From a359667f2b65c06aa60915f03bf89708132b1f8b Mon Sep 17 00:00:00 2001 From: Lorenz Kästle Date: Wed, 26 Apr 2023 17:52:22 +0200 Subject: Changing remaining sscanf format specifier to unsigned long --- plugins/check_swap.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'plugins') diff --git a/plugins/check_swap.c b/plugins/check_swap.c index 05f19ad4..cd965e31 100644 --- a/plugins/check_swap.c +++ b/plugins/check_swap.c @@ -178,7 +178,7 @@ main (int argc, char **argv) # ifdef _AIX if (!allswaps) { xasprintf(&swap_command, "%s", "/usr/sbin/lsps -s"); - xasprintf(&swap_format, "%s", "%f%*s %f"); + xasprintf(&swap_format, "%s", "%lu%*s %lu"); conv_factor = 1; } # endif @@ -205,9 +205,9 @@ main (int argc, char **argv) temp_buffer = strtok (input_buffer, " \n"); while (temp_buffer) { if (strstr (temp_buffer, "blocks")) - sprintf (str, "%s %s", str, "%f"); + sprintf (str, "%s %s", str, "%lu"); else if (strstr (temp_buffer, "dskfree")) - sprintf (str, "%s %s", str, "%f"); + sprintf (str, "%s %s", str, "%lu"); else sprintf (str, "%s %s", str, "%*s"); temp_buffer = strtok (NULL, " \n"); -- cgit v1.2.3-74-g34f1 From 90cb539595bcc94bf2a7a0036d7ecf781518eb81 Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Sun, 27 Aug 2023 23:13:17 +0200 Subject: Implement option to ignore mib file parsing errors --- plugins/check_snmp.c | 64 ++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 47 insertions(+), 17 deletions(-) (limited to 'plugins') diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 04dc6c6f..43e79a1c 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -65,6 +65,7 @@ const char *email = "devel@monitoring-plugins.org"; #define L_RATE_MULTIPLIER CHAR_MAX+2 #define L_INVERT_SEARCH CHAR_MAX+3 #define L_OFFSET CHAR_MAX+4 +#define L_IGNORE_MIB_PARSING_ERRORS CHAR_MAX+5 /* Gobble to string - stop incrementing c when c[0] match one of the * characters in s */ @@ -159,6 +160,7 @@ char* ip_version = ""; double multiplier = 1.0; char *fmtstr = ""; char buffer[DEFAULT_BUFFER_SIZE]; +bool ignore_mib_parsing_errors = false; static char *fix_snmp_range(char *th) { @@ -306,42 +308,64 @@ main (int argc, char **argv) } /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */ - command_line = calloc (10 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *)); - command_line[0] = snmpcmd; - command_line[1] = strdup ("-Le"); - command_line[2] = strdup ("-t"); - xasprintf (&command_line[3], "%d", timeout_interval); - command_line[4] = strdup ("-r"); - xasprintf (&command_line[5], "%d", retries); - command_line[6] = strdup ("-m"); - command_line[7] = strdup (miblist); - command_line[8] = "-v"; - command_line[9] = strdup (proto); + + unsigned index = 0; + command_line = calloc (11 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *)); + + command_line[index++] = snmpcmd; + command_line[index++] = strdup ("-Le"); + command_line[index++] = strdup ("-t"); + xasprintf (&command_line[index++], "%d", timeout_interval); + command_line[index++] = strdup ("-r"); + xasprintf (&command_line[index++], "%d", retries); + command_line[index++] = strdup ("-m"); + command_line[index++] = strdup (miblist); + command_line[index++] = "-v"; + command_line[index++] = strdup (proto); + + xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s", + snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto); + + if (ignore_mib_parsing_errors) { + command_line[index++] = "-Pe"; + xasprintf(&cl_hidden_auth, "%s -Pe", cl_hidden_auth); + } + for (i = 0; i < numcontext; i++) { - command_line[10 + i] = contextargs[i]; + command_line[index++] = contextargs[i]; } for (i = 0; i < numauthpriv; i++) { - command_line[10 + numcontext + i] = authpriv[i]; + command_line[index++] = authpriv[i]; } - xasprintf (&command_line[10 + numcontext + numauthpriv], "%s:%s", server_address, port); + xasprintf (&command_line[index++], "%s:%s", server_address, port); + + xasprintf(&cl_hidden_auth, "%s [context] [authpriv] %s:%s", + cl_hidden_auth, + server_address, + port); + + /* This is just for display purposes, so it can remain a string */ + /* xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s", snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]", server_address, port); + */ for (i = 0; i < numoids; i++) { - command_line[10 + numcontext + numauthpriv + 1 + i] = oids[i]; + command_line[index++] = oids[i]; xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); } - command_line[10 + numcontext + numauthpriv + 1 + numoids] = NULL; + command_line[index++] = NULL; - if (verbose) + if (verbose) { printf ("%s\n", cl_hidden_auth); + } /* Set signal handling and alarm */ if (signal (SIGALRM, runcmd_timeout_alarm_handler) == SIG_ERR) { @@ -708,6 +732,7 @@ process_arguments (int argc, char **argv) {"ipv6", no_argument, 0, '6'}, {"multiplier", required_argument, 0, 'M'}, {"fmtstr", required_argument, 0, 'f'}, + {"ignore-mib-parsing-errors", no_argument, false, L_IGNORE_MIB_PARSING_ERRORS}, {0, 0, 0, 0} }; @@ -974,6 +999,8 @@ process_arguments (int argc, char **argv) fmtstr=optarg; } break; + case L_IGNORE_MIB_PARSING_ERRORS: + ignore_mib_parsing_errors = true; } } @@ -1307,6 +1334,9 @@ print_help (void) printf (" %s\n", "-O, --perf-oids"); printf (" %s\n", _("Label performance data with OIDs instead of --label's")); + printf (" %s\n", "--ignore-mib-parsing-errors"); + printf (" %s\n", _("Tell snmpget to not print errors encountered when parsing MIB files")); + printf (UT_VERBOSE); printf ("\n"); -- cgit v1.2.3-74-g34f1 From 94a5eb218d3415a4babeb4a84e225635b5077eaa Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Sun, 27 Aug 2023 23:13:50 +0200 Subject: Update test to ignore broken MIBs --- plugins/t/check_snmp.t | 66 +++++++++++++++++++++++++------------------------- 1 file changed, 33 insertions(+), 33 deletions(-) (limited to 'plugins') diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t index f2f218fd..7d5abc21 100644 --- a/plugins/t/check_snmp.t +++ b/plugins/t/check_snmp.t @@ -26,22 +26,22 @@ $res = NPTest->testCmd( "./check_snmp -t 1" ); is( $res->return_code, 3, "No host name" ); is( $res->output, "No host specified" ); -$res = NPTest->testCmd( "./check_snmp -H fakehostname" ); +$res = NPTest->testCmd( "./check_snmp -H fakehostname --ignore-mib-parsing-errors" ); is( $res->return_code, 3, "No OIDs specified" ); is( $res->output, "No OIDs specified" ); -$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3 -U not_a_user --seclevel=rubbish" ); +$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3 -U not_a_user --seclevel=rubbish" ); is( $res->return_code, 3, "Invalid seclevel" ); like( $res->output, "/check_snmp: Invalid seclevel - rubbish/" ); -$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3c" ); +$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3c" ); is( $res->return_code, 3, "Invalid protocol" ); like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" ); SKIP: { skip "no snmp host defined", 50 if ( ! $host_snmp ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" ); like($res->output, '/^SNMP OK - (\d+)/', "String contains SNMP OK"); $res->output =~ /^SNMP OK - (\d+)/; @@ -51,111 +51,111 @@ SKIP: { # some more threshold tests - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1"); cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:"); cmp_ok( $res->return_code, '==', 0, "Threshold test -c 1:" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c ~:1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c ~:1"); cmp_ok( $res->return_code, '==', 2, "Threshold test -c ~:1" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:10"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:10"); cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1:10" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c \@1:10"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c \@1:10"); cmp_ok( $res->return_code, '==', 0, "Threshold test -c \@1:10" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 10:1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 10:1"); cmp_ok( $res->return_code, '==', 0, "Threshold test -c 10:1" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 0, "Test with numeric OID (no mibs loaded)" ); like($res->output, '/^SNMP OK - \d+/', "String contains SNMP OK"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying sysDescr" ); unlike($res->perf_output, '/sysDescr/', "Perfdata doesn't contain string values"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0,system.sysDescr.0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0,system.sysDescr.0"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, comma-separated" ); like($res->output, '/^SNMP OK - /', "String contains SNMP OK"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, repeated option" ); like($res->output, '/^SNMP OK - /', "String contains SNMP OK"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrSWRunIndex.1" ); like($res->output, '/^SNMP OK - 1\s.*$/', "String fits SNMP OK and output format"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0 -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0 -c 1:"); cmp_ok( $res->return_code, '==', 1, "Exit WARNING when querying hrSWRunIndex.1 and warn-th doesn't apply " ); like($res->output, '/^SNMP WARNING - \*1\*\s.*$/', "String matches SNMP WARNING and output format"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w :0 -c 0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w :0 -c 0"); cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL when querying hrSWRunIndex.1 and crit-th doesn't apply" ); like($res->output, '/^SNMP CRITICAL - \*1\*\s.*$/', "String matches SNMP CRITICAL and output format"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2"); cmp_ok( $res->return_code, '==', 0, "Checking two OIDs at once" ); like($res->output, "/^SNMP OK - 2 1/", "Got two values back" ); like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" ); like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2"); cmp_ok( $res->return_code, '==', 2, "Checking critical threshold is passed if any one value crosses" ); like($res->output, "/^SNMP CRITICAL - 2 *1*/", "Got two values back" ); like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" ); like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrMemorySize and hrSystemProcesses"); like($res->output, '/^SNMP OK - \d+ \d+/', "String contains hrMemorySize and hrSystemProcesses"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0"); cmp_ok( $res->return_code, '==', 0, "Exit OK with inside-range thresholds"); like($res->output, '/^SNMP OK - 1\s.