summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--configure.ac2
-rw-r--r--lib/output.c7
-rw-r--r--lib/output.h4
-rw-r--r--lib/perfdata.c11
-rw-r--r--lib/utils_base.h2
-rw-r--r--plugins/Makefile.am2
-rw-r--r--plugins/check_by_ssh.c17
-rw-r--r--plugins/check_cluster.c2
-rw-r--r--plugins/check_curl.c116
-rw-r--r--plugins/check_curl.d/check_curl_helpers.c390
-rw-r--r--plugins/check_curl.d/check_curl_helpers.h30
-rw-r--r--plugins/check_dig.c2
-rw-r--r--plugins/check_disk.c60
-rw-r--r--plugins/check_fping.c2
-rw-r--r--plugins/check_game.c2
-rw-r--r--plugins/check_hpjd.c2
-rw-r--r--plugins/check_ide_smart.c2
-rw-r--r--plugins/check_ldap.c2
-rw-r--r--plugins/check_load.c2
-rw-r--r--plugins/check_mysql.c2
-rw-r--r--plugins/check_nagios.c2
-rw-r--r--plugins/check_ping.c2
-rw-r--r--plugins/check_procs.c2
-rw-r--r--plugins/check_radius.c4
-rw-r--r--plugins/check_real.d/config.h2
-rw-r--r--plugins/check_smtp.c6
-rw-r--r--plugins/check_smtp.d/config.h4
-rw-r--r--plugins/check_snmp.c12
-rw-r--r--plugins/check_tcp.c6
-rw-r--r--plugins/check_time.c2
-rw-r--r--plugins/common.h9
-rw-r--r--plugins/netutils.h2
-rw-r--r--plugins/sslutils.c40
-rw-r--r--plugins/t/check_curl.t44
-rw-r--r--plugins/t/check_disk.t213
-rwxr-xr-xplugins/tests/check_curl.t4
36 files changed, 607 insertions, 406 deletions
diff --git a/configure.ac b/configure.ac
index ae7eb30b..e4351ad7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -578,7 +578,7 @@ if test "$FOUNDOPENSSL" = "yes" || test "$FOUNDGNUTLS" = "yes"; then
578 AC_SUBST(SSLLIBS) 578 AC_SUBST(SSLLIBS)
579 AC_DEFINE(HAVE_SSL,1,[Define if SSL libraries are found]) 579 AC_DEFINE(HAVE_SSL,1,[Define if SSL libraries are found])
580 if test "$FOUNDOPENSSL" = "yes"; then 580 if test "$FOUNDOPENSSL" = "yes"; then
581 AC_DEFINE(USE_OPENSSL,1,[Define if using OpenSSL libraries]) 581 AC_DEFINE(MOPL_USE_OPENSSL,1,[Define if using OpenSSL libraries])
582 with_openssl="yes" 582 with_openssl="yes"
583 with_gnutls="no" 583 with_gnutls="no"
584 else 584 else
diff --git a/lib/output.c b/lib/output.c
index bfd43195..54d505d9 100644
--- a/lib/output.c
+++ b/lib/output.c
@@ -61,6 +61,8 @@ static inline char *fmt_subcheck_perfdata(mp_subcheck check) {
61mp_check mp_check_init(void) { 61mp_check mp_check_init(void) {
62 mp_check check = { 62 mp_check check = {
63 .evaluation_function = &mp_eval_check_default, 63 .evaluation_function = &mp_eval_check_default,
64 .default_output_override = NULL,
65 .default_output_override_content = NULL,
64 }; 66 };
65 return check; 67 return check;
66} 68}
@@ -283,6 +285,11 @@ char *mp_fmt_output(mp_check check) {
283 285
284 switch (output_format) { 286 switch (output_format) {
285 case MP_FORMAT_MULTI_LINE: { 287 case MP_FORMAT_MULTI_LINE: {
288 if (check.default_output_override != NULL) {
289 result = check.default_output_override(check.default_output_override_content);
290 break;
291 }
292
286 if (check.summary == NULL) { 293 if (check.summary == NULL) {
287 check.summary = get_subcheck_summary(check); 294 check.summary = get_subcheck_summary(check);
288 } 295 }
diff --git a/lib/output.h b/lib/output.h
index c63c8e3f..f5011268 100644
--- a/lib/output.h
+++ b/lib/output.h
@@ -70,6 +70,10 @@ struct mp_check {
70 70
71 // the evaluation_functions computes the state of check 71 // the evaluation_functions computes the state of check
72 mp_state_enum (*evaluation_function)(mp_check); 72 mp_state_enum (*evaluation_function)(mp_check);
73
74 // override for the default output format
75 char *(*default_output_override)(void *);
76 void *default_output_override_content;
73}; 77};
74 78
75mp_check mp_check_init(void); 79mp_check mp_check_init(void);
diff --git a/lib/perfdata.c b/lib/perfdata.c
index f4eaf843..e3710ec7 100644
--- a/lib/perfdata.c
+++ b/lib/perfdata.c
@@ -251,7 +251,16 @@ char *mp_range_to_string(const mp_range input) {
251 if (input.start_infinity) { 251 if (input.start_infinity) {
252 asprintf(&result, "%s~:", result); 252 asprintf(&result, "%s~:", result);
253 } else { 253 } else {
254 asprintf(&result, "%s%s:", result, pd_value_to_string(input.start)); 254 // check for zeroes, so we can use the short form
255 if ((input.start.type == PD_TYPE_NONE) ||
256 ((input.start.type == PD_TYPE_INT) && (input.start.pd_int == 0)) ||
257 ((input.start.type == PD_TYPE_UINT) && (input.start.pd_uint == 0)) ||
258 ((input.start.type == PD_TYPE_DOUBLE) && (input.start.pd_double == 0))){
259 // nothing to do here
260 } else {
261 // Start value is an actual value
262 asprintf(&result, "%s%s:", result, pd_value_to_string(input.start));
263 }
255 } 264 }
256 265
257 if (!input.end_infinity) { 266 if (!input.end_infinity) {
diff --git a/lib/utils_base.h b/lib/utils_base.h
index 27884bf0..1da96f78 100644
--- a/lib/utils_base.h
+++ b/lib/utils_base.h
@@ -9,7 +9,7 @@
9#include "./thresholds.h" 9#include "./thresholds.h"
10#include "states.h" 10#include "states.h"
11 11
12#ifndef USE_OPENSSL 12#ifndef MOPL_USE_OPENSSL
13# include "sha256.h" 13# include "sha256.h"
14#endif 14#endif
15 15
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index a35f273e..2bea8fc0 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -166,7 +166,7 @@ check_real_LDADD = $(NETLIBS)
166check_snmp_SOURCES = check_snmp.c check_snmp.d/check_snmp_helpers.c 166check_snmp_SOURCES = check_snmp.c check_snmp.d/check_snmp_helpers.c
167check_snmp_LDADD = $(BASEOBJS) 167check_snmp_LDADD = $(BASEOBJS)
168check_snmp_LDFLAGS = $(AM_LDFLAGS) -lm `net-snmp-config --libs` 168check_snmp_LDFLAGS = $(AM_LDFLAGS) -lm `net-snmp-config --libs`
169check_snmp_CFLAGS = $(AM_CFLAGS) `net-snmp-config --cflags` 169check_snmp_CFLAGS = $(AM_CFLAGS) `net-snmp-config --cflags | sed 's/-Werror=declaration-after-statement//'`
170check_smtp_LDADD = $(SSLOBJS) 170check_smtp_LDADD = $(SSLOBJS)
171check_ssh_LDADD = $(NETLIBS) 171check_ssh_LDADD = $(NETLIBS)
172check_swap_SOURCES = check_swap.c check_swap.d/swap.c 172check_swap_SOURCES = check_swap.c check_swap.d/swap.c
diff --git a/plugins/check_by_ssh.c b/plugins/check_by_ssh.c
index 7ffa0ded..4d0c8e7d 100644
--- a/plugins/check_by_ssh.c
+++ b/plugins/check_by_ssh.c
@@ -41,6 +41,8 @@ const char *email = "devel@monitoring-plugins.org";
41# define NP_MAXARGS 1024 41# define NP_MAXARGS 1024
42#endif 42#endif
43 43
44char *check_by_ssh_output_override(void *remote_output) { return ((char *)remote_output); }
45
44typedef struct { 46typedef struct {
45 int errorcode; 47 int errorcode;
46 check_by_ssh_config config; 48 check_by_ssh_config config;
@@ -155,10 +157,21 @@ int main(int argc, char **argv) {
155 xasprintf(&sc_active_check.output, "command stdout:"); 157 xasprintf(&sc_active_check.output, "command stdout:");
156 158
157 if (child_result.out.lines > skip_stdout) { 159 if (child_result.out.lines > skip_stdout) {
160
161 char *remote_command_output = NULL;
158 for (size_t i = skip_stdout; i < child_result.out.lines; i++) { 162 for (size_t i = skip_stdout; i < child_result.out.lines; i++) {
159 xasprintf(&sc_active_check.output, "%s\n%s", sc_active_check.output, 163 if (i == skip_stdout) {
160 child_result.out.line[i]); 164 // first iteration
165 xasprintf(&remote_command_output, "%s", child_result.out.line[i]);
166 } else {
167 xasprintf(&remote_command_output, "%s\n%s", remote_command_output,
168 child_result.out.line[i]);
169 }
161 } 170 }
171
172 sc_active_check.output = remote_command_output;
173 overall.default_output_override_content = remote_command_output;
174 overall.default_output_override = check_by_ssh_output_override;
162 } else { 175 } else {
163 xasprintf(&sc_active_check.output, "remote command '%s' returned status %d", 176 xasprintf(&sc_active_check.output, "remote command '%s' returned status %d",
164 config.remotecmd, child_result.cmd_error_code); 177 config.remotecmd, child_result.cmd_error_code);
diff --git a/plugins/check_cluster.c b/plugins/check_cluster.c
index 1cbdcd60..92c3827a 100644
--- a/plugins/check_cluster.c
+++ b/plugins/check_cluster.c
@@ -175,7 +175,7 @@ check_cluster_config_wrapper process_arguments(int argc, char **argv) {
175 while (true) { 175 while (true) {
176 int option_index = getopt_long(argc, argv, "hHsvVw:c:d:l:", longopts, &option); 176 int option_index = getopt_long(argc, argv, "hHsvVw:c:d:l:", longopts, &option);
177 177
178 if (option_index == -1 || option_index == EOF || option_index == 1) { 178 if (CHECK_EOF(option_index) || option_index == 1) {
179 break; 179 break;
180 } 180 }
181 181
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index f63cdea2..67d89129 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -62,7 +62,7 @@ const char *email = "devel@monitoring-plugins.org";
62#include <arpa/inet.h> 62#include <arpa/inet.h>
63#include <netinet/in.h> 63#include <netinet/in.h>
64 64
65#if defined(HAVE_SSL) && defined(USE_OPENSSL) 65#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
66# include <openssl/opensslv.h> 66# include <openssl/opensslv.h>
67#endif 67#endif
68 68
@@ -81,9 +81,9 @@ extern char errbuf[MAX_INPUT_BUFFER];
81extern bool is_openssl_callback; 81extern bool is_openssl_callback;
82extern bool add_sslctx_verify_fun; 82extern bool add_sslctx_verify_fun;
83 83
84#if defined(HAVE_SSL) && defined(USE_OPENSSL) 84#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
85static X509 *cert = NULL; 85static X509 *cert = NULL;
86#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */ 86#endif /* defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) */
87 87
88typedef struct { 88typedef struct {
89 int errorcode; 89 int errorcode;
@@ -114,10 +114,10 @@ static void print_curl_version(void);
114// check_curl_evaluation_wrapper check_curl_evaluate(check_curl_config config, 114// check_curl_evaluation_wrapper check_curl_evaluate(check_curl_config config,
115// mp_check overall[static 1]) {} 115// mp_check overall[static 1]) {}
116 116
117#if defined(HAVE_SSL) && defined(USE_OPENSSL) 117#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
118mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, 118mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
119 int days_till_exp_crit); 119 int days_till_exp_crit);
120#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */ 120#endif /* defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) */
121 121
122int main(int argc, char **argv) { 122int main(int argc, char **argv) {
123#ifdef __OpenBSD__ 123#ifdef __OpenBSD__
@@ -167,7 +167,7 @@ int main(int argc, char **argv) {
167} 167}
168 168
169#ifdef HAVE_SSL 169#ifdef HAVE_SSL
170# ifdef USE_OPENSSL 170# ifdef MOPL_USE_OPENSSL
171int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) { 171int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) {
172 (void)preverify_ok; 172 (void)preverify_ok;
173 /* TODO: we get all certificates of the chain, so which ones 173 /* TODO: we get all certificates of the chain, so which ones
@@ -190,11 +190,11 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) {
190 } 190 }
191 return 1; 191 return 1;
192} 192}
193# endif /* USE_OPENSSL */ 193# endif /* MOPL_USE_OPENSSL */
194#endif /* HAVE_SSL */ 194#endif /* HAVE_SSL */
195 195
196#ifdef HAVE_SSL 196#ifdef HAVE_SSL
197# ifdef USE_OPENSSL 197# ifdef MOPL_USE_OPENSSL
198CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) { 198CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) {
199 (void)curl; // ignore unused parameter 199 (void)curl; // ignore unused parameter
200 (void)parm; // ignore unused parameter 200 (void)parm; // ignore unused parameter
@@ -211,7 +211,7 @@ CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) {
211 211
212 return CURLE_OK; 212 return CURLE_OK;
213} 213}
214# endif /* USE_OPENSSL */ 214# endif /* MOPL_USE_OPENSSL */
215#endif /* HAVE_SSL */ 215#endif /* HAVE_SSL */
216 216
217mp_subcheck check_http(const check_curl_config config, check_curl_working_state workingState, 217mp_subcheck check_http(const check_curl_config config, check_curl_working_state workingState,
@@ -247,8 +247,9 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
247 printf("**** REQUEST CONTENT ****\n%s\n", workingState.http_post_data); 247 printf("**** REQUEST CONTENT ****\n%s\n", workingState.http_post_data);
248 } 248 }
249 249
250 // curl_state is updated after curl_easy_perform, and with updated curl_state certificate checks can be done 250 // curl_state is updated after curl_easy_perform, and with updated curl_state certificate checks
251 // Check_http tries to check certs as early as possible, and exits with certificate check result by default. Behave similarly. 251 // can be done Check_http tries to check certs as early as possible, and exits with certificate
252 // check result by default. Behave similarly.
