Age | Commit message (Collapse) | Author | Files | Lines |
|
The current implementation becomes exponentially slower with growing
response size.
See also:
https://github.com/nagios-plugins/nagios-plugins/blob/release-2.4.2/plugins/check_http.c#L1199-L1204
Test:
$ mkdir web
$ nohup python3 -m http.server -d web 5080 &
$ perl -E 'say "0123456789" for (1..2_000_000)' >| web/file.txt
$ ./check_http.orig -t 200 -v -I localhost -p 5080 -u /file.txt > test1.txt
real 0m26.893s
user 0m12.661s
sys 0m14.221s
$ time ./check_http -t 200 -v -I localhost -p 5080 -u /file.txt > test2.txt
real 0m0.038s
user 0m0.011s
sys 0m0.027s
$ diff -u test[12].txt
--- test1.txt 2022-12-21 14:58:28.720260811 +0100
+++ test2.txt 2022-12-21 14:58:42.640008604 +0100
@@ -7,7 +7,7 @@
STATUS: HTTP/1.0 200 OK
**** HEADER ****
Server: SimpleHTTP/0.6 Python/3.9.2
-Date: Wed, 21 Dec 2022 13:58:01 GMT
+Date: Wed, 21 Dec 2022 13:58:42 GMT
Content-type: text/plain
Content-Length: 22000000
Last-Modified: Wed, 21 Dec 2022 13:57:58 GMT
@@ -2000013,4 +2000013,4 @@
0123456789
0123456789
-HTTP OK: HTTP/1.0 200 OK - 22000191 bytes in 26.860 second response time |time=26.860182s;;;0.000000;200.000000 size=22000191B;;;0;
+HTTP OK: HTTP/1.0 200 OK - 22000191 bytes in 0.016 second response time |time=0.016412s;;;0.000000;200.000000 size=22000191B;;;0;
|
|
* Remove superflous CRLF in HTTP-Requests in check_http
|
|
|
|
|
|
|
|
//test.server.com/folder
Referenced redirect of the format //www.server.com/folder would result
in check_http trying to contact http://hostname:80//www.server.com/folder
instead of http://www.server.com/folder. Referenced redirect of this format
is listed in rfc3986 ( https://tools.ietf.org/html/rfc3986 ). It should
work as expected now.
|
|
|
|
|
|
|
|
Docs check_http: make -C obvious
|
|
plugins: check_http: Increase regexp limit
|
|
Proxy authorization is now kept when using PROXY + CONNECT to HTTPS
|
|
|
|
|
|
This should help with figuring out ia problem at a glance when enabled for
healthz endpoints on web APIs, for example.
The content of the body can point to what the problem is and help with
diagnostics.
Fixes #1559
|
|
Simple format, avoids refactoring the CONNECT feature.
|
|
You need to read the docs carefully to realize that check_http has two
modes of operation: the regular HTTP checks, and a TLS certificate
check. Only one of these can be run in a single invocation.
Fixes #1553
|
|
through PROXY to HTTPS
|
|
|
|
check_http: added timeout to perfdata as max val
Resolves #1350
|
|
changes:
- CRYPTO_lock detection replaced in configure.ac. We don't use that
function anywhere, so just replace it with the suggested one from
https://wiki.openssl.org/index.php/Library_Initialization#Autoconf
- OPENSSL_NO_SSL2 is no longer defined while ssl2 is not included.
Set it ourself using the suggested openssl 1.1 version check from
https://wiki.openssl.org/index.php/1.1_API_Changes#Backward_compatibility
- openssl 1.1 sends a sigpipe if the connection is still open when
calling SSL_shutdown(), so move the close before the shutdown.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
If a web page contains a nul character, check_http reads the complete page but --string does not search beyond this character.
|
|
|
|
If a web page contains a nul character, check_http reads the complete page but --expect does not search beyond this character.
|
|
|
|
* pr/1373:
check_http: Allow for requesting TLSv1.1/TLSv1.2
|
|
check_http's -S/--ssl option now allows for requesting the TLSv1.1 and
TLSv1.2 protocols. Apart from that, a '+' suffix can be appended in
oder to also accept newer protocols than the specified version.
Closes #1338, and closes #1354, and closes #1359.
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
header)
|
|
|
|
Ported the fix from Frank4dd to the latest git version. See also http://nagios.frank4dd.com/howto/monitor-ssl-web
sites-through-proxy.htm
|
|
Coverity 66514 - Possible leakage and overflow with addr in redirect functionality. Not confirmed as null terminated, and externally gathered. Restrict string comparisons and duplications by size. - SR
|
|
* maint:
check_ssh: Get rid of sshd: Read from socket failed: Connection reset by peer
fixed tests when there is no direct internet connection
NEWS: Mention fix for check_http's -S option
Fix for SSL Versioning when multiple options are used.
