From f7687d47cb0841d0bc12ef205fcbaef8bf2e3805 Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Sun, 12 Mar 2023 19:56:43 +0100 Subject: Fixes for -Wimplicit-fallthrough --- plugins/check_curl.c | 1 + plugins/check_dbi.c | 1 + plugins/check_fping.c | 1 + plugins/check_hpjd.c | 1 + plugins/check_http.c | 1 + plugins/check_smtp.c | 1 + plugins/check_snmp.c | 1 + 7 files changed, 7 insertions(+) (limited to 'plugins') diff --git a/plugins/check_curl.c b/plugins/check_curl.c index be5740d7..b7137145 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -1654,6 +1654,7 @@ process_arguments (int argc, char **argv) break; case 'R': /* regex */ cflags |= REG_ICASE; + // fall through case 'r': /* regex */ strncpy (regexp, optarg, MAX_RE_SIZE - 1); regexp[MAX_RE_SIZE - 1] = 0; diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c index ced13d05..d73efbb2 100644 --- a/plugins/check_dbi.c +++ b/plugins/check_dbi.c @@ -426,6 +426,7 @@ process_arguments (int argc, char **argv) else timeout_interval = atoi (optarg); + break; case 'H': /* host */ if (!is_host (optarg)) usage2 (_("Invalid hostname/address"), optarg); diff --git a/plugins/check_fping.c b/plugins/check_fping.c index 6f5656ef..23a9e990 100644 --- a/plugins/check_fping.c +++ b/plugins/check_fping.c @@ -354,6 +354,7 @@ process_arguments (int argc, char **argv) break; case 'I': /* sourceip */ sourceif = strscpy (sourceif, optarg); + break; case '4': /* IPv4 only */ address_family = AF_INET; break; diff --git a/plugins/check_hpjd.c b/plugins/check_hpjd.c index c4b44178..c34bb082 100644 --- a/plugins/check_hpjd.c +++ b/plugins/check_hpjd.c @@ -353,6 +353,7 @@ process_arguments (int argc, char **argv) usage2 (_("Port must be a positive short integer"), optarg); else port = atoi(optarg); + break; case 'D': /* disable paper out check*/ check_paper_out = 0; break; diff --git a/plugins/check_http.c b/plugins/check_http.c index 8c03bc8b..432a984b 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c @@ -498,6 +498,7 @@ bool process_arguments (int argc, char **argv) break; case 'R': /* regex */ cflags |= REG_ICASE; + // fall through case 'r': /* regex */ strncpy (regexp, optarg, MAX_RE_SIZE - 1); regexp[MAX_RE_SIZE - 1] = 0; diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index eaa7eeba..b035aab5 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -616,6 +616,7 @@ process_arguments (int argc, char **argv) #else usage (_("SSL support not available - install OpenSSL and recompile")); #endif + // fall through case 'S': /* starttls */ use_ssl = TRUE; diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index c425df3c..04dc6c6f 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -855,6 +855,7 @@ process_arguments (int argc, char **argv) break; case 'R': /* regex */ cflags = REG_ICASE; + // fall through case 'r': /* regex */ cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE; strncpy (regex_expect, optarg, sizeof (regex_expect) - 1); -- cgit v1.2.3-74-g34f1 From 907b933a87ae21ad776c53a2dd7f04beb220b6bf Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Sun, 12 Mar 2023 20:12:37 +0100 Subject: Fixes for -Wunused-parameters --- plugins-root/check_dhcp.c | 12 ++++++------ plugins-root/check_icmp.c | 4 ++++ plugins/check_curl.c | 9 ++++++--- plugins/check_ntp_peer.c | 6 +++--- plugins/check_ups.c | 14 +++++++------- 5 files changed, 26 insertions(+), 19 deletions(-) (limited to 'plugins') diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c index ad673237..2d742349 100644 --- a/plugins-root/check_dhcp.c +++ b/plugins-root/check_dhcp.c @@ -229,7 +229,7 @@ struct in_addr requested_address; int process_arguments(int, char **); int call_getopt(int, char **); -int validate_arguments(int, int); +int validate_arguments(int); void print_usage(void); void print_help(void); @@ -1059,8 +1059,8 @@ int process_arguments(int argc, char **argv){ return ERROR; arg_index = call_getopt(argc,argv); - return validate_arguments(argc,arg_index); - } + return validate_arguments(argc); +} @@ -1158,13 +1158,13 @@ int call_getopt(int argc, char **argv){ } -int validate_arguments(int argc, int arg_index){ +int validate_arguments(int argc){ - if(argc-optind > 0) + if(argc - optind > 0) usage(_("Got unexpected non-option argument")); return OK; - } +} #if defined(__sun__) || defined(__solaris__) || defined(__hpux__) diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c index 9ceb35b2..edfd6949 100644 --- a/plugins-root/check_icmp.c +++ b/plugins-root/check_icmp.c @@ -1436,11 +1436,15 @@ get_ip_address(const char *ifname) struct ifreq ifr; strncpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name) - 1); + ifr.ifr_name[sizeof(ifr.ifr_name) - 1] = '\0'; + if(ioctl(icmp_sock, SIOCGIFADDR, &ifr) == -1) crash("Cannot determine IP address of interface %s", ifname); + memcpy(&ip, &ifr.ifr_addr, sizeof(ip)); #else + (void) ifname; errno = 0; crash("Cannot get interface IP address on this platform."); #endif diff --git a/plugins/check_curl.c b/plugins/check_curl.c index b7137145..41c25d9c 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -244,7 +244,7 @@ void curlhelp_freewritebuffer (curlhelp_write_curlbuf*); int curlhelp_initreadbuffer (curlhelp_read_curlbuf *, const char *, size_t); int curlhelp_buffer_read_callback (void *, size_t , size_t , void *); void curlhelp_freereadbuffer (curlhelp_read_curlbuf *); -curlhelp_ssl_library curlhelp_get_ssl_library (CURL*); +curlhelp_ssl_library curlhelp_get_ssl_library (); const char* curlhelp_get_ssl_library_string (curlhelp_ssl_library); int net_noopenssl_check_certificate (cert_ptr_union*, int, int); @@ -297,6 +297,7 @@ main (int argc, char **argv) int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) { + (void) preverify_ok; /* TODO: we get all certificates of the chain, so which ones * should we test? * TODO: is the last certificate always the server certificate? @@ -321,6 +322,8 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) { + (void) curl; // ignore unused parameter + (void) parm; // ignore unused parameter SSL_CTX_set_verify(sslctx, SSL_VERIFY_PEER, verify_callback); return CURLE_OK; @@ -646,7 +649,7 @@ check_http (void) } /* detect SSL library used by libcurl */ - ssl_library = curlhelp_get_ssl_library (curl); + ssl_library = curlhelp_get_ssl_library (); /* try hard to get a stack of certificates to verify against */ if (check_cert) { @@ -2381,7 +2384,7 @@ get_content_length (const curlhelp_write_curlbuf* header_buf, const curlhelp_wri /* TODO: is there a better way in libcurl to check for the SSL library? */ curlhelp_ssl_library -curlhelp_get_ssl_library (CURL* curl) +curlhelp_get_ssl_library () { curl_version_info_data* version_data; char *ssl_version; diff --git a/plugins/check_ntp_peer.c b/plugins/check_ntp_peer.c index eafafdc0..161b4950 100644 --- a/plugins/check_ntp_peer.c +++ b/plugins/check_ntp_peer.c @@ -199,7 +199,7 @@ setup_control_request(ntp_control_message *p, uint8_t opcode, uint16_t seq){ * status is pretty much useless as syncsource_found is a global variable * used later in main to check is the server was synchronized. It works * so I left it alone */ -int ntp_request(const char *host, double *offset, int *offset_result, double *jitter, int *stratum, int *num_truechimers){ +int ntp_request(double *offset, int *offset_result, double *jitter, int *stratum, int *num_truechimers){ int conn=-1, i, npeers=0, num_candidates=0; double tmp_offset = 0; int min_peer_sel=PEER_INCLUDED; @@ -585,8 +585,8 @@ int main(int argc, char *argv[]){ /* set socket timeout */ alarm (socket_timeout); - /* This returns either OK or WARNING (See comment proceeding ntp_request) */ - result = ntp_request(server_address, &offset, &offset_result, &jitter, &stratum, &num_truechimers); + /* This returns either OK or WARNING (See comment preceeding ntp_request) */ + result = ntp_request(&offset, &offset_result, &jitter, &stratum, &num_truechimers); if(offset_result == STATE_UNKNOWN) { /* if there's no sync peer (this overrides ntp_request output): */ diff --git a/plugins/check_ups.c b/plugins/check_ups.c index 12bce217..68737c4b 100644 --- a/plugins/check_ups.c +++ b/plugins/check_ups.c @@ -89,7 +89,7 @@ char *ups_status; int temp_output_c = 0; int determine_status (void); -int get_ups_variable (const char *, char *, size_t); +int get_ups_variable (const char *, char *); int process_arguments (int, char **); int validate_arguments (void); @@ -189,7 +189,7 @@ main (int argc, char **argv) } /* get the ups utility voltage if possible */ - res=get_ups_variable ("input.voltage", temp_buffer, sizeof (temp_buffer)); + res=get_ups_variable ("input.voltage", temp_buffer); if (res == NOSUCHVAR) supported_options &= ~UPS_UTILITY; else if (res != OK) return STATE_CRITICAL; @@ -224,7 +224,7 @@ main (int argc, char **argv) } /* get the ups battery percent if possible */ - res=get_ups_variable ("battery.charge", temp_buffer, sizeof (temp_buffer)); + res=get_ups_variable ("battery.charge", temp_buffer); if (res == NOSUCHVAR) supported_options &= ~UPS_BATTPCT; else if ( res != OK) return STATE_CRITICAL; @@ -253,7 +253,7 @@ main (int argc, char **argv) } /* get the ups load percent if possible */ - res=get_ups_variable ("ups.load", temp_buffer, sizeof (temp_buffer)); + res=get_ups_variable ("ups.load", temp_buffer); if ( res == NOSUCHVAR ) supported_options &= ~UPS_LOADPCT; else if ( res != OK) return STATE_CRITICAL; @@ -282,7 +282,7 @@ main (int argc, char **argv) } /* get the ups temperature if possible */ - res=get_ups_variable ("ups.temperature", temp_buffer, sizeof (temp_buffer)); + res=get_ups_variable ("ups.temperature", temp_buffer); if ( res == NOSUCHVAR ) supported_options &= ~UPS_TEMP; else if ( res != OK) return STATE_CRITICAL; @@ -342,7 +342,7 @@ determine_status (void) char *ptr; int res; - res=get_ups_variable ("ups.status", recv_buffer, sizeof (recv_buffer)); + res=get_ups_variable ("ups.status", recv_buffer); if (res == NOSUCHVAR) return OK; if (res != STATE_OK) { printf ("%s\n", _("Invalid response received from host")); @@ -388,7 +388,7 @@ determine_status (void) /* gets a variable value for a specific UPS */ int -get_ups_variable (const char *varname, char *buf, size_t buflen) +get_ups_variable (const char *varname, char *buf) { /* char command[MAX_INPUT_BUFFER]; */ char temp_buffer[MAX_INPUT_BUFFER]; -- cgit v1.2.3-74-g34f1 From d27181914930470c0f8e33475e95dc6984828d8c Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Sun, 12 Mar 2023 19:29:55 +0100 Subject: Fixes for -Wrestrict --- plugins/check_curl.c | 251 +++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 184 insertions(+), 67 deletions(-) (limited to 'plugins') diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 41c25d9c..67ae2b02 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -378,8 +378,12 @@ void handle_curl_option_return_code (CURLcode res, const char* option) { if (res != CURLE_OK) { - snprintf (msg, DEFAULT_BUFFER_SIZE, _("Error while setting cURL option '%s': cURL returned %d - %s"), - option, res, curl_easy_strerror(res)); + snprintf (msg, + DEFAULT_BUFFER_SIZE, + _("Error while setting cURL option '%s': cURL returned %d - %s"), + option, + res, + curl_easy_strerror(res)); die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); } } @@ -519,9 +523,13 @@ check_http (void) // fill dns resolve cache to make curl connect to the given server_address instead of the host_name, only required for ssl, because we use the host_name later on to make SNI happy if(use_ssl && host_name != NULL) { if ( (res=lookup_host (server_address, addrstr, DEFAULT_BUFFER_SIZE/2)) != 0) { - snprintf (msg, DEFAULT_BUFFER_SIZE, _("Unable to lookup IP address for '%s': getaddrinfo returned %d - %s"), - server_address, res, gai_strerror (res)); - die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); + snprintf (msg, + DEFAULT_BUFFER_SIZE, + _("Unable to lookup IP address for '%s': getaddrinfo returned %d - %s"), + server_address, + res, + gai_strerror (res)); + die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); } snprintf (dnscache, DEFAULT_BUFFER_SIZE, "%s:%d:%s", host_name, server_port, addrstr); host = curl_slist_append(NULL, dnscache); @@ -819,9 +827,13 @@ check_http (void) /* Curl errors, result in critical Nagios state */ if (res != CURLE_OK) { - snprintf (msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host on port %d: cURL returned %d - %s"), - server_port, res, errbuf[0] ? errbuf : curl_easy_strerror(res)); - die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); + snprintf (msg, + DEFAULT_BUFFER_SIZE, + _("Invalid HTTP response received from host on port %d: cURL returned %d - %s"), + server_port, + res, + errbuf[0] ? errbuf : curl_easy_strerror(res)); + die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); } /* certificate checks */ @@ -864,15 +876,19 @@ check_http (void) } GOT_FIRST_CERT: if (!raw_cert) { - snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot retrieve certificates from CERTINFO information - certificate data was empty")); - die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); + snprintf (msg, + DEFAULT_BUFFER_SIZE, + _("Cannot retrieve certificates from CERTINFO information - certificate data was empty")); + die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); } BIO* cert_BIO = BIO_new (BIO_s_mem()); BIO_write (cert_BIO, raw_cert, strlen(raw_cert)); cert = PEM_read_bio_X509 (cert_BIO, NULL, NULL, NULL); if (!cert) { - snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot read certificate from CERTINFO information - BIO error")); - die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); + snprintf (msg, + DEFAULT_BUFFER_SIZE, + _("Cannot read certificate from CERTINFO information - BIO error")); + die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); } BIO_free (cert_BIO); result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit); @@ -889,9 +905,12 @@ GOT_FIRST_CERT: } #endif /* USE_OPENSSL */ } else { - snprintf (msg, DEFAULT_BUFFER_SIZE, _("Cannot retrieve certificates - cURL returned %d - %s"), - res, curl_easy_strerror(res)); - die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); + snprintf (msg, + DEFAULT_BUFFER_SIZE, + _("Cannot retrieve certificates - cURL returned %d - %s"), + res, + curl_easy_strerror(res)); + die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg); } } } @@ -930,8 +949,11 @@ GOT_FIRST_CERT: /* get status line of answer, check sanity of HTTP code */ if (curlhelp_parse_statusline (header_buf.buf, &status_line) < 0) { - snprintf (msg, DEFAULT_BUFFER_SIZE, "Unparsable status line in %.3g seconds response time|%s\n", - total_time, perfstring); + snprintf (msg, + DEFAULT_BUFFER_SIZE, + "Unparsable status line in %.3g seconds response time|%s\n", + total_time, + perfstring); /* we cannot know the major/minor version here for sure as we cannot parse the first line */ die (STATE_CRITICAL, "HTTP CRITICAL HTTP/x.x %ld unknown - %s", code, msg); } @@ -951,9 +973,16 @@ GOT_FIRST_CERT: /* make sure the status line matches the response we are looking for */ if (!expected_statuscode(status_line.first_line, server_expect)) { if (server_port == HTTP_PORT) - snprintf(msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host: %s\n"), status_line.first_line); + snprintf(msg, + DEFAULT_BUFFER_SIZE, + _("Invalid HTTP response received from host: %s\n"), + status_line.first_line); else - snprintf(msg, DEFAULT_BUFFER_SIZE, _("Invalid HTTP response received from host on port %d: %s\n"), server_port, status_line.first_line); + snprintf(msg, + DEFAULT_BUFFER_SIZE, + _("Invalid HTTP response received from host on port %d: %s\n"), + server_port, + status_line.first_line); die (STATE_CRITICAL, "HTTP CRITICAL - %s%s%s", msg, show_body ? "\n" : "", show_body ? body_buf.buf : ""); @@ -1026,23 +1055,60 @@ GOT_FIRST_CERT: if (strlen (header_expect)) { if (!strstr (header_buf.buf, header_expect)) { + strncpy(&output_header_search[0],header_expect,sizeof(output_header_search)); + if(output_header_search[sizeof(output_header_search)-1]!='\0') { bcopy("...",&output_header_search[sizeof(output_header_search)-4],4); } - snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); - result = STATE_CRITICAL; + + char *tmp = malloc(DEFAULT_BUFFER_SIZE); + + if (tmp == NULL) { + die(STATE_UNKNOWN, "Failed to allocate buffer for output: %s\n", strerror(errno)); + } + + snprintf (tmp, + DEFAULT_BUFFER_SIZE, + _("%sheader '%s' not found on '%s://%s:%d%s', "), + msg, + output_header_search, + use_ssl ? "https" : "http", + host_name ? host_name : server_address, + server_port, + server_url); + + strcpy(msg, tmp); + free(tmp); + + result = STATE_CRITICAL; } } if (strlen (string_expect)) { if (!strstr (body_buf.buf, string_expect)) { + strncpy(&output_string_search[0],string_expect,sizeof(output_string_search)); + if(output_string_search[sizeof(output_string_search)-1]!='\0') { bcopy("...",&output_string_search[sizeof(output_string_search)-4],4); } - snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); - result = STATE_CRITICAL; + + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, + DEFAULT_BUFFER_SIZE, + _("%sstring '%s' not found on '%s://%s:%d%s', "), + msg, + output_string_search, + use_ssl ? "https" : "http", + host_name ? host_name : server_address, + server_port, + server_url); + + strcpy(msg, tmp); + + result = STATE_CRITICAL; } } @@ -1053,27 +1119,48 @@ GOT_FIRST_CERT: result = max_state_alt(STATE_OK, result); } else if ((errcode == REG_NOMATCH && !invert_regex) || (errcode == 0 && invert_regex)) { - if (!invert_regex) - snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spattern not found, "), msg); - else - snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spattern found, "), msg); - result = STATE_CRITICAL; - } - else { - regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); - snprintf (msg, DEFAULT_BUFFER_SIZE, _("%sExecute Error: %s, "), msg, errbuf); - result = STATE_UNKNOWN; - } + if (!invert_regex) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spattern not found, "), msg); + strcpy(msg, tmp); + + } else { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spattern found, "), msg); + strcpy(msg, tmp); + + } + result = STATE_CRITICAL; + } else { + regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); + + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sExecute Error: %s, "), msg, errbuf); + strcpy(msg, tmp); + result = STATE_UNKNOWN; + } } /* make sure the page is of an appropriate size */ - if ((max_page_len > 0) && (page_len > max_page_len)) { - snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spage size %d too large, "), msg, page_len); - result = max_state_alt(STATE_WARNING, result); - } else if ((min_page_len > 0) && (page_len < min_page_len)) { - snprintf (msg, DEFAULT_BUFFER_SIZE, _("%spage size %d too small, "), msg, page_len); - result = max_state_alt(STATE_WARNING, result); - } + if ((max_page_len > 0) && (page_len > max_page_len)) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spage size %d too large, "), msg, page_len); + + strcpy(msg, tmp); + + result = max_state_alt(STATE_WARNING, result); + + } else if ((min_page_len > 0) && (page_len < min_page_len)) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%spage size %d too small, "), msg, page_len); + strcpy(msg, tmp); + result = max_state_alt(STATE_WARNING, result); + } /* -w, -c: check warning and critical level */ result = max_state_alt(get_status(total_time, thlds), result); @@ -2312,37 +2399,67 @@ check_document_dates (const curlhelp_write_curlbuf *header_buf, char (*msg)[DEFA server_date = get_header_value (headers, nof_headers, "date"); document_date = get_header_value (headers, nof_headers, "last-modified"); - if (!server_date || !