summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--plugins/check_http.c1685
1 files changed, 872 insertions, 813 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 6c6810f..440c842 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -1,46 +1,47 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2 *
3* Monitoring check_http plugin 3 * Monitoring check_http plugin
4* 4 *
5* License: GPL 5 * License: GPL
6* Copyright (c) 1999-2013 Monitoring Plugins Development Team 6 * Copyright (c) 1999-2013 Monitoring Plugins Development Team
7* 7 *
8* Description: 8 * Description:
9* 9 *
10* This file contains the check_http plugin 10 * This file contains the check_http plugin
11* 11 *
12* This plugin tests the HTTP service on the specified host. It can test 12 * This plugin tests the HTTP service on the specified host. It can test
13* normal (http) and secure (https) servers, follow redirects, search for 13 * normal (http) and secure (https) servers, follow redirects, search for
14* strings and regular expressions, check connection times, and report on 14 * strings and regular expressions, check connection times, and report on
15* certificate expiration times. 15 * certificate expiration times.
16* 16 *
17* 17 *
18* This program is free software: you can redistribute it and/or modify 18 * This program is free software: you can redistribute it and/or modify
19* it under the terms of the GNU General Public License as published by 19 * it under the terms of the GNU General Public License as published by
20* the Free Software Foundation, either version 3 of the License, or 20 * the Free Software Foundation, either version 3 of the License, or
21* (at your option) any later version. 21 * (at your option) any later version.
22* 22 *
23* This program is distributed in the hope that it will be useful, 23 * This program is distributed in the hope that it will be useful,
24* but WITHOUT ANY WARRANTY; without even the implied warranty of 24 * but WITHOUT ANY WARRANTY; without even the implied warranty of
25* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26* GNU General Public License for more details. 26 * GNU General Public License for more details.
27* 27 *
28* You should have received a copy of the GNU General Public License 28 * You should have received a copy of the GNU General Public License
29* along with this program. If not, see <http://www.gnu.org/licenses/>. 29 * along with this program. If not, see <http://www.gnu.org/licenses/>.
30* 30 *
31* 31 *
32*****************************************************************************/ 32 *****************************************************************************/
33 33
34/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */ 34/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/
35 * ../../plugins/check_http.c */
35 36
36const char *progname = "check_http"; 37const char *progname = "check_http";
37const char *copyright = "1999-2022"; 38const char *copyright = "1999-2022";
38const char *email = "devel@monitoring-plugins.org"; 39const char *email = "devel@monitoring-plugins.org";
39 40
41#include "base64.h"
40#include "common.h" 42#include "common.h"
41#include "netutils.h" 43#include "netutils.h"
42#include "utils.h" 44#include "utils.h"
43#include "base64.h"
44#include <ctype.h> 45#include <ctype.h>
45 46
46#define STICKY_NONE 0 47#define STICKY_NONE 0
@@ -63,19 +64,18 @@ int ssl_version = 0;
63int days_till_exp_warn, days_till_exp_crit; 64int days_till_exp_warn, days_till_exp_crit;
64char *randbuff; 65char *randbuff;
65X509 *server_cert; 66X509 *server_cert;
66# define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) 67#define my_recv(buf, len) \
67# define my_send(buf, len) ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) 68 ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
69#define my_send(buf, len) \
70 ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
68#else /* ifndef HAVE_SSL */ 71#else /* ifndef HAVE_SSL */
69# define my_recv(buf, len) read(sd, buf, len) 72#define my_recv(buf, len) read(sd, buf, len)
70# define my_send(buf, len) send(sd, buf, len, 0) 73#define my_send(buf, len) send(sd, buf, len, 0)
71#endif /* HAVE_SSL */ 74#endif /* HAVE_SSL */
72bool no_body = false; 75bool no_body = false;
73int maximum_age = -1; 76int maximum_age = -1;
74 77
75enum { 78enum { REGS = 2, MAX_RE_SIZE = 1024 };
76 REGS = 2,
77 MAX_RE_SIZE = 1024
78};
79#include "regex.h" 79#include "regex.h"
80regex_t preg; 80regex_t preg;
81regmatch_t pmatch[REGS]; 81regmatch_t pmatch[REGS];
@@ -136,71 +136,67 @@ char buffer[MAX_INPUT_BUFFER];
136char *client_cert = NULL; 136char *client_cert = NULL;
137char *client_privkey = NULL; 137char *client_privkey = NULL;
138 138
139bool process_arguments (int, char **); 139bool process_arguments(int, char **);
140int check_http (void); 140int check_http(void);
141void redir (char *pos, char *status_line); 141void redir(char *pos, char *status_line);
142bool server_type_check(const char *type); 142bool server_type_check(const char *type);
143int server_port_check(int ssl_flag); 143int server_port_check(int ssl_flag);
144char *perfd_time (double microsec); 144char *perfd_time(double microsec);
145char *perfd_time_connect (double microsec); 145char *perfd_time_connect(double microsec);
146char *perfd_time_ssl (double microsec); 146char *perfd_time_ssl(double microsec);
147char *perfd_time_firstbyte (double microsec); 147char *perfd_time_firstbyte(double microsec);
148char *perfd_time_headers (double microsec); 148char *perfd_time_headers(double microsec);
149char *perfd_time_transfer (double microsec); 149char *perfd_time_transfer(double microsec);
150char *perfd_size (int page_len); 150char *perfd_size(int page_len);
151void print_help (void); 151void print_help(void);
152void print_usage (void); 152void print_usage(void);
153 153
154int 154int main(int argc, char **argv) {
155main (int argc, char **argv)
156{
157 int result = STATE_UNKNOWN; 155 int result = STATE_UNKNOWN;
158 156
159 setlocale (LC_ALL, ""); 157 setlocale(LC_ALL, "");
160 bindtextdomain (PACKAGE, LOCALEDIR); 158 bindtextdomain(PACKAGE, LOCALEDIR);
161 textdomain (PACKAGE); 159 textdomain(PACKAGE);
162 160
163 /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */ 161 /* Set default URL. Must be malloced for subsequent realloc if
162 * --onredirect=follow */
164 server_url = strdup(HTTP_URL); 163 server_url = strdup(HTTP_URL);
165 server_url_length = strlen(server_url); 164 server_url_length = strlen(server_url);
166 xasprintf (&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", 165 xasprintf(&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)",
167 NP_VERSION, VERSION); 166 NP_VERSION, VERSION);
168 167
169 /* Parse extra opts if any */ 168 /* Parse extra opts if any */
170 argv=np_extra_opts (&argc, argv, progname); 169 argv = np_extra_opts(&argc, argv, progname);
171 170
172 if (process_arguments (argc, argv) == false) 171 if (process_arguments(argc, argv) == false)
173 usage4 (_("Could not parse arguments")); 172 usage4(_("Could not parse arguments"));
174 173
175 if (display_html == true) 174 if (display_html == true)
176 printf ("<A HREF=\"%s://%s:%d%s\" target=\"_blank\">", 175 printf("<A HREF=\"%s://%s:%d%s\" target=\"_blank\">",
177 use_ssl ? "https" : "http", host_name ? host_name : server_address, 176 use_ssl ? "https" : "http", host_name ? host_name : server_address,
178 server_port, server_url); 177 server_port, server_url);
179 178
180 /* initialize alarm signal handling, set socket timeout, start timer */ 179 /* initialize alarm signal handling, set socket timeout, start timer */
181 (void) signal (SIGALRM, socket_timeout_alarm_handler); 180 (void)signal(SIGALRM, socket_timeout_alarm_handler);
182 (void) alarm (socket_timeout); 181 (void)alarm(socket_timeout);
183 gettimeofday (&tv, NULL); 182 gettimeofday(&tv, NULL);
184 183
185 result = check_http (); 184 result = check_http();
186 return result; 185 return result;
187} 186}
188 187
189/* check whether a file exists */ 188/* check whether a file exists */
190void 189void test_file(char *path) {
191test_file (char *path)
192{
193 if (access(path, R_OK) == 0) 190 if (access(path, R_OK) == 0)
194 return; 191 return;
195 usage2 (_("file does not exist or is not readable"), path); 192 usage2(_("file does not exist or is not readable"), path);
196} 193}
197 194
198/* 195/*
199 * process command-line arguments 196 * process command-line arguments
200 * returns true on succes, false otherwise 197 * returns true on succes, false otherwise
201 */ 198 */
202bool process_arguments (int argc, char **argv) 199bool process_arguments(int argc, char **argv) {
203{
204 int c = 1; 200 int c = 1;
205 char *p; 201 char *p;
206 char *temp; 202 char *temp;
@@ -214,83 +210,85 @@ bool process_arguments (int argc, char **argv)
214 210
215 int option = 0; 211 int option = 0;
216 static struct option longopts[] = { 212 static struct option longopts[] = {
217 STD_LONG_OPTS, 213 STD_LONG_OPTS,
218 {"link", no_argument, 0, 'L'}, 214 {"link", no_argument, 0, 'L'},
219 {"nohtml", no_argument, 0, 'n'}, 215 {"nohtml", no_argument, 0, 'n'},
220 {"ssl", optional_argument, 0, 'S'}, 216 {"ssl", optional_argument, 0, 'S'},
221 {"sni", no_argument, 0, SNI_OPTION}, 217 {"sni", no_argument, 0, SNI_OPTION},
222 {"post", required_argument, 0, 'P'}, 218 {"post", required_argument, 0, 'P'},
223 {"method", required_argument, 0, 'j'}, 219 {"method", required_argument, 0, 'j'},
224 {"IP-address", required_argument, 0, 'I'}, 220 {"IP-address", required_argument, 0, 'I'},
225 {"url", required_argument, 0, 'u'}, 221 {"url", required_argument, 0, 'u'},
226 {"port", required_argument, 0, 'p'}, 222 {"port", required_argument, 0, 'p'},
227 {"authorization", required_argument, 0, 'a'}, 223 {"authorization", required_argument, 0, 'a'},
228 {"proxy-authorization", required_argument, 0, 'b'}, 224 {"proxy-authorization", required_argument, 0, 'b'},
229 {"header-string", required_argument, 0, 'd'}, 225 {"header-string", required_argument, 0, 'd'},
230 {"string", required_argument, 0, 's'}, 226 {"string", required_argument, 0, 's'},
231 {"expect", required_argument, 0, 'e'}, 227 {"expect", required_argument, 0, 'e'},
232 {"regex", required_argument, 0, 'r'}, 228 {"regex", required_argument, 0, 'r'},
233 {"ereg", required_argument, 0, 'r'}, 229 {"ereg", required_argument, 0, 'r'},
234 {"eregi", required_argument, 0, 'R'}, 230 {"eregi", required_argument, 0, 'R'},
235 {"linespan", no_argument, 0, 'l'}, 231 {"linespan", no_argument, 0, 'l'},
236 {"onredirect", required_argument, 0, 'f'}, 232 {"onredirect", required_argument, 0, 'f'},
237 {"certificate", required_argument, 0, 'C'}, 233 {"certificate", required_argument, 0, 'C'},
238 {"client-cert", required_argument, 0, 'J'}, 234 {"client-cert", required_argument, 0, 'J'},
239 {"private-key", required_argument, 0, 'K'}, 235 {"private-key", required_argument, 0, 'K'},
240 {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, 236 {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT},
241 {"useragent", required_argument, 0, 'A'}, 237 {"useragent", required_argument, 0, 'A'},
242 {"header", required_argument, 0, 'k'}, 238 {"header", required_argument, 0, 'k'},
243 {"no-body", no_argument, 0, 'N'}, 239 {"no-body", no_argument, 0, 'N'},
244 {"max-age", required_argument, 0, 'M'}, 240 {"max-age", required_argument, 0, 'M'},
245 {"content-type", required_argument, 0, 'T'}, 241 {"content-type", required_argument, 0, 'T'},
246 {"pagesize", required_argument, 0, 'm'}, 242 {"pagesize", required_argument, 0, 'm'},
247 {"invert-regex", no_argument, NULL, INVERT_REGEX}, 243 {"invert-regex", no_argument, NULL, INVERT_REGEX},
248 {"use-ipv4", no_argument, 0, '4'}, 244 {"use-ipv4", no_argument, 0, '4'},
249 {"use-ipv6", no_argument, 0, '6'}, 245 {"use-ipv6", no_argument, 0, '6'},
250 {"extended-perfdata", no_argument, 0, 'E'}, 246 {"extended-perfdata", no_argument, 0, 'E'},
251 {"show-body", no_argument, 0, 'B'}, 247 {"show-body", no_argument, 0, 'B'},
252 {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, 248 {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION},
253 {0, 0, 0, 0} 249 {0, 0, 0, 0}};
254 };
255 250
256 if (argc < 2) 251 if (argc < 2)
257 return false; 252 return false;
258 253
259 for (c = 1; c < argc; c++) { 254 for (c = 1; c < argc; c++) {
260 if (strcmp ("-to", argv[c]) == 0) 255 if (strcmp("-to", argv[c]) == 0)
261 strcpy (argv[c], "-t"); 256 strcpy(argv[c], "-t");
262 if (strcmp ("-hn", argv[c]) == 0) 257 if (strcmp("-hn", argv[c]) == 0)
263 strcpy (argv[c], "-H"); 258 strcpy(argv[c], "-H");
