Age | Commit message (Collapse) | Author | Files | Lines |
|
When SSL is enabled, n is assigned the size of the server's second EHLO
response (I think in bytes), which will usually be significantly higher
than the command passed. As such, no commands are executed and no responses
are checked, which - silently - defeats the desired checks and results in a
success value.
|
|
|
|
|
|
used"
|
|
SSLv23_client_method() and friends return a pointer to a const-qualified
SSL_METHOD.
|
|
|
|
check_smtp: extended support for expect option
|
|
check_http: added timeout to perfdata as max val
Resolves #1350
|
|
check_disk - show all disks if state is ok and option error only is used
|
|
* monitoring-plugins/pr/1443:
add openssl 1.1 support
|
|
|
|
The radcli library no longer offers the rc_get_ipaddr(),
rc_good_ipaddr(), and rc_own_ipaddress() functions.
|
|
With radcli, the rc_send_server() function expects an additional
argument.
|
|
The radcli library doesn't define the ENV type, and we don't use it
anyway.
|
|
http://radcli.github.io/radcli/
(Closes #1437)
|
|
changes:
- CRYPTO_lock detection replaced in configure.ac. We don't use that
function anywhere, so just replace it with the suggested one from
https://wiki.openssl.org/index.php/Library_Initialization#Autoconf
- OPENSSL_NO_SSL2 is no longer defined while ssl2 is not included.
Set it ourself using the suggested openssl 1.1 version check from
https://wiki.openssl.org/index.php/1.1_API_Changes#Backward_compatibility
- openssl 1.1 sends a sigpipe if the connection is still open when
calling SSL_shutdown(), so move the close before the shutdown.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
If a web page contains a nul character, check_http reads the complete page but --string does not search beyond this character.
|
|
This reverts commit 6cd50bc42cb4b25a3c0f7153df7f83b7262f404b.
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
|
|
check_dig: use +retry instead of +tries
|
|
After upgrading from an Ubuntu/15.10 to 16.04 installation, I noticed that
check_dig is always returning a WARNING:
$ /usr/lib/nagios/plugins/check_dig -l localhost -v
/usr/bin/dig -p 53 @127.0.0.1 localhost A +tries=3 +time=6
Looking for: 'localhost'
DNS WARNING - 0.008 seconds response time (dig returned an error status)|time=0.008274s;;;0.000000
The older Ubuntu installation got its check_dig from the
nagios-plugins-standard package[0] which did not include the +tries
option. The current Ubuntu version provides its check_dig from the
monitoring-plugins-standard package[1], which _does_ use the +tries
option that was introduced with df53473[2].
On my system, it so happens that /usr/bin/dig is provided not by the
(BIND) dnsutils package but by knot-dnsutils[3] from the Knot DNS project.
The Knot dig(1) command doesn't support the +tries option[4] but does
support +retry (which is also supported[5] by the BIND dig(1) command).
One way to fix that would be for me to install the BIND dnsutils package. But I did not
want to do that: it's so much larger in size and pulls in much more dependencies
than the knot-dnsutils package.
The patch below changes check_dig to use +retry instead of +tries. Both
options are similar, but not the same:
+retry - Sets the number of times to retry UDP queries to server to T
instead of the default, 2. Unlike +tries, this does not include
the initial query
As number_tries seems to be hard coded to 3, I've lowered DEFAULT_TRIES to
2 so check_dig should behave as before (with +tries=3).
Thanks,
Christian.
[0] http://packages.ubuntu.com/wily/nagios-plugins-standard
[1] http://packages.ubuntu.com/xenial/monitoring-plugins-standard
[2] https://github.com/monitoring-plugins/monitoring-plugins/commit/df53473
[3] http://packages.ubuntu.com/xenial/knot-dnsutils
[4] https://www.knot-dns.cz/docs/2.x/html/man_kdig.html#notes
[5] https://ftp.isc.org/isc/bind9/cur/9.10/doc/arm/man.dig.html
Signed-off-by: Christian Kujau <lists@nerdbynature.de>
|
|
Remove function unused since commit b5cc292.
Signed-off-by: Sebastian Herbszt <herbszt@gmx.de>
|
|
Enabled snmp tests against snmpd on localhost. It was installed already
in the travis file, we just need to enable the tests by setting the
parameters in the answers file.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
datatype indicator"
This reverts commit 3178c8c0ff18822a04fe01c749f3564887473eed.
|
|
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
check_ntp: remove unused variables
|
|
negate: remove unused variables
|
|
check_disk: remove unused variables
|
|
check_ntp_time: remove unused variables
|
|
check_dns: remove dead code
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
Change solution to display GMT time in the local display format with
the offset number of hours from GMT to be clear about what timezone
this is if the local display format does not include offset.
|
|
This reverts commit 2d9e61a4382b8366331cde7617dbc4e381a0219a.
|
|
Tests need to match new output time and timezone.
|
|
SSL certs are required to use times in GMT per
https://www.ietf.org/rfc/rfc5280.txt but the mktime() here assumes the
current timezone.
Fix the time_t conversion to be done assuming GMT with timegm() and
only do it once rather than twice.
Display the expiry date and time with ISO format years and give an
offset from GMT and a timezone to be very clear about exactly what time
is being displayed. Time given is correct and now in the machine’s
timezone.
|
|
The "-6" optarg now prepends the server_address with "udp6:" for the
snmpget external command as per the net-snmp syntax at:
http://www.net-snmp.org/wiki/index.php/FAQ:Applications_28
Thanks to DrydenK (Roberto Greiner) for the heads up.
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
Fix for issue https://github.com/nagios-plugins/nagios-plugins/issues/81
check_users now uses the standard warning and critical ranges parser and
a standard perdata output routine.
|
|
This fix changes output of check_disk in case of --error-only/-e option
is used and state is ok
- Old output: DISK OK
- New output: DISK OK - free space: / 159731 MB (83% inode=61%);
/dev/shm 2926 MB (100% inode=99%); /boot 58 MB (32% inode=99%);
Resolves: #1420
|
|
right now it is not possible to print the command output of ssh. check_by_ssh
only prints the command itself. This patchs adds printing the output too. This
makes it possible to use ssh with verbose logging which helps debuging any
connection, key or other ssh problems.
Note: you must use -E,--skip-stderr=<high number>, otherwise check_by_ssh would
always exit with unknown state.
Example:
./check_by_ssh -H localhost -o LogLevel=DEBUG3 -C "sleep 1" -E 999 -v
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
* pr/1386:
check_dig: expected answer is now incasesensitive
|
|
|
|
Thus recent Versions of bind will no longer change .IN-ADDR.ARPA to lowercase
as the uppercase version is also valid.
To have check_dns.c consider this fact change strstr to strcasestr
|