*server_date) { - snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sServer date unknown, "), *msg); - date_result = max_state_alt(STATE_UNKNOWN, date_result); - } else if (!document_date || !*document_date) { - snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument modification date unknown, "), *msg); - date_result = max_state_alt(STATE_CRITICAL, date_result); + if (!server_date || !*server_date) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sServer date unknown, "), *msg); + strcpy(*msg, tmp); + + date_result = max_state_alt(STATE_UNKNOWN, date_result); + + } else if (!document_date || !*document_date) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument modification date unknown, "), *msg); + strcpy(*msg, tmp); + + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else { time_t srv_data = curl_getdate (server_date, NULL); time_t doc_data = curl_getdate (document_date, NULL); if (verbose >= 2) printf ("* server date: '%s' (%d), doc_date: '%s' (%d)\n", server_date, (int)srv_data, document_date, (int)doc_data); - if (srv_data <= 0) { - snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); - date_result = max_state_alt(STATE_CRITICAL, date_result); - } else if (doc_data <= 0) { - snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); - date_result = max_state_alt(STATE_CRITICAL, date_result); - } else if (doc_data > srv_data + 30) { - snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); - date_result = max_state_alt(STATE_CRITICAL, date_result); - } else if (doc_data < srv_data - maximum_age) { - int n = (srv_data - doc_data); - if (n > (60 * 60 * 24 * 2)) { - snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); - date_result = max_state_alt(STATE_CRITICAL, date_result); - } else { - snprintf (*msg, DEFAULT_BUFFER_SIZE, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); - date_result = max_state_alt(STATE_CRITICAL, date_result); - } - } - } + if (srv_data <= 0) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); + strcpy(*msg, tmp); + + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data <= 0) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); + strcpy(*msg, tmp); + + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data > srv_data + 30) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); + strcpy(*msg, tmp); + + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data < srv_data - maximum_age) { + int n = (srv_data - doc_data); + if (n > (60 * 60 * 24 * 2)) { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); + strcpy(*msg, tmp); + + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else { + char tmp[DEFAULT_BUFFER_SIZE]; + + snprintf (tmp, DEFAULT_BUFFER_SIZE, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); + strcpy(*msg, tmp); + + date_result = max_state_alt(STATE_CRITICAL, date_result); + } + } + } if (server_date) free (server_date); if (document_date) free (document_date); -- cgit v1.2.3-74-g34f1 From b4e578e2cd835221ee343e56923588828d36f99b Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Sun, 12 Mar 2023 21:37:00 +0100 Subject: Try fixing deprecated functions in libdbi --- plugins/check_dbi.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) (limited to 'plugins') diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c index ced13d05..bbeb3d6e 100644 --- a/plugins/check_dbi.c +++ b/plugins/check_dbi.c @@ -141,21 +141,28 @@ main (int argc, char **argv) if (verbose > 2) printf ("Initializing DBI\n"); - if (dbi_initialize (NULL) < 0) { + dbi_inst *instance_p; + + if (dbi_initialize_r(NULL, instance_p) < 0) { printf ("UNKNOWN - failed to initialize DBI; possibly you don't have any drivers installed.\n"); return STATE_UNKNOWN; } + if (instance_p == NULL) { + printf ("UNKNOWN - failed to initialize DBI.\n"); + return STATE_UNKNOWN; + } + if (verbose) printf ("Opening DBI driver '%s'\n", np_dbi_driver); - driver = dbi_driver_open (np_dbi_driver); + driver = dbi_driver_open_r(np_dbi_driver, instance_p); if (! driver) { printf ("UNKNOWN - failed to open DBI driver '%s'; possibly it's not installed.\n", np_dbi_driver); printf ("Known drivers:\n"); - for (driver = dbi_driver_list (NULL); driver; driver = dbi_driver_list (driver)) { + for (driver = dbi_driver_list_r(NULL, instance_p); driver; driver = dbi_driver_list_r(driver, instance_p)) { printf (" - %s\n", dbi_driver_get_name (driver)); } return STATE_UNKNOWN; -- cgit v1.2.3-74-g34f1 From cb5579793731e3320330551bb2f926be7c7d0378 Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Tue, 18 Apr 2023 00:42:20 +0200 Subject: Refix spelling issues --- plugins-root/check_icmp.c | 2 +- plugins/check_ntp_peer.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c index f96207be..1d47e9fc 100644 --- a/plugins-root/check_icmp.c +++ b/plugins-root/check_icmp.c @@ -1432,7 +1432,7 @@ get_ip_address(const char *ifname) { // TODO: Rewrite this so the function return an error and we exit somewhere else struct sockaddr_in ip; - ip.sin_addr.s_addr = 0; // Fake inititialization to make compiler happy + ip.sin_addr.s_addr = 0; // Fake initialization to make compiler happy #if defined(SIOCGIFADDR) struct ifreq ifr; diff --git a/plugins/check_ntp_peer.c b/plugins/check_ntp_peer.c index 161b4950..49cb1008 100644 --- a/plugins/check_ntp_peer.c +++ b/plugins/check_ntp_peer.c @@ -585,7 +585,7 @@ int main(int argc, char *argv[]){ /* set socket timeout */ alarm (socket_timeout); - /* This returns either OK or WARNING (See comment preceeding ntp_request) */ + /* This returns either OK or WARNING (See comment preceding ntp_request) */ result = ntp_request(&offset, &offset_result, &jitter, &stratum, &num_truechimers); if(offset_result == STATE_UNKNOWN) { -- cgit v1.2.3-74-g34f1 From b96a8424f0ec6206238b650c2c63b4bd006ab43a Mon Sep 17 00:00:00 2001 From: Lorenz Kästle Date: Wed, 26 Apr 2023 09:15:04 +0200 Subject: Avoid unnecessary malloc and use stack instead --- plugins/check_curl.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'plugins') diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 67ae2b02..6294fa0b 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -1062,11 +1062,7 @@ GOT_FIRST_CERT: bcopy("...",&output_header_search[sizeof(output_header_search)-4],4); } - char *tmp = malloc(DEFAULT_BUFFER_SIZE); - - if (tmp == NULL) { - die(STATE_UNKNOWN, "Failed to allocate buffer for output: %s\n", strerror(errno)); - } + char tmp[DEFAULT_BUFFER_SIZE]; snprintf (tmp, DEFAULT_BUFFER_SIZE, @@ -1079,7 +1075,6 @@ GOT_FIRST_CERT: server_url); strcpy(msg, tmp); - free(tmp); result = STATE_CRITICAL; } -- cgit v1.2.3-74-g34f1 From a359667f2b65c06aa60915f03bf89708132b1f8b Mon Sep 17 00:00:00 2001 From: Lorenz Kästle Date: Wed, 26 Apr 2023 17:52:22 +0200 Subject: Changing remaining sscanf format specifier to unsigned long --- configure.ac | 10 +++++----- plugins/check_swap.c | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) (limited to 'plugins') diff --git a/configure.ac b/configure.ac index bad5c53c..069cc625 100644 --- a/configure.ac +++ b/configure.ac @@ -1592,13 +1592,13 @@ then grep -E -i "^lswap +path +pri +swaplo +blocks +free +maxswap" \ >/dev/null] then - ac_cv_swap_format=[" %*d %*s %*d,%*d %*d %*d %f %f"] + ac_cv_swap_format=[" %*d %*s %*d,%*d %*d %*d %lu %lu"] ac_cv_swap_conv=2048 AC_MSG_RESULT([using IRIX format swap]) elif [$PATH_TO_SWAP -l 2>/dev/null | grep -E -i "^path +dev +swaplo +blocks +free" >/dev/null] then - ac_cv_swap_format=["%*s %*[0-9,-] %*d %f %f"] + ac_cv_swap_format=["%*s %*[0-9,-] %*d %lu %lu"] ac_cv_swap_conv=2048 AC_MSG_RESULT([using Unixware format swap]) else @@ -1622,7 +1622,7 @@ then if [$PATH_TO_SWAPINFO -k 2>/dev/null | grep -E -i "^Device +1K-blocks +Used +Avail" >/dev/null] then - ac_cv_swap_format=["%*s %f %*d %f"] + ac_cv_swap_format=["%*s %lu %*d %lu"] ac_cv_swap_conv=1024 AC_MSG_RESULT([using FreeBSD format swapinfo]) fi @@ -1631,7 +1631,7 @@ elif [$PATH_TO_SWAPINFO -dfM 2>/dev/null | grep -E -i "^TYPE +AVAIL +USED +FREE" then ac_cv_have_swap=yes ac_cv_swap_command="$PATH_TO_SWAPINFO -dfM" - ac_cv_swap_format=["%*s %f %*d %f"] + ac_cv_swap_format=["%*s %lu %*d %lu"] ac_cv_swap_conv=1024 AC_MSG_RESULT([using HP-UX format swapinfo]) fi @@ -1646,7 +1646,7 @@ if [$PATH_TO_LSPS -a 2>/dev/null | grep -E -i "^Page Space" > /dev/null] then ac_cv_have_swap=yes ac_cv_swap_command="$PATH_TO_LSPS -a" - ac_cv_swap_format=["%*s %*s %*s %f%*s %f %*s"] + ac_cv_swap_format=["%*s %*s %*s %lu%*s %lu %*s"] ac_cv_swap_conv=1 AC_MSG_RESULT([using AIX lsps]) fi diff --git a/plugins/check_swap.c b/plugins/check_swap.c index 05f19ad4..cd965e31 100644 --- a/plugins/check_swap.c +++ b/plugins/check_swap.c @@ -178,7 +178,7 @@ main (int argc, char **argv) # ifdef _AIX if (!allswaps) { xasprintf(&swap_command, "%s", "/usr/sbin/lsps -s"); - xasprintf(&swap_format, "%s", "%f%*s %f"); + xasprintf(&swap_format, "%s", "%lu%*s %lu"); conv_factor = 1; } # endif @@ -205,9 +205,9 @@ main (int argc, char **argv) temp_buffer = strtok (input_buffer, " \n"); while (temp_buffer) { if (strstr (temp_buffer, "blocks")) - sprintf (str, "%s %s", str, "%f"); + sprintf (str, "%s %s", str, "%lu"); else if (strstr (temp_buffer, "dskfree")) - sprintf (str, "%s %s", str, "%f"); + sprintf (str, "%s %s", str, "%lu"); else sprintf (str, "%s %s", str, "%*s"); temp_buffer = strtok (NULL, " \n"); -- cgit v1.2.3-74-g34f1 From 90cb539595bcc94bf2a7a0036d7ecf781518eb81 Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Sun, 27 Aug 2023 23:13:17 +0200 Subject: Implement option to ignore mib file parsing errors --- plugins/check_snmp.c | 64 ++++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 47 insertions(+), 17 deletions(-) (limited to 'plugins') diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 04dc6c6f..43e79a1c 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -65,6 +65,7 @@ const char *email = "devel@monitoring-plugins.org"; #define L_RATE_MULTIPLIER CHAR_MAX+2 #define L_INVERT_SEARCH CHAR_MAX+3 #define L_OFFSET CHAR_MAX+4 +#define L_IGNORE_MIB_PARSING_ERRORS CHAR_MAX+5 /* Gobble to string - stop incrementing c when c[0] match one of the * characters in s */ @@ -159,6 +160,7 @@ char* ip_version = ""; double multiplier = 1.0; char *fmtstr = ""; char buffer[DEFAULT_BUFFER_SIZE]; +bool ignore_mib_parsing_errors = false; static char *fix_snmp_range(char *th) { @@ -306,42 +308,64 @@ main (int argc, char **argv) } /* 10 arguments to pass before context and authpriv options + 1 for host and numoids. Add one for terminating NULL */ - command_line = calloc (10 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *)); - command_line[0] = snmpcmd; - command_line[1] = strdup ("-Le"); - command_line[2] = strdup ("-t"); - xasprintf (&command_line[3], "%d", timeout_interval); - command_line[4] = strdup ("-r"); - xasprintf (&command_line[5], "%d", retries); - command_line[6] = strdup ("-m"); - command_line[7] = strdup (miblist); - command_line[8] = "-v"; - command_line[9] = strdup (proto); + + unsigned index = 0; + command_line = calloc (11 + numcontext + numauthpriv + 1 + numoids + 1, sizeof (char *)); + + command_line[index++] = snmpcmd; + command_line[index++] = strdup ("-Le"); + command_line[index++] = strdup ("-t"); + xasprintf (&command_line[index++], "%d", timeout_interval); + command_line[index++] = strdup ("-r"); + xasprintf (&command_line[index++], "%d", retries); + command_line[index++] = strdup ("-m"); + command_line[index++] = strdup (miblist); + command_line[index++] = "-v"; + command_line[index++] = strdup (proto); + + xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s", + snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto); + + if (ignore_mib_parsing_errors) { + command_line[index++] = "-Pe"; + xasprintf(&cl_hidden_auth, "%s -Pe", cl_hidden_auth); + } + for (i = 0; i < numcontext; i++) { - command_line[10 + i] = contextargs[i]; + command_line[index++] = contextargs[i]; } for (i = 0; i < numauthpriv; i++) { - command_line[10 + numcontext + i] = authpriv[i]; + command_line[index++] = authpriv[i]; } - xasprintf (&command_line[10 + numcontext + numauthpriv], "%s:%s", server_address, port); + xasprintf (&command_line[index++], "%s:%s", server_address, port); + + xasprintf(&cl_hidden_auth, "%s [context] [authpriv] %s:%s", + cl_hidden_auth, + server_address, + port); + + /* This is just for display purposes, so it can remain a string */ + /* xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s", snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]", server_address, port); + */ for (i = 0; i < numoids; i++) { - command_line[10 + numcontext + numauthpriv + 1 + i] = oids[i]; + command_line[index++] = oids[i]; xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); } - command_line[10 + numcontext + numauthpriv + 1 + numoids] = NULL; + command_line[index++] = NULL; - if (verbose) + if (verbose) { printf ("%s\n", cl_hidden_auth); + } /* Set signal handling and alarm */ if (signal (SIGALRM, runcmd_timeout_alarm_handler) == SIG_ERR) { @@ -708,6 +732,7 @@ process_arguments (int argc, char **argv) {"ipv6", no_argument, 0, '6'}, {"multiplier", required_argument, 0, 'M'}, {"fmtstr", required_argument, 0, 'f'}, + {"ignore-mib-parsing-errors", no_argument, false, L_IGNORE_MIB_PARSING_ERRORS}, {0, 0, 0, 0} }; @@ -974,6 +999,8 @@ process_arguments (int argc, char **argv) fmtstr=optarg; } break; + case L_IGNORE_MIB_PARSING_ERRORS: + ignore_mib_parsing_errors = true; } } @@ -1307,6 +1334,9 @@ print_help (void) printf (" %s\n", "-O, --perf-oids"); printf (" %s\n", _("Label performance data with OIDs instead of --label's")); + printf (" %s\n", "--ignore-mib-parsing-errors"); + printf (" %s\n", _("Tell snmpget to not print errors encountered when parsing MIB files")); + printf (UT_VERBOSE); printf ("\n"); -- cgit v1.2.3-74-g34f1 From 94a5eb218d3415a4babeb4a84e225635b5077eaa Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Sun, 27 Aug 2023 23:13:50 +0200 Subject: Update test to ignore broken MIBs --- plugins/t/check_snmp.t | 66 +++++++++++++++++++++++++------------------------- 1 file changed, 33 insertions(+), 33 deletions(-) (limited to 'plugins') diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t index f2f218fd..7d5abc21 100644 --- a/plugins/t/check_snmp.t +++ b/plugins/t/check_snmp.t @@ -26,22 +26,22 @@ $res = NPTest->testCmd( "./check_snmp -t 1" ); is( $res->return_code, 3, "No host name" ); is( $res->output, "No host specified" ); -$res = NPTest->testCmd( "./check_snmp -H fakehostname" ); +$res = NPTest->testCmd( "./check_snmp -H fakehostname --ignore-mib-parsing-errors" ); is( $res->return_code, 3, "No OIDs specified" ); is( $res->output, "No OIDs specified" ); -$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3 -U not_a_user --seclevel=rubbish" ); +$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3 -U not_a_user --seclevel=rubbish" ); is( $res->return_code, 3, "Invalid seclevel" ); like( $res->output, "/check_snmp: Invalid seclevel - rubbish/" ); -$res = NPTest->testCmd( "./check_snmp -H fakehost -o oids -P 3c" ); +$res = NPTest->testCmd( "./check_snmp -H fakehost --ignore-mib-parsing-errors -o oids -P 3c" ); is( $res->return_code, 3, "Invalid protocol" ); like( $res->output, "/check_snmp: Invalid SNMP version - 3c/" ); SKIP: { skip "no snmp host defined", 50 if ( ! $host_snmp ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying uptime" ); like($res->output, '/^SNMP OK - (\d+)/', "String contains SNMP OK"); $res->output =~ /^SNMP OK - (\d+)/; @@ -51,111 +51,111 @@ SKIP: { # some more threshold tests - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1"); cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:"); cmp_ok( $res->return_code, '==', 0, "Threshold test -c 1:" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c ~:1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c ~:1"); cmp_ok( $res->return_code, '==', 2, "Threshold test -c ~:1" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1:10"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1:10"); cmp_ok( $res->return_code, '==', 2, "Threshold test -c 1:10" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c \@1:10"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c \@1:10"); cmp_ok( $res->return_code, '==', 0, "Threshold test -c \@1:10" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 10:1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 10:1"); cmp_ok( $res->return_code, '==', 0, "Threshold test -c 10:1" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o .1.3.6.1.2.1.1.3.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 0, "Test with numeric OID (no mibs loaded)" ); like($res->output, '/^SNMP OK - \d+/', "String contains SNMP OK"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying sysDescr" ); unlike($res->perf_output, '/sysDescr/', "Perfdata doesn't contain string values"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0,system.sysDescr.0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0,system.sysDescr.0"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, comma-separated" ); like($res->output, '/^SNMP OK - /', "String contains SNMP OK"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysDescr.0 -o system.sysDescr.0"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying two string OIDs, repeated option" ); like($res->output, '/^SNMP OK - /', "String contains SNMP OK"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 1:1 -c 1:1"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrSWRunIndex.1" ); like($res->output, '/^SNMP OK - 1\s.*$/', "String fits SNMP OK and output format"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0 -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w 0 -c 1:"); cmp_ok( $res->return_code, '==', 1, "Exit WARNING when querying hrSWRunIndex.1 and warn-th doesn't apply " ); like($res->output, '/^SNMP WARNING - \*1\*\s.*$/', "String matches SNMP WARNING and output format"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w :0 -c 0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w :0 -c 0"); cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL when querying hrSWRunIndex.1 and crit-th doesn't apply" ); like($res->output, '/^SNMP CRITICAL - \*1\*\s.*$/', "String matches SNMP CRITICAL and output format"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2 -c 1:2"); cmp_ok( $res->return_code, '==', 0, "Checking two OIDs at once" ); like($res->output, "/^SNMP OK - 2 1/", "Got two values back" ); like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" ); like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o ifIndex.2,ifIndex.1 -w 1:2,1:2 -c 2:2,2:2"); cmp_ok( $res->return_code, '==', 2, "Checking critical threshold is passed if any one value crosses" ); like($res->output, "/^SNMP CRITICAL - 2 *1*/", "Got two values back" ); like( $res->perf_output, "/ifIndex.2=2/", "Got 1st perf data" ); like( $res->perf_output, "/ifIndex.1=1/", "Got 2nd perf data" ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w 1:,1: -c 1:,1:"); cmp_ok( $res->return_code, '==', 0, "Exit OK when querying hrMemorySize and hrSystemProcesses"); like($res->output, '/^SNMP OK - \d+ \d+/', "String contains hrMemorySize and hrSystemProcesses"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w \@:0 -c \@0"); cmp_ok( $res->return_code, '==', 0, "Exit OK with inside-range thresholds"); like($res->output, '/^SNMP OK - 1\s.