From mikeal.clark at gmail.com Thu Sep 3 18:20:22 2015 From: mikeal.clark at gmail.com (Mikeal Clark) Date: Thu, 3 Sep 2015 11:20:22 -0500 Subject: Check_ping on debian Message-ID: Hello, I'm having a lot of false positives consistently with check_ping Debian. I've tried changing the default max packets and I'm getting unexpected %s of packet loss. If I do 5 packets sometimes I get 16% packet loss, if I do 1 packet sometimes I get 50% packet loss. Am I misunderstanding something about how this works? Those don't see like percentages I should be able to get out of those packet numbers. I have IPv6 disabled in Debian and I'm passing the -4 parameter as well. I've been unable to duplicate the failures using the normal ping command, but I can duplicate them using check_ping in a bash script. Thanks, From magnus at boden.cx Sun Sep 13 09:52:06 2015 From: magnus at boden.cx (Magnus) Date: Sun, 13 Sep 2015 09:52:06 +0200 Subject: Thresholds Message-ID: <55F52B26.1040205@boden.cx> Hello, https://www.monitoring-plugins.org/doc/new-threshold-syntax.html I would also like a duration parameter for the threshold, for example a lot of units only has a CPU usage not a load average and to avoid alerts during short spikes of load it would be great to say that for example only issue warning or critical if the load is > 80% for 15 minutes or something like that. This is good for most things I think like the load on an interface an so on. Has this been discussed, can this be added to the threshold syntax? Regards Magnus From tim.isted at justdevelop.it Mon Sep 14 12:03:20 2015 From: tim.isted at justdevelop.it (Tim Isted) Date: Mon, 14 Sep 2015 11:03:20 +0100 Subject: check_procs Message-ID: <2070838.B3D5VYf4eg@senna> Synopsis: Multiple process matches for -C "command", additional string check -a "string" can also return multiple results. Feature suggestion: additional arg to exclude false positive matched strings -- *Tim Isted* [1] *e-mail / google talk:* tim.isted at justdevelop.it[2] -------- [1] http://2795e28bf2b2ef8758ca-6cb46d7f2bd1781f275ae168b1a0da94.r88.cf3.rackcdn.com/jdi-signature.gif [2] mailto:tim.isted at justdevelop.it -------------- next part -------------- An HTML attachment was scrubbed... URL: From waja at cyconet.org Mon Sep 14 14:50:39 2015 From: waja at cyconet.org (Jan Wagner) Date: Mon, 14 Sep 2015 14:50:39 +0200 Subject: 2th October, Bug squashing sprint Message-ID: <55F6C29F.1080200@cyconet.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi there, as the last Sprint was a good move forward, we thought it`s time to held another "bug squashing sprint" on Friday, October 02. We will start after a morning coffee at 8 o'clock UTC. As last time the idea is to tackle a number of pull requests and bug reports in a joint effort, as that will be more fun than doing it all alone. Maybe we'll also have time to work on long-outstanding issues, depending on workload. Our main communication channel will be the #monitoring-plugins IRC room on freenode. Anyone interested is welcome to join us! Development skills aren't required: Things like categorizing issues, testing fixes, and digging up entertaining xkcd comics will help a lot. We're looking forward to meet and would be very happy to welcome you on Friday, October 02! Jan. - -- Never write mail to , you have been warned! - -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GIT d-- s+: a C+++ UL++++ P+ L+++ E--- W+++ N+++ o++ K++ w--- O M V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h---- r+++ y++++ - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJV9sKeAAoJEAxwVXtaBlE+yLQP/3oTXjufF7I7Nv9bfP0G6NrR aJ4M9O9AWzVkhZiMMp3lMlA2hqAYnVhgAFGxm66G44Cg4okKP82xq6Y8B9QJoqZk 7IYeDt0FyAG6tSuwx2Y/MnYGSS+Ebojw7PXaKbRVpsAoabT21g6OVqgateAyI+NS JVMfA+NNOznba47BRNxUfrhbFyKLnAnjdVWWuI+RJW/ek+T5l9gblwHrgTV1tj2i 8owOtftmjP47W4E1HzGwWi52zhc/f5VDr6wuoc4YniNNa+74dsB4LNZxwF/xmjgn zPk8u+UdyiNkeK52dl5+vx7HGW/1PtgG3wWj6gj7tMMtvPwIebbPVGXnmpxTv1UD mGTh2SrG6Joutdcy5fDnVhWMHGKPDo/awPVSEJo1za+U0XB0hrnjm3mtSV1AY1hs ClMl2LB5e2etkVAqXEqJU2L7x1XGs+i8X9P65kp6zS9RMm422YSWHWf1DgKKfkJP TP0AaFKZuA4jtn3vBem8LS+NcCIRc17yeQkoEox4i/U7N4AArtkSn8Z4UgIdE3EV sG/5a1QFV3Uq9UmGFL29HO5rY8PeQuTlqS8/2nVPtzNRth1OXluRPK5cSuNQbjX3 nqbJFOLIR5It8t0rZJxbqc2G+0QzTfY4ZwBrf8g4wcXoIAzBn9HZz7KAYL/OCJez A8OJajnlVIvPFjDbYO2r =cQYA -----END PGP SIGNATURE----- From notifications at github.com Mon Sep 14 19:09:45 2015 From: notifications at github.com (seccentral) Date: Mon, 14 Sep 2015 10:09:45 -0700 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: Yes this is still a problem. and now most https checks are useless. When can we expect an update ? -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-140146468 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Jochen.Bern at LINworks.de Mon Sep 14 19:19:19 2015 From: Jochen.Bern at LINworks.de (Jochen Bern) Date: Mon, 14 Sep 2015 19:19:19 +0200 Subject: check_procs In-Reply-To: <2070838.B3D5VYf4eg@senna> References: <2070838.B3D5VYf4eg@senna> Message-ID: <55F70197.1090505@LINworks.de> On 09/14/2015 12:03 PM, Tim Isted wrote: > Synopsis: > Multiple process matches for -C "command", additional string check > -a "string" can also return multiple results. > > Feature suggestion: additional arg to exclude false positive matched > strings Technically already present (you can use -a / --argument-array and --ereg-argument-array concurrently). Regards, Jochen Bern Systemingenieur -- LINworks GmbH Fon: +49 6151 9067-231 Fax: +49 6151 9067-299 E-Mail: Jochen.Bern at LINworks.de Web: http://www.LINworks.de/ NEC IT Infrastrukturprodukte vom Deutschland Distributor Server, Storage, Virtualisierung, Management Software Shop: http://www.NEC-Store.de/ Briefanschrift: Postfach 10 01 21 ? 