Age | Commit message (Collapse) | Author | Files | Lines |
|
Fixes many instances of
warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result [-Wunused-result]
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
|
Apparently some people used -f '<nagios@example.com>' to work around
the bug I just fixed in the MAIL FROM: command generation. Although
the resulting command wasn't RFC-compliant, it was working with some
MTAs, so let's continue to support this syntax now that we generate
RFC-compliant commands.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
|
Every version of the SMTP standard (from RFC 821 to the current RFC
5321) requires the address following MAIL FROM: to follow the colon
immediately (with no space) and to be surrounded by angle brackets.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
|
When using the 1.4.15 release of the Nagios Plugins, a command such as
check_tcp -H pop.example.com -p 995 -D 14
usually produced two lines of output, e.g.:
OK - Certificate will expire on 12/13/2014 23:59.
TCP OK - 0.009 second response time on port 995|time=0.008849s;;;0.000000;10.000000
The second line was removed by 4d06603060fc1233861b164870f0d3a2e0d8d2eb.
However, as the old two-line output is a valid (though in this case
unintended) way to spit out performance data, removing the second line
might break current setups. Therefore, we revert to the old behaviour,
at least for the moment.
The issue was reported by Jochen Bern on the "nagiosplug-devel" mailing
list (Message-ID: <4FEAE812.8030309@LINworks.de>).
|
|
|
|
Add --perf-oids option for check_snmp to retain optional 1.4.14 compatibility
|
|
|
|
fixed typo in sslutils
|
|
expiration checks of check_tcp, check_http, check_smtp
|
|
Our die() function expects the caller to append the trailing newline
character.
|
|
Conflicts:
NEWS
|
|
Don't return a WARNING state if the number of lost packets is greater
than zero but below the specified warning threshold. This happened
because the check_ping plugin used the exit status of the ping(1)
utility. (#3535140 - Tobias Brox)
|
|
In the C shell and in the Z shell, the "?" character must be quoted or
backslash-escaped in order to use it verbatim. Therefore, a command
such as
check_by_ssh -H test.example.com -l joe echo huh?
might fail, depending on joe's login shell on test.example.com.
Just to make sure, this commit removes most punctuation characters from
our test strings.
|
|
The ping6(1) implementation provided by Debian's iputils-ping package
may produce output such as the following:
| 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2009ms
There's a corresponding pattern in check_ping.c:458:
| "%*d packets transmitted, %*d received, +%*d errors, %d%% packet loss"
Without this fix, the pattern in check_ping.c:456 matched first (as
sscanf(3) interprets "+3" as a match for "%d"):
| "%*d packets transmitted, %*d received, %d%% loss, time"
(#1894850 - Debian bug report #514588 - Matej Vela)
|
|
Fix indentation and whitespace issues, and correct some capitalization
errors in error messages. The behaviour is unchanged.
|
|
GnuTLS doesn't support SSL version 2.
|
|
|
|
This patch use the utxent function family to collect the user data. It improve the check speed.
Need a system conforming to POSIX.1-2001.
|
|
Recent versions/builds seem to disable that feature.
|
|
The support for specifying the desired SSL protocol version via an
optional -S/--ssl argument broke the -C/--certificate option. This is
fixed now.
|
|
SSL initialization errors are now handled properly by check_http
(#3095106 - Eric Schoeller).
|
|
The check_http -S/--ssl option now takes an optional argument which
specifies the desired SSL/TLS protocol version (#3285367 - Jason Lunn).
|
|
Some versions of OpenSSL fail to negotiate the SSL connection with at
least some versions of Tomcat if stateless SSL session resumption
support (see RFC4507) is enabled:
| CRITICAL - Cannot make SSL connection
| 140099330348712:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message:s3_pkt.c:1195:SSL alert number 10
The problem is reproducible with OpenSSL 1.0.0h, but not with OpenSSL
0.9.8o-4squeeze12 (as shipped with Debian 6.0.4). We work around it by
disabling the RFC4507 functionality when using OpenSSL versions which
support it.
Thanks to Dag Bakke for reporting the issue and for giving me access to
a server I could use to reproduce the problem.
|
|
|
|
ssh://nagiosplug.git.sourceforge.net/gitroot/nagiosplug/nagiosplug
|
|
|
|
Add a note to the --help output which clarifies that check_http doesn't
perform certificate verification (beyond what the "-C" option does).
(Suggested by Michael Renner in Debian bug report #644627, forwarded by
Jan Wagner.)
|
|
Replace all occurrences of "strstr(s, "c") == s" with "s[0] == 'c'".
|
|
Fix the code which accepts a comma-separated list of labels specified
via the "-l" option.
(Spotted by Oskar Liljeblad in Debian bug report #647020, forwarded by
Jan Wagner.)
|
|
|
|
It won't trust us about msg containing no format string, and fail miserably
when compiled with -Werror=format-security. Reported by spy6 on IRC.
|
|
The undocumented --host has been changed to --hostname which is actually
mentioned in --help. Thanks to lgarrett (#3191388)
|
|
certificate errors (Opsview team)
|
|
Duncan Ferguson)
|
|
|
|
Abort immediately if we don't receive a server greeting or if the
greeting doesn't contain the "--expect"ed string (by default: "220")
instead of blindly sending the EHLO/HELO line.
Spotted by Daniel Piddock, see Debian bug report #611914.
|
|
This patch adds a check for the certificate cn (hostname) to normal
certificate checks. It returns CRITICAL if th cn is missing, otherwise it
prints it in the normal output.
Patch by Stéphane Urbanovski
|
|
parsing of
performance data. Now replaced with ','
|
|
1. Timetick test could fail with uptime > 115 days. Thresholds are
double type, so it's safe to put a large number even for 32bit systems.
2. Add a test based on an invalid bug report, worthy anyway.
|
|
This enables floating point and ranges, and make the code more standard.
|
|
|
|
My Test::More wouldn't print the total number of tests anymore, moving
the plan at the top appears to fix it.
At the same time I made check-http.t eval the special modules so it can
skip the tests instead of failing.
|
|
This reverts commit 896962a1ad1b7d7c75d42c565b06cc799feb0a7c.
Conflicts:
NEWS
plugins/tests/check_snmp.t
Notes:
Reverting because I rebased a patch that was doing the same thing, plus
fixing more related regressions, and both didn't work together.
I kept the tests intact except for one that wouldn't pass on 1.4.14
either
|
|
- Use /var/tmp for state if no state dir environment variable is set,
this avoid the need for a writable localstatedir during tests.
- Use "rm -f", mostly to avoid printing out garbage of the directory
doesn't exists
|
|
Original patch to make Timeticks works as in check_snmp v1.4.14, it turns
out is_numeric isn't so useful and treating all types as numeric works
best for backwards-compatibility. This is how it used to work in 1.4.14.
As a special case, I also make calculate_rate look up for numeric values
as it would otherwise return the last value instead.
|
|
group (Bekar - #2973603)
Various values (dused_pct, dfree_pct, inodes_free, inodes_total, ...) are now carried in
the parameter_list structure. Assignments have been moved to a subroutine preventing
code redundancies.
Group metrics are now calculated based on units rather than blocks. This fixes freespace calculation
when blocksizes differ within a group.
|
|
numbers (according to strtod) to be a numeric value for threshold and
performance data
|
|
Patch originally by Ryan Kelly
|
|
|
|
|