*$/', "String matches SNMP OK and output format"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3"); $res->output =~ m/^SNMP OK - (\d+\.\d{2})\s.*$/; my $lower = $1 - 0.05; my $higher = $1 + 0.05; - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o enterprises.ucdavis.laTable.laEntry.laLoad.3 -w $lower -c $higher"); cmp_ok( $res->return_code, '==', 1, "Exit WARNING with fractionnal arguments"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0,host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w ,:0 -c ,:2"); cmp_ok( $res->return_code, '==', 1, "Exit WARNING on 2nd threshold"); like($res->output, '/^SNMP WARNING - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s+\*1\*\s.*$/', "First OID returned as string, 2nd checked for thresholds"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrSWRun.hrSWRunTable.hrSWRunEntry.hrSWRunIndex.1 -w '' -c ''"); cmp_ok( $res->return_code, '==', 0, "Empty thresholds doesn't crash"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,,1 -c ,,2"); cmp_ok( $res->return_code, '==', 0, "Skipping first two thresholds on 2 OID check"); like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping first two thresholds, result printed rather than parsed"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o host.hrStorage.hrMemorySize.0,host.hrSystem.hrSystemProcesses.0 -w ,, -c ,,"); cmp_ok( $res->return_code, '==', 0, "Skipping all thresholds"); like($res->output, '/^SNMP OK - \d+ \w+ \d+\s.*$/', "Skipping all thresholds, result printed rather than parsed"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0 -c 1000000000000: -u '1/100 sec'"); cmp_ok( $res->return_code, '==', 2, "Timetick used as a threshold"); like($res->output, '/^SNMP CRITICAL - \*\d+\* 1\/100 sec.*$/', "Timetick used as a threshold, parsed as numeric"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o system.sysUpTime.0"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o system.sysUpTime.0"); cmp_ok( $res->return_code, '==', 0, "Timetick used as a string"); like($res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "Timetick used as a string, result printed rather than parsed"); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -C $snmp_community -o HOST-RESOURCES-MIB::hrSWRunName.1"); cmp_ok( $res->return_code, '==', 0, "snmp response without datatype"); like( $res->output, '/^SNMP OK - "(systemd|init)" \| $/', "snmp response without datatype" ); } SKIP: { skip "no SNMP user defined", 1 if ( ! $user_snmp ); - $res = NPTest->testCmd( "./check_snmp -H $host_snmp -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv"); + $res = NPTest->testCmd( "./check_snmp -H $host_snmp --ignore-mib-parsing-errors -o HOST-RESOURCES-MIB::hrSystemUptime.0 -P 3 -U $user_snmp -L noAuthNoPriv"); like( $res->output, '/^SNMP OK - Timeticks:\s\(\d+\)\s+(?:\d+ days?,\s+)?\d+:\d+:\d+\.\d+\s.*$/', "noAuthNoPriv security level works properly" ); } @@ -163,14 +163,14 @@ SKIP: { # the tests can run on hosts w/o snmp host/community in NPTest.cache. Execution will fail anyway SKIP: { skip "no non responsive host defined", 2 if ( ! $host_nonresponsive ); - $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL with non responsive host" ); like($res->output, '/Plugin timed out while executing system call/', "String matches timeout problem"); } SKIP: { skip "no non invalid host defined", 2 if ( ! $hostname_invalid ); - $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); + $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" ); like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host)/', "String matches invalid host"); } -- cgit v1.2.3-74-g34f1 From c6abf11e021ded0592bd6697040bde93cf64b022 Mon Sep 17 00:00:00 2001 From: Lorenz Kästle Date: Mon, 28 Aug 2023 09:58:27 +0200 Subject: Enhance regex in test to be more tolerant to follow up text --- plugins/t/check_snmp.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t index 7d5abc21..576cc506 100644 --- a/plugins/t/check_snmp.t +++ b/plugins/t/check_snmp.t @@ -172,5 +172,5 @@ SKIP: { skip "no non invalid host defined", 2 if ( ! $hostname_invalid ); $res = NPTest->testCmd( "./check_snmp -H $hostname_invalid --ignore-mib-parsing-errors -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" ); - like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host)/', "String matches invalid host"); + like($res->output, '/External command error: .*(nosuchhost|Name or service not known|Unknown host).*/s', "String matches invalid host"); } -- cgit v1.2.3-74-g34f1 From 9e32be80d673cb9bd7877cad8b6e24b99e79e8b0 Mon Sep 17 00:00:00 2001 From: Lorenz Kästle Date: Mon, 28 Aug 2023 11:15:59 +0200 Subject: Remove dead, commented code --- plugins/check_snmp.c | 9 --------- 1 file changed, 9 deletions(-) (limited to 'plugins') diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 43e79a1c..2acada22 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -347,15 +347,6 @@ main (int argc, char **argv) server_address, port); - - - /* This is just for display purposes, so it can remain a string */ - /* - xasprintf(&cl_hidden_auth, "%s -Le -t %d -r %d -m %s -v %s %s %s %s:%s", - snmpcmd, timeout_interval, retries, strlen(miblist) ? miblist : "''", proto, "[context]", "[authpriv]", - server_address, port); - */ - for (i = 0; i < numoids; i++) { command_line[index++] = oids[i]; xasprintf(&cl_hidden_auth, "%s %s", cl_hidden_auth, oids[i]); -- cgit v1.2.3-74-g34f1 From 801784ae89224d004dc79af95545acbdf547ce64 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Fri, 16 Jun 2023 09:28:21 +0200 Subject: check_users: prefer systemd-logind over utmp Prefer systemd-logind over utmp to get the number of logged in users. utmp is not reliable for this (e.g. some terminals create utmp entries, other not) and utmp is not Y2038 safe with glibc on Linux. --- configure.ac | 19 +++++++++++++++++++ plugins/Makefile.am | 2 +- plugins/check_users.c | 37 +++++++++++++++++++++++++------------ po/de.po | 30 +++++++++++++++--------------- po/fr.po | 38 +++++++++++++++++++------------------- po/monitoring-plugins.pot | 30 +++++++++++++++--------------- 6 files changed, 94 insertions(+), 62 deletions(-) (limited to 'plugins') diff --git a/configure.ac b/configure.ac index 069cc625..a294b00f 100644 --- a/configure.ac +++ b/configure.ac @@ -328,6 +328,25 @@ AS_IF([test "x$with_ldap" != "xno"], [ LIBS="$_SAVEDLIBS" ]) + +AC_ARG_WITH([systemd], [AS_HELP_STRING([--without-systemd], [Skips systemd support])]) + +dnl Check for libsystemd +AS_IF([test "x$with_systemd" != "xno"], [ + _SAVEDLIBS="$LIBS" + AC_CHECK_LIB(systemd,sd_get_sessions,,,-lsystemd) + if test "$ac_cv_lib_systemd_sd_get_sessions" = "yes"; then + SYSTEMDLIBS="-lsystemd" + SYSTEMDINCLUDE="" + AC_SUBST(SYSTEMDLIBS) + AC_SUBST(SYSTEMDINCLUDE) + else + AC_MSG_WARN([Skipping systemd support]) + fi + LIBS="$_SAVEDLIBS" +]) + + dnl Check for headers used by check_ide_smart case $host in *linux*) diff --git a/plugins/Makefile.am b/plugins/Makefile.am index ab59eb73..49086b7a 100644 --- a/plugins/Makefile.am +++ b/plugins/Makefile.am @@ -112,7 +112,7 @@ check_tcp_LDADD = $(SSLOBJS) check_time_LDADD = $(NETLIBS) check_ntp_time_LDADD = $(NETLIBS) $(MATHLIBS) check_ups_LDADD = $(NETLIBS) -check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) +check_users_LDADD = $(BASEOBJS) $(WTSAPI32LIBS) $(SYSTEMDLIBS) check_by_ssh_LDADD = $(NETLIBS) check_ide_smart_LDADD = $(BASEOBJS) negate_LDADD = $(BASEOBJS) diff --git a/plugins/check_users.c b/plugins/check_users.c index f6f4b362..2a9ee986 100644 --- a/plugins/check_users.c +++ b/plugins/check_users.c @@ -1,33 +1,33 @@ /***************************************************************************** -* +* * Monitoring check_users plugin -* +* * License: GPL * Copyright (c) 2000-2012 Monitoring Plugins Development Team -* +* * Description: -* +* * This file contains the check_users plugin -* +* * This plugin checks the number of users currently logged in on the local * system and generates an error if the number exceeds the thresholds * specified. -* -* +* +* * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. -* +* * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. -* +* * You should have received a copy of the GNU General Public License * along with this program. If not, see . -* -* +* +* *****************************************************************************/ const char *progname = "check_users"; @@ -48,6 +48,11 @@ const char *email = "devel@monitoring-plugins.org"; # include "popen.h" #endif +#ifdef HAVE_LIBSYSTEMD +#include +#include +#endif + #define possibly_set(a,b) ((a) == 0 ? (b) : 0) int process_arguments (int, char **); @@ -85,6 +90,11 @@ main (int argc, char **argv) users = 0; +#ifdef HAVE_LIBSYSTEMD + if (sd_booted () > 0) + users = sd_get_sessions (NULL); + else { +#endif #if HAVE_WTSAPI32_H if (!WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 0, 1, &wtsinfo, &wtscount)) { @@ -156,6 +166,9 @@ main (int argc, char **argv) if (spclose (child_process)) result = possibly_set (result, STATE_UNKNOWN); #endif +#ifdef HAVE_LIBSYSTEMD + } +#endif /* check the user count against warning and critical thresholds */ result = get_status((double)users, thlds); @@ -163,7 +176,7 @@ main (int argc, char **argv) if (result == STATE_UNKNOWN) printf ("%s\n", _("Unable to read output")); else { - printf (_("USERS %s - %d users currently logged in |%s\n"), + printf (_("USERS %s - %d users currently logged in |%s\n"), state_text(result), users, sperfdata_int("users", users, "", warning_range, critical_range, TRUE, 0, FALSE, 0)); diff --git a/po/de.po b/po/de.po index eb0f8dff..1989dbdd 100644 --- a/po/de.po +++ b/po/de.