252#ifdef LIBCURL_FEATURE_SSL 253#ifdef LIBCURL_FEATURE_SSL
253 if (workingState.use_ssl && config.check_cert) { 254 if (workingState.use_ssl && config.check_cert) {
254 if (verbose > 1) { 255 if (verbose > 1) {
@@ -979,7 +980,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
979 int option_index = getopt_long( 980 int option_index = getopt_long(
980 argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:x:b:d:e:p:s:R:r:u:f:C:J:K:DnlLS::m:M:NEB", 981 argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:x:b:d:e:p:s:R:r:u:f:C:J:K:DnlLS::m:M:NEB",
981 longopts, &option); 982 longopts, &option);
982 if (option_index == -1 || option_index == EOF || option_index == 1) { 983 if (CHECK_EOF(option_index) || option_index == 1) {
983 break; 984 break;
984 } 985 }
985 986
@@ -1546,8 +1547,8 @@ void print_help(void) {
1546 printf(" %s\n", "-I, --IP-address=ADDRESS"); 1547 printf(" %s\n", "-I, --IP-address=ADDRESS");
1547 printf(" %s\n", 1548 printf(" %s\n",
1548 "IP address or name (use numeric address if possible to bypass DNS lookup)."); 1549 "IP address or name (use numeric address if possible to bypass DNS lookup).");
1549 printf(" %s\n", 1550 printf(" %s\n", "This overwrites the network address of the target while leaving everything "
1550 "This overwrites the network address of the target while leaving everything else (HTTP headers) as they are"); 1551 "else (HTTP headers) as they are");
1551 printf(" %s\n", "-p, --port=INTEGER"); 1552 printf(" %s\n", "-p, --port=INTEGER");
1552 printf(" %s", _("Port number (default: ")); 1553 printf(" %s", _("Port number (default: "));
1553 printf("%d)\n", HTTP_PORT); 1554 printf("%d)\n", HTTP_PORT);
@@ -1611,7 +1612,8 @@ void print_help(void) {
1611 printf(" %s\n", _("String to expect in the content")); 1612 printf(" %s\n", _("String to expect in the content"));
1612 printf(" %s\n", "-u, --url=PATH"); 1613 printf(" %s\n", "-u, --url=PATH");
1613 printf(" %s\n", _("URL to GET or POST (default: /)")); 1614 printf(" %s\n", _("URL to GET or POST (default: /)"));
1614 printf(" %s\n", _("This is the part after the address in a URL, so for \"https://example.com/index.html\" it would be '-u /index.html'")); 1615 printf(" %s\n", _("This is the part after the address in a URL, so for "
1616 "\"https://example.com/index.html\" it would be '-u /index.html'"));
1615 printf(" %s\n", "-P, --post=STRING"); 1617 printf(" %s\n", "-P, --post=STRING");
1616 printf(" %s\n", _("URL decoded http POST data")); 1618 printf(" %s\n", _("URL decoded http POST data"));
1617 printf(" %s\n", 1619 printf(" %s\n",
@@ -1643,11 +1645,12 @@ void print_help(void) {
1643 printf(" %s\n", _("If port is not specified, libcurl defaults to 1080")); 1645 printf(" %s\n", _("If port is not specified, libcurl defaults to 1080"));
1644 printf(" %s\n", _("This value will be set as CURLOPT_PROXY")); 1646 printf(" %s\n", _("This value will be set as CURLOPT_PROXY"));
1645 printf(" %s\n", "--noproxy=COMMA_SEPARATED_LIST"); 1647 printf(" %s\n", "--noproxy=COMMA_SEPARATED_LIST");
1646 printf(" %s\n", _("Specify hostnames, addresses and subnets where proxy should not be used")); 1648 printf(" %s\n",
1649 _("Specify hostnames, addresses and subnets where proxy should not be used"));
1647 printf(" %s\n", _("Example usage: \"example.com,::1,1.1.1.1,localhost,192.168.0.0/16\"")); 1650 printf(" %s\n", _("Example usage: \"example.com,::1,1.1.1.1,localhost,192.168.0.0/16\""));
1648 printf(" %s\n", _("Do not use brackets when specifying IPv6 addresses")); 1651 printf(" %s\n", _("Do not use brackets when specifying IPv6 addresses"));
1649 printf(" %s\n", _("Special case when an item is '*' : matches all hosts/addresses " 1652 printf(" %s\n", _("Special case when an item is '*' : matches all hosts/addresses "
1650 "and effectively disables proxy.")); 1653 "and effectively disables proxy."));
1651 printf(" %s\n", _("This value will be set as CURLOPT_NOPROXY")); 1654 printf(" %s\n", _("This value will be set as CURLOPT_NOPROXY"));
1652 printf(" %s\n", "-a, --authorization=AUTH_PAIR"); 1655 printf(" %s\n", "-a, --authorization=AUTH_PAIR");
1653 printf(" %s\n", _("Username:password on sites with basic authentication")); 1656 printf(" %s\n", _("Username:password on sites with basic authentication"));
@@ -1757,38 +1760,59 @@ void print_help(void) {
1757#endif 1760#endif
1758 1761
1759 printf("\n %s\n", "CHECK WEBSERVER CONTENT VIA PROXY:"); 1762 printf("\n %s\n", "CHECK WEBSERVER CONTENT VIA PROXY:");
1760 printf(" %s\n", _("Proxies are specified or disabled for certain hosts/addresses using environment variables" 1763 printf(" %s\n", _("Proxies are specified or disabled for certain hosts/addresses using "
1761 " or -x/--proxy and --noproxy arguments:")); 1764 "environment variables"
1762 printf(" %s\n", _("Checked environment variables: all_proxy, http_proxy, https_proxy, no_proxy")); 1765 " or -x/--proxy and --noproxy arguments:"));
1763 printf(" %s\n", _("Environment variables can also be given in uppercase, but the lowercase ones will " 1766 printf(" %s\n",
1764 "take predence if both are defined.")); 1767 _("Checked environment variables: all_proxy, http_proxy, https_proxy, no_proxy"));
1765 printf(" %s\n", _("The environment variables are overwritten by -x/--proxy and --noproxy arguments:")); 1768 printf(" %s\n",
1769 _("Environment variables can also be given in uppercase, but the lowercase ones will "
1770 "take predence if both are defined."));
1771 printf(" %s\n",
1772 _("The environment variables are overwritten by -x/--proxy and --noproxy arguments:"));
1766 printf(" %s\n", _("all_proxy/ALL_PROXY environment variables are read first, but protocol " 1773 printf(" %s\n", _("all_proxy/ALL_PROXY environment variables are read first, but protocol "
1767 "specific environment variables override them.")); 1774 "specific environment variables override them."));
1768 printf(" %s\n", _("If SSL is enabled and used, https_proxy/HTTPS_PROXY will be checked and overwrite " 1775 printf(" %s\n",
1769 "http_proxy/HTTPS_PROXY.")); 1776 _("If SSL is enabled and used, https_proxy/HTTPS_PROXY will be checked and overwrite "
1770 printf(" %s\n", _("Curl accepts proxies using http, https, socks4, socks4a, socks5 and socks5h schemes.")); 1777 "http_proxy/HTTPS_PROXY."));
1771 printf(" %s\n", _("http_proxy=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org")); 1778 printf(
1772 printf(" %s\n", _("http_proxy=http://used.proxy.com HTTP_PROXY=http://ignored.proxy.com ./check_curl -H www.monitoring-plugins.org")); 1779 " %s\n",
1780 _("Curl accepts proxies using http, https, socks4, socks4a, socks5 and socks5h schemes."));
1781 printf(" %s\n",
1782 _("http_proxy=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org"));
1783 printf(" %s\n", _("http_proxy=http://used.proxy.com HTTP_PROXY=http://ignored.proxy.com "
1784 "./check_curl -H www.monitoring-plugins.org"));
1773 printf(" %s\n", _(" Lowercase http_proxy takes predence over uppercase HTTP_PROXY")); 1785 printf(" %s\n", _(" Lowercase http_proxy takes predence over uppercase HTTP_PROXY"));
1774 printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x http://192.168.100.35:3128")); 1786 printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x http://192.168.100.35:3128"));
1775 printf(" %s\n", _("http_proxy=http://unused.proxy1.com HTTP_PROXY=http://unused.proxy2.com ./check_curl " 1787 printf(" %s\n",
1776 "-H www.monitoring-plugins.org --proxy http://used.proxy")); 1788 _("http_proxy=http://unused.proxy1.com HTTP_PROXY=http://unused.proxy2.com ./check_curl "
1777 printf(" %s\n", _(" Proxy specified by --proxy overrides any proxy specified by environment variable.")); 1789 "-H www.monitoring-plugins.org --proxy http://used.proxy"));
1790 printf(
1791 " %s\n",
1792 _(" Proxy specified by --proxy overrides any proxy specified by environment variable."));
1778 printf(" %s\n", _(" Curl uses port 1080 by default as port is not specified")); 1793 printf(" %s\n", _(" Curl uses port 1080 by default as port is not specified"));
1779 printf(" %s\n", _("HTTPS_PROXY=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org --ssl")); 1794 printf(" %s\n", _("HTTPS_PROXY=http://192.168.100.35:3128 ./check_curl -H "
1795 "www.monitoring-plugins.org --ssl"));
1780 printf(" %s\n", _(" HTTPS_PROXY is read as --ssl is toggled")); 1796 printf(" %s\n", _(" HTTPS_PROXY is read as --ssl is toggled"));
1781 printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org --proxy socks5h://192.168.122.21")); 1797 printf(" %s\n",
1782 printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x http://unused.proxy.com --noproxy '*'")); 1798 _("./check_curl -H www.monitoring-plugins.org --proxy socks5h://192.168.122.21"));
1799 printf(
1800 " %s\n",
1801 _("./check_curl -H www.monitoring-plugins.org -x http://unused.proxy.com --noproxy '*'"));
1783 printf(" %s\n", _(" Disabled proxy for all hosts by using '*' in no_proxy .")); 1802 printf(" %s\n", _(" Disabled proxy for all hosts by using '*' in no_proxy ."));
1784 printf(" %s\n", _("NO_PROXY=www.monitoring-plugins.org ./check_curl -H www.monitoring-plugins.org -x http://unused.proxy.com")); 1803 printf(" %s\n", _("NO_PROXY=www.monitoring-plugins.org ./check_curl -H "
1804 "www.monitoring-plugins.org -x http://unused.proxy.com"));
1785 printf(" %s\n", _(" Exact matches with the hostname/address work.")); 1805 printf(" %s\n", _(" Exact matches with the hostname/address work."));
1786 printf(" %s\n", _("no_proxy=192.168.178.0/24 ./check_curl -I 192.168.178.10 -x http://proxy.acme.org")); 1806 printf(" %s\n",
1787 printf(" %s\n", _("no_proxy=acme.org ./check_curl -H nonpublic.internalwebapp.acme.org -x http://proxy.acme.org")); 1807 _("no_proxy=192.168.178.0/24 ./check_curl -I 192.168.178.10 -x http://proxy.acme.org"));
1788 printf(" %s\n", _(" Do not use proxy when accessing internal domains/addresses, but use a default proxy when accessing public web.")); 1808 printf(" %s\n", _("no_proxy=acme.org ./check_curl -H nonpublic.internalwebapp.acme.org -x "
1789 printf(" %s\n", _(" IMPORTANT: Check_curl can not always determine whether itself or the proxy will " 1809 "http://proxy.acme.org"));
1790 "resolve a hostname before sending a request and getting an answer." 1810 printf(" %s\n", _(" Do not use proxy when accessing internal domains/addresses, but use a "
1791 "This can lead to DNS resolvation issues if hostname is only resolvable over proxy.")); 1811 "default proxy when accessing public web."));
1812 printf(" %s\n",
1813 _(" IMPORTANT: Check_curl can not always determine whether itself or the proxy will "
1814 "resolve a hostname before sending a request and getting an answer."
1815 "This can lead to DNS resolvation issues if hostname is only resolvable over proxy."));
1792 printf(" %s\n", _("Legacy proxy requests in check_http style still work:")); 1816 printf(" %s\n", _("Legacy proxy requests in check_http style still work:"));
1793 printf(" %s\n", _("check_curl -I 192.168.100.35 -p 3128 -u http://www.monitoring-plugins.org/ " 1817 printf(" %s\n", _("check_curl -I 192.168.100.35 -p 3128 -u http://www.monitoring-plugins.org/ "
1794 "-H www.monitoring-plugins.org")); 1818 "-H www.monitoring-plugins.org"));
@@ -1843,7 +1867,7 @@ void print_usage(void) {
1843void print_curl_version(void) { printf("%s\n", curl_version()); } 1867void print_curl_version(void) { printf("%s\n", curl_version()); }
1844 1868
1845#ifdef LIBCURL_FEATURE_SSL 1869#ifdef LIBCURL_FEATURE_SSL
1846# ifndef USE_OPENSSL 1870# ifndef MOPL_USE_OPENSSL
1847time_t parse_cert_date(const char *s) { 1871time_t parse_cert_date(const char *s) {
1848 if (!s) { 1872 if (!s) {
1849 return -1; 1873 return -1;
@@ -1860,11 +1884,11 @@ time_t parse_cert_date(const char *s) {
1860 1884
1861 return date; 1885 return date;
1862} 1886}
1863# endif /* USE_OPENSSL */ 1887# endif /* MOPL_USE_OPENSSL */
1864#endif /* LIBCURL_FEATURE_SSL */ 1888#endif /* LIBCURL_FEATURE_SSL */
1865 1889
1866#ifdef LIBCURL_FEATURE_SSL 1890#ifdef LIBCURL_FEATURE_SSL
1867# ifndef USE_OPENSSL 1891# ifndef MOPL_USE_OPENSSL
1868/* TODO: this needs cleanup in the sslutils.c, maybe we the #else case to 1892/* TODO: this needs cleanup in the sslutils.c, maybe we the #else case to
1869 * OpenSSL could be this function 1893 * OpenSSL could be this function
1870 */ 1894 */
@@ -2001,5 +2025,5 @@ int net_noopenssl_check_certificate(cert_ptr_union *cert_ptr, int days_till_exp_
2001 } 2025 }
2002 return status; 2026 return status;
2003} 2027}
2004# endif /* USE_OPENSSL */ 2028# endif /* MOPL_USE_OPENSSL */
2005#endif /* LIBCURL_FEATURE_SSL */ 2029#endif /* LIBCURL_FEATURE_SSL */
diff --git a/plugins/check_curl.d/check_curl_helpers.c b/plugins/check_curl.d/check_curl_helpers.c
index 4372dc0b..80d6f4f6 100644
--- a/plugins/check_curl.d/check_curl_helpers.c
+++ b/plugins/check_curl.d/check_curl_helpers.c
@@ -60,8 +60,8 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
60 result.curl_state.curl_easy_initialized = true; 60 result.curl_state.curl_easy_initialized = true;
61 61
62 if (verbose >= 1) { 62 if (verbose >= 1) {
63 handle_curl_option_return_code(curl_easy_setopt(result.curl_state.curl, CURLOPT_VERBOSE, 1L), 63 handle_curl_option_return_code(
64 "CURLOPT_VERBOSE"); 64 curl_easy_setopt(result.curl_state.curl, CURLOPT_VERBOSE, 1L), "CURLOPT_VERBOSE");
65 } 65 }
66 66
67 /* print everything on stdout like check_http would do */ 67 /* print everything on stdout like check_http would do */
@@ -120,21 +120,23 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
120 "CURLOPT_TIMEOUT"); 120 "CURLOPT_TIMEOUT");
121 121
122 /* set proxy */ 122 /* set proxy */
123 /* http(s) proxy can either be given from the command line, or taken from environment variables */ 123 /* http(s) proxy can either be given from the command line, or taken from environment variables
124 */
124 /* socks4(a) / socks5(h) proxy should be given using the command line */ 125 /* socks4(a) / socks5(h) proxy should be given using the command line */
125 126
126 /* first source to check is the environment variables */ 127 /* first source to check is the environment variables */
127 /* lower case proxy environment variables are almost always accepted, while some programs also checking 128 /* lower case proxy environment variables are almost always accepted, while some programs also
128 uppercase ones. discover both, but take the lowercase one if both are present */ 129 checking uppercase ones. discover both, but take the lowercase one if both are present */
129 130
130 /* extra information: libcurl does not discover the uppercase version HTTP_PROXY due to security reasons */ 131 /* extra information: libcurl does not discover the uppercase version HTTP_PROXY due to security
132 * reasons */
131 /* https://github.com/curl/curl/blob/d445f2d930ae701039518d695481ee53b8490521/lib/url.c#L1987 */ 133 /* https://github.com/curl/curl/blob/d445f2d930ae701039518d695481ee53b8490521/lib/url.c#L1987 */
132 134
133 /* first environment variable to read is all_proxy. it can be overridden by protocol specific environment variables */ 135 /* first environment variable to read is all_proxy. it can be overridden by protocol specific
134 char *all_proxy_env, *all_proxy_uppercase_env; 136 * environment variables */
135 all_proxy_env = getenv("all_proxy"); 137 char *all_proxy_env = getenv("all_proxy");
136 all_proxy_uppercase_env = getenv("ALL_PROXY"); 138 char *all_proxy_uppercase_env = getenv("ALL_PROXY");
137 if (all_proxy_env != NULL && strlen(all_proxy_env)){ 139 if (all_proxy_env != NULL && strlen(all_proxy_env)) {
138 working_state.curlopt_proxy = strdup(all_proxy_env); 140 working_state.curlopt_proxy = strdup(all_proxy_env);
139 if (all_proxy_uppercase_env != NULL && verbose >= 1) { 141 if (all_proxy_uppercase_env != NULL && verbose >= 1) {
140 printf("* cURL ignoring environment variable 'ALL_PROXY' as 'all_proxy' is set\n"); 142 printf("* cURL ignoring environment variable 'ALL_PROXY' as 'all_proxy' is set\n");
@@ -143,15 +145,16 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
143 working_state.curlopt_proxy = strdup(all_proxy_uppercase_env); 145 working_state.curlopt_proxy = strdup(all_proxy_uppercase_env);
144 } 146 }
145 147
146 /* second environment variable to read is http_proxy. only set curlopt_proxy if ssl is not toggled */ 148 /* second environment variable to read is http_proxy. only set curlopt_proxy if ssl is not
147 char *http_proxy_env, *http_proxy_uppercase_env; 149 * toggled */
148 http_proxy_env = getenv("http_proxy"); 150 char *http_proxy_env = getenv("http_proxy");
149 http_proxy_uppercase_env = getenv("HTTP_PROXY"); 151 char *http_proxy_uppercase_env = getenv("HTTP_PROXY");
150 if (!working_state.use_ssl){ 152 if (!working_state.use_ssl) {
151 if (http_proxy_env != NULL && strlen(http_proxy_env) > 0) { 153 if (http_proxy_env != NULL && strlen(http_proxy_env) > 0) {
152 working_state.curlopt_proxy = strdup(http_proxy_env); 154 working_state.curlopt_proxy = strdup(http_proxy_env);
153 if (http_proxy_uppercase_env != NULL && verbose >= 1) { 155 if (http_proxy_uppercase_env != NULL && verbose >= 1) {
154 printf("* cURL ignoring environment variable 'HTTP_PROXY' as 'http_proxy' is set\n"); 156 printf(
157 "* cURL ignoring environment variable 'HTTP_PROXY' as 'http_proxy' is set\n");
155 } 158 }
156 } else if (http_proxy_uppercase_env != NULL && strlen(http_proxy_uppercase_env) > 0) { 159 } else if (http_proxy_uppercase_env != NULL && strlen(http_proxy_uppercase_env) > 0) {
157 working_state.curlopt_proxy = strdup(http_proxy_uppercase_env); 160 working_state.curlopt_proxy = strdup(http_proxy_uppercase_env);
@@ -159,30 +162,31 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
159 } 162 }
160#ifdef LIBCURL_FEATURE_SSL 163#ifdef LIBCURL_FEATURE_SSL
161 /* optionally read https_proxy environment variable and set curlopt_proxy if ssl is toggled */ 164 /* optionally read https_proxy environment variable and set curlopt_proxy if ssl is toggled */
162 char *https_proxy_env, *https_proxy_uppercase_env; 165 char *https_proxy_env = getenv("https_proxy");
163 https_proxy_env = getenv("https_proxy"); 166 char *https_proxy_uppercase_env = getenv("HTTPS_PROXY");
164 https_proxy_uppercase_env = getenv("HTTPS_PROXY");
165 if (working_state.use_ssl) { 167 if (working_state.use_ssl) {
166 if (https_proxy_env != NULL && strlen(https_proxy_env) > 0) { 168 if (https_proxy_env != NULL && strlen(https_proxy_env) > 0) {
167 working_state.curlopt_proxy = strdup(https_proxy_env); 169 working_state.curlopt_proxy = strdup(https_proxy_env);
168 if (https_proxy_uppercase_env != NULL && verbose >= 1) { 170 if (https_proxy_uppercase_env != NULL && verbose >= 1) {
169 printf("* cURL ignoring environment variable 'HTTPS_PROXY' as 'https_proxy' is set\n"); 171 printf(
172 "* cURL ignoring environment variable 'HTTPS_PROXY' as 'https_proxy' is set\n");
170 } 173 }
171 } 174 } else if (https_proxy_uppercase_env != NULL) {
172 else if (https_proxy_uppercase_env != NULL && strlen(https_proxy_uppercase_env) >= 0) {
173 working_state.curlopt_proxy = strdup(https_proxy_uppercase_env); 175 working_state.curlopt_proxy = strdup(https_proxy_uppercase_env);
174 } 176 }
175 } 177 }
176#endif /* LIBCURL_FEATURE_SSL */ 178#endif /* LIBCURL_FEATURE_SSL */
177 179
178 /* second source to check for proxies is command line argument, overwriting the environment variables */ 180 /* second source to check for proxies is command line argument, overwriting the environment
181 * variables */
