From 97349ae13d65ea91abbe6fd93c34aba28817493e Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Tue, 1 Oct 2013 14:50:04 +0200 Subject: check_ssh: check protocol It would be useful to be able to detect the protocols supported by the remote ssh server to locate any using the insecure ssh v1 protocol. This patch attempts to match against the protocol string in the ssh response. Example: check_ssh -H my.host.com -P 2.0 -- Just turning attached patch of github issue #780 into a push request. (Closes #780) --- plugins/check_ssh.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/check_ssh.c b/plugins/check_ssh.c index 6e8a5fc5..6842c4cf 100644 --- a/plugins/check_ssh.c +++ b/plugins/check_ssh.c @@ -46,6 +46,7 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net"; int port = -1; char *server_name = NULL; char *remote_version = NULL; +char *remote_protocol = NULL; int verbose = FALSE; int process_arguments (int, char **); @@ -53,7 +54,7 @@ int validate_arguments (void); void print_help (void); void print_usage (void); -int ssh_connect (char *haddr, int hport, char *remote_version); +int ssh_connect (char *haddr, int hport, char *remote_version, char *remote_protocol); @@ -78,7 +79,7 @@ main (int argc, char **argv) alarm (socket_timeout); /* ssh_connect exits if error is found */ - result = ssh_connect (server_name, port, remote_version); + result = ssh_connect (server_name, port, remote_version, remote_protocol); alarm (0); @@ -105,6 +106,7 @@ process_arguments (int argc, char **argv) {"timeout", required_argument, 0, 't'}, {"verbose", no_argument, 0, 'v'}, {"remote-version", required_argument, 0, 'r'}, + {"remote-protcol", required_argument, 0, 'P'}, {0, 0, 0, 0} }; @@ -116,7 +118,7 @@ process_arguments (int argc, char **argv) strcpy (argv[c], "-t"); while (1) { - c = getopt_long (argc, argv, "+Vhv46t:r:H:p:", longopts, &option); + c = getopt_long (argc, argv, "+Vhv46t:r:H:p:P:", longopts, &option); if (c == -1 || c == EOF) break; @@ -152,6 +154,9 @@ process_arguments (int argc, char **argv) case 'r': /* remote version */ remote_version = optarg; break; + case 'P': /* remote version */ + remote_protocol = optarg; + break; case 'H': /* host */ if (is_host (optarg) == FALSE) usage2 (_("Invalid hostname/address"), optarg); @@ -206,7 +211,7 @@ validate_arguments (void) int -ssh_connect (char *haddr, int hport, char *remote_version) +ssh_connect (char *haddr, int hport, char *remote_version, char *remote_protocol) { int sd; int result; @@ -254,6 +259,14 @@ ssh_connect (char *haddr, int hport, char *remote_version) exit (STATE_WARNING); } + if (remote_protocol && strcmp(remote_protocol, ssh_proto)) { + printf + (_("SSH WARNING - %s (protocol %s) protocol version mismatch, expected '%s'\n"), + ssh_server, ssh_proto, remote_protocol); + close(sd); + exit (STATE_WARNING); + } + elapsed_time = (double)deltime(tv) / 1.0e6; printf @@ -296,6 +309,9 @@ print_help (void) printf (" %s\n", "-r, --remote-version=STRING"); printf (" %s\n", _("Warn if string doesn't match expected server version (ex: OpenSSH_3.9p1)")); + printf (" %s\n", "-P, --remote-protocol=STRING"); + printf (" %s\n", _("Warn if protocol doesn't match expected protocol version (ex: 2.0)")); + printf (UT_VERBOSE); printf (UT_SUPPORT); -- cgit v1.2.3-74-g34f1 From 083952c426a250eaf6810b3b22e7555e4aeb3f2d Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Thu, 12 Jun 2014 00:02:26 +0200 Subject: Fix compilation with GnuTLS GnuTLS doesn't provide a SSL_CTX_check_private_key() function. Closes #1254. --- plugins/sslutils.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'plugins') diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 2732125d..687bffb7 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c @@ -86,10 +86,12 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int if (cert && privkey) { SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); +#ifdef USE_OPENSSL if (!SSL_CTX_check_private_key(c)) { printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); return STATE_CRITICAL; } +#endif } #ifdef SSL_OP_NO_TICKET SSL_CTX_set_options(c, SSL_OP_NO_TICKET); -- cgit v1.2.3-74-g34f1 From 3529d7465d31234ec634939ed1a6bdc915b73ccd Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 12 Jun 2014 11:45:49 +0200 Subject: tests: parts of the check_procs test only work when uid -2 exists skip those tests if the uid does not exist Signed-off-by: Sven Nierlein --- plugins/tests/check_procs.t | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) (limited to 'plugins') diff --git a/plugins/tests/check_procs.t b/plugins/tests/check_procs.t index 1ad2c2f1..b153d5d2 100755 --- a/plugins/tests/check_procs.t +++ b/plugins/tests/check_procs.t @@ -48,21 +48,25 @@ SKIP: { like( $result->output, '/^PROCS OK: 1 process with command name \'launchd\', UID = 501 (.*)$/', "Output correct" ); } -$result = NPTest->testCmd( "$command -u -2 -w 2:2" ); -is( $result->return_code, 1, "Checking processes with userid=-2" ); -like( $result->output, '/^PROCS WARNING: 3 processes with UID = -2 \(nobody\)$/', "Output correct" ); +SKIP: { + skip 'user with uid -2 required', 8 unless getpwuid(-2); + + $result = NPTest->testCmd( "$command -u -2 -w 2:2" ); + is( $result->return_code, 1, "Checking processes with userid=-2" ); + like( $result->output, '/^PROCS WARNING: 3 processes with UID = -2 \(nobody\)$/', "Output correct" ); -$result = NPTest->testCmd( "$command -u -2 -w 3:3" ); -is( $result->return_code, 0, "Checking processes with userid=-2 past threshold" ); -like( $result->output, '/^PROCS OK: 3 processes with UID = -2 \(nobody\)$/', "Output correct" ); + $result = NPTest->testCmd( "$command -u -2 -w 3:3" ); + is( $result->return_code, 0, "Checking processes with userid=-2 past threshold" ); + like( $result->output, '/^PROCS OK: 3 processes with UID = -2 \(nobody\)$/', "Output correct" ); -$result = NPTest->testCmd( "$command -u -2 -a usb" ); -is( $result->return_code, 0, "Checking processes with userid=-2 and usb in arguments" ); -like( $result->output, '/^PROCS OK: 1 process with UID = -2 \(nobody\), args \'usb\'/', "Output correct" ); + $result = NPTest->testCmd( "$command -u -2 -a usb" ); + is( $result->return_code, 0, "Checking processes with userid=-2 and usb in arguments" ); + like( $result->output, '/^PROCS OK: 1 process with UID = -2 \(nobody\), args \'usb\'/', "Output correct" ); -$result = NPTest->testCmd( "$command -u -2 -a UsB" ); -is( $result->return_code, 0, "Checking case sensitivity of args" ); -like( $result->output, '/^PROCS OK: 0 processes with UID = -2 \(nobody\), args \'UsB\'/', "Output correct" ); + $result = NPTest->testCmd( "$command -u -2 -a UsB" ); + is( $result->return_code, 0, "Checking case sensitivity of args" ); + like( $result->output, '/^PROCS OK: 0 processes with UID = -2 \(nobody\), args \'UsB\'/', "Output correct" ); +}; $result = NPTest->testCmd( "$command --ereg-argument-array='mdworker.*501'" ); is( $result->return_code, 0, "Checking regexp search of arguments" ); -- cgit v1.2.3-74-g34f1 From c5a6c5136a2a7e629907b04a63dff059603bdb09 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Thu, 12 Jun 2014 13:56:48 +0200 Subject: tests: testCmd has own timeout which overwrites local one so add configurable/optional timeout to testCmd. Signed-off-by: Sven Nierlein --- NPTest.pm | 5 +++-- plugins/tests/check_http.t | 24 +++++++++--------------- 2 files changed, 12 insertions(+), 17 deletions(-) (limited to 'plugins') diff --git a/NPTest.pm b/NPTest.pm index 2baed0b0..e04ebba3 100644 --- a/NPTest.pm +++ b/NPTest.pm @@ -627,12 +627,13 @@ sub only_output { } sub testCmd { - my $class = shift; + my $class = shift; my $command = shift or die "No command passed to testCmd"; + my $timeout = shift || 120; my $object = $class->new; local $SIG{'ALRM'} = sub { die("timeout in command: $command"); }; - alarm(120); # no test should take longer than 120 seconds + alarm($timeout); # no test should take longer than 120 seconds my $output = `$command`; $object->return_code($? >> 8); diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 2c89beb0..c40bb076 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -392,27 +392,21 @@ sub run_common_tests { skip "This doesn't seems to work all the time", 1 unless ($ENV{HTTP_EXTERNAL}); $cmd = "$command -f follow -u /redir_external -t 5"; eval { - local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(2); - $result = NPTest->testCmd( $cmd ); - alarm(0); }; - is( $@, "alarm\n", $cmd ); + $result = NPTest->testCmd( $cmd, 2 ); + }; + like( $@, "/timeout in command: $cmd/", $cmd ); } $cmd = "$command -u /timeout -t 5"; eval { - local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(2); - $result = NPTest->testCmd( $cmd ); - alarm(0); }; - is( $@, "alarm\n", $cmd ); + $result = NPTest->testCmd( $cmd, 2 ); + }; + like( $@, "/timeout in command: $cmd/", $cmd ); $cmd = "$command -f follow -u /redir_timeout -t 2"; eval { - local $SIG{ALRM} = sub { die "alarm\n" }; - alarm(5); - $result = NPTest->testCmd( $cmd ); - alarm(0); }; - isnt( $@, "alarm\n", $cmd ); + $result = NPTest->testCmd( $cmd, 5 ); + }; + is( $@, "", $cmd ); } -- cgit v1.2.3-74-g34f1 From fb89accaaa831def2f948192a04eae84c4777531 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Fri, 13 Jun 2014 14:01:12 +0200 Subject: require at least HTTP::Daemon 6.01 since the test uses send_header from HTTP::Daemon::ClientConn which has been introduced in HTTP::Daemon 6.01 --- plugins/tests/check_http.t | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index c40bb076..225b449f 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -20,8 +20,9 @@ use FindBin qw($Bin); my $common_tests = 70; my $ssl_only_tests = 8; # Check that all dependent modules are available +eval "use HTTP::Daemon 6.01;"; +plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@; eval { - require HTTP::Daemon; require HTTP::Status; require HTTP::Response; }; -- cgit v1.2.3-74-g34f1 From 93901d5ff10cd7fd915cc09d7c496cec49f82ce5 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Fri, 13 Jun 2014 14:20:14 +0200 Subject: tests: fping checks require being root or setuid root on the fping binary. Check this before running the test. Signed-off-by: Sven Nierlein --- NPTest.pm | 29 ++++++++++++++++++++++++++--- plugins/t/check_fping.t | 14 ++++++++------ 2 files changed, 34 insertions(+), 9 deletions(-) (limited to 'plugins') diff --git a/NPTest.pm b/NPTest.pm index e04ebba3..f72ed2df 100644 --- a/NPTest.pm +++ b/NPTest.pm @@ -6,7 +6,7 @@ package NPTest; require Exporter; @ISA = qw(Exporter); -@EXPORT = qw(getTestParameter checkCmd skipMissingCmd); +@EXPORT = qw(getTestParameter checkCmd skipMissingCmd skipMsg); @EXPORT_OK = qw(DetermineTestHarnessDirectory TestsFrom SetCacheFilename); use strict; @@ -38,8 +38,8 @@ testing. =head1 FUNCTIONS -This module defines three public functions, C, -C and C. These are exported by +This module defines four public functions, C, +C, C and C. These are exported by default via the C statement. =over @@ -185,6 +185,15 @@ of times. =back +=item C + +If for any reason the test harness must C some +or all of the tests in a given test harness this function provides a +simple iterator to issue an appropriate message the requested number +of times. + +=back + =head1 SEE ALSO L @@ -304,6 +313,20 @@ sub skipMissingCmd return $testStatus; } +sub skipMsg +{ + my( $msg, $count ) = @_; + + my $testStatus; + + for ( 1 .. $count ) + { + $testStatus += skip( $msg, 1 ); + } + + return $testStatus; +} + sub getTestParameter { my( $param, $envvar, $default, $brief, $scoped ); diff --git a/plugins/t/check_fping.t b/plugins/t/check_fping.t index 45a9be8a..08692e46 100644 --- a/plugins/t/check_fping.t +++ b/plugins/t/check_fping.t @@ -27,16 +27,18 @@ my $hostname_invalid = getTestParameter( "hostname_invalid", "NP_HOSTNAME_IN my $t; -if ( -x "./check_fping" ) -{ +my $fping = qx(which fping 2> /dev/null); +chomp($fping); +if( ! -x "./check_fping") { + $t += skipMissingCmd( "./check_fping", $tests ); +} +elsif ( $> != 0 && (!