1 files changed, 112 insertions, 39 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 77a235e4..6db38e8c 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -1,40 +1,40 @@
 /*****************************************************************************
-* 
+*
 * Nagios check_http plugin
-* 
+*
 * License: GPL
-* Copyright (c) 1999-2008 Nagios Plugins Development Team
+* Copyright (c) 1999-2013 Nagios Plugins Development Team
-* 
+*
 * Description:
-* 
+*
 * This file contains the check_http plugin
-* 
+*
 * This plugin tests the HTTP service on the specified host. It can test
 * normal (http) and secure (https) servers, follow redirects, search for
 * strings and regular expressions, check connection times, and report on
 * certificate expiration times.
-* 
+*
-* 
+*
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
-* 
+*
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
-* 
+*
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
-* 
+*
-* 
+*
 *****************************************************************************/
 /* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */
 const char *progname = "check_http";
-const char *copyright = "1999-2011";
+const char *copyright = "1999-2013";
 const char *email = "nagiosplug-devel@lists.sourceforge.net";
 #include "common.h"
@@ -43,7 +43,6 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net";
 #include "base64.h"
 #include <ctype.h>
-#define INPUT_DELIMITER ";"
 #define STICKY_NONE 0
 #define STICKY_HOST 1
 #define STICKY_PORT 2
@@ -85,6 +84,7 @@ int errcode;
 int invert_regex = 0;
 struct timeval tv;
+struct timeval tv_temp;
 #define HTTP_URL "/"
 #define CRLF "\r\n"
@@ -115,6 +115,7 @@ int followsticky = STICKY_NONE;
 int use_ssl = FALSE;
 int use_sni = FALSE;
 int verbose = FALSE;
+int show_extended_perfdata = FALSE;
 int sd;
 int min_page_len = 0;
 int max_page_len = 0;
@@ -131,6 +132,11 @@ void redir (char *pos, char *status_line);
 int server_type_check(const char *type);
 int server_port_check(int ssl_flag);
 char *perfd_time (double microsec);
+char *perfd_time_connect (double microsec);
+char *perfd_time_ssl (double microsec);
+char *perfd_time_firstbyte (double microsec);
+char *perfd_time_headers (double microsec);
+char *perfd_time_transfer (double microsec);
 char *perfd_size (int page_len);
 void print_help (void);
 void print_usage (void);
@@ -216,6 +222,7 @@ process_arguments (int argc, char **argv)
    {"invert-regex", no_argument, NULL, INVERT_REGEX},
    {"use-ipv4", no_argument, 0, '4'},
    {"use-ipv6", no_argument, 0, '6'},
+    {"extended-perfdata", no_argument, 0, 'E'},
    {0, 0, 0, 0}
  };
@@ -236,7 +243,7 @@ process_arguments (int argc, char **argv)
  }
  while (1) {
-    c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:e:p:s:R:r:u:f:C:nlLS::m:M:N", longopts, &option);
+    c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:e:p:s:R:r:u:f:C:nlLS::m:M:N:E", longopts, &option);
    if (c == -1 || c == EOF)
      break;
@@ -284,18 +291,18 @@ process_arguments (int argc, char **argv)
    case 'C': /* Check SSL cert validity */
 #ifdef HAVE_SSL
      if ((temp=strchr(optarg,','))!=NULL) {
-        *temp='\0';
+        *temp='\0';
-        if (!is_intnonneg (temp))
+        if (!is_intnonneg (optarg))
-          usage2 (_("Invalid certificate expiration period"), optarg);
+          usage2 (_("Invalid certificate expiration period"), optarg);
-        days_till_exp_warn = atoi(optarg);
+        days_till_exp_warn = atoi(optarg);
-        *temp=',';
+        *temp=',';
-        temp++;
+        temp++;
-        if (!is_intnonneg (temp))
+        if (!is_intnonneg (temp))
-          usage2 (_("Invalid certificate expiration period"), temp);
+          usage2 (_("Invalid certificate expiration period"), temp);
-        days_till_exp_crit = atoi (temp);
+        days_till_exp_crit = atoi (temp);
      }
      else {
-        days_till_exp_crit=0;
+        days_till_exp_crit=0;
        if (!is_intnonneg (optarg))
          usage2 (_("Invalid certificate expiration period"), optarg);