264 if (strcmp ("-wt", argv[c]) == 0) 259 if (strcmp("-wt", argv[c]) == 0)
265 strcpy (argv[c], "-w"); 260 strcpy(argv[c], "-w");
266 if (strcmp ("-ct", argv[c]) == 0) 261 if (strcmp("-ct", argv[c]) == 0)
267 strcpy (argv[c], "-c"); 262 strcpy(argv[c], "-c");
268 if (strcmp ("-nohtml", argv[c]) == 0) 263 if (strcmp("-nohtml", argv[c]) == 0)
269 strcpy (argv[c], "-n"); 264 strcpy(argv[c], "-n");
270 } 265 }
271 266
272 while (1) { 267 while (1) {
273 c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option); 268 c = getopt_long(
269 argc, argv,
270 "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB",
271 longopts, &option);
274 if (c == -1 || c == EOF) 272 if (c == -1 || c == EOF)
275 break; 273 break;
276 274
277 switch (c) { 275 switch (c) {
278 case '?': /* usage */ 276 case '?': /* usage */
279 usage5 (); 277 usage5();
280 break; 278 break;
281 case 'h': /* help */ 279 case 'h': /* help */
282 print_help (); 280 print_help();
283 exit (STATE_UNKNOWN); 281 exit(STATE_UNKNOWN);
284 break; 282 break;
285 case 'V': /* version */ 283 case 'V': /* version */
286 print_revision (progname, NP_VERSION); 284 print_revision(progname, NP_VERSION);
287 exit (STATE_UNKNOWN); 285 exit(STATE_UNKNOWN);
288 break; 286 break;
289 case 't': /* timeout period */ 287 case 't': /* timeout period */
290 if (!is_intnonneg (optarg)) 288 if (!is_intnonneg(optarg))
291 usage2 (_("Timeout interval must be a positive integer"), optarg); 289 usage2(_("Timeout interval must be a positive integer"), optarg);
292 else 290 else
293 socket_timeout = atoi (optarg); 291 socket_timeout = atoi(optarg);
294 break; 292 break;
295 case 'c': /* critical time threshold */ 293 case 'c': /* critical time threshold */
296 critical_thresholds = optarg; 294 critical_thresholds = optarg;
@@ -299,13 +297,14 @@ bool process_arguments (int argc, char **argv)
299 warning_thresholds = optarg; 297 warning_thresholds = optarg;
300 break; 298 break;
301 case 'A': /* User Agent String */ 299 case 'A': /* User Agent String */
302 xasprintf (&user_agent, "User-Agent: %s", optarg); 300 xasprintf(&user_agent, "User-Agent: %s", optarg);
303 break; 301 break;
304 case 'k': /* Additional headers */ 302 case 'k': /* Additional headers */
305 if (http_opt_headers_count == 0) 303 if (http_opt_headers_count == 0)
306 http_opt_headers = malloc (sizeof (char *) * (++http_opt_headers_count)); 304 http_opt_headers = malloc(sizeof(char *) * (++http_opt_headers_count));
307 else 305 else
308 http_opt_headers = realloc (http_opt_headers, sizeof (char *) * (++http_opt_headers_count)); 306 http_opt_headers = realloc(http_opt_headers,
307 sizeof(char *) * (++http_opt_headers_count));
309 http_opt_headers[http_opt_headers_count - 1] = optarg; 308 http_opt_headers[http_opt_headers_count - 1] = optarg;
310 /* xasprintf (&http_opt_headers, "%s", optarg); */ 309 /* xasprintf (&http_opt_headers, "%s", optarg); */
311 break; 310 break;
@@ -317,27 +316,27 @@ bool process_arguments (int argc, char **argv)
317 break; 316 break;
318 case 'C': /* Check SSL cert validity */ 317 case 'C': /* Check SSL cert validity */
319#ifdef HAVE_SSL 318#ifdef HAVE_SSL
320 if ((temp=strchr(optarg,','))!=NULL) { 319 if ((temp = strchr(optarg, ',')) != NULL) {
321 *temp='\0'; 320 *temp = '\0';
322 if (!is_intnonneg (optarg)) 321 if (!is_intnonneg(optarg))
323 usage2 (_("Invalid certificate expiration period"), optarg); 322 usage2(_("Invalid certificate expiration period"), optarg);
324 days_till_exp_warn = atoi(optarg); 323 days_till_exp_warn = atoi(optarg);
325 *temp=','; 324 *temp = ',';
326 temp++; 325 temp++;
327 if (!is_intnonneg (temp)) 326 if (!is_intnonneg(temp))
328 usage2 (_("Invalid certificate expiration period"), temp); 327 usage2(_("Invalid certificate expiration period"), temp);
329 days_till_exp_crit = atoi (temp); 328 days_till_exp_crit = atoi(temp);
330 } 329 } else {
331 else { 330 days_till_exp_crit = 0;
332 days_till_exp_crit=0; 331 if (!is_intnonneg(optarg))
333 if (!is_intnonneg (optarg)) 332 usage2(_("Invalid certificate expiration period"), optarg);
334 usage2 (_("Invalid certificate expiration period"), optarg); 333 days_till_exp_warn = atoi(optarg);
335 days_till_exp_warn = atoi (optarg);
336 } 334 }
337 check_cert = true; 335 check_cert = true;
338 goto enable_ssl; 336 goto enable_ssl;
339#endif 337#endif
340 case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ 338 case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is
339 checked */
341#ifdef HAVE_SSL 340#ifdef HAVE_SSL
342 continue_after_check_cert = true; 341 continue_after_check_cert = true;
343 break; 342 break;
@@ -357,15 +356,16 @@ bool process_arguments (int argc, char **argv)
357 case 'S': /* use SSL */ 356 case 'S': /* use SSL */
358#ifdef HAVE_SSL 357#ifdef HAVE_SSL
359 enable_ssl: 358 enable_ssl:
360 /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple 359 /* ssl_version initialized to 0 as a default. Only set if it's non-zero.
361 parameters, like -S and -C combinations */ 360 This helps when we include multiple parameters, like -S and -C
361 combinations */
362 use_ssl = true; 362 use_ssl = true;
363 if (c=='S' && optarg != NULL) { 363 if (c == 'S' && optarg != NULL) {
364 int got_plus = strchr(optarg, '+') != NULL; 364 int got_plus = strchr(optarg, '+') != NULL;
365 365
366 if (!strncmp (optarg, "1.2", 3)) 366 if (!strncmp(optarg, "1.2", 3))
367 ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2; 367 ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2;
368 else if (!strncmp (optarg, "1.1", 3)) 368 else if (!strncmp(optarg, "1.1", 3))
369 ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1; 369 ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1;
370 else if (optarg[0] == '1') 370 else if (optarg[0] == '1')
371 ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1; 371 ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1;
@@ -374,101 +374,104 @@ bool process_arguments (int argc, char **argv)
374 else if (optarg[0] == '2') 374 else if (optarg[0] == '2')
375 ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2; 375 ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2;
376 else 376 else
377 usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); 377 usage4(_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 "
378 "(with optional '+' suffix)"));
378 } 379 }
379 if (specify_port == false) 380 if (specify_port == false)
380 server_port = HTTPS_PORT; 381 server_port = HTTPS_PORT;
381#else 382#else
382 /* -C -J and -K fall through to here without SSL */ 383 /* -C -J and -K fall through to here without SSL */
383 usage4 (_("Invalid option - SSL is not available")); 384 usage4(_("Invalid option - SSL is not available"));
384#endif 385#endif
385 break; 386 break;
386 case SNI_OPTION: 387 case SNI_OPTION:
387 use_sni = true; 388 use_sni = true;
388 break; 389 break;
389 case MAX_REDIRS_OPTION: 390 case MAX_REDIRS_OPTION:
390 if (!is_intnonneg (optarg)) 391 if (!is_intnonneg(optarg))
391 usage2 (_("Invalid max_redirs count"), optarg); 392 usage2(_("Invalid max_redirs count"), optarg);
392 else { 393 else {
393 max_depth = atoi (optarg); 394 max_depth = atoi(optarg);
394 } 395 }
395 break; 396 break;
396 case 'f': /* onredirect */ 397 case 'f': /* onredirect */
397 if (!strcmp (optarg, "stickyport")) 398 if (!strcmp(optarg, "stickyport"))
398 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; 399 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST | STICKY_PORT;
399 else if (!strcmp (optarg, "sticky")) 400 else if (!strcmp(optarg, "sticky"))
400 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST; 401 onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST;
401 else if (!strcmp (optarg, "follow")) 402 else if (!strcmp(optarg, "follow"))
402 onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE; 403 onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE;
403 else if (!strcmp (optarg, "unknown")) 404 else if (!strcmp(optarg, "unknown"))
404 onredirect = STATE_UNKNOWN; 405 onredirect = STATE_UNKNOWN;
405 else if (!strcmp (optarg, "ok")) 406 else if (!strcmp(optarg, "ok"))
406 onredirect = STATE_OK; 407 onredirect = STATE_OK;
407 else if (!strcmp (optarg, "warning")) 408 else if (!strcmp(optarg, "warning"))
408 onredirect = STATE_WARNING; 409 onredirect = STATE_WARNING;
409 else if (!strcmp (optarg, "critical")) 410 else if (!strcmp(optarg, "critical"))
410 onredirect = STATE_CRITICAL; 411 onredirect = STATE_CRITICAL;
411 else usage2 (_("Invalid onredirect option"), optarg); 412 else
413 usage2(_("Invalid onredirect option"), optarg);
412 if (verbose) 414 if (verbose)
413 printf(_("option f:%d \n"), onredirect); 415 printf(_("option f:%d \n"), onredirect);
414 break; 416 break;
415 /* Note: H, I, and u must be malloc'd or will fail on redirects */ 417 /* Note: H, I, and u must be malloc'd or will fail on redirects */
416 case 'H': /* Host Name (virtual host) */ 418 case 'H': /* Host Name (virtual host) */
417 host_name = strdup (optarg); 419 host_name = strdup(optarg);
418 if (host_name[0] == '[') { 420 if (host_name[0] == '[') {
419 if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */ 421 if ((p = strstr(host_name, "]:")) != NULL) { /* [IPv6]:port */
420 virtual_port = atoi (p + 2); 422 virtual_port = atoi(p + 2);
421 /* cut off the port */ 423 /* cut off the port */
422 host_name_length = strlen (host_name) - strlen (p) - 1; 424 host_name_length = strlen(host_name) - strlen(p) - 1;
423 free (host_name); 425 free(host_name);
424 host_name = strndup (optarg, host_name_length); 426 host_name = strndup(optarg, host_name_length);
425 if (specify_port == false)
426 server_port = virtual_port;
427 }
428 } else if ((p = strchr (host_name, ':')) != NULL
429 && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */
430 virtual_port = atoi (p);
431 /* cut off the port */
432 host_name_length = strlen (host_name) - strlen (p) - 1;
433 free (host_name);
434 host_name = strndup (optarg, host_name_length);
435 if (specify_port == false) 427 if (specify_port == false)
436 server_port = virtual_port; 428 server_port = virtual_port;
437 } 429 }
430 } else if ((p = strchr(host_name, ':')) != NULL &&
431 strchr(++p, ':') == NULL) { /* IPv4:port or host:port */
432 virtual_port = atoi(p);
433 /* cut off the port */
434 host_name_length = strlen(host_name) - strlen(p) - 1;
435 free(host_name);
436 host_name = strndup(optarg, host_name_length);
437 if (specify_port == false)
438 server_port = virtual_port;
439 }
438 break; 440 break;
439 case 'I': /* Server IP-address */ 441 case 'I': /* Server IP-address */
440 server_address = strdup (optarg); 442 server_address = strdup(optarg);
441 break; 443 break;
442 case 'u': /* URL path */ 444 case 'u': /* URL path */
443 server_url = strdup (optarg); 445 server_url = strdup(optarg);
444 server_url_length = strlen (server_url); 446 server_url_length = strlen(server_url);
445 break; 447 break;
446 case 'p': /* Server port */ 448 case 'p': /* Server port */
447 if (!is_intnonneg (optarg)) 449 if (!is_intnonneg(optarg))
448 usage2 (_("Invalid port number"), optarg); 450 usage2(_("Invalid port number"), optarg);
449 else { 451 else {
450 server_port = atoi (optarg); 452 server_port = atoi(optarg);
451 specify_port = true; 453 specify_port = true;
452 } 454 }
453 break; 455 break;
454 case 'a': /* authorization info */ 456 case 'a': /* authorization info */
455 strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1); 457 strncpy(user_auth, optarg, MAX_INPUT_BUFFER - 1);
456 user_auth[MAX_INPUT_BUFFER - 1] = 0; 458 user_auth[MAX_INPUT_BUFFER - 1] = 0;
457 break; 459 break;
458 case 'b': /* proxy-authorization info */ 460 case 'b': /* proxy-authorization info */
459 strncpy (proxy_auth, optarg, MAX_INPUT_BUFFER - 1); 461 strncpy(proxy_auth, optarg, MAX_INPUT_BUFFER - 1);
460 proxy_auth[MAX_INPUT_BUFFER - 1] = 0; 462 proxy_auth[MAX_INPUT_BUFFER - 1] = 0;
461 break; 463 break;
462 case 'P': /* HTTP POST data in URL encoded format; ignored if settings already */ 464 case 'P': /* HTTP POST data in URL encoded format; ignored if settings
463 if (! http_post_data) 465 already */
464 http_post_data = strdup (optarg); 466 if (!http_post_data)
465 if (! http_method) 467 http_post_data = strdup(optarg);
468 if (!http_method)
466 http_method = strdup("POST"); 469 http_method = strdup("POST");
467 break; 470 break;
468 case 'j': /* Set HTTP method */ 471 case 'j': /* Set HTTP method */
469 if (http_method) 472 if (http_method)
470 free(http_method); 473 free(http_method);
471 http_method = strdup (optarg); 474 http_method = strdup(optarg);