$fping || ! -u $fping)) { + $t += skipMsg( "./check_fping", $tests ); +} else { $t += checkCmd( "./check_fping $host_responsive", 0, $successOutput ); $t += checkCmd( "./check_fping $host_nonresponsive", [ 1, 2 ] ); $t += checkCmd( "./check_fping $hostname_invalid", [ 1, 2 ] ); } -else -{ - $t += skipMissingCmd( "./check_fping", $tests ); -} exit(0) if defined($Test::Harness::VERSION); exit($tests - $t); -- cgit v1.2.3-74-g34f1 From 4102eaae0e50d514eb277e12c9ab382aed3a888c Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Fri, 13 Jun 2014 15:57:21 +0200 Subject: tests: check_proc tests fail if uid -2 does not map to nobody so make sure our tests only run if -2 maps to nobody Signed-off-by: Sven Nierlein --- plugins/tests/check_procs.t | 1 + 1 file changed, 1 insertion(+) (limited to 'plugins') diff --git a/plugins/tests/check_procs.t b/plugins/tests/check_procs.t index b153d5d2..54d43d9b 100755 --- a/plugins/tests/check_procs.t +++ b/plugins/tests/check_procs.t @@ -50,6 +50,7 @@ SKIP: { SKIP: { skip 'user with uid -2 required', 8 unless getpwuid(-2); + skip 'uid -2 must have name "nobody"', 8 unless getpwuid(-2) eq 'nobody'; $result = NPTest->testCmd( "$command -u -2 -w 2:2" ); is( $result->return_code, 1, "Checking processes with userid=-2" ); -- cgit v1.2.3-74-g34f1 From b2fed383b1a04e64731333957fb098d77627cfdb Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Fri, 13 Jun 2014 16:34:03 +0200 Subject: tests: freebsds snmpd does not use quotes when returning syscontact. So make them optional since we want to test check_snmp and not the snmpd. Signed-off-by: Sven Nierlein --- plugins/tests/check_snmp.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/tests/check_snmp.t b/plugins/tests/check_snmp.t index d865e190..aace9bcc 100755 --- a/plugins/tests/check_snmp.t +++ b/plugins/tests/check_snmp.t @@ -79,7 +79,7 @@ Copyright (c) 1986-2004 by cisco Systems, Inc. $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.0 -o sysContact.0 -o .1.3.6.1.4.1.8072.3.2.67.1"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying multi-line OIDs" ); like($res->output, '/^SNMP OK - /', "String contains SNMP OK"); -like($res->output, '/'.quotemeta('SNMP OK - Cisco Internetwork Operating System Software "Alice" Kisco Outernetwork Oserating Gystem Totware | +like($res->output, '/'.quotemeta('SNMP OK - Cisco Internetwork Operating System Software ').'"?Alice"?'.quotemeta(' Kisco Outernetwork Oserating Gystem Totware | .1.3.6.1.4.1.8072.3.2.67.0: "Cisco Internetwork Operating System Software IOS (tm) Catalyst 4000 \"L3\" Switch Software (cat4000-I9K91S-M), Version -- cgit v1.2.3-74-g34f1 From b63974c2cb39705eacc4733ca7a376fde7d0921d Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Wed, 18 Jun 2014 18:40:23 +0200 Subject: plugins/runcmd.c: Remove superfluous newline The puts(3) function already appends a newline character to the string. --- plugins/runcmd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/runcmd.c b/plugins/runcmd.c index 4352e603..1a7c904f 100644 --- a/plugins/runcmd.c +++ b/plugins/runcmd.c @@ -261,7 +261,7 @@ runcmd_timeout_alarm_handler (int signo) size_t i; if (signo == SIGALRM) - puts(_("CRITICAL - Plugin timed out while executing system call\n")); + puts(_("CRITICAL - Plugin timed out while executing system call")); if(np_pids) for(i = 0; i < maxfd; i++) { if(np_pids[i] != 0) kill(np_pids[i], SIGKILL); -- cgit v1.2.3-74-g34f1 From c0311d98481b783f1d24dd6c59fe25ce994a090d Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Sun, 22 Jun 2014 14:10:38 +0200 Subject: check_radius: Support FreeRADIUS Client library Allow for using the FreeRADIUS Client library instead of radiusclient or radiusclient-ng. The latter two projects are dead. Closes #1231. --- NEWS | 1 + REQUIREMENTS | 10 ++++++---- configure.ac | 11 +++++++++-- plugins/check_radius.c | 21 ++++++++++++++------- 4 files changed, 30 insertions(+), 13 deletions(-) (limited to 'plugins') diff --git a/NEWS b/NEWS index 4c511790..796bb2da 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,7 @@ This file documents the major additions and syntax changes between releases. check_ide_smart now defaults to plugin output, original output appended with -v Extra-Opts are now enabled by default check_swap now supports a configurable state when there is no swap + check_radius now supports the FreeRADIUS Client library FIXES Don't let e.g. check_http's -C option reset SSL version if e.g. -S 1 -C 5 is specified diff --git a/REQUIREMENTS b/REQUIREMENTS index 994764c6..303fd62b 100644 --- a/REQUIREMENTS +++ b/REQUIREMENTS @@ -50,14 +50,16 @@ check_dbi: http://libdbi.sourceforge.net/ check_radius: - - Requires the radiusclient-ng library available from: + - Requires the FreeRADIUS Client library available from: + http://freeradius.org/freeradius-client/ + - As an alternative, the radiusclient-ng library may be used: http://sourceforge.net/projects/radiusclient-ng.berlios/ - This plugin also works with the original radiusclient library from ftp://ftp.cityline.net/pub/radiusclient/ RPM (rpmfind): radiusclient 0.3.2, radiusclient-devel-0.3.2 - Unless you're using a distro-maintained version of this library you - probably want to use radiusclient-ng. The original radiusclient library is - unmaintained and has many known issues, particularly with 64bit systems. + However, you probably want to use the FreeRADIUS Client library, as + both radiusclient and radiusclient-ng are unmaintained and have known + issues. check_snmp: - Requires the NET-SNMP package available from diff --git a/configure.ac b/configure.ac index a7501ab7..9aaa515e 100644 --- a/configure.ac +++ b/configure.ac @@ -286,8 +286,15 @@ AS_IF([test "x$with_radius" != "xno"], [ RADIUSLIBS="-lradiusclient-ng" AC_SUBST(RADIUSLIBS) else - AC_MSG_WARN([Skipping radius plugin]) - AC_MSG_WARN([install radius libs to compile this plugin (see REQUIREMENTS).]) + AC_CHECK_LIB(freeradius-client,rc_read_config) + if test "$ac_cv_lib_freeradius_client_rc_read_config" = "yes"; then + EXTRAS="$EXTRAS check_radius\$(EXEEXT)" + RADIUSLIBS="-lfreeradius-client" + AC_SUBST(RADIUSLIBS) + else + AC_MSG_WARN([Skipping radius plugin]) + AC_MSG_WARN([install radius libs to compile this plugin (see REQUIREMENTS).]) + fi fi fi LIBS="$_SAVEDLIBS" diff --git a/plugins/check_radius.c b/plugins/check_radius.c index 3481f0cc..9394d26d 100644 --- a/plugins/check_radius.c +++ b/plugins/check_radius.c @@ -36,9 +36,10 @@ const char *email = "devel@monitoring-plugins.org"; #include "utils.h" #include "netutils.h" -#ifdef HAVE_LIBRADIUSCLIENT_NG +#if defined(HAVE_LIBFREERADIUS_CLIENT) +#include +#elif defined(HAVE_LIBRADIUSCLIENT_NG) #include -rc_handle *rch = NULL; #else #include #endif @@ -47,11 +48,14 @@ int process_arguments (int, char **); void print_help (void); void print_usage (void); -/* libradiusclient(-ng) wrapper functions */ -#ifdef HAVE_LIBRADIUSCLIENT_NG +#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) #define my_rc_conf_str(a) rc_conf_str(rch,a) #define my_rc_send_server(a,b) rc_send_server(rch,a,b) +#ifdef HAVE_LIBFREERADIUS_CLIENT +#define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,(a)->secret,e,f) +#else #define my_rc_buildreq(a,b,c,d,e,f) rc_buildreq(rch,a,b,c,d,e,f) +#endif #define my_rc_own_ipaddress() rc_own_ipaddress(rch) #define my_rc_avpair_add(a,b,c,d) rc_avpair_add(rch,a,b,c,-1,d) #define my_rc_read_dictionary(a) rc_read_dictionary(rch, a) @@ -72,6 +76,10 @@ void print_usage (void); int my_rc_read_config(char *); +#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) +rc_handle *rch = NULL; +#endif + char *server = NULL; char *username = NULL; char *password = NULL; @@ -142,11 +150,10 @@ Please note that all tags must be lowercase to use the DocBook XML DTD. int main (int argc, char **argv) { - UINT4 service; char msg[BUFFER_LEN]; SEND_DATA data; int result = STATE_UNKNOWN; - UINT4 client_id; + uint32_t client_id, service; char *str; setlocale (LC_ALL, ""); @@ -392,7 +399,7 @@ print_usage (void) int my_rc_read_config(char * a) { -#ifdef HAVE_LIBRADIUSCLIENT_NG +#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) rch = rc_read_config(a); return (rch == NULL) ? 1 : 0; #else -- cgit v1.2.3-74-g34f1 From 7979837c0d337e11354935fbf5a82c329c18841f Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Sun, 22 Jun 2014 21:43:38 +0200 Subject: check_radius.c: Add newline to die() calls Our die() function doesn't append a newline character to the message. --- plugins/check_radius.c | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'plugins') diff --git a/plugins/check_radius.c b/plugins/check_radius.c index 9394d26d..b2943475 100644 --- a/plugins/check_radius.c +++ b/plugins/check_radius.c @@ -169,7 +169,7 @@ main (int argc, char **argv) str = strdup ("dictionary"); if ((config_file && my_rc_read_config (config_file)) || my_rc_read_dictionary (my_rc_conf_str (str))) - die (STATE_UNKNOWN, _("Config file error")); + die (STATE_UNKNOWN, _("Config file error\n")); service = PW_AUTHENTICATE_ONLY; @@ -178,24 +178,24 @@ main (int argc, char **argv) my_rc_avpair_add (&data.send_pairs, PW_USER_NAME, username, 0) && my_rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0) )) - die (STATE_UNKNOWN, _("Out of Memory?")); + die (STATE_UNKNOWN, _("Out of Memory?