1 files changed, 33 insertions, 38 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index be18ce7d..506a1ec7 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -189,16 +189,17 @@ struct timeval tv;
 #define HTTPS_PORT 443
 #define HTTP_EXPECT "HTTP/1."
 #define HTTP_URL "/"
+#define CRLF "\r\n"
 char timestamp[17] = "";
 int specify_port = FALSE;
 int server_port = HTTP_PORT;
 char server_port_text[6] = "";
 char server_type[6] = "http";
-/*@null@*/ char *server_address = NULL; 
+char *server_address = ""; 
 char *host_name = "";
-/*@null@*/ char *server_url = NULL;
+char *server_url = HTTP_URL;
-int server_url_length = 0;
+int server_url_length = 1;
 int server_expect_yn = 0;
 char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
 char string_expect[MAX_INPUT_BUFFER] = "";
@@ -212,8 +213,8 @@ int onredirect = STATE_OK;
 int use_ssl = FALSE;
 int verbose = FALSE;
 int sd;
-/*@null@*/ char *http_method = NULL;
+char *http_method = "GET";
-/*@null@*/ char *http_post_data = NULL;
+char *http_post_data = "";
 char buffer[MAX_INPUT_BUFFER];
 void print_usage (void);
@@ -404,11 +405,11 @@ process_arguments (int argc, char **argv)
                        asprintf (&host_name, "%s", optarg);
                        break;
                case 'I': /* Server IP-address */
-                        server_address = strscpy (server_address, optarg);
+                        asprintf (&server_address, "%s", optarg);
                        break;
                case 'u': /* Host or server */
-                        server_url = strscpy (server_url, optarg);
+                        asprintf (&server_url, "%s", optarg);
-                        server_url_length = strlen (optarg);
+                        server_url_length = strlen (server_url);
                        break;
                case 'p': /* Host or server */
                        if (!is_intnonneg (optarg))
@@ -421,8 +422,8 @@ process_arguments (int argc, char **argv)
                        user_auth[MAX_INPUT_BUFFER - 1] = 0;
                        break;
                case 'P': /* HTTP POST data in URL encoded format */
-                        http_method = strscpy (http_method, "POST");
+                        asprintf (&http_method, "%s", "POST");
-                        http_post_data = strscpy (http_post_data, optarg);
+                        asprintf (&http_post_data, "%s", optarg);
                        break;
                case 's': /* string or substring */
                        strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1);
@@ -464,27 +465,17 @@ process_arguments (int argc, char **argv)
        c = optind;
-        if (server_address == NULL) {
+        if (strcmp (server_address, "") == 0 && c < argc)
-                if (c < argc) {
+                        asprintf (&server_address, "%s", argv[c++]);
-                        server_address = strscpy (NULL, argv[c++]);
-                }
-                else if (strcmp (host_name ,"") == 0) {
-                        usage ("check_http: you must specify a server address\n");
-                }
-        }
-        if (strcmp (host_name ,"") == 0 && c < argc)
+        if (strcmp (host_name, "") == 0 && c < argc)
                asprintf (&host_name, "%s", argv[c++]);
-        if (server_address == NULL)
+        if (strcmp (server_address ,"") == 0) {
-                server_address = strscpy (NULL, host_name);
+                if (strcmp (host_name, "") == 0)
+                        usage ("check_http: you must specify a server address or host name\n");
-        if (http_method == NULL)
+                else
-                http_method = strscpy (http_method, "GET");
+                        asprintf (&server_address, "%s", host_name);
-        if (server_url == NULL) {
-                server_url = strscpy (NULL, "/");
-                server_url_length = strlen(HTTP_URL);
        }
        return TRUE;
@@ -600,7 +591,7 @@ check_http (void)
                }
                /* either send http POST data */
-                if (http_post_data) {
+                if (strlen (http_post_data)) {
                        asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
                        if (SSL_write (ssl, buf, strlen (buf)) == -1) {
                                ERR_print_errors_fp (stderr);
@@ -611,11 +602,15 @@ check_http (void)
                                ERR_print_errors_fp (stderr);
                                return STATE_CRITICAL;
                        }
-                        http_post_data = strscat (http_post_data, "\r\n");
                        if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) {
                                ERR_print_errors_fp (stderr);
                                return STATE_CRITICAL;
                        }
+                        asprintf (&buf, CRLF);
