Age | Commit message (Collapse) | Author | Files | Lines |
|
Add a note to the --help output which clarifies that check_http doesn't
perform certificate verification (beyond what the "-C" option does).
(Suggested by Michael Renner in Debian bug report #644627, forwarded by
Jan Wagner.)
|
|
Replace all occurrences of "strstr(s, "c") == s" with "s[0] == 'c'".
|
|
Fix the code which accepts a comma-separated list of labels specified
via the "-l" option.
(Spotted by Oskar Liljeblad in Debian bug report #647020, forwarded by
Jan Wagner.)
|
|
|
|
It won't trust us about msg containing no format string, and fail miserably
when compiled with -Werror=format-security. Reported by spy6 on IRC.
|
|
certificate errors (Opsview team)
|
|
Duncan Ferguson)
|
|
|
|
Abort immediately if we don't receive a server greeting or if the
greeting doesn't contain the "--expect"ed string (by default: "220")
instead of blindly sending the EHLO/HELO line.
Spotted by Daniel Piddock, see Debian bug report #611914.
|
|
This patch adds a check for the certificate cn (hostname) to normal
certificate checks. It returns CRITICAL if th cn is missing, otherwise it
prints it in the normal output.
Patch by Stéphane Urbanovski
|
|
parsing of
performance data. Now replaced with ','
|
|
1. Timetick test could fail with uptime > 115 days. Thresholds are
double type, so it's safe to put a large number even for 32bit systems.
2. Add a test based on an invalid bug report, worthy anyway.
|
|
This enables floating point and ranges, and make the code more standard.
|
|
|
|
My Test::More wouldn't print the total number of tests anymore, moving
the plan at the top appears to fix it.
At the same time I made check-http.t eval the special modules so it can
skip the tests instead of failing.
|
|
This reverts commit 896962a1ad1b7d7c75d42c565b06cc799feb0a7c.
Conflicts:
NEWS
plugins/tests/check_snmp.t
Notes:
Reverting because I rebased a patch that was doing the same thing, plus
fixing more related regressions, and both didn't work together.
I kept the tests intact except for one that wouldn't pass on 1.4.14
either
|
|
- Use /var/tmp for state if no state dir environment variable is set,
this avoid the need for a writable localstatedir during tests.
- Use "rm -f", mostly to avoid printing out garbage of the directory
doesn't exists
|
|
Original patch to make Timeticks works as in check_snmp v1.4.14, it turns
out is_numeric isn't so useful and treating all types as numeric works
best for backwards-compatibility. This is how it used to work in 1.4.14.
As a special case, I also make calculate_rate look up for numeric values
as it would otherwise return the last value instead.
|
|
group (Bekar - #2973603)
Various values (dused_pct, dfree_pct, inodes_free, inodes_total, ...) are now carried in
the parameter_list structure. Assignments have been moved to a subroutine preventing
code redundancies.
Group metrics are now calculated based on units rather than blocks. This fixes freespace calculation
when blocksizes differ within a group.
|
|
numbers (according to strtod) to be a numeric value for threshold and
performance data
|
|
Patch originally by Ryan Kelly
|
|
|
|
|
|
values to warn/crit parameters
|
|
|
|
|
|
|
|
|
|
|
|
|
|
See http://nagiosplugin.org/c-api-private for more details on the API.
Also updated check_snmp -l option to change the perfdata label.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This one counts double quotes and backslashes so it should handle any
level of escaping.
|
|
This patch tries to detect and output nicely multi-line strings. This
method is broken by design; only a count of double-quotes and escapes
could work in every situation.
|
|
Bug #2832884 reported problem with translations outputting pot file
headers. This is caused by "" matching the header of the translation
files.
This patch moves gettext macros inside utils macros and update some
french translations.
|
|
|
|
REJECT_RC is defined on some radiusclient versions and differenciates
between auth errors and bad responses. This patch will affect only the
behaviour of those clients exporting REJECT_RC.
In addition, unexpected return codes are now handled properly and
return UNKNOWN.
|
|
|
|
| check_radius doesn't seem to provide any way to modify the
| NAS-IP-Address attribute that it uses in the packets it sends, but it
| does so for NAS-Identifier.
|
| Instead, it hardcodes the IP address that it gets from the
| rc_own_ipaddress() library call, and that in turn translates into
| calling gethostbyname() on the result of uname(). This call can easily
| fail, and its result can easily be unsuitable - for example when the
| Nagios instance uses its own virtual host, and you don't want the
| original system hostname leaked to the RADIUS servers you monitor with
| this.
|
| Furthermore, this behaviour is inconsistent with RFC 2865, which
| defines the two attributes as analogous and never suggests hardcoding
| the value of either of them in client software.
Therefore, this commit adds the "-N, --nas-ip-address" option which
allows for specifying the value of the NAS-IP-Address attribute.
| I've also noticed that the original code for NAS-IP-Address hardcoding
| is broken in its error handling - it does "return (ERROR_PC)", which
| is meaningless in the context of check_radius.c. That actually seems
| to be copy&waste from radiusclient-0.3.2/src/radexample.c. :) I fixed
| that.
|
| While debugging, I also took the opportunity to decouple the
| nas-identifier rc_avpair_add() instance from the initial three,
| because this is just bad practice to lump a fourth optional attribute
| into the same block with the required attributes, the error handling
| for which is throwing the same daft message "Out of Memory?"...
[ http://bugs.debian.org/482947 ]
(Contributed by Josip Rodin, forwarded by Jan Wagner.)
|
|
The check_ldap plugin did not allow for specifying an empty LDAP base.
See: http://bugs.debian.org/479984
(Fixed by Stephane Chazelas, forwarded by Jan Wagner.)
|
|
See: http://bugs.debian.org/460097
One instance of this bug has already been fixed in commit
888358122004b9571c8fbdfa52ceee1ba5e5f4f2.
(Fixed by Hilko Bengen, forwarded by Jan Wagner.)
|
|
| Our automated build log filter[1] detected a problem that is likely to
| cause your package to segfault on architectures where the size of a
| pointer is greater than the size of an integer, such as ia64 and
| amd64.
|
| This is often due to a missing function prototype definition. For
| more information, see [2].
|
| Function `ldap_init' implicitly converted to pointer at
| check_ldap.c:124
|
| [1] http://people.debian.org/~dannf/check-implicit-pointer-functions
| [2] http://wiki.debian.org/ImplicitPointerConversions
|
| The libldap API has been updated and many functions used by the ldap
| plugin are now deprecated. This package should either update to the
| new API or define LDAP_DEPRECATED to continue using the deprecated
| interfaces.
|
| This patch implements the lazy solution.
[ http://bugs.debian.org/463322 ]
(Contributed by Dann Frazier, forwarded by Jan Wagner.)
|
|
The usage output of check_game was wrong, see:
http://bugs.debian.org/307905
(Fixed by Sean Finney, forwarded by Jan Wagner.)
|
|
The fix is making SNI an option.
|
|
Rework last patch, copying the converted portion of the string rather
than re-converting it. This is safer for backwards-compatibility as the
value is never modified.
|