\n")); if (nasid != NULL) { if (!(my_rc_avpair_add (&data.send_pairs, PW_NAS_IDENTIFIER, nasid, 0))) - die (STATE_UNKNOWN, _("Invalid NAS-Identifier")); + die (STATE_UNKNOWN, _("Invalid NAS-Identifier\n")); } if (nasipaddress != NULL) { if (rc_good_ipaddr (nasipaddress)) - die (STATE_UNKNOWN, _("Invalid NAS-IP-Address")); + die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); if ((client_id = rc_get_ipaddr(nasipaddress)) == 0) - die (STATE_UNKNOWN, _("Invalid NAS-IP-Address")); + die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); } else { if ((client_id = my_rc_own_ipaddress ()) == 0) - die (STATE_UNKNOWN, _("Can't find local IP for NAS-IP-Address")); + die (STATE_UNKNOWN, _("Can't find local IP for NAS-IP-Address\n")); } if (my_rc_avpair_add (&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL) - die (STATE_UNKNOWN, _("Invalid NAS-IP-Address")); + die (STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); my_rc_buildreq (&data, PW_ACCESS_REQUEST, server, port, (int)timeout_interval, retries); @@ -206,19 +206,19 @@ main (int argc, char **argv) rc_avpair_free (data.receive_pairs); if (result == TIMEOUT_RC) - die (STATE_CRITICAL, _("Timeout")); + die (STATE_CRITICAL, _("Timeout\n")); if (result == ERROR_RC) - die (STATE_CRITICAL, _("Auth Error")); + die (STATE_CRITICAL, _("Auth Error\n")); if (result == REJECT_RC) - die (STATE_WARNING, _("Auth Failed")); + die (STATE_WARNING, _("Auth Failed\n")); if (result == BADRESP_RC) - die (STATE_WARNING, _("Bad Response")); + die (STATE_WARNING, _("Bad Response\n")); if (expect && !strstr (msg, expect)) - die (STATE_WARNING, "%s", msg); + die (STATE_WARNING, "%s\n", msg); if (result == OK_RC) - die (STATE_OK, _("Auth OK")); + die (STATE_OK, _("Auth OK\n")); (void)snprintf(msg, sizeof(msg), _("Unexpected result code %d"), result); - die (STATE_UNKNOWN, "%s", msg); + die (STATE_UNKNOWN, "%s\n", msg); } -- cgit v1.2.3-74-g34f1 From be55da1d2301c002e0ae7b70c21e75cc6b1997a8 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Mon, 23 Jun 2014 22:20:03 +0200 Subject: check_ups/check_dbi: Fixing spelling bug --- plugins/check_dbi.c | 6 +++--- plugins/check_ups.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'plugins') diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c index c6244fd2..a3d033f4 100644 --- a/plugins/check_dbi.c +++ b/plugins/check_dbi.c @@ -215,7 +215,7 @@ main (int argc, char **argv) } if (dbi_conn_connect (conn) < 0) { - np_dbi_print_error (conn, "UNKOWN - failed to connect to database"); + np_dbi_print_error (conn, "UNKNOWN - failed to connect to database"); return STATE_UNKNOWN; } @@ -241,7 +241,7 @@ main (int argc, char **argv) printf ("Selecting database '%s'\n", np_dbi_database); if (dbi_conn_select_db (conn, np_dbi_database)) { - np_dbi_print_error (conn, "UNKOWN - failed to select database '%s'", + np_dbi_print_error (conn, "UNKNOWN - failed to select database '%s'", np_dbi_database); return STATE_UNKNOWN; } @@ -456,7 +456,7 @@ process_arguments (int argc, char **argv) new = realloc (np_dbi_options, (np_dbi_options_num + 1) * sizeof (*new)); if (! new) { - printf ("UNKOWN - failed to reallocate memory\n"); + printf ("UNKNOWN - failed to reallocate memory\n"); exit (STATE_UNKNOWN); } diff --git a/plugins/check_ups.c b/plugins/check_ups.c index 7cced495..099881d0 100644 --- a/plugins/check_ups.c +++ b/plugins/check_ups.c @@ -66,7 +66,7 @@ enum { #define UPSSTATUS_BOOST 512 #define UPSSTATUS_CHRG 1024 #define UPSSTATUS_DISCHRG 2048 -#define UPSSTATUS_UNKOWN 4096 +#define UPSSTATUS_UNKNOWN 4096 enum { NOSUCHVAR = ERROR-1 }; @@ -181,7 +181,7 @@ main (int argc, char **argv) if (status & UPSSTATUS_DISCHRG) { xasprintf (&ups_status, "%s%s", ups_status, _(", Discharging")); } - if (status & UPSSTATUS_UNKOWN) { + if (status & UPSSTATUS_UNKNOWN) { xasprintf (&ups_status, "%s%s", ups_status, _(", Unknown")); } } @@ -379,7 +379,7 @@ determine_status (void) else if (!strcmp (ptr, "DISCHRG")) status |= UPSSTATUS_DISCHRG; else - status |= UPSSTATUS_UNKOWN; + status |= UPSSTATUS_UNKNOWN; } return OK; -- cgit v1.2.3-74-g34f1 From 9ac3fe7d5036e7a3672e32e87db4c252209c862a Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Mon, 23 Jun 2014 22:28:28 +0200 Subject: check_mrtg: Fixing spelling bug --- plugins/check_mrtg.c | 2 +- po/de.po | 2 +- po/fr.po | 2 +- po/monitoring-plugins.pot | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/check_mrtg.c b/plugins/check_mrtg.c index ed75f4ce..cf3fe044 100644 --- a/plugins/check_mrtg.c +++ b/plugins/check_mrtg.c @@ -356,7 +356,7 @@ print_help (void) printf (" %s\n", _("This plugin is useful for monitoring MRTG data that does not correspond to")); printf (" %s\n", _("bandwidth usage. (Use the check_mrtgtraf plugin for monitoring bandwidth).")); printf (" %s\n", _("It can be used to monitor any kind of data that MRTG is monitoring - errors,")); - printf (" %s\n", _("packets/sec, etc. I use MRTG in conjuction with the Novell NLM that allows")); + printf (" %s\n", _("packets/sec, etc. I use MRTG in conjunction with the Novell NLM that allows")); printf (" %s\n", _("me to track processor utilization, user connections, drive space, etc and")); printf (" %s\n\n", _("this plugin works well for monitoring that kind of data as well.")); diff --git a/po/de.po b/po/de.po index b9dd8f26..1b729956 100644 --- a/po/de.po +++ b/po/de.po @@ -1998,7 +1998,7 @@ msgstr "" #: plugins/check_mrtg.c:359 msgid "" -"packets/sec, etc. I use MRTG in conjuction with the Novell NLM that allows" +"packets/sec, etc. I use MRTG in conjunction with the Novell NLM that allows" msgstr "" #: plugins/check_mrtg.c:360 diff --git a/po/fr.po b/po/fr.po index 0537949f..4eaddf54 100644 --- a/po/fr.po +++ b/po/fr.po @@ -2050,7 +2050,7 @@ msgstr "" #: plugins/check_mrtg.c:359 msgid "" -"packets/sec, etc. I use MRTG in conjuction with the Novell NLM that allows" +"packets/sec, etc. I use MRTG in conjunction with the Novell NLM that allows" msgstr "" #: plugins/check_mrtg.c:360 diff --git a/po/monitoring-plugins.pot b/po/monitoring-plugins.pot index 07c1b98f..b4743597 100644 --- a/po/monitoring-plugins.pot +++ b/po/monitoring-plugins.pot @@ -1944,7 +1944,7 @@ msgstr "" #: plugins/check_mrtg.c:359 msgid "" -"packets/sec, etc. I use MRTG in conjuction with the Novell NLM that allows" +"packets/sec, etc. I use MRTG in conjunction with the Novell NLM that allows" msgstr "" #: plugins/check_mrtg.c:360 -- cgit v1.2.3-74-g34f1 From 580bdd286379f6d8b678b9a7472572cfa2684aaf Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Mon, 23 Jun 2014 22:33:29 +0200 Subject: check_ide_smart: Fixing spelling bug --- plugins/check_ide_smart.c | 2 +- po/de.po | 2 +- po/fr.po | 2 +- po/monitoring-plugins.pot | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/check_ide_smart.c b/plugins/check_ide_smart.c index 55faacce..47605e96 100644 --- a/plugins/check_ide_smart.c +++ b/plugins/check_ide_smart.c @@ -419,7 +419,7 @@ nagios (values_t * p, thresholds_t * t) status=STATE_OK; break; default: - printf (_("ERROR - Status '%d' unkown. %d/%d tests passed\n"), status, + printf (_("ERROR - Status '%d' unknown. %d/%d tests passed\n"), status, passed, total); status = STATE_UNKNOWN; break; diff --git a/po/de.po b/po/de.po index 1b729956..51551aef 100644 --- a/po/de.po +++ b/po/de.po @@ -5360,7 +5360,7 @@ msgstr "" #: plugins/check_ide_smart.c:441 #, c-format -msgid "ERROR - Status '%d' unkown. %d/%d tests passed\n" +msgid "ERROR - Status '%d' unknown. %d/%d tests passed\n" msgstr "" #: plugins/check_ide_smart.c:474 diff --git a/po/fr.po b/po/fr.po index 4eaddf54..d88dfe2e 100644 --- a/po/fr.po +++ b/po/fr.po @@ -5448,7 +5448,7 @@ msgstr "OK - En fonctionnement (%d/%d les tests on été réussi)\n" #: plugins/check_ide_smart.c:441 #, c-format -msgid "ERROR - Status '%d' unkown. %d/%d tests passed\n" +msgid "ERROR - Status '%d' unknown. %d/%d tests passed\n" msgstr "ERREUR - État '%d' inconnu. %d/%d les tests on réussi\n" #: plugins/check_ide_smart.c:474 diff --git a/po/monitoring-plugins.pot b/po/monitoring-plugins.pot index b4743597..8f220e98 100644 --- a/po/monitoring-plugins.pot +++ b/po/monitoring-plugins.pot @@ -5217,7 +5217,7 @@ msgstr "" #: plugins/check_ide_smart.c:441 #, c-format -msgid "ERROR - Status '%d' unkown. %d/%d tests passed\n" +msgid "ERROR - Status '%d' unknown. %d/%d tests passed\n" msgstr "" #: plugins/check_ide_smart.c:474 -- cgit v1.2.3-74-g34f1 From b35d12e931c6d330291f5c5f4847c33a122c63cb Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Tue, 24 Jun 2014 15:07:44 +0200 Subject: tests: always build and test on travis also make test is now working on travis-ci Signed-off-by: Sven Nierlein --- .travis.yml | 12 +++++++++- plugins/t/NPTest.cache.travis | 54 +++++++++++++++++++++++++++++++++++++++++++ plugins/t/check_ntp.t | 10 ++++---- plugins/t/check_snmp.t | 2 +- plugins/t/check_udp.t | 2 +- 5 files changed, 72 insertions(+), 8 deletions(-) create mode 100644 plugins/t/NPTest.cache.travis (limited to 'plugins') diff --git a/.travis.yml b/.travis.yml index 7a4c3c62..02fa084e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -6,14 +6,24 @@ before_install: install: - sudo apt-get install -qq --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev libmysqlclient-dev libradiusclient-ng-dev libkrb5-dev libnet-snmp-perl procps + - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader + - sudo apt-get install -qq --no-install-recommends fping snmp netcat smbclient fping pure-ftpd apache2 postfix - sudo apt-get install -qq --no-install-recommends autoconf automake before_script: - tools/setup - ./configure + - make + - export NPTEST_CACHE="$(pwd)/plugins/t/NPTest.cache.travis" + - ssh-keygen -t dsa -N "" -f ~/.ssh/id_dsa + - cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys + - ssh-keyscan localhost >> ~/.ssh/known_hosts + - touch ~/.ssh/config + - sudo rm -f /usr/share/mibs/ietf/SNMPv2-PDU /usr/share/mibs/ietf/IPSEC-SPD-MIB /usr/share/mibs/ietf/IPATM-IPMC-MIB /usr/share/mibs/iana/IANA-IPPM-METRICS-REGISTRY-MIB + - sudo mkdir -p /var/lib/snmp/mib_indexes script: - - if [ "$COVERITY_SCAN_BRANCH" != 1 ]; then