        days_till_exp_warn = atoi (optarg);
@@ -304,9 +311,7 @@ process_arguments (int argc, char **argv)
      /* Fall through to -S option */
 #endif
    case 'S': /* use SSL */
-#ifndef HAVE_SSL
+#ifdef HAVE_SSL
-      usage4 (_("Invalid option - SSL is not available"));
-#endif
      use_ssl = TRUE;
      if (optarg == NULL || c != 'S')
        ssl_version = 0;
@@ -317,6 +322,9 @@ process_arguments (int argc, char **argv)
      }
      if (specify_port == FALSE)
        server_port = HTTPS_PORT;
+#else
+      usage4 (_("Invalid option - SSL is not available"));
+#endif
      break;
    case SNI_OPTION:
      use_sni = TRUE;
@@ -470,6 +478,9 @@ process_arguments (int argc, char **argv)
                    }
                  }
                  break;
+    case 'E': /* show extended perfdata */
+      show_extended_perfdata = TRUE;
+      break;
    }
  }
@@ -811,17 +822,33 @@ check_http (void)
  char *pos;
  long microsec;
  double elapsed_time;
+  long microsec_connect;
+  double elapsed_time_connect;
+  long microsec_ssl;
+  double elapsed_time_ssl;
+  long microsec_firstbyte;
+  double elapsed_time_firstbyte;
+  long microsec_headers;
+  double elapsed_time_headers;
+  long microsec_transfer;
+  double elapsed_time_transfer;
  int page_len = 0;
  int result = STATE_OK;
  /* try to connect to the host at the given port number */
+  gettimeofday (&tv_temp, NULL);
  if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
    die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
+  microsec_connect = deltime (tv_temp);
 #ifdef HAVE_SSL
+  elapsed_time_connect = (double)microsec_connect / 1.0e6;
  if (use_ssl == TRUE) {
+    gettimeofday (&tv_temp, NULL);
    result = np_net_ssl_init_with_hostname_and_version(sd, (use_sni ? host_name : NULL), ssl_version);
    if (result != STATE_OK)
      return result;
+    microsec_ssl = deltime (tv_temp);
+    elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
    if (check_cert == TRUE) {
      result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
      np_net_ssl_cleanup();
@@ -853,8 +880,7 @@ check_http (void)
  /* optionally send any other header tag */
  if (http_opt_headers_count) {
    for (i = 0; i < http_opt_headers_count ; i++) {
-      for ((pos = strtok(http_opt_headers[i], INPUT_DELIMITER)); pos; (pos = strtok(NULL, INPUT_DELIMITER)))
+      xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
-        xasprintf (&buf, "%s%s\r\n", buf, pos);
    }
    /* This cannot be free'd here because a redirection will then try to access this and segfault */
    /* Covered in a testcase in tests/check_http.t */
@@ -890,11 +916,19 @@ check_http (void)
  }
  if (verbose) printf ("%s\n", buf);
+  gettimeofday (&tv_temp, NULL);
  my_send (buf, strlen (buf));
+  microsec_headers = deltime (tv_temp);
+  elapsed_time_headers = (double)microsec_headers / 1.0e6;
  /* fetch the page */
  full_page = strdup("");
+  gettimeofday (&tv_temp, NULL);
  while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {
+    if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) {
+      microsec_firstbyte = deltime (tv_temp);
+      elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
+    }
    buffer[i] = '\0';
    xasprintf (&full_page_new, "%s%s", full_page, buffer);
    free (full_page);
@@ -906,6 +940,8 @@ check_http (void)
                  break;
                }
  }
+  microsec_transfer = deltime (tv_temp);
+  elapsed_time_transfer = (double)microsec_transfer / 1.0e6;
  if (i < 0 && errno != ECONNRESET) {
 #ifdef HAVE_SSL
@@ -1107,11 +1143,25 @@ check_http (void)
    msg[strlen(msg)-3] = '\0';
  /* check elapsed time */
-  xasprintf (&msg,
+  if (show_extended_perfdata)
-            _("%s - %d bytes in %.3f second response time %s|%s %s"),
+    xasprintf (&msg,
-            msg, page_len, elapsed_time,
+           _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"),
-            (display_html ? "</A>" : ""),
+           msg, page_len, elapsed_time,
-            perfd_time (elapsed_time), perfd_size (page_len));
+           (display_html ? "</A>" : ""),
