summaryrefslogtreecommitdiffstats
path: root/plugins/check_tcp.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_tcp.c')
-rw-r--r--plugins/check_tcp.c147
1 files changed, 89 insertions, 58 deletions
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 22dcc74e..09806373 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -65,7 +65,8 @@ typedef struct {
65 int errorcode; 65 int errorcode;
66 check_tcp_config config; 66 check_tcp_config config;
67} check_tcp_config_wrapper; 67} check_tcp_config_wrapper;
68static check_tcp_config_wrapper process_arguments(int /*argc*/, char ** /*argv*/, check_tcp_config /*config*/); 68static check_tcp_config_wrapper process_arguments(int /*argc*/, char ** /*argv*/,
69 check_tcp_config /*config*/);
69void print_help(const char *service); 70void print_help(const char *service);
70void print_usage(void); 71void print_usage(void);
71 72
@@ -137,7 +138,8 @@ int main(int argc, char **argv) {
137 config.server_expect[0] = "220"; 138 config.server_expect[0] = "220";
138 config.quit = "QUIT\r\n"; 139 config.quit = "QUIT\r\n";
139 config.server_port = DEFAULT_FTP_PORT; 140 config.server_port = DEFAULT_FTP_PORT;
140 } else if (!strncmp(config.service, "POP", strlen("POP")) || !strncmp(config.service, "POP3", strlen("POP3"))) { 141 } else if (!strncmp(config.service, "POP", strlen("POP")) ||
142 !strncmp(config.service, "POP3", strlen("POP3"))) {
141 config.server_expect[0] = "+OK"; 143 config.server_expect[0] = "+OK";
142 config.quit = "QUIT\r\n"; 144 config.quit = "QUIT\r\n";
143 config.server_port = DEFAULT_POP_PORT; 145 config.server_port = DEFAULT_POP_PORT;
@@ -167,7 +169,8 @@ int main(int argc, char **argv) {
167 config.use_tls = true; 169 config.use_tls = true;
168 config.server_port = DEFAULT_SSMTP_PORT; 170 config.server_port = DEFAULT_SSMTP_PORT;
169 } else if (!strncmp(config.service, "JABBER", strlen("JABBER"))) { 171 } else if (!strncmp(config.service, "JABBER", strlen("JABBER"))) {
170 config.send = "<stream:stream to=\'host\' xmlns=\'jabber:client\' xmlns:stream=\'http://etherx.jabber.org/streams\'>\n"; 172 config.send = "<stream:stream to=\'host\' xmlns=\'jabber:client\' "
173 "xmlns:stream=\'http://etherx.jabber.org/streams\'>\n";
171 config.server_expect[0] = "<?xml version=\'1.0\'"; 174 config.server_expect[0] = "<?xml version=\'1.0\'";
172 config.quit = "</stream:stream>\n"; 175 config.quit = "</stream:stream>\n";
173 config.hide_output = true; 176 config.hide_output = true;
@@ -246,46 +249,58 @@ int main(int argc, char **argv) {
246 mp_subcheck inital_connect_result = mp_subcheck_init(); 249 mp_subcheck inital_connect_result = mp_subcheck_init();
247 250
248 // Try initial connection 251 // Try initial connection
249 if (np_net_connect(config.server_address, config.server_port, &socket_descriptor, config.protocol) == STATE_CRITICAL) { 252 if (np_net_connect(config.server_address, config.server_port, &socket_descriptor,
253 config.protocol) == STATE_CRITICAL) {
250 // Early exit here, we got connection refused 254 // Early exit here, we got connection refused
251 inital_connect_result = mp_set_subcheck_state(inital_connect_result, config.econn_refuse_state); 255 inital_connect_result =
252 xasprintf(&inital_connect_result.output, "Connection to %s on port %i was REFUSED", config.server_address, config.server_port); 256 mp_set_subcheck_state(inital_connect_result, config.econn_refuse_state);
257 xasprintf(&inital_connect_result.output, "Connection to %s on port %i was REFUSED",
258 config.server_address, config.server_port);
253 mp_add_subcheck_to_check(&overall, inital_connect_result); 259 mp_add_subcheck_to_check(&overall, inital_connect_result);
254 mp_exit(overall); 260 mp_exit(overall);
255 } else { 261 } else {
256 inital_connect_result = mp_set_subcheck_state(inital_connect_result, STATE_OK); 262 inital_connect_result = mp_set_subcheck_state(inital_connect_result, STATE_OK);
257 xasprintf(&inital_connect_result.output, "Connection to %s on port %i was a SUCCESS", config.server_address, config.server_port); 263 xasprintf(&inital_connect_result.output, "Connection to %s on port %i was a SUCCESS",