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: nagiosplug\n" "Report-Msgid-Bugs-To: devel@monitoring-plugins.org\n" -"POT-Creation-Date: 2023-07-11 16:07+0200\n" +"POT-Creation-Date: 2023-08-28 14:50+0200\n" "PO-Revision-Date: 2004-12-23 17:46+0100\n" "Last-Translator: <>\n" "Language-Team: English \n" @@ -31,7 +31,7 @@ msgstr "" #: plugins/check_radius.c:176 plugins/check_real.c:80 plugins/check_smtp.c:146 #: plugins/check_snmp.c:248 plugins/check_ssh.c:74 plugins/check_swap.c:115 #: plugins/check_tcp.c:222 plugins/check_time.c:78 plugins/check_ups.c:122 -#: plugins/check_users.c:84 plugins/negate.c:210 plugins-root/check_dhcp.c:270 +#: plugins/check_users.c:89 plugins/negate.c:210 plugins-root/check_dhcp.c:270 msgid "Could not parse arguments" msgstr "Argumente konnten nicht ausgewertet werden" @@ -255,7 +255,7 @@ msgstr "" #: plugins/check_radius.c:400 plugins/check_real.c:452 plugins/check_smtp.c:891 #: plugins/check_snmp.c:1347 plugins/check_ssh.c:325 plugins/check_swap.c:607 #: plugins/check_tcp.c:710 plugins/check_time.c:371 plugins/check_ups.c:663 -#: plugins/check_users.c:262 plugins/check_ide_smart.c:606 plugins/negate.c:273 +#: plugins/check_users.c:275 plugins/check_ide_smart.c:606 plugins/negate.c:273 #: plugins/urlize.c:196 plugins-root/check_dhcp.c:1390 #: plugins-root/check_icmp.c:1633 msgid "Usage:" @@ -892,13 +892,13 @@ msgid "of the argument with optional text" msgstr "" #: plugins/check_fping.c:127 plugins/check_hpjd.c:134 plugins/check_ping.c:444 -#: plugins/check_swap.c:193 plugins/check_users.c:130 plugins/urlize.c:109 +#: plugins/check_swap.c:193 plugins/check_users.c:140 plugins/urlize.c:109 #, c-format msgid "Could not open pipe: %s\n" msgstr "Pipe: %s konnte nicht geöffnet werden\n" #: plugins/check_fping.c:133 plugins/check_hpjd.c:140 plugins/check_load.c:159 -#: plugins/check_swap.c:199 plugins/check_users.c:136 plugins/urlize.c:115 +#: plugins/check_swap.c:199 plugins/check_users.c:146 plugins/urlize.c:115 #, c-format msgid "Could not open stderr for %s\n" msgstr "Konnte stderr nicht öffnen für: %s\n" @@ -3688,12 +3688,12 @@ msgid " %s - database %s (%f sec.)|%s\n" msgstr "" #: plugins/check_pgsql.c:320 plugins/check_time.c:277 plugins/check_time.c:289 -#: plugins/check_users.c:228 +#: plugins/check_users.c:241 msgid "Critical threshold must be a positive integer" msgstr "Critical threshold muss ein positiver Integer sein" #: plugins/check_pgsql.c:326 plugins/check_time.c:258 plugins/check_time.c:282 -#: plugins/check_users.c:226 +#: plugins/check_users.c:239 msgid "Warning threshold must be a positive integer" msgstr "Warning threshold muss ein positiver Integer sein" @@ -5668,26 +5668,26 @@ msgstr "" msgid "http://www.networkupstools.org" msgstr "" -#: plugins/check_users.c:91 +#: plugins/check_users.c:101 #, fuzzy, c-format msgid "Could not enumerate RD sessions: %d\n" msgstr "Konnte·url·nicht·zuweisen\n" -#: plugins/check_users.c:146 +#: plugins/check_users.c:156 #, c-format msgid "# users=%d" msgstr "" -#: plugins/check_users.c:164 +#: plugins/check_users.c:177 msgid "Unable to read output" msgstr "" -#: plugins/check_users.c:166 +#: plugins/check_users.c:179 #, c-format msgid "USERS %s - %d users currently logged in |%s\n" msgstr "" -#: plugins/check_users.c:241 +#: plugins/check_users.c:254 #, fuzzy msgid "This plugin checks the number of users currently logged in on the local" msgstr "" @@ -5696,16 +5696,16 @@ msgstr "" "unterschritten wird.\n" "\n" -#: plugins/check_users.c:242 +#: plugins/check_users.c:255 msgid "" "system and generates an error if the number exceeds the thresholds specified." msgstr "" -#: plugins/check_users.c:252 +#: plugins/check_users.c:265 msgid "Set WARNING status if more than INTEGER users are logged in" msgstr "" -#: plugins/check_users.c:254 +#: plugins/check_users.c:267 msgid "Set CRITICAL status if more than INTEGER users are logged in" msgstr "" diff --git a/po/fr.po b/po/fr.po index a20c93c1..e4dffac1 100644 --- a/po/fr.po +++ b/po/fr.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: fr\n" "Report-Msgid-Bugs-To: devel@monitoring-plugins.org\n" -"POT-Creation-Date: 2023-07-11 16:07+0200\n" +"POT-Creation-Date: 2023-08-28 14:50+0200\n" "PO-Revision-Date: 2010-04-21 23:38-0400\n" "Last-Translator: Thomas Guyot-Sionnest \n" "Language-Team: Nagios Plugin Development Mailing List argument with optional text" msgstr "du paramètre avec un texte optionnel" #: plugins/check_fping.c:127 plugins/check_hpjd.c:134 plugins/check_ping.c:444 -#: plugins/check_swap.c:193 plugins/check_users.c:130 plugins/urlize.c:109 +#: plugins/check_swap.c:193 plugins/check_users.c:140 plugins/urlize.c:109 #, c-format msgid "Could not open pipe: %s\n" msgstr "Impossible d'ouvrir le pipe: %s\n" #: plugins/check_fping.c:133 plugins/check_hpjd.c:140 plugins/check_load.c:159 -#: plugins/check_swap.c:199 plugins/check_users.c:136 plugins/urlize.c:115 +#: plugins/check_swap.c:199 plugins/check_users.c:146 plugins/urlize.c:115 #, c-format msgid "Could not open stderr for %s\n" msgstr "Impossible d'ouvrir la sortie d'erreur standard pour %s\n" @@ -1495,8 +1495,8 @@ msgstr "" #, fuzzy, c-format msgid "HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n" msgstr "" -"HTTP AVERTISSEMENT - la redirection crée une boucle infinie - %s://%s:" -"%d%s%s\n" +"HTTP AVERTISSEMENT - la redirection crée une boucle infinie - %s://%s:%d%s" +"%s\n" #: plugins/check_http.c:1630 #, c-format @@ -3084,8 +3084,8 @@ msgstr "" #: plugins/check_ntp_peer.c:716 msgid "Critical threshold for number of usable time sources (\"truechimers\")" msgstr "" -"Seuil critique pour le nombre de sources de temps utilisable " -"(\"truechimers\")" +"Seuil critique pour le nombre de sources de temps utilisable (\"truechimers" +"\")" #: plugins/check_ntp_peer.c:721 msgid "This plugin checks an NTP server independent of any commandline" @@ -3751,12 +3751,12 @@ msgid " %s - database %s (%f sec.)|%s\n" msgstr " %s - base de données %s (%d sec.)|%s\n" #: plugins/check_pgsql.c:320 plugins/check_time.c:277 plugins/check_time.c:289 -#: plugins/check_users.c:228 +#: plugins/check_users.c:241 msgid "Critical threshold must be a positive integer" msgstr "Le seuil critique doit être un entier positif" #: plugins/check_pgsql.c:326 plugins/check_time.c:258 plugins/check_time.c:282 -#: plugins/check_users.c:226 +#: plugins/check_users.c:239 msgid "Warning threshold must be a positive integer" msgstr "Le seuil d'avertissement doit être un entier positif" @@ -5774,43 +5774,43 @@ msgstr "" msgid "http://www.networkupstools.org" msgstr "" -#: plugins/check_users.c:91 +#: plugins/check_users.c:101 #, fuzzy, c-format msgid "Could not enumerate RD sessions: %d\n" msgstr "Impossible d'utiliser le protocole version %d\n" -#: plugins/check_users.c:146 +#: plugins/check_users.c:156 #, c-format msgid "# users=%d" msgstr "# utilisateurs=%d" -#: plugins/check_users.c:164 +#: plugins/check_users.c:177 msgid "Unable to read output" msgstr "Impossible de lire les données en entrée" -#: plugins/check_users.c:166 +#: plugins/check_users.c:179 #, c-format msgid "USERS %s - %d users currently logged in |%s\n" msgstr "UTILISATEURS %s - %d utilisateurs actuellement connectés sur |%s\n" -#: plugins/check_users.c:241 +#: plugins/check_users.c:254 msgid "This plugin checks the number of users currently logged in on the local" msgstr "" "Ce plugin vérifie le nombre d'utilisateurs actuellement connecté sur le " "système local" -#: plugins/check_users.c:242 +#: plugins/check_users.c:255 msgid "" "system and generates an error if the number exceeds the thresholds specified." msgstr "et génère une erreur si le nombre excède le seuil spécifié." -#: plugins/check_users.c:252 +#: plugins/check_users.c:265 msgid "Set WARNING status if more than INTEGER users are logged in" msgstr "" "Sortir avec un résultat AVERTISSEMENT si plus de INTEGER utilisateurs sont " "connectés" -#: plugins/check_users.c:254 +#: plugins/check_users.c:267 msgid "Set CRITICAL status if more than INTEGER users are logged in" msgstr "" "Sortir avec un résultat CRITIQUE si plus de INTEGER utilisateurs sont " diff --git a/po/monitoring-plugins.pot b/po/monitoring-plugins.pot index 4f6b2418..012967d4 100644 --- a/po/monitoring-plugins.pot +++ b/po/monitoring-plugins.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: devel@monitoring-plugins.org\n" -"POT-Creation-Date: 2023-07-11 16:07+0200\n" +"POT-Creation-Date: 2023-08-28 14:50+0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -30,7 +30,7 @@ msgstr "" #: plugins/check_radius.c:176 plugins/check_real.c:80 plugins/check_smtp.c:146 #: plugins/check_snmp.c:248 plugins/check_ssh.c:74 plugins/check_swap.c:115 #: plugins/check_tcp.c:222 plugins/check_time.c:78 plugins/check_ups.c:122 -#: plugins/check_users.c:84 plugins/negate.c:210 plugins-root/check_dhcp.c:270 +#: plugins/check_users.c:89 plugins/negate.c:210 plugins-root/check_dhcp.c:270 msgid "Could not parse arguments" msgstr "" @@ -246,7 +246,7 @@ msgstr "" #: plugins/check_radius.c:400 plugins/check_real.c:452 plugins/check_smtp.c:891 #: plugins/check_snmp.c:1347 plugins/check_ssh.c:325 plugins/check_swap.c:607 #: plugins/check_tcp.c:710 plugins/check_time.c:371 plugins/check_ups.c:663 -#: plugins/check_users.c:262 plugins/check_ide_smart.c:606 plugins/negate.c:273 +#: plugins/check_users.c:275 plugins/check_ide_smart.c:606 plugins/negate.c:273 #: plugins/urlize.c:196 plugins-root/check_dhcp.c:1390 #: plugins-root/check_icmp.c:1633 msgid "Usage:" @@ -870,13 +870,13 @@ msgid "of the argument with optional text" msgstr "" #: plugins/check_fping.c:127 plugins/check_hpjd.c:134 plugins/check_ping.c:444 -#: plugins/check_swap.c:193 plugins/check_users.c:130 plugins/urlize.c:109 +#: plugins/check_swap.c:193 plugins/check_users.c:140 plugins/urlize.c:109 #, c-format msgid "Could not open pipe: %s\n" msgstr "" #: plugins/check_fping.c:133 plugins/check_hpjd.c:140 plugins/check_load.c:159 -#: plugins/check_swap.c:199 plugins/check_users.c:136 plugins/urlize.c:115 +#: plugins/check_swap.c:199 plugins/check_users.c:146 plugins/urlize.c:115 #, c-format msgid "Could not open stderr for %s\n" msgstr "" @@ -3592,12 +3592,12 @@ msgid " %s - database %s (%f sec.)