make; fi + - if [ "$COVERITY_SCAN_BRANCH" != 1 ]; then make test; fi notifications: irc: diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis new file mode 100644 index 00000000..c1007deb --- /dev/null +++ b/plugins/t/NPTest.cache.travis @@ -0,0 +1,54 @@ +{ + 'MYSQL_LOGIN_DETAILS' => '-u root -d test', + 'NP_ALLOW_SUDO' => 'yes', + 'NP_DNS_SERVER' => '8.8.8.8', + 'NP_GOOD_NTP_SERVICE' => '', + 'NP_HOSTNAME_INVALID' => 'nosuchhost', + 'NP_HOSTNAME_VALID' => 'monitoringplugins.org', + 'NP_HOSTNAME_VALID_IP' => '130.133.8.40', + 'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.', + 'NP_HOST_DHCP_RESPONSIVE' => '', + 'NP_HOST_NONRESPONSIVE' => '10.0.0.1', + 'NP_HOST_RESPONSIVE' => 'localhost', + 'NP_HOST_SMB' => '', + 'NP_HOST_SNMP' => '', + 'NP_HOST_TCP_FTP' => '', + 'NP_HOST_TCP_HPJD' => '', + 'NP_HOST_TCP_HTTP' => 'localhost', + 'NP_HOST_TCP_HTTP2' => 'labs.consol.de', + 'NP_HOST_TCP_IMAP' => 'imap.web.de', + 'NP_HOST_TCP_POP' => 'pop.web.de', + 'NP_HOST_TCP_SMTP' => 'localhost', + 'NP_HOST_TCP_SMTP_NOTLS' => '', + 'NP_HOST_TCP_SMTP_TLS' => '', + 'NP_INTERNET_ACCESS' => 'yes', + 'NP_MOUNTPOINT2_VALID' => '', + 'NP_MOUNTPOINT_VALID' => '/', + 'NP_MYSQL_SERVER' => 'localhost', + 'NP_HOST_UDP_TIME' => 'localhost', + 'NP_MYSQL_SOCKET' => '/var/run/mysqld/mysqld.sock', + 'NP_MYSQL_WITH_SLAVE' => '', + 'NP_MYSQL_WITH_SLAVE_LOGIN' => '', + 'NP_NO_NTP_SERVICE' => 'localhost', + 'NP_SMB_SHARE' => '', + 'NP_SMB_SHARE_DENY' => '', + 'NP_SMB_SHARE_SPC' => '', + 'NP_SMB_VALID_USER' => '', + 'NP_SMB_VALID_USER_PASS' => '', + 'NP_SNMP_COMMUNITY' => '', + 'NP_SSH_CONFIGFILE' => '~/.ssh/config', + 'NP_SSH_HOST' => 'localhost', + 'NP_SSH_IDENTITY' => '~/.ssh/id_dsa', + 'NP_HOST_TCP_JABBER' => 'jabber.org', + 'host_nonresponsive' => '10.0.0.1', + 'host_responsive' => 'localhost', + 'host_snmp' => '', + 'host_tcp_ftp' => '', + 'host_tcp_http' => 'localhost', + 'host_tcp_imap' => 'imap.nierlein.de', + 'host_tcp_smtp' => 'localhost', + 'hostname_invalid' => 'nosuchhost', + 'snmp_community' => '', + 'user_snmp' => '', + 'host_udp_time' => 'none', +} diff --git a/plugins/t/check_ntp.t b/plugins/t/check_ntp.t index 3eee6e17..74d890fa 100644 --- a/plugins/t/check_ntp.t +++ b/plugins/t/check_ntp.t @@ -23,12 +23,12 @@ my $no_ntp_service = getTestParameter( "NP_NO_NTP_SERVICE", "A host NOT providing the NTP service", "localhost" ); -my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", +my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1" ); -my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", - "An invalid (not known to DNS) hostname", +my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", + "An invalid (not known to DNS) hostname", "nosuchhost"); my $ntp_okmatch1 = '/^NTP\sOK:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs/'; @@ -43,7 +43,7 @@ my $ntp_nosuchhost = '/^check_ntp.*: Invalid hostname/address - ' . $hostname_in foreach my $plugin (@PLUGINS1) { SKIP: { - skip "No NTP server defined", 1 unless $ntp_service; + skip "No NTP server defined", 6 unless $ntp_service; $res = NPTest->testCmd( "./$plugin -H $ntp_service -w 1000 -c 2000" ); @@ -88,7 +88,7 @@ foreach my $plugin (@PLUGINS1) { foreach my $plugin (@PLUGINS2) { SKIP: { - skip "No NTP server defined", 1 unless $ntp_service; + skip "No NTP server defined", 6 unless $ntp_service; $res = NPTest->testCmd( "./$plugin -H $ntp_service -w 1000 -c 2000 -W 20 -C 21 -j 100000 -k 200000 -m 1: -n 0:" ); diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t index c35d7821..2d6c44a7 100644 --- a/plugins/t/check_snmp.t +++ b/plugins/t/check_snmp.t @@ -45,7 +45,7 @@ is( $res->return_code, 3, "Invalid protocol" ); like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" ); SKIP: { - skip "no snmp host defined", 38 if ( ! $host_snmp ); + skip "no snmp host defined", 48 if ( ! $host_snmp ); $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" ); diff --git a/plugins/t/check_udp.t b/plugins/t/check_udp.t index 619cadfb..1f6fee70 100644 --- a/plugins/t/check_udp.t +++ b/plugins/t/check_udp.t @@ -62,7 +62,7 @@ SKIP: { cmp_ok( $res->return_code, '==', '2', "Hung waiting for response"); like ( $res->output, '/Socket timeout after 5 seconds/', "Timeout message"); like ( $duration, '/^[56]$/', "Timeout after 5 (possibly 6) seconds"); - my $read_nc = ; + my $read_nc = || ''; close NC; cmp_ok( $read_nc, 'eq', "foofoo", "Data received correctly" ); } -- cgit v1.2.3-74-g34f1 From 6e246799b939d29fe80da03ee39a24ef68f78cb0 Mon Sep 17 00:00:00 2001 From: "Eric J. Mislivec" Date: Thu, 5 Jun 2014 16:05:46 -0500 Subject: Include common.h before any system headers. This should fix some problems building on AIX. --- plugins/check_tcp.c | 3 +-- plugins/negate.c | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 2714961f..ebdccd1b 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -32,13 +32,12 @@ char *progname; const char *copyright = "1999-2008"; const char *email = "devel@monitoring-plugins.org"; -#include - #include "common.h" #include "netutils.h" #include "utils.h" #include "utils_tcp.h" +#include #include #ifdef HAVE_SSL diff --git a/plugins/negate.c b/plugins/negate.c index 4bd09deb..222d2407 100644 --- a/plugins/negate.c +++ b/plugins/negate.c @@ -35,12 +35,12 @@ const char *email = "devel@monitoring-plugins.org"; #define DEFAULT_TIMEOUT 11 -#include - #include "common.h" #include "utils.h" #include "utils_cmd.h" +#include + /* char *command_line; */ static const char **process_arguments (int, char **); -- cgit v1.2.3-74-g34f1 From 9ce73696b0407b43bcd96269fb1fd6c343834475 Mon Sep 17 00:00:00 2001 From: Spenser Reinhardt Date: Thu, 5 Jun 2014 22:43:07 -0500 Subject: plugins/check_apt.c - Print uninitialized ereg Coverity 66531 - ereg.buffer can be printed without being initialized if do_include and do_exclude are null and critical is an invalid regex. While minor this may leak memory and cause undefined behavior. --- plugins/check_apt.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'plugins') diff --git a/plugins/check_apt.c b/plugins/check_apt.c index 4c76a512..07622c2f 100644 --- a/plugins/check_apt.c +++ b/plugins/check_apt.c @@ -223,6 +223,9 @@ int run_upgrade(int *pkgcount, int *secpkgcount){ regex_t ireg, ereg, sreg; char *cmdline=NULL, rerrbuf[64]; + /* initialize ereg as it is possible it is printed while uninitialized */ + memset(&ereg, "\0", sizeof(ereg.buffer)); + if(upgrade==NO_UPGRADE) return STATE_OK; /* compile the regexps */ -- cgit v1.2.3-74-g34f1 From b61f51ad0291cf7051b6ea15ec8f8486f02443f9 Mon Sep 17 00:00:00 2001 From: Spenser Reinhardt Date: Thu, 5 Jun 2014 23:01:35 -0500 Subject: plugins/check_real.c - recv string null terminate Recv into buffer is not properly null terminated prior to strstr and possible other string functions expecting a null termination. Simply take bytes received and use as an index to append \0 after. We are creating buffer[] with size of MAX_INPUT_BUFFER and recv with MAX_INPUT_BUFFER-1 so this should never overflow. --- plugins/check_real.c | 1 + 1 file changed, 1 insertion(+) (limited to 'plugins') diff --git a/plugins/check_real.c b/plugins/check_real.c index 47776c5b..36f64134 100644 --- a/plugins/check_real.c +++ b/plugins/check_real.c @@ -178,6 +178,7 @@ main (int argc, char **argv) /* watch for the REAL connection string */ result = recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0); + buffer[result] = "\0"; /* null terminate recieved buffer */ /* return a CRITICAL status if we couldn't read any data */ if (result == -1) { -- cgit v1.2.3-74-g34f1 From a04df3e1b67dc5eab3adc202cc89901f801cdeaa Mon Sep 17 00:00:00 2001 From: Spenser Reinhardt Date: Sun, 22 Jun 2014 14:49:25 -0500 Subject: plugins/check_ntp.c - Verify struct from response Coverity 66524 - req.data is not neccessarily null terminated but still feed to printf statements. This both does that, and verifies the struct more so than before. - SR --- plugins/check_ntp.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c index 0a7640a7..09a923eb 100644 --- a/plugins/check_ntp.c +++ b/plugins/check_ntp.c @@ -517,13 +517,14 @@ setup_control_request(ntp_control_message *p, uint8_t opcode, uint16_t seq){ double jitter_request(const char *host, int *status){ int conn=-1, i, npeers=0, num_candidates=0, syncsource_found=0; int run=0, min_peer_sel=PEER_INCLUDED, num_selected=0, num_valid=0; - int peers_size=0, peer_offset=0; + int peers_size=0, peer_offset=0, bytes_read=0; ntp_assoc_status_pair *peers=NULL; ntp_control_message req; const char *getvar = "jitter"; double rval = 0.0, jitter = -1.0; char *startofvalue=NULL, *nptr=NULL; void *tmp; + int ntp_cm_ints = sizeof(uint16_t) * 5 + sizeof(uint8_t) * 2; /* Long-winded explanation: * Getting the jitter requires a number of steps: @@ -608,7 +609,15 @@ double jitter_request(const char *host, int *status){ req.count = htons(MAX_CM_SIZE); DBG(printf("recieving READVAR response...\n")); - read(conn, &req, SIZEOF_NTPCM(req)); + + /* cov-66524 - req.data not null terminated before usage. Also covers verifying struct was returned correctly*/ + if ((bytes_read = read(conn, &req, SIZEOF_NTPCM(req))) == -1) + die(STATE_UNKNOWN, _("Cannot read from socket: %s"), strerror(errno)); + if (bytes_read != ntp_cm_ints + req.count) + die(STATE_UNKNOWN, _("Invalid NTP response: %d bytes read does not equal %d plus %d data segment"), bytes_read, ntp_cm_ints, req.count); + /* else null terminate */ + strncpy(req.data[req.count], "\0", 1); + DBG(print_ntp_control_message(&req)); if(req.op&REM_ERROR && strstr(getvar, "jitter")) { -- cgit v1.2.3-74-g34f1 From 5866cb0a09876d6b2a84006bda8aa9de7ea467fd Mon Sep 17 00:00:00 2001 From: Spenser Reinhardt Date: Sun, 22 Jun 2014 15:34:25 -0500 Subject: plugins/check_http.c - leakage fix Coverity 66514 - Possible leakage and overflow with addr in redirect functionality. Not confirmed as null terminated, and externally gathered. Restrict string comparisons and duplications by size. - SR --- plugins/check_http.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/check_http.c b/plugins/check_http.c index 92861d97..51679975 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c @@ -1243,6 +1243,7 @@ redir (char *pos, char *status_line) if (addr == NULL) die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); + memset(addr, 0, MAX_IPV4_HOSTLENGTH); url = malloc (strcspn (pos, "\r\n")); if (url == NULL) die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); @@ -1333,8 +1334,8 @@ redir (char *pos, char *status_line) max_depth, type, addr, i, url, (display_html ? "" : "")); if (server_port==i && - !strcmp(server_address, addr) && - (host_name && !strcmp(host_name, addr)) && + !