472 char *tmp; 475 char *tmp;
473 if ((tmp = strstr(http_method, ":")) > 0) { 476 if ((tmp = strstr(http_method, ":")) > 0) {
474 tmp[0] = '\0'; 477 tmp[0] = '\0';
@@ -477,20 +480,20 @@ bool process_arguments (int argc, char **argv)
477 } 480 }
478 break; 481 break;
479 case 'd': /* string or substring */ 482 case 'd': /* string or substring */
480 strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); 483 strncpy(header_expect, optarg, MAX_INPUT_BUFFER - 1);
481 header_expect[MAX_INPUT_BUFFER - 1] = 0; 484 header_expect[MAX_INPUT_BUFFER - 1] = 0;
482 break; 485 break;
483 case 's': /* string or substring */ 486 case 's': /* string or substring */
484 strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); 487 strncpy(string_expect, optarg, MAX_INPUT_BUFFER - 1);
485 string_expect[MAX_INPUT_BUFFER - 1] = 0; 488 string_expect[MAX_INPUT_BUFFER - 1] = 0;
486 break; 489 break;
487 case 'e': /* string or substring */ 490 case 'e': /* string or substring */
488 strncpy (server_expect, optarg, MAX_INPUT_BUFFER - 1); 491 strncpy(server_expect, optarg, MAX_INPUT_BUFFER - 1);
489 server_expect[MAX_INPUT_BUFFER - 1] = 0; 492 server_expect[MAX_INPUT_BUFFER - 1] = 0;
490 server_expect_yn = 1; 493 server_expect_yn = 1;
491 break; 494 break;
492 case 'T': /* Content-type */ 495 case 'T': /* Content-type */
493 xasprintf (&http_content_type, "%s", optarg); 496 xasprintf(&http_content_type, "%s", optarg);
494 break; 497 break;
495 case 'l': /* linespan */ 498 case 'l': /* linespan */
496 cflags &= ~REG_NEWLINE; 499 cflags &= ~REG_NEWLINE;
@@ -498,12 +501,12 @@ bool process_arguments (int argc, char **argv)
498 case 'R': /* regex */ 501 case 'R': /* regex */
499 cflags |= REG_ICASE; 502 cflags |= REG_ICASE;
500 case 'r': /* regex */ 503 case 'r': /* regex */
501 strncpy (regexp, optarg, MAX_RE_SIZE - 1); 504 strncpy(regexp, optarg, MAX_RE_SIZE - 1);
502 regexp[MAX_RE_SIZE - 1] = 0; 505 regexp[MAX_RE_SIZE - 1] = 0;
503 errcode = regcomp (&preg, regexp, cflags); 506 errcode = regcomp(&preg, regexp, cflags);
504 if (errcode != 0) { 507 if (errcode != 0) {
505 (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); 508 (void)regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
506 printf (_("Could Not Compile Regular Expression: %s"), errbuf); 509 printf(_("Could Not Compile Regular Expression: %s"), errbuf);
507 return false; 510 return false;
508 } 511 }
509 break; 512 break;
@@ -517,55 +520,53 @@ bool process_arguments (int argc, char **argv)
517#ifdef USE_IPV6 520#ifdef USE_IPV6
518 address_family = AF_INET6; 521 address_family = AF_INET6;
519#else 522#else
520 usage4 (_("IPv6 support not available")); 523 usage4(_("IPv6 support not available"));
521#endif 524#endif
522 break; 525 break;
523 case 'v': /* verbose */ 526 case 'v': /* verbose */
524 verbose = true; 527 verbose = true;
525 break; 528 break;
526 case 'm': /* min_page_length */ 529 case 'm': /* min_page_length */
527 { 530 {
528 char *tmp; 531 char *tmp;
529 if (strchr(optarg, ':') != (char *)NULL) { 532 if (strchr(optarg, ':') != (char *)NULL) {
530 /* range, so get two values, min:max */ 533 /* range, so get two values, min:max */
531 tmp = strtok(optarg, ":"); 534 tmp = strtok(optarg, ":");
532 if (tmp == NULL) { 535 if (tmp == NULL) {
533 printf("Bad format: try \"-m min:max\"\n"); 536 printf("Bad format: try \"-m min:max\"\n");
534 exit (STATE_WARNING); 537 exit(STATE_WARNING);
535 } else 538 } else
536 min_page_len = atoi(tmp); 539 min_page_len = atoi(tmp);
537 540
538 tmp = strtok(NULL, ":"); 541 tmp = strtok(NULL, ":");
539 if (tmp == NULL) { 542 if (tmp == NULL) {
540 printf("Bad format: try \"-m min:max\"\n"); 543 printf("Bad format: try \"-m min:max\"\n");
541 exit (STATE_WARNING); 544 exit(STATE_WARNING);
542 } else 545 } else
543 max_page_len = atoi(tmp); 546 max_page_len = atoi(tmp);
544 } else 547 } else
545 min_page_len = atoi (optarg); 548 min_page_len = atoi(optarg);
546 break; 549 break;
547 } 550 }
548 case 'N': /* no-body */ 551 case 'N': /* no-body */
549 no_body = true; 552 no_body = true;
550 break; 553 break;
551 case 'M': /* max-age */ 554 case 'M': /* max-age */
552 { 555 {
553 int L = strlen(optarg); 556 int L = strlen(optarg);
554 if (L && optarg[L-1] == 'm') 557 if (L && optarg[L - 1] == 'm')
555 maximum_age = atoi (optarg) * 60; 558 maximum_age = atoi(optarg) * 60;
556 else if (L && optarg[L-1] == 'h') 559 else if (L && optarg[L - 1] == 'h')
557 maximum_age = atoi (optarg) * 60 * 60; 560 maximum_age = atoi(optarg) * 60 * 60;
558 else if (L && optarg[L-1] == 'd') 561 else if (L && optarg[L - 1] == 'd')
559 maximum_age = atoi (optarg) * 60 * 60 * 24; 562 maximum_age = atoi(optarg) * 60 * 60 * 24;
560 else if (L && (optarg[L-1] == 's' || 563 else if (L && (optarg[L - 1] == 's' || isdigit(optarg[L - 1])))
561 isdigit (optarg[L-1]))) 564 maximum_age = atoi(optarg);
562 maximum_age = atoi (optarg); 565 else {
563 else { 566 fprintf(stderr, "unparsable max-age: %s\n", optarg);
564 fprintf (stderr, "unparsable max-age: %s\n", optarg); 567 exit(STATE_WARNING);
565 exit (STATE_WARNING); 568 }
566 } 569 } break;
567 }
568 break;
569 case 'E': /* show extended perfdata */ 570 case 'E': /* show extended perfdata */
570 show_extended_perfdata = true; 571 show_extended_perfdata = true;
571 break; 572 break;
@@ -578,31 +579,32 @@ bool process_arguments (int argc, char **argv)
578 c = optind; 579 c = optind;
579 580
580 if (server_address == NULL && c < argc) 581 if (server_address == NULL && c < argc)
581 server_address = strdup (argv[c++]); 582 server_address = strdup(argv[c++]);
582 583
583 if (host_name == NULL && c < argc) 584 if (host_name == NULL && c < argc)
584 host_name = strdup (argv[c++]); 585 host_name = strdup(argv[c++]);
585 586
586 if (server_address == NULL) { 587 if (server_address == NULL) {
587 if (host_name == NULL) 588 if (host_name == NULL)
588 usage4 (_("You must specify a server address or host name")); 589 usage4(_("You must specify a server address or host name"));
589 else 590 else
590 server_address = strdup (host_name); 591 server_address = strdup(host_name);
591 } 592 }
592 593
593 set_thresholds(&thlds, warning_thresholds, critical_thresholds); 594 set_thresholds(&thlds, warning_thresholds, critical_thresholds);
594 595
595 if (critical_thresholds && thlds->critical->end>(double)socket_timeout) 596 if (critical_thresholds && thlds->critical->end > (double)socket_timeout)
596 socket_timeout = (int)thlds->critical->end + 1; 597 socket_timeout = (int)thlds->critical->end + 1;
597 598
598 if (http_method == NULL) 599 if (http_method == NULL)
599 http_method = strdup ("GET"); 600 http_method = strdup("GET");
600 601
601 if (http_method_proxy == NULL) 602 if (http_method_proxy == NULL)
602 http_method_proxy = strdup ("GET"); 603 http_method_proxy = strdup("GET");
603 604
604 if (client_cert && !client_privkey) 605 if (client_cert && !client_privkey)
605 usage4 (_("If you use a client certificate you must also specify a private key file")); 606 usage4(_("If you use a client certificate you must also specify a private "
607 "key file"));
606 608
607 if (virtual_port == 0) 609 if (virtual_port == 0)
608 virtual_port = server_port; 610 virtual_port = server_port;
@@ -610,89 +612,68 @@ bool process_arguments (int argc, char **argv)
610 return true; 612 return true;
611} 613}
612 614
613
614
615/* Returns 1 if we're done processing the document body; 0 to keep going */ 615/* Returns 1 if we're done processing the document body; 0 to keep going */
616static int 616static int document_headers_done(char *full_page) {
617document_headers_done (char *full_page)
618{
619 const char *body; 617 const char *body;
620 618
621 for (body = full_page; *body; body++) { 619 for (body = full_page; *body; body++) {
622 if (!strncmp (body, "\n\n", 2) || !strncmp (body, "\n\r\n", 3)) 620 if (!strncmp(body, "\n\n", 2) || !strncmp(body, "\n\r\n", 3))
623 break; 621 break;
624 } 622 }
625 623
626 if (!*body) 624 if (!*body)
627 return 0; /* haven't read end of headers yet */ 625 return 0; /* haven't read end of headers yet */
628 626
629 full_page[body - full_page] = 0; 627 full_page[body - full_page] = 0;
630 return 1; 628 return 1;
631} 629}
632 630
633static time_t 631static time_t parse_time_string(const char *string) {
634parse_time_string (const char *string)
635{
636 struct tm tm; 632 struct tm tm;
637 time_t t; 633 time_t t;
638 memset (&tm, 0, sizeof(tm)); 634 memset(&tm, 0, sizeof(tm));
639 635
640 /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */ 636 /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */
641 637
642 if (isupper (string[0]) && /* Tue */ 638 if (isupper(string[0]) && /* Tue */
643 islower (string[1]) && 639 islower(string[1]) && islower(string[2]) && ',' == string[3] &&
644 islower (string[2]) && 640 ' ' == string[4] && (isdigit(string[5]) || string[5] == ' ') && /* 25 */
645 ',' == string[3] && 641 isdigit(string[6]) && ' ' == string[7] && isupper(string[8]) && /* Dec */
646 ' ' == string[4] && 642 islower(string[9]) && islower(string[10]) && ' ' == string[11] &&
647 (isdigit(string[5]) || string[5] == ' ') && /* 25 */ 643 isdigit(string[12]) && /* 2001 */
648 isdigit (string[6]) && 644 isdigit(string[13]) && isdigit(string[14]) && isdigit(string[15]) &&
649 ' ' == string[7] && 645 ' ' == string[16] && isdigit(string[17]) && /* 02: */
650 isupper (string[8]) && /* Dec */ 646 isdigit(string[18]) && ':' == string[19] &&
651 islower (string[9]) && 647 isdigit(string[20]) && /* 59: */
652 islower (string[10]) && 648 isdigit(string[21]) && ':' == string[22] &&
653 ' ' == string[11] && 649 isdigit(string[23]) && /* 03 */
654 isdigit (string[12]) && /* 2001 */ 650 isdigit(string[24]) && ' ' == string[25] && 'G' == string[26] && /* GMT */
655 isdigit (string[13]) && 651 'M' == string[27] && /* GMT */
656 isdigit (string[14]) && 652 'T' == string[28]) {
657 isdigit (string[15]) && 653
658 ' ' == string[16] && 654 tm.tm_sec = 10 * (string[23] - '0') + (string[24] - '0');
659 isdigit (string[17]) && /* 02: */ 655 tm.tm_min = 10 * (string[20] - '0') + (string[21] - '0');
660 isdigit (string[18]) && 656 tm.tm_hour = 10 * (string[17] - '0') + (string[18] - '0');
661 ':' == string[19] && 657 tm.tm_mday =
662 isdigit (string[20]) && /* 59: */ 658 10 * (string[5] == ' ' ? 0 : string[5] - '0') + (string[6] - '0');
663 isdigit (string[21]) && 659 tm.tm_mon = (!strncmp(string + 8, "Jan", 3) ? 0
664 ':' == string[22] && 660 : !strncmp(string + 8, "Feb", 3) ? 1
665 isdigit (string[23]) && /* 03 */ 661 : !strncmp(string + 8, "Mar", 3) ? 2
666 isdigit (string[24]) && 662 : !strncmp(string + 8, "Apr", 3) ? 3
667 ' ' == string[25] && 663 : !strncmp(string + 8, "May", 3) ? 4
668 'G' == string[26] && /* GMT */ 664 : !strncmp(string + 8, "Jun", 3) ? 5
669 'M' == string[27] && /* GMT */ 665 : !strncmp(string + 8, "Jul", 3) ? 6
670 'T' == string[28]) { 666 : !strncmp(string + 8, "Aug", 3) ? 7
671 667 : !strncmp(string + 8, "Sep", 3) ? 8
672 tm.tm_sec = 10 * (string[23]-'0') + (string[24]-'0'); 668 : !strncmp(string + 8, "Oct", 3) ? 9
673 tm.tm_min = 10 * (string[20]-'0') + (string[21]-'0'); 669 : !strncmp(string + 8, "Nov", 3) ? 10
674 tm.tm_hour = 10 * (string[17]-'0') + (string[18]-'0'); 670 : !strncmp(string + 8, "Dec", 3) ? 11
675 tm.tm_mday = 10 * (string[5] == ' ' ? 0 : string[5]-'0') + (string[6]-'0'); 671 : -1);
676 tm.tm_mon = (!strncmp (string+8, "Jan", 3) ? 0 : 672 tm.tm_year = ((1000 * (string[12] - '0') + 100 * (string[13] - '0') +
677 !strncmp (string+8, "Feb", 3) ? 1 : 673 10 * (string[14] - '0') + (string[15] - '0')) -
678 !strncmp (string+8, "Mar", 3) ? 2 : 674 1900);
679 !strncmp (string+8, "Apr", 3) ? 3 : 675
680 !strncmp (string+8, "May", 3) ? 4 : 676 tm.tm_isdst = 0; /* GMT is never in DST, right? */
681 !strncmp (string+8, "Jun", 3) ? 5 :
682 !strncmp (string+8, "Jul", 3) ? 6 :
683 !strncmp (string+8, "Aug", 3) ? 7 :
684 !strncmp (string+8, "Sep", 3) ? 8 :
685 !strncmp (string+8, "Oct", 3) ? 9 :
686 !strncmp (string+8, "Nov", 3) ? 10 :
687 !strncmp (string+8, "Dec", 3) ? 11 :
688 -1);
689 tm.tm_year = ((1000 * (string[12]-'0') +
690 100 * (string[13]-'0') +
691 10 * (string[14]-'0') +
692 (string[15]-'0'))
693 - 1900);
694
695 tm.tm_isdst = 0; /* GMT is never in DST, right? */
696 677
697 if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31) 678 if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31)
698 return 0; 679 return 0;
@@ -704,14 +685,15 @@ parse_time_string (const char *string)
704 so it doesn't matter what time zone we parse them in. 685 so it doesn't matter what time zone we parse them in.
