| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
eof while reading, errno 0
using check_curl on a probably embedded device responding as 'Server: GoAhead-Webs'
%> check_curl -H ... -S -vvv
> GET / HTTP/1.1
Host: ...
User-Agent: check_curl/v2.4.0 (monitoring-plugins 2.4.0, libcurl/7.76.1 OpenSSL/3.0.7 zlib/1.2.11 brotli/1.0.9 libidn2/2.3.0 libpsl/0.21.1 (+libidn2/2.3.0) libssh/0.10.4/openssl/zlib nghttp2/1.43.0)
Accept: */*
Connection: close
* Mark bundle as not supporting multiuse
* HTTP 1.0, assume close after body
< HTTP/1.0 302 Redirect
< Server: GoAhead-Webs
< Date: Tue Mar 26 17:57:16 2019
< Cache-Control: no-cache, no-store, must-revalidate,private
< Pragma: no-cache
< Expires: 0
< Content-Type: text/html
< X-Frame-Options: sameorigin
< X-XSS-Protection: 1; mode=block
< X-Content-Type-Options: nosniff
< Location: https://...
<
* OpenSSL SSL_read: error:0A000126:SSL routines::unexpected eof while reading, errno 0
* Closing connection 0
reading the discussion on https://github.com/openssl/openssl/discussions/22690 suggest to set the option SSL_OP_IGNORE_UNEXPECTED_EOF
which makes check_curl behave like check_http at this point.
Since this is a rather new flag, fencing it in ifdefs.
And since there can only be one ssl ctx function, we need to move both tasks into one function.
|
|
|
|
Check disk static fixes
|
|
|
|
Variables only used in that specific translation unit should be static
to actually communicate that fact.
Also allows the compiler to detect unused (global) variables.
|
|
|
|
|
|
check_mysql:
* remove unused variables
* convert two practical booleans to real `bool`
|
|
|
|
|
|
|
|
Add more documentation to the help page of check_snmp regarding authe…
|
|
|
|
Previously the --state-regex option accepted only "critical" and
"warning" as values.
This commit changes the strcmp there to strcasecmp to be more tolerant
regarding the input.
|
|
The help output of `check-curl` contained a typo,
the real option is `state-regex` and not `regex-state` as
the help suggests.
Also added the two possible options to avoid confusion.
|
|
From the mere help output for -C / --certificate, I was confused about
what its two integer parameters do. Unfortunately, I also missed out on
the explaining examples later. Since I like to have basic documentation
for each flag, I tried to make the arguments as short as possible.
The other fix was one hyphen too many for the --cookie-jar option.
|
|
This change aims to raise the worst status between the SSL check and the HTTP check.
before:
check_curl -H www.google.fr -S --continue-after-certificate --certificate 4000,4000 ; echo $?
CRITICAL - Certificate '*.google.fr' expires in 74 day(s) (Tue 22 Oct 2024 12:53:52 PM GMT +0000).
HTTP OK: HTTP/2 200 - 22807 bytes in 0.076 second response time |time=0.075516s;;;0.000000;10.000000 size=22807B;;;0;
0
after:
/usr/lib/nagios/ovh/check_curl -H www.google.fr -S --continue-after-certificate --certificate 4000,4000 ; echo $?
CRITICAL - Certificate '*.google.fr' expires in 74 day(s) (Tue 22 Oct 2024 12:53:52 PM GMT +0000).
HTTP OK: HTTP/2 200 - 22840 bytes in 0.090 second response time |time=0.090463s;;;0.000000;10.000000 size=22840B;;;0;
2
|
|
Having a webserver respond with a relative redirect as for ex. in `Location: /path/to.html`
check_curl would use the wrong standard http/https port instead
of crafting the absolute url using the given scheme/hostname and port.
Adding a new test case for this for check_http and check_curl. check_http did
it correct already, so no fix necessary there.
before:
%>./check_curl -H 127.0.0.1 -p 50493 -f follow -u /redirect_rel -s redirected -vvv
**** HEADER ****
HTTP/1.1 302 Found
...
Location: /redirect2
...
* Seen redirect location /redirect2
** scheme: (null)
** host: (null)
** port: (null)
** path: /redirect2
Redirection to http://127.0.0.1:80/redirect2
fixed:
%>./check_curl -H 127.0.0.1 -p 50493 -f follow -u /redirect_rel -s redirected -vvv
**** HEADER ****
HTTP/1.1 302 Found
...
Location: /redirect2
...
* Seen redirect location /redirect2
** scheme: (null)
** host: (null)
** port: (null)
** path: /redirect2
Redirection to http://127.0.0.1:50493/redirect2
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
|
|
this makes tests more reliable if we test our own sites instead some 3rd party site.
Signed-off-by: Sven Nierlein <sven@consol.de>
|
|
* check_ups:
* Update copyright
* General refactoring
* code formatting
* Add ALARM state from ups -> Critical
* Set some more states to be warnings
|
|
|
|
authentication and privacy options
|
|
|
|
|
|
|
|
|
|
|
|
regex check
from the default CRITICAL to something else (#1213)
|
|
|
|
adaugherity noticed in issue #1965, that HAVE_PROC_LOADAVG is never
defined since the symbol was removed from configure quite some time ago.
This commit removes the dead code which would be used when the symbol
would have been defined.
|
|
test case (#1935)
* check_disk: Fail on missing arguments for --warning and --critical
* Add new test function for percentage expressions and use it in check_disk
* Add error abort in tests if they fail to parse output
* Fix typo in test which probably broke the test since forever :-(
|
|
* check_ssh: properly parse a delayed version control string
This resolves an issue with SSH servers which do not respond with their
version control string as the first thing in the SSH protocol version
exchange phase after connection establishment.
This patch also makes sure that we disregard a potential comment in the
version exchange string to avoid nonsense mismatches. In the future, we
might want to add the capability to match against a user specified comment.
In addition, the patch largely improves the communication towards the
server, which adds better protocol adherence.
Of course, new test cases are added to support the trigger and guard
against regressions of the bugs solved by this patch.
This fixes op5#7945 (https://bugs.op5.com/view.php?id=7945)
Signed-off-by: Anton Lofgren <alofgren@op5.com>
* check_ssh.t: Fix a few typos
Signed-off-by: Anton Lofgren <alofgren@op5.com>
* check_ssh: Handle non-alpha software versions
This patch fixes a bug where we would reject version control strings
that do not contain letters, because the assumption is made that they
always do. This is not required by the RFC however, and there exist
implementations that do not contain letters.
I've also added a few references to the RFC to make the process of
parsing the control string more apparent.
This fixes op5#8716 (https://bugs.op5.com/view.php?id=8716)
Signed-off-by: Anton Lofgren <alofgren@op5.com>
* check_ssh: Fix a typo in "remote-protocol parameter
remote-protcol -> remote-protocol
Signed-off-by: Anton Lofgren <alofgren@op5.com>
* Remove unused variable
* Formating fixes
* Update translations
* Remove merge conflict artefact from previous merge
* Set fixed include paths
* Improve code style to be slightly more readable
* Update test cases for different netcat behaviour and reduce sleep time
---------
Signed-off-by: Anton Lofgren <alofgren@op5.com>
Co-authored-by: Anton Lofgren <alofgren@op5.com>
|
|
* check_swap: Change another fake boolen to a real one
* check_swap: Rename type since *_t is reserved for C standard types
* check_swap: Update copyright
|
