summaryrefslogtreecommitdiffstats
path: root/plugins
AgeCommit message (Collapse)AuthorFilesLines
2021-04-10Using snprintf which honors the buffers size and guarantees null ↵Florian Lohoff1-1/+1
termination. (Closes: #1601) As strcpy may overflow the resulting buffer: flo@p5:~$ /tmp/f/usr/lib/nagios/plugins/check_pgsql -d "$(seq 1 10000)" *** buffer overflow detected ***: terminated Aborted I would propose to change the code rather like this, using snprintf which honors the buffers size and guarantees null termination.
2021-04-10Updated check_curl.c to display a specific human-readable error message ↵Barak Shohat2-5/+5
where possible
2021-04-10fix check_curl crash if http header contains leading spacesSven Nierlein2-4/+14
check_curl crashes when a (broken) http server returns invalid http header with leading spaces or double colons. This PR adds a fix and a test case for this. Signed-off-by: Sven Nierlein <sven@nierlein.de>
2021-04-10- fix for issue #1562ghciv61-6/+6
1st compare then free up resources
2021-04-10check_curl: added string_statuscode function for printing HTTP/1.1 and ↵Andreas Baumann1-5/+28
HTTP/2 correctly
2021-04-10check_dns: split multiple IP addresses passed in one -a argumentRolf Eike Beer1-3/+17
2021-04-10check_curl: fixed a potential buffer overflow in url bufferAndreas Baumann1-1/+1
2021-04-10check_curl: fixed help, usage and errors for TLS 1.3Andreas Baumann1-2/+2
2020-09-23Merge pull request #1514 from Rasp8e/masterSven Nierlein1-0/+15
Proxy authorization is now kept when using PROXY + CONNECT to HTTPS
2020-05-20detect unreachable dns service in nslookup output (from bind-utils-9.8.2)refs/pull/1634/headghciv61-1/+6
prevent core if error_scan detects an error in a line without ':'
2020-05-18check_curl: host_name may be nullrefs/pull/1535/headSven Nierlein1-4/+4
for example when using like: ./check_curl localhost
2020-05-18update test parameter according to check_httpSven Nierlein1-26/+9
2020-05-18check_curl: use CURLOPT_RESOLVE to fix connecting to the right ipSven Nierlein1-0/+11
when using ssl, the composed url contains the hostname instead of the specified ip. So use CURLOPT_RESOLVE to make curl still connect to the ip.
2020-05-18check_curl: clean trailing whitespaceSven Nierlein1-7/+7
2020-05-15merge test changes from check_httpSven Nierlein1-10/+11
the example certificate has changed since.
2020-05-15tests: update expired test certificateSven Nierlein3-35/+53
the certificate used to test expired http checks is to old to be used with recent ssl libraries and results in: > SSL routines:SSL_CTX_use_certificate:ee key too small unfortunatly the error is only visible when setting $IO::Socket::SSL::DEBUG in the check_http.t file.
2020-01-09Merge branch 'master' into feature_check_curlAndreas Baumann3-5/+23
2020-01-07check_tcp: add --sniAlexander A. Klimov1-1/+22
2020-01-07Fix timeout_interval declarationsChristian Tacke2-4/+1
There are different declarations for timeout_interval: lib/utils_base.c has the definition: unsigned int timeout_interval = DEFAULT_SOCKET_TIMEOUT; lib/utils_base.h has the appropiate declaration: extern unsigned int timeout_interval; plugins/popen.h has an extra declaration: extern unsigned int timeout_interval; This doesn't hurt, but it's a dupe. The one in utils_base.h should be enough, so remove this one. plugins/popen.c has a WRONG one: extern int timeout_interval; Remove it! Use #include "utils.h" to get the right one. This makes the local defines for max/min unnecassary, so remove them also.