705 */ 686 */
706 687
707 t = mktime (&tm); 688 t = mktime(&tm);
708 if (t == (time_t) -1) t = 0; 689 if (t == (time_t)-1)
690 t = 0;
709 691
710 if (verbose) { 692 if (verbose) {
711 const char *s = string; 693 const char *s = string;
712 while (*s && *s != '\r' && *s != '\n') 694 while (*s && *s != '\r' && *s != '\n')
713 fputc (*s++, stdout); 695 fputc(*s++, stdout);
714 printf (" ==> %lu\n", (unsigned long) t); 696 printf(" ==> %lu\n", (unsigned long)t);
715 } 697 }
716 698
717 return t; 699 return t;
@@ -722,28 +704,24 @@ parse_time_string (const char *string)
722} 704}
723 705
724/* Checks if the server 'reply' is one of the expected 'statuscodes' */ 706/* Checks if the server 'reply' is one of the expected 'statuscodes' */
725static int 707static int expected_statuscode(const char *reply, const char *statuscodes) {
726expected_statuscode (const char *reply, const char *statuscodes)
727{
728 char *expected, *code; 708 char *expected, *code;
729 int result = 0; 709 int result = 0;
730 710
731 if ((expected = strdup (statuscodes)) == NULL) 711 if ((expected = strdup(statuscodes)) == NULL)
732 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); 712 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
733 713
734 for (code = strtok (expected, ","); code != NULL; code = strtok (NULL, ",")) 714 for (code = strtok(expected, ","); code != NULL; code = strtok(NULL, ","))
735 if (strstr (reply, code) != NULL) { 715 if (strstr(reply, code) != NULL) {
736 result = 1; 716 result = 1;
737 break; 717 break;
738 } 718 }
739 719
740 free (expected); 720 free(expected);
741 return result; 721 return result;
742} 722}
743 723
744static int 724static int check_document_dates(const char *headers, char **msg) {
745check_document_dates (const char *headers, char **msg)
746{
747 const char *s; 725 const char *s;
748 char *server_date = 0; 726 char *server_date = 0;
749 char *document_date = 0; 727 char *document_date = 0;
@@ -771,73 +749,78 @@ check_document_dates (const char *headers, char **msg)
771 s++; 749 s++;
772 750
773 /* Process this header. */ 751 /* Process this header. */
774 if (value && value > field+2) { 752 if (value && value > field + 2) {
775 char *ff = (char *) malloc (value-field); 753 char *ff = (char *)malloc(value - field);
776 char *ss = ff; 754 char *ss = ff;
777 while (field < value-1) 755 while (field < value - 1)
778 *ss++ = tolower(*field++); 756 *ss++ = tolower(*field++);
779 *ss++ = 0; 757 *ss++ = 0;
780 758
781 if (!strcmp (ff, "date") || !strcmp (ff, "last-modified")) { 759 if (!strcmp(ff, "date") || !strcmp(ff, "last-modified")) {
782 const char *e; 760 const char *e;
783 while (*value && isspace (*value)) 761 while (*value && isspace(*value))
784 value++; 762 value++;
785 for (e = value; *e && *e != '\r' && *e != '\n'; e++) 763 for (e = value; *e && *e != '\r' && *e != '\n'; e++)
786 ; 764 ;
787 ss = (char *) malloc (e - value + 1); 765 ss = (char *)malloc(e - value + 1);
788 strncpy (ss, value, e - value); 766 strncpy(ss, value, e - value);
789 ss[e - value] = 0; 767 ss[e - value] = 0;
790 if (!strcmp (ff, "date")) { 768 if (!strcmp(ff, "date")) {
791 if (server_date) free (server_date); 769 if (server_date)
770 free(server_date);
792 server_date = ss; 771 server_date = ss;
793 } else { 772 } else {
794 if (document_date) free (document_date); 773 if (document_date)
774 free(document_date);
795 document_date = ss; 775 document_date = ss;
796 } 776 }
797 } 777 }
798 free (ff); 778 free(ff);
799 } 779 }
800 } 780 }
801 781
802 /* Done parsing the body. Now check the dates we (hopefully) parsed. */ 782 /* Done parsing the body. Now check the dates we (hopefully) parsed. */
803 if (!server_date || !*server_date) { 783 if (!server_date || !*server_date) {
804 xasprintf (msg, _("%sServer date unknown, "), *msg); 784 xasprintf(msg, _("%sServer date unknown, "), *msg);
805 date_result = max_state_alt(STATE_UNKNOWN, date_result); 785 date_result = max_state_alt(STATE_UNKNOWN, date_result);
806 } else if (!document_date || !*document_date) { 786 } else if (!document_date || !*document_date) {
807 xasprintf (msg, _("%sDocument modification date unknown, "), *msg); 787 xasprintf(msg, _("%sDocument modification date unknown, "), *msg);
808 date_result = max_state_alt(STATE_CRITICAL, date_result); 788 date_result = max_state_alt(STATE_CRITICAL, date_result);
809 } else { 789 } else {
810 time_t srv_data = parse_time_string (server_date); 790 time_t srv_data = parse_time_string(server_date);
811 time_t doc_data = parse_time_string (document_date); 791 time_t doc_data = parse_time_string(document_date);
812 792
813 if (srv_data <= 0) { 793 if (srv_data <= 0) {
814 xasprintf (msg, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); 794 xasprintf(msg, _("%sServer date \"%100s\" unparsable, "), *msg,
795 server_date);
815 date_result = max_state_alt(STATE_CRITICAL, date_result); 796 date_result = max_state_alt(STATE_CRITICAL, date_result);
816 } else if (doc_data <= 0) { 797 } else if (doc_data <= 0) {
817 xasprintf (msg, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); 798 xasprintf(msg, _("%sDocument date \"%100s\" unparsable, "), *msg,
799 document_date);
818 date_result = max_state_alt(STATE_CRITICAL, date_result); 800 date_result = max_state_alt(STATE_CRITICAL, date_result);
819 } else if (doc_data > srv_data + 30) { 801 } else if (doc_data > srv_data + 30) {
820 xasprintf (msg, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); 802 xasprintf(msg, _("%sDocument is %d seconds in the future, "), *msg,
803 (int)doc_data - (int)srv_data);
821 date_result = max_state_alt(STATE_CRITICAL, date_result); 804 date_result = max_state_alt(STATE_CRITICAL, date_result);
822 } else if (doc_data < srv_data - maximum_age) { 805 } else if (doc_data < srv_data - maximum_age) {
823 int n = (srv_data - doc_data); 806 int n = (srv_data - doc_data);
824 if (n > (60 * 60 * 24 * 2)) { 807 if (n > (60 * 60 * 24 * 2)) {
825 xasprintf (msg, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); 808 xasprintf(msg, _("%sLast modified %.1f days ago, "), *msg,
809 ((float)n) / (60 * 60 * 24));
826 date_result = max_state_alt(STATE_CRITICAL, date_result); 810 date_result = max_state_alt(STATE_CRITICAL, date_result);
827 } else { 811 } else {
828 xasprintf (msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); 812 xasprintf(msg, _("%sLast modified %d:%02d:%02d ago, "), *msg,
813 n / (60 * 60), (n / 60) % 60, n % 60);
829 date_result = max_state_alt(STATE_CRITICAL, date_result); 814 date_result = max_state_alt(STATE_CRITICAL, date_result);
830 } 815 }
831 } 816 }
832 free (server_date); 817 free(server_date);
833 free (document_date); 818 free(document_date);
834 } 819 }
835 return date_result; 820 return date_result;
836} 821}
837 822
838int 823int get_content_length(const char *headers) {
839get_content_length (const char *headers)
840{
841 const char *s; 824 const char *s;
842 int content_length = 0; 825 int content_length = 0;
843 826
@@ -863,50 +846,46 @@ get_content_length (const char *headers)
863 s++; 846 s++;
864 847
865 /* Process this header. */ 848 /* Process this header. */
866 if (value && value > field+2) { 849 if (value && value > field + 2) {
867 char *ff = (char *) malloc (value-field); 850 char *ff = (char *)malloc(value - field);
868 char *ss = ff; 851 char *ss = ff;
869 while (field < value-1) 852 while (field < value - 1)
870 *ss++ = tolower(*field++); 853 *ss++ = tolower(*field++);
871 *ss++ = 0; 854 *ss++ = 0;
872 855
873 if (!strcmp (ff, "content-length")) { 856 if (!strcmp(ff, "content-length")) {
874 const char *e; 857 const char *e;
875 while (*value && isspace (*value)) 858 while (*value && isspace(*value))
876 value++; 859 value++;
877 for (e = value; *e && *e != '\r' && *e != '\n'; e++) 860 for (e = value; *e && *e != '\r' && *e != '\n'; e++)
878 ; 861 ;
879 ss = (char *) malloc (e - value + 1); 862 ss = (char *)malloc(e - value + 1);
880 strncpy (ss, value, e - value); 863 strncpy(ss, value, e - value);
881 ss[e - value] = 0; 864 ss[e - value] = 0;
882 content_length = atoi(ss); 865 content_length = atoi(ss);
883 free (ss); 866 free(ss);
884 } 867 }
885 free (ff); 868 free(ff);
886 } 869 }
887 } 870 }
888 return (content_length); 871 return (content_length);
889} 872}
890 873
891char * 874char *prepend_slash(char *path) {
892prepend_slash (char *path)
893{
894 char *newpath; 875 char *newpath;
895 876
896 if (path[0] == '/') 877 if (path[0] == '/')
897 return path; 878 return path;
898 879
899 if ((newpath = malloc (strlen(path) + 2)) == NULL) 880 if ((newpath = malloc(strlen(path) + 2)) == NULL)
900 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); 881 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
901 newpath[0] = '/'; 882 newpath[0] = '/';
902 strcpy (newpath + 1, path); 883 strcpy(newpath + 1, path);
903 free (path); 884 free(path);
904 return newpath; 885 return newpath;
905} 886}
906 887
907int 888int check_http(void) {
908check_http (void)
909{
910 char *msg; 889 char *msg;
911 char *status_line; 890 char *status_line;
912 char *status_code; 891 char *status_code;
@@ -937,62 +916,73 @@ check_http (void)
937 char *force_host_header = NULL; 916 char *force_host_header = NULL;
938 917
939 /* try to connect to the host at the given port number */ 918 /* try to connect to the host at the given port number */
940 gettimeofday (&tv_temp, NULL); 919 gettimeofday(&tv_temp, NULL);
941 if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) 920 if (my_tcp_connect(server_address, server_port, &sd) != STATE_OK)
942 die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); 921 die(STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
943 microsec_connect = deltime (tv_temp); 922 microsec_connect = deltime(tv_temp);
944 923
945 /* if we are called with the -I option, the -j method is CONNECT and */ 924 /* if we are called with the -I option, the -j method is CONNECT and */
946 /* we received -S for SSL, then we tunnel the request through a proxy*/ 925 /* we received -S for SSL, then we tunnel the request through a proxy*/
947 /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ 926 /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
948 927
949 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 928 if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
950 && host_name != NULL && use_ssl == true) { 929 host_name != NULL && use_ssl == true) {
951 930
952 if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); 931 if (verbose)
953 asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); 932 printf("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n",
933 server_address, server_port, host_name, HTTPS_PORT);
934 asprintf(&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name,
935 HTTPS_PORT, user_agent);
954 if (strlen(proxy_auth)) { 936 if (strlen(proxy_auth)) {
955 base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); 937 base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth);
956 xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); 938 xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
957 } 939 }
958 /* optionally send any other header tag */ 940 /* optionally send any other header tag */
959 if (http_opt_headers_count) { 941 if (http_opt_headers_count) {
960 for (i = 0; i < http_opt_headers_count ; i++) { 942 for (i = 0; i < http_opt_headers_count; i++) {
961 if (force_host_header != http_opt_headers[i]) { 943 if (force_host_header != http_opt_headers[i]) {
962 xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); 944 xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]);
963 } 945 }
964 } 946 }
965 /* This cannot be free'd here because a redirection will then try to access this and segfault */ 947 /* This cannot be free'd here because a redirection will then try to
948 * access this and segfault */
966 /* Covered in a testcase in tests/check_http.t */ 949 /* Covered in a testcase in tests/check_http.t */
967 /* free(http_opt_headers); */ 950 /* free(http_opt_headers); */
968 } 951 }
969 asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); 952 asprintf(&buf, "%sProxy-Connection: keep-alive\r\n", buf);
970 asprintf (&buf, "%sHost: %s\r\n", buf, host_name); 953 asprintf(&buf, "%sHost: %s\r\n", buf, host_name);
971 /* we finished our request, send empty line with CRLF */ 954 /* we finished our request, send empty line with CRLF */
972 asprintf (&buf, "%s%s", buf, CRLF); 955 asprintf(&buf, "%s%s", buf, CRLF);
973 if (verbose) printf ("%s\n", buf); 956 if (verbose)
974 send(sd, buf, strlen (buf), 0); 957 printf("%s\n", buf);
975 buf[0]='\0'; 958 send(sd, buf, strlen(buf), 0);
976 959 buf[0] = '\0';
977 if (verbose) printf ("Receive response from proxy\n"); 960
978 read (sd, buffer, MAX_INPUT_BUFFER-1); 961 if (verbose)
979 if (verbose) printf ("%s", buffer); 962 printf("Receive response from proxy\n");
963 read(sd, buffer, MAX_INPUT_BUFFER - 1);
964 if (verbose)
965 printf("%s", buffer);
980 /* Here we should check if we got HTTP/1.1 200 Connection established */ 966 /* Here we should check if we got HTTP/1.1 200 Connection established */
981 } 967 }
982#ifdef HAVE_SSL 968#ifdef HAVE_SSL
983 elapsed_time_connect = (double)microsec_connect / 1.0e6; 969 elapsed_time_connect = (double)microsec_connect / 1.0e6;
984 if (use_ssl == true) { 970 if (use_ssl == true) {
985 gettimeofday (&tv_temp, NULL); 971 gettimeofday(&tv_temp, NULL);
986 result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); 972 result = np_net_ssl_init_with_hostname_version_and_cert(
987 if (verbose) printf ("SSL initialized\n"); 973 sd, (use_sni ? host_name : NULL), ssl_version, client_cert,
974 client_privkey);
975 if (verbose)
976 printf("SSL initialized\n");
988 if (result != STATE_OK) 977 if (result != STATE_OK)