+           perfd_time (elapsed_time),
+           perfd_size (page_len),
+           perfd_time_connect (elapsed_time_connect),
+           use_ssl == TRUE ? perfd_time_ssl (elapsed_time_ssl) : "",
+           perfd_time_headers (elapsed_time_headers),
+           perfd_time_firstbyte (elapsed_time_firstbyte),
+           perfd_time_transfer (elapsed_time_transfer));
+  else
+    xasprintf (&msg,
+           _("%s - %d bytes in %.3f second response time %s|%s %s"),
+           msg, page_len, elapsed_time,
+           (display_html ? "</A>" : ""),
+           perfd_time (elapsed_time),
+           perfd_size (page_len));
  result = max_state_alt(get_status(elapsed_time, thlds), result);
@@ -1300,7 +1350,30 @@ char *perfd_time (double elapsed_time)
                   TRUE, 0, FALSE, 0);
 }
+char *perfd_time_connect (double elapsed_time_connect)
+{
+  return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
+}
+char *perfd_time_ssl (double elapsed_time_ssl)
+{
+  return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
+}
+char *perfd_time_headers (double elapsed_time_headers)
+{
+  return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
+}
+char *perfd_time_firstbyte (double elapsed_time_firstbyte)
+{
+  return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
+}
+char *perfd_time_transfer (double elapsed_time_transfer)
+{
+  return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
+}
 char *perfd_size (int page_len)
 {
@@ -1351,7 +1424,7 @@ print_help (void)
  printf ("    %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)."));
  printf (" %s\n", "--sni");
  printf ("    %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
-  printf (" %s\n", "-C, --certificate=INTEGER");
+  printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
  printf ("    %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443"));
  printf ("    %s\n", _("(when this option is used the URL is not checked.)\n"));
 #endif
@@ -1433,14 +1506,14 @@ print_help (void)
  printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,"));
  printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
  printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
-  printf (" %s\n\n", _("a STATE_CRITICAL will be returned."));
+  printf (" %s\n", _("a STATE_CRITICAL will be returned."));
+  printf ("\n");
  printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");
  printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));
  printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
  printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));
  printf (" %s\n", _("the certificate is expired."));
+  printf ("\n");
  printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
  printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,"));
  printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));

diff --git a/plugins/check_http.c b/plugins/check_http.c index 77a235e4..6db38e8c 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c
@@ -1,40 +1,40 @@
1	/*****************************************************************************	1	/*****************************************************************************
2	*	2	*
3	* Nagios check_http plugin	3	* Nagios check_http plugin
4	*	4	*
5	* License: GPL	5	* License: GPL
6	* Copyright (c) 1999-2008 Nagios Plugins Development Team	6	* Copyright (c) 1999-2013 Nagios Plugins Development Team
7	*	7	*
8	* Description:	8	* Description:
9	*	9	*
10	* This file contains the check_http plugin	10	* This file contains the check_http plugin
11	*	11	*
12	* This plugin tests the HTTP service on the specified host. It can test	12	* This plugin tests the HTTP service on the specified host. It can test
13	* normal (http) and secure (https) servers, follow redirects, search for	13	* normal (http) and secure (https) servers, follow redirects, search for
14	* strings and regular expressions, check connection times, and report on	14	* strings and regular expressions, check connection times, and report on
15	* certificate expiration times.	15	* certificate expiration times.