179 if (strlen(config.proxy) > 0) { 182 if (strlen(config.proxy) > 0) {
180 working_state.curlopt_proxy = strdup(config.proxy); 183 working_state.curlopt_proxy = strdup(config.proxy);
181 } 184 }
182 185
183 if (working_state.curlopt_proxy != NULL && strlen(working_state.curlopt_proxy)){ 186 if (working_state.curlopt_proxy != NULL && strlen(working_state.curlopt_proxy)) {
184 handle_curl_option_return_code( 187 handle_curl_option_return_code(
185 curl_easy_setopt(result.curl_state.curl, CURLOPT_PROXY, working_state.curlopt_proxy), "CURLOPT_PROXY"); 188 curl_easy_setopt(result.curl_state.curl, CURLOPT_PROXY, working_state.curlopt_proxy),
189 "CURLOPT_PROXY");
186 if (verbose >= 1) { 190 if (verbose >= 1) {
187 printf("* curl CURLOPT_PROXY: %s\n", working_state.curlopt_proxy); 191 printf("* curl CURLOPT_PROXY: %s\n", working_state.curlopt_proxy);
188 } 192 }
@@ -190,34 +194,35 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
190 194
191 /* set no_proxy */ 195 /* set no_proxy */
192 /* first source to check is environment variables */ 196 /* first source to check is environment variables */
193 char *no_proxy_env, *no_proxy_uppercase_env; 197 char *no_proxy_env = getenv("no_proxy");
194 no_proxy_env = getenv("no_proxy"); 198 char *no_proxy_uppercase_env = getenv("NO_PROXY");
195 no_proxy_uppercase_env = getenv("NO_PROXY"); 199 if (no_proxy_env != NULL && strlen(no_proxy_env)) {
196 if (no_proxy_env != NULL && strlen(no_proxy_env)){
197 working_state.curlopt_noproxy = strdup(no_proxy_env); 200 working_state.curlopt_noproxy = strdup(no_proxy_env);
198 if (no_proxy_uppercase_env != NULL && verbose >= 1){ 201 if (no_proxy_uppercase_env != NULL && verbose >= 1) {
199 printf("* cURL ignoring environment variable 'NO_PROXY' as 'no_proxy' is set\n"); 202 printf("* cURL ignoring environment variable 'NO_PROXY' as 'no_proxy' is set\n");
200 } 203 }
201 }else if (no_proxy_uppercase_env != NULL && strlen(no_proxy_uppercase_env) > 0){ 204 } else if (no_proxy_uppercase_env != NULL && strlen(no_proxy_uppercase_env) > 0) {
202 working_state.curlopt_noproxy = strdup(no_proxy_uppercase_env); 205 working_state.curlopt_noproxy = strdup(no_proxy_uppercase_env);
203 } 206 }
204 207
205 /* second source to check for no_proxy is command line argument, overwriting the environment variables */ 208 /* second source to check for no_proxy is command line argument, overwriting the environment
209 * variables */
206 if (strlen(config.no_proxy) > 0) { 210 if (strlen(config.no_proxy) > 0) {
207 working_state.curlopt_noproxy = strdup(config.no_proxy); 211 working_state.curlopt_noproxy = strdup(config.no_proxy);
208 } 212 }
209 213
210 if ( working_state.curlopt_noproxy != NULL && strlen(working_state.curlopt_noproxy)){ 214 if (working_state.curlopt_noproxy != NULL && strlen(working_state.curlopt_noproxy)) {
211 handle_curl_option_return_code( 215 handle_curl_option_return_code(curl_easy_setopt(result.curl_state.curl, CURLOPT_NOPROXY,
212 curl_easy_setopt(result.curl_state.curl, CURLOPT_NOPROXY, working_state.curlopt_noproxy), "CURLOPT_NOPROXY"); 216 working_state.curlopt_noproxy),
217 "CURLOPT_NOPROXY");
213 if (verbose >= 1) { 218 if (verbose >= 1) {
214 printf("* curl CURLOPT_NOPROXY: %s\n", working_state.curlopt_noproxy); 219 printf("* curl CURLOPT_NOPROXY: %s\n", working_state.curlopt_noproxy);
215 } 220 }
216 } 221 }
217 222
218 int proxy_resolves_hostname = determine_hostname_resolver(working_state, config); 223 bool have_local_resolution = hostname_gets_resolved_locally(working_state);
219 if (verbose >= 1) { 224 if (verbose >= 1) {
220 printf("* proxy_resolves_hostname: %d\n", proxy_resolves_hostname); 225 printf("* have local name resolution: %s\n", (have_local_resolution ? "true": "false"));
221 } 226 }
222 227
223 /* enable haproxy protocol */ 228 /* enable haproxy protocol */
@@ -231,7 +236,7 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
231 /* host_name, only required for ssl, because we use the host_name later on to make SNI happy */ 236 /* host_name, only required for ssl, because we use the host_name later on to make SNI happy */
232 char dnscache[DEFAULT_BUFFER_SIZE]; 237 char dnscache[DEFAULT_BUFFER_SIZE];
233 char addrstr[DEFAULT_BUFFER_SIZE / 2]; 238 char addrstr[DEFAULT_BUFFER_SIZE / 2];
234 if (working_state.use_ssl && working_state.host_name != NULL && !proxy_resolves_hostname ) { 239 if (working_state.use_ssl && working_state.host_name != NULL && !have_local_resolution) {
235 char *tmp_mod_address; 240 char *tmp_mod_address;
236 241
237 /* lookup_host() requires an IPv6 address without the brackets. */ 242 /* lookup_host() requires an IPv6 address without the brackets. */
@@ -434,11 +439,11 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
434 case CURLHELP_SSL_LIBRARY_LIBRESSL: 439 case CURLHELP_SSL_LIBRARY_LIBRESSL:
435 /* set callback to extract certificate with OpenSSL context function (works with 440 /* set callback to extract certificate with OpenSSL context function (works with
436 * OpenSSL-style libraries only!) */ 441 * OpenSSL-style libraries only!) */
437# ifdef USE_OPENSSL 442# ifdef MOPL_USE_OPENSSL
438 /* libcurl and monitoring plugins built with OpenSSL, good */ 443 /* libcurl and monitoring plugins built with OpenSSL, good */
439 add_sslctx_verify_fun = true; 444 add_sslctx_verify_fun = true;
440 is_openssl_callback = true; 445 is_openssl_callback = true;
441# endif /* USE_OPENSSL */ 446# endif /* MOPL_USE_OPENSSL */
442 /* libcurl is built with OpenSSL, monitoring plugins, so falling 447 /* libcurl is built with OpenSSL, monitoring plugins, so falling
443 * back to manually extracting certificate information */ 448 * back to manually extracting certificate information */
444 handle_curl_option_return_code( 449 handle_curl_option_return_code(
@@ -682,7 +687,7 @@ char *get_header_value(const struct phr_header *headers, const size_t nof_header
682 return NULL; 687 return NULL;
683} 688}
684 689
685check_curl_working_state check_curl_working_state_init() { 690check_curl_working_state check_curl_working_state_init(void) {
686 check_curl_working_state result = { 691 check_curl_working_state result = {
687 .server_address = NULL, 692 .server_address = NULL,
688 .server_url = DEFAULT_SERVER_URL, 693 .server_url = DEFAULT_SERVER_URL,
@@ -699,7 +704,7 @@ check_curl_working_state check_curl_working_state_init() {
699 return result; 704 return result;
700} 705}
701 706
702check_curl_config check_curl_config_init() { 707check_curl_config check_curl_config_init(void) {
703 check_curl_config tmp = { 708 check_curl_config tmp = {
704 .initial_config = check_curl_working_state_init(), 709 .initial_config = check_curl_working_state_init(),
705 710
@@ -1307,16 +1312,16 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_
1307 1312
1308#ifdef LIBCURL_FEATURE_SSL 1313#ifdef LIBCURL_FEATURE_SSL
1309 if (is_openssl_callback) { 1314 if (is_openssl_callback) {
1310# ifdef USE_OPENSSL 1315# ifdef MOPL_USE_OPENSSL
1311 /* check certificate with OpenSSL functions, curl has been built against OpenSSL 1316 /* check certificate with OpenSSL functions, curl has been built against OpenSSL
1312 * and we actually have OpenSSL in the monitoring tools 1317 * and we actually have OpenSSL in the monitoring tools
1313 */ 1318 */
1314 return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp); 1319 return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp);
1315# else /* USE_OPENSSL */ 1320# else /* MOPL_USE_OPENSSL */
1316 xasprintf(&result.output, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL " 1321 xasprintf(&result.output, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL "
1317 "callback used and not linked against OpenSSL\n"); 1322 "callback used and not linked against OpenSSL\n");
1318 mp_set_subcheck_state(result, STATE_CRITICAL); 1323 mp_set_subcheck_state(result, STATE_CRITICAL);
1319# endif /* USE_OPENSSL */ 1324# endif /* MOPL_USE_OPENSSL */
1320 } else { 1325 } else {
1321 struct curl_slist *slist; 1326 struct curl_slist *slist;
1322 1327
@@ -1324,7 +1329,7 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_
1324 cert_ptr.to_info = NULL; 1329 cert_ptr.to_info = NULL;
1325 CURLcode res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &cert_ptr.to_certinfo); 1330 CURLcode res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &cert_ptr.to_certinfo);
1326 if (!res && cert_ptr.to_info) { 1331 if (!res && cert_ptr.to_info) {
1327# ifdef USE_OPENSSL 1332# ifdef MOPL_USE_OPENSSL
1328 /* We have no OpenSSL in libcurl, but we can use OpenSSL for X509 cert 1333 /* We have no OpenSSL in libcurl, but we can use OpenSSL for X509 cert
1329 * parsing We only check the first certificate and assume it's the one of 1334 * parsing We only check the first certificate and assume it's the one of
1330 * the server 1335 * the server
@@ -1370,13 +1375,13 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_
1370 1375
1371 BIO_free(cert_BIO); 1376 BIO_free(cert_BIO);
1372 return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp); 1377 return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp);
1373# else /* USE_OPENSSL */ 1378# else /* MOPL_USE_OPENSSL */
1374 /* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our 1379 /* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our
1375 * disposal, so we use the libcurl CURLINFO data 1380 * disposal, so we use the libcurl CURLINFO data
1376 */ 1381 */
1377 return net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn, 1382 return net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn,
1378 days_till_exp_crit); 1383 days_till_exp_crit);
1379# endif /* USE_OPENSSL */ 1384# endif /* MOPL_USE_OPENSSL */
1380 } else { 1385 } else {
1381 xasprintf(&sc_cert_result.output, 1386 xasprintf(&sc_cert_result.output,
1382 _("Cannot retrieve certificates - cURL returned %d - %s"), res, 1387 _("Cannot retrieve certificates - cURL returned %d - %s"), res,
@@ -1404,10 +1409,10 @@ char *fmt_url(check_curl_working_state workingState) {
1404 return url; 1409 return url;
1405} 1410}
1406 1411
1407int determine_hostname_resolver(const check_curl_working_state working_state, const check_curl_static_curl_config config){ 1412bool hostname_gets_resolved_locally(const check_curl_working_state working_state) {
1408 char *host_name_display = "NULL"; 1413 char *host_name_display = "NULL";
1409 unsigned long host_name_len = 0; 1414 unsigned long host_name_len = 0;
1410 if( working_state.host_name){ 1415 if (working_state.host_name) {
1411 host_name_len = strlen(working_state.host_name); 1416 host_name_len = strlen(working_state.host_name);
1412 host_name_display = working_state.host_name; 1417 host_name_display = working_state.host_name;
1413 } 1418 }
@@ -1415,8 +1420,11 @@ int determine_hostname_resolver(const check_curl_working_state working_state, co
1415 /* IPv4 or IPv6 version of the address */ 1420 /* IPv4 or IPv6 version of the address */
1416 char *server_address_clean = strdup(working_state.server_address); 1421 char *server_address_clean = strdup(working_state.server_address);
1417 /* server address might be a full length ipv6 address encapsulated in square brackets */ 1422 /* server address might be a full length ipv6 address encapsulated in square brackets */
1418 if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) && (working_state.server_address[0] == '[') && (working_state.server_address[strlen(working_state.server_address)-1] == ']') ) { 1423 if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) &&
1419 server_address_clean = strndup( working_state.server_address + 1, strlen(working_state.server_address) - 2); 1424 (working_state.server_address[0] == '[') &&
1425 (working_state.server_address[strlen(working_state.server_address) - 1] == ']')) {
1426 server_address_clean =
1427 strndup(working_state.server_address + 1, strlen(working_state.server_address) - 2);
1420 } 1428 }
1421 1429
1422 /* check curlopt_noproxy option first */ 1430 /* check curlopt_noproxy option first */
@@ -1427,79 +1435,90 @@ int determine_hostname_resolver(const check_curl_working_state working_state, co
1427 IPv4 or IPv6 CIDR regions e.g 10.241.0.0/16 , abcd:ef01:2345::/48 , 1435 IPv4 or IPv6 CIDR regions e.g 10.241.0.0/16 , abcd:ef01:2345::/48 ,
1428 direct hostnames e.g example.com, google.de */ 1436 direct hostnames e.g example.com, google.de */
1429 1437
1430 if (working_state.curlopt_noproxy != NULL){ 1438 if (working_state.curlopt_noproxy != NULL) {
1431 char* curlopt_noproxy_copy = strdup( working_state.curlopt_noproxy); 1439 char *curlopt_noproxy_copy = strdup(working_state.curlopt_noproxy);
1432 char* noproxy_item = strtok(curlopt_noproxy_copy, ","); 1440 char *noproxy_item = strtok(curlopt_noproxy_copy, ",");
1433 while(noproxy_item != NULL){ 1441 while (noproxy_item != NULL) {
1434 unsigned long noproxy_item_len = strlen(noproxy_item); 1442 unsigned long noproxy_item_len = strlen(noproxy_item);
1435 1443
1436 /* According to the CURLOPT_NOPROXY documentation: */ 1444 /* According to the CURLOPT_NOPROXY documentation: */
1437 /* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */ 1445 /* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */
1438 /* The only wildcard available is a single * character, which matches all hosts, and effectively disables the proxy. */ 1446 /* The only wildcard available is a single * character, which matches all hosts, and
1439 if ( strlen(noproxy_item) == 1 && noproxy_item[0] == '*'){ 1447 * effectively disables the proxy. */
1440 if (verbose >= 1){ 1448 if (strlen(noproxy_item) == 1 && noproxy_item[0] == '*') {
1441 printf("* noproxy includes '*' which disables proxy for all host name incl. : %s / server address incl. : %s\n", host_name_display , server_address_clean); 1449 if (verbose >= 1) {
1450 printf("* noproxy includes '*' which disables proxy for all host name incl. : "
1451 "%s / server address incl. : %s\n",
1452 host_name_display, server_address_clean);
1442 } 1453 }
1443 free(curlopt_noproxy_copy); 1454 free(curlopt_noproxy_copy);
1444 free(server_address_clean); 1455 free(server_address_clean);
1445 return 0; 1456 return true;
1446 } 1457 }
1447 1458
1448 /* direct comparison with the server_address */ 1459 /* direct comparison with the server_address */
1449 if( server_address_clean != NULL && strlen(server_address_clean) == strlen(noproxy_item) && strcmp(server_address_clean, noproxy_item) == 0){ 1460 if (server_address_clean != NULL &&
1450 if (verbose >= 1){ 1461 strlen(server_address_clean) == strlen(noproxy_item) &&
1462 strcmp(server_address_clean, noproxy_item) == 0) {
1463 if (verbose >= 1) {
1451 printf("* server_address is in the no_proxy list: %s\n", noproxy_item); 1464 printf("* server_address is in the no_proxy list: %s\n", noproxy_item);
1452 } 1465 }
1453 free(curlopt_noproxy_copy); 1466 free(curlopt_noproxy_copy);
1454 free(server_address_clean); 1467 free(server_address_clean);
1455 return 0; 1468 return true;
1456 } 1469 }
1457 1470
1458 /* direct comparison with the host_name */ 1471 /* direct comparison with the host_name */
1459 if( working_state.host_name != NULL && host_name_len == noproxy_item_len && strcmp(working_state.host_name, noproxy_item) == 0){ 1472 if (working_state.host_name != NULL && host_name_len == noproxy_item_len &&
1460 if (verbose >= 1){ 1473 strcmp(working_state.host_name, noproxy_item) == 0) {
1474 if (verbose >= 1) {
1461 printf("* host_name is in the no_proxy list: %s\n", noproxy_item); 1475 printf("* host_name is in the no_proxy list: %s\n", noproxy_item);
1462 } 1476 }
1463 free(curlopt_noproxy_copy); 1477 free(curlopt_noproxy_copy);
1464 free(server_address_clean); 1478 free(server_address_clean);
1465 return 0; 1479 return true;
1466 } 1480 }
1467 1481
1468 /* check if hostname is a subdomain of the item, e.g www.example.com when token is example.com */ 1482 /* check if hostname is a subdomain of the item, e.g www.example.com when token is
1469 /* subdomain1.acme.com will not will use a proxy if you only specify 'acme' in the noproxy */ 1483 * example.com */
1484 /* subdomain1.acme.com will not will use a proxy if you only specify 'acme' in the
1485 * noproxy */
1470 /* check if noproxy_item is a suffix */ 1486 /* check if noproxy_item is a suffix */
1471 /* check if the character just before the suffix is '.' */ 1487 /* check if the character just before the suffix is '.' */
1472 if( working_state.host_name != NULL && host_name_len > noproxy_item_len){ 1488 if (working_state.host_name != NULL && host_name_len > noproxy_item_len) {
1473 unsigned long suffix_start_idx = host_name_len - noproxy_item_len; 1489 unsigned long suffix_start_idx = host_name_len - noproxy_item_len;
1474 if (strcmp(working_state.host_name + suffix_start_idx, noproxy_item ) == 0 && working_state.host_name[suffix_start_idx-1] == '.' ){ 1490 if (strcmp(working_state.host_name + suffix_start_idx, noproxy_item) == 0 &&
1475 if (verbose >= 1){ 1491 working_state.host_name[suffix_start_idx - 1] == '.') {
1476 printf("* host_name: %s is a subdomain of the no_proxy list item: %s\n", working_state.host_name , noproxy_item); 1492 if (verbose >= 1) {
1493 printf("* host_name: %s is a subdomain of the no_proxy list item: %s\n",
1494 working_state.host_name, noproxy_item);
1477 } 1495 }
1478 free(curlopt_noproxy_copy); 1496 free(curlopt_noproxy_copy);
1479 free(server_address_clean); 1497 free(server_address_clean);
1480 return 0; 1498 return true;
1481 } 1499 }
1482 } 1500 }
1483 1501
1484 // noproxy_item could be a CIDR IP range 1502 // noproxy_item could be a CIDR IP range
1485 if( server_address_clean != NULL && strlen(server_address_clean)){ 1503 if (server_address_clean != NULL && strlen(server_address_clean)) {
1486 1504 ip_addr_inside ip_addr_inside_cidr_ret =
1487 int ip_addr_inside_cidr_ret = ip_addr_inside_cidr(noproxy_item, server_address_clean); 1505 ip_addr_inside_cidr(noproxy_item, server_address_clean);
1488 1506
1489 switch(ip_addr_inside_cidr_ret){ 1507 if (ip_addr_inside_cidr_ret.error == NO_ERROR) {
1490 case 1: 1508 if (ip_addr_inside_cidr_ret.inside) {
1491 return 0; 1509 return true;
1492 break; 1510 } else {
1493 case 0: 1511 if (verbose >= 1) {
1494 if(verbose >= 1){ 1512 printf("server address: %s is not inside IP cidr: %s\n",
1495 printf("server address: %s is not inside IP cidr: %s\n", server_address_clean, noproxy_item); 1513 server_address_clean, noproxy_item);
1514 }
1496 } 1515 }
1497 break; 1516 } else {
1498 case -1: 1517 if (verbose >= 1) {
1499 if(verbose >= 1){ 1518 printf("could not fully determine if server address: %s is inside the IP "
1500 printf("could not fully determine if server address: %s is inside the IP cidr: %s\n", server_address_clean, noproxy_item); 1519 "cidr: %s\n",
1520 server_address_clean, noproxy_item);
1501 } 1521 }
1502 break;
1503 } 1522 }
1504 } 1523 }
1505 1524
@@ -1509,82 +1528,97 @@ int determine_hostname_resolver(const check_curl_working_state working_state, co
1509 free(curlopt_noproxy_copy); 1528 free(curlopt_noproxy_copy);
1510 } 1529 }
1511 1530
1512 if (working_state.curlopt_proxy != NULL){ 1531 if (working_state.curlopt_proxy != NULL) {
1513 // Libcurl documentation 1532 // Libcurl documentation
1514 // Setting the proxy string to "" (an empty string) explicitly disables the use of a proxy, even if there is an environment variable set for it. 1533 // Setting the proxy string to "" (an empty string) explicitly disables the use of a proxy,
1515 if ( strlen(working_state.curlopt_proxy) == 0){ 1534 // even if there is an environment variable set for it.