989 die (STATE_CRITICAL, NULL); 978 die(STATE_CRITICAL, NULL);
990 microsec_ssl = deltime (tv_temp); 979 microsec_ssl = deltime(tv_temp);
991 elapsed_time_ssl = (double)microsec_ssl / 1.0e6; 980 elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
992 if (check_cert == true) { 981 if (check_cert == true) {
993 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 982 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
994 if (continue_after_check_cert == false) { 983 if (continue_after_check_cert == false) {
995 if (sd) close(sd); 984 if (sd)
985 close(sd);
996 np_net_ssl_cleanup(); 986 np_net_ssl_cleanup();
997 return result; 987 return result;
998 } 988 }
@@ -1000,18 +990,20 @@ check_http (void)
1000 } 990 }
1001#endif /* HAVE_SSL */ 991#endif /* HAVE_SSL */
1002 992
1003 if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 993 if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
1004 && host_name != NULL && use_ssl == true) 994 host_name != NULL && use_ssl == true)
1005 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 995 asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url,
996 host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
1006 else 997 else
1007 asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); 998 asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method, server_url,
999 host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
1008 1000
1009 /* tell HTTP/1.1 servers not to keep the connection alive */ 1001 /* tell HTTP/1.1 servers not to keep the connection alive */
1010 xasprintf (&buf, "%sConnection: close\r\n", buf); 1002 xasprintf(&buf, "%sConnection: close\r\n", buf);
1011 1003
1012 /* check if Host header is explicitly set in options */ 1004 /* check if Host header is explicitly set in options */
1013 if (http_opt_headers_count) { 1005 if (http_opt_headers_count) {
1014 for (i = 0; i < http_opt_headers_count ; i++) { 1006 for (i = 0; i < http_opt_headers_count; i++) {
1015 if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { 1007 if (strncmp(http_opt_headers[i], "Host:", 5) == 0) {
1016 force_host_header = http_opt_headers[i]; 1008 force_host_header = http_opt_headers[i];
1017 } 1009 }
@@ -1021,9 +1013,8 @@ check_http (void)
1021 /* optionally send the host header info */ 1013 /* optionally send the host header info */
1022 if (host_name) { 1014 if (host_name) {
1023 if (force_host_header) { 1015 if (force_host_header) {
1024 xasprintf (&buf, "%s%s\r\n", buf, force_host_header); 1016 xasprintf(&buf, "%s%s\r\n", buf, force_host_header);
1025 } 1017 } else {
1026 else {
1027 /* 1018 /*
1028 * Specify the port only if we're using a non-default port (see RFC 2616, 1019 * Specify the port only if we're using a non-default port (see RFC 2616,
1029 * 14.23). Some server applications/configurations cause trouble if the 1020 * 14.23). Some server applications/configurations cause trouble if the
@@ -1031,65 +1022,69 @@ check_http (void)
1031 */ 1022 */
1032 if ((use_ssl == false && virtual_port == HTTP_PORT) || 1023 if ((use_ssl == false && virtual_port == HTTP_PORT) ||
1033 (use_ssl == true && virtual_port == HTTPS_PORT) || 1024 (use_ssl == true && virtual_port == HTTPS_PORT) ||
1034 (server_address != NULL && strcmp(http_method, "CONNECT") == 0 1025 (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
1035 && host_name != NULL && use_ssl == true)) 1026 host_name != NULL && use_ssl == true))
1036 xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); 1027 xasprintf(&buf, "%sHost: %s\r\n", buf, host_name);
1037 else 1028 else
1038 xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); 1029 xasprintf(&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
1039 } 1030 }
1040 } 1031 }
1041 1032
1042 /* optionally send any other header tag */ 1033 /* optionally send any other header tag */
1043 if (http_opt_headers_count) { 1034 if (http_opt_headers_count) {
1044 for (i = 0; i < http_opt_headers_count ; i++) { 1035 for (i = 0; i < http_opt_headers_count; i++) {
1045 if (force_host_header != http_opt_headers[i]) { 1036 if (force_host_header != http_opt_headers[i]) {
1046 xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); 1037 xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]);
1047 } 1038 }
1048 } 1039 }
1049 /* This cannot be free'd here because a redirection will then try to access this and segfault */ 1040 /* This cannot be free'd here because a redirection will then try to access
1041 * this and segfault */
1050 /* Covered in a testcase in tests/check_http.t */ 1042 /* Covered in a testcase in tests/check_http.t */
1051 /* free(http_opt_headers); */ 1043 /* free(http_opt_headers); */
1052 } 1044 }
1053 1045
1054 /* optionally send the authentication info */ 1046 /* optionally send the authentication info */
1055 if (strlen(user_auth)) { 1047 if (strlen(user_auth)) {
1056 base64_encode_alloc (user_auth, strlen (user_auth), &auth); 1048 base64_encode_alloc(user_auth, strlen(user_auth), &auth);
1057 xasprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth); 1049 xasprintf(&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
1058 } 1050 }
1059 1051
1060 /* optionally send the proxy authentication info */ 1052 /* optionally send the proxy authentication info */
1061 if (strlen(proxy_auth)) { 1053 if (strlen(proxy_auth)) {
1062 base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); 1054 base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth);
1063 xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); 1055 xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
1064 } 1056 }
1065 1057
1066 /* either send http POST data (any data, not only POST)*/ 1058 /* either send http POST data (any data, not only POST)*/
1067 if (http_post_data) { 1059 if (http_post_data) {
1068 if (http_content_type) { 1060 if (http_content_type) {
1069 xasprintf (&buf, "%sContent-Type: %s\r\n", buf, http_content_type); 1061 xasprintf(&buf, "%sContent-Type: %s\r\n", buf, http_content_type);
1070 } else { 1062 } else {
1071 xasprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf); 1063 xasprintf(&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n",
1064 buf);
1072 } 1065 }
1073 1066
1074 xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data)); 1067 xasprintf(&buf, "%sContent-Length: %i\r\n\r\n", buf,
1075 xasprintf (&buf, "%s%s", buf, http_post_data); 1068 (int)strlen(http_post_data));
1069 xasprintf(&buf, "%s%s", buf, http_post_data);
1076 } else { 1070 } else {
1077 /* or just a newline so the server knows we're done with the request */ 1071 /* or just a newline so the server knows we're done with the request */
1078 xasprintf (&buf, "%s%s", buf, CRLF); 1072 xasprintf(&buf, "%s%s", buf, CRLF);
1079 } 1073 }
1080 1074
1081 if (verbose) printf ("%s\n", buf); 1075 if (verbose)
1082 gettimeofday (&tv_temp, NULL); 1076 printf("%s\n", buf);
1083 my_send (buf, strlen (buf)); 1077 gettimeofday(&tv_temp, NULL);
1084 microsec_headers = deltime (tv_temp); 1078 my_send(buf, strlen(buf));
1079 microsec_headers = deltime(tv_temp);
1085 elapsed_time_headers = (double)microsec_headers / 1.0e6; 1080 elapsed_time_headers = (double)microsec_headers / 1.0e6;
1086 1081
1087 /* fetch the page */ 1082 /* fetch the page */
1088 full_page = strdup(""); 1083 full_page = strdup("");
1089 gettimeofday (&tv_temp, NULL); 1084 gettimeofday(&tv_temp, NULL);
1090 while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) { 1085 while ((i = my_recv(buffer, MAX_INPUT_BUFFER - 1)) > 0) {
1091 if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) { 1086 if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) {
1092 microsec_firstbyte = deltime (tv_temp); 1087 microsec_firstbyte = deltime(tv_temp);
1093 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; 1088 elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
1094 } 1089 }
1095 while (pos = memchr(buffer, '\0', i)) { 1090 while (pos = memchr(buffer, '\0', i)) {
@@ -1107,12 +1102,12 @@ check_http (void)
1107 1102
1108 pagesize += i; 1103 pagesize += i;
1109 1104
1110 if (no_body && document_headers_done (full_page)) { 1105 if (no_body && document_headers_done(full_page)) {
1111 i = 0; 1106 i = 0;
1112 break; 1107 break;
1113 } 1108 }
1114 } 1109 }
1115 microsec_transfer = deltime (tv_temp); 1110 microsec_transfer = deltime(tv_temp);
1116 elapsed_time_transfer = (double)microsec_transfer / 1.0e6; 1111 elapsed_time_transfer = (double)microsec_transfer / 1.0e6;
1117 1112
1118 if (i < 0 && errno != ECONNRESET) { 1113 if (i < 0 && errno != ECONNRESET) {
@@ -1129,176 +1124,187 @@ check_http (void)
1129 else { 1124 else {
1130 */ 1125 */
1131#endif 1126#endif
1132 die (STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n")); 1127 die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
1133#ifdef HAVE_SSL 1128#ifdef HAVE_SSL
1134 /* XXX 1129 /* XXX
1135 } 1130 }
1136 */ 1131 */
1137#endif 1132#endif
1138 } 1133 }
1139 1134
1140 /* return a CRITICAL status if we couldn't read any data */ 1135 /* return a CRITICAL status if we couldn't read any data */
1141 if (pagesize == (size_t) 0) 1136 if (pagesize == (size_t)0)
1142 die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); 1137 die(STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n"));
1143 1138
1144 /* close the connection */ 1139 /* close the connection */
1145 if (sd) close(sd); 1140 if (sd)
1141 close(sd);
1146#ifdef HAVE_SSL 1142#ifdef HAVE_SSL
1147 np_net_ssl_cleanup(); 1143 np_net_ssl_cleanup();
1148#endif 1144#endif
1149 1145
1150 /* Save check time */ 1146 /* Save check time */
1151 microsec = deltime (tv); 1147 microsec = deltime(tv);
1152 elapsed_time = (double)microsec / 1.0e6; 1148 elapsed_time = (double)microsec / 1.0e6;
1153 1149
1154 /* leave full_page untouched so we can free it later */ 1150 /* leave full_page untouched so we can free it later */
1155 page = full_page; 1151 page = full_page;
1156 1152
1157 if (verbose) 1153 if (verbose)
1158 printf ("%s://%s:%d%s is %d characters\n", 1154 printf("%s://%s:%d%s is %d characters\n", use_ssl ? "https" : "http",
1159 use_ssl ? "https" : "http", server_address, 1155 server_address, server_port, server_url, (int)pagesize);
1160 server_port, server_url, (int)pagesize);
1161 1156
1162 /* find status line and null-terminate it */ 1157 /* find status line and null-terminate it */
1163 status_line = page; 1158 status_line = page;
1164 page += (size_t) strcspn (page, "\r\n"); 1159 page += (size_t)strcspn(page, "\r\n");
1165 pos = page; 1160 pos = page;
1166 page += (size_t) strspn (page, "\r\n"); 1161 page += (size_t)strspn(page, "\r\n");
1167 status_line[strcspn(status_line, "\r\n")] = 0; 1162 status_line[strcspn(status_line, "\r\n")] = 0;
1168 strip (status_line); 1163 strip(status_line);
1169 if (verbose) 1164 if (verbose)
1170 printf ("STATUS: %s\n", status_line); 1165 printf("STATUS: %s\n", status_line);
1171 1166
1172 /* find header info and null-terminate it */ 1167 /* find header info and null-terminate it */
1173 header = page; 1168 header = page;
1174 while (strcspn (page, "\r\n") > 0) { 1169 while (strcspn(page, "\r\n") > 0) {
1175 page += (size_t) strcspn (page, "\r\n"); 1170 page += (size_t)strcspn(page, "\r\n");
1176 pos = page; 1171 pos = page;
1177 if ((strspn (page, "\r") == 1 && strspn (page, "\r\n") >= 2) || 1172 if ((strspn(page, "\r") == 1 && strspn(page, "\r\n") >= 2) ||
1178 (strspn (page, "\n") == 1 && strspn (page, "\r\n") >= 2)) 1173 (strspn(page, "\n") == 1 && strspn(page, "\r\n") >= 2))
1179 page += (size_t) 2; 1174 page += (size_t)2;
1180 else 1175 else
1181 page += (size_t) 1; 1176 page += (size_t)1;
1182 } 1177 }
1183 page += (size_t) strspn (page, "\r\n"); 1178 page += (size_t)strspn(page, "\r\n");
1184 header[pos - header] = 0; 1179 header[pos - header] = 0;
1185 if (verbose) 1180 if (verbose)
1186 printf ("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header, 1181 printf("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header,
1187 (no_body ? " [[ skipped ]]" : page)); 1182 (no_body ? " [[ skipped ]]" : page));
1188 1183
1189 /* make sure the status line matches the response we are looking for */ 1184 /* make sure the status line matches the response we are looking for */
1190 if (!expected_statuscode (status_line, server_expect)) { 1185 if (!expected_statuscode(status_line, server_expect)) {
1191 if (server_port == HTTP_PORT) 1186 if (server_port == HTTP_PORT)
1192 xasprintf (&msg, 1187 xasprintf(&msg, _("Invalid HTTP response received from host: %s\n"),
1193 _("Invalid HTTP response received from host: %s\n"),
1194 status_line); 1188 status_line);
1195 else 1189 else
1196 xasprintf (&msg, 1190 xasprintf(&msg,
1197 _("Invalid HTTP response received from host on port %d: %s\n"), 1191 _("Invalid HTTP response received from host on port %d: %s\n"),
1198 server_port, status_line); 1192 server_port, status_line);
1199 if (show_body) 1193 if (show_body)
1200 xasprintf (&msg, _("%s\n%s"), msg, page); 1194 xasprintf(&msg, _("%s\n%s"), msg, page);
1201 die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); 1195 die(STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
1202 } 1196 }
1203 1197
1204 /* Bypass normal status line check if server_expect was set by user and not default */ 1198 /* Bypass normal status line check if server_expect was set by user and not
1205 /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string */ 1199 * default */
1206 if ( server_expect_yn ) { 1200 /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string
1207 xasprintf (&msg, 1201 */
1208 _("Status line output matched \"%s\" - "), server_expect); 1202 if (server_expect_yn) {
1203 xasprintf(&msg, _("Status line output matched \"%s\" - "), server_expect);
1209 if (verbose) 1204 if (verbose)
1210 printf ("%s\n",msg); 1205 printf("%s\n", msg);
1211 } 1206 } else {