16	*	16	*
17	*	17	*
18	* This program is free software: you can redistribute it and/or modify	18	* This program is free software: you can redistribute it and/or modify
19	* it under the terms of the GNU General Public License as published by	19	* it under the terms of the GNU General Public License as published by
20	* the Free Software Foundation, either version 3 of the License, or	20	* the Free Software Foundation, either version 3 of the License, or
21	* (at your option) any later version.	21	* (at your option) any later version.
22	*	22	*
23	* This program is distributed in the hope that it will be useful,	23	* This program is distributed in the hope that it will be useful,
24	* but WITHOUT ANY WARRANTY; without even the implied warranty of	24	* but WITHOUT ANY WARRANTY; without even the implied warranty of
25	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the	25	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26	* GNU General Public License for more details.	26	* GNU General Public License for more details.
27	*	27	*
28	* You should have received a copy of the GNU General Public License	28	* You should have received a copy of the GNU General Public License
29	* along with this program. If not, see <http://www.gnu.org/licenses/>.	29	* along with this program. If not, see <http://www.gnu.org/licenses/>.
30	*	30	*
31	*	31	*
32	*****************************************************************************/	32	*****************************************************************************/
33		33
34	/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */	34	/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */
35		35
36	const char *progname = "check_http";	36	const char *progname = "check_http";
37	const char *copyright = "1999-2011";	37	const char *copyright = "1999-2013";
38	const char *email = "nagiosplug-devel@lists.sourceforge.net";	38	const char *email = "nagiosplug-devel@lists.sourceforge.net";
39		39
40	#include "common.h"	40	#include "common.h"
@@ -43,7 +43,6 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net";
43	#include "base64.h"	43	#include "base64.h"
44	#include <ctype.h>	44	#include <ctype.h>
45		45
46	#define INPUT_DELIMITER ";"
47	#define STICKY_NONE 0	46	#define STICKY_NONE 0
48	#define STICKY_HOST 1	47	#define STICKY_HOST 1
49	#define STICKY_PORT 2	48	#define STICKY_PORT 2
@@ -85,6 +84,7 @@ int errcode;
85	int invert_regex = 0;	84	int invert_regex = 0;
86		85
87	struct timeval tv;	86	struct timeval tv;
		87	struct timeval tv_temp;
88		88
89	#define HTTP_URL "/"	89	#define HTTP_URL "/"
90	#define CRLF "\r\n"	90	#define CRLF "\r\n"
@@ -115,6 +115,7 @@ int followsticky = STICKY_NONE;
115	int use_ssl = FALSE;	115	int use_ssl = FALSE;
116	int use_sni = FALSE;	116	int use_sni = FALSE;
117	int verbose = FALSE;	117	int verbose = FALSE;
		118	int show_extended_perfdata = FALSE;
118	int sd;	119	int sd;
119	int min_page_len = 0;	120	int min_page_len = 0;
120	int max_page_len = 0;	121	int max_page_len = 0;
@@ -131,6 +132,11 @@ void redir (char pos, char status_line);
131	int server_type_check(const char *type);	132	int server_type_check(const char *type);
132	int server_port_check(int ssl_flag);	133	int server_port_check(int ssl_flag);
133	char *perfd_time (double microsec);	134	char *perfd_time (double microsec);
		135	char *perfd_time_connect (double microsec);
		136	char *perfd_time_ssl (double microsec);
		137	char *perfd_time_firstbyte (double microsec);
		138	char *perfd_time_headers (double microsec);
		139	char *perfd_time_transfer (double microsec);
134	char *perfd_size (int page_len);	140	char *perfd_size (int page_len);
135	void print_help (void);	141	void print_help (void);
136	void print_usage (void);	142	void print_usage (void);
@@ -216,6 +222,7 @@ process_arguments (int argc, char **argv)
216	{"invert-regex", no_argument, NULL, INVERT_REGEX},	222	{"invert-regex", no_argument, NULL, INVERT_REGEX},
217	{"use-ipv4", no_argument, 0, '4'},	223	{"use-ipv4", no_argument, 0, '4'},