1516 return 0; 1535 if (strlen(working_state.curlopt_proxy) == 0) {
1536 return true;
1517 } 1537 }
1518 1538
1519 if ( strncmp( working_state.curlopt_proxy, "http://", 7) == 0){ 1539 if (strncmp(working_state.curlopt_proxy, "http://", 7) == 0) {
1520 if (verbose >= 1){ 1540 if (verbose >= 1) {
1521 printf("* proxy scheme is http, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean); 1541 printf(
1542 "* proxy scheme is http, proxy: %s resolves host: %s or server_address: %s\n",
1543 working_state.curlopt_proxy, host_name_display, server_address_clean);
1522 } 1544 }
1523 free(server_address_clean); 1545 free(server_address_clean);
1524 return 1; 1546 return false;
1525 } 1547 }
1526 1548
1527 if ( strncmp( working_state.curlopt_proxy, "https://", 8) == 0){ 1549 if (strncmp(working_state.curlopt_proxy, "https://", 8) == 0) {
1528 if (verbose >= 1){ 1550 if (verbose >= 1) {
1529 printf("* proxy scheme is https, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean); 1551 printf(
1552 "* proxy scheme is https, proxy: %s resolves host: %s or server_address: %s\n",
1553 working_state.curlopt_proxy, host_name_display, server_address_clean);
1530 } 1554 }
1531 free(server_address_clean); 1555 free(server_address_clean);
1532 return 1; 1556 return false;
1533 } 1557 }
1534 1558
1535 if ( strncmp( working_state.curlopt_proxy, "socks4://", 9) == 0){ 1559 if (strncmp(working_state.curlopt_proxy, "socks4://", 9) == 0) {
1536 if (verbose >= 1){ 1560 if (verbose >= 1) {
1537 printf("* proxy scheme is socks, proxy: %s does not resolve host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean); 1561 printf("* proxy scheme is socks, proxy: %s does not resolve host: %s or "
1562 "server_address: %s\n",
1563 working_state.curlopt_proxy, host_name_display, server_address_clean);
1538 } 1564 }
1539 free(server_address_clean); 1565 free(server_address_clean);
1540 return 0; 1566 return true;
1541 } 1567 }
1542 1568
1543 if ( strncmp( working_state.curlopt_proxy, "socks4a://", 10) == 0){ 1569 if (strncmp(working_state.curlopt_proxy, "socks4a://", 10) == 0) {
1544 if (verbose >= 1){ 1570 if (verbose >= 1) {
1545 printf("* proxy scheme is socks4a, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean); 1571 printf("* proxy scheme is socks4a, proxy: %s resolves host: %s or server_address: "
1572 "%s\n",
1573 working_state.curlopt_proxy, host_name_display, server_address_clean);
1546 } 1574 }
1547 free(server_address_clean); 1575 free(server_address_clean);
1548 return 1; 1576 return false;
1549 } 1577 }
1550 1578
1551 if ( strncmp( working_state.curlopt_proxy, "socks5://", 9) == 0){ 1579 if (strncmp(working_state.curlopt_proxy, "socks5://", 9) == 0) {
1552 if (verbose >= 1){ 1580 if (verbose >= 1) {
1553 printf("* proxy scheme is socks5, proxy: %s does not resolve host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean); 1581 printf("* proxy scheme is socks5, proxy: %s does not resolve host: %s or "
1582 "server_address: %s\n",
1583 working_state.curlopt_proxy, host_name_display, server_address_clean);
1554 } 1584 }
1555 free(server_address_clean); 1585 free(server_address_clean);
1556 return 0; 1586 return true;
1557 } 1587 }
1558 1588
1559 if ( strncmp( working_state.curlopt_proxy, "socks5h://", 10) == 0){ 1589 if (strncmp(working_state.curlopt_proxy, "socks5h://", 10) == 0) {
1560 if (verbose >= 1){ 1590 if (verbose >= 1) {
1561 printf("* proxy scheme is socks5h, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean); 1591 printf("* proxy scheme is socks5h, proxy: %s resolves host: %s or server_address: "
1592 "%s\n",
1593 working_state.curlopt_proxy, host_name_display, server_address_clean);
1562 } 1594 }
1563 free(server_address_clean); 1595 free(server_address_clean);
1564 return 1; 1596 return false;
1565 } 1597 }
1566 1598
1567 // Libcurl documentation: 1599 // Libcurl documentation:
1568 // Without a scheme prefix, CURLOPT_PROXYTYPE can be used to specify which kind of proxy the string identifies. 1600 // Without a scheme prefix, CURLOPT_PROXYTYPE can be used to specify which kind of proxy the
1569 // We do not set this value 1601 // string identifies. We do not set this value Without a scheme, it is treated as an http
1570 // Without a scheme, it is treated as an http proxy 1602 // proxy
1571 1603
1572 return 1; 1604 return false;
1573 } 1605 }
1574 1606
1575 if (verbose >= 1){ 1607 if (verbose >= 1) {
1576 printf("* proxy scheme is unknown/unavailable, no proxy is assumed for host: %s or server_address: %s\n", host_name_display, server_address_clean); 1608 printf("* proxy scheme is unknown/unavailable, no proxy is assumed for host: %s or "
1609 "server_address: %s\n",
1610 host_name_display, server_address_clean);
1577 } 1611 }
1578 1612
1579 free(server_address_clean); 1613 free(server_address_clean);
1580 return 0; 1614 return 0;
1581} 1615}
1582 1616
1583int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_ip){ 1617ip_addr_inside ip_addr_inside_cidr(const char *cidr_region_or_ip_addr, const char *target_ip) {
1584 unsigned int slash_count = 0; 1618 unsigned int slash_count = 0;
1585 unsigned int last_slash_idx = 0; 1619 unsigned int last_slash_idx = 0;
1586 for(size_t i = 0; i < strlen(cidr_region_or_ip_addr); i++){ 1620 for (size_t i = 0; i < strlen(cidr_region_or_ip_addr); i++) {
1587 if(cidr_region_or_ip_addr[i] == '/'){ 1621 if (cidr_region_or_ip_addr[i] == '/') {
1588 slash_count++; 1622 slash_count++;
1589 last_slash_idx = (unsigned int)i; 1623 last_slash_idx = (unsigned int)i;
1590 } 1624 }
@@ -1592,48 +1626,67 @@ int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_i
1592 1626
1593 char *cidr_ip_part = NULL; 1627 char *cidr_ip_part = NULL;
1594 int prefix_length = 0; 1628 int prefix_length = 0;
1629 ip_addr_inside result = {
1630 .inside = false,
1631 .error = NO_ERROR,
1632 };
1595 1633
1596 if (slash_count == 0) { 1634 if (slash_count == 0) {
1597 cidr_ip_part = strdup(cidr_region_or_ip_addr); 1635 cidr_ip_part = strdup(cidr_region_or_ip_addr);
1598 if (!cidr_ip_part) return -1; 1636 if (!cidr_ip_part) {
1637 result.error = FAILED_STRDUP;
1638 return result;
1639 }
1599 } else if (slash_count == 1) { 1640 } else if (slash_count == 1) {
1600 cidr_ip_part = strndup(cidr_region_or_ip_addr, last_slash_idx); 1641 cidr_ip_part = strndup(cidr_region_or_ip_addr, last_slash_idx);
1601 if (!cidr_ip_part) return -1; 1642 if (!cidr_ip_part) {
1643 result.error = FAILED_STRDUP;
1644 return result;
1645 }
1602 1646
1603 errno = 0; 1647 errno = 0;
1604 long long tmp = strtoll(cidr_region_or_ip_addr + last_slash_idx + 1, NULL, 10); 1648 long long tmp = strtoll(cidr_region_or_ip_addr + last_slash_idx + 1, NULL, 10);
1605 if (errno == ERANGE) { 1649 if (errno == ERANGE) {
1606 if (verbose >= 1) { 1650 if (verbose >= 1) {
1607 printf("cidr_region_or_ip: %s , could not parse subnet length\n", cidr_region_or_ip_addr); 1651 printf("cidr_region_or_ip: %s , could not parse subnet length\n",
1652 cidr_region_or_ip_addr);
1608 } 1653 }
1609 free(cidr_ip_part); 1654 free(cidr_ip_part);
1610 return -1; 1655 result.error = COULD_NOT_PARSE_SUBNET_LENGTH;
1656 return result;
1611 } 1657 }
1612 prefix_length = (int)tmp; 1658 prefix_length = (int)tmp;
1613 } else { 1659 } else {
1614 printf("cidr_region_or_ip: %s , has %d number of '/' characters, is not a valid cidr_region or IP\n", cidr_region_or_ip_addr, slash_count); 1660 if (verbose >= 1) {
1615 return -1; 1661 printf("cidr_region_or_ip: %s , has %d number of '/' characters, is not a valid "
1662 "cidr_region or IP\n",
1663 cidr_region_or_ip_addr, slash_count);
1664 }
1665 result.error = CIDR_REGION_INVALID;
1666 return result;
1616 } 1667 }
1617 1668
1618 int cidr_addr_family, target_addr_family; 1669 int cidr_addr_family, target_addr_family;
1619 if (strchr(cidr_ip_part, ':')){ 1670 if (strchr(cidr_ip_part, ':')) {
1620 cidr_addr_family = AF_INET6; 1671 cidr_addr_family = AF_INET6;
1621 } else { 1672 } else {
1622 cidr_addr_family = AF_INET; 1673 cidr_addr_family = AF_INET;
1623 } 1674 }
1624 1675
1625 if (strchr(target_ip, ':')){ 1676 if (strchr(target_ip, ':')) {
1626 target_addr_family = AF_INET6; 1677 target_addr_family = AF_INET6;
1627 } else { 1678 } else {
1628 target_addr_family = AF_INET; 1679 target_addr_family = AF_INET;
1629 } 1680 }
1630 1681
1631 if (cidr_addr_family != target_addr_family){ 1682 if (cidr_addr_family != target_addr_family) {
1632 if (verbose >= 1){ 1683 if (verbose >= 1) {
1633 printf("cidr address: %s and target ip address: %s have different address families\n", cidr_ip_part, target_ip); 1684 printf("cidr address: %s and target ip address: %s have different address families\n",
1685 cidr_ip_part, target_ip);
1634 } 1686 }
1635 free(cidr_ip_part); 1687 free(cidr_ip_part);
1636 return 0; 1688 result.inside = false;
1689 return result;
1637 } 1690 }
1638 1691
1639 // If no prefix is given, treat the cidr as a single address (full-length prefix) 1692 // If no prefix is given, treat the cidr as a single address (full-length prefix)
@@ -1644,14 +1697,17 @@ int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_i
1644 int max_bits = (cidr_addr_family == AF_INET) ? 32u : 128u; 1697 int max_bits = (cidr_addr_family == AF_INET) ? 32u : 128u;
1645 if (prefix_length < 0 || prefix_length > max_bits) { 1698 if (prefix_length < 0 || prefix_length > max_bits) {
1646 if (verbose >= 1) { 1699 if (verbose >= 1) {
1647 printf("cidr_region_or_ip: %s has invalid prefix length: %u\n", cidr_region_or_ip_addr, prefix_length); 1700 printf("cidr_region_or_ip: %s has invalid prefix length: %u\n", cidr_region_or_ip_addr,
1701 prefix_length);
1648 } 1702 }
1649 free(cidr_ip_part); 1703 free(cidr_ip_part);
1650 return -1; 1704 result.error = CIDR_REGION_INVALID_PREFIX;
1705 return result;
1651 } 1706 }
1652 1707
1653 if (verbose >= 1){ 1708 if (verbose >= 1) {
1654 printf("cidr_region_or_ip: %s , has prefix length: %u\n", cidr_region_or_ip_addr, prefix_length); 1709 printf("cidr_region_or_ip: %s , has prefix length: %u\n", cidr_region_or_ip_addr,
1710 prefix_length);
1655 } 1711 }
1656 1712
1657 int inet_pton_rc; 1713 int inet_pton_rc;
@@ -1659,7 +1715,6 @@ int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_i
1659 uint8_t *target_bytes = NULL; 1715 uint8_t *target_bytes = NULL;
1660 uint8_t cidr_buf[16]; 1716 uint8_t cidr_buf[16];
1661 uint8_t target_buf[16]; 1717 uint8_t target_buf[16];
1662 size_t total_bytes = 0;
1663 1718
1664 if (cidr_addr_family == AF_INET) { 1719 if (cidr_addr_family == AF_INET) {
1665 struct in_addr cidr_ipv4; 1720 struct in_addr cidr_ipv4;
@@ -1667,49 +1722,55 @@ int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_i
1667 inet_pton_rc = inet_pton(AF_INET, cidr_ip_part, &cidr_ipv4); 1722 inet_pton_rc = inet_pton(AF_INET, cidr_ip_part, &cidr_ipv4);
1668 if (inet_pton_rc != 1) { 1723 if (inet_pton_rc != 1) {
1669 if (verbose >= 1) { 1724 if (verbose >= 1) {
1670 printf("ip string: %s contains characters not valid for its address family: IPv4\n", cidr_ip_part); 1725 printf("ip string: %s contains characters not valid for its address family: IPv4\n",
1726 cidr_ip_part);
1671 } 1727 }
1672 free(cidr_ip_part); 1728 free(cidr_ip_part);
1673 return -1; 1729 result.error = IP_CONTAINS_INVALID_CHARACTERS;
1730 return result;
1674 } 1731 }
1675 inet_pton_rc = inet_pton(AF_INET, target_ip, &target_ipv4); 1732 inet_pton_rc = inet_pton(AF_INET, target_ip, &target_ipv4);
1676 if (inet_pton_rc != 1) { 1733 if (inet_pton_rc != 1) {
1677 if (verbose >= 1) { 1734 if (verbose >= 1) {
1678 printf("ip string: %s contains characters not valid for its address family: IPv4\n", target_ip); 1735 printf("ip string: %s contains characters not valid for its address family: IPv4\n",
1736 target_ip);
1679 } 1737 }
1680 free(cidr_ip_part); 1738 free(cidr_ip_part);
1681 return -1; 1739 result.error = IP_CONTAINS_INVALID_CHARACTERS;
1740 return result;
1682 } 1741 }
1683 // copy the addresses in network byte order to a buffer for comparison 1742 // copy the addresses in network byte order to a buffer for comparison
1684 memcpy(cidr_buf, &cidr_ipv4.s_addr, 4); 1743 memcpy(cidr_buf, &cidr_ipv4.s_addr, 4);
1685 memcpy(target_buf, &target_ipv4.s_addr, 4); 1744 memcpy(target_buf, &target_ipv4.s_addr, 4);
1686 cidr_bytes = cidr_buf; 1745 cidr_bytes = cidr_buf;
1687 target_bytes = target_buf; 1746 target_bytes = target_buf;
1688 total_bytes = 4;
1689 } else { 1747 } else {
1690 struct in6_addr cidr_ipv6; 1748 struct in6_addr cidr_ipv6;
1691 struct in6_addr target_ipv6; 1749 struct in6_addr target_ipv6;
1692 inet_pton_rc = inet_pton(AF_INET6, cidr_ip_part, &cidr_ipv6); 1750 inet_pton_rc = inet_pton(AF_INET6, cidr_ip_part, &cidr_ipv6);
1693 if (inet_pton_rc != 1) { 1751 if (inet_pton_rc != 1) {
1694 if (verbose >= 1) { 1752 if (verbose >= 1) {
1695 printf("ip string: %s contains characters not valid for its address family: IPv6\n", cidr_ip_part); 1753 printf("ip string: %s contains characters not valid for its address family: IPv6\n",
1754 cidr_ip_part);
1696 } 1755 }
1697 free(cidr_ip_part); 1756 free(cidr_ip_part);
1698 return -1; 1757 result.error = IP_CONTAINS_INVALID_CHARACTERS;
1758 return result;
1699 } 1759 }
1700 inet_pton_rc = inet_pton(AF_INET6, target_ip, &target_ipv6); 1760 inet_pton_rc = inet_pton(AF_INET6, target_ip, &target_ipv6);
1701 if (inet_pton_rc != 1) { 1761 if (inet_pton_rc != 1) {
1702 if (verbose >= 1) { 1762 if (verbose >= 1) {
1703 printf("ip string: %s contains characters not valid for its address family: IPv6\n", target_ip); 1763 printf("ip string: %s contains characters not valid for its address family: IPv6\n",
1764 target_ip);
1704 } 1765 }
1705 free(cidr_ip_part); 1766 free(cidr_ip_part);
1706 return -1; 1767 result.error = IP_CONTAINS_INVALID_CHARACTERS;
1768 return result;
1707 } 1769 }
1708 memcpy(cidr_buf, &cidr_ipv6, 16); 1770 memcpy(cidr_buf, &cidr_ipv6, 16);
1709 memcpy(target_buf, &target_ipv6, 16); 1771 memcpy(target_buf, &target_ipv6, 16);
1710 cidr_bytes = cidr_buf; 1772 cidr_bytes = cidr_buf;
1711 target_bytes = target_buf; 1773 target_bytes = target_buf;
1712 total_bytes = 16;
1713 } 1774 }
1714 1775
1715 int prefix_bytes = prefix_length / 8; 1776 int prefix_bytes = prefix_length / 8;
@@ -1718,10 +1779,13 @@ int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_i
1718 if (prefix_bytes > 0) { 1779 if (prefix_bytes > 0) {
1719 if (memcmp(cidr_bytes, target_bytes, (size_t)prefix_bytes) != 0) { 1780 if (memcmp(cidr_bytes, target_bytes, (size_t)prefix_bytes) != 0) {
1720 if (verbose >= 1) { 1781 if (verbose >= 1) {
1721 printf("the first %d bytes of the cidr_region_or_ip: %s and target_ip: %s are different\n", prefix_bytes, cidr_ip_part, target_ip); 1782 printf("the first %d bytes of the cidr_region_or_ip: %s and target_ip: %s are "
1783 "different\n",
1784 prefix_bytes, cidr_ip_part, target_ip);
1722 } 1785 }
1723 free(cidr_ip_part); 1786 free(cidr_ip_part);
1724 return 0; 1787 result.inside = false;
1788 return result;
1725 } 1789 }
1726 } 1790 }
1727 1791
@@ -1732,13 +1796,19 @@ int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_i
1732 uint8_t mask = (uint8_t)(0xFFu << (8 - prefix_bits)); 1796 uint8_t mask = (uint8_t)(0xFFu << (8 - prefix_bits));
1733 if ((cidr_oct & mask) != (target_oct & mask)) { 1797 if ((cidr_oct & mask) != (target_oct & mask)) {
1734 if (verbose >= 1) { 1798 if (verbose >= 1) {
1735 printf("looking at the last %d bits of the prefix, cidr_region_or_ip(%s) byte is: %u and target_ip byte(%s) is: %u, applying bitmask: %02X returns different results\n", prefix_bits, cidr_ip_part, (unsigned)cidr_oct, target_ip, (unsigned)target_oct, mask); 1799 printf("looking at the last %d bits of the prefix, cidr_region_or_ip(%s) byte is: "
1800 "%u and target_ip byte(%s) is: %u, applying bitmask: %02X returns different "
1801 "results\n",
1802 prefix_bits, cidr_ip_part, (unsigned)cidr_oct, target_ip,
1803 (unsigned)target_oct, mask);
1736 } 1804 }
1737 free(cidr_ip_part); 1805 free(cidr_ip_part);
1738 return 0; 1806 result.inside = false;
1807 return result;
1739 } 1808 }
1740 } 1809 }
1741 1810
1742 free(cidr_ip_part); 1811 free(cidr_ip_part);
1743 return 1; 1812 result.inside = true;
1813 return result;
1744} 1814}
diff --git a/plugins/check_curl.d/check_curl_helpers.h b/plugins/check_curl.d/check_curl_helpers.h
index cc47bf9d..55df9bc1 100644
--- a/plugins/check_curl.d/check_curl_helpers.h
+++ b/plugins/check_curl.d/check_curl_helpers.h
@@ -127,11 +127,25 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_
127 int crit_days_till_exp); 127 int crit_days_till_exp);
128char *fmt_url(check_curl_working_state workingState); 128char *fmt_url(check_curl_working_state workingState);
129 129
130 130/* determine_hostname_resolver determines if the host or the proxy resolves the target hostname
131/* function that will determine if the host or the proxy resolves the target hostname 131returns RESOLVE_LOCALLY if requester resolves the hostname locally, RESOLVE_REMOTELY if proxy
132returns 0 if requester resolves the hostname locally, 1 if proxy resolves the hostname */ 132resolves the hostname */
133int determine_hostname_resolver(const check_curl_working_state working_state, const check_curl_static_curl_config config); 133bool hostname_gets_resolved_locally(const check_curl_working_state working_state);
134 134
135/* Checks if an IP is inside given CIDR region. Using /protocol_size or not specifying the prefix length performs an equality check. Supports both IPv4 and IPv6 135/* Checks if an IP is inside given CIDR region. Using /protocol_size or not specifying the prefix
136returns 1 if the target_ip address is inside the given cidr_region_or_ip_addr, 0 if its out. return codes < 0 mean an error has occurred. */ 136length performs an equality check. Supports both IPv4 and IPv6 returns 1 if the target_ip address is
137int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_ip); 137inside the given cidr_region_or_ip_addr, 0 if its out. return codes < 0 mean an error has occurred.