1212 else {
1213 /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */ 1207 /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */
1214 /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */ 1208 /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */
1215 /* Status-Code = 3 DIGITS */ 1209 /* Status-Code = 3 DIGITS */
1216 1210
1217 status_code = strchr (status_line, ' ') + sizeof (char); 1211 status_code = strchr(status_line, ' ') + sizeof(char);
1218 if (strspn (status_code, "1234567890") != 3) 1212 if (strspn(status_code, "1234567890") != 3)
1219 die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), status_line); 1213 die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"),
1214 status_line);
1220 1215
1221 http_status = atoi (status_code); 1216 http_status = atoi(status_code);
1222 1217
1223 /* check the return code */ 1218 /* check the return code */
1224 1219
1225 if (http_status >= 600 || http_status < 100) { 1220 if (http_status >= 600 || http_status < 100) {
1226 die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), status_line); 1221 die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"),
1222 status_line);
1227 } 1223 }
1228 /* server errors result in a critical state */ 1224 /* server errors result in a critical state */
1229 else if (http_status >= 500) { 1225 else if (http_status >= 500) {
1230 xasprintf (&msg, _("%s - "), status_line); 1226 xasprintf(&msg, _("%s - "), status_line);
1231 result = STATE_CRITICAL; 1227 result = STATE_CRITICAL;
1232 } 1228 }
1233 /* client errors result in a warning state */ 1229 /* client errors result in a warning state */
1234 else if (http_status >= 400) { 1230 else if (http_status >= 400) {
1235 xasprintf (&msg, _("%s - "), status_line); 1231 xasprintf(&msg, _("%s - "), status_line);
1236 result = max_state_alt(STATE_WARNING, result); 1232 result = max_state_alt(STATE_WARNING, result);
1237 } 1233 }
1238 /* check redirected page if specified */ 1234 /* check redirected page if specified */
1239 else if (http_status >= 300) { 1235 else if (http_status >= 300) {
1240 1236
1241 if (onredirect == STATE_DEPENDENT) 1237 if (onredirect == STATE_DEPENDENT)
1242 redir (header, status_line); 1238 redir(header, status_line);
1243 else 1239 else
1244 result = max_state_alt(onredirect, result); 1240 result = max_state_alt(onredirect, result);
1245 xasprintf (&msg, _("%s - "), status_line); 1241 xasprintf(&msg, _("%s - "), status_line);
1246 } /* end if (http_status >= 300) */ 1242 } /* end if (http_status >= 300) */
1247 else { 1243 else {
1248 /* Print OK status anyway */ 1244 /* Print OK status anyway */
1249 xasprintf (&msg, _("%s - "), status_line); 1245 xasprintf(&msg, _("%s - "), status_line);
1250 } 1246 }
1251 1247
1252 } /* end else (server_expect_yn) */ 1248 } /* end else (server_expect_yn) */
1253 1249
1254 /* reset the alarm - must be called *after* redir or we'll never die on redirects! */ 1250 /* reset the alarm - must be called *after* redir or we'll never die on
1255 alarm (0); 1251 * redirects! */
1252 alarm(0);
1256 1253
1257 if (maximum_age >= 0) { 1254 if (maximum_age >= 0) {
1258 result = max_state_alt(check_document_dates(header, &msg), result); 1255 result = max_state_alt(check_document_dates(header, &msg), result);
1259 } 1256 }
1260 1257
1261 /* Page and Header content checks go here */ 1258 /* Page and Header content checks go here */
1262 if (strlen (header_expect)) { 1259 if (strlen(header_expect)) {
1263 if (!strstr (header, header_expect)) { 1260 if (!strstr(header, header_expect)) {
1264 strncpy(&output_header_search[0],header_expect,sizeof(output_header_search)); 1261 strncpy(&output_header_search[0], header_expect,
1265 if(output_header_search[sizeof(output_header_search)-1]!='\0') { 1262 sizeof(output_header_search));
1266 bcopy("...",&output_header_search[sizeof(output_header_search)-4],4); 1263 if (output_header_search[sizeof(output_header_search) - 1] != '\0') {
1264 bcopy("...", &output_header_search[sizeof(output_header_search) - 4],
1265 4);
1267 } 1266 }
1268 xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); 1267 xasprintf(&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg,
1268 output_header_search, use_ssl ? "https" : "http",
1269 host_name ? host_name : server_address, server_port,
1270 server_url);
1269 result = STATE_CRITICAL; 1271 result = STATE_CRITICAL;
1270 } 1272 }
1271 } 1273 }
1272 1274
1273 1275 if (strlen(string_expect)) {
1274 if (strlen (string_expect)) { 1276 if (!strstr(page, string_expect)) {
1275 if (!strstr (page, string_expect)) { 1277 strncpy(&output_string_search[0], string_expect,
1276 strncpy(&output_string_search[0],string_expect,sizeof(output_string_search)); 1278 sizeof(output_string_search));
1277 if(output_string_search[sizeof(output_string_search)-1]!='\0') { 1279 if (output_string_search[sizeof(output_string_search) - 1] != '\0') {
1278 bcopy("...",&output_string_search[sizeof(output_string_search)-4],4); 1280 bcopy("...", &output_string_search[sizeof(output_string_search) - 4],
1281 4);
1279 } 1282 }
1280 xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); 1283 xasprintf(&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg,
1284 output_string_search, use_ssl ? "https" : "http",
1285 host_name ? host_name : server_address, server_port,
1286 server_url);
1281 result = STATE_CRITICAL; 1287 result = STATE_CRITICAL;
1282 } 1288 }
1283 } 1289 }
1284 1290
1285 if (strlen (regexp)) { 1291 if (strlen(regexp)) {
1286 errcode = regexec (&preg, page, REGS, pmatch, 0); 1292 errcode = regexec(&preg, page, REGS, pmatch, 0);
1287 if ((errcode == 0 && invert_regex == 0) || (errcode == REG_NOMATCH && invert_regex == 1)) { 1293 if ((errcode == 0 && invert_regex == 0) ||
1294 (errcode == REG_NOMATCH && invert_regex == 1)) {
1288 /* OK - No-op to avoid changing the logic around it */ 1295 /* OK - No-op to avoid changing the logic around it */
1289 result = max_state_alt(STATE_OK, result); 1296 result = max_state_alt(STATE_OK, result);
1290 } 1297 } else if ((errcode == REG_NOMATCH && invert_regex == 0) ||
1291 else if ((errcode == REG_NOMATCH && invert_regex == 0) || (errcode == 0 && invert_regex == 1)) { 1298 (errcode == 0 && invert_regex == 1)) {
1292 if (invert_regex == 0) 1299 if (invert_regex == 0)
1293 xasprintf (&msg, _("%spattern not found, "), msg); 1300 xasprintf(&msg, _("%spattern not found, "), msg);
1294 else 1301 else
1295 xasprintf (&msg, _("%spattern found, "), msg); 1302 xasprintf(&msg, _("%spattern found, "), msg);
1296 result = STATE_CRITICAL; 1303 result = STATE_CRITICAL;
1297 } 1304 } else {
1298 else {
1299 /* FIXME: Shouldn't that be UNKNOWN? */ 1305 /* FIXME: Shouldn't that be UNKNOWN? */
1300 regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); 1306 regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
1301 xasprintf (&msg, _("%sExecute Error: %s, "), msg, errbuf); 1307 xasprintf(&msg, _("%sExecute Error: %s, "), msg, errbuf);
1302 result = STATE_CRITICAL; 1308 result = STATE_CRITICAL;
1303 } 1309 }
1304 } 1310 }
@@ -1314,68 +1320,64 @@ check_http (void)
1314 */ 1320 */
1315 page_len = pagesize; 1321 page_len = pagesize;
1316 if ((max_page_len > 0) && (page_len > max_page_len)) { 1322 if ((max_page_len > 0) && (page_len > max_page_len)) {
1317 xasprintf (&msg, _("%spage size %d too large, "), msg, page_len); 1323 xasprintf(&msg, _("%spage size %d too large, "), msg, page_len);
1318 result = max_state_alt(STATE_WARNING, result); 1324 result = max_state_alt(STATE_WARNING, result);
1319 } else if ((min_page_len > 0) && (page_len < min_page_len)) { 1325 } else if ((min_page_len > 0) && (page_len < min_page_len)) {
1320 xasprintf (&msg, _("%spage size %d too small, "), msg, page_len); 1326 xasprintf(&msg, _("%spage size %d too small, "), msg, page_len);
1321 result = max_state_alt(STATE_WARNING, result); 1327 result = max_state_alt(STATE_WARNING, result);
1322 } 1328 }
1323 1329
1324 /* Cut-off trailing characters */ 1330 /* Cut-off trailing characters */
1325 if(msg[strlen(msg)-2] == ',') 1331 if (msg[strlen(msg) - 2] == ',')
1326 msg[strlen(msg)-2] = '\0'; 1332 msg[strlen(msg) - 2] = '\0';
1327 else 1333 else
1328 msg[strlen(msg)-3] = '\0'; 1334 msg[strlen(msg) - 3] = '\0';
1329 1335
1330 /* check elapsed time */ 1336 /* check elapsed time */
1331 if (show_extended_perfdata) 1337 if (show_extended_perfdata)
1332 xasprintf (&msg, 1338 xasprintf(
1333 _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), 1339 &msg,
1334 msg, page_len, elapsed_time, 1340 _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"),
1335 (display_html ? "</A>" : ""), 1341 msg, page_len, elapsed_time, (display_html ? "</A>" : ""),
1336 perfd_time (elapsed_time), 1342 perfd_time(elapsed_time), perfd_size(page_len),
1337 perfd_size (page_len), 1343 perfd_time_connect(elapsed_time_connect),
1338 perfd_time_connect (elapsed_time_connect), 1344 use_ssl == true ? perfd_time_ssl(elapsed_time_ssl) : "",
1339 use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "", 1345 perfd_time_headers(elapsed_time_headers),
1340 perfd_time_headers (elapsed_time_headers), 1346 perfd_time_firstbyte(elapsed_time_firstbyte),
1341 perfd_time_firstbyte (elapsed_time_firstbyte), 1347 perfd_time_transfer(elapsed_time_transfer));
1342 perfd_time_transfer (elapsed_time_transfer));
1343 else 1348 else
1344 xasprintf (&msg, 1349 xasprintf(&msg, _("%s - %d bytes in %.3f second response time %s|%s %s"),
1345 _("%s - %d bytes in %.3f second response time %s|%s %s"), 1350 msg, page_len, elapsed_time, (display_html ? "</A>" : ""),
1346 msg, page_len, elapsed_time, 1351 perfd_time(elapsed_time), perfd_size(page_len));
1347 (display_html ? "</A>" : ""),
1348 perfd_time (elapsed_time),
1349 perfd_size (page_len));
1350 1352
1351 if (show_body) 1353 if (show_body)
1352 xasprintf (&msg, _("%s\n%s"), msg, page); 1354 xasprintf(&msg, _("%s\n%s"), msg, page);
1353 1355
1354 result = max_state_alt(get_status(elapsed_time, thlds), result); 1356 result = max_state_alt(get_status(elapsed_time, thlds), result);
1355 1357
1356 die (result, "HTTP %s: %s\n", state_text(result), msg); 1358 die(result, "HTTP %s: %s\n", state_text(result), msg);
1357 /* die failed? */ 1359 /* die failed? */
1358 return STATE_UNKNOWN; 1360 return STATE_UNKNOWN;
1359} 1361}
1360 1362
1361
1362
1363/* per RFC 2396 */ 1363/* per RFC 2396 */
1364#define URI_HTTP "%5[HTPShtps]" 1364#define URI_HTTP "%5[HTPShtps]"
1365#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" 1365#define URI_HOST \
1366 "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
1366#define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */ 1367#define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */
1367#define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" 1368#define URI_PATH \
1369 "%[-_.!~*'();/" \
1370 "?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
1368#define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH 1371#define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH
1369#define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH 1372#define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH
1370#define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT 1373#define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT
1371#define HD4 URI_HTTP "://" URI_HOST 1374#define HD4 URI_HTTP "://" URI_HOST
1372/* relative reference redirect like //www.site.org/test https://tools.ietf.org/html/rfc3986 */ 1375/* relative reference redirect like //www.site.org/test
1376 * https://tools.ietf.org/html/rfc3986 */
1373#define HD5 "//" URI_HOST "/" URI_PATH 1377#define HD5 "//" URI_HOST "/" URI_PATH
1374#define HD6 URI_PATH 1378#define HD6 URI_PATH
1375 1379
1376void 1380void redir(char *pos, char *status_line) {
1377redir (char *pos, char *status_line)
1378{
1379 int i = 0; 1381 int i = 0;
1380 char *x; 1382 char *x;
1381 char xx[2]; 1383 char xx[2];
@@ -1383,101 +1385,101 @@ redir (char *pos, char *status_line)
1383 char *addr; 1385 char *addr;
1384 char *url; 1386 char *url;
1385 1387
1386 addr = malloc (MAX_IPV4_HOSTLENGTH + 1); 1388 addr = malloc(MAX_IPV4_HOSTLENGTH + 1);
1387 if (addr == NULL) 1389 if (addr == NULL)
1388 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); 1390 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n"));
1389 1391
1390 memset(addr, 0, MAX_IPV4_HOSTLENGTH); 1392 memset(addr, 0, MAX_IPV4_HOSTLENGTH);
1391 url = malloc (strcspn (pos, "\r\n")); 1393 url = malloc(strcspn(pos, "\r\n"));
1392 if (url == NULL) 1394 if (url == NULL)
1393 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); 1395 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
1394 1396
1395 while (pos) { 1397 while (pos) {
1396 sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i); 1398 sscanf(pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n",
1399 xx, &i);
1397 if (i == 0) { 1400 if (i == 0) {
1398 pos += (size_t) strcspn (pos, "\r\n"); 1401 pos += (size_t)strcspn(pos, "\r\n");
1399 pos += (size_t) strspn (pos, "\r\n"); 1402 pos += (size_t)strspn(pos, "\r\n");
1400 if (strlen(pos) == 0) 1403 if (strlen(pos) == 0)
1401 die (STATE_UNKNOWN, 1404 die(STATE_UNKNOWN,
1402 _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"), 1405 _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"),
1403 status_line, (display_html ? "</A>" : "")); 1406 status_line, (display_html ? "</A>" : ""));
1404 continue; 1407 continue;
1405 } 1408 }
1406 1409
1407 pos += i; 1410 pos += i;
1408 pos += strspn (pos, " \t"); 1411 pos += strspn(pos, " \t");
1409 1412
1410 /* 1413 /*
1411 * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by 1414 * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by
1412 * preceding each extra line with at least one SP or HT.'' 1415 * preceding each extra line with at least one SP or HT.''