2019-12-29increased copyrightAndreas Baumann1-2/+2
2019-11-07check_curl: NSS, parse more date formats from certificate (in -C cert check)Andreas Baumann1-1/+5
2019-11-07check_curl: more tolerant CN= parsing when checking certificates (hit on ↵Andreas Baumann1-2/+9
Centos 8)
2019-10-11setting no_body to TRUE when we have a HEAD requestAndreas Baumann1-1/+6
2019-09-07some LIBCURL_VERSION checks around HTTP/2 featureAndreas Baumann1-1/+5
2019-09-07added --http-version option to check_curl to choose HTTP versionAndreas Baumann1-1/+26
2019-09-07improved curlhelp_parse_statusline to handle both HTTP/1.x and HTTP/2Andreas Baumann1-12/+23
2019-09-07check_curl: updates embedded picohttpparser to newest git versionAndreas Baumann2-23/+46
2019-09-07setting progname of check_curl plugin to check_curl (at least for now)Andreas Baumann1-1/+1
2019-07-18Merge branch 'master' into feature_check_curlAndreas Baumann5-57/+25
2019-05-24fix maxfd being zeroSven Nierlein4-57/+23
If _SC_OPEN_MAX is available then maxfd was zero initialized and never set to the value from sysconf. This leads to segfaults with free(): invalid size introduced by commit 7cafb0e84550035fe671662c293122be975065ca. Signed-off-by: Sven Nierlein <sven@nierlein.de>
2019-04-09include -P switch in helprefs/pull/1591/headChristopher Odenbach1-0/+2
2019-04-04Merge branch 'master' into feature_check_curlAndreas Baumann37-415/+430
2019-03-28Merge pull request #1491 from odenbach/no_swapSven Nierlein1-8/+8
check_swap: repaired "-n" behaviour
2019-03-21Merge pull request #1586 from computersalat/masterSven Nierlein1-0/+5
improve command examples for 'at least' processes
2019-03-21improve command examples for 'at least' processesrefs/pull/1586/headChrisWi1-0/+5
2019-03-21check_mysql: Allow sockets to be specified to -Hrefs/pull/1587/headRobin Sonefors1-0/+3
The help text says that -H accepts a "unix socket (must be an absolute path)". Now that actually corresponds to reality. Signed-off-by: Robin Sonefors <robin.sonefors@op5.com>
2019-02-19Merge pull request #1506 from sanchezfauste/check_apt_parametersSven Nierlein1-4/+13
Adding packages-warning option to check_apt plugin
2019-02-19Merge pull request #1507 from sanchezfauste/check_load_print_top_procsSven Nierlein1-2/+59
Adding print top consuming processes option to check_load
2019-02-19Merge pull request #1527 from m-kraus/masterSven Nierlein1-1/+2
check_snmp: make calcualtion of timeout value in help output more clear
2019-02-19Merge pull request #1567 from vdanjean/masterSven Nierlein1-3/+47
[check_disk] add support to display inodes usage in perfdata
2019-02-19Merge pull request #1583 from sni/fix_check_by_ssh_timeout_child_leakSven Nierlein7-82/+16
check_by_ssh: fix child process leak on timeouts
2019-02-19renew test certificatesrefs/pull/1585/headSven Nierlein3-42/+58
Signed-off-by: Sven Nierlein <sven@nierlein.de>
2019-02-15check_dns: fix typo in parameter descriptionrefs/pull/1584/headRolf Eike Beer1-1/+1
2019-02-15check_by_ssh: fix child process leak on timeoutsrefs/pull/1583/headSven Nierlein7-82/+16
When check_by_ssh runs into a timeout it simply exits keeping all child processes running. Simply adopting the kill loop from runcmd_timeout_alarm_handler() fixes this. Signed-off-by: Sven Nierlein <sven@nierlein.de>
2019-02-15Merge pull request #1582 from towolf/show_body_for_http_expect_caseSven Nierlein1-0/+2
Also support the --show-body/-B flag when --expect is used
2019-02-15Merge pull request #1545 from DerDakon/dns_orderSven Nierlein1-9/+27
check_dns: improve support for checking multiple addresses
2019-02-12Also support the --show-body/-B flag when --expect is usedrefs/pull/1582/headTobias Wolf1-0/+2
2019-02-04travis-ci: Use RSA keys for SSH testsrefs/pull/1580/headJan Wagner1-1/+1
2019-01-21tests: make check_snmp test more reliablerefs/pull/1578/headSven Nierlein1-52/+58
The check_snmp rate tests depend on the exact amount of time spend between the plugin runs and will fail on busy machines, ex. the ci servers. Using faketime mitigates this issue and also removes all the sleeps. Signed-off-by: Sven Nierlein <sven@nierlein.de>
2019-01-18Simply initializes n before it is usedrefs/pull/1574/headIustin Pop1-0/+1
When SSL is enabled, n is assigned the size of the server's second EHLO response (I think in bytes), which will usually be significantly higher than the command passed. As such, no commands are executed and no responses are checked, which - silently - defeats the desired checks and results in a success value.