*$/', "String matches SNMP OK and output format"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3"); $res->output =~ m/^SNMP OK - (\d+\.\d{2})\s.*$/; my $lower = $1 - 0.05; my $higher = $1 + 0.05; - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher"); cmp_ok( $res->return_code, '==', 1, "Exit WARNING with fractionnal arguments"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2"); cmp_ok( $res->return_code, '==', 1, "Exit WARNING on 2nd threshold"); like($res->output, '/^SNMP WARNING - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s+\*1\*\s.*$/', "First OID returned as string, 2nd checked for thresholds"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''"); cmp_ok( $res->return_code, '==', 0, "Empty thresholds doesn't crash"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2"); cmp_ok( $res->return_code, '==', 0, "Skipping first two thresholds on 2 OID check"); like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping first two thresholds, result printed rather than parsed"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,"); cmp_ok( $res->return_code, '==', 0, "Skipping all thresholds"); like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping all thresholds, result printed rather than parsed"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'"); cmp_ok( $res->return_code, '==', 2, "Timetick used as a threshold"); like($res->output, '/^SNMP CRITICAL - \*\d+\* 1\/100 sec.*$/', "Timetick used as a threshold, parsed as numeric"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0"); cmp_ok( $res->return_code, '==', 0, "Timetick used as a string"); like($res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "Timetick used as a string, result printed rather than parsed"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1"); cmp_ok( $res->return_code, '==', 0, "snmp response without datatype"); like( $res->output, '/^SNMP OK - "(systemd|init)" \| $/', "snmp response without datatype" ); } SKIP: { skip "no SNMP user defined", 1 if ( ! $user_snmp ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv"); like( $res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "noAuthNoPriv security level works properly" ); } @@ -163,14 +163,14 @@ SKIP: { # the tests can run on hosts w/o snmp host/community in NPTest.cache. Execution will fail anyway SKIP: { skip "no non responsive host defined", 2 if ( ! $host_nonresponsive ); - $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL with non responsive host" ); like($res->output, '/Plugin timed out while executing system call/', "String matches timeout problem"); } SKIP: { skip "no non invalid host defined", 2 if ( ! $hostname_invalid ); - $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" ); like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host)/', "String matches invalid host"); } -- cgit v1.2.3-74-g34f1 From c6abf11e021ded0592bd6697040bde93cf64b022 Mon Sep 17 00:00:00 2001 From: Lorenz Kästle Date: Mon, 28 Aug 2023 09:58:27 +0200 Subject: Enhance regex in test to be more tolerant to follow up text --- plugins/t/check_snmp.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t index 7d5abc21..576cc506 100644 --- a/plugins/t/check_snmp.t +++ b/plugins/t/check_snmp.t @@ -172,5 +172,5 @@ SKIP: { skip "no non invalid host defined", 2 if ( ! $hostname_invalid ); $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" ); - like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host)/', "String matches invalid host"); + like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host).*/s', "String matches invalid host"); } -- cgit v1.2.3-74-g34f1 From 9e32be80d673cb9bd7877cad8b6e24b99e79e8b0 Mon Sep 17 00:00:00 2001 From: Lorenz Kästle Date: Mon, 28 Aug 2023 11:15:59 +0200 Subject: Remove dead, commented code --- plugins/check_snmp.c | 9 --------- 1 file changed, 9 deletions(-) (limited to 'plugins') diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 43e79a1c..2acada22 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -347,15 +347,6 @@ main (int argc, char **argv) server_address, port); - - - /* This is just for display purposes, so it can remain a string */ - /* - xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s", - snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]", - server_address, port); - */ - for (i = 0; i < numoids; i++) { command_line[index++] = oids[i]; xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); -- cgit v1.2.3-74-g34f1 From 801784ae89224d004dc79af95545acbdf547ce64 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Fri, 16 Jun 2023 09:28:21 +0200 Subject: check_users: prefer systemd-logind over utmp Prefer systemd-logind over utmp to get the number of logged in