summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--plugins/check_http.c86
1 files changed, 46 insertions, 40 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 306e4a2e..733388b8 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -177,7 +177,7 @@ int errcode;
177#define HTTP_EXPECT "HTTP/1." 177#define HTTP_EXPECT "HTTP/1."
178#define HTTP_URL "/" 178#define HTTP_URL "/"
179 179
180char timestamp[10] = ""; 180char timestamp[17] = "";
181int specify_port = FALSE; 181int specify_port = FALSE;
182int server_port = HTTP_PORT; 182int server_port = HTTP_PORT;
183char server_port_text[6] = ""; 183char server_port_text[6] = "";
@@ -434,7 +434,7 @@ process_arguments (int argc, char **argv)
434 regexp[MAX_RE_SIZE - 1] = 0; 434 regexp[MAX_RE_SIZE - 1] = 0;
435 errcode = regcomp (&preg, regexp, cflags); 435 errcode = regcomp (&preg, regexp, cflags);
436 if (errcode != 0) { 436 if (errcode != 0) {
437 regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); 437 (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
438 printf ("Could Not Compile Regular Expression: %s", errbuf); 438 printf ("Could Not Compile Regular Expression: %s", errbuf);
439 return ERROR; 439 return ERROR;
440 } 440 }
@@ -530,7 +530,10 @@ check_http (void)
530 int i = 0; 530 int i = 0;
531 size_t pagesize = 0; 531 size_t pagesize = 0;
532 char *full_page = NULL; 532 char *full_page = NULL;
533 char *buf = NULL;
533 char *pos = NULL; 534 char *pos = NULL;
535 char *x = NULL;
536 char *orig_url = NULL;
534 537
535 /* try to connect to the host at the given port number */ 538 /* try to connect to the host at the given port number */
536#ifdef HAVE_SSL 539#ifdef HAVE_SSL
@@ -549,25 +552,25 @@ check_http (void)
549 return STATE_CRITICAL; 552 return STATE_CRITICAL;
550 } 553 }
551 554
552 snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url); 555 buf = ssprintf (buf, "%s %s HTTP/1.0\r\n", http_method, server_url);
553 if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { 556 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
554 ERR_print_errors_fp (stderr); 557 ERR_print_errors_fp (stderr);
555 return STATE_CRITICAL; 558 return STATE_CRITICAL;
556 } 559 }
557 560
558 /* optionally send the host header info (not clear if it's usable) */ 561 /* optionally send the host header info (not clear if it's usable) */
559 if (strcmp (host_name, "")) { 562 if (strcmp (host_name, "")) {
560 snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name); 563 buf = ssprintf (buf, "Host: %s\r\n", host_name);
561 if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { 564 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
562 ERR_print_errors_fp (stderr); 565 ERR_print_errors_fp (stderr);
563 return STATE_CRITICAL; 566 return STATE_CRITICAL;
564 } 567 }
565 } 568 }
566 569
567 /* send user agent */ 570 /* send user agent */
568 snprintf (buffer, MAX_INPUT_BUFFER - 1, "User-Agent: check_http/%s (nagios-plugins %s)\r\n", 571 buf = ssprintf (buf, "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
569 clean_revstring (REVISION), PACKAGE_VERSION); 572 clean_revstring (REVISION), PACKAGE_VERSION);
570 if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { 573 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
571 ERR_print_errors_fp (stderr); 574 ERR_print_errors_fp (stderr);
572 return STATE_CRITICAL; 575 return STATE_CRITICAL;
573 } 576 }
@@ -575,8 +578,8 @@ check_http (void)
575 /* optionally send the authentication info */ 578 /* optionally send the authentication info */
576 if (strcmp (user_auth, "")) { 579 if (strcmp (user_auth, "")) {
577 auth = base64 (user_auth, strlen (user_auth)); 580 auth = base64 (user_auth, strlen (user_auth));
578 snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth); 581 buf = ssprintf (buf, "Authorization: Basic %s\r\n", auth);
579 if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { 582 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
