diff options
| author | Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> | 2025-11-28 12:21:08 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-11-28 12:21:08 +0100 |
| commit | db2983da7e8175ca3928998d4547acdf75d55dc0 (patch) | |
| tree | 45bbbb2e6f6cf17f8058cb5428a5f0fb43d94b94 /plugins/check_curl.d/check_curl_helpers.c | |
| parent | 2f96b82c9b67ca1aad6cd584a9c458d060bdd4bb (diff) | |
| download | monitoring-plugins-db2983da7e8175ca3928998d4547acdf75d55dc0.tar.gz | |
Fix/check curl sticky redir (#2188)
* check_curl: avoid freeing memory when we don't know where it came from
* check_curl: when using -f sticky conserve IPv6 addresses properly
When running the check on an ipv6 address with a sticky onredirect
policy like in this example:
check_curl -6 -H example.com -I ::1 -f sticky
It results in a getaddrinfo error:
HTTP CRITICAL - Unable to lookup IP address for '[::1]': getaddrinfo returned -3 - Temporary failure in name resolution
This happens because in check_http() if the content of server_addr is an
ipv6 address enclosing brackets are added and on redirection a
subsequent call to check_http() will pass this now bracketed value to
getaddrinfo resulting in the error.
To work around this, strip the brackets from the address prior to the
lookup_host() call.
* add Michael Jeanson to thanks
Diffstat (limited to 'plugins/check_curl.d/check_curl_helpers.c')
| -rw-r--r-- | plugins/check_curl.d/check_curl_helpers.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/plugins/check_curl.d/check_curl_helpers.c b/plugins/check_curl.d/check_curl_helpers.c index d49d8f07..e4e7bef6 100644 --- a/plugins/check_curl.d/check_curl_helpers.c +++ b/plugins/check_curl.d/check_curl_helpers.c | |||
| @@ -128,8 +128,20 @@ check_curl_configure_curl(const check_curl_static_curl_config config, | |||
| 128 | char dnscache[DEFAULT_BUFFER_SIZE]; | 128 | char dnscache[DEFAULT_BUFFER_SIZE]; |
| 129 | char addrstr[DEFAULT_BUFFER_SIZE / 2]; | 129 | char addrstr[DEFAULT_BUFFER_SIZE / 2]; |
| 130 | if (working_state.use_ssl && working_state.host_name != NULL) { | 130 | if (working_state.use_ssl && working_state.host_name != NULL) { |
| 131 | char *tmp_mod_address; | ||
| 132 | |||
| 133 | /* lookup_host() requires an IPv6 address without the brackets. */ | ||
| 134 | if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) && | ||
| 135 | (working_state.server_address[0] == '[')) { | ||
| 136 | // Duplicate and strip the leading '[' | ||
| 137 | tmp_mod_address = | ||
| 138 | strndup(working_state.server_address + 1, strlen(working_state.server_address) - 2); | ||
| 139 | } else { | ||
| 140 | tmp_mod_address = working_state.server_address; | ||
| 141 | } | ||
| 142 | |||
| 131 | int res; | 143 | int res; |
| 132 | if ((res = lookup_host(working_state.server_address, addrstr, DEFAULT_BUFFER_SIZE / 2, | 144 | if ((res = lookup_host(tmp_mod_address, addrstr, DEFAULT_BUFFER_SIZE / 2, |
| 133 | config.sin_family)) != 0) { | 145 | config.sin_family)) != 0) { |
| 134 | die(STATE_CRITICAL, | 146 | die(STATE_CRITICAL, |
| 135 | _("Unable to lookup IP address for '%s': getaddrinfo returned %d - %s"), | 147 | _("Unable to lookup IP address for '%s': getaddrinfo returned %d - %s"), |