthNoPriv");
964 997
@@ -1102,6 +1135,8 @@ print_help (void)
1102 printf (" %s\n", _("Use SNMP GETNEXT instead of SNMP GET")); 1135 printf (" %s\n", _("Use SNMP GETNEXT instead of SNMP GET"));
1103 printf (" %s\n", "-P, --protocol=[1|2c|3]"); 1136 printf (" %s\n", "-P, --protocol=[1|2c|3]");
1104 printf (" %s\n", _("SNMP protocol version")); 1137 printf (" %s\n", _("SNMP protocol version"));
1138 printf (" %s\n", "-N, --context=CONTEXT");
1139 printf (" %s\n", _("SNMPv3 context"));
1105 printf (" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]"); 1140 printf (" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]");
1106 printf (" %s\n", _("SNMPv3 securityLevel")); 1141 printf (" %s\n", _("SNMPv3 securityLevel"));
1107 printf (" %s\n", "-a, --authproto=[MD5|SHA]"); 1142 printf (" %s\n", "-a, --authproto=[MD5|SHA]");
@@ -1209,6 +1244,6 @@ print_usage (void)
1209 printf ("%s -H <ip_address> -o <OID> [-w warn_range] [-c crit_range]\n",progname); 1244 printf ("%s -H <ip_address> -o <OID> [-w warn_range] [-c crit_range]\n",progname);
1210 printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n"); 1245 printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n");
1211 printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n"); 1246 printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n");
1212 printf ("[-m miblist] [-P snmp version] [-L seclevel] [-U secname] [-a authproto]\n"); 1247 printf ("[-m miblist] [-P snmp version] [-N context] [-L seclevel] [-U secname]\n");
1213 printf ("[-A authpasswd] [-x privproto] [-X privpasswd]\n"); 1248 printf ("[-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd]\n");
1214} 1249}
diff --git a/plugins/check_ssh.c b/plugins/check_ssh.c
index b6187d61..8ccbd5a7 100644
--- a/plugins/check_ssh.c
+++ b/plugins/check_ssh.c
@@ -128,10 +128,10 @@ process_arguments (int argc, char **argv)
128 usage5 (); 128 usage5 ();
129 case 'V': /* version */ 129 case 'V': /* version */
130 print_revision (progname, NP_VERSION); 130 print_revision (progname, NP_VERSION);
131 exit (STATE_OK); 131 exit (STATE_UNKNOWN);
132 case 'h': /* help */ 132 case 'h': /* help */
133 print_help (); 133 print_help ();
134 exit (STATE_OK); 134 exit (STATE_UNKNOWN);
135 case 'v': /* verbose */ 135 case 'v': /* verbose */
136 verbose = TRUE; 136 verbose = TRUE;
137 break; 137 break;
@@ -253,18 +253,18 @@ ssh_connect (char *haddr, int hport, char *remote_version, char *remote_protocol
253 253
254 if (remote_version && strcmp(remote_version, ssh_server)) { 254 if (remote_version && strcmp(remote_version, ssh_server)) {
255 printf 255 printf
256 (_("SSH WARNING - %s (protocol %s) version mismatch, expected '%s'\n"), 256 (_("SSH CRITICAL - %s (protocol %s) version mismatch, expected '%s'\n"),
257 ssh_server, ssh_proto, remote_version); 257 ssh_server, ssh_proto, remote_version);
258 close(sd); 258 close(sd);
259 exit (STATE_WARNING); 259 exit (STATE_CRITICAL);
260 } 260 }
261 261
262 if (remote_protocol && strcmp(remote_protocol, ssh_proto)) { 262 if (remote_protocol && strcmp(remote_protocol, ssh_proto)) {
263 printf 263 printf
264 (_("SSH WARNING - %s (protocol %s) protocol version mismatch, expected '%s'\n"), 264 (_("SSH CRITICAL - %s (protocol %s) protocol version mismatch, expected '%s'\n"),
265 ssh_server, ssh_proto, remote_protocol); 265 ssh_server, ssh_proto, remote_protocol);
266 close(sd); 266 close(sd);
267 exit (STATE_WARNING); 267 exit (STATE_CRITICAL);
268 } 268 }
269 269
270 elapsed_time = (double)deltime(tv) / 1.0e6; 270 elapsed_time = (double)deltime(tv) / 1.0e6;
@@ -307,10 +307,10 @@ print_help (void)
307 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 307 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
308 308
309 printf (" %s\n", "-r, --remote-version=STRING"); 309 printf (" %s\n", "-r, --remote-version=STRING");
310 printf (" %s\n", _("Warn if string doesn't match expected server version (ex: OpenSSH_3.9p1)")); 310 printf (" %s\n", _("Alert if string doesn't match expected server version (ex: OpenSSH_3.9p1)"));
311 311
312 printf (" %s\n", "-P, --remote-protocol=STRING"); 312 printf (" %s\n", "-P, --remote-protocol=STRING");
313 printf (" %s\n", _("Warn if protocol doesn't match expected protocol version (ex: 2.0)")); 313 printf (" %s\n", _("Alert if protocol doesn't match expected protocol version (ex: 2.0)"));
314 314
315 printf (UT_VERBOSE); 315 printf (UT_VERBOSE);