264 config.server_address, config.server_port);
258 mp_add_subcheck_to_check(&overall, inital_connect_result); 265 mp_add_subcheck_to_check(&overall, inital_connect_result);
259 } 266 }
260 267
261#ifdef HAVE_SSL 268#ifdef HAVE_SSL
262 if (config.use_tls) { 269 if (config.use_tls) {
263 mp_subcheck tls_connection_result = mp_subcheck_init(); 270 mp_subcheck tls_connection_result = mp_subcheck_init();
264 mp_state_enum result = np_net_ssl_init_with_hostname(socket_descriptor, (config.sni_specified ? config.sni : NULL)); 271 mp_state_enum result = np_net_ssl_init_with_hostname(
272 socket_descriptor, (config.sni_specified ? config.sni : NULL));
265 tls_connection_result = mp_set_subcheck_default_state(tls_connection_result, result); 273 tls_connection_result = mp_set_subcheck_default_state(tls_connection_result, result);
266 274
267 if (result == STATE_OK) { 275 if (result == STATE_OK) {
268 xasprintf(&tls_connection_result.output, "TLS connection succeeded"); 276 xasprintf(&tls_connection_result.output, "TLS connection succeeded");
269 277
270 if (config.check_cert) { 278 if (config.check_cert) {
271 result = np_net_ssl_check_cert(config.days_till_exp_warn, config.days_till_exp_crit); 279 result =
280 np_net_ssl_check_cert(config.days_till_exp_warn, config.days_till_exp_crit);
272 281
273 mp_subcheck tls_certificate_lifetime_result = mp_subcheck_init(); 282 mp_subcheck tls_certificate_lifetime_result = mp_subcheck_init();
274 tls_certificate_lifetime_result = mp_set_subcheck_state(tls_certificate_lifetime_result, result); 283 tls_certificate_lifetime_result =
284 mp_set_subcheck_state(tls_certificate_lifetime_result, result);
275 285
276 if (result == STATE_OK) { 286 if (result == STATE_OK) {
277 xasprintf(&tls_certificate_lifetime_result.output, "Certificate lifetime is within thresholds"); 287 xasprintf(&tls_certificate_lifetime_result.output,
288 "Certificate lifetime is within thresholds");
278 } else if (result == STATE_WARNING) { 289 } else if (result == STATE_WARNING) {
279 xasprintf(&tls_certificate_lifetime_result.output, "Certificate lifetime is violating warning threshold (%i)", 290 xasprintf(&tls_certificate_lifetime_result.output,
291 "Certificate lifetime is violating warning threshold (%i)",
280 config.days_till_exp_warn); 292 config.days_till_exp_warn);
281 } else if (result == STATE_CRITICAL) { 293 } else if (result == STATE_CRITICAL) {
282 xasprintf(&tls_certificate_lifetime_result.output, "Certificate lifetime is violating critical threshold (%i)", 294 xasprintf(&tls_certificate_lifetime_result.output,
295 "Certificate lifetime is violating critical threshold (%i)",
283 config.days_till_exp_crit); 296 config.days_till_exp_crit);
284 } else { 297 } else {
285 xasprintf(&tls_certificate_lifetime_result.output, "Certificate lifetime is somehow unknown"); 298 xasprintf(&tls_certificate_lifetime_result.output,
299 "Certificate lifetime is somehow unknown");
286 } 300 }
287 301
288 mp_add_subcheck_to_subcheck(&tls_connection_result, tls_certificate_lifetime_result); 302 mp_add_subcheck_to_subcheck(&tls_connection_result,
303 tls_certificate_lifetime_result);
289 } 304 }
290 305
291 mp_add_subcheck_to_check(&overall, tls_connection_result); 306 mp_add_subcheck_to_check(&overall, tls_connection_result);
@@ -336,7 +351,8 @@ int main(int argc, char **argv) {
336 char buffer[MAXBUF]; 351 char buffer[MAXBUF];
337 352
338 /* watch for the expect string */ 353 /* watch for the expect string */
339 while ((received = my_recv(socket_descriptor, buffer, sizeof(buffer), config.use_tls)) > 0) { 354 while ((received = my_recv(socket_descriptor, buffer, sizeof(buffer), config.use_tls)) >
355 0) {
340 received_buffer = realloc(received_buffer, len + received + 1); 356 received_buffer = realloc(received_buffer, len + received + 1);
341 357
342 if (received_buffer == NULL) { 358 if (received_buffer == NULL) {
@@ -352,7 +368,8 @@ int main(int argc, char **argv) {