138*/
139typedef enum {
140 NO_ERROR,
141 FAILED_STRDUP,
142 COULD_NOT_PARSE_SUBNET_LENGTH,
143 CIDR_REGION_INVALID,
144 CIDR_REGION_INVALID_PREFIX,
145 IP_CONTAINS_INVALID_CHARACTERS,
146} ip_addr_inside_error_code;
147typedef struct {
148 bool inside;
149 ip_addr_inside_error_code error;
150} ip_addr_inside;
151ip_addr_inside ip_addr_inside_cidr(const char *cidr_region_or_ip_addr, const char *target_ip);
diff --git a/plugins/check_dig.c b/plugins/check_dig.c
index 9ea19e6a..9ec8028a 100644
--- a/plugins/check_dig.c
+++ b/plugins/check_dig.c
@@ -284,7 +284,7 @@ check_dig_config_wrapper process_arguments(int argc, char **argv) {
284 int option_index = 284 int option_index =
285 getopt_long(argc, argv, "hVvt:l:H:w:c:T:p:a:A:E:X:46", longopts, &option); 285 getopt_long(argc, argv, "hVvt:l:H:w:c:T:p:a:A:E:X:46", longopts, &option);
286 286
287 if (option_index == -1 || option_index == EOF) { 287 if (CHECK_EOF(option_index)) {
288 break; 288 break;
289 } 289 }
290 290
diff --git a/plugins/check_disk.c b/plugins/check_disk.c
index 0d941f25..e773e56c 100644
--- a/plugins/check_disk.c
+++ b/plugins/check_disk.c
@@ -448,7 +448,7 @@ check_disk_config_wrapper process_arguments(int argc, char **argv) {
448 int option_index = getopt_long( 448 int option_index = getopt_long(
449 argc, argv, "+?VqhvefCt:c:w:K:W:u:p:x:X:N:mklLPg:R:r:i:I:MEAn", longopts, &option); 449 argc, argv, "+?VqhvefCt:c:w:K:W:u:p:x:X:N:mklLPg:R:r:i:I:MEAn", longopts, &option);
450 450
451 if (option_index == -1 || option_index == EOF) { 451 if (CHECK_EOF(option_index)) {
452 break; 452 break;
453 } 453 }
454 454
@@ -933,31 +933,43 @@ void set_all_thresholds(parameter_list_elem *path, char *warn_freespace_units,
933 933
934 if (warn_freespace_units) { 934 if (warn_freespace_units) {
935 tmp = mp_parse_range_string(warn_freespace_units); 935 tmp = mp_parse_range_string(warn_freespace_units);
936 tmp.range.start = mp_create_pd_value(0);
937 tmp.range.start_infinity = false;
936 path->freespace_units = mp_thresholds_set_warn(path->freespace_units, tmp.range); 938 path->freespace_units = mp_thresholds_set_warn(path->freespace_units, tmp.range);
937 } 939 }
938 940
939 if (crit_freespace_units) { 941 if (crit_freespace_units) {
940 tmp = mp_parse_range_string(crit_freespace_units); 942 tmp = mp_parse_range_string(crit_freespace_units);
943 tmp.range.start = mp_create_pd_value(0);
944 tmp.range.start_infinity = false;
941 path->freespace_units = mp_thresholds_set_crit(path->freespace_units, tmp.range); 945 path->freespace_units = mp_thresholds_set_crit(path->freespace_units, tmp.range);
942 } 946 }
943 947
944 if (warn_freespace_percent) { 948 if (warn_freespace_percent) {
945 tmp = mp_parse_range_string(warn_freespace_percent); 949 tmp = mp_parse_range_string(warn_freespace_percent);
950 tmp.range.start = mp_create_pd_value(0);
951 tmp.range.start_infinity = false;
946 path->freespace_percent = mp_thresholds_set_warn(path->freespace_percent, tmp.range); 952 path->freespace_percent = mp_thresholds_set_warn(path->freespace_percent, tmp.range);
947 } 953 }
948 954
949 if (crit_freespace_percent) { 955 if (crit_freespace_percent) {
950 tmp = mp_parse_range_string(crit_freespace_percent); 956 tmp = mp_parse_range_string(crit_freespace_percent);
957 tmp.range.start = mp_create_pd_value(0);
958 tmp.range.start_infinity = false;
951 path->freespace_percent = mp_thresholds_set_crit(path->freespace_percent, tmp.range); 959 path->freespace_percent = mp_thresholds_set_crit(path->freespace_percent, tmp.range);
952 } 960 }
953 961
954 if (warn_freeinodes_percent) { 962 if (warn_freeinodes_percent) {
955 tmp = mp_parse_range_string(warn_freeinodes_percent); 963 tmp = mp_parse_range_string(warn_freeinodes_percent);
964 tmp.range.start = mp_create_pd_value(0);
965 tmp.range.start_infinity = false;
956 path->freeinodes_percent = mp_thresholds_set_warn(path->freeinodes_percent, tmp.range); 966 path->freeinodes_percent = mp_thresholds_set_warn(path->freeinodes_percent, tmp.range);
957 } 967 }
958 968
959 if (crit_freeinodes_percent) { 969 if (crit_freeinodes_percent) {
960 tmp = mp_parse_range_string(crit_freeinodes_percent); 970 tmp = mp_parse_range_string(crit_freeinodes_percent);
971 tmp.range.start = mp_create_pd_value(0);
972 tmp.range.start_infinity = false;
961 path->freeinodes_percent = mp_thresholds_set_crit(path->freeinodes_percent, tmp.range); 973 path->freeinodes_percent = mp_thresholds_set_crit(path->freeinodes_percent, tmp.range);
962 } 974 }
963} 975}
@@ -1182,14 +1194,22 @@ mp_subcheck evaluate_filesystem(measurement_unit measurement_unit, bool display_
1182 humanize_byte_value((unsigned long long)measurement_unit.total_bytes, false)); 1194 humanize_byte_value((unsigned long long)measurement_unit.total_bytes, false));
1183 } 1195 }
1184 1196
1185 mp_perfdata used_space = perfdata_init(); 1197 // Free space just internally for computation
1186 used_space.label = measurement_unit.name; 1198 mp_perfdata free_space_pd = perfdata_init();
1187 used_space.value = mp_create_pd_value(measurement_unit.free_bytes); 1199 free_space_pd.label = measurement_unit.name;
1188 used_space = mp_set_pd_max_value(used_space, mp_create_pd_value(measurement_unit.total_bytes)); 1200 free_space_pd.value = mp_create_pd_value(measurement_unit.free_bytes);
1189 used_space = mp_set_pd_min_value(used_space, mp_create_pd_value(0)); 1201 free_space_pd =
1190 used_space.uom = "B"; 1202 mp_pd_set_thresholds(free_space_pd, measurement_unit.freespace_bytes_thresholds);
1191 used_space = mp_pd_set_thresholds(used_space, measurement_unit.freespace_bytes_thresholds); 1203 freespace_bytes_sc = mp_set_subcheck_state(freespace_bytes_sc, mp_get_pd_status(free_space_pd));
1192 freespace_bytes_sc = mp_set_subcheck_state(freespace_bytes_sc, mp_get_pd_status(used_space)); 1204
1205 // Used space for display
1206 mp_perfdata used_space_pd = perfdata_init();
1207 used_space_pd.label = measurement_unit.name;
1208 used_space_pd.value = mp_create_pd_value(measurement_unit.used_bytes);
1209 used_space_pd =
1210 mp_set_pd_max_value(used_space_pd, mp_create_pd_value(measurement_unit.total_bytes));
1211 used_space_pd = mp_set_pd_min_value(used_space_pd, mp_create_pd_value(0));
1212 used_space_pd.uom = "B";
1193 1213
1194 // special case for absolute space thresholds here: 1214 // special case for absolute space thresholds here:
1195 // if absolute values are not set, compute the thresholds from percentage thresholds 1215 // if absolute values are not set, compute the thresholds from percentage thresholds
@@ -1209,7 +1229,8 @@ mp_subcheck evaluate_filesystem(measurement_unit measurement_unit, bool display_
1209 } 1229 }
1210 measurement_unit.freespace_bytes_thresholds = 1230 measurement_unit.freespace_bytes_thresholds =
1211 mp_thresholds_set_crit(measurement_unit.freespace_bytes_thresholds, tmp_range); 1231 mp_thresholds_set_crit(measurement_unit.freespace_bytes_thresholds, tmp_range);
1212 used_space = mp_pd_set_thresholds(used_space, measurement_unit.freespace_bytes_thresholds); 1232 free_space_pd =
1233 mp_pd_set_thresholds(free_space_pd, measurement_unit.freespace_bytes_thresholds);
1213 } 1234 }
1214 1235
1215 if (!temp_thlds.warning_is_set && 1236 if (!temp_thlds.warning_is_set &&
@@ -1225,10 +1246,22 @@ mp_subcheck evaluate_filesystem(measurement_unit measurement_unit, bool display_
1225 } 1246 }
1226 measurement_unit.freespace_bytes_thresholds = 1247 measurement_unit.freespace_bytes_thresholds =
1227 mp_thresholds_set_warn(measurement_unit.freespace_bytes_thresholds, tmp_range); 1248 mp_thresholds_set_warn(measurement_unit.freespace_bytes_thresholds, tmp_range);
1228 used_space = mp_pd_set_thresholds(used_space, measurement_unit.freespace_bytes_thresholds); 1249 free_space_pd =
1250 mp_pd_set_thresholds(free_space_pd, measurement_unit.freespace_bytes_thresholds);
1229 } 1251 }
1230 1252
1231 mp_add_perfdata_to_subcheck(&freespace_bytes_sc, used_space); 1253 mp_thresholds thr_used_space = measurement_unit.freespace_bytes_thresholds;
1254 if (thr_used_space.critical_is_set) {
1255 thr_used_space.critical.alert_on_inside_range =
1256 !thr_used_space.critical.alert_on_inside_range;
1257 }
1258 if (thr_used_space.warning_is_set) {
1259 thr_used_space.warning.alert_on_inside_range =
1260 !thr_used_space.warning.alert_on_inside_range;
1261 }
1262 used_space_pd = mp_pd_set_thresholds(used_space_pd, thr_used_space);
1263
1264 mp_add_perfdata_to_subcheck(&freespace_bytes_sc, used_space_pd);
1232 mp_add_subcheck_to_subcheck(&result, freespace_bytes_sc); 1265 mp_add_subcheck_to_subcheck(&result, freespace_bytes_sc);
1233 1266
1234 // ========================== 1267 // ==========================
@@ -1264,7 +1297,8 @@ mp_subcheck evaluate_filesystem(measurement_unit measurement_unit, bool display_
1264 1297
1265 mp_perfdata inode_percentage_pd = perfdata_init(); 1298 mp_perfdata inode_percentage_pd = perfdata_init();
1266 inode_percentage_pd = mp_set_pd_value(inode_percentage_pd, free_inode_percentage); 1299 inode_percentage_pd = mp_set_pd_value(inode_percentage_pd, free_inode_percentage);
1267 inode_percentage_pd = mp_pd_set_thresholds(inode_percentage_pd, measurement_unit.freeinodes_percent_thresholds); 1300 inode_percentage_pd = mp_pd_set_thresholds(inode_percentage_pd,
1301 measurement_unit.freeinodes_percent_thresholds);
1268 1302
1269 if (verbose > 0) { 1303 if (verbose > 0) {
1270 printf("free inode percentage computed: %g\n", free_inode_percentage); 1304 printf("free inode percentage computed: %g\n", free_inode_percentage);
diff --git a/plugins/check_fping.c b/plugins/check_fping.c
index 6160c2cb..86ef64a4 100644
--- a/plugins/check_fping.c
+++ b/plugins/check_fping.c
@@ -361,7 +361,7 @@ check_fping_config_wrapper process_arguments(int argc, char **argv) {
361 int option_index = 361 int option_index =
362 getopt_long(argc, argv, "+hVvaH:S:c:w:b:n:T:i:I:M:R:46", longopts, &option); 362 getopt_long(argc, argv, "+hVvaH:S:c:w:b:n:T:i:I:M:R:46", longopts, &option);
363 363
364 if (option_index == -1 || option_index == EOF || option_index == 1) { 364 if (CHECK_EOF(option_index) || option_index == 1) {
365 break; 365 break;
366 } 366 }
367 367
diff --git a/plugins/check_game.c b/plugins/check_game.c
index 974a7253..48ec6883 100644
--- a/plugins/check_game.c
+++ b/plugins/check_game.c
@@ -186,7 +186,7 @@ check_game_config_wrapper process_arguments(int argc, char **argv) {
186 while (true) { 186 while (true) {
187 int option_index = getopt_long(argc, argv, "hVvt:H:P:G:g:p:m:", long_opts, &opt_index); 187 int option_index = getopt_long(argc, argv, "hVvt:H:P:G:g:p:m:", long_opts, &opt_index);
188 188
189 if (option_index == -1 || option_index == EOF) { 189 if (CHECK_EOF(option_index)) {
190 break; 190 break;
191 } 191 }
192 192
diff --git a/plugins/check_hpjd.c b/plugins/check_hpjd.c
index 9907abc5..883f1df0 100644
--- a/plugins/check_hpjd.c
+++ b/plugins/check_hpjd.c
@@ -299,7 +299,7 @@ check_hpjd_config_wrapper process_arguments(int argc, char **argv) {
299 while (true) { 299 while (true) {
300 int option_index = getopt_long(argc, argv, "+hVH:C:p:D", longopts, &option); 300 int option_index = getopt_long(argc, argv, "+hVH:C:p:D", longopts, &option);
301 301
302 if (option_index == -1 || option_index == EOF || option_index == 1) { 302 if (CHECK_EOF(option_index) || option_index == 1) {
303 break; 303 break;
304 } 304 }
305 305
diff --git a/plugins/check_ide_smart.c b/plugins/check_ide_smart.c
index c1325cf9..43731039 100644
--- a/plugins/check_ide_smart.c
+++ b/plugins/check_ide_smart.c
@@ -169,7 +169,7 @@ static check_ide_smart_config_wrapper process_arguments(int argc, char **argv) {
169 int longindex = 0; 169 int longindex = 0;
170 int option_index = getopt_long(argc, argv, "+d:iq10nhVv", longopts, &longindex); 170 int option_index = getopt_long(argc, argv, "+d:iq10nhVv", longopts, &longindex);
171 171
172 if (option_index == -1 || option_index == EOF || option_index == 1) { 172 if (CHECK_EOF(option_index) || option_index == 1) {
173 break; 173 break;
174 } 174 }
175 175
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c
index 7f8282b4..0e8c5804 100644
--- a/plugins/check_ldap.c
+++ b/plugins/check_ldap.c
@@ -362,7 +362,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
362 int option_index = 362 int option_index =
363 getopt_long(argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option); 363 getopt_long(argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option);
364 364
365 if (option_index == -1 || option_index == EOF) { 365 if (CHECK_EOF(option_index)) {
366 break; 366 break;
367 } 367 }
368 368
diff --git a/plugins/check_load.c b/plugins/check_load.c
index 644cd604..60fa646f 100644
--- a/plugins/check_load.c
+++ b/plugins/check_load.c
@@ -295,7 +295,7 @@ static check_load_config_wrapper process_arguments(int argc, char **argv) {
295 int option = 0; 295 int option = 0;
296 int option_index = getopt_long(argc, argv, "Vhrc:w:n:", longopts, &option); 296 int option_index = getopt_long(argc, argv, "Vhrc:w:n:", longopts, &option);
297 297
298 if (option_index == -1 || option_index == EOF) { 298 if (CHECK_EOF(option_index)) {
299 break; 299 break;
300 } 300 }
301 301
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 15005bf5..b70e0e22 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -504,7 +504,7 @@ check_mysql_config_wrapper process_arguments(int argc, char **argv) {
504 int option_index = 504 int option_index =
505 getopt_long(argc, argv, "hlvVnSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option); 505 getopt_long(argc, argv, "hlvVnSP:p:u:d:H:s:c:w:a:k:C:D:L:f:g:", longopts, &option);
506 506
507 if (option_index == -1 || option_index == EOF) { 507 if (CHECK_EOF(option_index)) {
508 break; 508 break;
509 } 509 }
510 510
diff --git a/plugins/check_nagios.c b/plugins/check_nagios.c
index a46dc1ed..e2f230c9 100644
--- a/plugins/check_nagios.c
+++ b/plugins/check_nagios.c
@@ -227,7 +227,7 @@ check_nagios_config_wrapper process_arguments(int argc, char **argv) {
227 while (true) { 227 while (true) {
228 int option_index = getopt_long(argc, argv, "+hVvF:C:e:t:", longopts, &option); 228 int option_index = getopt_long(argc, argv, "+hVvF:C:e:t:", longopts, &option);
229 229
230 if (option_index == -1 || option_index == EOF || option_index == 1) { 230 if (CHECK_EOF(option_index) || option_index == 1) {
231 break; 231 break;
232 } 232 }
233 233
diff --git a/plugins/check_ping.c b/plugins/check_ping.c
index e1ee0f5c..0c9cb19d 100644
--- a/plugins/check_ping.c
+++ b/plugins/check_ping.c
@@ -221,7 +221,7 @@ check_ping_config_wrapper process_arguments(int argc, char **argv) {
221 while (true) { 221 while (true) {
222 int option_index = getopt_long(argc, argv, "VvhnL46t:c:w:H:p:", longopts, &option); 222 int option_index = getopt_long(argc, argv, "VvhnL46t:c:w:H:p:", longopts, &option);
223 223
224 if (option_index == -1 || option_index == EOF) { 224 if (CHECK_EOF(option_index)) {
225 break; 225 break;
226 } 226 }
227 227
diff --git a/plugins/check_procs.c b/plugins/check_procs.c
index 50837cb4..174dcd97 100644
--- a/plugins/check_procs.c
+++ b/plugins/check_procs.c
@@ -432,7 +432,7 @@ check_procs_config_wrapper process_arguments(int argc, char **argv) {
432 int option_index = 432 int option_index =
433 getopt_long(argc, argv, "Vvhkt:c:w:p:s:u:C:a:z:r:m:P:TX:", longopts, &option); 433 getopt_long(argc, argv, "Vvhkt:c:w:p:s:u:C:a:z:r:m:P:TX:", longopts, &option);
434 434
435 if (option_index == -1 || option_index == EOF) { 435 if (CHECK_EOF(option_index)) {
436 break; 436 break;
437 } 437 }
438 438
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index 93352bcc..03153926 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -62,6 +62,8 @@ void print_usage(void);
62# define my_rc_conf_str(a) rc_conf_str(rch, a) 62# define my_rc_conf_str(a) rc_conf_str(rch, a)
63# if defined(HAVE_LIBRADCLI) 63# if defined(HAVE_LIBRADCLI)
64# define my_rc_send_server(a, b) rc_send_server(rch, a, b, AUTH) 64# define my_rc_send_server(a, b) rc_send_server(rch, a, b, AUTH)
65# elif defined(HAVE_LIBFREERADIUS_CLIENT)
66# define my_rc_send_server(a, b) rc_send_server(rch, a, b, 0)
65# else 67# else
66# define my_rc_send_server(a, b) rc_send_server(rch, a, b) 68# define my_rc_send_server(a, b) rc_send_server(rch, a, b)
67# endif 69# endif
@@ -332,7 +334,7 @@ check_radius_config_wrapper process_arguments(int argc, char **argv) {
332 int option = 0; 334 int option = 0;
333 int option_index = getopt_long(argc, argv, "+hVvH:P:F:u:p:n:N:t:r:e:", longopts, &option); 335 int option_index = getopt_long(argc, argv, "+hVvH:P:F:u:p:n:N:t:r:e:", longopts, &option);
334 336
335 if (option_index == -1 || option_index == EOF || option_index == 1) { 337 if (CHECK_EOF(option_index) || option_index == 1) {
336 break; 338 break;
337 } 339 }
338 340
diff --git a/plugins/check_real.d/config.h b/plugins/check_real.d/config.h
index 2d99ad49..15b70b98 100644
--- a/plugins/check_real.d/config.h
+++ b/plugins/check_real.d/config.h
@@ -17,7 +17,7 @@ typedef struct {
17 int server_port; 17 int server_port;
18 char *server_url; 18 char *server_url;
19 19
20 char *server_expect; 20 const char *server_expect;
21 21
22 mp_thresholds time_thresholds; 22 mp_thresholds time_thresholds;
23 23
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 24883fd8..19e2a58f 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -350,7 +350,7 @@ int main(int argc, char **argv) {
350 } 350 }
351 } 351 }
352 352
353# ifdef USE_OPENSSL 353# ifdef MOPL_USE_OPENSSL
354 if (ssl_established) { 354 if (ssl_established) {
355 net_ssl_check_cert_result cert_check_result = 355 net_ssl_check_cert_result cert_check_result =
356 np_net_ssl_check_cert2(config.days_till_exp_warn, config.days_till_exp_crit); 356 np_net_ssl_check_cert2(config.days_till_exp_warn, config.days_till_exp_crit);
@@ -389,7 +389,7 @@ int main(int argc, char **argv) {
389 389
390 mp_add_subcheck_to_check(&overall, sc_cert_check); 390 mp_add_subcheck_to_check(&overall, sc_cert_check);
391 } 391 }
392# endif /* USE_OPENSSL */ 392# endif /* MOPL_USE_OPENSSL */
393 393
394#endif 394#endif
395 395
@@ -764,7 +764,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
764 break; 764 break;
765 case 'D': { 765 case 'D': {
766 /* Check SSL cert validity */ 766 /* Check SSL cert validity */
767#ifdef USE_OPENSSL 767#ifdef MOPL_USE_OPENSSL
768 char *temp; 768 char *temp;
769 if ((temp = strchr(optarg, ',')) != NULL) { 769 if ((temp = strchr(optarg, ',')) != NULL) {