Fix #1217 spec file fails to build due to duplicate files and unused files
check_http: Don't let "-N" expect an argument
README: Change GitHub URL
README: Clarify license notice
Update URLs and mailing list addresses
Just using the posix conform extended regular expression grep
check_oracle: --db +ASM bad string matching check_oracle doesn't correctly check for pmon +ASM instance from at least Oracle 11 as the pmon proces was renamed from ora_pmon_.* to asm_pmon_.*. -- Just turning attached patch of github issue #1207 into a push request. (Closes #1207)
Update web site URLs
Conflicts:
FAQ
NEWS
README
SUPPORT
configure.in
monitoring-plugins.spec.in
pkg/solaris/pkginfo.in
plugins-root/check_dhcp.c
plugins-root/check_icmp.c
plugins-scripts/check_ifoperstatus.pl
plugins-scripts/check_mssql.pl
plugins/check_apt.c
plugins/check_by_ssh.c
plugins/check_cluster.c
plugins/check_dbi.c
plugins/check_dig.c
plugins/check_disk.c
plugins/check_dns.c
plugins/check_dummy.c
plugins/check_fping.c
plugins/check_game.c
plugins/check_hpjd.c
plugins/check_http.c
plugins/check_ide_smart.c
plugins/check_ldap.c
plugins/check_load.c
plugins/check_mrtg.c
plugins/check_mrtgtraf.c
plugins/check_mysql.c
plugins/check_mysql_query.c
plugins/check_nagios.c
plugins/check_nt.c
plugins/check_ntp.c
plugins/check_ntp_peer.c
plugins/check_ntp_time.c
plugins/check_nwstat.c
plugins/check_overcr.c
plugins/check_pgsql.c
plugins/check_ping.c
plugins/check_procs.c
plugins/check_radius.c
plugins/check_real.c
plugins/check_smtp.c
plugins/check_snmp.c
plugins/check_ssh.c
plugins/check_swap.c
plugins/check_tcp.c
plugins/check_time.c
plugins/check_ups.c
plugins/check_users.c
plugins/negate.c
plugins/urlize.c
plugins/utils.h
po/Makevars
po/de.po
po/fr.po
po/monitoring-plugins.pot
|
|
|
|
.c file changes for misleading timeout messages in help functions. Solution to pull request #1209 tracker by awiddersheim.
Files: plugins/check_apt.c, plugins/check_by_ssh.c, plugins/check_dbi.c, plugins/check_dig.c, plugins/check_disk.c, plugins/check_dns.c, plugins/check_game.c, plugins/check_http.c, plugins/check_ldap.c, plugins/check_ntp.c, plugins/check_ntp_peer.c, plugins/check_ntp_time.c, plugins/check_nwstat.c, plugins/check_overcr.c, plugins/check_pgsql.c, plugins/check_ping.c, plugins/check_procs.c, plugins/check_radius.c, plugins/check_real.c, plugins/check_smtp.c, plugins/check_snmp.c, plugins/check_ssh.c, plugins/check_tcp.c, plugins/check_time.c, plugins/check_ups.c, plugins/negate.c
|
|
|
|
This is an initial take at renaming the project to Monitoring Plugins.
It's not expected to be fully complete, and it is expected to break
things (The perl module for instance). More testing will be required
before this goes mainline.
|
|
If you specify -S1 -C 30... The -C option will reset the ssl_version to 0. This is not a good thing.
Instead we set the default to 0 and retain the version when later args are passed.
|
|
Fix the problem that check_http's "-N" option expects an argument
although it shouldn't. The corresponding long option ("--no-body")
wasn't affected.
This error was introduced in ee3c4014d511e105489b081390636cacd4c53e3f.
Thanks to Kerry Hughes for reporting it on the devel@ list.
|
|
Now that we moved our infrastructure away from SourceForge, update the
URLs and mailing list addresses accordingly.
|
|
Fixes issue where if an SSL initialization error occurs on a redirect
using -f follow the plugin still returns an OK state.
Closes #1159.
|
|
Fix the issues found by GCC when the -Wuninitialized flag is specified.
|
|
The check_http option "--proxy_authorization" is now called
"--proxy-authorization" instead. It was always documented this way, and
we don't usually use underscores in option names.
|
|
Mention the -E/--extended-perfdata flag in the --help output.
|
|
Make a very long function name at least a little bit shorter.
|
|
* 'master' of https://github.com/cern-mig/nagios-plugins:
added support for client authentication via SSL
Conflicts:
plugins/check_http.c
|
|
|
|
The name of the new option is "--header-string".
|
|
|
|
- cleanup whitespace
- added test cases
- print time_ssl only if ssl is in use
- updated news and thanks file
|