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && + (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && !strcmp(server_url, url)) die (STATE_WARNING, _("HTTP WARNING - redirection creates an infinite loop - %s://%s:%d%s%s\n"), @@ -1343,11 +1344,11 @@ redir (char *pos, char *status_line) strcpy (server_type, type); free (host_name); - host_name = strdup (addr); + host_name = strndup (addr, MAX_IPV4_HOSTLENGTH); if (!(followsticky & STICKY_HOST)) { free (server_address); - server_address = strdup (addr); + server_address = strndup (addr, MAX_IPV4_HOSTLENGTH); } if (!(followsticky & STICKY_PORT)) { server_port = i; @@ -1366,6 +1367,7 @@ redir (char *pos, char *status_line) printf (_("Redirection to %s://%s:%d%s\n"), server_type, host_name ? host_name : server_address, server_port, server_url); + free(addr); check_http (); } -- cgit v1.2.3-74-g34f1 From 88472d1804d3cd42e0ea8717d75191dfb3e3bbeb Mon Sep 17 00:00:00 2001 From: Spenser Reinhardt Date: Sun, 22 Jun 2014 22:59:03 -0500 Subject: plugins/negate.c - Reorder if statement, aiob Coverity 66480 - Potential array index out of bounds, since result was not verified to be positive prior to using as an index for state[]. Simply reording the if statement should resolve the issue. - SR --- plugins/negate.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/negate.c b/plugins/negate.c index 4bd09deb..7787d018 100644 --- a/plugins/negate.c +++ b/plugins/negate.c @@ -98,8 +98,7 @@ main (int argc, char **argv) die (max_state_alt (result, STATE_UNKNOWN), _("No data returned from command\n")); for (i = 0; i < chld_out.lines; i++) { - if (subst_text && result != state[result] && - result >= 0 && result <= 4) { + if (subst_text && result >= 0 && result <= 4 && result != state[result]) { /* Loop over each match found */ while ((sub = strstr (chld_out.line[i], state_text (result)))) { /* Terminate the first part and skip over the string we'll substitute */ -- cgit v1.2.3-74-g34f1 From aa16beb9711c1a235259401e8883f5d807a0a11d Mon Sep 17 00:00:00 2001 From: Spenser Reinhardt Date: Sun, 22 Jun 2014 23:10:50 -0500 Subject: plugins/negate.c - Function should not return. Coverity 66479 - validate_arguments has no need to return anything, as it dies on error, yet was set to return an int. Set to void to resolve warning. --- plugins/negate.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/negate.c b/plugins/negate.c index 7787d018..d512e346 100644 --- a/plugins/negate.c +++ b/plugins/negate.c @@ -44,7 +44,7 @@ const char *email = "devel@monitoring-plugins.org"; /* char *command_line; */ static const char **process_arguments (int, char **); -int validate_arguments (char **); +void validate_arguments (char **); void print_help (void); void print_usage (void); int subst_text = FALSE; @@ -205,7 +205,7 @@ process_arguments (int argc, char **argv) } -int +void validate_arguments (char **command_line) { if (command_line[0] == NULL) -- cgit v1.2.3-74-g34f1 From 6e12805fa4fab1ee6109527313e56a4756bb3363 Mon Sep 17 00:00:00 2001 From: abrist Date: Mon, 19 May 2014 15:47:35 -0400 Subject: check_nt.c - Changed 'Mb' to 'MB' in MEMUSE. --- plugins/check_nt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/check_nt.c b/plugins/check_nt.c index cacf6651..fefbfb7a 100644 --- a/plugins/check_nt.c +++ b/plugins/check_nt.c @@ -293,10 +293,10 @@ int main(int argc, char **argv){ /* Divisor should be 1048567, not 3044515, as we are measuring "Commit Charge" here, which equals RAM + Pagefiles. */ - xasprintf(&output_message,_("Memory usage: total:%.2f Mb - used: %.2f Mb (%.0f%%) - free: %.2f Mb (%.0f%%)"), + xasprintf(&output_message,_("Memory usage: total:%.2f MB - used: %.2f MB (%.0f%%) - free: %.2f MB (%.0f%%)"), mem_commitLimit / 1048567, mem_commitByte / 1048567, percent_used_space, (mem_commitLimit - mem_commitByte) / 1048567, (mem_commitLimit - mem_commitByte) / mem_commitLimit * 100); - xasprintf(&perfdata,_("'Memory usage'=%.2fMb;%.2f;%.2f;0.00;%.2f"), mem_commitByte / 1048567, + xasprintf(&perfdata,_("'Memory usage'=%.2fMB;%.2f;%.2f;0.00;%.2f"), mem_commitByte / 1048567, warning_used_space / 1048567, critical_used_space / 1048567, mem_commitLimit / 1048567); return_code=STATE_OK; -- cgit v1.2.3-74-g34f1 From 4231415878daedefd707a39e54f7b438238908d6 Mon Sep 17 00:00:00 2001 From: Davide Madrisan Date: Thu, 20 Feb 2014 13:12:26 +0100 Subject: check_tcp: also display the server addr when host_specified is set. This will help the admins when multiple checks are configured Signed-off-by: Davide Madrisan --- plugins/check_tcp.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 2714961f..0b87d687 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -354,8 +354,13 @@ main (int argc, char **argv) printf("Unexpected response from host/socket on "); else printf("%.3f second response time on ", elapsed_time); - if(server_address[0] != '/') - printf("port %d", server_port); + if(server_address[0] != '/') { + if (host_specified) + printf("host %s and port %d", + server_address, server_port); + else + printf("port %d", server_port); + } else printf("socket %s", server_address); } -- cgit v1.2.3-74-g34f1 From b5d78f9556f6da877afaa763f281e7495d572367 Mon Sep 17 00:00:00 2001 From: abrist Date: Thu, 20 Feb 2014 16:02:36 -0500 Subject: Cleaned up status output of check_tcp changes --- plugins/check_tcp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 0b87d687..b0459f2b 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -356,7 +356,7 @@ main (int argc, char **argv) printf("%.3f second response time on ", elapsed_time); if(server_address[0] != '/') { if (host_specified) - printf("host %s and port %d", + printf("%s port %d", server_address, server_port); else printf("port %d", server_port); -- cgit v1.2.3-74-g34f1 From 79ba1f90dbb9f29871f09bfd6a95cba2ed86ee5d Mon Sep 17 00:00:00 2001 From: Jean-Claude Computing Date: Wed, 26 Feb 2014 17:33:40 +0100 Subject: check_dns: add warning and critical thresholds to perfdata --- plugins/check_dns.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/check_dns.c b/plugins/check_dns.c index eebe72cc..a2a92f41 100644 --- a/plugins/check_dns.c +++ b/plugins/check_dns.c @@ -242,7 +242,14 @@ main (int argc, char **argv) } printf (ngettext("%.3f second response time", "%.3f seconds response time", elapsed_time), elapsed_time); printf (_(". %s returns %s"), query_address, address); - printf ("|%s\n", fperfdata ("time", elapsed_time, "s", FALSE, 0, FALSE, 0, TRUE, 0, FALSE, 0)); + if ((time_thresholds->warning == NULL) || (time_thresholds->critical == NULL)) { + printf ("|%s\n", fperfdata ("time", elapsed_time, "s", FALSE, 0, FALSE, 0, TRUE, 0, FALSE, 0)); + } else { + printf ("|%s\n", fperfdata ("time", elapsed_time, "s", + TRUE, time_thresholds->warning->end, + TRUE, time_thresholds->critical->end, + TRUE, 0, FALSE, 0)); + } } else if (result == STATE_WARNING) printf (_("DNS WARNING - %s\n"), -- cgit v1.2.3-74-g34f1 From e49973493c4ede24f034dc8e54d988404795ae17 Mon Sep 17 00:00:00 2001 From: abrist Date: Wed, 26 Feb 2014 12:08:59 -0500 Subject: check_dns.c Added a bit more logic to thresholds Added two if elses to cover when only one threshold is set. --- plugins/check_dns.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/check_dns.c b/plugins/check_dns.c index a2a92f41..31a953d7 100644 --- a/plugins/check_dns.c +++ b/plugins/check_dns.c @@ -242,14 +242,23 @@ main (int argc, char **argv) } printf (ngettext("%.3f second response time", "%.3f seconds response time", elapsed_time), elapsed_time); printf (_(". %s returns %s"), query_address, address); - if ((time_thresholds->warning == NULL) || (time_thresholds->critical == NULL)) { - printf ("|%s\n", fperfdata ("time", elapsed_time, "s", FALSE, 0, FALSE, 0, TRUE, 0, FALSE, 0)); - } else { + if ((time_thresholds->warning != NULL) && (time_thresholds->critical != NULL)) { printf ("|%s\n", fperfdata ("time", elapsed_time, "s", TRUE, time_thresholds->warning->end, TRUE, time_thresholds->critical->end, TRUE, 0, FALSE, 0)); - } + } else if ((time_thresholds->warning == NULL) && (time_thresholds->critical != NULL)) { + printf ("|%s\n", fperfdata ("time", elapsed_time, "s", + FALSE, 0, + TRUE, time_thresholds->critical->end, + TRUE, 0, FALSE, 0)); + } else if ((time_thresholds->warning != NULL) && (time_thresholds->critical == NULL)) { + printf ("|%s\n", fperfdata ("time", elapsed_time, "s", + TRUE, time_thresholds->warning->end, + FALSE, 0, + TRUE, 0, FALSE, 0)); + } else + printf ("|%s\n", fperfdata ("time", elapsed_time, "s", FALSE, 0, FALSE, 0, TRUE, 0, FALSE, 0)); } else if (result == STATE_WARNING) printf (_("DNS WARNING - %s\n"), -- cgit v1.2.3-74-g34f1 From e566021a54c500aa2ee0f17bfe4f95d1fd1be243 Mon Sep 17 00:00:00 2001 From: Sven Nierlein Date: Sat, 28 Jun 2014 22:05:25 +0200 Subject: tests: added check_dns performance data test Signed-off-by: Sven Nierlein --- plugins/t/check_dns.t | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/t/check_dns.t b/plugins/t/check_dns.t index 2c903db9..4ff553f7 100644 --- a/plugins/t/check_dns.t +++ b/plugins/t/check_dns.t @@ -10,7 +10,7 @@ use NPTest; plan skip_all => "check_dns not compiled" unless (-x "check_dns"); -plan tests => 13; +plan tests => 14; my $successOutput = '/DNS OK: [\.0-9]+ seconds? response time/'; @@ -54,6 +54,7 @@ cmp_ok( $res->return_code, '==', 2, "Critical threshold passed"); $res = NPTest->testCmd("./check_dns -H $hostname_valid -t 5 -w 0 -c 5"); cmp_ok( $res->return_code, '==', 1, "Warning threshold passed"); +like( $res->output, "/\|time=[\d\.]+s;0.0*;5\.0*;0\.0*/", "Output performance data OK" ); $res = NPTest->testCmd("./check_dns -H $hostname_invalid -t 1"); cmp_ok( $res->return_code, '==', 2, "Invalid $hostname_invalid"); -- cgit v1.2.3-74-g34f1 From 4277f47bffb65bafeb9b8e256dd7116ce747e850 Mon Sep 17 00:00:00 2001 From: abrist Date: Mon, 3 Mar 2014 12:42:33 -0500 Subject: check_jabber.t - fixed tests for new status output including hostname --- plugins/t/check_jabber.t | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'plugins') diff --git a/plugins/t/check_jabber.t b/plugins/t/check_jabber.t index 1aaf8125..7a708d5b 100644 --- a/plugins/t/check_jabber.t +++ b/plugins/t/check_jabber.t @@ -29,7 +29,7 @@ my $hostname_invalid = getTestParameter( ); -my $jabberOK = '/JABBER OK\s-\s\d+\.