770 *temp = '\0'; 770 *temp = '\0';
diff --git a/plugins/check_smtp.d/config.h b/plugins/check_smtp.d/config.h
index b0d42ed1..47826362 100644
--- a/plugins/check_smtp.d/config.h
+++ b/plugins/check_smtp.d/config.h
@@ -40,8 +40,8 @@ typedef struct {
40 40
41 bool use_proxy_prefix; 41 bool use_proxy_prefix;
42#ifdef HAVE_SSL 42#ifdef HAVE_SSL
43 int days_till_exp_warn; 43 unsigned int days_till_exp_warn;
44 int days_till_exp_crit; 44 unsigned int days_till_exp_crit;
45 bool use_ssl; 45 bool use_ssl;
46 bool use_starttls; 46 bool use_starttls;
47 bool use_sni; 47 bool use_sni;
diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c
index f470d222..09196dc4 100644
--- a/plugins/check_snmp.c
+++ b/plugins/check_snmp.c
@@ -116,6 +116,7 @@ gen_state_string_type gen_state_string(check_snmp_state_entry *entries, size_t n
116 break; 116 break;
117 case ASN_FLOAT: 117 case ASN_FLOAT:
118 printf("Type FLOAT\n"); 118 printf("Type FLOAT\n");
119 break;
119 case ASN_DOUBLE: 120 case ASN_DOUBLE:
120 printf("Type DOUBLE\n"); 121 printf("Type DOUBLE\n");
121 break; 122 break;
@@ -217,6 +218,7 @@ recover_state_data_type recover_state_data(char *state_string, idx_t state_strin
217 break; 218 break;
218 case ASN_FLOAT: 219 case ASN_FLOAT:
219 printf("Type FLOAT\n"); 220 printf("Type FLOAT\n");
221 break;
220 case ASN_DOUBLE: 222 case ASN_DOUBLE:
221 printf("Type DOUBLE\n"); 223 printf("Type DOUBLE\n");
222 break; 224 break;
@@ -445,7 +447,7 @@ static process_arguments_wrapper process_arguments(int argc, char **argv) {
445 argc, argv, 447 argc, argv,
446 "nhvVO46t:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:M:f:z:", longopts, &option); 448 "nhvVO46t:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:M:f:z:", longopts, &option);
447 449
448 if (option_char == -1 || option_char == EOF) { 450 if (CHECK_EOF(option_char)) {
449 break; 451 break;
450 } 452 }
451 453
@@ -515,7 +517,7 @@ static process_arguments_wrapper process_arguments(int argc, char **argv) {
515 argc, argv, 517 argc, argv,
516 "nhvVO46t:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:M:f:z:", longopts, &option); 518 "nhvVO46t:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:M:f:z:", longopts, &option);
517 519
518 if (option_char == -1 || option_char == EOF) { 520 if (CHECK_EOF(option_char)) {
519 break; 521 break;
520 } 522 }
521 523
@@ -1032,13 +1034,13 @@ void print_help(void) {
1032 printf(" %s\n", _("SNMPv3 context")); 1034 printf(" %s\n", _("SNMPv3 context"));
1033 printf(" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]"); 1035 printf(" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]");
1034 printf(" %s\n", _("SNMPv3 securityLevel")); 1036 printf(" %s\n", _("SNMPv3 securityLevel"));
1035 printf(" %s\n", "-a, --authproto=[MD5|SHA]"); 1037 printf(" %s\n", "-a, --authproto=[MD5|SHA|SHA224|SHA256|SHA384|SHA512]");
1036 printf(" %s\n", _("SNMPv3 auth proto")); 1038 printf(" %s\n", _("SNMPv3 auth proto"));
1037#ifdef HAVE_USM_DES_PRIV_PROTOCOL 1039#ifdef HAVE_USM_DES_PRIV_PROTOCOL
1038 printf(" %s\n", "-x, --privproto=[DES|AES]"); 1040 printf(" %s\n", "-x, --privproto=[DES|AES|AES192|AES256]");
1039 printf(" %s\n", _("SNMPv3 priv proto (default DES)")); 1041 printf(" %s\n", _("SNMPv3 priv proto (default DES)"));
1040#else 1042#else
1041 printf(" %s\n", "-x, --privproto=[AES]"); 1043 printf(" %s\n", "-x, --privproto=[AES|AES192|AES256]");
1042 printf(" %s\n", _("SNMPv3 priv proto (default AES)")); 1044 printf(" %s\n", _("SNMPv3 priv proto (default AES)"));
1043#endif 1045#endif
1044 1046
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 49a8c4c1..924322e4 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -562,7 +562,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
562 int option_index = 562 int option_index =
563 getopt_long(argc, argv, "+hVv46EAH:s:e:q:m:c:w:t:p:C:W:d:Sr:jD:M:", longopts, &option); 563 getopt_long(argc, argv, "+hVv46EAH:s:e:q:m:c:w:t:p:C:W:d:Sr:jD:M:", longopts, &option);
564 564
565 if (option_index == -1 || option_index == EOF || option_index == 1) { 565 if (CHECK_EOF(option_index) || option_index == 1) {
566 break; 566 break;
567 } 567 }
568 568
@@ -683,7 +683,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
683 break; 683 break;
684 case 'D': /* Check SSL cert validity - days 'til certificate expiration */ 684 case 'D': /* Check SSL cert validity - days 'til certificate expiration */
685#ifdef HAVE_SSL 685#ifdef HAVE_SSL
686# ifdef USE_OPENSSL /* XXX */ 686# ifdef MOPL_USE_OPENSSL /* XXX */
687 { 687 {
688 char *temp; 688 char *temp;
689 if ((temp = strchr(optarg, ',')) != NULL) { 689 if ((temp = strchr(optarg, ',')) != NULL) {
@@ -708,7 +708,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
708 config.check_cert = true; 708 config.check_cert = true;
709 config.use_tls = true; 709 config.use_tls = true;
710 } break; 710 } break;
711# endif /* USE_OPENSSL */ 711# endif /* MOPL_USE_OPENSSL */
712#endif 712#endif
713 /* fallthrough if we don't have ssl */ 713 /* fallthrough if we don't have ssl */
714 case 'S': 714 case 'S':
diff --git a/plugins/check_time.c b/plugins/check_time.c
index 99708ad3..aec995d4 100644
--- a/plugins/check_time.c
+++ b/plugins/check_time.c
@@ -213,7 +213,7 @@ check_time_config_wrapper process_arguments(int argc, char **argv) {
213 int option = 0; 213 int option = 0;
214 option_char = getopt_long(argc, argv, "hVH:w:c:W:C:p:t:u", longopts, &option); 214 option_char = getopt_long(argc, argv, "hVH:w:c:W:C:p:t:u", longopts, &option);
215 215
216 if (option_char == -1 || option_char == EOF) { 216 if (CHECK_EOF(option_char)) {
217 break; 217 break;
218 } 218 }
219 219
diff --git a/plugins/common.h b/plugins/common.h
index ef888d08..9d1434a3 100644
--- a/plugins/common.h
+++ b/plugins/common.h
@@ -193,7 +193,7 @@ enum {
193 */ 193 */
194#include "../gl/gettext.h" 194#include "../gl/gettext.h"
195#define _(String) gettext(String) 195#define _(String) gettext(String)
196#if !ENABLE_NLS 196#if !defined(ENABLE_NLS) || !ENABLE_NLS
197# undef textdomain 197# undef textdomain
198# define textdomain(Domainname) /* empty */ 198# define textdomain(Domainname) /* empty */
199# undef bindtextdomain 199# undef bindtextdomain
@@ -205,4 +205,11 @@ enum {
205# define __attribute__(x) /* do nothing */ 205# define __attribute__(x) /* do nothing */
206#endif 206#endif
207 207
208/* for checking the result of getopt_long */
209#if EOF == -1
210#define CHECK_EOF(c) ((c) == EOF)
211#else
212#define CHECK_EOF(c) ((c) == -1 || (c) == EOF)
213#endif
214
208#endif /* _COMMON_H_ */ 215#endif /* _COMMON_H_ */
diff --git a/plugins/netutils.h b/plugins/netutils.h
index f3d046c3..16c2d31f 100644
--- a/plugins/netutils.h
+++ b/plugins/netutils.h
@@ -128,7 +128,7 @@ typedef struct {
128 double remaining_seconds; 128 double remaining_seconds;
129 retrieve_expiration_date_errors errors; 129 retrieve_expiration_date_errors errors;
130} net_ssl_check_cert_result; 130} net_ssl_check_cert_result;
131net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int days_till_exp_crit); 131net_ssl_check_cert_result np_net_ssl_check_cert2(unsigned int days_till_exp_warn, unsigned int days_till_exp_crit);
132 132
133mp_state_enum np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit); 133mp_state_enum np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit);
134mp_subcheck mp_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit); 134mp_subcheck mp_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit);
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index c58a35ab..bcfb08d6 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -127,7 +127,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
127 } 127 }
128 128
129 if (cert && privkey) { 129 if (cert && privkey) {
130# ifdef USE_OPENSSL 130# ifdef MOPL_USE_OPENSSL
131 if (!SSL_CTX_use_certificate_chain_file(ctx, cert)) { 131 if (!SSL_CTX_use_certificate_chain_file(ctx, cert)) {
132# elif USE_GNUTLS 132# elif USE_GNUTLS
133 if (!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) { 133 if (!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) {
@@ -138,7 +138,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
138 return STATE_CRITICAL; 138 return STATE_CRITICAL;
139 } 139 }
140 SSL_CTX_use_PrivateKey_file(ctx, privkey, SSL_FILETYPE_PEM); 140 SSL_CTX_use_PrivateKey_file(ctx, privkey, SSL_FILETYPE_PEM);
141# ifdef USE_OPENSSL 141# ifdef MOPL_USE_OPENSSL
142 if (!SSL_CTX_check_private_key(ctx)) { 142 if (!SSL_CTX_check_private_key(ctx)) {
143 printf("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); 143 printf("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n"));
144 return STATE_CRITICAL; 144 return STATE_CRITICAL;
@@ -161,9 +161,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
161 return OK; 161 return OK;
162 } else { 162 } else {
163 printf("%s\n", _("CRITICAL - Cannot make SSL connection.")); 163 printf("%s\n", _("CRITICAL - Cannot make SSL connection."));
164# ifdef USE_OPENSSL /* XXX look into ERR_error_string */ 164# ifdef MOPL_USE_OPENSSL /* XXX look into ERR_error_string */
165 ERR_print_errors_fp(stdout); 165 ERR_print_errors_fp(stdout);
166# endif /* USE_OPENSSL */ 166# endif /* MOPL_USE_OPENSSL */
167 } 167 }
168 } else { 168 } else {
169 printf("%s\n", _("CRITICAL - Cannot initiate SSL handshake.")); 169 printf("%s\n", _("CRITICAL - Cannot initiate SSL handshake."));
@@ -192,7 +192,7 @@ int np_net_ssl_read(void *buf, int num) { return SSL_read(s, buf, num); }
192 192
193mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, 193mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
194 int days_till_exp_crit) { 194 int days_till_exp_crit) {
195# ifdef USE_OPENSSL 195# ifdef MOPL_USE_OPENSSL
196 if (!certificate) { 196 if (!certificate) {
197 printf("%s\n", _("CRITICAL - No server certificate present to inspect.")); 197 printf("%s\n", _("CRITICAL - No server certificate present to inspect."));
198 return STATE_CRITICAL; 198 return STATE_CRITICAL;
@@ -306,14 +306,14 @@ mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_
306 } 306 }
307 X509_free(certificate); 307 X509_free(certificate);
308 return status; 308 return status;
309# else /* ifndef USE_OPENSSL */ 309# else /* ifndef MOPL_USE_OPENSSL */
310 printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); 310 printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
311 return STATE_WARNING; 311 return STATE_WARNING;
312# endif /* USE_OPENSSL */ 312# endif /* MOPL_USE_OPENSSL */
313} 313}
314 314
315retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate) { 315retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate) {
316# ifdef USE_OPENSSL 316# ifdef MOPL_USE_OPENSSL
317 retrieve_expiration_time_result result = { 317 retrieve_expiration_time_result result = {
318 .errors = ALL_OK, 318 .errors = ALL_OK,
319 .remaining_seconds = 0, 319 .remaining_seconds = 0,
@@ -404,14 +404,14 @@ retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate
404 X509_free(certificate); 404 X509_free(certificate);
405 405
406 return result; 406 return result;
407# else /* ifndef USE_OPENSSL */ 407# else /* ifndef MOPL_USE_OPENSSL */
408 printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); 408 printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
409 return STATE_WARNING; 409 return STATE_WARNING;
410# endif /* USE_OPENSSL */ 410# endif /* MOPL_USE_OPENSSL */
411} 411}
412 412
413net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int days_till_exp_crit) { 413net_ssl_check_cert_result np_net_ssl_check_cert2(unsigned int days_till_exp_warn, unsigned int days_till_exp_crit) {
414# ifdef USE_OPENSSL 414# ifdef MOPL_USE_OPENSSL
415 X509 *certificate = NULL; 415 X509 *certificate = NULL;
416 certificate = SSL_get_peer_certificate(s); 416 certificate = SSL_get_peer_certificate(s);
417 417
@@ -438,27 +438,27 @@ net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int day
438 438
439 return result; 439 return result;
440 440
441# else /* ifndef USE_OPENSSL */ 441# else /* ifndef MOPL_USE_OPENSSL */
442 printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); 442 printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
443 return STATE_WARNING; 443 return STATE_WARNING;
444# endif /* USE_OPENSSL */ 444# endif /* MOPL_USE_OPENSSL */
445} 445}
446 446
447mp_state_enum np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit) { 447mp_state_enum np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit) {
448# ifdef USE_OPENSSL 448# ifdef MOPL_USE_OPENSSL
449 X509 *certificate = NULL; 449 X509 *certificate = NULL;
450 certificate = SSL_get_peer_certificate(s); 450 certificate = SSL_get_peer_certificate(s);
451 return (np_net_ssl_check_certificate(certificate, days_till_exp_warn, days_till_exp_crit)); 451 return (np_net_ssl_check_certificate(certificate, days_till_exp_warn, days_till_exp_crit));
452# else /* ifndef USE_OPENSSL */ 452# else /* ifndef MOPL_USE_OPENSSL */
453 printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); 453 printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
454 return STATE_WARNING; 454 return STATE_WARNING;
455# endif /* USE_OPENSSL */ 455# endif /* MOPL_USE_OPENSSL */
456} 456}
457 457
458mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, 458mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
459 int days_till_exp_crit) { 459 int days_till_exp_crit) {
460 mp_subcheck sc_cert = mp_subcheck_init(); 460 mp_subcheck sc_cert = mp_subcheck_init();
461# ifdef USE_OPENSSL 461# ifdef MOPL_USE_OPENSSL
462 if (!certificate) { 462 if (!certificate) {
463 xasprintf(&sc_cert.output, _("No server certificate present to inspect")); 463 xasprintf(&sc_cert.output, _("No server certificate present to inspect"));
464 sc_cert = mp_set_subcheck_state(sc_cert, STATE_CRITICAL); 464 sc_cert = mp_set_subcheck_state(sc_cert, STATE_CRITICAL);
@@ -581,10 +581,10 @@ mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_wa
581 } 581 }
582 X509_free(certificate); 582 X509_free(certificate);
583 return sc_cert; 583 return sc_cert;
584# else /* ifndef USE_OPENSSL */ 584# else /* ifndef MOPL_USE_OPENSSL */
585 xasprintf(&sc_cert.output, _("Plugin does not support checking certificates")); 585 xasprintf(&sc_cert.output, _("Plugin does not support checking certificates"));
586 sc_cert = mp_set_subcheck_state(sc_cert, STATE_WARNING); 586 sc_cert = mp_set_subcheck_state(sc_cert, STATE_WARNING);
587 return sc_cert; 587 return sc_cert;
588# endif /* USE_OPENSSL */ 588# endif /* MOPL_USE_OPENSSL */
589} 589}
590#endif /* HAVE_SSL */ 590#endif /* HAVE_SSL */
diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t
index a8326f12..0f4d0de7 100644
--- a/plugins/t/check_curl.t
+++ b/plugins/t/check_curl.t
@@ -238,100 +238,100 @@ SKIP: {
238 238
239 # Test if proxy works 239 # Test if proxy works
240 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" ); 240 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
241 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures "); 241 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used, there are no preventative measures ");
242 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" ); 242 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
243 243
244 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" ); 244 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
245 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures "); 245 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used, there are no preventative measures ");
246 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv4 works" ); 246 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv4 works" );
247 247
248 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" ); 248 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
249 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures "); 249 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used, there are no preventative measures ");
250 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv6 works" ); 250 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv6 works" );
251 251
252 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" ); 252 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
253 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures "); 253 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used, there are no preventative measures ");
254 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http2 works" ); 254 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http2 works" );
255 255
256 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" ); 256 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
257 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures "); 257 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used, there are no preventative measures ");
258 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_subdomain works" ); 258 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_subdomain works" );
259 259
260 $res = NPTest->testCmd( "./$plugin -H $host_tls_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" ); 260 $res = NPTest->testCmd( "./$plugin -H $host_tls_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
261 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures "); 261 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used, there are no preventative measures ");
262 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tls_http works" ); 262 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tls_http works" );
263 263
264 # Noproxy '*' should prevent using proxy in any setting, even if its specified 264 # Noproxy '*' should prevent using proxy in any setting, even if its specified
265 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" ); 265 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
266 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" "); 266 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since noproxy has \"\*\" ");
267 is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or without proxy." ); 267 is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or without proxy." );
268 268
269 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" ); 269 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
270 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" "); 270 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since noproxy has \"\*\" ");