316 316
diff --git a/plugins/check_swap.c b/plugins/check_swap.c
index 88a2a2ad..4d5a4071 100644
--- a/plugins/check_swap.c
+++ b/plugins/check_swap.c
@@ -1,6 +1,6 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2*
3* Monitoring check_disk plugin 3* Monitoring check_swap plugin
4* 4*
5* License: GPL 5* License: GPL
6* Copyright (c) 2000 Karl DeBisschop (kdebisschop@users.sourceforge.net) 6* Copyright (c) 2000 Karl DeBisschop (kdebisschop@users.sourceforge.net)
@@ -352,6 +352,7 @@ main (int argc, char **argv)
352 percent_used = 100 * ((double) used_swap_mb) / ((double) total_swap_mb); 352 percent_used = 100 * ((double) used_swap_mb) / ((double) total_swap_mb);
353 } else { 353 } else {
354 percent_used = 100; 354 percent_used = 100;
355 status = "- Swap is either disabled, not present, or of zero size. ";
355 } 356 }
356 357
357 result = max_state (result, check_swap (percent_used, free_swap_mb)); 358 result = max_state (result, check_swap (percent_used, free_swap_mb));
@@ -469,10 +470,10 @@ process_arguments (int argc, char **argv)
469 break; 470 break;
470 case 'V': /* version */ 471 case 'V': /* version */
471 print_revision (progname, NP_VERSION); 472 print_revision (progname, NP_VERSION);
472 exit (STATE_OK); 473 exit (STATE_UNKNOWN);
473 case 'h': /* help */ 474 case 'h': /* help */
474 print_help (); 475 print_help ();
475 exit (STATE_OK); 476 exit (STATE_UNKNOWN);
476 case '?': /* error */ 477 case '?': /* error */
477 usage5 (); 478 usage5 ();
478 } 479 }
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 63f9fd9c..6dc9aa96 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -237,7 +237,7 @@ main (int argc, char **argv)
237 gettimeofday (&tv, NULL); 237 gettimeofday (&tv, NULL);
238 238
239 result = np_net_connect (server_address, server_port, &sd, PROTOCOL); 239 result = np_net_connect (server_address, server_port, &sd, PROTOCOL);
240 if (result == STATE_CRITICAL) return STATE_CRITICAL; 240 if (result == STATE_CRITICAL) return econn_refuse_state;
241 241
242#ifdef HAVE_SSL 242#ifdef HAVE_SSL
243 if (flags & FLAG_SSL){ 243 if (flags & FLAG_SSL){
@@ -463,10 +463,10 @@ process_arguments (int argc, char **argv)
463 usage5 (); 463 usage5 ();
464 case 'h': /* help */ 464 case 'h': /* help */
465 print_help (); 465 print_help ();
466 exit (STATE_OK); 466 exit (STATE_UNKNOWN);
467 case 'V': /* version */ 467 case 'V': /* version */
468 print_revision (progname, NP_VERSION); 468 print_revision (progname, NP_VERSION);
469 exit (STATE_OK); 469 exit (STATE_UNKNOWN);
470 case 'v': /* verbose mode */ 470 case 'v': /* verbose mode */
471 flags |= FLAG_VERBOSE; 471 flags |= FLAG_VERBOSE;
472 match_flags |= NP_MATCH_VERBOSE; 472 match_flags |= NP_MATCH_VERBOSE;
@@ -577,7 +577,8 @@ process_arguments (int argc, char **argv)
577 if ((temp=strchr(optarg,','))!=NULL) { 577 if ((temp=strchr(optarg,','))!=NULL) {
578 *temp='\0'; 578 *temp='\0';
579 if (!is_intnonneg (optarg)) 579 if (!is_intnonneg (optarg))
580 usage2 (_("Invalid certificate expiration period"), optarg); days_till_exp_warn = atoi(optarg); 580 usage2 (_("Invalid certificate expiration period"), optarg);
581 days_till_exp_warn = atoi (optarg);
581 *temp=','; 582 *temp=',';
582 temp++; 583 temp++;
583 if (!is_intnonneg (temp)) 584 if (!is_intnonneg (temp))
diff --git a/plugins/check_time.c b/plugins/check_time.c
index 3943742a..baf8c591 100644
--- a/plugins/check_time.c
+++ b/plugins/check_time.c
@@ -231,10 +231,10 @@ process_arguments (int argc, char **argv)
231 usage5 (); 231 usage5 ();
232 case 'h': /* help */ 232 case 'h': /* help */
233 print_help (); 233 print_help ();
234 exit (STATE_OK); 234 exit (STATE_UNKNOWN);
235 case 'V': /* version */ 235 case 'V': /* version */
236 print_revision (progname, NP_VERSION); 236 print_revision (progname, NP_VERSION);
237 exit (STATE_OK); 237 exit (STATE_UNKNOWN);
238 case 'H': /* hostname */ 238 case 'H': /* hostname */
239 if (is_host (optarg) == FALSE) 239 if (is_host (optarg) == FALSE)
240 usage2 (_("Invalid hostname/address"), optarg); 240 usage2 (_("Invalid hostname/address"), optarg);
diff --git a/plugins/check_ups.c b/plugins/check_ups.c
index fd8c2d13..e9e56a51 100644
--- a/plugins/check_ups.c
+++ b/plugins/check_ups.c
@@ -558,10 +558,10 @@ process_arguments (int argc, char **argv)
558 break; 558 break;
559 case 'V': /* version */ 559 case 'V': /* version */