\d+\ssecond response time on port 5222/'; +my $jabberOK = '/JABBER OK\s-\s\d+\.\d+\ssecond response time on '.$host_tcp_jabber.' port 5222/'; my $jabberUnresponsive = '/CRITICAL\s-\sSocket timeout after\s\d+\sseconds/'; @@ -40,7 +40,7 @@ my $r; SKIP: { skip "No jabber server defined", 6 unless $host_tcp_jabber; - $r = NPTest->testCmd( "./check_jabber $host_tcp_jabber" ); + $r = NPTest->testCmd( "./check_jabber -H $host_tcp_jabber" ); is( $r->return_code, 0, "Connected okay"); like( $r->output, $jabberOK, "Output as expected" ); @@ -48,7 +48,7 @@ SKIP: { is( $r->return_code, 0, "Connected okay, within limits" ); like( $r->output, $jabberOK, "Output as expected" ); - $r = NPTest->testCmd( "./check_jabber $host_tcp_jabber -wt 9 -ct 9 -to 10" ); + $r = NPTest->testCmd( "./check_jabber -H $host_tcp_jabber -wt 9 -ct 9 -to 10" ); is( $r->return_code, 0, "Old syntax okay" ); like( $r->output, $jabberOK, "Output as expected" ); -- cgit v1.2.3-74-g34f1 From a2505f049d48d8ff77159a382f46b3cf854c096d Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 7 Jul 2014 11:33:39 +0200 Subject: plugins/netutils.h: Adjust UNIX_PATH_MAX for BSD On at least FreeBSD, NetBSD, OpenBSD, DragonFly, and OS X, this is hard-coded at 104 bytes. Closes #1267. --- plugins/netutils.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/netutils.h b/plugins/netutils.h index c5aa18fc..c6fce901 100644 --- a/plugins/netutils.h +++ b/plugins/netutils.h @@ -40,8 +40,8 @@ #ifdef HAVE_SYS_UN_H # include # ifndef UNIX_PATH_MAX - /* linux uses this, on sun it's hard-coded at 108 without a define */ -# define UNIX_PATH_MAX 108 + /* linux uses this, on sun it's hard-coded at 108 without a define, on BSD at 104 */ +# define UNIX_PATH_MAX 104 # endif /* UNIX_PATH_MAX */ #endif /* HAVE_SYS_UN_H */ -- cgit v1.2.3-74-g34f1 From f54d10fe9ba202415c2001b1ec7c6eb4697c3d10 Mon Sep 17 00:00:00 2001 From: Mikael Falkvidd Date: Thu, 10 Jul 2014 14:25:23 +0200 Subject: check_procs: Add delay after forking in test Forking raises a race condition, where the parent might run the test before the child has had time to fork. If that happens, an error similar to this is produced: Failed test 'Output correct' at ./t/check_procs.t line 32. 'PROCS OK: 0 processes with args 'sleep 7' | processes=0;;;0;' doesn't match '/^PROCS OK: 1 process?/' Sleeping a bit should avoid the problem. It might be enough to sleep less than a second, but perl's built-in sleep function only supports integer seconds. In our build environment, the build failed 3 of 4 times before this patch. After the patch it failed 0 of 7 times. Signed-off-by: Mikael Falkvidd --- plugins/t/check_procs.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/t/check_procs.t b/plugins/t/check_procs.t index ca4acdd7..abe7284e 100644 --- a/plugins/t/check_procs.t +++ b/plugins/t/check_procs.t @@ -26,7 +26,7 @@ $result = NPTest->testCmd( "./check_procs -w 100000 -c 100000 -s Z" ); is( $result->return_code, 0, "Checking less than 100000 zombie processes" ); like( $result->output, '/^PROCS OK: [0-9]+ process(es)? with /', "Output correct" ); -if(fork() == 0) { exec("sleep 7"); } # fork a test process +if(fork() == 0) { exec("sleep 7"); } else { sleep(1) } # fork a test process in child and give child time to fork in parent $result = NPTest->testCmd( "./check_procs -a 'sleep 7'" ); is( $result->return_code, 0, "Parent process is ignored" ); like( $result->output, '/^PROCS OK: 1 process?/', "Output correct" ); -- cgit v1.2.3-74-g34f1 From 495cf3b2f8047815cc7de4f8238660f4609e97ca Mon Sep 17 00:00:00 2001 From: abrist Date: Fri, 14 Feb 2014 15:04:37 -0500 Subject: check_ntp_peer - Added specific state output for each metric. It now should be easy to see which check caused the alert. --- plugins/check_ntp_peer.c | 49 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 37 insertions(+), 12 deletions(-) (limited to 'plugins') diff --git a/plugins/check_ntp_peer.c b/plugins/check_ntp_peer.c index 8dc19788..d3ae5999 100644 --- a/plugins/check_ntp_peer.c +++ b/plugins/check_ntp_peer.c @@ -560,7 +560,7 @@ char *perfd_truechimers (int num_truechimers) } int main(int argc, char *argv[]){ - int result, offset_result, stratum, num_truechimers; + int result, offset_result, stratum, num_truechimers, oresult, jresult, sresult, tresult; double offset=0, jitter=0; char *result_line, *perfdata_line; @@ -597,15 +597,19 @@ int main(int argc, char *argv[]){ result = STATE_UNKNOWN; result = max_state_alt(result, get_status(fabs(offset), offset_thresholds)); } - + oresult = result; + if(do_truechimers) - result = max_state_alt(result, get_status(num_truechimers, truechimer_thresholds)); + tresult = get_status(num_truechimers, truechimer_thresholds); + result = max_state_alt(result, tresult); if(do_stratum) - result = max_state_alt(result, get_status(stratum, stratum_thresholds)); + sresult = get_status(stratum, stratum_thresholds); + result = max_state_alt(result, sresult); if(do_jitter) - result = max_state_alt(result, get_status(jitter, jitter_thresholds)); + jresult = get_status(jitter, jitter_thresholds); + result = max_state_alt(result, jresult); switch (result) { case STATE_CRITICAL : @@ -629,20 +633,43 @@ int main(int argc, char *argv[]){ if(offset_result == STATE_UNKNOWN){ xasprintf(&result_line, "%s %s", result_line, _("Offset unknown")); xasprintf(&perfdata_line, ""); + } else if (oresult == STATE_WARNING) { + xasprintf(&result_line, "%s %s %.10g secs (WARNING)", result_line, _("Offset"), offset); + } else if (oresult == STATE_CRITICAL) { + xasprintf(&result_line, "%s %s %.10g secs (CRITICAL)", result_line, _("Offset"), offset); } else { xasprintf(&result_line, "%s %s %.10g secs", result_line, _("Offset"), offset); - xasprintf(&perfdata_line, "%s", perfd_offset(offset)); - } + } + xasprintf(&perfdata_line, "%s", perfd_offset(offset)); + if (do_jitter) { - xasprintf(&result_line, "%s, jitter=%f", result_line, jitter); + if (jresult == STATE_WARNING) { + xasprintf(&result_line, "%s, jitter=%f (WARNING)", result_line, jitter); + } else if (jresult == STATE_CRITICAL) { + xasprintf(&result_line, "%s, jitter=%f (CRITICAL)", result_line, jitter); + } else { + xasprintf(&result_line, "%s, jitter=%f", result_line, jitter); + } xasprintf(&perfdata_line, "%s %s", perfdata_line, perfd_jitter(jitter)); } if (do_stratum) { - xasprintf(&result_line, "%s, stratum=%i", result_line, stratum); + if (sresult == STATE_WARNING) { + xasprintf(&result_line, "%s, stratum=%i (WARNING)", result_line, stratum); + } else if (sresult == STATE_CRITICAL) { + xasprintf(&result_line, "%s, stratum=%i (CRITICAL)", result_line, stratum); + } else { + xasprintf(&result_line, "%s, stratum=%i", result_line, stratum); + } xasprintf(&perfdata_line, "%s %s", perfdata_line, perfd_stratum(stratum)); } if (do_truechimers) { - xasprintf(&result_line, "%s, truechimers=%i", result_line, num_truechimers); + if (tresult == STATE_WARNING) { + xasprintf(&result_line, "%s, truechimers=%i (WARNING)", result_line, num_truechimers); + } else if (tresult == STATE_CRITICAL) { + xasprintf(&result_line, "%s, truechimers=%i (CRITICAL)", result_line, num_truechimers); + } else { + xasprintf(&result_line, "%s, truechimers=%i", result_line, num_truechimers); + } xasprintf(&perfdata_line, "%s %s", perfdata_line, perfd_truechimers(num_truechimers)); } printf("%s|%s\n", result_line, perfdata_line); @@ -651,8 +678,6 @@ int main(int argc, char *argv[]){ return result; } - - void print_help(void){ print_revision(progname, NP_VERSION); -- cgit v1.2.3-74-g34f1 From 78d00d338a07ab0dd5ff052af96aab13a5ee93ae Mon Sep 17 00:00:00 2001 From: abrist Date: Mon, 3 Mar 2014 12:41:30 -0500 Subject: check_ntp.t - fixed tests for new status output closes #1236 and #1239 --- plugins/t/check_ntp.t | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/t/check_ntp.t b/plugins/t/check_ntp.t index 74d890fa..b8fc8fdf 100644 --- a/plugins/t/check_ntp.t +++ b/plugins/t/check_ntp.t @@ -35,8 +35,8 @@ my $ntp_okmatch1 = '/^NTP\sOK:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs/' my $ntp_warnmatch1 = '/^NTP\sWARNING:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs/'; my $ntp_critmatch1 = '/^NTP\sCRITICAL:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs/'; my $ntp_okmatch2 = '/^NTP\sOK:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs,\sjitter=[0-9]+\.[0-9]+,\sstratum=[0-9]{1,2},\struechimers=[0-9]+/'; -my $ntp_warnmatch2 = '/^NTP\sWARNING:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs,\sjitter=[0-9]+\.[0-9]+,\sstratum=[0-9]{1,2},\struechimers=[0-9]+/'; -my $ntp_critmatch2 = '/^NTP\sCRITICAL:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs,\sjitter=[0-9]+\.[0-9]+,\sstratum=[0-9]{1,2},\struechimers=[0-9]+/'; +my $ntp_warnmatch2 = '/^NTP\sWARNING:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs,\sjitter=[0-9]+\.[0-9]+,\sstratum=[0-9]{1,2}\s\(WARNING\),\struechimers=[0-9]+/'; +my $ntp_critmatch2 = '/^NTP\sCRITICAL:\sOffset\s-?[0-9]+(\.[0-9]+)?(e-[0-9]{2})?\ssecs,\sjitter=[0-9]+\.[0-9]+\s\(CRITICAL\),\sstratum=[0-9]{1,2},\struechimers=[0-9]+/'; my $ntp_noresponse = '/^(CRITICAL - Socket timeout after 3 seconds)|(NTP CRITICAL: No response from NTP server)$/'; my $ntp_nosuchhost = '/^check_ntp.*: Invalid hostname/address - ' . $hostname_invalid . '/'; -- cgit v1.2.3-74-g34f1 From 3c7d24478c7e79f288d4e79278168c3fe5b73a45 Mon Sep 17 00:00:00 2001 From: abrist Date: Fri, 24 Jan 2014 13:52:08 -0500 Subject: check_hpjd - Added a switch for port specification. Defaults to 161. --- plugins/check_hpjd.