352 break; 368 break;
353 } 369 }
354 370
355 if ((match = np_expect_match(received_buffer, config.server_expect, config.server_expect_count, config.match_flags)) != 371 if ((match = np_expect_match(received_buffer, config.server_expect,
372 config.server_expect_count, config.match_flags)) !=
356 NP_MATCH_RETRY) { 373 NP_MATCH_RETRY) {
357 break; 374 break;
358 } 375 }
@@ -385,7 +402,8 @@ int main(int argc, char **argv) {
385 402
386 /* print raw output if we're debugging */ 403 /* print raw output if we're debugging */
387 if (verbosity > 0) { 404 if (verbosity > 0) {
388 printf("received %d bytes from host\n#-raw-recv-------#\n%s\n#-raw-recv-------#\n", (int)len + 1, received_buffer); 405 printf("received %d bytes from host\n#-raw-recv-------#\n%s\n#-raw-recv-------#\n",
406 (int)len + 1, received_buffer);
389 } 407 }
390 /* strip whitespace from end of output */ 408 /* strip whitespace from end of output */
391 while (--len > 0 && isspace(received_buffer[len])) { 409 while (--len > 0 && isspace(received_buffer[len])) {
@@ -415,7 +433,9 @@ int main(int argc, char **argv) {
415 time_pd.uom = "s"; 433 time_pd.uom = "s";
416 434
417 if (config.critical_time_set && elapsed_time > config.critical_time) { 435 if (config.critical_time_set && elapsed_time > config.critical_time) {
418 xasprintf(&elapsed_time_result.output, "Connection time %fs exceeded critical threshold (%f)", elapsed_time, config.critical_time); 436 xasprintf(&elapsed_time_result.output,
437 "Connection time %fs exceeded critical threshold (%f)", elapsed_time,
438 config.critical_time);
419 439
420 elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_CRITICAL); 440 elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_CRITICAL);
421 time_pd.crit_present = true; 441 time_pd.crit_present = true;
@@ -426,7 +446,9 @@ int main(int argc, char **argv) {
426 446
427 time_pd.crit = crit_val; 447 time_pd.crit = crit_val;
428 } else if (config.warning_time_set && elapsed_time > config.warning_time) { 448 } else if (config.warning_time_set && elapsed_time > config.warning_time) {
429 xasprintf(&elapsed_time_result.output, "Connection time %fs exceeded warning threshold (%f)", elapsed_time, config.critical_time); 449 xasprintf(&elapsed_time_result.output,
450 "Connection time %fs exceeded warning threshold (%f)", elapsed_time,
451 config.critical_time);
430 452
431 elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_WARNING); 453 elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_WARNING);
432 time_pd.warn_present = true; 454 time_pd.warn_present = true;
@@ -437,7 +459,8 @@ int main(int argc, char **argv) {
437 time_pd.warn = warn_val; 459 time_pd.warn = warn_val;
438 } else { 460 } else {
439 elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_OK); 461 elapsed_time_result = mp_set_subcheck_state(elapsed_time_result, STATE_OK);
440 xasprintf(&elapsed_time_result.output, "Connection time %fs is within thresholds", elapsed_time); 462 xasprintf(&elapsed_time_result.output, "Connection time %fs is within thresholds",
463 elapsed_time);
441 } 464 }
442 465
443 mp_add_perfdata_to_subcheck(&elapsed_time_result, time_pd); 466 mp_add_perfdata_to_subcheck(&elapsed_time_result, time_pd);
@@ -445,7 +468,8 @@ int main(int argc, char **argv) {
445 468
446 /* did we get the response we hoped? */ 469 /* did we get the response we hoped? */
447 if (match == NP_MATCH_FAILURE) { 470 if (match == NP_MATCH_FAILURE) {
448 expected_data_result = mp_set_subcheck_state(expected_data_result, config.expect_mismatch_state); 471 expected_data_result =
472 mp_set_subcheck_state(expected_data_result, config.expect_mismatch_state);
449 xasprintf(&expected_data_result.output, "Answer failed to match expectation"); 473 xasprintf(&expected_data_result.output, "Answer failed to match expectation");
450 mp_add_subcheck_to_check(&overall, expected_data_result); 474 mp_add_subcheck_to_check(&overall, expected_data_result);
451 } else if (match == NP_MATCH_SUCCESS) { 475 } else if (match == NP_MATCH_SUCCESS) {