271 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." ); 271 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
272 272
273 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" ); 273 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
274 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" "); 274 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since noproxy has \"\*\" ");
275 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." ); 275 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
276 276
277 # Noproxy domain should prevent using proxy for subdomains of that domain 277 # Noproxy domain should prevent using proxy for subdomains of that domain
278 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http -v" ); 278 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http -v" );
279 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since subdomain: $host_tcp_http_subdomain is under a noproxy domain: $host_tcp_http"); 279 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since subdomain: $host_tcp_http_subdomain is under a noproxy domain: $host_tcp_http");
280 is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or without proxy." ); 280 is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or without proxy." );
281 281
282 # Noproxy should prevent using IP matches if an IP is found directly 282 # Noproxy should prevent using IP matches if an IP is found directly
283 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4 -v" ); 283 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4 -v" );
284 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is added into noproxy: $host_tcp_http_ipv4"); 284 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is added into noproxy: $host_tcp_http_ipv4");
285 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." ); 285 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
286 286
287 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6 -v" ); 287 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6 -v" );
288 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is added into noproxy: $host_tcp_http_ipv6"); 288 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is added into noproxy: $host_tcp_http_ipv6");
289 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." ); 289 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
290 290
291 # Noproxy should prevent using IP matches if a CIDR region that contains that Ip is used directly. 291 # Noproxy should prevent using IP matches if a CIDR region that contains that Ip is used directly.
292 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_1 -v" ); 292 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_1 -v" );
293 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is inside CIDR range: $host_tcp_http_ipv4_cidr_1"); 293 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is inside CIDR range: $host_tcp_http_ipv4_cidr_1");
294 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." ); 294 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
295 295
296 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_2 -v" ); 296 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_2 -v" );
297 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is inside CIDR range: $host_tcp_http_ipv4_cidr_2"); 297 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is inside CIDR range: $host_tcp_http_ipv4_cidr_2");
298 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." ); 298 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
299 299
300 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_1 -v " ); 300 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_1 -v " );
301 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is inside CIDR range: $host_tcp_http_ipv6_cidr_1"); 301 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is inside CIDR range: $host_tcp_http_ipv6_cidr_1");
302 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." ); 302 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
303 303
304 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_2 -v" ); 304 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_2 -v" );
305 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is inside CIDR range: $host_tcp_http_ipv6_cidr_2"); 305 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is inside CIDR range: $host_tcp_http_ipv6_cidr_2");
306 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." ); 306 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
307 307
308 # Noproxy should discern over different types of proxy schemes 308 # Noproxy should discern over different types of proxy schemes
309 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" ); 309 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
310 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme http "); 310 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used for resolving hostname, and is using scheme http ");
311 is( $res->return_code, 0, "Using proxy http:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" ); 311 is( $res->return_code, 0, "Using proxy http:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
312 312
313 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy https://$host_tcp_proxy:$port_tcp_proxy -v" ); 313 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy https://$host_tcp_proxy:$port_tcp_proxy -v" );
314 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme https"); 314 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used for resolving hostname, and is using scheme https");
315 # Squid is not configured for https 315 # Squid is not configured for https
316 # is( $res->return_code, 0, "Using proxy https:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" ); 316 # is( $res->return_code, 0, "Using proxy https:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
317 317
318 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks4://$host_tcp_proxy:$port_tcp_proxy -v" ); 318 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks4://$host_tcp_proxy:$port_tcp_proxy -v" );
319 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used for resolving hostname, and is using scheme socks4"); 319 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used for resolving hostname, and is using scheme socks4");
320 # Squid is not configured for socks4 320 # Squid is not configured for socks4
321 # is( $res->return_code, 0, "Using proxy socks4:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" ); 321 # is( $res->return_code, 0, "Using proxy socks4:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
322 322
323 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks4a://$host_tcp_proxy:$port_tcp_proxy -v" ); 323 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks4a://$host_tcp_proxy:$port_tcp_proxy -v" );
324 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme socks4a"); 324 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used for resolving hostname, and is using scheme socks4a");
325 # Squid is not configured for socks4a 325 # Squid is not configured for socks4a
326 # is( $res->return_code, 0, "Using proxy socks4a:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" ); 326 # is( $res->return_code, 0, "Using proxy socks4a:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
327 327
328 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks5://$host_tcp_proxy:$port_tcp_proxy -v" ); 328 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks5://$host_tcp_proxy:$port_tcp_proxy -v" );
329 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used for resolving hostname, and is using scheme socks5"); 329 like($res->output, qr/^\* have local name resolution: true/m, "proxy is not used for resolving hostname, and is using scheme socks5");
330 # Squid is not configured for socks5 330 # Squid is not configured for socks5
331 # is( $res->return_code, 0, "Using proxy socks5:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" ); 331 # is( $res->return_code, 0, "Using proxy socks5:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
332 332
333 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks5h://$host_tcp_proxy:$port_tcp_proxy -v" ); 333 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks5h://$host_tcp_proxy:$port_tcp_proxy -v" );
334 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme socks5h"); 334 like($res->output, qr/^\* have local name resolution: false/m, "proxy is used for resolving hostname, and is using scheme socks5h");
335 # Squid is not configured for socks5h 335 # Squid is not configured for socks5h
336 # is( $res->return_code, 0, "Using proxy socks5h:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" ); 336 # is( $res->return_code, 0, "Using proxy socks5h:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
337} 337}
diff --git a/plugins/t/check_disk.t b/plugins/t/check_disk.t
index 72a83ea4..ba149842 100644
--- a/plugins/t/check_disk.t
+++ b/plugins/t/check_disk.t
@@ -7,6 +7,7 @@
7# TODO: Add in tests for perf data. Need to beef up Monitoring::Plugin::Performance to cater for max, min, etc 7# TODO: Add in tests for perf data. Need to beef up Monitoring::Plugin::Performance to cater for max, min, etc
8 8
9use strict; 9use strict;
10use warnings;
10use Test::More; 11use Test::More;
11use NPTest; 12use NPTest;
12use POSIX qw(ceil floor); 13use POSIX qw(ceil floor);
@@ -26,7 +27,7 @@ my $output_format = "--output-format mp-test-json";
26if ($mountpoint_valid eq "" or $mountpoint2_valid eq "") { 27if ($mountpoint_valid eq "" or $mountpoint2_valid eq "") {
27 plan skip_all => "Need 2 mountpoints to test"; 28 plan skip_all => "Need 2 mountpoints to test";
28} else { 29} else {
29 plan tests => 97; 30 plan tests => 96;
30} 31}
31 32
32$result = NPTest->testCmd( 33$result = NPTest->testCmd(
@@ -34,25 +35,30 @@ $result = NPTest->testCmd(
34 ); 35 );
35cmp_ok( $result->return_code, "==", 0, "Checking two mountpoints (must have at least 1% free in space and inodes)"); 36cmp_ok( $result->return_code, "==", 0, "Checking two mountpoints (must have at least 1% free in space and inodes)");
36 37
38my $result_mp2 = $result->{'mp_test_result'}->{'checks'}->[0];
39my $result_mp1 = $result->{'mp_test_result'}->{'checks'}->[1];
40
37like($result->{'mp_test_result'}->{'state'}, "/OK/", "Main result is OK"); 41like($result->{'mp_test_result'}->{'state'}, "/OK/", "Main result is OK");
38like($result->{'mp_test_result'}->{'checks'}->[0]->{'state'}, "/OK/", "First sub result is OK"); 42like($result_mp2->{'state'}, "/OK/", "First sub result is OK");
39like($result->{'mp_test_result'}->{'checks'}->[1]->{'state'}, "/OK/", "Second sub result is OK"); 43like($result_mp1->{'state'}, "/OK/", "Second sub result is OK");
44
45my @perfdata;
46@perfdata[0] = $result_mp2->{'checks'}->[0]->{'perfdata'}->[0];
47@perfdata[1] = $result_mp1->{'checks'}->[0]->{'perfdata'}->[0];
40 48
41my $absolut_space_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}->[0]->{'perfdata'}->[0]->{'max'}->{'value'}; 49my $absolut_space_mp1 = $perfdata[1]->{'max'}->{'value'};
42# print("absolute space on mp1: ". $absolut_space_mp1 . "\n"); 50# print("absolute space on mp1: ". $absolut_space_mp1 . "\n");
51my $absolut_used_space_mp1 = $perfdata[1]->{'value'}->{'value'};
43 52
44my $free_percent_on_mp1 = ($result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}->[0]->{'perfdata'}->[0]->{'value'}->{'value'} / ($absolut_space_mp1/100)); 53my $free_percent_on_mp1 = ($absolut_space_mp1 - $absolut_used_space_mp1) / ($absolut_space_mp1/100);
45print("free percent on mp1: ". $free_percent_on_mp1 . "\n"); 54# print("free percent on mp1: ". $free_percent_on_mp1 . "\n");
46 55
47my $absolut_space_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}->[0]->{'perfdata'}->[0]->{'max'}->{'value'}; 56my $absolut_space_mp2 = $perfdata[0]->{'max'}->{'value'};
48# print("absolute space on mp2: ". $absolut_space_mp2 . "\n"); 57# print("absolute space on mp2: ". $absolut_space_mp2 . "\n");
58my $absolut_used_space_mp2 = $perfdata[0]->{'value'}->{'value'};
49 59
50my $free_percent_on_mp2 = ($result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}->[0]->{'perfdata'}->[0]->{'value'}->{'value'}/ ($absolut_space_mp2/100)); 60my $free_percent_on_mp2 = (($absolut_space_mp2 - $absolut_used_space_mp2)/ ($absolut_space_mp2/100));
51print("free percent on mp2: ". $free_percent_on_mp2 . "\n"); 61# print("free percent on mp2: ". $free_percent_on_mp2 . "\n");
52
53my @perfdata;
54@perfdata[0] = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}->[0]->{'perfdata'}->[0];
55@perfdata[1] = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}->[0]->{'perfdata'}->[0];
56 62
57# Decrease precision of numbers since the the fs might be modified between the two runs 63# Decrease precision of numbers since the the fs might be modified between the two runs
58$perfdata[0]->{'value'}->{'value'} = int($perfdata[0]->{'value'}->{'value'} / 1000000); 64$perfdata[0]->{'value'}->{'value'} = int($perfdata[0]->{'value'}->{'value'} / 1000000);
@@ -73,46 +79,56 @@ if ($free_percent_on_mp1 > $free_percent_on_mp2) {
73 die "Two mountpoints are the same - cannot do rest of test"; 79 die "Two mountpoints are the same - cannot do rest of test";
74} 80}
75 81
76print("less free: " . $less_free . "\n"); 82# print("less free: " . $less_free . "\n");
77print("more free: " . $more_free . "\n"); 83# print("more free: " . $more_free . "\n");
78 84
79if($free_percent_on_mp1 == $avg_free_percent || $free_percent_on_mp2 == $avg_free_percent) { 85if($free_percent_on_mp1 == $avg_free_percent || $free_percent_on_mp2 == $avg_free_percent) {
80 die "One mountpoints has average space free - cannot do rest of test"; 86 die "One mountpoints has average space free - cannot do rest of test";
81} 87}
82 88
83my $used_inodes_on_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2]->{'perfdata'}->[0]->{'value'}->{'value'}; 89# TODO enable inode checks later when there is enough nerves for Perl
84my $total_inodes_on_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2]->{'perfdata'}->[0]->{'max'}->{'value'}; 90# my $have_inodes = 1;
85 91# my $more_inode_free;
86my $free_inodes_on_mp1 = $total_inodes_on_mp1 - $used_inodes_on_mp1; 92# my $less_inode_free;
87my $free_inode_percentage_on_mp1 = $free_inodes_on_mp1 / ($total_inodes_on_mp1 / 100); 93# my $avg_inode_free_percentage;
88 94
89# print("free inodes on mp1: " . $free_inodes_on_mp1 . "\n"); 95# # Do we have an inode reading? might not be if the filesystem does not have a fixed number of inodes
90# print("total inodes on mp1: " . $total_inodes_on_mp1 . "\n"); 96# if ($result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2] && $result->{'mp_test_result'}->{'checks'}->[0]) {
91# print("free inode percentage on mp1: " . $free_inode_percentage_on_mp1 . "\n"); 97# my $used_inodes_on_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2]->{'perfdata'}->[0]->{'value'}->{'value'};
92 98# my $total_inodes_on_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2]->{'perfdata'}->[0]->{'max'}->{'value'};
93my $used_inodes_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[2]->{'perfdata'}->[0]->{'value'}->{'value'}; 99
94my $total_inodes_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[2]->{'perfdata'}->[0]->{'max'}->{'value'}; 100# my $free_inodes_on_mp1 = $total_inodes_on_mp1 - $used_inodes_on_mp1;
95my $free_inodes_on_mp2 = $total_inodes_on_mp2 - $used_inodes_on_mp2; 101# my $free_inode_percentage_on_mp1 = $free_inodes_on_mp1 / ($total_inodes_on_mp1 / 100);
96my $free_inode_percentage_on_mp2 = $free_inodes_on_mp2 / ($total_inodes_on_mp2 / 100); 102
97 103# # print("free inodes on mp1: " . $free_inodes_on_mp1 . "\n");
98# print("free inodes on mp2: " . $free_inodes_on_mp2 . "\n"); 104# # print("total inodes on mp1: " . $total_inodes_on_mp1 . "\n");
99# print("total inodes on mp2: " . $total_inodes_on_mp2 . "\n"); 105# # print("free inode percentage on mp1: " . $free_inode_percentage_on_mp1 . "\n");
100# print("free inode percentage on mp2: " . $free_inode_percentage_on_mp2 . "\n"); 106
101 107# my $used_inodes_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[2]->{'perfdata'}->[0]->{'value'}->{'value'};
102my $avg_inode_free_percentage = ceil(($free_inode_percentage_on_mp1 + $free_inode_percentage_on_mp2)/2); 108# my $total_inodes_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[2]->{'perfdata'}->[0]->{'max'}->{'value'};
103my ($more_inode_free, $less_inode_free); 109# my $free_inodes_on_mp2 = $total_inodes_on_mp2 - $used_inodes_on_mp2;
104if ($free_inode_percentage_on_mp1 > $free_inode_percentage_on_mp2) { 110# my $free_inode_percentage_on_mp2 = $free_inodes_on_mp2 / ($total_inodes_on_mp2 / 100);
105 $more_inode_free = $mountpoint_valid; 111
106 $less_inode_free = $mountpoint2_valid; 112# # print("free inodes on mp2: " . $free_inodes_on_mp2 . "\n");
107} elsif ($free_inode_percentage_on_mp1 < $free_inode_percentage_on_mp2) { 113# # print("total inodes on mp2: " . $total_inodes_on_mp2 . "\n");
108 $more_inode_free = $mountpoint2_valid; 114# # print("free inode percentage on mp2: " . $free_inode_percentage_on_mp2 . "\n");
109 $less_inode_free = $mountpoint_valid; 115
110} else { 116# my $avg_inode_free_percentage = ceil(($free_inode_percentage_on_mp1 + $free_inode_percentage_on_mp2)/2);
111 die "Two mountpoints with same inodes free - cannot do rest of test"; 117# if ($free_inode_percentage_on_mp1 > $free_inode_percentage_on_mp2) {
112} 118# $more_inode_free = $mountpoint_valid;
113if($free_inode_percentage_on_mp1 == $avg_inode_free_percentage || $free_inode_percentage_on_mp2 == $avg_inode_free_percentage) { 119# $less_inode_free = $mountpoint2_valid;
114 die "One mountpoints has average inodes free - cannot do rest of test"; 120# } elsif ($free_inode_percentage_on_mp1 < $free_inode_percentage_on_mp2) {
115} 121# $more_inode_free = $mountpoint2_valid;
122# $less_inode_free = $mountpoint_valid;
123# } else {
124# die "Two mountpoints with same inodes free - cannot do rest of test";
125# }
126# if($free_inode_percentage_on_mp1 == $avg_inode_free_percentage || $free_inode_percentage_on_mp2 == $avg_inode_free_percentage) {
127# die "One mountpoints has average inodes free - cannot do rest of test";
128# }
129# } else {
130# $have_inodes = 0;
131# }
116 132
117# Verify performance data 133# Verify performance data
118# First check absolute thresholds... 134# First check absolute thresholds...
