diff options
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/check_curl.d/check_curl_helpers.c | 32 | ||||
| -rw-r--r-- | plugins/check_curl.d/check_curl_helpers.h | 7 |
2 files changed, 25 insertions, 14 deletions
diff --git a/plugins/check_curl.d/check_curl_helpers.c b/plugins/check_curl.d/check_curl_helpers.c index 4edd0bbf..f58e6663 100644 --- a/plugins/check_curl.d/check_curl_helpers.c +++ b/plugins/check_curl.d/check_curl_helpers.c | |||
| @@ -236,7 +236,7 @@ check_curl_configure_curl(const check_curl_static_curl_config config, | |||
| 236 | /* host_name, only required for ssl, because we use the host_name later on to make SNI happy */ | 236 | /* host_name, only required for ssl, because we use the host_name later on to make SNI happy */ |
| 237 | char dnscache[DEFAULT_BUFFER_SIZE]; | 237 | char dnscache[DEFAULT_BUFFER_SIZE]; |
| 238 | char addrstr[DEFAULT_BUFFER_SIZE / 2]; | 238 | char addrstr[DEFAULT_BUFFER_SIZE / 2]; |
| 239 | if (working_state.use_ssl && working_state.host_name != NULL && !have_local_resolution) { | 239 | if (working_state.use_ssl && working_state.host_name != NULL && have_local_resolution) { |
| 240 | char *tmp_mod_address; | 240 | char *tmp_mod_address; |
| 241 | 241 | ||
| 242 | /* lookup_host() requires an IPv6 address without the brackets. */ | 242 | /* lookup_host() requires an IPv6 address without the brackets. */ |
| @@ -1418,17 +1418,18 @@ bool hostname_gets_resolved_locally(const check_curl_working_state working_state | |||
| 1418 | host_name_display = working_state.host_name; | 1418 | host_name_display = working_state.host_name; |
| 1419 | } | 1419 | } |
| 1420 | 1420 | ||
| 1421 | /* IPv4 or IPv6 version of the address */ | 1421 | /* IPv4 or IPv6 version of the address, this variable saves both */ |
| 1422 | char *server_address_clean = strdup(working_state.server_address); | 1422 | char *server_address_clean = strdup(working_state.server_address); |
| 1423 | /* server address might be a full length ipv6 address encapsulated in square brackets */ | 1423 | /* server address might be a full length ipv6 address encapsulated in square brackets */ |
| 1424 | if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) && | 1424 | if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) && |
| 1425 | (working_state.server_address[0] == '[') && | 1425 | (working_state.server_address[0] == '[') && |
| 1426 | (working_state.server_address[strlen(working_state.server_address) - 1] == ']')) { | 1426 | (working_state.server_address[strlen(working_state.server_address) - 1] == ']')) { |
| 1427 | free(server_address_clean); | ||
| 1427 | server_address_clean = | 1428 | server_address_clean = |
| 1428 | strndup(working_state.server_address + 1, strlen(working_state.server_address) - 2); | 1429 | strndup(working_state.server_address + 1, strlen(working_state.server_address) - 2); |
| 1429 | } | 1430 | } |
| 1430 | 1431 | ||
| 1431 | /* check curlopt_noproxy option first */ | 1432 | /* check curlopt_noproxy option before trying to understand this function */ |
| 1432 | /* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */ | 1433 | /* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */ |
| 1433 | 1434 | ||
| 1434 | /* curlopt_noproxy is specified as a comma separated list of | 1435 | /* curlopt_noproxy is specified as a comma separated list of |
| @@ -1448,9 +1449,10 @@ bool hostname_gets_resolved_locally(const check_curl_working_state working_state | |||
| 1448 | * effectively disables the proxy. */ | 1449 | * effectively disables the proxy. */ |
| 1449 | if (strlen(noproxy_item) == 1 && noproxy_item[0] == '*') { | 1450 | if (strlen(noproxy_item) == 1 && noproxy_item[0] == '*') { |
| 1450 | if (verbose >= 1) { | 1451 | if (verbose >= 1) { |
| 1451 | printf("* noproxy includes '*' which disables proxy for all host name incl. : " | 1452 | printf( |
| 1452 | "%s / server address incl. : %s\n", | 1453 | "* noproxy includes '*' which disables proxy for all host name including : " |
| 1453 | host_name_display, server_address_clean); | 1454 | "%s / server address including : %s\n", |
| 1455 | host_name_display, server_address_clean); | ||
| 1454 | } | 1456 | } |
| 1455 | free(curlopt_noproxy_copy); | 1457 | free(curlopt_noproxy_copy); |
| 1456 | free(server_address_clean); | 1458 | free(server_address_clean); |
| @@ -1507,17 +1509,19 @@ bool hostname_gets_resolved_locally(const check_curl_working_state working_state | |||
| 1507 | 1509 | ||
| 1508 | if (ip_addr_inside_cidr_ret.error == NO_ERROR) { | 1510 | if (ip_addr_inside_cidr_ret.error == NO_ERROR) { |
| 1509 | if (ip_addr_inside_cidr_ret.inside) { | 1511 | if (ip_addr_inside_cidr_ret.inside) { |
| 1512 | free(curlopt_noproxy_copy); | ||