560 print_revision (progname, NP_VERSION); 560 print_revision (progname, NP_VERSION);
561 exit (STATE_OK); 561 exit (STATE_UNKNOWN);
562 case 'h': /* help */ 562 case 'h': /* help */
563 print_help (); 563 print_help ();
564 exit (STATE_OK); 564 exit (STATE_UNKNOWN);
565 } 565 }
566 } 566 }
567 567
diff --git a/plugins/check_users.c b/plugins/check_users.c
index a009f20b..54415a48 100644
--- a/plugins/check_users.c
+++ b/plugins/check_users.c
@@ -210,10 +210,10 @@ process_arguments (int argc, char **argv)
210 usage5 (); 210 usage5 ();
211 case 'h': /* help */ 211 case 'h': /* help */
212 print_help (); 212 print_help ();
213 exit (STATE_OK); 213 exit (STATE_UNKNOWN);
214 case 'V': /* version */ 214 case 'V': /* version */
215 print_revision (progname, NP_VERSION); 215 print_revision (progname, NP_VERSION);
216 exit (STATE_OK); 216 exit (STATE_UNKNOWN);
217 case 'c': /* critical */ 217 case 'c': /* critical */
218 if (!is_intnonneg (optarg)) 218 if (!is_intnonneg (optarg))
219 usage4 (_("Critical threshold must be a positive integer")); 219 usage4 (_("Critical threshold must be a positive integer"));
diff --git a/plugins/netutils.c b/plugins/netutils.c
index 83f8942f..705aaf09 100644
--- a/plugins/netutils.c
+++ b/plugins/netutils.c
@@ -161,6 +161,10 @@ process_request (const char *server_address, int server_port, int proto,
161int 161int
162np_net_connect (const char *host_name, int port, int *sd, int proto) 162np_net_connect (const char *host_name, int port, int *sd, int proto)
163{ 163{
164 /* send back STATE_UNKOWN if there's an error
165 send back STATE_OK if we connect
166 send back STATE_CRITICAL if we can't connect.
167 Let upstream figure out what to send to the user. */
164 struct addrinfo hints; 168 struct addrinfo hints;
165 struct addrinfo *r, *res; 169 struct addrinfo *r, *res;
166 struct sockaddr_un su; 170 struct sockaddr_un su;
@@ -250,16 +254,14 @@ np_net_connect (const char *host_name, int port, int *sd, int proto)
250 else if (was_refused) { 254 else if (was_refused) {
251 switch (econn_refuse_state) { /* a user-defined expected outcome */ 255 switch (econn_refuse_state) { /* a user-defined expected outcome */
252 case STATE_OK: 256 case STATE_OK:
253 case STATE_WARNING: /* user wants WARN or OK on refusal */ 257 case STATE_WARNING: /* user wants WARN or OK on refusal, or... */
254 return econn_refuse_state; 258 case STATE_CRITICAL: /* user did not set econn_refuse_state, or wanted critical */
255 break;
256 case STATE_CRITICAL: /* user did not set econn_refuse_state */
257 if (is_socket) 259 if (is_socket)
258 printf("connect to file socket %s: %s\n", host_name, strerror(errno)); 260 printf("connect to file socket %s: %s\n", host_name, strerror(errno));
259 else 261 else
260 printf("connect to address %s and port %d: %s\n", 262 printf("connect to address %s and port %d: %s\n",
261 host_name, port, strerror(errno)); 263 host_name, port, strerror(errno));
262 return econn_refuse_state; 264 return STATE_CRITICAL;
263 break; 265 break;
264 default: /* it's a logic error if we do not end up in STATE_(OK|WARNING|CRITICAL) */ 266 default: /* it's a logic error if we do not end up in STATE_(OK|WARNING|CRITICAL) */
265 return STATE_UNKNOWN; 267 return STATE_UNKNOWN;
diff --git a/plugins/netutils.h b/plugins/netutils.h
index c6fce901..2766029e 100644
--- a/plugins/netutils.h
+++ b/plugins/netutils.h
@@ -91,6 +91,16 @@ RETSIGTYPE socket_timeout_alarm_handler (int) __attribute__((noreturn));
91 91
92/* SSL-Related functionality */ 92/* SSL-Related functionality */
93#ifdef HAVE_SSL 93#ifdef HAVE_SSL
94# define MP_SSLv2 1
95# define MP_SSLv3 2
96# define MP_TLSv1 3
97# define MP_TLSv1_1 4
98# define MP_TLSv1_2 5
99# define MP_SSLv2_OR_NEWER 6
100# define MP_SSLv3_OR_NEWER 7
101# define MP_TLSv1_OR_NEWER 8
102# define MP_TLSv1_1_OR_NEWER 9
103# define MP_TLSv1_2_OR_NEWER 10
94/* maybe this could be merged with the above np_net_connect, via some flags */ 104/* maybe this could be merged with the above np_net_connect, via some flags */
95int np_net_ssl_init(int sd); 105int np_net_ssl_init(int sd);
96int np_net_ssl_init_with_hostname(int sd, char *host_name); 106int np_net_ssl_init_with_hostname(int sd, char *host_name);
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index f34c3d79..4f9c793c 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -49,33 +49,78 @@ int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int versi