64201 Darmstadt ? DE Hausanschrift: Robert-Koch-Stra?e 9 ? 64331 Weiterstadt ? DE Gesch?ftsf?hrer: Metin Dogan, Nils Manegold, Oliver Michel Unternehmenssitz: Weiterstadt Register: Amtsgericht Darmstadt, HRB 85202 MAX21-Unternehmensgruppe -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3924 bytes Desc: S/MIME Cryptographic Signature URL: From notifications at github.com Tue Sep 15 11:20:01 2015 From: notifications at github.com (waja) Date: Tue, 15 Sep 2015 02:20:01 -0700 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: Just to complete this thread, there is a reply on our development mailing list (https://www.monitoring-plugins.org/archive/devel/2015-August/010055.html): "It should still connect when you use auto-negotiation." -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-140334448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Tue Sep 15 11:22:02 2015 From: notifications at github.com (waja) Date: Tue, 15 Sep 2015 02:22:02 -0700 Subject: check_http: Fix for checking http on different virtual port [sf#3442015] (#1026) In-Reply-To: References: Message-ID: Reopened #1026. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1026#event-409583967 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Tue Sep 15 11:25:52 2015 From: notifications at github.com (waja) Date: Tue, 15 Sep 2015 02:25:52 -0700 Subject: check_http: Fix for checking http on different virtual port (#1348) In-Reply-To: References: Message-ID: Anyways ... recreating/rebasing would help for the sprint (https://www.monitoring-plugins.org/news/bug-squashing-fall-2015.html), as we maybe can integrate it with less work. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1348#issuecomment-140335657 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Tue Sep 15 12:00:46 2015 From: notifications at github.com (seccentral) Date: Tue, 15 Sep 2015 03:00:46 -0700 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: Don't know about their/his/her setup but i've tried and by default it's auto (right ? manual sais so anyway) " -S, --ssl=VERSION Connect via SSL. Port defaults to 443. VERSION is optional, and prevents auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)." so even if i use -S --ssl=1 it still fails. albeit with a different error: (with --ssl=1) CRITICAL - Cannot make SSL connection. 140318164997776:error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error:s3_pkt.c:1294:SSL alert number 80 -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-140342586 -------------- next part -------------- An HTML attachment was scrubbed... URL: From pacetownsley at gmail.com Tue Sep 15 13:18:40 2015 From: pacetownsley at gmail.com (J Adams) Date: Tue, 15 Sep 2015 07:18:40 -0400 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: --ssl=1 turns off auto negotiation. Against a site that offers only 1.2, using -S without specifying the version works for me. On Tue, Sep 15, 2015 at 6:00 AM, seccentral wrote: > Don't know about their/his/her setup but i've tried and by default it's > auto (right ? manual sais so anyway) > " -S, --ssl=VERSION > Connect via SSL. Port defaults to 443. VERSION is optional, and prevents > auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)." > so even if i use -S --ssl=1 it still fails. albeit with a different error: > (with --ssl=1) > CRITICAL - Cannot make SSL connection. > 140318164997776:error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert > internal error:s3_pkt.c:1294:SSL alert number 80 > > ? > Reply to this email on GitHub > > . > -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Tue Sep 15 17:53:20 2015 From: notifications at github.com (seccentral) Date: Tue, 15 Sep 2015 08:53:20 -0700 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: Big update on this and solution *nohack* So how do you check a host with SNI ? like this : openssl s_client -connect www.example.com:443 -servername www.example.com works perfectly. And this made me think. now back to the icinga1/2/nagios/etc check_http execution. this is the correct way to use the command to check a webhost with sni check_http -H www.example.com -S --sni HTTP OK: HTTP/1.1 200 OK - 13667 bytes in 1.031 second response time |time=1.031097s;;;0.000000 size=13667B;;;0 Now, -H stands for vhost but i guess in the context of sni it's somewhat the same thing tho the documentation should be updated. Here is a host object definition for such a check sequence from hosts.conf ==== [...] object Host www.example.com { address www.example.com vars.http_vhost = "www.example.com" vars.http_sni = "true" vars.server_type = "Web