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) (limited to 'plugins') diff --git a/plugins/check_hpjd.c b/plugins/check_hpjd.c index 1e7605ba..1ee4d134 100644 --- a/plugins/check_hpjd.c +++ b/plugins/check_hpjd.c @@ -39,7 +39,7 @@ const char *email = "devel@monitoring-plugins.org"; #include "netutils.h" #define DEFAULT_COMMUNITY "public" - +#define DEFAULT_PORT "161" const char *option_summary = "-H host [-C community]\n"; @@ -66,6 +66,7 @@ void print_usage (void); char *community = NULL; char *address = NULL; +char *port = NULL; int main (int argc, char **argv) @@ -119,8 +120,8 @@ main (int argc, char **argv) HPJD_GD_DOOR_OPEN, HPJD_GD_PAPER_OUTPUT, HPJD_GD_STATUS_DISPLAY); /* get the command to run */ - sprintf (command_line, "%s -OQa -m : -v 1 -c %s %s %s", PATH_TO_SNMPGET, community, - address, query_string); + sprintf (command_line, "%s -OQa -m : -v 1 -c %s %s:%hd %s", PATH_TO_SNMPGET, community, + address, port, query_string); /* run the command */ child_process = spopen (command_line); @@ -313,7 +314,7 @@ process_arguments (int argc, char **argv) {"community", required_argument, 0, 'C'}, /* {"critical", required_argument,0,'c'}, */ /* {"warning", required_argument,0,'w'}, */ -/* {"port", required_argument,0,'P'}, */ + {"port", required_argument,0,'p'}, {"version", no_argument, 0, 'V'}, {"help", no_argument, 0, 'h'}, {0, 0, 0, 0} @@ -324,7 +325,7 @@ process_arguments (int argc, char **argv) while (1) { - c = getopt_long (argc, argv, "+hVH:C:", longopts, &option); + c = getopt_long (argc, argv, "+hVH:C:p:", longopts, &option); if (c == -1 || c == EOF || c == 1) break; @@ -341,6 +342,12 @@ process_arguments (int argc, char **argv) case 'C': /* community */ community = strscpy (community, optarg); break; + case 'p': + if (!is_intpos(optarg)) + usage2 (_("Port must be a positive integer"), optarg); + else + port = atoi(optarg); + break; case 'V': /* version */ print_revision (progname, NP_VERSION); exit (STATE_OK); @@ -369,6 +376,13 @@ process_arguments (int argc, char **argv) community = strdup (DEFAULT_COMMUNITY); } + if (port == NULL) { + if (argv[c] != NULL ) + port = argv[c]; + else + port = atoi (DEFAULT_PORT); + } + return validate_arguments (); } @@ -402,6 +416,10 @@ print_help (void) printf (" %s", _("The SNMP community name ")); printf (_("(default=%s)"), DEFAULT_COMMUNITY); printf ("\n"); + printf (" %s\n", "-p, --port=STRING"); + printf (" %s", _("Specify the port to check ")); + printf (_("(default=%s)"), DEFAULT_PORT); + printf ("\n"); printf (UT_SUPPORT); } @@ -412,5 +430,5 @@ void print_usage (void) { printf ("%s\n", _("Usage:")); - printf ("%s -H host [-C community]\n", progname); + printf ("%s -H host [-C community] [-p port]\n", progname); } -- cgit v1.2.3-74-g34f1 From 8e187dfefef1397b1f87a1008e162e46a74f4782 Mon Sep 17 00:00:00 2001 From: abrist Date: Fri, 24 Jan 2014 14:04:37 -0500 Subject: Added check_hpjd port option to news and clarified the port usage error. --- NEWS | 4 ++++ plugins/check_hpjd.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/NEWS b/NEWS index f2898aba..d48e1d8a 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,9 @@ This file documents the major additions and syntax changes between releases. +2.1 + ENHANCEMENTS + New check_hpjd -p option for port specification (abrist) + 2.0 11th July 2014 ENHANCEMENTS check_mailq now supports auto detection of qmail, postfix, exim and nullmailer with diff --git a/plugins/check_hpjd.c b/plugins/check_hpjd.c index 1ee4d134..5fe06984 100644 --- a/plugins/check_hpjd.c +++ b/plugins/check_hpjd.c @@ -344,7 +344,7 @@ process_arguments (int argc, char **argv) break; case 'p': if (!is_intpos(optarg)) - usage2 (_("Port must be a positive integer"), optarg); + usage2 (_("Port must be a positive short integer"), optarg); else port = atoi(optarg); break; -- cgit v1.2.3-74-g34f1 From 479509ad59cdb05894ab39206157e6dd3f4e7faf Mon Sep 17 00:00:00 2001 From: abrist Date: Mon, 27 Jan 2014 19:06:46 -0500 Subject: added tests for check_hpjd port options --- Closes #1160 and #973 --- plugins/t/check_hpjd.t | 35 ++++++++++++++++++++++++++++------- 1 file changed, 28 insertions(+), 7 deletions(-) (limited to 'plugins') diff --git a/plugins/t/check_hpjd.t b/plugins/t/check_hpjd.t index 10ded54a..4d64852a 100644 --- a/plugins/t/check_hpjd.t +++ b/plugins/t/check_hpjd.t @@ -10,7 +10,6 @@ use NPTest; plan skip_all => "check_hpjd not compiled" unless (-x "check_hpjd"); -plan tests => 5; my $successOutput = '/^Printer ok - /'; my $failureOutput = '/Timeout: No [Rr]esponse from /'; @@ -20,31 +19,53 @@ my $host_tcp_hpjd = getTestParameter( "A host (usually a printer) providing the HP-JetDirect Services" ); +my $host_hpjd_port_invalid = getTestParameter( + "NP_HOST_HPJD_PORT_INVALID", + "A port that HP-JetDirect Services is not listening on", + "162" + ); + +my $host_hpjd_port_valid = getTestParameter( + "NP_HOST_HPJD_PORT_VALID", + "The port that HP-JetDirect Services is currently listening on", + "161" + ); + my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", - "10.0.0.1", + "10.0.0.1" ); my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", "An invalid (not known to DNS) hostname", - "nosuchhost", + "nosuchhost" ); +my $tests = $host_tcp_hpjd ? 9 : 5; +plan tests => $tests; my $res; SKIP: { skip "No HP JetDirect defined", 2 unless $host_tcp_hpjd; - $res = NPTest->testCmd("./check_hpjd $host_tcp_hpjd"); - cmp_ok( $res->return_code, '==', 0, "Jetdirect responding" ); + $res = NPTest->testCmd("./check_hpjd -H $host_tcp_hpjd"); + cmp_ok( $res->return_code, 'eq', 0, "Jetdirect responding" ); like ( $res->output, $successOutput, "Output correct" ); + + $res = NPTest->testCmd("./check_hpjd -H $host_tcp_hpjd -p $host_hpjd_port_valid"); + cmp_ok( $res->return_code, 'eq', 0, "Jetdirect responding on port $host_hpjd_port_valid" ); + like ( $res->output, $successOutput, "Output correct" ); + + $res = NPTest->testCmd("./check_hpjd -H $host_tcp_hpjd -p $host_hpjd_port_invalid"); + cmp_ok( $res->return_code, 'eq', 2, "Jetdirect not responding on port $host_hpjd_port_invalid" ); + like ( $res->output, $failureOutput, "Output correct" ); } -$res = NPTest->testCmd("./check_hpjd $host_nonresponsive"); +$res = NPTest->testCmd("./check_hpjd -H $host_nonresponsive"); cmp_ok( $res->return_code, 'eq', 2, "Host not responding"); like ( $res->output, $failureOutput, "Output OK" ); -$res = NPTest->testCmd("./check_hpjd $hostname_invalid"); +$res = NPTest->testCmd("./check_hpjd -H $hostname_invalid"); cmp_ok( $res->return_code, 'eq', 3, "Hostname invalid"); -- cgit v1.2.3-74-g34f1 From 71063655e558224d692950ac9abaa39e0b7c6585 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Sun, 20 Jul 2014 16:12:30 +0200 Subject: travis-ci: Adding ports for check_hpjd --- plugins/t/NPTest.cache.travis | 2 ++ 1 file changed, 2 insertions(+) (limited to 'plugins') diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis index c1007deb..4ebfb90e 100644 --- a/plugins/t/NPTest.cache.travis +++ b/plugins/t/NPTest.cache.travis @@ -14,6 +14,8 @@ 'NP_HOST_SNMP' => '', 'NP_HOST_TCP_FTP' => '', 'NP_HOST_TCP_HPJD' => '', + 'NP_HOST_HPJD_PORT_INVALID' => '161', + 'NP_HOST_HPJD_PORT_VALID' => '', 'NP_HOST_TCP_HTTP' => 'localhost', 'NP_HOST_TCP_HTTP2' => 'labs.consol.de', 'NP_HOST_TCP_IMAP' => 'imap.web.de', -- cgit v1.2.3-74-g34f1 From 3bf812beaee7035b1c08e49b55d7962056931d7b Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Tue, 1 Oct 2013 09:26:41 +0200 Subject: sslutils: expire time in local timezone format sshutils prints the expiry time of certificates in US format this patch uses the strftime %c, I don't know how portable that is Thanks to Neil Prockter. Closes #1188 Closes #1161 Closes #977 Closes #976 Closes #975 Closes #840 Closes #382 --- THANKS.in | 1 + plugins/sslutils.c | 9 ++++----- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'plugins') diff --git a/THANKS.in b/THANKS.in index 43ba182f..6738ae7f 100644 --- a/THANKS.in +++ b/THANKS.in @@ -324,3 +324,4 @@ Jean-Claude Computing Andy Brist Mikael Falkvidd Patric Wust +Neil Prockter diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 687bffb7..d0ae4741 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c @@ -153,7 +153,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ struct tm stamp; float time_left; int days_left; - char timestamp[17] = ""; + char timestamp[50] = ""; + time_t tm_t; certificate=SSL_get_peer_certificate(s); if (!certificate) { @@ -211,10 +212,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ time_left = difftime(timegm(&stamp), time(NULL)); days_left = time_left / 86400; - snprintf - (timestamp, 17, "%02d/%02d/%04d %02d:%02d", - stamp.tm_mon + 1, - stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); + tm_t = mktime (&stamp); + strftime(timestamp, 50, "%c", localtime(&tm_t)); if (days_left > 0 && days_left <= days_till_exp_warn) { printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); -- cgit v1.2.3-74-g34f1 From c5a64eeef8340ff39fafb21878d92139b4c1fb73 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 21 Jul 2014 13:59:22 +0200 Subject: plugins/t/check_dns.t: Fix Perl warning Perl said: "Unrecognized escape \d passed through at ./t/check_dns.t line 57." --- plugins/t/check_dns.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/t/check_dns.t b/plugins/t/check_dns.t index 4ff553f7..b8858807 100644 --- a/plugins/t/check_dns.t +++ b/plugins/t/check_dns.t @@ -54,7 +54,7 @@ cmp_ok( $res->return_code, '==', 2, "Critical threshold passed"); $res = NPTest->testCmd("./check_dns -H $hostname_valid -t 5 -w 0 -c 5"); cmp_ok( $res->return_code, '==', 1, "Warning threshold passed"); -like( $res->output, "/\|time=[\d\.]+s;0.0*;5\.0*;0\.0*/", "Output performance data OK" ); +like( $res->output, '/\|time=[\d\.]+s;0.0*;5\.0*;0\.0*/', "Output performance data OK" ); $res = NPTest->testCmd("./check_dns -H $hostname_invalid -t 1"); cmp_ok( $res->return_code, '==', 2, "Invalid $hostname_invalid"); -- cgit v1.2.3-74-g34f1 From b785a770e4fbcdd6d11717eeb6eb00172eac4fb8 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 21 Jul 2014 21:52:33 +0200 Subject: plugins/tests/check_http.t: Adjust date strings Adjust the expected date strings to the now-localized output produced by plugins/sslutils.c. Closes #1275. --- plugins/tests/check_http.t | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index 225b449f..d93a0ecf 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -186,21 +186,21 @@ SKIP: { $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); - is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on 03/03/2019 21:41.', "output ok" ); + is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:00 2019.', "output ok" ); $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); - like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(03/03/2019 21:41\)./', "output ok" ); + like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:00 2019\)./', "output ok" ); # Expired cert tests $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" ); is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" ); - like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(03/03/2019 21:41\)./', "output ok" ); + like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:00 2019\)./', "output ok" ); $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); is( $result->output, - 'CRITICAL - Certificate \'Ton Voon\' expired