49 49
50int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) { 50int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) {
51 SSL_METHOD *method = NULL; 51 SSL_METHOD *method = NULL;
52 long options = 0;
52 53
53 switch (version) { 54 switch (version) {
54 case 0: /* Deafult to auto negotiation */ 55 case MP_SSLv2: /* SSLv2 protocol */
55 method = SSLv23_client_method();
56 break;
57 case 1: /* TLSv1 protocol */
58 method = TLSv1_client_method();
59 break;
60 case 2: /* SSLv2 protocol */
61#if defined(USE_GNUTLS) || defined(OPENSSL_NO_SSL2) 56#if defined(USE_GNUTLS) || defined(OPENSSL_NO_SSL2)
62 printf("%s\n", _("CRITICAL - SSL protocol version 2 is not supported by your SSL library.")); 57 printf("%s\n", _("UNKNOWN - SSL protocol version 2 is not supported by your SSL library."));
63 return STATE_CRITICAL; 58 return STATE_UNKNOWN;
64#else 59#else
65 method = SSLv2_client_method(); 60 method = SSLv2_client_method();
66#endif
67 break; 61 break;
68 case 3: /* SSLv3 protocol */ 62#endif
63 case MP_SSLv3: /* SSLv3 protocol */
69#if defined(OPENSSL_NO_SSL3) 64#if defined(OPENSSL_NO_SSL3)
70 printf("%s\n", _("CRITICAL - SSL protocol version 3 is not supported by your SSL library.")); 65 printf("%s\n", _("UNKNOWN - SSL protocol version 3 is not supported by your SSL library."));
71 return STATE_CRITICAL; 66 return STATE_UNKNOWN;
72#else 67#else
73 method = SSLv3_client_method(); 68 method = SSLv3_client_method();
69 break;
74#endif 70#endif
71 case MP_TLSv1: /* TLSv1 protocol */
72#if defined(OPENSSL_NO_TLS1)
73 printf("%s\n", _("UNKNOWN - TLS protocol version 1 is not supported by your SSL library."));
74 return STATE_UNKNOWN;
75#else
76 method = TLSv1_client_method();
75 break; 77 break;
76 default: /* Unsupported */ 78#endif
77 printf("%s\n", _("CRITICAL - Unsupported SSL protocol version.")); 79 case MP_TLSv1_1: /* TLSv1.1 protocol */
78 return STATE_CRITICAL; 80#if !defined(SSL_OP_NO_TLSv1_1)
81 printf("%s\n", _("UNKNOWN - TLS protocol version 1.1 is not supported by your SSL library."));
82 return STATE_UNKNOWN;
83#else
84 method = TLSv1_1_client_method();
85 break;
86#endif
87 case MP_TLSv1_2: /* TLSv1.2 protocol */
88#if !defined(SSL_OP_NO_TLSv1_2)
89 printf("%s\n", _("UNKNOWN - TLS protocol version 1.2 is not supported by your SSL library."));
90 return STATE_UNKNOWN;
91#else
92 method = TLSv1_2_client_method();
93 break;
94#endif
95 case MP_TLSv1_2_OR_NEWER:
96#if !defined(SSL_OP_NO_TLSv1_1)
97 printf("%s\n", _("UNKNOWN - Disabling TLSv1.1 is not supported by your SSL library."));
98 return STATE_UNKNOWN;
99#else
100 options |= SSL_OP_NO_TLSv1_1;
101#endif
102 /* FALLTHROUGH */
103 case MP_TLSv1_1_OR_NEWER:
104#if !defined(SSL_OP_NO_TLSv1)
105 printf("%s\n", _("UNKNOWN - Disabling TLSv1 is not supported by your SSL library."));
106 return STATE_UNKNOWN;
107#else
108 options |= SSL_OP_NO_TLSv1;
109#endif
110 /* FALLTHROUGH */
111 case MP_TLSv1_OR_NEWER:
112#if defined(SSL_OP_NO_SSLv3)
113 options |= SSL_OP_NO_SSLv3;
114#endif
115 /* FALLTHROUGH */
116 case MP_SSLv3_OR_NEWER:
117#if defined(SSL_OP_NO_SSLv2)
118 options |= SSL_OP_NO_SSLv2;
119#endif
120 case MP_SSLv2_OR_NEWER:
121 /* FALLTHROUGH */
122 default: /* Default to auto negotiation */
123 method = SSLv23_client_method();
79 } 124 }
80 if (!initialized) { 125 if (!initialized) {
81 /* Initialize SSL context */ 126 /* Initialize SSL context */
@@ -99,8 +144,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
99#endif 144#endif
100 } 145 }
101#ifdef SSL_OP_NO_TICKET 146#ifdef SSL_OP_NO_TICKET
102 SSL_CTX_set_options(c, SSL_OP_NO_TICKET); 147 options |= SSL_OP_NO_TICKET;
103#endif 148#endif
149 SSL_CTX_set_options(c, options);
104 SSL_CTX_set_mode(c, SSL_MODE_AUTO_RETRY); 150 SSL_CTX_set_mode(c, SSL_MODE_AUTO_RETRY);
105 if ((s = SSL_new(c)) != NULL) { 151 if ((s = SSL_new(c)) != NULL) {
106#ifdef SSL_set_tlsext_host_name 152#ifdef SSL_set_tlsext_host_name
@@ -149,7 +195,9 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
149# ifdef USE_OPENSSL 195# ifdef USE_OPENSSL
150 X509 *certificate=NULL; 196 X509 *certificate=NULL;
151 X509_NAME *subj=NULL; 197 X509_NAME *subj=NULL;
198 char timestamp[50] = "";
152 char cn[MAX_CN_LENGTH]= ""; 199 char cn[MAX_CN_LENGTH]= "";
200
153 int cnlen =-1; 201 int cnlen =-1;
154 int status=STATE_UNKNOWN; 202 int status=STATE_UNKNOWN;
155 203
@@ -158,7 +206,7 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