1413 */ 1416 */
1414 for (; (i = strspn (pos, "\r\n")); pos += i) { 1417 for (; (i = strspn(pos, "\r\n")); pos += i) {
1415 pos += i; 1418 pos += i;
1416 if (!(i = strspn (pos, " \t"))) { 1419 if (!(i = strspn(pos, " \t"))) {
1417 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"), 1420 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"),
1418 display_html ? "</A>" : ""); 1421 display_html ? "</A>" : "");
1419 } 1422 }
1420 } 1423 }
1421 1424
1422 url = realloc (url, strcspn (pos, "\r\n") + 1); 1425 url = realloc(url, strcspn(pos, "\r\n") + 1);
1423 if (url == NULL) 1426 if (url == NULL)
1424 die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); 1427 die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
1425 1428
1426 /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */ 1429 /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */
1427 if (sscanf (pos, HD1, type, addr, &i, url) == 4) { 1430 if (sscanf(pos, HD1, type, addr, &i, url) == 4) {
1428 url = prepend_slash (url); 1431 url = prepend_slash(url);
1429 use_ssl = server_type_check (type); 1432 use_ssl = server_type_check(type);
1430 } 1433 }
1431 1434
1432 /* URI_HTTP URI_HOST URI_PATH */ 1435 /* URI_HTTP URI_HOST URI_PATH */
1433 else if (sscanf (pos, HD2, type, addr, url) == 3 ) { 1436 else if (sscanf(pos, HD2, type, addr, url) == 3) {
1434 url = prepend_slash (url); 1437 url = prepend_slash(url);
1435 use_ssl = server_type_check (type); 1438 use_ssl = server_type_check(type);
1436 i = server_port_check (use_ssl); 1439 i = server_port_check(use_ssl);
1437 } 1440 }
1438 1441
1439 /* URI_HTTP URI_HOST URI_PORT */ 1442 /* URI_HTTP URI_HOST URI_PORT */
1440 else if (sscanf (pos, HD3, type, addr, &i) == 3) { 1443 else if (sscanf(pos, HD3, type, addr, &i) == 3) {
1441 strcpy (url, HTTP_URL); 1444 strcpy(url, HTTP_URL);
1442 use_ssl = server_type_check (type); 1445 use_ssl = server_type_check(type);
1443 } 1446 }
1444 1447
1445 /* URI_HTTP URI_HOST */ 1448 /* URI_HTTP URI_HOST */
1446 else if (sscanf (pos, HD4, type, addr) == 2) { 1449 else if (sscanf(pos, HD4, type, addr) == 2) {
1447 strcpy (url, HTTP_URL); 1450 strcpy(url, HTTP_URL);
1448 use_ssl = server_type_check (type); 1451 use_ssl = server_type_check(type);
1449 i = server_port_check (use_ssl); 1452 i = server_port_check(use_ssl);
1450 } 1453 }
1451 /* URI_HTTP, URI_HOST, URI_PATH */ 1454 /* URI_HTTP, URI_HOST, URI_PATH */
1452 else if (sscanf (pos, HD5, addr, url) == 2) { 1455 else if (sscanf(pos, HD5, addr, url) == 2) {
1453 if(use_ssl){ 1456 if (use_ssl) {
1454 strcpy (type,"https"); 1457 strcpy(type, "https");
1455 } 1458 } else {
1456 else{ 1459 strcpy(type, server_type);
1457 strcpy (type, server_type);
1458 } 1460 }
1459 xasprintf (&url, "/%s", url); 1461 xasprintf(&url, "/%s", url);
1460 use_ssl = server_type_check (type); 1462 use_ssl = server_type_check(type);
1461 i = server_port_check (use_ssl); 1463 i = server_port_check(use_ssl);
1462 } 1464 }
1463 1465
1464 /* URI_PATH */ 1466 /* URI_PATH */
1465 else if (sscanf (pos, HD6, url) == 1) { 1467 else if (sscanf(pos, HD6, url) == 1) {
1466 /* relative url */ 1468 /* relative url */
1467 if ((url[0] != '/')) { 1469 if ((url[0] != '/')) {
1468 if ((x = strrchr(server_url, '/'))) 1470 if ((x = strrchr(server_url, '/')))
1469 *x = '\0'; 1471 *x = '\0';
1470 xasprintf (&url, "%s/%s", server_url, url); 1472 xasprintf(&url, "%s/%s", server_url, url);
1471 } 1473 }
1472 i = server_port; 1474 i = server_port;
1473 strcpy (type, server_type); 1475 strcpy(type, server_type);
1474 strcpy (addr, host_name ? host_name : server_address); 1476 strcpy(addr, host_name ? host_name : server_address);
1475 } 1477 }
1476 1478
1477 else { 1479 else {
1478 die (STATE_UNKNOWN, 1480 die(STATE_UNKNOWN,
1479 _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), 1481 _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), pos,
1480 pos, (display_html ? "</A>" : "")); 1482 (display_html ? "</A>" : ""));
1481 } 1483 }
1482 1484
1483 break; 1485 break;
@@ -1485,299 +1487,356 @@ redir (char *pos, char *status_line)
1485 } /* end while (pos) */ 1487 } /* end while (pos) */
1486 1488
1487 if (++redir_depth > max_depth) 1489 if (++redir_depth > max_depth)
1488 die (STATE_WARNING, 1490 die(STATE_WARNING,
1489 _("HTTP WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"), 1491 _("HTTP WARNING - maximum redirection depth %d exceeded - "
1490 max_depth, type, addr, i, url, (display_html ? "</A>" : "")); 1492 "%s://%s:%d%s%s\n"),
1493 max_depth, type, addr, i, url, (display_html ? "</A>" : ""));
1491 1494
1492 if (server_port==i && 1495 if (server_port == i && !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
1493 !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
1494 (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && 1496 (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) &&
1495 !strcmp(server_url, url)) 1497 !strcmp(server_url, url))
1496 die (STATE_CRITICAL, 1498 die(STATE_CRITICAL,
1497 _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"), 1499 _("HTTP CRITICAL - redirection creates an infinite loop - "
1498 type, addr, i, url, (display_html ? "</A>" : "")); 1500 "%s://%s:%d%s%s\n"),
1501 type, addr, i, url, (display_html ? "</A>" : ""));
1499 1502
1500 strcpy (server_type, type); 1503 strcpy(server_type, type);
1501 1504
1502 free (host_name); 1505 free(host_name);
1503 host_name = strndup (addr, MAX_IPV4_HOSTLENGTH); 1506 host_name = strndup(addr, MAX_IPV4_HOSTLENGTH);
1504 1507
1505 if (!(followsticky & STICKY_HOST)) { 1508 if (!(followsticky & STICKY_HOST)) {
1506 free (server_address); 1509 free(server_address);
1507 server_address = strndup (addr, MAX_IPV4_HOSTLENGTH); 1510 server_address = strndup(addr, MAX_IPV4_HOSTLENGTH);
1508 } 1511 }
1509 if (!(followsticky & STICKY_PORT)) { 1512 if (!(followsticky & STICKY_PORT)) {
1510 server_port = i; 1513 server_port = i;
1511 } 1514 }
1512 1515
1513 free (server_url); 1516 free(server_url);
1514 server_url = url; 1517 server_url = url;
1515 1518
1516 if (server_port > MAX_PORT) 1519 if (server_port > MAX_PORT)
1517 die (STATE_UNKNOWN, 1520 die(STATE_UNKNOWN,
1518 _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"), 1521 _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"),
1519 MAX_PORT, server_type, server_address, server_port, server_url, 1522 MAX_PORT, server_type, server_address, server_port, server_url,
1520 display_html ? "</A>" : ""); 1523 display_html ? "</A>" : "");
1521 1524
1522 /* reset virtual port */ 1525 /* reset virtual port */
1523 virtual_port = server_port; 1526 virtual_port = server_port;
1524 1527
1525 if (verbose) 1528 if (verbose)
1526 printf (_("Redirection to %s://%s:%d%s\n"), server_type, 1529 printf(_("Redirection to %s://%s:%d%s\n"), server_type,
1527 host_name ? host_name : server_address, server_port, server_url); 1530 host_name ? host_name : server_address, server_port, server_url);
1528 1531
1529 free(addr); 1532 free(addr);
1530 check_http (); 1533 check_http();
1531} 1534}
1532 1535
1533 1536bool server_type_check(const char *type) {
1534bool 1537 if (strcmp(type, "https"))
1535server_type_check (const char *type)
1536{
1537 if (strcmp (type, "https"))
1538 return false; 1538 return false;
1539 else 1539 else
1540 return true; 1540 return true;
1541} 1541}
1542 1542
1543int 1543int server_port_check(int ssl_flag) {
1544server_port_check (int ssl_flag)
1545{
1546 if (ssl_flag) 1544 if (ssl_flag)
1547 return HTTPS_PORT; 1545 return HTTPS_PORT;
1548 else 1546 else
1549 return HTTP_PORT; 1547 return HTTP_PORT;
1550} 1548}
1551 1549
1552char *perfd_time (double elapsed_time) 1550char *perfd_time(double elapsed_time) {
1553{ 1551 return fperfdata("time", elapsed_time, "s", thlds->warning ? true : false,
1554 return fperfdata ("time", elapsed_time, "s", 1552 thlds->warning ? thlds->warning->end : 0,
1555 thlds->warning?true:false, thlds->warning?thlds->warning->end:0, 1553 thlds->critical ? true : false,
1556 thlds->critical?true:false, thlds->critical?thlds->critical->end:0, 1554 thlds->critical ? thlds->critical->end : 0, true, 0, true,
1557 true, 0, true, socket_timeout); 1555 socket_timeout);
1558} 1556}
1559 1557
1560char *perfd_time_connect (double elapsed_time_connect) 1558char *perfd_time_connect(double elapsed_time_connect) {
1561{ 1559 return fperfdata("time_connect", elapsed_time_connect, "s", false, 0, false,
1562 return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1560 0, false, 0, true, socket_timeout);
1563} 1561}
1564 1562
1565char *perfd_time_ssl (double elapsed_time_ssl) 1563char *perfd_time_ssl(double elapsed_time_ssl) {
1566{ 1564 return fperfdata("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false,
1567 return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1565 0, true, socket_timeout);
1568} 1566}
1569 1567
1570char *perfd_time_headers (double elapsed_time_headers) 1568char *perfd_time_headers(double elapsed_time_headers) {
1571{ 1569 return fperfdata("time_headers", elapsed_time_headers, "s", false, 0, false,
1572 return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1570 0, false, 0, true, socket_timeout);
1573} 1571}
1574 1572
1575char *perfd_time_firstbyte (double elapsed_time_firstbyte) 1573char *perfd_time_firstbyte(double elapsed_time_firstbyte) {
1576{ 1574 return fperfdata("time_firstbyte", elapsed_time_firstbyte, "s", false, 0,
1577 return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1575 false, 0, false, 0, true, socket_timeout);
1578} 1576}
1579 1577
1580char *perfd_time_transfer (double elapsed_time_transfer) 1578char *perfd_time_transfer(double elapsed_time_transfer) {
1581{ 1579 return fperfdata("time_transfer", elapsed_time_transfer, "s", false, 0, false,
1582 return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout); 1580 0, false, 0, true, socket_timeout);
1583} 1581}
1584 1582
1585char *perfd_size (int page_len) 1583char *perfd_size(int page_len) {
1586{ 1584 return perfdata("size", page_len, "B", (min_page_len > 0 ? true : false),
1587 return perfdata ("size", page_len, "B", 1585 min_page_len, (min_page_len > 0 ? true : false), 0, true, 0,
1588 (min_page_len>0?true:false), min_page_len, 1586 false, 0);
1589 (min_page_len>0?true:false), 0,
1590 true, 0, false, 0);
1591} 1587}
1592 1588
1593void 1589void print_help(void) {
1594print_help (void) 1590 print_revision(progname, NP_VERSION);
1595{
1596 print_revision (progname, NP_VERSION);
1597 1591
1598 printf ("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); 1592 printf("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n");
1599 printf (COPYRIGHT, copyright, email); 1593 printf(COPYRIGHT, copyright, email);
1600 1594
1601 printf ("%s\n", _("This plugin tests the HTTP service on the specified host. It can test")); 1595 printf("%s\n", _("This plugin tests the HTTP service on the specified host. "
1602 printf ("%s\n", _("normal (http) and secure (https) servers, follow redirects, search for")); 1596 "It can test"));
1603 printf ("%s\n", _("strings and regular expressions, check connection times, and report on")); 1597 printf("%s\n", _("normal (http) and secure (https) servers, follow "
1604 printf ("%s\n", _("certificate expiration times.")); 1598 "redirects, search for"));
1599 printf("%s\n", _("strings and regular expressions, check connection times, "
1600 "and report on"));
1601 printf("%s\n", _("certificate expiration times."));
1605 1602
1606 printf ("\n\n"); 1603 printf("\n\n");
1607 1604
1608 print_usage (); 1605 print_usage();
1609 1606
1610#ifdef HAVE_SSL 1607#ifdef HAVE_SSL
1611 printf (_("In the first form, make an HTTP request.")); 1608 printf(_("In the first form, make an HTTP request."));
1612 printf (_("In the second form, connect to the server and check the TLS certificate.")); 1609 printf(_("In the second form, connect to the server and check the TLS "
1610 "certificate."));
1613#endif 1611#endif
1614 printf (_("NOTE: One or both of -H and -I must be specified")); 1612 printf(_("NOTE: One or both of -H and -I must be specified"));
1615 1613
1616 printf ("\n"); 1614 printf("\n");
1617 1615
1618 printf (UT_HELP_VRSN); 1616 printf(UT_HELP_VRSN);
1619 printf (UT_EXTRA_OPTS); 1617 printf(UT_EXTRA_OPTS);
1620 1618
1621 printf (" %s\n", "-H, --hostname=ADDRESS"); 1619 printf(" %s\n", "-H, --hostname=ADDRESS");
1622 printf (" %s\n", _("Host name argument for servers using host headers (virtual host)")); 1620 printf(" %s\n",
1623 printf (" %s\n", _("Append a port to include it in the header (eg: example.com:5000)")); 1621 _("Host name argument for servers using host headers (virtual host)"));
1624 printf (" %s\n", "-I, --IP-address=ADDRESS"); 1622 printf(" %s\n",
1625 printf (" %s\n", _("IP address or name (use numeric address if possible to bypass DNS lookup).")); 1623 _("Append a port to include it in the header (eg: example.com:5000)"));
1626 printf (" %s\n", "-p, --port=INTEGER"); 1624 printf(" %s\n", "-I, --IP-address=ADDRESS");
1627 printf (" %s", _("Port number (default: ")); 1625 printf(" %s\n", _("IP address or name (use numeric address if possible to "
1628 printf ("%d)\n", HTTP_PORT); 1626 "bypass DNS lookup)."));
1627 printf(" %s\n", "-p, --port=INTEGER");
1628 printf(" %s", _("Port number (default: "));
1629 printf("%d)\n", HTTP_PORT);
1629 1630
1630 printf (UT_IPv46); 1631 printf(UT_IPv46);
1631 1632
1632#ifdef HAVE_SSL 1633#ifdef HAVE_SSL
1633 printf (" %s\n", "-S, --ssl=VERSION[+]"); 1634 printf(" %s\n", "-S, --ssl=VERSION[+]");
1634 printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); 1635 printf(" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is "
1635 printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); 1636 "optional, and prevents"));
1636 printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted.")); 1637 printf(
1637 printf (" %s\n", "--sni"); 1638 " %s\n",
1638 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); 1639 _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
1639 printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); 1640 printf(" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are "
1640 printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); 1641 "also accepted."));
1641 printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); 1642 printf(" %s\n", "--sni");
1642 printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); 1643 printf(" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
1643 printf (" %s\n", "--continue-after-certificate"); 1644 printf(" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
1644 printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); 1645 printf(" %s\n", _("Minimum number of days a certificate has to be valid. "
1645 printf (" %s\n", _("Does nothing unless -C is used.")); 1646 "Port defaults to 443"));
1646 printf (" %s\n", "-J, --client-cert=FILE"); 1647 printf(" %s\n", _("(when this option is used the URL is not checked by "
1647 printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); 1648 "default. You can use"));
1648 printf (" %s\n", _("to be used in establishing the SSL session")); 1649 printf(" %s\n",
1649 printf (" %s\n", "-K, --private-key=FILE"); 1650 _(" --continue-after-certificate to override this behavior)"));
1650 printf (" %s\n", _("Name of file containing the private key (PEM format)")); 1651 printf(" %s\n", "--continue-after-certificate");
1651 printf (" %s\n", _("matching the client certificate")); 1652 printf(" %s\n", _("Allows the HTTP check to continue after performing the "
1653 "certificate check."));
1654 printf(" %s\n", _("Does nothing unless -C is used."));
1655 printf(" %s\n", "-J, --client-cert=FILE");