+                        if (SSL_write (ssl, buf, strlen (buf)) == -1) {
+                                ERR_print_errors_fp (stderr);
+                                return STATE_CRITICAL;
+                        }
                }
                else {
                        /* or just a newline so the server knows we're done with the request */
@@ -655,13 +650,13 @@ check_http (void)
                /* either send http POST data */
                /* written by Chris Henesy <lurker@shadowtech.org> */
-                if (http_post_data) {
+                if (strlen (http_post_data)) {
                        asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
                        send (sd, buf, strlen (buf), 0);
                        asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
                        send (sd, buf, strlen (buf), 0);
-                        http_post_data = strscat (http_post_data, "\r\n");
                        send (sd, http_post_data, strlen (http_post_data), 0);
+                        send (sd, CRLF, strlen (CRLF), 0);
                }
                else {
                        /* or just a newline so the server knows we're done with the request */
@@ -773,7 +768,7 @@ check_http (void)
                    strstr (status_line, "304")) {
                        if (onredirect == STATE_DEPENDENT) {
-                                orig_url = strscpy(NULL, server_url);
+                                asprintf (&orig_url, "%s", server_url);
                                pos = header;
                                while (pos) {
                                        server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH);
@@ -788,26 +783,26 @@ check_http (void)
                                                server_url_length = strcspn (pos, "\r\n");
                                        }
                                        if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {
-                                                host_name = strscpy (host_name, server_address);
+                                                asprintf (&host_name, "%s", server_address);
                                                use_ssl = server_type_check (server_type);
                                                server_port = atoi (server_port_text);
                                                check_http ();
                                        }
                                        else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) { 
-                                                host_name = strscpy (host_name, server_address);
+                                                asprintf (&host_name, "%s", server_address);
                                                use_ssl = server_type_check (server_type);
                                                server_port = server_port_check (use_ssl);
                                                check_http ();
                                        }
                                        else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) {
-                                                host_name = strscpy (host_name, server_address);
+                                                asprintf (&host_name, "%s", server_address);
                                                strcpy (server_url, "/");
                                                use_ssl = server_type_check (server_type);
                                                server_port = atoi (server_port_text);
                                                check_http ();
                                        }
                                        else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) {
-                                                host_name = strscpy (host_name, server_address);
+                                                asprintf (&host_name, "%s", server_address);
                                                strcpy (server_url, "/");
                                                use_ssl = server_type_check (server_type);
                                                server_port = server_port_check (use_ssl);
@@ -912,7 +907,7 @@ int connect_SSL (void)
 {
        SSL_METHOD *meth;
-        randbuff = strscpy (NULL, "qwertyuiopasdfghjkl");
+        asprintf (randbuff, "%s", "qwertyuiopasdfghjkl");
        RAND_seed (randbuff, strlen (randbuff));
        /* Initialize SSL context */
        SSLeay_add_ssl_algorithms ();

diff --git a/plugins/check_http.c b/plugins/check_http.c index be18ce7d..506a1ec7 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c
@@ -189,16 +189,17 @@ struct timeval tv;
189	#define HTTPS_PORT 443	189	#define HTTPS_PORT 443
190	#define HTTP_EXPECT "HTTP/1."	190	#define HTTP_EXPECT "HTTP/1."