@@ -144,8 +160,8 @@ my $warn_percth_data = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[
144my $crit_percth_data = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[0]->{'perfdata'}->[0]->{'crit'}->{'end'}->{'value'}; 160my $crit_percth_data = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[0]->{'perfdata'}->[0]->{'crit'}->{'end'}->{'value'};
145my $total_percth_data = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[0]->{'perfdata'}->[0]->{'max'}->{'value'}; 161my $total_percth_data = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[0]->{'perfdata'}->[0]->{'max'}->{'value'};
146 162
147print("warn_percth_data: " . $warn_percth_data . "\n"); 163# print("warn_percth_data: " . $warn_percth_data . "\n");
148print("crit_percth_data: " . $crit_percth_data . "\n"); 164# print("crit_percth_data: " . $crit_percth_data . "\n");
149 165
150is (int($warn_percth_data), int((20/100)*$total_percth_data), "Wrong warning in perf data using percent thresholds. Got " . $warn_percth_data . " with total " . $total_percth_data); 166is (int($warn_percth_data), int((20/100)*$total_percth_data), "Wrong warning in perf data using percent thresholds. Got " . $warn_percth_data . " with total " . $total_percth_data);
151is (int($crit_percth_data), int((10/100)*$total_percth_data), "Wrong critical in perf data using percent thresholds. Got " . $crit_percth_data . " with total " . $total_percth_data); 167is (int($crit_percth_data), int((10/100)*$total_percth_data), "Wrong critical in perf data using percent thresholds. Got " . $crit_percth_data . " with total " . $total_percth_data);
@@ -161,6 +177,18 @@ cmp_ok( $result->return_code, "==", 0, "with JSON test format result should alwa
161my @perfdata2; 177my @perfdata2;
162@perfdata2[0] = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}->[0]->{'perfdata'}->[0]; 178@perfdata2[0] = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}->[0]->{'perfdata'}->[0];
163@perfdata2[1] = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}->[0]->{'perfdata'}->[0]; 179@perfdata2[1] = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}->[0]->{'perfdata'}->[0];
180
181my $free_on_mp1 = ($perfdata2[1]->{'max'}->{'value'} - $perfdata2[1]->{'value'}->{'value'});
182my $free_on_mp2 = ($perfdata2[0]->{'max'}->{'value'} - $perfdata2[0]->{'value'}->{'value'});
183# print "free on mp1: " . $free_on_mp1 . "\n";
184# print "free on mp2: " . $free_on_mp2 . "\n";
185# Either one of those should not be zero
186die "Cannot parse output: $_" unless (defined($free_on_mp1) && defined($free_on_mp2));
187
188my $free_on_all = $free_on_mp1 + $free_on_mp2;
189
190# print "free on all: " . $free_on_all . "\n";
191
164# Decrease precision of numbers since the the fs might be modified between the two runs 192# Decrease precision of numbers since the the fs might be modified between the two runs
165$perfdata2[0]->{'value'}->{'value'} = int($perfdata2[0]->{'value'}->{'value'} / 1000000); 193$perfdata2[0]->{'value'}->{'value'} = int($perfdata2[0]->{'value'}->{'value'} / 1000000);
166$perfdata2[1]->{'value'}->{'value'} = int($perfdata2[1]->{'value'}->{'value'} / 1000000); 194$perfdata2[1]->{'value'}->{'value'} = int($perfdata2[1]->{'value'}->{'value'} / 1000000);
@@ -175,12 +203,6 @@ $result = NPTest->testCmd( "./check_disk -w 1 -c 1 -p $more_free -p $less_free $
175cmp_ok( $result->return_code, "==", 0, "with JSON test format result should always be OK"); 203cmp_ok( $result->return_code, "==", 0, "with JSON test format result should always be OK");
176like($result->{'mp_test_result'}->{'state'}, "/OK/", "At least 1 MB available on $more_free and $less_free"); 204like($result->{'mp_test_result'}->{'state'}, "/OK/", "At least 1 MB available on $more_free and $less_free");
177 205
178my $free_mb_on_mp1 =$result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}->[0]->{'perfdata'}->[0]->{'value'}->{'value'} / (1024 * 1024);
179my $free_mb_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}->[0]->{'perfdata'}->[0]->{'value'}->{'value'}/ (1024 * 1024);
180die "Cannot parse output: $_" unless ($free_mb_on_mp1 && $free_mb_on_mp2);
181
182my $free_mb_on_all = $free_mb_on_mp1 + $free_mb_on_mp2;
183
184 206
185$result = NPTest->testCmd( "./check_disk -e -w 1 -c 1 -p $more_free $output_format" ); 207$result = NPTest->testCmd( "./check_disk -e -w 1 -c 1 -p $more_free $output_format" );
186cmp_ok( $result->return_code, "==", 0, "with JSON test format result should always be OK"); 208cmp_ok( $result->return_code, "==", 0, "with JSON test format result should always be OK");
@@ -248,55 +270,45 @@ cmp_ok( $result->return_code, '==', 2, "And reversing arguments should not make
248 270
249 271
250# Basic inode checks for sizes 272# Basic inode checks for sizes
273SKIP: {
274 skip "No inode data", 14 if 1 eq 1;
251 275
252$result = NPTest->testCmd( "./check_disk --icritical 1% --iwarning 1% -p $more_inode_free" ); 276 # $result = NPTest->testCmd( "./check_disk --icritical 1% --iwarning 1% -p $more_inode_free" );
253is( $result->return_code, 0, "At least 1% free on inodes for both mountpoints"); 277 # is( $result->return_code, 0, "At least 1% free on inodes for both mountpoints");
254
255$result = NPTest->testCmd( "./check_disk -K 100% -W 100% -p $less_inode_free" );
256is( $result->return_code, 2, "Critical requesting 100% free inodes for both mountpoints");
257
258$result = NPTest->testCmd( "./check_disk --iwarning 1% --icritical 1% -p $more_inode_free -K 100% -W 100% -p $less_inode_free" );
259is( $result->return_code, 2, "Get critical on less_inode_free mountpoint $less_inode_free");
260
261$result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K 0% -p $less_inode_free" );
262is( $result->return_code, 1, "Get warning on less_inode_free, when checking average");
263
264$result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $more_inode_free ");
265is( $result->return_code, 0, "Get ok on more_inode_free when checking average");
266 278
267$result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K 0% -p $less_inode_free -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $more_inode_free" ); 279 # $result = NPTest->testCmd( "./check_disk -K 100% -W 100% -p $less_inode_free" );
268is ($result->return_code, 1, "Combine above two tests, get warning"); 280 # is( $result->return_code, 2, "Critical requesting 100% free inodes for both mountpoints");
269$all_disks = $result->output;
270 281
271$result = NPTest->testCmd( "./check_disk -e -W $avg_inode_free_percentage% -K 0% -p $less_inode_free -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $more_inode_free" ); 282 # $result = NPTest->testCmd( "./check_disk --iwarning 1% --icritical 1% -p $more_inode_free -K 100% -W 100% -p $less_inode_free" );
272isnt( $result->output, $all_disks, "-e gives different output"); 283 # is( $result->return_code, 2, "Get critical on less_inode_free mountpoint $less_inode_free");
273like( $result->output, qr/$less_inode_free/, "Found problem $less_inode_free");
274unlike( $result->only_output, qr/$more_inode_free\s/, "Has ignored $more_inode_free as not a problem");
275like( $result->perf_output, qr/$more_inode_free/, "But $more_inode_free is still in perf data");
276
277$result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K 0% -p $more_inode_free" );
278is( $result->return_code, 0, "Get ok on more_inode_free mountpoint, checking average");
279
280$result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $less_inode_free" );
281is( $result->return_code, 2, "Get critical on less_inode_free, checking average");
282 284
283$result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K 0% -p $more_inode_free -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $less_inode_free" ); 285 # $result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K 0% -p $less_inode_free" );
284is( $result->return_code, 2, "Combining above two tests, get critical"); 286 # is( $result->return_code, 1, "Get warning on less_inode_free, when checking average");
285 287
286$result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $less_inode_free -W $avg_inode_free_percentage% -K 0% -p $more_inode_free" ); 288 # $result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $more_inode_free ");
287cmp_ok( $result->return_code, '==', 2, "And reversing arguments should not make a difference"); 289 # is( $result->return_code, 0, "Get ok on more_inode_free when checking average");
288 290
291 # $result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K 0% -p $less_inode_free -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $more_inode_free" );
292 # is ($result->return_code, 1, "Combine above two tests, get warning");
293 # $all_disks = $result->output;
289 294
295 # $result = NPTest->testCmd( "./check_disk -e -W $avg_inode_free_percentage% -K 0% -p $less_inode_free -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $more_inode_free" );
296 # isnt( $result->output, $all_disks, "-e gives different output");
297 # like( $result->output, qr/$less_inode_free/, "Found problem $less_inode_free");
298 # unlike( $result->only_output, qr/$more_inode_free\s/, "Has ignored $more_inode_free as not a problem");
299 # like( $result->perf_output, qr/$more_inode_free/, "But $more_inode_free is still in perf data");
290 300
301 # $result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K 0% -p $more_inode_free" );
302 # is( $result->return_code, 0, "Get ok on more_inode_free mountpoint, checking average");
291 303
304 # $result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $less_inode_free" );
305 # is( $result->return_code, 2, "Get critical on less_inode_free, checking average");
292 306
307 # $result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K 0% -p $more_inode_free -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $less_inode_free" );
308 # is( $result->return_code, 2, "Combining above two tests, get critical");
293 309
294TODO: { 310 # $result = NPTest->testCmd( "./check_disk -W $avg_inode_free_percentage% -K $avg_inode_free_percentage% -p $less_inode_free -W $avg_inode_free_percentage% -K 0% -p $more_inode_free" );
295 local $TODO = "Invalid percent figures"; 311 # cmp_ok( $result->return_code, '==', 2, "And reversing arguments should not make a difference");
296 $result = NPTest->testCmd(
297 "./check_disk -w 10% -c 15% -p $mountpoint_valid"
298 );
299 cmp_ok( $result->return_code, '==', 3, "Invalid command line options" );
300} 312}
301 313
302$result = NPTest->testCmd( 314$result = NPTest->testCmd(
@@ -371,20 +383,23 @@ $result = NPTest->testCmd( "./check_disk -w 0% -c 0% -C -w 0% -c 0% -p $mountpoi
371cmp_ok( $result->return_code, "==", 0, "with JSON test format result should always be OK"); 383cmp_ok( $result->return_code, "==", 0, "with JSON test format result should always be OK");
372cmp_ok(scalar $result->{'mp_test_result'}->{'checks'}, '>', 1, "-C invokes matchall logic again"); 384cmp_ok(scalar $result->{'mp_test_result'}->{'checks'}, '>', 1, "-C invokes matchall logic again");
373 385
386my $value_below = ($free_on_all - (10**6)) % (10**5) * (10**5);
387my $value_above = $free_on_all + (10**6) % (10**5) * (10**5);
388
374# grouping: exit crit if the sum of free megs on mp1+mp2 is less than warn/crit 389# grouping: exit crit if the sum of free megs on mp1+mp2 is less than warn/crit
375$result = NPTest->testCmd( "./check_disk -w ". ($free_mb_on_all + 1) ." -c ". ($free_mb_on_all + 1) ." -g group -p $mountpoint_valid -p $mountpoint2_valid" ); 390$result = NPTest->testCmd( "./check_disk -u Bytes -w ". $value_above ." -c ". $value_above ." -g group -p $mountpoint_valid -p $mountpoint2_valid" );
376cmp_ok( $result->return_code, '==', 2, "grouping: exit crit if the sum of free megs on mp1+mp2 is less than warn/crit\nInstead received: " . $result->output); 391cmp_ok( $result->return_code, '==', 2, "grouping: exit crit if the sum of free megs on mp1+mp2 is less than warn/crit");
377 392
378# grouping: exit warning if the sum of free megs on mp1+mp2 is between -w and -c 393# grouping: exit warning if the sum of free megs on mp1+mp2 is between -w and -c
379$result = NPTest->testCmd( "./check_disk -w ". ($free_mb_on_all + 1) ." -c ". ($free_mb_on_all - 1) ." -g group -p $mountpoint_valid -p $mountpoint2_valid" ); 394$result = NPTest->testCmd( "./check_disk -u Bytes -w ". $value_above ." -c ". $value_below ." -g group -p $mountpoint_valid -p $mountpoint2_valid" );
380cmp_ok( $result->return_code, '==', 1, "grouping: exit warning if the sum of free megs on mp1+mp2 is between -w and -c "); 395cmp_ok( $result->return_code, '==', 1, "grouping: exit warning if the sum of free megs on mp1+mp2 is between -w and -c ");
381 396
382# grouping: exit ok if the sum of free megs on mp1+mp2 is more than warn/crit 397# grouping: exit ok if the sum of free megs on mp1+mp2 is more than warn/crit
383$result = NPTest->testCmd( "./check_disk -w ". ($free_mb_on_all - 1) ." -c ". ($free_mb_on_all - 1) ." -g group -p $mountpoint_valid -p $mountpoint2_valid" ); 398$result = NPTest->testCmd( "./check_disk -u Bytes -w ". $value_below ." -c ". $value_below ." -g group -p $mountpoint_valid -p $mountpoint2_valid" );
384cmp_ok( $result->return_code, '==', 0, "grouping: exit ok if the sum of free megs on mp1+mp2 is more than warn/crit"); 399cmp_ok( $result->return_code, '==', 0, "grouping: exit ok if the sum of free megs on mp1+mp2 is more than warn/crit");
385 400
386# grouping: exit unknown if group name is given after -p 401# grouping: exit unknown if group name is given after -p
387$result = NPTest->testCmd( "./check_disk -w ". ($free_mb_on_all - 1) ." -c ". ($free_mb_on_all - 1) ." -p $mountpoint_valid -g group -p $mountpoint2_valid" ); 402$result = NPTest->testCmd( "./check_disk -u Bytes -w ". $value_below ." -c ". $value_below ." -p $mountpoint_valid -g group -p $mountpoint2_valid" );
388cmp_ok( $result->return_code, '==', 3, "Invalid options: -p must come after groupname"); 403cmp_ok( $result->return_code, '==', 3, "Invalid options: -p must come after groupname");
389 404
390# regex: exit unknown if given regex is not compilable 405# regex: exit unknown if given regex is not compilable
diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
index e027b6f4..d0a866cb 100755
--- a/plugins/tests/check_curl.t
+++ b/plugins/tests/check_curl.t
@@ -833,12 +833,12 @@ sub run_common_tests {
833 $cmd = "$command -u /statuscode/200 --proxy http://proxy.example.com:8080 --noproxy '*' -v"; 833 $cmd = "$command -u /statuscode/200 --proxy http://proxy.example.com:8080 --noproxy '*' -v";
834 $result = NPTest->testCmd( $cmd ); 834 $result = NPTest->testCmd( $cmd );
835 is( $result->return_code, 0, $cmd); 835 is( $result->return_code, 0, $cmd);
836 like( $result->output, '/.*proxy_resolves_hostname: 0.*/', "Proxy will not be used due to '*' in noproxy: ".$result->output ); 836 like( $result->output, '/.*have local name resolution: true.*/', "Proxy will not be used due to '*' in noproxy: ".$result->output );
837 837
838 $cmd = "$command -u /statuscode/200 --proxy http://proxy.example.com:8080 --noproxy '127.0.0.1' -v"; 838 $cmd = "$command -u /statuscode/200 --proxy http://proxy.example.com:8080 --noproxy '127.0.0.1' -v";
839 $result = NPTest->testCmd( $cmd ); 839 $result = NPTest->testCmd( $cmd );
840 is( $result->return_code, 0, $cmd); 840 is( $result->return_code, 0, $cmd);
841 like( $result->output, '/.*proxy_resolves_hostname: 0.*/', "Proxy will not be used due to '127.0.0.1' in noproxy: ".$result->output ); 841 like( $result->output, '/.*have local name resolution: true.*/', "Proxy will not be used due to '127.0.0.1' in noproxy: ".$result->output );
842 } 842 }
843 843
844} 844}