users. utmp is not reliable for this (e.g. some terminals create utmp entries, other not) and utmp is not Y2038 safe with glibc on Linux. --- configure.ac | 19 +++++++++++++++++++ plugins/Makefile.am | 2 +- plugins/check_users.c | 37 +++++++++++++++++++++++++------------ po/de.po | 30 +++++++++++++++--------------- po/fr.po | 38 +++++++++++++++++++------------------- po/monitoring-plugins.pot | 30 +++++++++++++++--------------- 6 files changed, 94 insertions(+), 62 deletions(-) (limited to 'plugins') diff --git a/configure.ac b/configure.ac index 069cc625..a294b00f 100644 --- a/configure.ac +++ b/configure.ac @@ -328,6 +328,25 @@ AS_IF([test "x$with_ldap" != "xno"], [ LIBS="$_SAVEDLIBS" ]) + +AC_ARG_WITH([systemd], [AS_HELP_STRING([--without-systemd], [Skips systemd support])]) + +dnl Check for libsystemd +AS_IF([test "x$with_systemd" != "xno"], [ + _SAVEDLIBS="$LIBS" + AC_CHECK_LIB(systemd,sd_get_sessions,,,-lsystemd) + if test "$ac_cv_lib_systemd_sd_get_sessions" = "yes"; then + SYSTEMDLIBS="-lsystemd" + SYSTEMDINCLUDE="" + AC_SUBST(SYSTEMDLIBS) + AC_SUBST(SYSTEMDINCLUDE) + else + AC_MSG_WARN([Skipping systemd support]) + fi + LIBS="$_SAVEDLIBS" +]) + + dnl Check for headers used by check_ide_smart case $host in *linux*) diff --git a/plugins/Makefile.am b/plugins/Makefile.am index ab59eb73..49086b7a 100644 --- a/plugins/Makefile.am +++ b/plugins/Makefile.am @@ -112,7 +112,7 @@ check_tcp_LDADD = $(SSLOBJS) check_time_LDADD = $(NETLIBS) check_ntp_time_LDADD = $(NETLIBS) $(MATHLIBS) check_ups_LDADD = $(NETLIBS) -check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) +check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) $(SYSTEMDLIBS) check_by_ssh_LDADD = $(NETLIBS) check_ide_smart_LDADD = $(BASEOBJS) negate_LDADD = $(BASEOBJS) diff --git a/plugins/check_users.c b/plugins/check_users.c index f6f4b362..2a9ee986 100644 --- a/plugins/check_users.c +++ b/plugins/check_users.c @@ -1,33 +1,33 @@ /***************************************************************************** -* +* * Monitoring check_users plugin -* +* * License: GPL * Copyright (c) 2000-2012 Monitoring Plugins Development Team -* +* * Description: -* +* * This file contains the check_users plugin -* +* * This plugin checks the number of users currently logged in on the local * system and generates an error if the number exceeds the thresholds * specified. -* -* +* +* * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. -* +* * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. -* +* * You should have received a copy of the GNU General Public License * along with this program. If not, see . -* -* +* +* *****************************************************************************/ const char *progname = "check_users"; @@ -48,6 +48,11 @@ const char *email = "devel@monitoring-plugins.org"; # include "popen.h" #endif +#ifdef HAVE_LIBSYSTEMD +#include +#include +#endif + #define possibly_set(a,b) ((a) == 0 ? (b) : 0) int process_arguments (int, char **); @@ -85,6 +90,11 @@ main (int argc, char **argv) users = 0; +#ifdef HAVE_LIBSYSTEMD + if (sd_booted () > 0) + users = sd_get_sessions (NULL); + else { +#endif #if HAVE_WTSAPI32_H if (!WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 0, 1, &wtsinfo, &wtscount)) { @@ -156,6 +166,9 @@ main (int argc, char **argv) if (spclose (child_process)) result = possibly_set (result, STATE_UNKNOWN); #endif +#ifdef HAVE_LIBSYSTEMD + } +#endif /* check the user count against warning and critical thresholds */ result = get_status((double)users, thlds); @@ -163,7 +176,7 @@ main (int argc, char **argv) if (result == STATE_UNKNOWN) printf ("%s\n", _("Unable to read output")); else { - printf (_("USERS %s - %d users currently logged in |%s\n"), + printf (_("USERS %s - %d users currently logged in |%s\n"), state_text(result), users, sperfdata_int("users", users, "", warning_range, critical_range, TRUE, 0, FALSE, 0)); diff --git a/po/de.po b/po/de.po index eb0f8dff..1989dbdd 100644 --- a/po/de.po +++ b/po/de.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: nagiosplug\n" "Report-Msgid-Bugs-To: devel@monitoring-plugins.org\n" -"POT-Creation-Date: 2023-07-11 16:07+0200\n" +"POT-Creation-Date: 2023-08-28 14:50+0200\n" "PO-Revision-Date: 2004-12-23 17:46+0100\n" "Last-Translator: <>\n" "Language-Team: English \n" @@ -31,7 +31,7 @@ msgstr "" #: plugins/check_radius.c:176 plugins/check_real.c:80 plugins/check_smtp.c:146 #: plugins/check_snmp.c:248 plugins/check_ssh.c:74 plugins/check_swap.c:115 #: plugins/check_tcp.c:222 plugins/check_time.c:78 plugins/check_ups.c:122 -#: plugins/check_users.c:84 plugins/negate.c:210 plugins-root/check_dhcp.c:270 +#: plugins/check_users.c:89 plugins/negate.c:210 plugins-root/check_dhcp.c:270 msgid "Could not parse arguments" msgstr "Argumente konnten nicht ausgewertet werden" @@ -255,7 +255,7 @@ msgstr "" #: plugins/check_radius.c:400 plugins/check_real.c:452 plugins/check_smtp.c:891 #: plugins/check_snmp.c:1347 plugins/check_ssh.c:325 plugins/check_swap.c:607 #: plugins/check_tcp.c:710 plugins/check_time.c:371 plugins/check_ups.c:663 -#: plugins/check_users.c:262 plugins/check_ide_smart.c:606 plugins/negate.c:273 +#: plugins/check_users.c:275 plugins/check_ide_smart.c:606 plugins/negate.c:273 #: plugins/urlize.c:196 plugins-root/check_dhcp.c:1390 #: plugins-root/check_icmp.c:1633 msgid "Usage:" @@ -892,13 +892,13 @@ msgid "of the argument with optional text" msgstr "" #: plugins/check_fping.c:127 plugins/check_hpjd.c:134 plugins/check_ping.c:444 -#: plugins/check_swap.c:193 plugins/check_users.c:130 plugins/urlize.c:109 +#: plugins/check_swap.c:193 plugins/check_users.c:140 plugins/urlize.c:109 #, c-format msgid "Could not open pipe: %s\n" msgstr "Pipe: %s konnte nicht geöffnet werden\n" #: plugins/check_fping.c:133 plugins/check_hpjd.c:140 plugins/check_load.c:159 -#: plugins/check_swap.c:199 plugins/check_users.c:136 plugins/urlize.c:115 +#: plugins/check_swap.c:199 plugins/check_users.c:146 plugins/urlize.c:115 #, c-format msgid "Could not open stderr for %s\n" msgstr "Konnte stderr nicht öffnen für: %s\n" @@ -3688,12 +3688,12 @@ msgid " %s - database %s (%f sec.)|%s\n" msgstr "" #: plugins/check_pgsql.c:320 plugins/check_time.c:277 plugins/check_time.c:289 -#: plugins/check_users.c:228 +#: plugins/check_users.c:241 msgid "Critical threshold must be a positive integer" msgstr "Critical threshold muss ein positiver Integer sein" #: plugins/check_pgsql.c:326 plugins/check_time.c:258 plugins/check_time.c:282 -#: plugins/check_users.c:226 +#: plugins/check_users.c:239 msgid "Warning threshold must be a positive integer" msgstr "Warning threshold muss ein positiver Integer sein" @@ -5668,26 +5668,26 @@ msgstr "" msgid "http://www.networkupstools.org" msgstr "" -#: plugins/check_users.c:91 +#: plugins/check_users.c:101 #, fuzzy, c-format msgid "Could not enumerate RD sessions: %d\n" msgstr "Konnte·url·nicht·zuweisen\n" -#: plugins/check_users.c:146 +#: plugins/check_users.c:156 #, c-format msgid "# users=%d" msgstr "" -#: plugins/check_users.c:164 +#: plugins/check_users.c:177 msgid "Unable to read output" msgstr "" -#: plugins/check_users.c:166 +#: plugins/check_users.c:179 #, c-format msgid "USERS %s - %d users currently logged in |%s\n" msgstr "" -#: plugins/check_users.c:241 +#: plugins/check_users.c:254 #, fuzzy msgid "This plugin checks the number of users currently logged in on the local" msgstr "" @@ -5696,16 +5696,16 @@ msgstr "" "unterschritten wird.\n" "\n" -#: plugins/check_users.c:242 +#: plugins/check_users.c:255 msgid "" "system and generates an error if the number exceeds the thresholds specified." msgstr "" -#: plugins/check_users.c:252 +#: plugins/check_users.c:265 msgid "Set WARNING status if more than INTEGER users are logged in" msgstr "" -#: plugins/check_users.c:254 +#: plugins/check_users.c:267 msgid "Set CRITICAL status if more than INTEGER users are logged in" msgstr "" diff --git a/po/fr.po b/po/fr.po index a20c93c1..e4dffac1 100644 --- a/po/fr.po +++ b/po/fr.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: fr\n" "Report-Msgid-Bugs-To: devel@monitoring-plugins.org\n" -"POT-Creation-Date: 2023-07-11 16:07+0200\n" +"POT-Creation-Date: 2023-08-28 14:50+0200\n" "PO-Revision-Date: 2010-04-21 23:38-0400\n" "Last-Translator: Thomas Guyot-Sionnest \n" "Language-Team: Nagios Plugin Development Mailing List argument with optional text" msgstr "du paramètre avec un texte optionnel" #: plugins/check_fping.c:127 plugins/check_hpjd.c:134 plugins/check_ping.c:444 -#: plugins/check_swap.c:193 plugins/check_users.c:130 plugins/urlize.c:109 +#: plugins/check_swap.c:193 plugins/check_users.c:140 plugins/urlize.c:109 #, c-format msgid "Could not open pipe: %s\n" msgstr "Impossible d'ouvrir le pipe: %s\n" #: plugins/check_fping.c:133 plugins/check_hpjd.c:140 plugins/check_load.c:159 -#: plugins/check_swap.c:199 plugins/check_users.c:136 plugins/urlize.c:115 +#: plugins/check_swap.c:199 plugins/check_users.c:146 plugins/urlize.c:115 #, c-format msgid "Could not open stderr for %s\n" msgstr "Impossible d'ouvrir la sortie d'erreur standard pour %s\n" @@ -1495,8 +1495,8 @@ msgstr "" #, fuzzy, c-format msgid "HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n" msgstr "" -"HTTP AVERTISSEMENT - la redirection crée une boucle infinie - %s://%s:" -"%d%s%s\n" +"HTTP AVERTISSEMENT - la redirection crée une boucle infinie - %s://%s:%d%s" +"%s\n" #: plugins/check_http.c:1630 #, c-format @@ -3084,8 +3084,8 @@ msgstr "" #: plugins/check_ntp_peer.c:716 msgid "Critical threshold for number of usable time sources (\"truechimers\")" msgstr "" -"Seuil critique pour le nombre de sources de temps utilisable " -"(\"truechimers\")" +"Seuil critique pour le nombre de sources de temps utilisable (\"truechimers" +"\")" #: plugins/check_ntp_peer.c:721 msgid "This plugin checks an NTP server independent of any commandline" @@ -3751,12 +3751,12 @@ msgid " %s - database %s (%f sec.)|%s\n" msgstr " %s - base de données %s (%d sec.)