From 475ee7b55a24ed6a17e0bb5ef762560ebb0ab152 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Sat, 21 Jul 2007 16:29:01 +0000 Subject: Add "Connection: close" to the HTTP request header, which tells HTTP/1.1 servers to close the connection after completion of the response. This should be compatible with HTTP/1.0, as HTTP/1.0 allows for custom header fields which should be ignored if not recognized by the server. With some server configurations, the server would keep the connection alive without this header line (despite the plugin requesting HTTP/1.0), resulting in the plugin running into either the server's or it's own timeout (reported by Roman Schliessmeyer and Jesse Morgan via IRC). git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1759 f882894a-f735-0410-b71e-b25c423dba1c --- NEWS | 2 ++ plugins/check_http.c | 3 +++ 2 files changed, 5 insertions(+) diff --git a/NEWS b/NEWS index 79c42723..ff9a5eef 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,8 @@ This file documents the major additions and syntax changes between releases. 1.4.10 or 1.5 ?? Fix check_http buffer overflow vulnerability when following HTTP redirects + check_http now explicitly asks HTTP/1.1 servers to close the connection + after completion of the response Check_ldaps' guessing which secure method to use (starttls vs. ssl on connect) is now deprecated. See --help for further information. Check_disk now calls stat() on all filesystems to check. (Old: only the ones selected using -p) diff --git a/plugins/check_http.c b/plugins/check_http.c index 26a074df..b371cd64 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c @@ -782,6 +782,9 @@ check_http (void) asprintf (&buf, "%s %s HTTP/1.0\r\n%s\r\n", http_method, server_url, user_agent); + /* tell HTTP/1.1 servers not to keep the connection alive */ + asprintf (&buf, "%sConnection: close\r\n", buf); + /* optionally send the host header info */ if (host_name) asprintf (&buf, "%sHost: %s\r\n", buf, host_name); -- cgit v1.2.3-74-g34f1