218	{"use-ipv6", no_argument, 0, '6'},	224	{"use-ipv6", no_argument, 0, '6'},
		225	{"extended-perfdata", no_argument, 0, 'E'},
219	{0, 0, 0, 0}	226	{0, 0, 0, 0}
220	};	227	};
221		228
@@ -236,7 +243,7 @@ process_arguments (int argc, char **argv)
236	}	243	}
237		244
238	while (1) {	245	while (1) {
239	c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:e:p:s:R:r:u:f:C:nlLS::m:M:N", longopts, &option);	246	c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:e:p:s:R:r:u:f:C:nlLS::m:M:N:E", longopts, &option);
240	if (c == -1 \|\| c == EOF)	247	if (c == -1 \|\| c == EOF)
241	break;	248	break;
242		249
@@ -284,18 +291,18 @@ process_arguments (int argc, char **argv)
284	case 'C': /* Check SSL cert validity */	291	case 'C': /* Check SSL cert validity */
285	#ifdef HAVE_SSL	292	#ifdef HAVE_SSL
286	if ((temp=strchr(optarg,','))!=NULL) {	293	if ((temp=strchr(optarg,','))!=NULL) {
287	*temp='\0';	294	*temp='\0';
288	if (!is_intnonneg (temp))	295	if (!is_intnonneg (optarg))
289	usage2 (_("Invalid certificate expiration period"), optarg);	296	usage2 (_("Invalid certificate expiration period"), optarg);
290	days_till_exp_warn = atoi(optarg);	297	days_till_exp_warn = atoi(optarg);
291	*temp=',';	298	*temp=',';
292	temp++;	299	temp++;
293	if (!is_intnonneg (temp))	300	if (!is_intnonneg (temp))
294	usage2 (_("Invalid certificate expiration period"), temp);	301	usage2 (_("Invalid certificate expiration period"), temp);
295	days_till_exp_crit = atoi (temp);	302	days_till_exp_crit = atoi (temp);
296	}	303	}
297	else {	304	else {
298	days_till_exp_crit=0;	305	days_till_exp_crit=0;
299	if (!is_intnonneg (optarg))	306	if (!is_intnonneg (optarg))
300	usage2 (_("Invalid certificate expiration period"), optarg);	307	usage2 (_("Invalid certificate expiration period"), optarg);
301	days_till_exp_warn = atoi (optarg);	308	days_till_exp_warn = atoi (optarg);
@@ -304,9 +311,7 @@ process_arguments (int argc, char **argv)
304	/* Fall through to -S option */	311	/* Fall through to -S option */
305	#endif	312	#endif
306	case 'S': /* use SSL */	313	case 'S': /* use SSL */
307	#ifndef HAVE_SSL	314	#ifdef HAVE_SSL
308	usage4 (_("Invalid option - SSL is not available"));
309	#endif
310	use_ssl = TRUE;	315	use_ssl = TRUE;
311	if (optarg == NULL \|\| c != 'S')	316	if (optarg == NULL \|\| c != 'S')
312	ssl_version = 0;	317	ssl_version = 0;
@@ -317,6 +322,9 @@ process_arguments (int argc, char **argv)
317	}	322	}
318	if (specify_port == FALSE)	323	if (specify_port == FALSE)
319	server_port = HTTPS_PORT;	324	server_port = HTTPS_PORT;
		325	#else
		326	usage4 (_("Invalid option - SSL is not available"));
		327	#endif
320	break;	328	break;
321	case SNI_OPTION:	329	case SNI_OPTION:
322	use_sni = TRUE;	330	use_sni = TRUE;
@@ -470,6 +478,9 @@ process_arguments (int argc, char **argv)
470	}	478	}
471	}	479	}
472	break;	480	break;
		481	case 'E': /* show extended perfdata */
		482	show_extended_perfdata = TRUE;
		483	break;
473	}	484	}
474	}	485	}
475		486
@@ -811,17 +822,33 @@ check_http (void)
811	char *pos;	822	char *pos;
812	long microsec;	823	long microsec;
813	double elapsed_time;	824	double elapsed_time;
		825	long microsec_connect;
		826	double elapsed_time_connect;
		827	long microsec_ssl;
		828	double elapsed_time_ssl;
		829	long microsec_firstbyte;
		830	double elapsed_time_firstbyte;
		831	long microsec_headers;
		832	double elapsed_time_headers;
		833	long microsec_transfer;
		834	double elapsed_time_transfer;
814	int page_len = 0;	835	int page_len = 0;
815	int result = STATE_OK;	836	int result = STATE_OK;
816		837
817	/* try to connect to the host at the given port number */	838	/* try to connect to the host at the given port number */
		839	gettimeofday (&tv_temp, NULL);
818	if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)	840	if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
819	die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));	841	die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