|%s\n" #: plugins/check_pgsql.c:320 plugins/check_time.c:277 plugins/check_time.c:289 -#: plugins/check_users.c:228 +#: plugins/check_users.c:241 msgid "Critical threshold must be a positive integer" msgstr "Le seuil critique doit être un entier positif" #: plugins/check_pgsql.c:326 plugins/check_time.c:258 plugins/check_time.c:282 -#: plugins/check_users.c:226 +#: plugins/check_users.c:239 msgid "Warning threshold must be a positive integer" msgstr "Le seuil d'avertissement doit être un entier positif" @@ -5774,43 +5774,43 @@ msgstr "" msgid "http://www.networkupstools.org" msgstr "" -#: plugins/check_users.c:91 +#: plugins/check_users.c:101 #, fuzzy, c-format msgid "Could not enumerate RD sessions: %d\n" msgstr "Impossible d'utiliser le protocole version %d\n" -#: plugins/check_users.c:146 +#: plugins/check_users.c:156 #, c-format msgid "# users=%d" msgstr "# utilisateurs=%d" -#: plugins/check_users.c:164 +#: plugins/check_users.c:177 msgid "Unable to read output" msgstr "Impossible de lire les données en entrée" -#: plugins/check_users.c:166 +#: plugins/check_users.c:179 #, c-format msgid "USERS %s - %d users currently logged in |%s\n" msgstr "UTILISATEURS %s - %d utilisateurs actuellement connectés sur |%s\n" -#: plugins/check_users.c:241 +#: plugins/check_users.c:254 msgid "This plugin checks the number of users currently logged in on the local" msgstr "" "Ce plugin vérifie le nombre d'utilisateurs actuellement connecté sur le " "système local" -#: plugins/check_users.c:242 +#: plugins/check_users.c:255 msgid "" "system and generates an error if the number exceeds the thresholds specified." msgstr "et génère une erreur si le nombre excède le seuil spécifié." -#: plugins/check_users.c:252 +#: plugins/check_users.c:265 msgid "Set WARNING status if more than INTEGER users are logged in" msgstr "" "Sortir avec un résultat AVERTISSEMENT si plus de INTEGER utilisateurs sont " "connectés" -#: plugins/check_users.c:254 +#: plugins/check_users.c:267 msgid "Set CRITICAL status if more than INTEGER users are logged in" msgstr "" "Sortir avec un résultat CRITIQUE si plus de INTEGER utilisateurs sont " diff --git a/po/monitoring-plugins.pot b/po/monitoring-plugins.pot index 4f6b2418..012967d4 100644 --- a/po/monitoring-plugins.pot +++ b/po/monitoring-plugins.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: devel@monitoring-plugins.org\n" -"POT-Creation-Date: 2023-07-11 16:07+0200\n" +"POT-Creation-Date: 2023-08-28 14:50+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -30,7 +30,7 @@ msgstr "" #: plugins/check_radius.c:176 plugins/check_real.c:80 plugins/check_smtp.c:146 #: plugins/check_snmp.c:248 plugins/check_ssh.c:74 plugins/check_swap.c:115 #: plugins/check_tcp.c:222 plugins/check_time.c:78 plugins/check_ups.c:122 -#: plugins/check_users.c:84 plugins/negate.c:210 plugins-root/check_dhcp.c:270 +#: plugins/check_users.c:89 plugins/negate.c:210 plugins-root/check_dhcp.c:270 msgid "Could not parse arguments" msgstr "" @@ -246,7 +246,7 @@ msgstr "" #: plugins/check_radius.c:400 plugins/check_real.c:452 plugins/check_smtp.c:891 #: plugins/check_snmp.c:1347 plugins/check_ssh.c:325 plugins/check_swap.c:607 #: plugins/check_tcp.c:710 plugins/check_time.c:371 plugins/check_ups.c:663 -#: plugins/check_users.c:262 plugins/check_ide_smart.c:606 plugins/negate.c:273 +#: plugins/check_users.c:275 plugins/check_ide_smart.c:606 plugins/negate.c:273 #: plugins/urlize.c:196 plugins-root/check_dhcp.c:1390 #: plugins-root/check_icmp.c:1633 msgid "Usage:" @@ -870,13 +870,13 @@ msgid "of the argument with optional text" msgstr "" #: plugins/check_fping.c:127 plugins/check_hpjd.c:134 plugins/check_ping.c:444 -#: plugins/check_swap.c:193 plugins/check_users.c:130 plugins/urlize.c:109 +#: plugins/check_swap.c:193 plugins/check_users.c:140 plugins/urlize.c:109 #, c-format msgid "Could not open pipe: %s\n" msgstr "" #: plugins/check_fping.c:133 plugins/check_hpjd.c:140 plugins/check_load.c:159 -#: plugins/check_swap.c:199 plugins/check_users.c:136 plugins/urlize.c:115 +#: plugins/check_swap.c:199 plugins/check_users.c:146 plugins/urlize.c:115 #, c-format msgid "Could not open stderr for %s\n" msgstr "" @@ -3592,12 +3592,12 @@ msgid " %s - database %s (%f sec.)|%s\n" msgstr "" #: plugins/check_pgsql.c:320 plugins/check_time.c:277 plugins/check_time.c:289 -#: plugins/check_users.c:228 +#: plugins/check_users.c:241 msgid "Critical threshold must be a positive integer" msgstr "" #: plugins/check_pgsql.c:326 plugins/check_time.c:258 plugins/check_time.c:282 -#: plugins/check_users.c:226 +#: plugins/check_users.c:239 msgid "Warning threshold must be a positive integer" msgstr "" @@ -5513,39 +5513,39 @@ msgstr "" msgid "http://www.networkupstools.org" msgstr "" -#: plugins/check_users.c:91 +#: plugins/check_users.c:101 #, c-format msgid "Could not enumerate RD sessions: %d\n" msgstr "" -#: plugins/check_users.c:146 +#: plugins/check_users.c:156 #, c-format msgid "# users=%d" msgstr "" -#: plugins/check_users.c:164 +#: plugins/check_users.c:177 msgid "Unable to read output" msgstr "" -#: plugins/check_users.c:166 +#: plugins/check_users.c:179 #, c-format msgid "USERS %s - %d users currently logged in |%s\n" msgstr "" -#: plugins/check_users.c:241 +#: plugins/check_users.c:254 msgid "This