on 03/05/2009 00:13.', + 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:00 2009.', "output ok" ); } -- cgit v1.2.3-74-g34f1 From 2e8d440e73ac2b1875db5ecaf6df510fdcf6eb7a Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Tue, 1 Oct 2013 00:47:08 +0200 Subject: check_mysql: ignore authentication failure This patch allows checking if MySQL server is running without providing valid username and password. Similar to check_ssh plugin it returns MySQL server version string and protocol number. Example: check_mysql -n -H aaa.bbb.ccc.ddd MySQL OK - Version: 5.0.51a-24+lenny5 (protocol 10) This is useful for monitoring servers where one does not have administrator privileges or does not want to grant any privileges for the monitoring station. To enable this functionality new option --ignore-auth (-n) is added to check_mysql plugin. Thanks to Julius Kriukas Closes #1020 Closes #1178 --- THANKS.in | 1 + plugins/check_mysql.c | 22 ++++++++++++++++++++-- 2 files changed, 21 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/THANKS.in b/THANKS.in index 6738ae7f..b732e787 100644 --- a/THANKS.in +++ b/THANKS.in @@ -325,3 +325,4 @@ Andy Brist Mikael Falkvidd Patric Wust Neil Prockter +Julius Kriukas diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c index 4f09e5f8..216626bc 100644 --- a/plugins/check_mysql.c +++ b/plugins/check_mysql.c @@ -42,6 +42,7 @@ const char *email = "devel@monitoring-plugins.org"; #include "netutils.h" #include +#include #include char *db_user = NULL; @@ -59,6 +60,7 @@ char *opt_file = NULL; char *opt_group = NULL; unsigned int db_port = MYSQL_PORT; int check_slave = 0, warn_sec = 0, crit_sec = 0; +int ignore_auth = 0; int verbose = 0; static double warning_time = 0; @@ -136,7 +138,16 @@ main (int argc, char **argv) mysql_ssl_set(&mysql,key,cert,ca_cert,ca_dir,ciphers); /* establish a connection to the server and error checking */ if (!mysql_real_connect(&mysql,db_host,db_user,db_pass,db,db_port,db_socket,0)) { - if (mysql_errno (&mysql) == CR_UNKNOWN_HOST) + if (ignore_auth && mysql_errno (&mysql) == ER_ACCESS_DENIED_ERROR) + { + printf("MySQL OK - Version: %s (protocol %d)\n", + mysql_get_server_info(&mysql), + mysql_get_proto_info(&mysql) + ); + mysql_close (&mysql); + return STATE_OK; + } + else if (mysql_errno (&mysql) == CR_UNKNOWN_HOST) die (STATE_WARNING, "%s\n", mysql_error (&mysql)); else if (mysql_errno (&mysql) == CR_VERSION_ERROR) die (STATE_WARNING, "%s\n", mysql_error (&mysql)); @@ -341,6 +352,7 @@ process_arguments (int argc, char **argv) {"critical", required_argument, 0, 'c'}, {"warning", required_argument, 0, 'w'}, {"check-slave", no_argument, 0, 'S'}, + {"ignore-auth", no_argument, 0, 'n'}, {"verbose", no_argument, 0, 'v'}, {"version", no_argument, 0, 'V'}, {"help", no_argument, 0, 'h'}, @@ -357,7 +369,7 @@ process_arguments (int argc, char **argv) return ERROR; while (1) { - c = getopt_long (argc, argv, "hlvVSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option); + c = getopt_long (argc, argv, "hlvVnSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option); if (c == -1 || c == EOF) break; @@ -419,6 +431,9 @@ process_arguments (int argc, char **argv) case 'S': check_slave = 1; /* check-slave */ break; + case 'n': + ignore_auth = 1; /* ignore-auth */ + break; case 'w': warning = optarg; warning_time = strtod (warning, NULL); @@ -506,6 +521,9 @@ print_help (void) printf (UT_EXTRA_OPTS); printf (UT_HOST_PORT, 'P', myport); + printf (" %s\n", "-n, --ignore-auth"); + printf (" %s\n", _("Ignore authentication failure and check for mysql connectivity only")); + printf (" %s\n", "-s, --socket=STRING"); printf (" %s\n", _("Use the specified socket (has no effect if -H is used)")); -- cgit v1.2.3-74-g34f1 From e85fcbd5711999af88ed887c0c17a26ab29f2b28 Mon Sep 17 00:00:00 2001 From: Davide Madrisan Date: Wed, 7 May 2014 22:14:45 +0200 Subject: This patch will add the IP and port, or socket name, to the error message and thus simplify the problem debugging: no need to check for this information in the Nagios configuration. This function is only used by 'check_tcp.c'. Without the patch: $ ./plugins/check_tcp -H 127.0.0.1 -p 21 Connection refused $ ./plugins/check_tcp -H /var/spool/nagios/cmd/nagios.cmd Permission denied With the patch: $ ./plugins/check_tcp -H 127.0.0.1 -p 21 connect to address 127.0.0.1 and port 21: Connection refused $ ./plugins/check_tcp -H /var/spool/nagios/cmd/nagios.cmd connect to socket /var/spool/nagios/cmd/nagios.cmd: Permission denied Thanks to Davide Madrisan. --- Closes #1277 --- plugins/netutils.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'plugins') diff --git a/plugins/netutils.c b/plugins/netutils.c index 00440465..48042188 100644 --- a/plugins/netutils.c +++ b/plugins/netutils.c @@ -167,11 +167,13 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) char port_str[6], host[MAX_HOST_ADDRESS_LENGTH]; size_t len; int socktype, result; + bool is_socket; socktype = (proto == IPPROTO_UDP) ? SOCK_DGRAM : SOCK_STREAM; + bool is_socket = (host_name[0] == '/'); /* as long as it doesn't start with a '/', it's assumed a host or ip */ - if(host_name[0] != '/'){ + if (!is_socket){ memset (&hints, 0, sizeof (hints)); hints.ai_family = address_family; hints.ai_protocol = proto; @@ -253,7 +255,11 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) return econn_refuse_state; break; case STATE_CRITICAL: /* user did not set econn_refuse_state */ - printf ("%s\n", strerror(errno)); + if (is_socket) + printf("connect to socket %s: %s\n", host_name, strerror(errno)); + else + printf("connect to address %s and port %d: %s\n", + host_name, port, strerror(errno)); return econn_refuse_state; break; default: /* it's a logic error if we do not end up in STATE_(OK|WARNING|CRITICAL) */ @@ -262,7 +268,11 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) } } else { - printf ("%s\n", strerror(errno)); + if (is_socket) + printf("connect to socket %s: %s\n", host_name, strerror(errno)); + else + printf("connect to address %s and port %d: %s\n", + host_name, port, strerror(errno)); return STATE_CRITICAL; } } -- cgit v1.2.3-74-g34f1 From fc2c099d58eeb32350a6b147db067d179d8debb6 Mon Sep 17 00:00:00 2001 From: abrist Date: Mon, 19 May 2014 16:16:40 -0400 Subject: netutils.c - A few more changes Changed bool to short. Removed first instance of is_socket to avoid redeclaration error. Changed 'socket' to 'file socket' for verbosity. --- plugins/netutils.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/netutils.c b/plugins/netutils.c index 48042188..83f8942f 100644 --- a/plugins/netutils.c +++ b/plugins/netutils.c @@ -167,10 +167,9 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) char port_str[6], host[MAX_HOST_ADDRESS_LENGTH]; size_t len; int socktype, result; - bool is_socket; + short is_socket = (host_name[0] == '/'); socktype = (proto == IPPROTO_UDP) ? SOCK_DGRAM : SOCK_STREAM; - bool is_socket = (host_name[0] == '/'); /* as long as it doesn't start with a '/', it's assumed a host or ip */ if (!is_socket){ @@ -256,7 +255,7 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) break; case STATE_CRITICAL: /* user did not set econn_refuse_state */ if (is_socket) - printf("connect to socket %s: %s\n", host_name, strerror(errno)); + printf("connect to file socket %s: %s\n", host_name, strerror(errno)); else printf("connect to address %s and port %d: %s\n", host_name, port, strerror(errno)); @@ -269,7 +268,7 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) } else { if (is_socket) - printf("connect to socket %s: %s\n", host_name, strerror(errno)); + printf("connect to file socket %s: %s\n", host_name, strerror(errno)); else printf("connect to address %s and port %d: %s\n", host_name, port, strerror(errno)); -- cgit v1.2.3-74-g34f1 From a941219b41ba15abb393ae3a1cbdef3d28025c09 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Tue, 1 Oct 2013 08:17:54 +0200 Subject: check_ntp_time: adding offset option Not sure if this is of use or not - we have a strange requirement to run certain servers 5 minutes fast. I've added a switch to the check_ntp_time to allow for this offset. Thanks to Patrick McAndrew. --- plugins/check_ntp_time.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'plugins') diff --git a/plugins/check_ntp_time.c b/plugins/check_ntp_time.c index 72dffbd8..d6cf4191 100644 --- a/plugins/check_ntp_time.c +++ b/plugins/check_ntp_time.c @@ -48,6 +48,7 @@ static int verbose=0; static int quiet=0; static char *owarn="60"; static char *ocrit="120"; +static int time_offset=0; int process_arguments (int, char **); thresholds *offset_thresholds = NULL; @@ -400,7 +401,7 @@ double offset_request(const char *host, int *status){ gettimeofday(&recv_time, NULL); DBG(print_ntp_message(&req[i])); respnum=servers[i].num_responses++; - servers[i].offset[respnum]=calc_offset(&req[i], &recv_time); + servers[i].offset[respnum]=calc_offset(&req[i], &recv_time)+time_offset; if(verbose) { printf("offset %.10g\n", servers[i].offset[respnum]); } @@ -455,6 +456,7 @@ int process_arguments(int argc, char **argv){ {"use-ipv4", no_argument, 0, '4'}, {"use-ipv6", no_argument, 0, '6'}, {"quiet", no_argument, 0, 'q'}, + {"time-offset", optional_argument, 0, 'o'}, {"warning", required_argument, 0, 'w'}, {"critical", required_argument, 0, 'c'}, {"timeout", required_argument, 0, 't'}, @@ -468,7 +470,7 @@ int process_arguments(int argc, char **argv){ usage ("\n"); while (1) { - c = getopt_long (argc, argv, "Vhv46qw:c:t:H:p:", longopts, &option); + c = getopt_long (argc, argv, "Vhv46qw:c:t:H:p:o:", longopts, &option); if (c == -1 || c == EOF || c == 1) break; @@ -504,6 +506,9 @@ int process_arguments(int argc, char **argv){ case 't': socket_timeout=atoi(optarg); break; + case 'o': + time_offset=atoi(optarg); + break; case '4': address_family = AF_INET; break; @@ -616,6 +621,8 @@ void print_help(void){ printf (" %s\n", _("Offset to result in warning status (seconds)")); printf (" %s\n", "-c, --critical=THRESHOLD"); printf (" %s\n", _("Offset to result in critical status (seconds)")); + printf (" %s\n", "-o, --time_offset="); + printf (" %s\n", _("Expected offset of the ntp server relative to local server (seconds)")); printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); printf (UT_VERBOSE); @@ -642,6 +649,6 @@ void print_usage(void) { printf ("%s\n", _("Usage:")); - printf(" %s -H [-4|-6] [-w ] [-c ] [-v verbose]\n", progname); + printf(" %s -H [-4|-6] [-w ] [-c ] [-v verbose] [-o