@@ -467,34 +491,35 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
467 output_format_index, 491 output_format_index,
468 }; 492 };
469 493
470 static struct option longopts[] = {{"hostname", required_argument, 0, 'H'}, 494 static struct option longopts[] = {
471 {"critical", required_argument, 0, 'c'}, 495 {"hostname", required_argument, 0, 'H'},
472 {"warning", required_argument, 0, 'w'}, 496 {"critical", required_argument, 0, 'c'},
473 {"critical-codes", required_argument, 0, 'C'}, 497 {"warning", required_argument, 0, 'w'},
474 {"warning-codes", required_argument, 0, 'W'}, 498 {"critical-codes", required_argument, 0, 'C'},
475 {"timeout", required_argument, 0, 't'}, 499 {"warning-codes", required_argument, 0, 'W'},
476 {"protocol", required_argument, 0, 'P'}, /* FIXME: Unhandled */ 500 {"timeout", required_argument, 0, 't'},
477 {"port", required_argument, 0, 'p'}, 501 {"protocol", required_argument, 0, 'P'}, /* FIXME: Unhandled */
478 {"escape", no_argument, 0, 'E'}, 502 {"port", required_argument, 0, 'p'},
479 {"all", no_argument, 0, 'A'}, 503 {"escape", no_argument, 0, 'E'},
480 {"send", required_argument, 0, 's'}, 504 {"all", no_argument, 0, 'A'},
481 {"expect", required_argument, 0, 'e'}, 505 {"send", required_argument, 0, 's'},
482 {"maxbytes", required_argument, 0, 'm'}, 506 {"expect", required_argument, 0, 'e'},
483 {"quit", required_argument, 0, 'q'}, 507 {"maxbytes", required_argument, 0, 'm'},
484 {"jail", no_argument, 0, 'j'}, 508 {"quit", required_argument, 0, 'q'},
485 {"delay", required_argument, 0, 'd'}, 509 {"jail", no_argument, 0, 'j'},
486 {"refuse", required_argument, 0, 'r'}, 510 {"delay", required_argument, 0, 'd'},
487 {"mismatch", required_argument, 0, 'M'}, 511 {"refuse", required_argument, 0, 'r'},
488 {"use-ipv4", no_argument, 0, '4'}, 512 {"mismatch", required_argument, 0, 'M'},
489 {"use-ipv6", no_argument, 0, '6'}, 513 {"use-ipv4", no_argument, 0, '4'},
490 {"verbose", no_argument, 0, 'v'}, 514 {"use-ipv6", no_argument, 0, '6'},
491 {"version", no_argument, 0, 'V'}, 515 {"verbose", no_argument, 0, 'v'},
492 {"help", no_argument, 0, 'h'}, 516 {"version", no_argument, 0, 'V'},
493 {"ssl", no_argument, 0, 'S'}, 517 {"help", no_argument, 0, 'h'},
494 {"sni", required_argument, 0, SNI_OPTION}, 518 {"ssl", no_argument, 0, 'S'},
495 {"certificate", required_argument, 0, 'D'}, 519 {"sni", required_argument, 0, SNI_OPTION},
496 {"output-format", required_argument, 0, output_format_index}, 520 {"certificate", required_argument, 0, 'D'},
497 {0, 0, 0, 0}}; 521 {"output-format", required_argument, 0, output_format_index},
522 {0, 0, 0, 0}};
498 523
499 if (argc < 2) { 524 if (argc < 2) {
500 usage4(_("No arguments found")); 525 usage4(_("No arguments found"));
@@ -522,7 +547,8 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
522 547
523 while (true) { 548 while (true) {
524 int option = 0; 549 int option = 0;
525 int option_index = getopt_long(argc, argv, "+hVv46EAH:s:e:q:m:c:w:t:p:C:W:d:Sr:jD:M:", longopts, &option); 550 int option_index =
551 getopt_long(argc, argv, "+hVv46EAH:s:e:q:m:c:w:t:p:C:W:d:Sr:jD:M:", longopts, &option);
526 552
527 if (option_index == -1 || option_index == EOF || option_index == 1) { 553 if (option_index == -1 || option_index == EOF || option_index == 1) {
528 break; 554 break;
@@ -595,7 +621,8 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
595 if (config.server_expect_count == 0) { 621 if (config.server_expect_count == 0) {
596 config.server_expect = malloc(sizeof(char *) * (++config.server_expect_count)); 622 config.server_expect = malloc(sizeof(char *) * (++config.server_expect_count));
597 } else { 623 } else {
598 config.server_expect = realloc(config.server_expect, sizeof(char *) * (++config.server_expect_count)); 624 config.server_expect =
625 realloc(config.server_expect, sizeof(char *) * (++config.server_expect_count));
599 } 626 }
600 627
601 if (config.server_expect == NULL) { 628 if (config.server_expect == NULL) {
@@ -718,8 +745,8 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