		842	microsec_connect = deltime (tv_temp);
820	#ifdef HAVE_SSL	843	#ifdef HAVE_SSL
		844	elapsed_time_connect = (double)microsec_connect / 1.0e6;
821	if (use_ssl == TRUE) {	845	if (use_ssl == TRUE) {
		846	gettimeofday (&tv_temp, NULL);
822	result = np_net_ssl_init_with_hostname_and_version(sd, (use_sni ? host_name : NULL), ssl_version);	847	result = np_net_ssl_init_with_hostname_and_version(sd, (use_sni ? host_name : NULL), ssl_version);
823	if (result != STATE_OK)	848	if (result != STATE_OK)
824	return result;	849	return result;
		850	microsec_ssl = deltime (tv_temp);
		851	elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
825	if (check_cert == TRUE) {	852	if (check_cert == TRUE) {
826	result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);	853	result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
827	np_net_ssl_cleanup();	854	np_net_ssl_cleanup();
@@ -853,8 +880,7 @@ check_http (void)
853	/* optionally send any other header tag */	880	/* optionally send any other header tag */
854	if (http_opt_headers_count) {	881	if (http_opt_headers_count) {
855	for (i = 0; i < http_opt_headers_count ; i++) {	882	for (i = 0; i < http_opt_headers_count ; i++) {
856	for ((pos = strtok(http_opt_headers[i], INPUT_DELIMITER)); pos; (pos = strtok(NULL, INPUT_DELIMITER)))	883	xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
857	xasprintf (&buf, "%s%s\r\n", buf, pos);
858	}	884	}
859	/* This cannot be free'd here because a redirection will then try to access this and segfault */	885	/* This cannot be free'd here because a redirection will then try to access this and segfault */
860	/* Covered in a testcase in tests/check_http.t */	886	/* Covered in a testcase in tests/check_http.t */
@@ -890,11 +916,19 @@ check_http (void)
890	}	916	}
891		917
892	if (verbose) printf ("%s\n", buf);	918	if (verbose) printf ("%s\n", buf);
		919	gettimeofday (&tv_temp, NULL);
893	my_send (buf, strlen (buf));	920	my_send (buf, strlen (buf));
		921	microsec_headers = deltime (tv_temp);
		922	elapsed_time_headers = (double)microsec_headers / 1.0e6;
894		923
895	/* fetch the page */	924	/* fetch the page */
896	full_page = strdup("");	925	full_page = strdup("");
		926	gettimeofday (&tv_temp, NULL);
897	while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {	927	while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {
		928	if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) {
		929	microsec_firstbyte = deltime (tv_temp);
		930	elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
		931	}
898	buffer[i] = '\0';	932	buffer[i] = '\0';
899	xasprintf (&full_page_new, "%s%s", full_page, buffer);	933	xasprintf (&full_page_new, "%s%s", full_page, buffer);
900	free (full_page);	934	free (full_page);
@@ -906,6 +940,8 @@ check_http (void)
906	break;	940	break;
907	}	941	}
908	}	942	}
		943	microsec_transfer = deltime (tv_temp);
		944	elapsed_time_transfer = (double)microsec_transfer / 1.0e6;
909		945
910	if (i < 0 && errno != ECONNRESET) {	946	if (i < 0 && errno != ECONNRESET) {
911	#ifdef HAVE_SSL	947	#ifdef HAVE_SSL
@@ -1107,11 +1143,25 @@ check_http (void)
1107	msg[strlen(msg)-3] = '\0';	1143	msg[strlen(msg)-3] = '\0';
1108		1144
1109	/* check elapsed time */	1145	/* check elapsed time */
1110	xasprintf (&msg,	1146	if (show_extended_perfdata)
1111	_("%s - %d bytes in %.3f second response time %s\|%s %s"),	1147	xasprintf (&msg,
1112	msg, page_len, elapsed_time,	1148	_("%s - %d bytes in %.3f second response time %s\|%s %s %s %s %s %s %s"),
1113	(display_html ? "</A>" : ""),	1149	msg, page_len, elapsed_time,
1114	perfd_time (elapsed_time), perfd_size (page_len));	1150	(display_html ? "</A>" : ""),
		1151	perfd_time (elapsed_time),
		1152	perfd_size (page_len),
		1153	perfd_time_connect (elapsed_time_connect),
		1154	use_ssl == TRUE ? perfd_time_ssl (elapsed_time_ssl) : "",
		1155	perfd_time_headers (elapsed_time_headers),
		1156	perfd_time_firstbyte (elapsed_time_firstbyte),