191	#define HTTP_URL "/"	191	#define HTTP_URL "/"
		192	#define CRLF "\r\n"
192		193
193	char timestamp[17] = "";	194	char timestamp[17] = "";
194	int specify_port = FALSE;	195	int specify_port = FALSE;
195	int server_port = HTTP_PORT;	196	int server_port = HTTP_PORT;
196	char server_port_text[6] = "";	197	char server_port_text[6] = "";
197	char server_type[6] = "http";	198	char server_type[6] = "http";
198	/@null@/ char *server_address = NULL;	199	char *server_address = "";
199	char *host_name = "";	200	char *host_name = "";
200	/@null@/ char *server_url = NULL;	201	char *server_url = HTTP_URL;
201	int server_url_length = 0;	202	int server_url_length = 1;
202	int server_expect_yn = 0;	203	int server_expect_yn = 0;
203	char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;	204	char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
204	char string_expect[MAX_INPUT_BUFFER] = "";	205	char string_expect[MAX_INPUT_BUFFER] = "";
@@ -212,8 +213,8 @@ int onredirect = STATE_OK;
212	int use_ssl = FALSE;	213	int use_ssl = FALSE;
213	int verbose = FALSE;	214	int verbose = FALSE;
214	int sd;	215	int sd;
215	/@null@/ char *http_method = NULL;	216	char *http_method = "GET";
216	/@null@/ char *http_post_data = NULL;	217	char *http_post_data = "";
217	char buffer[MAX_INPUT_BUFFER];	218	char buffer[MAX_INPUT_BUFFER];
218		219
219	void print_usage (void);	220	void print_usage (void);
@@ -404,11 +405,11 @@ process_arguments (int argc, char **argv)
404	asprintf (&host_name, "%s", optarg);	405	asprintf (&host_name, "%s", optarg);
405	break;	406	break;
406	case 'I': /* Server IP-address */	407	case 'I': /* Server IP-address */
407	server_address = strscpy (server_address, optarg);	408	asprintf (&server_address, "%s", optarg);
408	break;	409	break;
409	case 'u': /* Host or server */	410	case 'u': /* Host or server */
410	server_url = strscpy (server_url, optarg);	411	asprintf (&server_url, "%s", optarg);
411	server_url_length = strlen (optarg);	412	server_url_length = strlen (server_url);
412	break;	413	break;
413	case 'p': /* Host or server */	414	case 'p': /* Host or server */
414	if (!is_intnonneg (optarg))	415	if (!is_intnonneg (optarg))
@@ -421,8 +422,8 @@ process_arguments (int argc, char **argv)
421	user_auth[MAX_INPUT_BUFFER - 1] = 0;	422	user_auth[MAX_INPUT_BUFFER - 1] = 0;
422	break;	423	break;
423	case 'P': /* HTTP POST data in URL encoded format */	424	case 'P': /* HTTP POST data in URL encoded format */
424	http_method = strscpy (http_method, "POST");	425	asprintf (&http_method, "%s", "POST");
425	http_post_data = strscpy (http_post_data, optarg);	426	asprintf (&http_post_data, "%s", optarg);
426	break;	427	break;
427	case 's': /* string or substring */	428	case 's': /* string or substring */
428	strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1);	429	strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1);
@@ -464,27 +465,17 @@ process_arguments (int argc, char **argv)
464		465
465	c = optind;	466	c = optind;
466		467
467	if (server_address == NULL) {	468	if (strcmp (server_address, "") == 0 && c < argc)
468	if (c < argc) {	469	asprintf (&server_address, "%s", argv[c++]);
469	server_address = strscpy (NULL, argv[c++]);
470	}
471	else if (strcmp (host_name ,"") == 0) {
472	usage ("check_http: you must specify a server address\n");
473	}
474	}
475		470
476	if (strcmp (host_name ,"") == 0 && c < argc)	471	if (strcmp (host_name, "") == 0 && c < argc)
477	asprintf (&host_name, "%s", argv[c++]);	472	asprintf (&host_name, "%s", argv[c++]);
478		473
479	if (server_address == NULL)	474	if (strcmp (server_address ,"") == 0) {
480	server_address = strscpy (NULL, host_name);	475	if (strcmp (host_name, "") == 0)
481		476	usage ("check_http: you must specify a server address or host name\n");
482	if (http_method == NULL)	477	else
483	http_method = strscpy (http_method, "GET");	478	asprintf (&server_address, "%s", host_name);
484
485	if (server_url == NULL) {
486	server_url = strscpy (NULL, "/");
487	server_url_length = strlen(HTTP_URL);
488	}	479	}
489		480
490	return TRUE;	481	return TRUE;
@@ -600,7 +591,7 @@ check_http (void)
600	}	591	}
601		592
602	/* either send http POST data */	593	/* either send http POST data */
603	if (http_post_data) {	594	if (strlen (http_post_data)) {
604	asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");	595	asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
605	if (SSL_write (ssl, buf, strlen (buf)) == -1) {	596	if (SSL_write (ssl, buf, strlen (buf)) == -1) {
606	ERR_print_errors_fp (stderr);	597	ERR_print_errors_fp (stderr);
@@ -611,11 +602,15 @@ check_http (void)
611	ERR_print_errors_fp (stderr);	602	ERR_print_errors_fp (stderr);
612	return STATE_CRITICAL;	603	return STATE_CRITICAL;
613	}	604	}