plugin checks the number of users currently logged in on the local" msgstr "" -#: plugins/check_users.c:242 +#: plugins/check_users.c:255 msgid "" "system and generates an error if the number exceeds the thresholds specified." msgstr "" -#: plugins/check_users.c:252 +#: plugins/check_users.c:265 msgid "Set WARNING status if more than INTEGER users are logged in" msgstr "" -#: plugins/check_users.c:254 +#: plugins/check_users.c:267 msgid "Set CRITICAL status if more than INTEGER users are logged in" msgstr "" -- cgit v1.2.3-74-g34f1 From ead5526efa4f713e8001baed409067b0474cb72d Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Mon, 21 Aug 2023 16:53:48 +0200 Subject: Add support for SMTP over TLS This is commonly used on smtps (465) port. PROXY protocol is not implemented with TLS in check_smtp.c, yet. Backported from nagios-plugins: https://github.com/nagios-plugins/nagios-plugins/commit/0a8cf08ebb0740aa55d6c60d3b79fcab282604fb --- plugins/check_smtp.c | 46 +++++++++++++++++++++++++++++++++++++--------- 1 file changed, 37 insertions(+), 9 deletions(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 996bd875..f3ba9e38 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -42,8 +42,8 @@ const char *email = "devel@monitoring-plugins.org"; #ifdef HAVE_SSL int check_cert = FALSE; int days_till_exp_warn, days_till_exp_crit; -# define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) -# define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) +# define my_recv(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) +# define my_send(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) #else /* ifndef HAVE_SSL */ # define my_recv(buf, len) read(sd, buf, len) # define my_send(buf, len) send(sd, buf, len, 0) @@ -103,6 +103,7 @@ double critical_time = 0; int check_critical_time = FALSE; int verbose = 0; int use_ssl = FALSE; +int use_starttls = FALSE; int use_sni = FALSE; short use_proxy_prefix = FALSE; short use_ehlo = FALSE; @@ -186,12 +187,25 @@ main (int argc, char **argv) result = my_tcp_connect (server_address, server_port, &sd); if (result == STATE_OK) { /* we connected */ +#ifdef HAVE_SSL + if (use_ssl) { + result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); + if (result != STATE_OK) { + printf (_("CRITICAL - Cannot create SSL context.\n")); + close(sd); + np_net_ssl_cleanup(); + return STATE_CRITICAL; + } else { + ssl_established = 1; + } + } +#endif /* If requested, send PROXY header */ if (use_proxy_prefix) { if (verbose) printf ("Sending header %s\n", PROXY_PREFIX); - send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0); + my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); } /* watch for the SMTP connection string and */ @@ -205,7 +219,7 @@ main (int argc, char **argv) xasprintf(&server_response, "%s", buffer); /* send the HELO/EHLO command */ - send(sd, helocmd, strlen(helocmd), 0); + my_send(helocmd, strlen(helocmd)); /* allow for response to helo command to reach us */ if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { @@ -218,14 +232,14 @@ main (int argc, char **argv) } } - if(use_ssl && ! supports_tls){ + if(use_starttls && ! supports_tls){ printf(_("WARNING - TLS not supported by server\n")); smtp_quit(); return STATE_WARNING; } #ifdef HAVE_SSL - if(use_ssl) { + if(use_starttls) { /* send the STARTTLS command */ send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); @@ -489,6 +503,7 @@ process_arguments (int argc, char **argv) {"use-ipv6", no_argument, 0, '6'}, {"help", no_argument, 0, 'h'}, {"lmtp", no_argument, 0, 'L'}, + {"ssl", no_argument, 0, 's'}, {"starttls",no_argument,0,'S'}, {"sni", no_argument, 0, SNI_OPTION}, {"certificate",required_argument,0,'D'}, @@ -510,7 +525,7 @@ process_arguments (int argc, char **argv) } while (1) { - c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q", + c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q", longopts, &option); if (c == -1 || c == EOF) @@ -632,10 +647,13 @@ process_arguments (int argc, char **argv) #else usage (_("SSL support not available - install OpenSSL and recompile")); #endif - // fall through + case 's': + /* ssl */ + use_ssl = TRUE; + break; case 'S': /* starttls */ - use_ssl = TRUE; + use_starttls = TRUE; use_ehlo = TRUE; break; case SNI_OPTION: @@ -694,6 +712,14 @@ process_arguments (int argc, char **argv) if (from_arg==NULL) from_arg = strdup(" "); + if (use_starttls && use_ssl) { + usage4 (_("Set either -s/--ssl or -S/--starttls")); + } + + if (use_ssl && use_proxy_prefix) { + usage4 (_("PROXY protocol (-r/--proxy) is not implemented with SSL/TLS (-s/--ssl), yet.")); + } + return validate_arguments (); } @@ -851,6 +877,8 @@ print_help (void) #ifdef HAVE_SSL printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); + printf (" %s\n", "-s, --ssl"); + printf (" %s\n", _("Use SSL/TLS for the connection.")); printf (" %s\n", "-S, --starttls"); printf (" %s\n", _("Use STARTTLS for the connection.")); printf (" %s\n", "--sni"); -- cgit v1.2.3-74-g34f1 From e823896d8a39618e0cb60c5cd4e46f13bbc6a51d Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Wed, 14 Jun 2023 18:27:24 +0200 Subject: check_smtp: set default port to smtps (465) for TLS The port can still be set with -p. --- plugins/check_smtp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index f3ba9e38..474557d5 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -50,7 +50,8 @@ int days_till_exp_warn, days_till_exp_crit; #endif enum { - SMTP_PORT = 25 + SMTP_PORT = 25, + SMTPS_PORT = 465 }; #define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n" #define SMTP_EXPECT "220" @@ -650,6 +651,7 @@ process_arguments (int argc, char **argv) case 's': /* ssl */ use_ssl = TRUE; + server_port = SMTPS_PORT; break; case 'S': /* starttls */ @@ -879,6 +881,7 @@ print_help (void) printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); printf (" %s\n", "-s, --ssl"); printf (" %s\n", _("Use SSL/TLS for the connection.")); + printf (_(" Sets default port to %d.\n"), SMTPS_PORT); printf (" %s\n", "-S, --starttls"); printf (" %s\n", _("Use STARTTLS for the connection.")); printf (" %s\n", "--sni"); -- cgit v1.2.3-74-g34f1 From da81dd3cf29c16ff1f9cf735482b9d4a0619f501 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Wed, 14 Jun 2023 20:25:50 +0200 Subject: check_smtp: remove restriction of --proxy with --ssl --- plugins/check_smtp.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 474557d5..4ceb9565 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -188,6 +188,13 @@ main (int argc, char **argv) result = my_tcp_connect (server_address, server_port, &sd); if (result == STATE_OK) { /* we connected */ + /* If requested, send PROXY header */ + if (use_proxy_prefix) { + if (verbose) + printf ("Sending header %s\n", PROXY_PREFIX); + my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); + } + #ifdef HAVE_SSL if (use_ssl) { result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); @@ -202,13 +209,6 @@ main (int argc, char **argv) } #endif - /* If requested, send PROXY header */ - if (use_proxy_prefix) { - if (verbose) - printf ("Sending header %s\n", PROXY_PREFIX); - my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); - } - /* watch for the SMTP connection string and */ /* return a WARNING status if we couldn't read any data */ if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { @@ -718,10 +718,6 @@ process_arguments (int argc, char **argv) usage4 (_("Set either -s/--ssl or -S/--starttls")); } - if (use_ssl && use_proxy_prefix) { - usage4 (_("PROXY protocol (-r/--proxy) is not implemented with SSL/TLS (-s/--ssl), yet.")); - } - return validate_arguments (); } -- cgit v1.2.3-74-g34f1 From 079c300dcc6479b53e1f84a6b9446c7f403a7612 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Wed, 14 Jun 2023 20:29:25 +0200 Subject: check_smtp: add new longoption --tls This is an alias for -s/--ssl. --- plugins/check_smtp.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 4ceb9565..3990ad82 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -505,6 +505,7 @@ process_arguments (int argc, char **argv) {"help", no_argument, 0, 'h'}, {"lmtp", no_argument, 0, 'L'}, {"ssl", no_argument, 0, 's'}, + {"tls", no_argument, 0, 's'}, {"starttls",no_argument,0,'S'}, {"sni", no_argument, 0, SNI_OPTION}, {"certificate",required_argument,0,'D'}, @@ -715,7 +716,7 @@ process_arguments (int argc, char **argv) from_arg = strdup(" "); if (use_starttls && use_ssl) { - usage4 (_("Set either -s/--ssl or -S/--starttls")); + usage4 (_("Set either -s/--ssl/--tls or -S/--starttls")); } return validate_arguments (); @@ -875,7 +876,7 @@ print_help (void) #ifdef HAVE_SSL printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); - printf (" %s\n", "-s, --ssl"); + printf (" %s\n", "-s, --ssl, --tls"); printf (" %s\n", _("Use SSL/TLS for the connection.")); printf (_(" Sets default port to %d.\n"), SMTPS_PORT); printf (" %s\n", "-S, --starttls"); -- cgit v1.2.3-74-g34f1 From ce96ef868a5ee14947b9e213e3c36917cdd9e786 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Tue, 29 Aug 2023 09:35:53 +0200 Subject: check_smtp: Let port option always take precedence MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Otherwise -s/--ssl would overwrite a port given with -p if it comes after it, e. g. check_smtp -H mailhost.example.com -p 4465 --ssl Found-By: Lorenz Kästle --- plugins/check_smtp.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 3990ad82..fc0ae2c4 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -84,6 +84,7 @@ int eflags = 0; int errcode, excode; int server_port = SMTP_PORT; +int server_port_option = 0; char *server_address = NULL; char *server_expect = NULL; char *mail_command = NULL; @@ -544,7 +545,7 @@ process_arguments (int argc, char **argv) break; case 'p': /* port */ if (is_intpos (optarg)) - server_port = atoi (optarg); + server_port_option = atoi (optarg); else usage4 (_("Port must be a positive integer")); break; @@ -719,6 +720,10 @@ process_arguments (int argc, char **argv) usage4 (_("Set either -s/--ssl/--tls or -S/--starttls")); } + if (server_port_option != 0) { + server_port = server_port_option; + } + return validate_arguments (); } -- cgit v1.2.3-74-g34f1