		1157	perfd_time_transfer (elapsed_time_transfer));
		1158	else
		1159	xasprintf (&msg,
		1160	_("%s - %d bytes in %.3f second response time %s\|%s %s"),
		1161	msg, page_len, elapsed_time,
		1162	(display_html ? "</A>" : ""),
		1163	perfd_time (elapsed_time),
		1164	perfd_size (page_len));
1115		1165
1116	result = max_state_alt(get_status(elapsed_time, thlds), result);	1166	result = max_state_alt(get_status(elapsed_time, thlds), result);
1117		1167
@@ -1300,7 +1350,30 @@ char *perfd_time (double elapsed_time)
1300	TRUE, 0, FALSE, 0);	1350	TRUE, 0, FALSE, 0);
1301	}	1351	}
1302		1352
		1353	char *perfd_time_connect (double elapsed_time_connect)
		1354	{
		1355	return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
		1356	}
		1357
		1358	char *perfd_time_ssl (double elapsed_time_ssl)
		1359	{
		1360	return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
		1361	}
		1362
		1363	char *perfd_time_headers (double elapsed_time_headers)
		1364	{
		1365	return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
		1366	}
1303		1367
		1368	char *perfd_time_firstbyte (double elapsed_time_firstbyte)
		1369	{
		1370	return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
		1371	}
		1372
		1373	char *perfd_time_transfer (double elapsed_time_transfer)
		1374	{
		1375	return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, FALSE, 0);
		1376	}
1304		1377
1305	char *perfd_size (int page_len)	1378	char *perfd_size (int page_len)
1306	{	1379	{
@@ -1351,7 +1424,7 @@ print_help (void)
1351	printf (" %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)."));	1424	printf (" %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3)."));
1352	printf (" %s\n", "--sni");	1425	printf (" %s\n", "--sni");
1353	printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));	1426	printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
1354	printf (" %s\n", "-C, --certificate=INTEGER");	1427	printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
1355	printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443"));	1428	printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443"));
1356	printf (" %s\n", _("(when this option is used the URL is not checked.)\n"));	1429	printf (" %s\n", _("(when this option is used the URL is not checked.)\n"));
1357	#endif	1430	#endif
@@ -1433,14 +1506,14 @@ print_help (void)
1433	printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,"));	1506	printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,"));
1434	printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));	1507	printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
1435	printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));	1508	printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
1436	printf (" %s\n\n", _("a STATE_CRITICAL will be returned."));	1509	printf (" %s\n", _("a STATE_CRITICAL will be returned."));
1437		1510	printf ("\n");
1438	printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");	1511	printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");
1439	printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));	1512	printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));
1440	printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));	1513	printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
1441	printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));	1514	printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));
1442	printf (" %s\n", _("the certificate is expired."));	1515	printf (" %s\n", _("the certificate is expired."));
1443		1516	printf ("\n");
1444	printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");	1517	printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
1445	printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,"));	1518	printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,"));
1446	printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));	1519	printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));