614	http_post_data = strscat (http_post_data, "\r\n");
615	if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) {	605	if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) {
616	ERR_print_errors_fp (stderr);	606	ERR_print_errors_fp (stderr);
617	return STATE_CRITICAL;	607	return STATE_CRITICAL;
618	}	608	}
		609	asprintf (&buf, CRLF);
		610	if (SSL_write (ssl, buf, strlen (buf)) == -1) {
		611	ERR_print_errors_fp (stderr);
		612	return STATE_CRITICAL;
		613	}
619	}	614	}
620	else {	615	else {
621	/* or just a newline so the server knows we're done with the request */	616	/* or just a newline so the server knows we're done with the request */
@@ -655,13 +650,13 @@ check_http (void)
655		650
656	/* either send http POST data */	651	/* either send http POST data */
657	/* written by Chris Henesy <lurker@shadowtech.org> */	652	/* written by Chris Henesy <lurker@shadowtech.org> */
658	if (http_post_data) {	653	if (strlen (http_post_data)) {
659	asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");	654	asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
660	send (sd, buf, strlen (buf), 0);	655	send (sd, buf, strlen (buf), 0);
661	asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));	656	asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
662	send (sd, buf, strlen (buf), 0);	657	send (sd, buf, strlen (buf), 0);
663	http_post_data = strscat (http_post_data, "\r\n");
664	send (sd, http_post_data, strlen (http_post_data), 0);	658	send (sd, http_post_data, strlen (http_post_data), 0);
		659	send (sd, CRLF, strlen (CRLF), 0);
665	}	660	}
666	else {	661	else {
667	/* or just a newline so the server knows we're done with the request */	662	/* or just a newline so the server knows we're done with the request */
@@ -773,7 +768,7 @@ check_http (void)
773	strstr (status_line, "304")) {	768	strstr (status_line, "304")) {
774	if (onredirect == STATE_DEPENDENT) {	769	if (onredirect == STATE_DEPENDENT) {
775		770
776	orig_url = strscpy(NULL, server_url);	771	asprintf (&orig_url, "%s", server_url);
777	pos = header;	772	pos = header;
778	while (pos) {	773	while (pos) {
779	server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH);	774	server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH);
@@ -788,26 +783,26 @@ check_http (void)
788	server_url_length = strcspn (pos, "\r\n");	783	server_url_length = strcspn (pos, "\r\n");
789	}	784	}
790	if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {	785	if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {
791	host_name = strscpy (host_name, server_address);	786	asprintf (&host_name, "%s", server_address);
792	use_ssl = server_type_check (server_type);	787	use_ssl = server_type_check (server_type);
793	server_port = atoi (server_port_text);	788	server_port = atoi (server_port_text);
794	check_http ();	789	check_http ();
795	}	790	}
796	else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) {	791	else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) {
797	host_name = strscpy (host_name, server_address);	792	asprintf (&host_name, "%s", server_address);
798	use_ssl = server_type_check (server_type);	793	use_ssl = server_type_check (server_type);
799	server_port = server_port_check (use_ssl);	794	server_port = server_port_check (use_ssl);
800	check_http ();	795	check_http ();
801	}	796	}
802	else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) {	797	else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) {
803	host_name = strscpy (host_name, server_address);	798	asprintf (&host_name, "%s", server_address);
804	strcpy (server_url, "/");	799	strcpy (server_url, "/");
805	use_ssl = server_type_check (server_type);	800	use_ssl = server_type_check (server_type);
806	server_port = atoi (server_port_text);	801	server_port = atoi (server_port_text);
807	check_http ();	802	check_http ();
808	}	803	}
809	else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) {	804	else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) {
810	host_name = strscpy (host_name, server_address);	805	asprintf (&host_name, "%s", server_address);
811	strcpy (server_url, "/");	806	strcpy (server_url, "/");
812	use_ssl = server_type_check (server_type);	807	use_ssl = server_type_check (server_type);
813	server_port = server_port_check (use_ssl);	808	server_port = server_port_check (use_ssl);
@@ -912,7 +907,7 @@ int connect_SSL (void)
912	{	907	{
913	SSL_METHOD *meth;	908	SSL_METHOD *meth;
914		909
915	randbuff = strscpy (NULL, "qwertyuiopasdfghjkl");	910	asprintf (randbuff, "%s", "qwertyuiopasdfghjkl");
916	RAND_seed (randbuff, strlen (randbuff));	911	RAND_seed (randbuff, strlen (randbuff));
917	/* Initialize SSL context */	912	/* Initialize SSL context */
918	SSLeay_add_ssl_algorithms ();	913	SSLeay_add_ssl_algorithms ();