580 ERR_print_errors_fp (stderr); 583 ERR_print_errors_fp (stderr);
581 return STATE_CRITICAL; 584 return STATE_CRITICAL;
582 } 585 }
@@ -584,13 +587,13 @@ check_http (void)
584 587
585 /* optionally send http POST data */ 588 /* optionally send http POST data */
586 if (http_post_data) { 589 if (http_post_data) {
587 snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n"); 590 buf = ssprintf (buf, "Content-Type: application/x-www-form-urlencoded\r\n");
588 if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { 591 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
589 ERR_print_errors_fp (stderr); 592 ERR_print_errors_fp (stderr);
590 return STATE_CRITICAL; 593 return STATE_CRITICAL;
591 } 594 }
592 snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); 595 buf = ssprintf (buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
593 if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { 596 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
594 ERR_print_errors_fp (stderr); 597 ERR_print_errors_fp (stderr);
595 return STATE_CRITICAL; 598 return STATE_CRITICAL;
596 } 599 }
@@ -602,8 +605,8 @@ check_http (void)
602 } 605 }
603 606
604 /* send a newline so the server knows we're done with the request */ 607 /* send a newline so the server knows we're done with the request */
605 snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n"); 608 buf = ssprintf (buf, "\r\n\r\n");
606 if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { 609 if (SSL_write (ssl, buf, strlen (buf)) == -1) {
607 ERR_print_errors_fp (stderr); 610 ERR_print_errors_fp (stderr);
608 return STATE_CRITICAL; 611 return STATE_CRITICAL;
609 } 612 }
@@ -615,44 +618,44 @@ check_http (void)
615 msg = ssprintf (msg, "Unable to open TCP socket"); 618 msg = ssprintf (msg, "Unable to open TCP socket");
616 terminate (STATE_CRITICAL, msg); 619 terminate (STATE_CRITICAL, msg);
617 } 620 }
618 snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url); 621 buf = ssprintf (buf, "%s %s HTTP/1.0\r\n", http_method, server_url);
619 send (sd, buffer, strlen (buffer), 0); 622 send (sd, buf, strlen (buf), 0);
620 623
621 624
622 625
623 /* optionally send the host header info */ 626 /* optionally send the host header info */
624 if (strcmp (host_name, "")) { 627 if (strcmp (host_name, "")) {
625 snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name); 628 buf = ssprintf (buf, "Host: %s\r\n", host_name);
626 send (sd, buffer, strlen (buffer), 0); 629 send (sd, buf, strlen (buf), 0);
627 } 630 }
628 631
629 /* send user agent */ 632 /* send user agent */
630 snprintf (buffer, MAX_INPUT_BUFFER - 1, 633 buf = ssprintf (buf,
631 "User-Agent: check_http/%s (nagios-plugins %s)\r\n", 634 "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
632 clean_revstring (REVISION), PACKAGE_VERSION); 635 clean_revstring (REVISION), PACKAGE_VERSION);
633 send (sd, buffer, strlen (buffer), 0); 636 send (sd, buf, strlen (buf), 0);
634 637
635 /* optionally send the authentication info */ 638 /* optionally send the authentication info */
636 if (strcmp (user_auth, "")) { 639 if (strcmp (user_auth, "")) {
637 auth = base64 (user_auth, strlen (user_auth)); 640 auth = base64 (user_auth, strlen (user_auth));
638 snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth); 641 buf = ssprintf (buf, "Authorization: Basic %s\r\n", auth);
639 send (sd, buffer, strlen (buffer), 0); 642 send (sd, buf, strlen (buf), 0);
640 } 643 }
641 644
642 /* optionally send http POST data */ 645 /* optionally send http POST data */
643 /* written by Chris Henesy <lurker@shadowtech.org> */ 646 /* written by Chris Henesy <lurker@shadowtech.org> */
644 if (http_post_data) { 647 if (http_post_data) {
645 snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n"); 648 buf = ssprintf (buf, "Content-Type: application/x-www-form-urlencoded\r\n");
646 send (sd, buffer, strlen (buffer), 0); 649 send (sd, buf, strlen (buf), 0);