|%s\n" msgstr "" #: plugins/check_pgsql.c:320 plugins/check_time.c:277 plugins/check_time.c:289 -#: plugins/check_users.c:228 +#: plugins/check_users.c:241 msgid "Critical threshold must be a positive integer" msgstr "" #: plugins/check_pgsql.c:326 plugins/check_time.c:258 plugins/check_time.c:282 -#: plugins/check_users.c:226 +#: plugins/check_users.c:239 msgid "Warning threshold must be a positive integer" msgstr "" @@ -5513,39 +5513,39 @@ msgstr "" msgid "http://www.networkupstools.org" msgstr "" -#: plugins/check_users.c:91 +#: plugins/check_users.c:101 #, c-format msgid "Could not enumerate RD sessions: %d\n" msgstr "" -#: plugins/check_users.c:146 +#: plugins/check_users.c:156 #, c-format msgid "# users=%d" msgstr "" -#: plugins/check_users.c:164 +#: plugins/check_users.c:177 msgid "Unable to read output" msgstr "" -#: plugins/check_users.c:166 +#: plugins/check_users.c:179 #, c-format msgid "USERS %s - %d users currently logged in |%s\n" msgstr "" -#: plugins/check_users.c:241 +#: plugins/check_users.c:254 msgid "This plugin checks the number of users currently logged in on the local" msgstr "" -#: plugins/check_users.c:242 +#: plugins/check_users.c:255 msgid "" "system and generates an error if the number exceeds the thresholds specified." msgstr "" -#: plugins/check_users.c:252 +#: plugins/check_users.c:265 msgid "Set WARNING status if more than INTEGER users are logged in" msgstr "" -#: plugins/check_users.c:254 +#: plugins/check_users.c:267 msgid "Set CRITICAL status if more than INTEGER users are logged in" msgstr "" -- cgit v1.2.3-74-g34f1 From ead5526efa4f713e8001baed409067b0474cb72d Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Mon, 21 Aug 2023 16:53:48 +0200 Subject: Add support for SMTP over TLS This is commonly used on smtps (465) port. PROXY protocol is not implemented with TLS in check_smtp.c, yet. Backported from nagios-plugins: https://github.com/nagios-plugins/nagios-plugins/commit/0a8cf08ebb0740aa55d6c60d3b79fcab282604fb --- plugins/check_smtp.c | 46 +++++++++++++++++++++++++++++++++++++--------- 1 file changed, 37 insertions(+), 9 deletions(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 996bd875..f3ba9e38 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -42,8 +42,8 @@ const char *email = "devel@monitoring-plugins.org"; #ifdef HAVE_SSL int check_cert = FALSE; int days_till_exp_warn, days_till_exp_crit; -# define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) -# define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) +# define my_recv(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) +# define my_send(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) #else /* ifndef HAVE_SSL */ # define my_recv(buf, len) read(sd, buf, len) # define my_send(buf, len) send(sd, buf, len, 0) @@ -103,6 +103,7 @@ double critical_time = 0; int check_critical_time = FALSE; int verbose = 0; int use_ssl = FALSE; +int use_starttls = FALSE; int use_sni = FALSE; short use_proxy_prefix = FALSE; short use_ehlo = FALSE; @@ -186,12 +187,25 @@ main (int argc, char **argv) result = my_tcp_connect (server_address, server_port, &sd); if (result == STATE_OK) { /* we connected */ +#ifdef HAVE_SSL + if (use_ssl) { + result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); + if (result != STATE_OK) { + printf (_("CRITICAL - Cannot create SSL context.\n")); + close(sd); + np_net_ssl_cleanup(); + return STATE_CRITICAL; + } else { + ssl_established = 1; + } + } +#endif /* If requested, send PROXY header */ if (use_proxy_prefix) { if (verbose) printf ("Sending header %s\n", PROXY_PREFIX); - send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0); + my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); } /* watch for the SMTP connection string and */ @@ -205,7 +219,7 @@ main (int argc, char **argv) xasprintf(&server_response, "%s", buffer); /* send the HELO/EHLO command */ - send(sd, helocmd, strlen(helocmd), 0); + my_send(helocmd, strlen(helocmd)); /* allow for response to helo command to reach us */ if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { @@ -218,14 +232,14 @@ main (int argc, char **argv) } } - if(use_ssl && ! supports_tls){ + if(use_starttls && ! supports_tls){ printf(_("WARNING - TLS not supported by server\n")); smtp_quit(); return STATE_WARNING; } #ifdef HAVE_SSL - if(use_ssl) { + if(use_starttls) { /* send the STARTTLS command */ send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); @@ -489,6 +503,7 @@ process_arguments (int argc, char **argv) {"use-ipv6", no_argument, 0, '6'}, {"help", no_argument, 0, 'h'}, {"lmtp", no_argument, 0, 'L'}, + {"ssl", no_argument, 0, 's'}, {"starttls",no_argument,0,'S'}, {"sni", no_argument, 0, SNI_OPTION}, {"certificate",required_argument,0,'D'}, @@ -510,7 +525,7 @@ process_arguments (int argc, char **argv) } while (1) { - c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q", + c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q", longopts, &option); if (c == -1 || c == EOF) @@ -632,10 +647,13 @@ process_arguments (int argc, char **argv) #else usage (_("SSL support not available - install OpenSSL and recompile")); #endif - // fall through + case 's': + /* ssl */ + use_ssl = TRUE; + break; case 'S': /* starttls */ - use_ssl = TRUE; + use_starttls = TRUE; use_ehlo = TRUE; break; case SNI_OPTION: @@ -694,6 +712,14 @@ process_arguments (int argc, char **argv) if (from_arg==NULL) from_arg = strdup(" "); + if (use_starttls && use_ssl) { + usage4 (_("Set either -s/--ssl or -S/--starttls")); + } + + if (use_ssl && use_proxy_prefix) { + usage4 (_("PROXY protocol (-r/--proxy) is not implemented with SSL/TLS (-s/--ssl), yet.")); + } + return validate_arguments (); } @@ -851,6 +877,8 @@ print_help (void) #ifdef HAVE_SSL printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); + printf (" %s\n", "-s, --ssl"); + printf (" %s\n", _("Use SSL/TLS for the connection.")); printf (" %s\n", "-S, --starttls"); printf (" %s\n", _("Use STARTTLS for the connection.")); printf (" %s\n", "--sni"); -- cgit v1.2.3-74-g34f1 From e823896d8a39618e0cb60c5cd4e46f13bbc6a51d Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Wed, 14 Jun 2023 18:27:24 +0200 Subject: check_smtp: set default port to smtps (465) for TLS The port can still be set with -p. --- plugins/check_smtp.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index f3ba9e38..474557d5 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -50,7 +50,8 @@ int days_till_exp_warn, days_till_exp_crit; #endif enum { - SMTP_PORT = 25 + SMTP_PORT = 25, + SMTPS_PORT = 465 }; #define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n" #define SMTP_EXPECT "220" @@ -650,6 +651,7 @@ process_arguments (int argc, char **argv) case 's': /* ssl */ use_ssl = TRUE; + server_port = SMTPS_PORT; break; case 'S': /* starttls */ @@ -879,6 +881,7 @@ print_help (void) printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); printf (" %s\n", "-s, --ssl"); printf (" %s\n", _("Use SSL/TLS for the connection.")); + printf (_(" Sets default port to %d.\n"), SMTPS_PORT); printf (" %s\n", "-S, --starttls"); printf (" %s\n", _("Use STARTTLS for the connection.")); printf (" %s\n", "--sni"); -- cgit v1.2.3-74-g34f1 From da81dd3cf29c16ff1f9cf735482b9d4a0619f501 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Wed, 14 Jun 2023 20:25:50 +0200 Subject: check_smtp: remove restriction of --proxy with --ssl --- plugins/check_smtp.c | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 474557d5..4ceb9565 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -188,6 +188,13 @@ main (int argc, char **argv) result = my_tcp_connect (server_address, server_port, &sd); if (result == STATE_OK) { /* we connected */ + /* If requested, send PROXY header */ + if (use_proxy_prefix) { + if (verbose) + printf ("Sending header %s\n", PROXY_PREFIX); + my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); + } + #ifdef HAVE_SSL if (use_ssl) { result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); @@ -202,13 +209,6 @@ main (int argc, char **argv) } #endif - /* If requested, send PROXY header */ - if (use_proxy_prefix) { - if (verbose) - printf ("Sending header %s\n", PROXY_PREFIX); - my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); - } - /* watch for the SMTP connection string and */ /* return a WARNING status if we couldn't read any data */ if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { @@ -718,10 +718,6 @@ process_arguments (int argc, char **argv) usage4 (_("Set either -s/--ssl or -S/--starttls")); } - if (use_ssl && use_proxy_prefix) { - usage4 (_("PROXY protocol (-r/--proxy) is not implemented with SSL/TLS (-s/--ssl), yet.")); - } - return validate_arguments (); } -- cgit v1.2.3-74-g34f1 From 079c300dcc6479b53e1f84a6b9446c7f403a7612 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Wed, 14 Jun 2023 20:29:25 +0200 Subject: check_smtp: add new longoption --tls This is an alias for -s/--ssl. --- plugins/check_smtp.