718 if (config.server_address == NULL) { 745 if (config.server_address == NULL) {
719 usage4(_("You must provide a server address")); 746 usage4(_("You must provide a server address"));
720 } else if (config.server_address[0] != '/' && !is_host(config.server_address)) { 747 } else if (config.server_address[0] != '/' && !is_host(config.server_address)) {
721 die(STATE_CRITICAL, "%s %s - %s: %s\n", config.service, state_text(STATE_CRITICAL), _("Invalid hostname, address or socket"), 748 die(STATE_CRITICAL, "%s %s - %s: %s\n", config.service, state_text(STATE_CRITICAL),
722 config.server_address); 749 _("Invalid hostname, address or socket"), config.server_address);
723 } 750 }
724 751
725 check_tcp_config_wrapper result = { 752 check_tcp_config_wrapper result = {
@@ -735,7 +762,8 @@ void print_help(const char *service) {
735 printf("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"); 762 printf("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n");
736 printf(COPYRIGHT, copyright, email); 763 printf(COPYRIGHT, copyright, email);
737 764
738 printf(_("This plugin tests %s connections with the specified host (or unix socket).\n\n"), service); 765 printf(_("This plugin tests %s connections with the specified host (or unix socket).\n\n"),
766 service);
739 767
740 print_usage(); 768 print_usage();
741 769
@@ -747,7 +775,8 @@ void print_help(const char *service) {
747 printf(UT_IPv46); 775 printf(UT_IPv46);
748 776
749 printf(" %s\n", "-E, --escape"); 777 printf(" %s\n", "-E, --escape");
750 printf(" %s\n", _("Can use \\n, \\r, \\t or \\\\ in send or quit string. Must come before send or quit option")); 778 printf(" %s\n", _("Can use \\n, \\r, \\t or \\\\ in send or quit string. Must come before "
779 "send or quit option"));
751 printf(" %s\n", _("Default: nothing added to send, \\r\\n added to end of quit")); 780 printf(" %s\n", _("Default: nothing added to send, \\r\\n added to end of quit"));
752 printf(" %s\n", "-s, --send=STRING"); 781 printf(" %s\n", "-s, --send=STRING");
753 printf(" %s\n", _("String to send to the server")); 782 printf(" %s\n", _("String to send to the server"));
@@ -760,7 +789,8 @@ void print_help(const char *service) {
760 printf(" %s\n", "-r, --refuse=ok|warn|crit"); 789 printf(" %s\n", "-r, --refuse=ok|warn|crit");
761 printf(" %s\n", _("Accept TCP refusals with states ok, warn, crit (default: crit)")); 790 printf(" %s\n", _("Accept TCP refusals with states ok, warn, crit (default: crit)"));
762 printf(" %s\n", "-M, --mismatch=ok|warn|crit"); 791 printf(" %s\n", "-M, --mismatch=ok|warn|crit");
763 printf(" %s\n", _("Accept expected string mismatches with states ok, warn, crit (default: warn)")); 792 printf(" %s\n",
793 _("Accept expected string mismatches with states ok, warn, crit (default: warn)"));
764 printf(" %s\n", "-j, --jail"); 794 printf(" %s\n", "-j, --jail");
765 printf(" %s\n", _("Hide output from TCP socket")); 795 printf(" %s\n", _("Hide output from TCP socket"));
766 printf(" %s\n", "-m, --maxbytes=INTEGER"); 796 printf(" %s\n", "-m, --maxbytes=INTEGER");
@@ -790,7 +820,8 @@ void print_help(const char *service) {
790 820
791void print_usage(void) { 821void print_usage(void) {
792 printf("%s\n", _("Usage:")); 822 printf("%s\n", _("Usage:"));
793 printf("%s -H host -p port [-w <warning time>] [-c <critical time>] [-s <send string>]\n", progname); 823 printf("%s -H host -p port [-w <warning time>] [-c <critical time>] [-s <send string>]\n",
824 progname);
794 printf("[-e <expect string>] [-q <quit string>][-m <maximum bytes>] [-d <delay>]\n"); 825 printf("[-e <expect string>] [-q <quit string>][-m <maximum bytes>] [-d <delay>]\n");
795 printf("[-t <timeout seconds>] [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n"); 826 printf("[-t <timeout seconds>] [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n");
796 printf("[-D <warn days cert expire>[,<crit days cert expire>]] [-S <use SSL>] [-E]\n"); 827 printf("[-D <warn days cert expire>[,<crit days cert expire>]] [-S <use SSL>] [-E]\n");