647 snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); 650 buf = ssprintf (buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
648 send (sd, buffer, strlen (buffer), 0); 651 send (sd, buf, strlen (buf), 0);
649 http_post_data = strscat (http_post_data, "\r\n"); 652 http_post_data = strscat (http_post_data, "\r\n");
650 send (sd, http_post_data, strlen (http_post_data), 0); 653 send (sd, http_post_data, strlen (http_post_data), 0);
651 } 654 }
652 655
653 /* send a newline so the server knows we're done with the request */ 656 /* send a newline so the server knows we're done with the request */
654 snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n"); 657 buf = ssprintf (buf, "\r\n\r\n");
655 send (sd, buffer, strlen (buffer), 0); 658 send (sd, buf, strlen (buf), 0);
656#ifdef HAVE_SSL 659#ifdef HAVE_SSL
657 } 660 }
658#endif 661#endif
@@ -759,19 +762,20 @@ check_http (void)
759 strstr (status_line, "303") || 762 strstr (status_line, "303") ||
760 strstr (status_line, "304")) { 763 strstr (status_line, "304")) {
761 if (onredirect == STATE_DEPENDENT) { 764 if (onredirect == STATE_DEPENDENT) {
762 765
766 orig_url = strscpy(NULL, server_url);
763 pos = header; 767 pos = header;
764 while (pos) { 768 while (pos) {
765 server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH); 769 server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH);
766 if (server_address == NULL) 770 if (server_address == NULL)
767 terminate (STATE_UNKNOWN, 771 terminate (STATE_UNKNOWN,
768 "HTTP UNKNOWN: could not allocate server_address"); 772 "HTTP UNKNOWN: could not allocate server_address");
769 if (strspn (pos, "\r\n") > server_url_length) { 773 if (strcspn (pos, "\r\n") > server_url_length) {
770 server_url = realloc (server_url, strspn (pos, "\r\n")); 774 server_url = realloc (server_url, strcspn (pos, "\r\n"));
771 if (server_url == NULL) 775 if (server_url == NULL)
772 terminate (STATE_UNKNOWN, 776 terminate (STATE_UNKNOWN,
773 "HTTP UNKNOWN: could not allocate server_url"); 777 "HTTP UNKNOWN: could not allocate server_url");
774 server_url_length = strspn (pos, "\r\n"); 778 server_url_length = strcspn (pos, "\r\n");
775 } 779 }
776 if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) { 780 if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {
777 host_name = strscpy (host_name, server_address); 781 host_name = strscpy (host_name, server_address);
@@ -799,9 +803,13 @@ check_http (void)
799 server_port = server_port_check (use_ssl); 803 server_port = server_port_check (use_ssl);
800 check_http (); 804 check_http ();
801 } 805 }
802 else if (sscanf (pos, HDR_LOCATION URI_PATH, server_url) == 1) { 806 else if (sscanf (pos, HDR_LOCATION URI_PATH, server_url) == 1) {
807 if ((server_url[0] != '/') && (x = strrchr(orig_url, '/'))) {
808 *x = '\0';
809 server_url = ssprintf (server_url, "%s/%s", orig_url, server_url);
810 }
803 check_http (); 811 check_http ();
804 } 812 }
805 pos += (size_t) strcspn (pos, "\r\n"); 813 pos += (size_t) strcspn (pos, "\r\n");
806 pos += (size_t) strspn (pos, "\r\n"); 814 pos += (size_t) strspn (pos, "\r\n");
807 } /* end while (pos) */ 815 } /* end while (pos) */
@@ -945,8 +953,6 @@ check_certificate (X509 ** certificate)
945 int offset; 953 int offset;
946 struct tm stamp; 954 struct tm stamp;
947 int days_left; 955 int days_left;
948 /* int result = STATE_OK; */
949 /* char timestamp[14]; */
950 956
951 957
952 /* Retrieve timestamp of certificate */ 958 /* Retrieve timestamp of certificate */
@@ -991,7 +997,7 @@ check_certificate (X509 ** certificate)
991 997
992 days_left = (mktime (&stamp) - time (NULL)) / 86400; 998 days_left = (mktime (&stamp) - time (NULL)) / 86400;
993 snprintf 999 snprintf
994 (timestamp, MAX_INPUT_BUFFER - 1, "%02d/%02d/%04d %02d:%02d", 1000 (timestamp, 16, "%02d/%02d/%04d %02d:%02d",
995 stamp.tm_mon + 1, 1001 stamp.tm_mon + 1,
996 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); 1002 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min);
997 1003