1656 printf(" %s\n",
1657 _("Name of file that contains the client certificate (PEM format)"));
1658 printf(" %s\n", _("to be used in establishing the SSL session"));
1659 printf(" %s\n", "-K, --private-key=FILE");
1660 printf(" %s\n", _("Name of file containing the private key (PEM format)"));
1661 printf(" %s\n", _("matching the client certificate"));
1652#endif 1662#endif
1653 1663
1654 printf (" %s\n", "-e, --expect=STRING"); 1664 printf(" %s\n", "-e, --expect=STRING");
1655 printf (" %s\n", _("Comma-delimited list of strings, at least one of them is expected in")); 1665 printf(" %s\n", _("Comma-delimited list of strings, at least one of them "
1656 printf (" %s", _("the first (status) line of the server response (default: ")); 1666 "is expected in"));
1657 printf ("%s)\n", HTTP_EXPECT); 1667 printf(" %s",
1658 printf (" %s\n", _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)")); 1668 _("the first (status) line of the server response (default: "));
1659 printf (" %s\n", "-d, --header-string=STRING"); 1669 printf("%s)\n", HTTP_EXPECT);
1660 printf (" %s\n", _("String to expect in the response headers")); 1670 printf(" %s\n", _("If specified skips all other status line logic (ex: "
1661 printf (" %s\n", "-s, --string=STRING"); 1671 "3xx, 4xx, 5xx processing)"));
1662 printf (" %s\n", _("String to expect in the content")); 1672 printf(" %s\n", "-d, --header-string=STRING");
1663 printf (" %s\n", "-u, --url=PATH"); 1673 printf(" %s\n", _("String to expect in the response headers"));
1664 printf (" %s\n", _("URL to GET or POST (default: /)")); 1674 printf(" %s\n", "-s, --string=STRING");
1665 printf (" %s\n", "-P, --post=STRING"); 1675 printf(" %s\n", _("String to expect in the content"));
1666 printf (" %s\n", _("URL encoded http POST data")); 1676 printf(" %s\n", "-u, --url=PATH");
1667 printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)"); 1677 printf(" %s\n", _("URL to GET or POST (default: /)"));
1668 printf (" %s\n", _("Set HTTP method.")); 1678 printf(" %s\n", "-P, --post=STRING");
1669 printf (" %s\n", "-N, --no-body"); 1679 printf(" %s\n", _("URL encoded http POST data"));
1670 printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); 1680 printf(" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, "
1671 printf (" %s\n", _("(Note that this still does an HTTP GET or POST, not a HEAD.)")); 1681 "PUT, DELETE, CONNECT, CONNECT:POST)");
1672 printf (" %s\n", "-M, --max-age=SECONDS"); 1682 printf(" %s\n", _("Set HTTP method."));
1673 printf (" %s\n", _("Warn if document is more than SECONDS old. the number can also be of")); 1683 printf(" %s\n", "-N, --no-body");
1674 printf (" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or \"10d\" for days.")); 1684 printf(" %s\n",
1675 printf (" %s\n", "-T, --content-type=STRING"); 1685 _("Don't wait for document body: stop reading after headers."));
1676 printf (" %s\n", _("specify Content-Type header media type when POSTing\n")); 1686 printf(" %s\n",
1677 1687 _("(Note that this still does an HTTP GET or POST, not a HEAD.)"));
1678 printf (" %s\n", "-l, --linespan"); 1688 printf(" %s\n", "-M, --max-age=SECONDS");
1679 printf (" %s\n", _("Allow regex to span newlines (must precede -r or -R)")); 1689 printf(" %s\n", _("Warn if document is more than SECONDS old. the number "
1680 printf (" %s\n", "-r, --regex, --ereg=STRING"); 1690 "can also be of"));
1681 printf (" %s\n", _("Search page for regex STRING")); 1691 printf(" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or "
1682 printf (" %s\n", "-R, --eregi=STRING"); 1692 "\"10d\" for days."));
1683 printf (" %s\n", _("Search page for case-insensitive regex STRING")); 1693 printf(" %s\n", "-T, --content-type=STRING");
1684 printf (" %s\n", "--invert-regex"); 1694 printf(" %s\n",
1685 printf (" %s\n", _("Return CRITICAL if found, OK if not\n")); 1695 _("specify Content-Type header media type when POSTing\n"));
1686 1696
1687 printf (" %s\n", "-a, --authorization=AUTH_PAIR"); 1697 printf(" %s\n", "-l, --linespan");
1688 printf (" %s\n", _("Username:password on sites with basic authentication")); 1698 printf(" %s\n", _("Allow regex to span newlines (must precede -r or -R)"));
1689 printf (" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); 1699 printf(" %s\n", "-r, --regex, --ereg=STRING");
1690 printf (" %s\n", _("Username:password on proxy-servers with basic authentication")); 1700 printf(" %s\n", _("Search page for regex STRING"));
1691 printf (" %s\n", "-A, --useragent=STRING"); 1701 printf(" %s\n", "-R, --eregi=STRING");
1692 printf (" %s\n", _("String to be sent in http header as \"User Agent\"")); 1702 printf(" %s\n", _("Search page for case-insensitive regex STRING"));
1693 printf (" %s\n", "-k, --header=STRING"); 1703 printf(" %s\n", "--invert-regex");
1694 printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); 1704 printf(" %s\n", _("Return CRITICAL if found, OK if not\n"));
1695 printf (" %s\n", "-E, --extended-perfdata"); 1705
1696 printf (" %s\n", _("Print additional performance data")); 1706 printf(" %s\n", "-a, --authorization=AUTH_PAIR");
1697 printf (" %s\n", "-B, --show-body"); 1707 printf(" %s\n", _("Username:password on sites with basic authentication"));
1698 printf (" %s\n", _("Print body content below status line")); 1708 printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR");
1699 printf (" %s\n", "-L, --link"); 1709 printf(" %s\n",
1700 printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); 1710 _("Username:password on proxy-servers with basic authentication"));
1701 printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>"); 1711 printf(" %s\n", "-A, --useragent=STRING");
1702 printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); 1712 printf(" %s\n", _("String to be sent in http header as \"User Agent\""));
1703 printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); 1713 printf(" %s\n", "-k, --header=STRING");
1704 printf (" %s\n", "--max-redirs=INTEGER"); 1714 printf(" %s\n", _("Any other tags to be sent in http header. Use multiple "
1705 printf (" %s", _("Maximal number of redirects (default: ")); 1715 "times for additional headers"));
1706 printf ("%d)\n", DEFAULT_MAX_REDIRS); 1716 printf(" %s\n", "-E, --extended-perfdata");
1707 printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); 1717 printf(" %s\n", _("Print additional performance data"));
1708 printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); 1718 printf(" %s\n", "-B, --show-body");
1709 printf (UT_WARN_CRIT); 1719 printf(" %s\n", _("Print body content below status line"));
1710 1720 printf(" %s\n", "-L, --link");
1711 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 1721 printf(" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
1712 1722 printf(" %s\n",
1713 printf (UT_VERBOSE); 1723 "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>");
1714 1724 printf(" %s\n", _("How to handle redirected pages. sticky is like follow "
1715 printf ("\n"); 1725 "but stick to the"));
1716 printf ("%s\n", _("Notes:")); 1726 printf(
1717 printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host.")); 1727 " %s\n",
1718 printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL")); 1728 _("specified IP address. stickyport also ensures port stays the same."));
1719 printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response")); 1729 printf(" %s\n", "--max-redirs=INTEGER");
1720 printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are")); 1730 printf(" %s", _("Maximal number of redirects (default: "));
1721 printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN")); 1731 printf("%d)\n", DEFAULT_MAX_REDIRS);
1722 printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument.")); 1732 printf(" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
1733 printf(" %s\n", _("Minimum page size required (bytes) : Maximum page size "
1734 "required (bytes)"));
1735 printf(UT_WARN_CRIT);
1736
1737 printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
1738
1739 printf(UT_VERBOSE);
1740
1741 printf("\n");
1742 printf("%s\n", _("Notes:"));
1743 printf(
1744 " %s\n",
1745 _("This plugin will attempt to open an HTTP connection with the host."));
1746 printf(" %s\n", _("Successful connects return STATE_OK, refusals and "
1747 "timeouts return STATE_CRITICAL"));
1748 printf(" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, "
1749 "but incorrect response"));
1750 printf(" %s\n", _("messages from the host result in STATE_WARNING return "
1751 "values. If you are"));
1752 printf(" %s\n", _("checking a virtual server that uses 'host headers' you "
1753 "must supply the FQDN"));
1754 printf(" %s\n",
1755 _("(fully qualified domain name) as the [host_name] argument."));
1723 1756
1724#ifdef HAVE_SSL 1757#ifdef HAVE_SSL
1725 printf ("\n"); 1758 printf("\n");
1726 printf (" %s\n", _("This plugin can also check whether an SSL enabled web server is able to")); 1759 printf(" %s\n", _("This plugin can also check whether an SSL enabled web "
1727 printf (" %s\n", _("serve content (optionally within a specified time) or whether the X509 ")); 1760 "server is able to"));
1728 printf (" %s\n", _("certificate is still valid for the specified number of days.")); 1761 printf(" %s\n", _("serve content (optionally within a specified time) or "
1729 printf ("\n"); 1762 "whether the X509 "));
1730 printf (" %s\n", _("Please note that this plugin does not check if the presented server")); 1763 printf(" %s\n",
1731 printf (" %s\n", _("certificate matches the hostname of the server, or if the certificate")); 1764 _("certificate is still valid for the specified number of days."));
1732 printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs.")); 1765 printf("\n");
1733 printf ("\n"); 1766 printf(
1734 printf ("%s\n", _("Examples:")); 1767 " %s\n",
1735 printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); 1768 _("Please note that this plugin does not check if the presented server"));
1736 printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,")); 1769 printf(" %s\n", _("certificate matches the hostname of the server, or if the "
1737 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); 1770 "certificate"));
1738 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); 1771 printf(" %s\n",
1739 printf (" %s\n", _("a STATE_CRITICAL will be returned.")); 1772 _("has a valid chain of trust to one of the locally installed CAs."));
1740 printf ("\n"); 1773 printf("\n");
1741 printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); 1774 printf("%s\n", _("Examples:"));
1742 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); 1775 printf(" %s\n\n",
1743 printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); 1776 "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com");
1744 printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); 1777 printf(" %s\n", _("When the 'www.verisign.com' server returns its content "
1745 printf (" %s\n\n", _("the certificate is expired.")); 1778 "within 5 seconds,"));
1746 printf ("\n"); 1779 printf(" %s\n", _("a STATE_OK will be returned. When the server returns its "
1747 printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); 1780 "content but exceeds"));
1748 printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); 1781 printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. "
1749 printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); 1782 "When an error occurs,"));
1750 printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); 1783 printf(" %s\n", _("a STATE_CRITICAL will be returned."));
1751 printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); 1784 printf("\n");
1752 1785 printf(" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");
1753 printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); 1786 printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for "
1754 printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); 1787 "more than 14 days,"));
1755 printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); 1788 printf(" %s\n", _("a STATE_OK is returned. When the certificate is still "
1756 printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); 1789 "valid, but for less than"));
1757 printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); 1790 printf(" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL "
1758 printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used")); 1791 "will be returned when"));
1759 printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST")); 1792 printf(" %s\n\n", _("the certificate is expired."));
1793 printf("\n");
1794 printf(" %s\n\n",
1795 "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
1796 printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for "
1797 "more than 30 days,"));
1798 printf(" %s\n", _("a STATE_OK is returned. When the certificate is still "
1799 "valid, but for less than"));
1800 printf(" %s\n",
1801 _("30 days, but more than 14 days, a STATE_WARNING is returned."));
1802 printf(" %s\n", _("A STATE_CRITICAL will be returned when certificate "
1803 "expires in less than 14 days"));
1804
1805 printf(" %s\n\n",
1806 "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
1807 printf(" %s\n",
1808 _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S "
1809 "-j CONNECT -H www.verisign.com "));
1810 printf(" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> "
1811 "-u <check-url> -S(sl) -j CONNECT -H <webserver>"));
1812 printf(" %s\n", _("a STATE_OK will be returned. When the server returns its "
1813 "content but exceeds"));
1814 printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. "
1815 "When an error occurs,"));
1816 printf(" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to "
1817 "the method you can set the method used"));
1818 printf(" %s\n", _("inside the proxied connection: -j CONNECT:POST"));
1760 1819
1761#endif 1820#endif
1762 1821
1763 printf (UT_SUPPORT); 1822 printf(UT_SUPPORT);
1764
1765} 1823}
1766 1824
1767 1825void print_usage(void) {
1768 1826 printf("%s\n", _("Usage:"));
1769void 1827 printf(" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n", progname);
1770print_usage (void) 1828 printf(" [-J <client certificate file>] [-K <private key>]\n");
1771{ 1829 printf(" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] "
1772 printf ("%s\n", _("Usage:")); 1830 "[-E] [-a auth]\n");
1773 printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname); 1831 printf(" [-b proxy_auth] [-f "
1774 printf (" [-J <client certificate file>] [-K <private key>]\n"); 1832 "<ok|warning|critcal|follow|sticky|stickyport>]\n");
1775 printf (" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n"); 1833 printf(" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R "
1776 printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n"); 1834 "<case-insensitive regex>]\n");
1777 printf (" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n"); 1835 printf(" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M "
1778 printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); 1836 "<age>]\n");
1779 printf (" [-A string] [-k string] [-S <version>] [--sni]\n"); 1837 printf(" [-A string] [-k string] [-S <version>] [--sni]\n");
1780 printf (" [-T <content-type>] [-j method]\n"); 1838 printf(" [-T <content-type>] [-j method]\n");
1781 printf (" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n",progname); 1839 printf(" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n",
1782 printf (" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n"); 1840 progname);
1841 printf(" [-p <port>] [-t <timeout>] [-4|-6] [--sni]\n");
1783} 1842}