| 1513 | free(server_address_clean); | ||
| 1510 | return true; | 1514 | return true; |
| 1511 | } else { | 1515 | } else { |
| 1512 | if (verbose >= 1) { | 1516 | if (verbose >= 1) { |
| 1513 | printf("server address: %s is not inside IP cidr: %s\n", | 1517 | printf("server address: %s is not inside IP CIDR: %s\n", |
| 1514 | server_address_clean, noproxy_item); | 1518 | server_address_clean, noproxy_item); |
| 1515 | } | 1519 | } |
| 1516 | } | 1520 | } |
| 1517 | } else { | 1521 | } else { |
| 1518 | if (verbose >= 1) { | 1522 | if (verbose >= 1) { |
| 1519 | printf("could not fully determine if server address: %s is inside the IP " | 1523 | printf("could not fully determine if server address: %s is inside the IP " |
| 1520 | "cidr: %s\n", | 1524 | "CIDR: %s\n", |
| 1521 | server_address_clean, noproxy_item); | 1525 | server_address_clean, noproxy_item); |
| 1522 | } | 1526 | } |
| 1523 | } | 1527 | } |
| @@ -1602,17 +1606,23 @@ bool hostname_gets_resolved_locally(const check_curl_working_state working_state | |||
| 1602 | // string identifies. We do not set this value Without a scheme, it is treated as an http | 1606 | // string identifies. We do not set this value Without a scheme, it is treated as an http |
| 1603 | // proxy | 1607 | // proxy |
| 1604 | 1608 | ||
| 1609 | if (verbose >= 1) { | ||
| 1610 | printf("* proxy scheme is unspecified, and therefore taken as http, proxy: %s resolves " | ||
| 1611 | "host: %s or server_address: %s\n", | ||
| 1612 | working_state.curlopt_proxy, host_name_display, server_address_clean); | ||
| 1613 | } | ||
| 1614 | |||
| 1605 | return false; | 1615 | return false; |
| 1606 | } | 1616 | } |
| 1607 | 1617 | ||
| 1608 | if (verbose >= 1) { | 1618 | if (verbose >= 1) { |
| 1609 | printf("* proxy scheme is unknown/unavailable, no proxy is assumed for host: %s or " | 1619 | printf("* proxy is unknown/unavailable, no proxy is assumed for host: %s or " |
| 1610 | "server_address: %s\n", | 1620 | "server_address: %s\n", |
| 1611 | host_name_display, server_address_clean); | 1621 | host_name_display, server_address_clean); |
| 1612 | } | 1622 | } |
| 1613 | 1623 | ||
| 1614 | free(server_address_clean); | 1624 | free(server_address_clean); |
| 1615 | return 0; | 1625 | return true; |
| 1616 | } | 1626 | } |
| 1617 | 1627 | ||
| 1618 | ip_addr_inside ip_addr_inside_cidr(const char *cidr_region_or_ip_addr, const char *target_ip) { | 1628 | ip_addr_inside ip_addr_inside_cidr(const char *cidr_region_or_ip_addr, const char *target_ip) { |
| @@ -1659,7 +1669,7 @@ ip_addr_inside ip_addr_inside_cidr(const char *cidr_region_or_ip_addr, const cha | |||
| 1659 | prefix_length = (int)tmp; | 1669 | prefix_length = (int)tmp; |
| 1660 | } else { | 1670 | } else { |
| 1661 | if (verbose >= 1) { | 1671 | if (verbose >= 1) { |
| 1662 | printf("cidr_region_or_ip: %s , has %d number of '/' characters, is not a valid " | 1672 | printf("cidr_region_or_ip: %s , has %u number of '/' characters, is not a valid " |
| 1663 | "cidr_region or IP\n", | 1673 | "cidr_region or IP\n", |
| 1664 | cidr_region_or_ip_addr, slash_count); | 1674 | cidr_region_or_ip_addr, slash_count); |
| 1665 | } | 1675 | } |
diff --git a/plugins/check_curl.d/check_curl_helpers.h b/plugins/check_curl.d/check_curl_helpers.h index 55df9bc1..2f9b0d1c 100644 --- a/plugins/check_curl.d/check_curl_helpers.h +++ b/plugins/check_curl.d/check_curl_helpers.h | |||
| @@ -127,9 +127,10 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_ | |||
| 127 | int crit_days_till_exp); | 127 | int crit_days_till_exp); |
| 128 | char *fmt_url(check_curl_working_state workingState); | 128 | char *fmt_url(check_curl_working_state workingState); |
| 129 | 129 | ||
| 130 | /* determine_hostname_resolver determines if the host or the proxy resolves the target hostname | 130 | /* hostname_gets_resolved_locally determines if the host or the proxy resolves the target hostname. |
| 131 | returns RESOLVE_LOCALLY if requester resolves the hostname locally, RESOLVE_REMOTELY if proxy | 131 | This depends on proxy schema, forced proxy and noproxy hostnames, wildcarded hostnames, IP addresses |
| 132 | resolves the hostname */ | 132 | and IP CIDRs. Returns true if the host resolves the hostname locally, and false if proxy resolves |
| 133 | the hostname */ | ||
| 133 | bool hostname_gets_resolved_locally(const check_curl_working_state working_state); | 134 | bool hostname_gets_resolved_locally(const check_curl_working_state working_state); |
| 134 | 135 | ||
| 135 | /* Checks if an IP is inside given CIDR region. Using /protocol_size or not specifying the prefix | 136 | /* Checks if an IP is inside given CIDR region. Using /protocol_size or not specifying the prefix |