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 4ceb9565..3990ad82 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -505,6 +505,7 @@ process_arguments (int argc, char **argv) {"help", no_argument, 0, 'h'}, {"lmtp", no_argument, 0, 'L'}, {"ssl", no_argument, 0, 's'}, + {"tls", no_argument, 0, 's'}, {"starttls",no_argument,0,'S'}, {"sni", no_argument, 0, SNI_OPTION}, {"certificate",required_argument,0,'D'}, @@ -715,7 +716,7 @@ process_arguments (int argc, char **argv) from_arg = strdup(" "); if (use_starttls && use_ssl) { - usage4 (_("Set either -s/--ssl or -S/--starttls")); + usage4 (_("Set either -s/--ssl/--tls or -S/--starttls")); } return validate_arguments (); @@ -875,7 +876,7 @@ print_help (void) #ifdef HAVE_SSL printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); - printf (" %s\n", "-s, --ssl"); + printf (" %s\n", "-s, --ssl, --tls"); printf (" %s\n", _("Use SSL/TLS for the connection.")); printf (_(" Sets default port to %d.\n"), SMTPS_PORT); printf (" %s\n", "-S, --starttls"); -- cgit v1.2.3-74-g34f1 From ce96ef868a5ee14947b9e213e3c36917cdd9e786 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Tue, 29 Aug 2023 09:35:53 +0200 Subject: check_smtp: Let port option always take precedence MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Otherwise -s/--ssl would overwrite a port given with -p if it comes after it, e. g. check_smtp -H mailhost.example.com -p 4465 --ssl Found-By: Lorenz Kästle --- plugins/check_smtp.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 3990ad82..fc0ae2c4 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -84,6 +84,7 @@ int eflags = 0; int errcode, excode; int server_port = SMTP_PORT; +int server_port_option = 0; char *server_address = NULL; char *server_expect = NULL; char *mail_command = NULL; @@ -544,7 +545,7 @@ process_arguments (int argc, char **argv) break; case 'p': /* port */ if (is_intpos (optarg)) - server_port = atoi (optarg); + server_port_option = atoi (optarg); else usage4 (_("Port must be a positive integer")); break; @@ -719,6 +720,10 @@ process_arguments (int argc, char **argv) usage4 (_("Set either -s/--ssl/--tls or -S/--starttls")); } + if (server_port_option != 0) { + server_port = server_port_option; + } + return validate_arguments (); } -- cgit v1.2.3-74-g34f1 From 8fa9370a0c0d576c5e8cb945e4195541be7f3823 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Tue, 29 Aug 2023 10:58:31 +0200 Subject: Rename test variables for upcoming new variables with the same name --- .github/NPTest.cache | 4 ++-- plugins/t/check_smtp.t | 22 +++++++++++----------- 2 files changed, 13 insertions(+), 13 deletions(-) (limited to 'plugins') diff --git a/.github/NPTest.cache b/.github/NPTest.cache index 232305a7..c8dbdf61 100644 --- a/.github/NPTest.cache +++ b/.github/NPTest.cache @@ -25,8 +25,8 @@ 'NP_HOST_TCP_POP' => 'pop.web.de', 'NP_HOST_TCP_PROXY' => 'localhost', 'NP_HOST_TCP_SMTP' => 'localhost', - 'NP_HOST_TCP_SMTP_NOTLS' => '', - 'NP_HOST_TCP_SMTP_TLS' => '', + 'NP_HOST_TCP_SMTP_NOSTARTTLS' => '', + 'NP_HOST_TCP_SMTP_STARTTLS' => '', 'NP_HOST_TLS_CERT' => 'localhost', 'NP_HOST_TLS_HTTP' => 'localhost', 'NP_HOST_UDP_TIME' => 'none', diff --git a/plugins/t/check_smtp.t b/plugins/t/check_smtp.t index aa6dae45..fd09ed22 100644 --- a/plugins/t/check_smtp.t +++ b/plugins/t/check_smtp.t @@ -8,12 +8,12 @@ use strict; use Test::More; use NPTest; -my $host_tcp_smtp = getTestParameter( "NP_HOST_TCP_SMTP", +my $host_tcp_smtp = getTestParameter( "NP_HOST_TCP_SMTP", "A host providing an SMTP Service (a mail server)", "mailhost"); -my $host_tcp_smtp_tls = getTestParameter( "NP_HOST_TCP_SMTP_TLS", - "A host providing SMTP with TLS", $host_tcp_smtp); -my $host_tcp_smtp_notls = getTestParameter( "NP_HOST_TCP_SMTP_NOTLS", - "A host providing SMTP without TLS", ""); +my $host_tcp_smtp_starttls = getTestParameter( "NP_HOST_TCP_SMTP_STARTTLS", + "A host providing SMTP with STARTTLS", $host_tcp_smtp); +my $host_tcp_smtp_nostarttls = getTestParameter( "NP_HOST_TCP_SMTP_NOSTARTTLS", + "A host providing SMTP without STARTTLS", ""); my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1" ); @@ -45,16 +45,16 @@ SKIP: { } SKIP: { - skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls; - # SSL connection for TLS - $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p 25 -S" ); + skip "No SMTP server with STARTTLS defined", 1 unless $host_tcp_smtp_starttls; + # SSL connection for STARTTLS + $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_starttls -p 25 -S" ); is ($res->return_code, 0, "OK, with STARTTLS" ); } SKIP: { - skip "No SMTP server without TLS defined", 2 unless $host_tcp_smtp_notls; - $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_notls -p 25 -S" ); - is ($res->return_code, 1, "OK, got warning from server without TLS"); + skip "No SMTP server without STARTTLS defined", 2 unless $host_tcp_smtp_nostarttls; + $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_nostarttls -p 25 -S" ); + is ($res->return_code, 1, "OK, got warning from server without STARTTLS"); is ($res->output, "WARNING - TLS not supported by server", "Right error message" ); } -- cgit v1.2.3-74-g34f1 From 06ebad83995921b622aecbd2111f1f6e6c62efc4 Mon Sep 17 00:00:00 2001 From: Franz Schwartau Date: Tue, 29 Aug 2023 15:12:47 +0200 Subject: check_smtp: add tests for --ssl --- .github/NPTest.cache | 1 + .github/prepare_debian.sh | 6 +++++- plugins/t/check_smtp.t | 20 +++++++++++++++++++- 3 files changed, 25 insertions(+), 2 deletions(-) (limited to 'plugins') diff --git a/.github/NPTest.cache b/.github/NPTest.cache index e3694573..d488d1b9 100644 --- a/.github/NPTest.cache +++ b/.github/NPTest.cache @@ -27,6 +27,7 @@ 'NP_HOST_TCP_SMTP' => 'localhost', 'NP_HOST_TCP_SMTP_NOSTARTTLS' => '', 'NP_HOST_TCP_SMTP_STARTTLS' => 'localhost', + 'NP_HOST_TCP_SMTP_TLS' => 'localhost', 'NP_HOST_TLS_CERT' => 'localhost', 'NP_HOST_TLS_HTTP' => 'localhost', 'NP_HOST_UDP_TIME' => 'none', diff --git a/.github/prepare_debian.sh b/.github/prepare_debian.sh index 9611670d..dcf778bc 100755 --- a/.github/prepare_debian.sh +++ b/.github/prepare_debian.sh @@ -116,7 +116,11 @@ service snmpd start # start cron, will be used by check_nagios cron -# start postfix +# postfix +cat <> /etc/postfix/master.cf +smtps inet n - n - - smtpd + -o smtpd_tls_wrappermode=yes +EOD service postfix start # start ftpd diff --git a/plugins/t/check_smtp.t b/plugins/t/check_smtp.t index fd09ed22..1a1ebe3e 100644 --- a/plugins/t/check_smtp.t +++ b/plugins/t/check_smtp.t @@ -14,6 +14,8 @@ my $host_tcp_smtp_starttls = getTestParameter( "NP_HOST_TCP_SMTP_STARTTLS", "A host providing SMTP with STARTTLS", $host_tcp_smtp); my $host_tcp_smtp_nostarttls = getTestParameter( "NP_HOST_TCP_SMTP_NOSTARTTLS", "A host providing SMTP without STARTTLS", ""); +my $host_tcp_smtp_tls = getTestParameter( "NP_HOST_TCP_SMTP_TLS", + "A host providing SMTP with TLS", $host_tcp_smtp); my $host_nonresponsive = getTestParameter( "NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1" ); @@ -22,7 +24,7 @@ my $hostname_invalid = getTestParameter( "NP_HOSTNAME_INVALID", "An invalid (not known to DNS) hostname", "nosuchhost" ); my $res; -plan tests => 10; +plan tests => 16; SKIP: { skip "No SMTP server defined", 4 unless $host_tcp_smtp; @@ -42,6 +44,10 @@ SKIP: { local $TODO = "Output is over two lines"; like ( $res->output, qr/^SMTP WARNING/, "Correct error message" ); } + + $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp --ssl -p 25" ); + is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp with TLS on standard SMTP port" ); + like ($res->output, qr/^CRITICAL - Cannot make SSL connection\./, "Check output of connecting to $host_tcp_smtp with TLS on standard SMTP port"); } SKIP: { @@ -58,6 +64,18 @@ SKIP: { is ($res->output, "WARNING - TLS not supported by server", "Right error message" ); } +SKIP: { + skip "No SMTP server with TLS defined", 1 unless $host_tcp_smtp_tls; + $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls --ssl" ); + is ($res->return_code, 0, "Check rc of connecting to $host_tcp_smtp_tls with TLS" ); + like ($res->output, qr/^SMTP OK - /, "Check output of connecting to $host_tcp_smtp_tls with TLS" ); + + my $unused_port = 4465; + $res = NPTest->testCmd( "./check_smtp -H $host_tcp_smtp_tls -p $unused_port --ssl" ); + is ($res->return_code, 2, "Check rc of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port" ); + like ($res->output, qr/^connect to address $host_tcp_smtp_tls and port $unused_port: Connection refused/, "Check output of connecting to $host_tcp_smtp_tls with TLS on unused port $unused_port"); +} + $res = NPTest->testCmd( "./check_smtp $host_nonresponsive" ); is ($res->return_code, 2, "CRITICAL - host non responding" ); -- cgit v1.2.3-74-g34f1 From f5acd14048c8c2c7c446d99f2bf4d85b9dc62080 Mon Sep 17 00:00:00 2001 From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> Date: Tue, 5 Sep 2023 00:00:09 +0200 Subject: check_radius: Change help to emphasize the necessity of a config file --- plugins/check_radius.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'plugins') diff --git a/plugins/check_radius.c b/plugins/check_radius.c index 984aa37e..b1b4938c 100644 --- a/plugins/check_radius.c +++ b/plugins/check_radius.c @@ -381,7 +381,7 @@ print_help (void) printf ("\n"); printf ("%s\n", _("This plugin tests a RADIUS server to see if it is accepting connections.")); printf ("%s\n", _("The server to test must be specified in the invocation, as well as a user")); - printf ("%s\n", _("name and password. A configuration file may also be present. The format of")); + printf ("%s\n", _("name and password. A configuration file must be present. The format of")); printf ("%s\n", _("the configuration file is described in the radiusclient library sources.")); printf ("%s\n", _("The password option presents a substantial security issue because the")); printf ("%s\n", _("password can possibly be determined by careful watching of the command line")); -- cgit v1.2.3-74-g34f1