Servers" vars[...] # any other required on-setup vars } [...] and the check is simple . sequence from a customservicechecks.conf *justanexamplename* ==== [...] apply Service "https" { import "generic-service" check_command = "http" vars.http_ssl = "true" assign where host.vars.server_type == "Web Servers" } [...] Now i don't know about nagios 1/2/3/4, this is icinga2 syntax but this should be adaptable to nagios configs. Yay and big thanks to Mr. Rob Stradling at openssl who (although unrelated to nagios/icinga) gave me a very important hint. Rock on \m/ -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-140439377 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Wed Sep 16 14:58:08 2015 From: notifications at github.com (waja) Date: Wed, 16 Sep 2015 05:58:08 -0700 Subject: check_geom for freebsd (#1351) In-Reply-To: References: Message-ID: As there exists https://github.com/glensc/nagios-plugin-check_raid I don`t believe we will integrate that. We removed the contrib/ directory with the 1.5 release. The documentation as also some bits about that at https://www.monitoring-plugins.org/doc/guidelines.html#CONTRIBUTEDPLUGINS -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1351#issuecomment-140733628 -------------- next part -------------- An HTML attachment was scrubbed... URL: From support at voipbusiness.us Wed Sep 16 15:20:13 2015 From: support at voipbusiness.us (Tech Support) Date: Wed, 16 Sep 2015 09:20:13 -0400 Subject: check_geom for freebsd (#1351) In-Reply-To: References: Message-ID: <000f01d0f082$6cfdee20$46f9ca60$@us> How do I get off this list? From: Devel [mailto:devel-bounces+support=voipbusiness.us at monitoring-plugins.org] On Behalf Of waja Sent: Wednesday, September 16, 2015 8:58 AM To: Monitoring Plugins Development Subject: Re: check_geom for freebsd (#1351) As there exists https://github.com/glensc/nagios-plugin-check_raid I don`t believe we will integrate that. We removed the contrib/ directory with the 1.5 release. The documentation as also some bits about that at https://www.monitoring-plugins.org/doc/guidelines.html#CONTRIBUTEDPLUGINS ? Reply to this email on GitHub . -------------- next part -------------- An HTML attachment was scrubbed... URL: From holger at zedat.fu-berlin.de Wed Sep 16 15:23:25 2015 From: holger at zedat.fu-berlin.de (Holger =?iso-8859-1?Q?Wei=DF?=) Date: Wed, 16 Sep 2015 15:23:25 +0200 Subject: check_geom for freebsd (#1351) In-Reply-To: <000f01d0f082$6cfdee20$46f9ca60$@us> References: <000f01d0f082$6cfdee20$46f9ca60$@us> Message-ID: <20150916132325.GC13667@zedat.fu-berlin.de> * Tech Support [2015-09-16 09:20]: > How do I get off this list? Send an email to with the subject "unsubscribe", or use the following web page: https://www.monitoring-plugins.org/list/options/devel Holger From waja at cyconet.org Wed Sep 16 16:18:41 2015 From: waja at cyconet.org (Jan Wagner) Date: Wed, 16 Sep 2015 16:18:41 +0200 Subject: check_geom for freebsd (#1351) In-Reply-To: <000f01d0f082$6cfdee20$46f9ca60$@us> References: <000f01d0f082$6cfdee20$46f9ca60$@us> Message-ID: <55F97A41.1080506@cyconet.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Am 16.09.15 um 15:20 schrieb Tech Support: > How do I get off this list? Looking into the mail header of every mail received via this list you can also find this one: List-Unsubscribe: , Cheers, Jan. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJV+XpBAAoJEAxwVXtaBlE+Dw4P/0i7gW+8q83GotN8vX4v6pAo pyEp8tJGO9gNCjr7Q27KPbae7nHoCTc1eP2STfAQNHpPABGO+b/6hBw2X+GYiBPW xceQAzpZ7jB2aYb+DBYtxsmPjlpP9QNCDrYRagVU0c5Fxd9L5pCfpEkHktrsZXlB SzIY+kZ3q9inMO/o9yU4nZQRZIBJfEfkKjwtyvPTqAr5jL0VlKYqS+3n6LQZesAl plYT2A3cRnZGA14DixGCSb0QH8vuFcUqnmFeV6Vk7DfGzr3glNjMLfHJrtGjUu01 vw9NZ6ALTN0ZkLfKRcdAmWcdgUAz3yKpTerKeNIbfLD9fsH6q1CCfK9J7b064M9a UGWUd+ilQ9PNmiwMPAeDs2BybDuAgPHVrCuU3Ex4+qDFFMCIKpv05A/QUcAUHm0X d+w0EbytyAwUJdUydWhTeIXzZhzfABgLkzDpKUNQjuih0HyhgchE3iQEOWnMoZQL 5QW6+WNQWHarxchcwknx5pBoh3FGyvkznSbgVOKXtGxKww3wiTQnK0KM8jfmBUcw E0mwfT/4HcMArBuZrIdyhLliWFn33/T4M0fedg9+Sio0Xp+lzifjfM2YtxGnfNH4 7OoHHXAEzXnIiU6N9UQKHetoVSzSYPC7SMhzGvQr/gr2YKAcv+FkdDXXpmJprR58 yXNLa9wWbpwpgRG6pxuE =hk3X -----END PGP SIGNATURE----- From notifications at github.com Wed Sep 16 17:09:30 2015 From: notifications at github.com (Dean Hamstead) Date: Wed, 16 Sep 2015 08:09:30 -0700 Subject: check_geom for freebsd (#1351) In-Reply-To: References: Message-ID: OK np. I will push the features in to check_raid then. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1351#issuecomment-140771059 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Wed Sep 16 17:09:30 2015 From: notifications at github.com (Dean Hamstead) Date: Wed, 16 Sep 2015 08:09:30 -0700 Subject: check_geom for freebsd (#1351) In-Reply-To: References: Message-ID: Closed #1351. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1351#event-411067597 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Fri Sep 18 17:05:04 2015 From: notifications at github.com (Gsemia) Date: Fri, 18 Sep 2015 08:05:04 -0700 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: PCI demanded from my company to disable internal TLSv1 Access to our Servers immediately. Only Public TLSv1 Access is still allowed until 2015-06-31. This means Monitoring is also affected and needs to have TLSv1 disabled. Having check_http not support TLSv1.2 breaks our Nagios monitoring. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-141477704 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Fri Sep 18 17:14:20 2015 From: notifications at github.com (waja) Date: Fri, 18 Sep 2015 08:14:20 -0700 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: @gsemia did try to just use "-S" without specifying the the version and using auto-negotiation as suggested by Stuart at https://www.monitoring-plugins.org/archive/devel/2015-August/010055.html? -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-141479746 -------------- next part -------------- An HTML attachment was scrubbed... URL: From stu at spacehopper.org Fri Sep 18 18:24:35 2015 From: stu at spacehopper.org (Stuart Henderson) Date: Fri, 18 Sep 2015 16:24:35 +0000 (UTC) Subject: check_http - support TLS v1.2 (#1338) References: Message-ID: On 2015-09-18, Gsemia wrote: > > PCI demanded from my company to disable internal TLSv1 Access to our Servers > immediately. Only Public TLSv1 Access is still allowed until 2015-06-31. > This means Monitoring is also affected and needs to have TLSv1 disabled. > Having check_http not support TLSv1.2 breaks our Nagios monitoring. > You could do something like this which changes the default check to TLSv1.0+ (I think at this point in the game it's reasonable to consider a service which doesn't TLS at all as down/broken ;-) and adds a new option to enforce TLSv1.2+ (allowing it to autodetect and connect to future protocol versions). --- plugins/check_http.c.orig Sun Nov 30 10:36:26 2014 +++ plugins/check_http.c Fri Sep 18 17:10:46 2015 @@ -344,8 +344,8 @@ process_arguments (int argc, char **argv) use_ssl = TRUE; if (c=='S' && optarg != NULL) { ssl_version = atoi(optarg); - if (ssl_version < 1 || ssl_version > 3) - usage4 (_("Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 (SSLv3)")); + if (ssl_version < 1 || ssl_version > 4) + usage4 (_("Invalid option - Valid values for SSL Version are 1 (TLSv1.0), 2 (SSLv2), 3 (SSLv3) or 4 (TLSv1.2+)")); } if (specify_port == FALSE) server_port = HTTPS_PORT; @@ -1468,8 +1468,8 @@ print_help (void) #ifdef HAVE_SSL printf (" %s\n", "-S, --ssl=VERSION"); - printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); - printf (" %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3).")); + printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and forces a")); + printf (" %s\n", _("particular version (1 = TLSv1.0, 2 = SSLv2, 3 = SSLv3, 4 = TLSv1.2+).")); printf (" %s\n", "--sni"); printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); --- plugins/sslutils.c.orig Sun Nov 30 10:36:26 2014 +++ plugins/sslutils.c Fri Sep 18 17:05:25 2015 @@ -49,12 +49,14 @@ int np_net_ssl_init_with_hostname_and_version(int sd, int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) { SSL_METHOD *method = NULL; + long options = 0; switch (version) { - case 0: /* Deafult to auto negotiation */ + case 0: /* Default to auto negotiate, TLS only */ + options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; method = SSLv23_client_method(); break; - case 1: /* TLSv1 protocol */ + case 1: /* TLSv1.0 only */ method = TLSv1_client_method(); break; case 2: /* SSLv2 protocol */ @@ -66,8 +68,22 @@ int np_net_ssl_init_with_hostname_version_and_cert(int #endif break; case 3: /* SSLv3 protocol */ +#if defined(OPENSSL_NO_SSL3) + printf(("%s\n", _("CRITICAL - SSL protocol version 3 is not supported by your SSL library."))); + return STATE_CRITICAL; +#else method = SSLv3_client_method(); +#endif break; + case 4: /* TLSv1.2+ only */ +#if !defined(SSL_OP_NO_TLSv1_2) || !defined(SSL_OP_NO_TLSv1_1) || !defined(SSL_OP_NO_TLSv1) + printf(("%s\n", _("CRITICAL - TLS protocol version 1.2 is not supported by your SSL library."))); + return STATE_CRITICAL; +#else + method = SSLv23_client_method(); + options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1; + break; +#endif default: /* Unsupported */ printf("%s\n", _("CRITICAL - Unsupported SSL protocol version.")); return STATE_CRITICAL; @@ -94,8 +110,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int #endif } #ifdef SSL_OP_NO_TICKET - SSL_CTX_set_options(c, SSL_OP_NO_TICKET); + options |= SSL_OP_NO_TICKET; #endif + SSL_CTX_set_options(c, options); SSL_CTX_set_mode(c, SSL_MODE_AUTO_RETRY); if ((s = SSL_new(c)) != NULL) { #ifdef SSL_set_tlsext_host_name --- po/de.po.orig Mon Dec 1 23:46:17 2014 +++ po/de.po Fri Sep 18 17:12:25 2015 @@ -1182,8 +1182,8 @@ msgstr "Ung?ltiger Zertifikatsablauftermin" #: plugins/check_http.c:348 msgid "" -"Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 " -"(SSLv3)" +"Invalid option - Valid values for SSL Version are 1 (TLSv1.0), 2 (SSLv2), 3 (SSLv3) " +"or 4 (TLSv1.2+)" msgstr "" #: plugins/check_http.c:354 plugins/check_tcp.c:603 @@ -1442,11 +1442,11 @@ msgstr "" #: plugins/check_http.c:1471 msgid "" -"Connect via SSL. Port defaults to 443. VERSION is optional, and prevents" +"Connect via SSL. Port defaults to 443. VERSION is optional, and forces a" msgstr "" #: plugins/check_http.c:1472 -msgid "auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)." +msgid "particular version (1 = TLSv1.0, 2 = SSLv2, 3 = SSLv3, 4 = TLSv1.2+)." msgstr "" #: plugins/check_http.c:1474 --- po/fr.po.orig Mon Dec 1 23:46:17 2014 +++ po/fr.po Fri Sep 18 17:12:32 2015 @@ -1221,8 +1221,8 @@ msgstr "P?riode d'expiration du certificat invalide" #: plugins/check_http.c:348 msgid "" -"Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 " -"(SSLv3)" +"Invalid option - Valid values for SSL Version are 1 (TLSv1.0), 2 (SSLv2), 3 (SSLv3) " +"or 4 (TLSv1.2+)" msgstr "" #: plugins/check_http.c:354 plugins/check_tcp.c:603 @@ -1483,11 +1483,11 @@ msgstr "Num?ro du port (d?faut: " #: plugins/check_http.c:1471 msgid "" -"Connect via SSL. Port defaults to 443. VERSION is optional, and prevents" +"Connect via SSL. Port defaults to 443. VERSION is optional, and forces a" msgstr "" #: plugins/check_http.c:1472 -msgid "auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)." +msgid "particular version (1 = TLSv1.0, 2 = SSLv2, 3 = SSLv3, 4 = TLSv1.2+)." msgstr "" #: plugins/check_http.c:1474 --- po/monitoring-plugins.pot.orig Mon Dec 1 23:46:16 2014 +++ po/monitoring-plugins.pot Fri Sep 18 17:12:20 2015 @@ -1142,8 +1142,8 @@ msgstr "" #: plugins/check_http.c:348 msgid "" -"Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 " -"(SSLv3)" +"Invalid option - Valid values for SSL Version are 1 (TLSv1.0), 2 (SSLv2), 3 (SSLv3) " +"or 4 (TLSv1.2+)" msgstr "" #: plugins/check_http.c:354 plugins/check_tcp.c:603 @@ -1393,11 +1393,11 @@ msgstr "" #: plugins/check_http.c:1471 msgid "" -"Connect via SSL. Port defaults to 443. VERSION is optional, and prevents" +"Connect via SSL. Port defaults to 443. VERSION is optional, and forces a" msgstr "" #: plugins/check_http.c:1472 -msgid "auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)." +msgid "particular version (1 = TLSv1.0, 2 = SSLv2, 3 = SSLv3, 4 = TLSv1.2+)." msgstr "" #: plugins/check_http.c:1474 From ae at op5.se Fri Sep 18 18:26:28 2015 From: ae at op5.se (Andreas Ericsson) Date: Fri, 18 Sep 2015 18:26:28 +0200 Subject: Thresholds In-Reply-To: <55F52B26.1040205@boden.cx> References: <55F52B26.1040205@boden.cx> Message-ID: <55FC3B34.4020503@op5.se> On 2015-09-13 09:52, Magnus wrote: > Hello, > > https://www.monitoring-plugins.org/doc/new-threshold-syntax.html > > I would also like a duration parameter for the threshold, for example a > lot of units only has a CPU usage not a load average and to avoid alerts > during short spikes of load it would be great to say that for example > only issue warning or critical if the load is > 80% for 15 minutes or > something like that. This is good for most things I think like the load > on an interface an so on. > > Has this been discussed, can this be added to the threshold syntax? > That would be part of the "max_check_attempts" machinery. Plugins don't maintain state unless they absolutely have to. Adding logic like this to them would be redundant, since it's already available in all major checking engines that support them. I suggest you use a GUI that lets you filter out the soft checks from the results you're viewing. That will let you configure things so that only things that have been bad for a long time will register on your horizon. Although for load specifically, there is actually a 15-min interval that you can set thresholds for. -- Andreas Ericsson andreas.ericsson at op5.se OP5 AB www.op5.se Tel: +46 8-230225 Fax: +46 8-230231 Considering the successes of the wars on alcohol, poverty, drugs and terror, I think we should give some serious thought to declaring war on peace. From notifications at github.com Fri Sep 18 20:40:59 2015 From: notifications at github.com (keith4) Date: Fri, 18 Sep 2015 11:40:59 -0700 Subject: add tls 1.1 and 1.2 support for check_http (#1354) Message-ID: You can view, comment on, or merge this pull request online at: https://github.com/monitoring-plugins/monitoring-plugins/pull/1354 -- Commit Summary -- * add tls 1.1 1.2 support for check_http -- File Changes -- M plugins/check_http.c (16) M plugins/sslutils.c (6) -- Patch Links -- https://github.com/monitoring-plugins/monitoring-plugins/pull/1354.patch https://github.com/monitoring-plugins/monitoring-plugins/pull/1354.diff -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1354 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Sat Sep 19 17:52:03 2015 From: notifications at github.com (Sam Kottler) Date: Sat, 19 Sep 2015 08:52:03 -0700 Subject: com.supercell.clashofclans (#1353) In-Reply-To: References: Message-ID: Not sure what this means. Closing. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1353#issuecomment-141682447 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Sat Sep 19 17:52:05 2015 From: notifications at github.com (Sam Kottler) Date: Sat, 19 Sep 2015 08:52:05 -0700 Subject: com.supercell.clashofclans (#1353) In-Reply-To: References: Message-ID: Closed #1353. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1353#event-413937428 -------------- next part -------------- An HTML attachment was scrubbed... URL: From frnkblk at iname.com Sun Sep 20 23:42:19 2015 From: frnkblk at iname.com (frnkblk at iname.com) Date: Sun, 20 Sep 2015 16:42:19 -0500 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: <004501d0f3ed$3becd580$b3c68080$@iname.com> Can we tweak this feature such that we can list which SSL/TLS versions to use/try? Also, what do we need to do support HTTP 2.0? Frank From: Devel [mailto:devel-bounces+frnkblk=iname.com at monitoring-plugins.org] On Behalf Of J Adams Sent: Tuesday, September 15, 2015 6:19 AM To: Monitoring Plugins Development Subject: Re: check_http - support TLS v1.2 (#1338) --ssl=1 turns off auto negotiation. Against a site that offers only 1.2, using -S without specifying the version works for me. On Tue, Sep 15, 2015 at 6:00 AM, seccentral > wrote: Don't know about their/his/her setup but i've tried and by default it's auto (right ? manual sais so anyway) " -S, --ssl=VERSION Connect via SSL. Port defaults to 443. VERSION is optional, and prevents auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)." so even if i use -S --ssl=1 it still fails. albeit with a different error: (with --ssl=1) CRITICAL - Cannot make SSL connection. 140318164997776:error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error:s3_pkt.c:1294:SSL alert number 80 ? Reply to this email on GitHub . -------------- next part -------------- An HTML attachment was scrubbed... URL: From samuel.mutel at gmail.com Mon Sep 21 09:23:20 2015 From: samuel.mutel at gmail.com (Samuel Mutel) Date: Mon, 21 Sep 2015 09:23:20 +0200 Subject: Fwd: Segmentation Fault(coredump) on solaris 10 In-Reply-To: References: Message-ID: ---------- Forwarded message ---------- From: Samuel Mutel Date: 2015-09-18 14:11 GMT+02:00 Subject: Segmentation Fault(coredump) on solaris 10 To: help at monitoring-plugins.org Hello, After compiling monitoring-plugins on solaris 10, i tried to use check_procs plugin. The result is Segmentation Fault(coredump). Any help on this topic will be appreciate ? Thanks. Regards. -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Mon Sep 21 09:36:54 2015 From: notifications at github.com (=?UTF-8?B?RWxhbiBSdXVzYW3DpGU=?=) Date: Mon, 21 Sep 2015 00:36:54 -0700 Subject: com.supercell.clashofclans (#1353) In-Reply-To: References: Message-ID: spammer perhaps? -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1353#issuecomment-141898616 -------------- next part -------------- An HTML attachment was scrubbed... URL: From holger at zedat.fu-berlin.de Mon Sep 21 09:50:25 2015 From: holger at zedat.fu-berlin.de (Holger =?iso-8859-1?Q?Wei=DF?=) Date: Mon, 21 Sep 2015 09:50:25 +0200 Subject: Segmentation Fault(coredump) on solaris 10 In-Reply-To: References: Message-ID: <20150921075025.GP13667@zedat.fu-berlin.de> * Samuel Mutel [2015-09-18 14:11]: > After compiling monitoring-plugins on solaris 10, i tried to use > check_procs plugin. > The result is Segmentation Fault(coredump). Any chance you could get us a backtrace? E.g., if you're using the GNU build/development tools, you could call gdb -q /path/to/check_procs and then (within gdb) run bt With Sun's tools, you'd use "dbx" instead of "gdb" and "where" instead of "bt". Holger From notifications at github.com Mon Sep 21 10:10:24 2015 From: notifications at github.com (waja) Date: Mon, 21 Sep 2015 01:10:24 -0700 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: Stuart Henderson wrote at https://www.monitoring-plugins.org/archive/devel/2015-September/010076.html: You could do something like this which changes the default check to TLSv1.0+ (I think at this point in the game it's reasonable to consider a service which doesn't TLS at all as down/broken ;-) and adds a new option to enforce TLSv1.2+ (allowing it to autodetect and connect to future protocol versions). [check_http_support_TLS_v1.2.patch.txt](https://github.com/monitoring-plugins/monitoring-plugins/files/2220/check_http_support_TLS_v1.2.patch.txt) -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-141904034 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Mon Sep 21 10:12:52 2015 From: notifications at github.com (waja) Date: Mon, 21 Sep 2015 01:12:52 -0700 Subject: add tls 1.1 and 1.2 support for check_http (#1354) In-Reply-To: References: Message-ID: This is a proposed patch for #1338 -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1354#issuecomment-141904319 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Tue Sep 22 14:00:50 2015 From: notifications at github.com (Fredrik Rambris) Date: Tue, 22 Sep 2015 05:00:50 -0700 Subject: Add check_nrpe like behaviour to check_http (#1355) Message-ID: With my change you format a web page response like Nagios plugin output, put the numeric exit code in the X-NRPE-Status header, set the Content-Type to text/nagios and the check_http plugin behaves like check_nrpe. Instead of having to parse the output of your own web applications to suit Nagios, why not have them output the status in that format already. You can view, comment on, or merge this pull request online at: https://github.com/monitoring-plugins/monitoring-plugins/pull/1355 -- Commit Summary -- * Added NRPE like funtionality to check_http * Removed old get_content_length -- File Changes -- M plugins/check_http.c (66) -- Patch