158 struct tm stamp; 206 struct tm stamp;
159 float time_left; 207 float time_left;
160 int days_left; 208 int days_left;
161 char timestamp[50] = ""; 209 int time_remaining;
162 time_t tm_t; 210 time_t tm_t;
163 211
164 certificate=SSL_get_peer_certificate(s); 212 certificate=SSL_get_peer_certificate(s);
@@ -212,7 +260,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
212 (tm->data[6 + offset] - '0') * 10 + (tm->data[7 + offset] - '0'); 260 (tm->data[6 + offset] - '0') * 10 + (tm->data[7 + offset] - '0');
213 stamp.tm_min = 261 stamp.tm_min =
214 (tm->data[8 + offset] - '0') * 10 + (tm->data[9 + offset] - '0'); 262 (tm->data[8 + offset] - '0') * 10 + (tm->data[9 + offset] - '0');
215 stamp.tm_sec = 0; 263 stamp.tm_sec =
264 (tm->data[10 + offset] - '0') * 10 + (tm->data[11 + offset] - '0');
216 stamp.tm_isdst = -1; 265 stamp.tm_isdst = -1;
217 266
218 time_left = difftime(timegm(&stamp), time(NULL)); 267 time_left = difftime(timegm(&stamp), time(NULL));
@@ -223,21 +272,35 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
223 if (days_left > 0 && days_left <= days_till_exp_warn) { 272 if (days_left > 0 && days_left <= days_till_exp_warn) {
224 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); 273 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp);
225 if (days_left > days_till_exp_crit) 274 if (days_left > days_till_exp_crit)
226 return STATE_WARNING; 275 status = STATE_WARNING;
227 else 276 else
228 return STATE_CRITICAL; 277 status = STATE_CRITICAL;
278 } else if (days_left == 0 && time_left > 0) {
279 if (time_left >= 3600)
280 time_remaining = (int) time_left / 3600;
281 else
282 time_remaining = (int) time_left / 60;
283
284 printf (_("%s - Certificate '%s' expires in %u %s (%s)\n"),
285 (days_left>days_till_exp_crit) ? "WARNING" : "CRITICAL", cn, time_remaining,
286 time_left >= 3600 ? "hours" : "minutes", timestamp);
287
288 if ( days_left > days_till_exp_crit)
289 status = STATE_WARNING;
290 else
291 status = STATE_CRITICAL;
229 } else if (time_left < 0) { 292 } else if (time_left < 0) {
230 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); 293 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp);
231 status=STATE_CRITICAL; 294 status=STATE_CRITICAL;
232 } else if (days_left == 0) { 295 } else if (days_left == 0) {
233 printf (_("%s - Certificate '%s' expires today (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp); 296 printf (_("%s - Certificate '%s' just expired (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp);
234 if (days_left > days_till_exp_crit) 297 if (days_left > days_till_exp_crit)
235 return STATE_WARNING; 298 status = STATE_WARNING;
236 else 299 else
237 return STATE_CRITICAL; 300 status = STATE_CRITICAL;
238 } else { 301 } else {
239 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); 302 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp);
240 status=STATE_OK; 303 status = STATE_OK;
241 } 304 }
242 X509_free(certificate); 305 X509_free(certificate);
243 return status; 306 return status;
diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis
index ce798c21..fe8aabdb 100644
--- a/plugins/t/NPTest.cache.travis
+++ b/plugins/t/NPTest.cache.travis
@@ -19,11 +19,13 @@
19 'NP_HOST_TCP_HTTP' => 'localhost', 19 'NP_HOST_TCP_HTTP' => 'localhost',
20 'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org', 20 'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org',
21 'NP_HOST_TCP_IMAP' => 'imap.web.de', 21 'NP_HOST_TCP_IMAP' => 'imap.web.de',
22 'NP_HOST_TCP_LDAP' => 'localhost',
22 'NP_HOST_TCP_POP' => 'pop.web.de', 23 'NP_HOST_TCP_POP' => 'pop.web.de',
23 'NP_HOST_TCP_SMTP' => 'localhost', 24 'NP_HOST_TCP_SMTP' => 'localhost',
24 'NP_HOST_TCP_SMTP_NOTLS' => '', 25 'NP_HOST_TCP_SMTP_NOTLS' => '',
25 'NP_HOST_TCP_SMTP_TLS' => '', 26 'NP_HOST_TCP_SMTP_TLS' => '',
26 'NP_INTERNET_ACCESS' => 'yes', 27 'NP_INTERNET_ACCESS' => 'yes',
28 'NP_LDAP_BASE_DN' => 'cn=admin,dc=nodomain',
27 'NP_MOUNTPOINT2_VALID' => '', 29 'NP_MOUNTPOINT2_VALID' => '',
28 'NP_MOUNTPOINT_VALID' => '/', 30 'NP_MOUNTPOINT_VALID' => '/',
29 'NP_MYSQL_SERVER' => 'localhost', 31 'NP_MYSQL_SERVER' => 'localhost',
diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t
index 2539a289..c2caec60 100644
--- a/plugins/t/check_http.t
+++ b/plugins/t/check_http.t
@@ -6,9 +6,10 @@
6 6
7use strict; 7use strict;
8use Test::More; 8use Test::More;
9use POSIX qw/mktime strftime/;
9use NPTest; 10use NPTest;
10 11
11plan tests => 30; 12plan tests => 42;
12 13
13my $successOutput = '/OK.*HTTP.*second/'; 14my $successOutput = '/OK.*HTTP.*second/';
14 15
@@ -34,6 +35,8 @@ my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2",
34 "A host providing an index page containing the string 'monitoring'", 35 "A host providing an index page containing the string 'monitoring'",
35 "test.monitoring-plugins.org" ); 36 "test.monitoring-plugins.org" );
36 37
38my $faketime = -x '/usr/bin/faketime' ? 1 : 0;
39
37 40
38$res = NPTest->testCmd( 41$res = NPTest->testCmd(
39 "./check_http $host_tcp_http -wt 300 -ct 600" 42 "./check_http $host_tcp_http -wt 300 -ct 600"
@@ -47,10 +50,10 @@ $res = NPTest->testCmd(
47like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); 50like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" );
48 51
49$res = NPTest->testCmd( 52$res = NPTest->testCmd(
50 "./check_http $host_nonresponsive -wt 1 -ct 2" 53 "./check_http $host_nonresponsive -wt 1 -ct 2 -t 3"
51 ); 54 );
52cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); 55cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" );
53cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 10 seconds", "Output OK"); 56cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK");
54 57
55$res = NPTest->testCmd( 58$res = NPTest->testCmd(
56 "./check_http $hostname_invalid -wt 1 -ct 2" 59 "./check_http $hostname_invalid -wt 1 -ct 2"
@@ -112,6 +115,40 @@ SKIP: {
112 $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" ); 115 $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" );
113 cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); 116 cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works");
114 117
118 # run some certificate checks with faketime
119 SKIP: {
120 skip "No faketime binary found", 12 if !$faketime;
121 $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 www.verisign.com");
122 like($res->output, qr/OK - Certificate 'www.verisign.com' will expire on/, "Catch cert output");
123 is( $res->return_code, 0, "Catch cert output exit code" );
124 my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)\./);
125 if(!defined $year) {
126 die("parsing date failed from: ".$res);
127 }
128 my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11};
129 my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900);
130 my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts));
131 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_http -C 1 www.verisign.com");
132 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' just expired/, "Output on expire date");
133 is( $res->return_code, 2, "Output on expire date" );
134
135 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_http -C 1 www.verisign.com");
136 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 0 minutes/, "cert expires in 1 second output");
137 is( $res->return_code, 2, "cert expires in 1 second exit code" );
138
139 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_http -C 1 www.verisign.com");
140 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 minutes/, "cert expires in 2 minutes output");
141 is( $res->return_code, 2, "cert expires in 2 minutes exit code" );
142
143 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_http -C 1 www.verisign.com");
144 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 hours/, "cert expires in 2 hours output");
145 is( $res->return_code, 2, "cert expires in 2 hours exit code" );
146
147 $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_http -C 1 www.verisign.com");
148 like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expired on/, "Certificate expired output");
149 is( $res->return_code, 2, "Certificate expired exit code" );
150 };
151
115 $res = NPTest->testCmd( "./check_http --ssl www.verisign.com -E" ); 152 $res = NPTest->testCmd( "./check_http --ssl www.verisign.com -E" );
116 like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); 153 like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' );
117 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); 154 like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' );
diff --git a/plugins/t/check_ldap.t b/plugins/t/check_ldap.t
new file mode 100644
index 00000000..b8944d4b
--- /dev/null
+++ b/plugins/t/check_ldap.t
@@ -0,0 +1,80 @@
1#!/usr/bin/env perl -I ..
2#
3# Lightweight Directory Access Protocol (LDAP) Test via check_ldap
4#
5#
6
7use strict;
8use warnings;
9use Test::More;
10use NPTest;
11
12my $host_tcp_ldap = getTestParameter("NP_HOST_TCP_LDAP",
13 "A host providing the LDAP Service",
14 "localhost" );
15
16my $ldap_base_dn = getTestParameter("NP_LDAP_BASE_DN",
17 "A base dn for the LDAP Service",
18 "cn=admin" );
19
20my $host_nonresponsive = getTestParameter("host_nonresponsive", "NP_HOST_NONRESPONSIVE", "10.0.0.1",
21 "The hostname of system not responsive to network requests" );
22
23my $hostname_invalid = getTestParameter("hostname_invalid", "NP_HOSTNAME_INVALID", "nosuchhost",
24 "An invalid (not known to DNS) hostname" );
25
26my($result, $cmd);
27my $command = './check_ldap';
28
29plan tests => 16;
30
31SKIP: {
32 skip "NP_HOST_NONRESPONSIVE not set", 2 if ! $host_nonresponsive;
33
34 $result = NPTest->testCmd("$command -H $host_nonresponsive -b ou=blah -t 2 -w 1 -c 1");
35 is( $result->return_code, 2, "$command -H $host_nonresponsive -b ou=blah -t 5 -w 2 -c 3" );
36 is( $result->output, 'CRITICAL - Socket timeout after 2 seconds', "output ok" );
37};
38
39SKIP: {
40 skip "NP_HOSTNAME_INVALID not set", 2 if ! $hostname_invalid;
41
42 $result = NPTest->testCmd("$command -H $hostname_invalid -b ou=blah -t 5");
43 is( $result->return_code, 2, "$command -H $hostname_invalid -b ou=blah -t 5" );
44 is( $result->output, 'Could not bind to the LDAP server', "output ok" );
45};
46
47SKIP: {
48 skip "NP_HOST_TCP_LDAP not set", 12 if ! $host_tcp_ldap;
49 skip "NP_LDAP_BASE_DN not set", 12 if ! $ldap_base_dn;
50
51 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3";
52 $result = NPTest->testCmd($cmd);
53 is( $result->return_code, 0, $cmd );
54 like( $result->output, '/^LDAP OK - \d+.\d+ seconds response time\|time=\d+\.\d+s;2\.0+;3\.0+;0\.0+$/', "output ok" );
55
56 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000 -C 10000001";
57 $result = NPTest->testCmd($cmd);
58 is( $result->return_code, 0, $cmd );
59 like( $result->output, '/^LDAP OK - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000;10000001;0\.0+$/', "output ok" );
60
61 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000: -C 10000001:";
62 $result = NPTest->testCmd($cmd);
63 is( $result->return_code, 2, $cmd );
64 like( $result->output, '/^LDAP CRITICAL - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000:;10000001:;0\.0+$/', "output ok" );
65
66 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 0 -C 0";
67 $result = NPTest->testCmd($cmd);
68 is( $result->return_code, 2, $cmd );
69 like( $result->output, '/^LDAP CRITICAL - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;0;0;0\.0+$/', "output ok" );
70
71 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000: -C 10000001";
72 $result = NPTest->testCmd($cmd);
73 is( $result->return_code, 1, $cmd );
74 like( $result->output, '/^LDAP WARNING - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000:;10000001;0\.0+$/', "output ok" );
75
76 $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -C 10000001";
77 $result = NPTest->testCmd($cmd);
78 is( $result->return_code, 0, $cmd );
79 like( $result->output, '/^LDAP OK - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;;10000001;0\.0+$/', "output ok" );
80};
diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t
index d93a0ecf..e72d243a 100755
--- a/plugins/tests/check_http.t
+++ b/plugins/tests/check_http.t
@@ -186,21 +186,21 @@ SKIP: {
186 186
187 $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); 187 $result = NPTest->testCmd( "$command -p $port_https -S -C 14" );
188 is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); 188 is( $result->return_code, 0, "$command -p $port_https -S -C 14" );
189 is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:00 2019.', "output ok" ); 189 is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:28 2019.', "output ok" );
190 190
191 $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); 191 $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" );
192 is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); 192 is( $result->return_code, 1, "$command -p $port_https -S -C 14000" );
193 like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:00 2019\)./', "output ok" ); 193 like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019\)./', "output ok" );
194 194
195 # Expired cert tests 195 # Expired cert tests
196 $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" ); 196 $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" );
197 is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" ); 197 is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" );
198 like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:00 2019\)./', "output ok" ); 198 like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019\)./', "output ok" );
199 199
200 $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); 200 $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" );
201 is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); 201 is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" );
202 is( $result->output, 202 is( $result->output,
203 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:00 2009.', 203 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:16 2009.',
204 "output ok" ); 204 "output ok" );
205 205
206} 206}
diff --git a/plugins/tests/check_snmp.t b/plugins/tests/check_snmp.t
index 2fd033d2..73a68b20 100755
--- a/plugins/tests/check_snmp.t
+++ b/plugins/tests/check_snmp.t
@@ -128,7 +128,7 @@ sleep 1;
128 128
129$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); 129$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
130is($res->return_code, 1, "WARNING - due to going above rate calculation" ); 130is($res->return_code, 1, "WARNING - due to going above rate calculation" );
131is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666 "); 131is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666;600 ");
132 132
133$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); 133$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" );
134is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" ); 134is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" );
@@ -209,7 +209,7 @@ is($res->output, 'SNMP OK - "stringtests" | ', "OK as inverted string no match"
209 209
210$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.12 -w 4:5" ); 210$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.12 -w 4:5" );
211is($res->return_code, 1, "Numeric in string test" ); 211is($res->return_code, 1, "Numeric in string test" );
212is($res->output, 'SNMP WARNING - *3.5* | iso.3.6.1.4.1.8072.3.2.67.12=3.5 ', "WARNING threshold checks for string masquerading as number" ); 212is($res->output, 'SNMP WARNING - *3.5* | iso.3.6.1.4.1.8072.3.2.67.12=3.5;4:5 ', "WARNING threshold checks for string masquerading as number" );
213 213
214$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.13" ); 214$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.13" );
215is($res->return_code, 0, "Not really numeric test" ); 215is($res->return_code, 0, "Not really numeric test" );
@@ -225,29 +225,29 @@ is($res->output, 'SNMP OK - "CUSTOM CHECK OK: foo is 12345" | ', "String check w
225 225
226$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); 226$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" );
227is($res->return_code, 0, "Negative integer check OK" ); 227is($res->return_code, 0, "Negative integer check OK" );
228is($res->output, 'SNMP OK - -2 | iso.3.6.1.4.1.8072.3.2.67.16=-2 ', "Negative integer check OK output" ); 228is($res->output, 'SNMP OK - -2 | iso.3.6.1.4.1.8072.3.2.67.16=-2;-2:;-3: ', "Negative integer check OK output" );
229 229
230$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); 230$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" );
231is($res->return_code, 1, "Negative integer check WARNING" ); 231is($res->return_code, 1, "Negative integer check WARNING" );
232is($res->output, 'SNMP WARNING - *-3* | iso.3.6.1.4.1.8072.3.2.67.16=-3 ', "Negative integer check WARNING output" ); 232is($res->output, 'SNMP WARNING - *-3* | iso.3.6.1.4.1.8072.3.2.67.16=-3;-2:;-3: ', "Negative integer check WARNING output" );
233 233
234$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); 234$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" );
235is($res->return_code, 2, "Negative integer check CRITICAL" ); 235is($res->return_code, 2, "Negative integer check CRITICAL" );
236is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.16=-4 ', "Negative integer check CRITICAL output" ); 236is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.16=-4;-2:;-3: ', "Negative integer check CRITICAL output" );
237 237
238$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -3: -c -6:" ); 238$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -3: -c -6:" );
239is($res->return_code, 1, "Negative integer as string, WARNING" ); 239is($res->return_code, 1, "Negative integer as string, WARNING" );
240is($res->output, 'SNMP WARNING - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4 ', "Negative integer as string, WARNING output" ); 240is($res->output, 'SNMP WARNING - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4;-3:;-6: ', "Negative integer as string, WARNING output" );
241 241
242$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -2: -c -3:" ); 242$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -2: -c -3:" );
243is($res->return_code, 2, "Negative integer as string, CRITICAL" ); 243is($res->return_code, 2, "Negative integer as string, CRITICAL" );
244is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4 ', "Negative integer as string, CRITICAL output" ); 244is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4;-2:;-3: ', "Negative integer as string, CRITICAL output" );
245 245
246$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -c ~:-6.5" ); 246$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -c '~:-6.5'" );
247is($res->return_code, 0, "Negative float OK" ); 247is($res->return_code, 0, "Negative float OK" );
248is($res->output, 'SNMP OK - -6.6 | iso.3.6.1.4.1.8072.3.2.67.18=-6.6 ', "Negative float OK output" ); 248is($res->output, 'SNMP OK - -6.6 | iso.3.6.1.4.1.8072.3.2.67.18=-6.6;;~:-6.5 ', "Negative float OK output" );
249 249
250$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -w ~:-6.65 -c ~:-6.55" ); 250$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -w '~:-6.65' -c '~:-6.55'" );
251is($res->return_code, 1, "Negative float WARNING" ); 251is($res->return_code, 1, "Negative float WARNING" );
252is($res->output, 'SNMP WARNING - *-6.6* | iso.3.6.1.4.1.8072.3.2.67.18=-6.6 ', "Negative float WARNING output" ); 252is($res->output, 'SNMP WARNING - *-6.6* | iso.3.6.1.4.1.8072.3.2.67.18=-6.6;~:-6.65;~:-6.55 ', "Negative float WARNING output" );
253 253
diff --git a/plugins/utils.c b/plugins/utils.c
index 58b153d8..a864e4aa 100644
--- a/plugins/utils.c
+++ b/plugins/utils.c
@@ -144,8 +144,6 @@ usage5 (void)
144void 144void
145print_revision (const char *command_name, const char *revision) 145print_revision (const char *command_name, const char *revision)
146{ 146{
147 char plugin_revision[STRLEN];
148
149 printf ("%s v%s (%s %s)\n", 147 printf ("%s v%s (%s %s)\n",
150 command_name, revision, PACKAGE, VERSION); 148 command_name, revision, PACKAGE, VERSION);
151} 149}
@@ -630,3 +628,43 @@ char *fperfdata (const char *label,
630 628
631 return data; 629 return data;
632} 630}
631
632char *sperfdata (const char *label,
633 double val,
634 const char *uom,
635 char *warn,
636 char *crit,
637 int minp,
638 double minv,
639 int maxp,
640 double maxv)
641{
642 char *data = NULL;
643 if (strpbrk (label, "'= "))
644 xasprintf (&data, "'%s'=", label);
645 else
646 xasprintf (&data, "%s=", label);
647
648 xasprintf (&data, "%s%f", data, val);
649 xasprintf (&data, "%s%s;", data, uom);
650
651 if (warn!=NULL)
652 xasprintf (&data, "%s%s", data, warn);
653
654 xasprintf (&data, "%s;", data);
655
656 if (crit!=NULL)
657 xasprintf (&data, "%s%s", data, crit);
658
659 xasprintf (&data, "%s;", data);
660
661 if (minp)
662 xasprintf (&data, "%s%f", data, minv);
663
664 if (maxp) {
665 xasprintf (&data, "%s;", data);
666 xasprintf (&data, "%s%f", data, maxv);
667 }
668
669 return data;
670}