Links -- https://github.com/monitoring-plugins/monitoring-plugins/pull/1355.patch https://github.com/monitoring-plugins/monitoring-plugins/pull/1355.diff -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From stu at spacehopper.org Thu Sep 24 14:11:00 2015 From: stu at spacehopper.org (Stuart Henderson) Date: Thu, 24 Sep 2015 12:11:00 +0000 (UTC) Subject: check_http - support TLS v1.2 (#1338) References: <004501d0f3ed$3becd580$b3c68080$@iname.com> Message-ID: On 2015-09-20, Frank Bulk wrote: > Also, what do we need to do support HTTP 2.0? That's quite a bit more complicated than check_http currently has to handle. I think the best option for this might be a separate check program using a version of libcurl built with HTTP/2.0 support. https://github.com/andreasbaumann/nagios-plugin-curl might be a starting point (or might even be directly usable). From rhagman at op5.com Thu Sep 24 09:27:10 2015 From: rhagman at op5.com (Robin Hagman) Date: Thu, 24 Sep 2015 09:27:10 +0200 Subject: New SNMP plugins Message-ID: Hello the people of the monitoring plugins project! I'm a developer at op5 that have worked with Andreas Ericsson on a few new plugins that can check different aspects of a system over SNMP. So far we have written plugins to check disk usage, memory usage, processes and system load average and will probably add more in the future. Is this something that you guys would be interested in adding to the project? If so, I could send you a pull request later on when we are happy with the plugins. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rhagman at op5.com Mon Sep 28 11:29:51 2015 From: rhagman at op5.com (Robin Hagman) Date: Mon, 28 Sep 2015 11:29:51 +0200 Subject: New SNMP plugins In-Reply-To: References: Message-ID: Hello again! The new SNMP plugins will be ready in a few days so I would like to have a response from you guys about the interest of bringing in these plugins into the project. If you have any questions I'm available via email and on IRC (rhagman), have a nice day! On Thu, Sep 24, 2015 at 9:27 AM, Robin Hagman wrote: > Hello the people of the monitoring plugins project! > > I'm a developer at op5 that have worked with Andreas Ericsson on a few new > plugins that can check different aspects of a system over SNMP. So far we > have written plugins to check disk usage, memory usage, processes and > system load average and will probably add more in the future. Is this > something that you guys would be interested in adding to the project? If > so, I could send you a pull request later on when we are happy with the > plugins. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Mon Sep 28 14:27:42 2015 From: notifications at github.com (Oliver Skibbe) Date: Mon, 28 Sep 2015 05:27:42 -0700 Subject: check_ping: added option for packet size (#1356) Message-ID: - added option (-s/--packetsize) for setting packet size (limited to 65528 Bytes, according to RFC791) - added DEFAULT_PACKET_SIZE constant with 56 Bytes - disabled ping check for UnixWare in autoconf: if condition and with_ping_command had different syntax You can view, comment on, or merge this pull request online at: https://github.com/monitoring-plugins/monitoring-plugins/pull/1356 -- Commit Summary -- * * check_ping: added option for packet size -- File Changes -- M configure.ac (37) M plugins/check_ping.c (36) -- Patch Links -- https://github.com/monitoring-plugins/monitoring-plugins/pull/1356.patch https://github.com/monitoring-plugins/monitoring-plugins/pull/1356.diff -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1356 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Mon Sep 28 14:36:15 2015 From: notifications at github.com (Oliver Skibbe) Date: Mon, 28 Sep 2015 05:36:15 -0700 Subject: check_ping: added option for packet size (#1356) In-Reply-To: References: Message-ID: I'll take a look -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1356#issuecomment-143730734 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Mon Sep 28 15:28:26 2015 From: notifications at github.com (Oliver Skibbe) Date: Mon, 28 Sep 2015 06:28:26 -0700 Subject: check_ping: Adjusting packet size [sf#781002] (#229) In-Reply-To: References: Message-ID: Here's a suggested patch #1356 but the test is failing..maybe someone could have a look on it -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/229#issuecomment-143743807 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Wed Sep 30 15:44:22 2015 From: notifications at github.com (waja) Date: Wed, 30 Sep 2015 06:44:22 -0700 Subject: check_disk: sees wrong disk consumption on btrfs (#1357) Message-ID: In Debian we got reported (https://bugs.debian.org/800345) the following bugreport by Klaus Ethgen: Since several days, one of my checks went red for one of my boxes, mentioned that / is 100% full. But this is not true, there is plenty of space left. ~> df -Th Filesystem Type Size Used Avail Use% Mounted on /dev/sda1 btrfs 502M 338M 169M 67% / ... ~> btrfs fi df / System, single: total=4.00MiB, used=4.00KiB Data+Metadata, single: total=497.81MiB, used=329.71MiB GlobalReserve, single: total=8.00MiB, used=0.00B ~> /usr/lib/nagios/plugins/check_disk -w '3%' -c '1%' DISK CRITICAL - free space: / 0 MB (0% inode=-)]; ... ~> grep ' / ' /proc/mounts /dev/sda1 / btrfs rw,nodiratime,relatime,compress=zlib,ssd,discard,space_cache,autodefrag 0 0 All other partitions worked well but it constantly shows / to be full. ~> /usr/lib/nagios/plugins/check_disk -w '3%' -c '1%' -vvv Thresholds(pct) for / warn: 3,000000 crit 1,000000 calling stat on / For /, used_pct=100 free_pct=0 used_units=337 free_units=0 total_units=501 used_inodes_pct=-1 free_inodes_pct=101 fsp.fsu_blocksize=4096 mult=1048576 Freespace_units result=0 Freespace% result=2 Usedspace_units result=0 Usedspace_percent result=0 Usedinodes_percent result=0 Freeinodes_percent result=0 And to give you what stat gives: ~> stat -f / File: "/" ID: a446833a80ceeb6a Namelen: 255 Type: btrfs Block size: 4096 Fundamental block size: 4096 Blocks: Total: 128472 Free: 42014 Available: 43031 Inodes: Total: 0 Free: 0 I think, I found the bug. line 1044: p->available = fsp->fsu_bavail > fsp->fsu_bfree ? 0 : fsp->fsu_bavail; But from the stat I see that: ... Free: 41708 Available: 42725 I think, that BDE^HD workarround here is broken for btrfs and maybe other filesystems that supports compression. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1357 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Wed Sep 30 15:48:28 2015 From: notifications at github.com (=?UTF-8?B?QmVub8OudC5T?=) Date: Wed, 30 Sep 2015 06:48:28 -0700 Subject: check_http: Odd bug with SSL check. (#1358) Message-ID: ``` $ /usr/lib/nagios/plugins/check_http -V check_http v2.1.1 (monitoring-plugins 2.1.1) ``` If we check an Apache 2.2 server under Debian Wheezy, all is OK. ``` $ /usr/lib/nagios/plugins/check_http -S -H $MYDOMAIN HTTP OK: HTTP/1.1 200 OK - 2481 bytes in 0.582 second response time |time=0.582011s;;;0.000000 size=2481B;;;0 ``` If we check an Apache 2.4 server under Debian Jessie, there is an odd bug. ``` $ /usr/lib/nagios/plugins/check_http -S -H $MYDOMAIN HTTP OK: HTTP/1.1 200 OK - 2392 bytes in 7.530 second response time |time=7.529691s;;;0.000000 size=2392B;;;0 $ /usr/bin/time curl https://$MYDOMAIN -k -o /dev/null -s 0.00user 0.00system 0:00.28elapsed 2%CPU (0avgtext+0avgdata 8828maxresident)k ``` Why it took 7+s where curl took 0.28s? The fact is check_http doesn't seems to speak the same HTTPS as curl. I traced Apache to see more informations. ``` 14:57:42 accept4(6, {sa_family=AF_INET6, sin6_port=htons(53216), inet_pton(AF_INET6, "::ffff:88.179.18.233", &sin6_addr), sin6_flowinfo =0, sin6_scope_id=0}, [28], SOCK_CLOEXEC) = 29 14:57:42 read(29, 0x7f7ddd36b048, 8000) = -1 EAGAIN (Resource temporarily unavailable) 14:57:42 poll([{fd=29, events=POLLIN}], 1, 7000) = 0 (Timeout) 14:57:49 close(29) = 0 ``` It took 7+s, because my Apache server has a Timeout of 7s. Apache seems to wait something from check_http, before timeout occurs. (You can set Apache timeout to 30s, check_http will take 30+s). An here comes the really odd part. ``` $ /usr/lib/nagios/plugins/check_http -S -H $MYDOMAIN -N HTTP OK: HTTP/1.1 200 OK - 256 bytes in 0.555 second response time |time=0.554783s;;;0.000000 size=256B;;;0 ``` With -N, all is OK. Any ideas? I opened the issue here because I have only this odd bug with check_http, not with curl, wget, browsers? It may be related to Apache, but that's quite odd. --- Reply to this email directly or view it on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1358 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Wed Sep 30 23:18:31 2015 From: notifications at github.com (waja) Date: Wed, 30 Sep 2015 14:18:31 -0700 Subject: Adds a new option to enforce TLSv1.2+ (#1359) Message-ID: (allowing it to autodetect and connect to future protocol versions) Closes #1338 You can view, comment on, or merge this pull request online at: https://github.com/monitoring-plugins/monitoring-plugins/pull/1359 -- Commit Summary -- * Adds a new option to enforce TLSv1.2+ -- File Changes -- M plugins/check_http.c (8) M plugins/sslutils.c (23) M po/de.po (8) M po/fr.po (8) M po/monitoring-plugins.pot (8) -- Patch Links -- https://github.com/monitoring-plugins/monitoring-plugins/pull/1359.patch https://github.com/monitoring-plugins/monitoring-plugins/pull/1359.diff -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1359 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Wed Sep 30 23:19:41 2015 From: notifications at github.com (waja) Date: Wed, 30 Sep 2015 14:19:41 -0700 Subject: check_http - support TLS v1.2 (#1338) In-Reply-To: References: Message-ID: @sthen I created #1359 with your proposed changes, feel free to adjust if needed. -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-144546046 -------------- next part -------------- An HTML attachment was scrubbed... URL: From notifications at github.com Wed Sep 30 23:21:33 2015 From: notifications at github.com (waja) Date: Wed, 30 Sep 2015 14:21:33 -0700 Subject: add tls 1.1 and 1.2 support for check_http (#1354) In-Reply-To: References: Message-ID: Might be superseded by #1338 -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/pull/1354#issuecomment-144546427 -------------- next part -------------- An HTML attachment was scrubbed... URL: