summaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'plugins')
-rw-r--r--plugins/Makefile.am1
-rw-r--r--plugins/check_curl.c163
-rw-r--r--plugins/check_curl.d/check_curl_helpers.c459
-rw-r--r--plugins/check_curl.d/check_curl_helpers.h9
-rw-r--r--plugins/check_curl.d/config.h7
-rw-r--r--plugins/check_dbi.c4
-rw-r--r--plugins/check_disk.c10
-rw-r--r--plugins/check_http.c4
-rw-r--r--plugins/check_ide_smart.c259
-rw-r--r--plugins/check_ide_smart.d/config.h15
-rw-r--r--plugins/check_ldap.c12
-rw-r--r--plugins/check_mrtg.c8
-rw-r--r--plugins/check_mysql.c4
-rw-r--r--plugins/check_mysql_query.c4
-rw-r--r--plugins/check_ntp_peer.c20
-rw-r--r--plugins/check_ntp_time.c20
-rw-r--r--plugins/check_pgsql.c8
-rw-r--r--plugins/check_ping.c4
-rw-r--r--plugins/check_procs.c2
-rw-r--r--plugins/check_radius.c130
-rw-r--r--plugins/check_radius.d/config.h6
-rw-r--r--plugins/check_real.c318
-rw-r--r--plugins/check_real.d/config.h23
-rw-r--r--plugins/check_smtp.c20
-rw-r--r--plugins/check_snmp.d/check_snmp_helpers.c14
-rw-r--r--plugins/check_snmp.d/check_snmp_helpers.h4
-rw-r--r--plugins/check_ssh.c16
-rw-r--r--plugins/check_tcp.c16
-rw-r--r--plugins/check_time.c2
-rw-r--r--plugins/check_users.c4
-rw-r--r--plugins/netutils.c10
-rw-r--r--plugins/netutils.h4
-rw-r--r--plugins/t/check_curl.t115
-rw-r--r--plugins/t/check_disk.t15
-rwxr-xr-xplugins/tests/check_curl.t135
-rw-r--r--plugins/utils.c1
-rw-r--r--plugins/utils.h2
37 files changed, 1431 insertions, 417 deletions
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index fa159f4a..a35f273e 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -66,6 +66,7 @@ EXTRA_DIST = t \
66 check_hpjd.d \ 66 check_hpjd.d \
67 check_game.d \ 67 check_game.d \
68 check_radius.d \ 68 check_radius.d \
69 check_ide_smart.d \
69 check_curl.d \ 70 check_curl.d \
70 check_disk.d \ 71 check_disk.d \
71 check_time.d \ 72 check_time.d \
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index e7737c7c..f63cdea2 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -120,6 +120,14 @@ mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_
120#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */ 120#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */
121 121
122int main(int argc, char **argv) { 122int main(int argc, char **argv) {
123#ifdef __OpenBSD__
124 /* - rpath is required to read --extra-opts, CA and/or client certs
125 * - wpath is required to write --cookie-jar (possibly given up later)
126 * - inet is required for sockets
127 * - dns is required for name lookups */
128 pledge("stdio rpath wpath inet dns", NULL);
129#endif // __OpenBSD__
130
123 setlocale(LC_ALL, ""); 131 setlocale(LC_ALL, "");
124 bindtextdomain(PACKAGE, LOCALEDIR); 132 bindtextdomain(PACKAGE, LOCALEDIR);
125 textdomain(PACKAGE); 133 textdomain(PACKAGE);
@@ -135,6 +143,15 @@ int main(int argc, char **argv) {
135 143
136 const check_curl_config config = tmp_config.config; 144 const check_curl_config config = tmp_config.config;
137 145
146#ifdef __OpenBSD__
147 if (!config.curl_config.cookie_jar_file) {
148 if (verbose >= 2) {
149 printf(_("* No \"--cookie-jar\" is used, giving up \"wpath\" pledge(2)\n"));
150 }
151 pledge("stdio rpath inet dns", NULL);
152 }
153#endif // __OpenBSD__
154
138 if (config.output_format_is_set) { 155 if (config.output_format_is_set) {
139 mp_set_format(config.output_format); 156 mp_set_format(config.output_format);
140 } 157 }
@@ -222,10 +239,35 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
222 // ============== 239 // ==============
223 CURLcode res = curl_easy_perform(curl_state.curl); 240 CURLcode res = curl_easy_perform(curl_state.curl);
224 241
242 if (verbose > 1) {
243 printf("* curl_easy_perform returned: %s\n", curl_easy_strerror(res));
244 }
245
225 if (verbose >= 2 && workingState.http_post_data) { 246 if (verbose >= 2 && workingState.http_post_data) {
226 printf("**** REQUEST CONTENT ****\n%s\n", workingState.http_post_data); 247 printf("**** REQUEST CONTENT ****\n%s\n", workingState.http_post_data);
227 } 248 }
228 249
250 // curl_state is updated after curl_easy_perform, and with updated curl_state certificate checks can be done
251 // Check_http tries to check certs as early as possible, and exits with certificate check result by default. Behave similarly.
252#ifdef LIBCURL_FEATURE_SSL
253 if (workingState.use_ssl && config.check_cert) {
254 if (verbose > 1) {
255 printf("* adding a subcheck for the certificate\n");
256 }
257 mp_subcheck sc_certificate = check_curl_certificate_checks(
258 curl_state.curl, cert, config.days_till_exp_warn, config.days_till_exp_crit);
259
260 mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
261 if (!config.continue_after_check_cert) {
262 if (verbose > 1) {
263 printf("* returning after adding the subcheck for certificate, continuing after "
264 "checking the certificate is turned off\n");
265 }
266 return sc_result;
267 }
268 }
269#endif
270
229 mp_subcheck sc_curl = mp_subcheck_init(); 271 mp_subcheck sc_curl = mp_subcheck_init();
230 272
231 /* Curl errors, result in critical Nagios state */ 273 /* Curl errors, result in critical Nagios state */
@@ -266,18 +308,6 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
266 // Evaluation 308 // Evaluation
267 // ========== 309 // ==========
268 310
269#ifdef LIBCURL_FEATURE_SSL
270 if (workingState.use_ssl && config.check_cert) {
271 mp_subcheck sc_certificate = check_curl_certificate_checks(
272 curl_state.curl, cert, config.days_till_exp_warn, config.days_till_exp_crit);
273
274 mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
275 if (!config.continue_after_check_cert) {
276 return sc_result;
277 }
278 }
279#endif
280
281 /* we got the data and we executed the request in a given time, so we can append 311 /* we got the data and we executed the request in a given time, so we can append
282 * performance data to the answer always 312 * performance data to the answer always
283 */ 313 */
@@ -775,19 +805,23 @@ redir_wrapper redir(curlhelp_write_curlbuf *header_buf, const check_curl_config
775 /* missing components have null,null in their UriTextRangeA 805 /* missing components have null,null in their UriTextRangeA
776 * add query parameters if they exist. 806 * add query parameters if they exist.
777 */ 807 */
778 if (uri.query.first && uri.query.afterLast){ 808 if (uri.query.first && uri.query.afterLast) {
779 // Ensure we have space for '?' + query_str + '\0' ahead of time, instead of calling strncat twice 809 // Ensure we have space for '?' + query_str + '\0' ahead of time, instead of calling strncat
810 // twice
780 size_t current_len = strlen(new_url); 811 size_t current_len = strlen(new_url);
781 size_t remaining_space = DEFAULT_BUFFER_SIZE - current_len - 1; 812 size_t remaining_space = DEFAULT_BUFFER_SIZE - current_len - 1;
782 813
783 const char* query_str = uri_string(uri.query, buf, DEFAULT_BUFFER_SIZE); 814 const char *query_str = uri_string(uri.query, buf, DEFAULT_BUFFER_SIZE);
784 size_t query_str_len = strlen(query_str); 815 size_t query_str_len = strlen(query_str);
785 816
786 if (remaining_space >= query_str_len + 1) { 817 if (remaining_space >= query_str_len + 1) {
787 strcat(new_url, "?"); 818 strcat(new_url, "?");
788 strcat(new_url, query_str); 819 strcat(new_url, query_str);
789 }else{ 820 } else {
790 die(STATE_UNKNOWN, _("HTTP UNKNOWN - No space to add query part of size %d to the buffer, buffer has remaining size %d"), query_str_len , current_len ); 821 die(STATE_UNKNOWN,
822 _("HTTP UNKNOWN - No space to add query part of size %zu to the buffer, buffer has "
823 "remaining size %zu"),
824 query_str_len, current_len);
791 } 825 }
792 } 826 }
793 827
@@ -853,7 +887,8 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
853 COOKIE_JAR, 887 COOKIE_JAR,
854 HAPROXY_PROTOCOL, 888 HAPROXY_PROTOCOL,
855 STATE_REGEX, 889 STATE_REGEX,
856 OUTPUT_FORMAT 890 OUTPUT_FORMAT,
891 NO_PROXY,
857 }; 892 };
858 893
859 static struct option longopts[] = { 894 static struct option longopts[] = {
@@ -868,6 +903,8 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
868 {"url", required_argument, 0, 'u'}, 903 {"url", required_argument, 0, 'u'},
869 {"port", required_argument, 0, 'p'}, 904 {"port", required_argument, 0, 'p'},
870 {"authorization", required_argument, 0, 'a'}, 905 {"authorization", required_argument, 0, 'a'},
906 {"proxy", required_argument, 0, 'x'},
907 {"noproxy", required_argument, 0, NO_PROXY},
871 {"proxy-authorization", required_argument, 0, 'b'}, 908 {"proxy-authorization", required_argument, 0, 'b'},
872 {"header-string", required_argument, 0, 'd'}, 909 {"header-string", required_argument, 0, 'd'},
873 {"string", required_argument, 0, 's'}, 910 {"string", required_argument, 0, 's'},
@@ -940,7 +977,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
940 977
941 while (true) { 978 while (true) {
942 int option_index = getopt_long( 979 int option_index = getopt_long(
943 argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:DnlLS::m:M:NEB", 980 argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:x:b:d:e:p:s:R:r:u:f:C:J:K:DnlLS::m:M:NEB",
944 longopts, &option); 981 longopts, &option);
945 if (option_index == -1 || option_index == EOF || option_index == 1) { 982 if (option_index == -1 || option_index == EOF || option_index == 1) {
946 break; 983 break;
@@ -969,7 +1006,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
969 case 'c': /* critical time threshold */ 1006 case 'c': /* critical time threshold */
970 { 1007 {
971 mp_range_parsed critical_range = mp_parse_range_string(optarg); 1008 mp_range_parsed critical_range = mp_parse_range_string(optarg);
972 if (critical_range.error != MP_PARSING_SUCCES) { 1009 if (critical_range.error != MP_PARSING_SUCCESS) {
973 die(STATE_UNKNOWN, "failed to parse critical threshold: %s", optarg); 1010 die(STATE_UNKNOWN, "failed to parse critical threshold: %s", optarg);
974 } 1011 }
975 result.config.thlds = mp_thresholds_set_crit(result.config.thlds, critical_range.range); 1012 result.config.thlds = mp_thresholds_set_crit(result.config.thlds, critical_range.range);
@@ -978,7 +1015,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
978 { 1015 {
979 mp_range_parsed warning_range = mp_parse_range_string(optarg); 1016 mp_range_parsed warning_range = mp_parse_range_string(optarg);
980 1017
981 if (warning_range.error != MP_PARSING_SUCCES) { 1018 if (warning_range.error != MP_PARSING_SUCCESS) {
982 die(STATE_UNKNOWN, "failed to parse warning threshold: %s", optarg); 1019 die(STATE_UNKNOWN, "failed to parse warning threshold: %s", optarg);
983 } 1020 }
984 result.config.thlds = mp_thresholds_set_warn(result.config.thlds, warning_range.range); 1021 result.config.thlds = mp_thresholds_set_warn(result.config.thlds, warning_range.range);
@@ -1028,6 +1065,10 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
1028 strncpy(result.config.curl_config.user_auth, optarg, MAX_INPUT_BUFFER - 1); 1065 strncpy(result.config.curl_config.user_auth, optarg, MAX_INPUT_BUFFER - 1);
1029 result.config.curl_config.user_auth[MAX_INPUT_BUFFER - 1] = 0; 1066 result.config.curl_config.user_auth[MAX_INPUT_BUFFER - 1] = 0;
1030 break; 1067 break;
1068 case 'x': /* proxy info */
1069 strncpy(result.config.curl_config.proxy, optarg, DEFAULT_BUFFER_SIZE - 1);
1070 result.config.curl_config.proxy[DEFAULT_BUFFER_SIZE - 1] = 0;
1071 break;
1031 case 'b': /* proxy-authorization info */ 1072 case 'b': /* proxy-authorization info */
1032 strncpy(result.config.curl_config.proxy_auth, optarg, MAX_INPUT_BUFFER - 1); 1073 strncpy(result.config.curl_config.proxy_auth, optarg, MAX_INPUT_BUFFER - 1);
1033 result.config.curl_config.proxy_auth[MAX_INPUT_BUFFER - 1] = 0; 1074 result.config.curl_config.proxy_auth[MAX_INPUT_BUFFER - 1] = 0;
@@ -1244,7 +1285,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
1244 result.config.curl_config.sin_family = AF_INET; 1285 result.config.curl_config.sin_family = AF_INET;
1245 break; 1286 break;
1246 case '6': 1287 case '6':
1247#if defined(USE_IPV6) && defined(LIBCURL_FEATURE_IPV6) 1288#if defined(LIBCURL_FEATURE_IPV6)
1248 result.config.curl_config.sin_family = AF_INET6; 1289 result.config.curl_config.sin_family = AF_INET6;
1249#else 1290#else
1250 usage4(_("IPv6 support not available")); 1291 usage4(_("IPv6 support not available"));
@@ -1254,7 +1295,7 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
1254 { 1295 {
1255 mp_range_parsed foo = mp_parse_range_string(optarg); 1296 mp_range_parsed foo = mp_parse_range_string(optarg);
1256 1297
1257 if (foo.error != MP_PARSING_SUCCES) { 1298 if (foo.error != MP_PARSING_SUCCESS) {
1258 die(STATE_CRITICAL, "failed to parse page size limits: %s", optarg); 1299 die(STATE_CRITICAL, "failed to parse page size limits: %s", optarg);
1259 } 1300 }
1260 1301
@@ -1323,6 +1364,10 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
1323 case HAPROXY_PROTOCOL: 1364 case HAPROXY_PROTOCOL:
1324 result.config.curl_config.haproxy_protocol = true; 1365 result.config.curl_config.haproxy_protocol = true;
1325 break; 1366 break;
1367 case NO_PROXY:
1368 strncpy(result.config.curl_config.no_proxy, optarg, DEFAULT_BUFFER_SIZE - 1);
1369 result.config.curl_config.no_proxy[DEFAULT_BUFFER_SIZE - 1] = 0;
1370 break;
1326 case '?': 1371 case '?':
1327 /* print short usage statement if args not parsable */ 1372 /* print short usage statement if args not parsable */
1328 usage5(); 1373 usage5();
@@ -1350,35 +1395,35 @@ check_curl_config_wrapper process_arguments(int argc, char **argv) {
1350 * parameters, like -S and -C combinations */ 1395 * parameters, like -S and -C combinations */
1351 result.config.curl_config.ssl_version = CURL_SSLVERSION_DEFAULT; 1396 result.config.curl_config.ssl_version = CURL_SSLVERSION_DEFAULT;
1352 if (tls_option_optarg != NULL) { 1397 if (tls_option_optarg != NULL) {
1353 char *plus_ptr = strchr(optarg, '+'); 1398 char *plus_ptr = strchr(tls_option_optarg, '+');
1354 if (plus_ptr) { 1399 if (plus_ptr) {
1355 got_plus = true; 1400 got_plus = true;
1356 *plus_ptr = '\0'; 1401 *plus_ptr = '\0';
1357 } 1402 }
1358 1403
1359 if (optarg[0] == '2') { 1404 if (tls_option_optarg[0] == '2') {
1360 result.config.curl_config.ssl_version = CURL_SSLVERSION_SSLv2; 1405 result.config.curl_config.ssl_version = CURL_SSLVERSION_SSLv2;
1361 } else if (optarg[0] == '3') { 1406 } else if (tls_option_optarg[0] == '3') {
1362 result.config.curl_config.ssl_version = CURL_SSLVERSION_SSLv3; 1407 result.config.curl_config.ssl_version = CURL_SSLVERSION_SSLv3;
1363 } else if (!strcmp(optarg, "1") || !strcmp(optarg, "1.0")) { 1408 } else if (!strcmp(tls_option_optarg, "1") || !strcmp(tls_option_optarg, "1.0")) {
1364#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) 1409#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0)
1365 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_0; 1410 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_0;
1366#else 1411#else
1367 result.config.ssl_version = CURL_SSLVERSION_DEFAULT; 1412 result.config.ssl_version = CURL_SSLVERSION_DEFAULT;
1368#endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */ 1413#endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */
1369 } else if (!strcmp(optarg, "1.1")) { 1414 } else if (!strcmp(tls_option_optarg, "1.1")) {
1370#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) 1415#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0)
1371 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_1; 1416 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_1;
1372#else 1417#else
1373 result.config.ssl_version = CURL_SSLVERSION_DEFAULT; 1418 result.config.ssl_version = CURL_SSLVERSION_DEFAULT;
1374#endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */ 1419#endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */
1375 } else if (!strcmp(optarg, "1.2")) { 1420 } else if (!strcmp(tls_option_optarg, "1.2")) {
1376#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) 1421#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0)
1377 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_2; 1422 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_2;
1378#else 1423#else
1379 result.config.ssl_version = CURL_SSLVERSION_DEFAULT; 1424 result.config.ssl_version = CURL_SSLVERSION_DEFAULT;
1380#endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */ 1425#endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 34, 0) */
1381 } else if (!strcmp(optarg, "1.3")) { 1426 } else if (!strcmp(tls_option_optarg, "1.3")) {
1382#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 52, 0) 1427#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 52, 0)
1383 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_3; 1428 result.config.curl_config.ssl_version = CURL_SSLVERSION_TLSv1_3;
1384#else 1429#else
@@ -1592,6 +1637,18 @@ void print_help(void) {
1592 printf(" %s\n", "--state-regex=STATE"); 1637 printf(" %s\n", "--state-regex=STATE");
1593 printf(" %s\n", _("Return STATE if regex is found, OK if not. STATE can be one of " 1638 printf(" %s\n", _("Return STATE if regex is found, OK if not. STATE can be one of "
1594 "\"critical\",\"warning\"")); 1639 "\"critical\",\"warning\""));
1640 printf(" %s\n", "-x, --proxy=PROXY_SERVER");
1641 printf(" %s\n", _("Specify the proxy in form of <scheme>://<host(name)>:<port>"));
1642 printf(" %s\n", _("Available schemes are http, https, socks4, socks4a, socks5, socks5h"));
1643 printf(" %s\n", _("If port is not specified, libcurl defaults to 1080"));
1644 printf(" %s\n", _("This value will be set as CURLOPT_PROXY"));
1645 printf(" %s\n", "--noproxy=COMMA_SEPARATED_LIST");
1646 printf(" %s\n", _("Specify hostnames, addresses and subnets where proxy should not be used"));
1647 printf(" %s\n", _("Example usage: \"example.com,::1,1.1.1.1,localhost,192.168.0.0/16\""));
1648 printf(" %s\n", _("Do not use brackets when specifying IPv6 addresses"));
1649 printf(" %s\n", _("Special case when an item is '*' : matches all hosts/addresses "
1650 "and effectively disables proxy."));
1651 printf(" %s\n", _("This value will be set as CURLOPT_NOPROXY"));
1595 printf(" %s\n", "-a, --authorization=AUTH_PAIR"); 1652 printf(" %s\n", "-a, --authorization=AUTH_PAIR");
1596 printf(" %s\n", _("Username:password on sites with basic authentication")); 1653 printf(" %s\n", _("Username:password on sites with basic authentication"));
1597 printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); 1654 printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR");
@@ -1700,10 +1757,39 @@ void print_help(void) {
1700#endif 1757#endif
1701 1758
1702 printf("\n %s\n", "CHECK WEBSERVER CONTENT VIA PROXY:"); 1759 printf("\n %s\n", "CHECK WEBSERVER CONTENT VIA PROXY:");
1703 printf(" %s\n", _("It is recommended to use an environment proxy like:")); 1760 printf(" %s\n", _("Proxies are specified or disabled for certain hosts/addresses using environment variables"
1704 printf(" %s\n", 1761 " or -x/--proxy and --noproxy arguments:"));
1705 _("http_proxy=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org")); 1762 printf(" %s\n", _("Checked environment variables: all_proxy, http_proxy, https_proxy, no_proxy"));
1706 printf(" %s\n", _("legacy proxy requests in check_http style still work:")); 1763 printf(" %s\n", _("Environment variables can also be given in uppercase, but the lowercase ones will "
1764 "take predence if both are defined."));
1765 printf(" %s\n", _("The environment variables are overwritten by -x/--proxy and --noproxy arguments:"));
1766 printf(" %s\n", _("all_proxy/ALL_PROXY environment variables are read first, but protocol "
1767 "specific environment variables override them."));
1768 printf(" %s\n", _("If SSL is enabled and used, https_proxy/HTTPS_PROXY will be checked and overwrite "
1769 "http_proxy/HTTPS_PROXY."));
1770 printf(" %s\n", _("Curl accepts proxies using http, https, socks4, socks4a, socks5 and socks5h schemes."));
1771 printf(" %s\n", _("http_proxy=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org"));
1772 printf(" %s\n", _("http_proxy=http://used.proxy.com HTTP_PROXY=http://ignored.proxy.com ./check_curl -H www.monitoring-plugins.org"));
1773 printf(" %s\n", _(" Lowercase http_proxy takes predence over uppercase HTTP_PROXY"));
1774 printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x http://192.168.100.35:3128"));
1775 printf(" %s\n", _("http_proxy=http://unused.proxy1.com HTTP_PROXY=http://unused.proxy2.com ./check_curl "
1776 "-H www.monitoring-plugins.org --proxy http://used.proxy"));
1777 printf(" %s\n", _(" Proxy specified by --proxy overrides any proxy specified by environment variable."));
1778 printf(" %s\n", _(" Curl uses port 1080 by default as port is not specified"));
1779 printf(" %s\n", _("HTTPS_PROXY=http://192.168.100.35:3128 ./check_curl -H www.monitoring-plugins.org --ssl"));
1780 printf(" %s\n", _(" HTTPS_PROXY is read as --ssl is toggled"));
1781 printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org --proxy socks5h://192.168.122.21"));
1782 printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x http://unused.proxy.com --noproxy '*'"));
1783 printf(" %s\n", _(" Disabled proxy for all hosts by using '*' in no_proxy ."));
1784 printf(" %s\n", _("NO_PROXY=www.monitoring-plugins.org ./check_curl -H www.monitoring-plugins.org -x http://unused.proxy.com"));
1785 printf(" %s\n", _(" Exact matches with the hostname/address work."));
1786 printf(" %s\n", _("no_proxy=192.168.178.0/24 ./check_curl -I 192.168.178.10 -x http://proxy.acme.org"));
1787 printf(" %s\n", _("no_proxy=acme.org ./check_curl -H nonpublic.internalwebapp.acme.org -x http://proxy.acme.org"));
1788 printf(" %s\n", _(" Do not use proxy when accessing internal domains/addresses, but use a default proxy when accessing public web."));
1789 printf(" %s\n", _(" IMPORTANT: Check_curl can not always determine whether itself or the proxy will "
1790 "resolve a hostname before sending a request and getting an answer."
1791 "This can lead to DNS resolvation issues if hostname is only resolvable over proxy."));
1792 printf(" %s\n", _("Legacy proxy requests in check_http style still work:"));
1707 printf(" %s\n", _("check_curl -I 192.168.100.35 -p 3128 -u http://www.monitoring-plugins.org/ " 1793 printf(" %s\n", _("check_curl -I 192.168.100.35 -p 3128 -u http://www.monitoring-plugins.org/ "
1708 "-H www.monitoring-plugins.org")); 1794 "-H www.monitoring-plugins.org"));
1709 1795
@@ -1712,7 +1798,8 @@ void print_help(void) {
1712 printf(" %s\n", _("It is recommended to use an environment proxy like:")); 1798 printf(" %s\n", _("It is recommended to use an environment proxy like:"));
1713 printf(" %s\n", 1799 printf(" %s\n",
1714 _("https_proxy=http://192.168.100.35:3128 ./check_curl -H www.verisign.com -S")); 1800 _("https_proxy=http://192.168.100.35:3128 ./check_curl -H www.verisign.com -S"));
1715 printf(" %s\n", _("legacy proxy requests in check_http style might still work, but are frowned upon, so DONT:")); 1801 printf(" %s\n", _("legacy proxy requests in check_http style might still work, but are frowned "
1802 "upon, so DONT:"));
1716 printf(" %s\n", _("check_curl -I 192.168.100.35 -p 3128 -u https://www.verisign.com/ -S -j " 1803 printf(" %s\n", _("check_curl -I 192.168.100.35 -p 3128 -u https://www.verisign.com/ -S -j "
1717 "CONNECT -H www.verisign.com ")); 1804 "CONNECT -H www.verisign.com "));
1718 printf(" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> " 1805 printf(" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> "
@@ -1733,13 +1820,15 @@ void print_usage(void) {
1733 printf(" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n", progname); 1820 printf(" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n", progname);
1734 printf(" [-J <client certificate file>] [-K <private key>] [--ca-cert <CA certificate " 1821 printf(" [-J <client certificate file>] [-K <private key>] [--ca-cert <CA certificate "
1735 "file>] [-D]\n"); 1822 "file>] [-D]\n");
1736 printf(" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-a auth]\n"); 1823 printf(" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-x <proxy>]\n");
1737 printf(" [-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport|curl>]\n"); 1824 printf(" [-a auth] [-b proxy_auth] [-f "
1825 "<ok|warning|critical|follow|sticky|stickyport|curl>]\n");
1738 printf(" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive " 1826 printf(" [-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-insensitive "
1739 "regex>]\n"); 1827 "regex>]\n");
1740 printf(" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n"); 1828 printf(" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n");
1741 printf(" [-A string] [-k string] [-S <version>] [--sni] [--haproxy-protocol]\n"); 1829 printf(" [-A string] [-k string] [-S <version>] [--sni] [--haproxy-protocol]\n");
1742 printf(" [-T <content-type>] [-j method]\n"); 1830 printf(" [-T <content-type>] [-j method]\n");
1831 printf(" [--noproxy=<comma separated list of hosts, IP addresses, IP CIDR subnets>\n");
1743 printf(" [--http-version=<version>] [--enable-automatic-decompression]\n"); 1832 printf(" [--http-version=<version>] [--enable-automatic-decompression]\n");
1744 printf(" [--cookie-jar=<cookie jar file>\n"); 1833 printf(" [--cookie-jar=<cookie jar file>\n");
1745 printf(" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n", progname); 1834 printf(" %s -H <vhost> | -I <IP-address> -C <warn_age>[,<crit_age>]\n", progname);
diff --git a/plugins/check_curl.d/check_curl_helpers.c b/plugins/check_curl.d/check_curl_helpers.c
index 7be781fc..4372dc0b 100644
--- a/plugins/check_curl.d/check_curl_helpers.c
+++ b/plugins/check_curl.d/check_curl_helpers.c
@@ -3,8 +3,11 @@
3#include <arpa/inet.h> 3#include <arpa/inet.h>
4#include <netinet/in.h> 4#include <netinet/in.h>
5#include <netdb.h> 5#include <netdb.h>
6#include <stdint.h>
7#include <stdio.h>
6#include <stdlib.h> 8#include <stdlib.h>
7#include <string.h> 9#include <string.h>
10#include <sys/socket.h>
8#include "../utils.h" 11#include "../utils.h"
9#include "check_curl.d/config.h" 12#include "check_curl.d/config.h"
10#include "output.h" 13#include "output.h"
@@ -116,6 +119,107 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
116 curl_easy_setopt(result.curl_state.curl, CURLOPT_TIMEOUT, config.socket_timeout), 119 curl_easy_setopt(result.curl_state.curl, CURLOPT_TIMEOUT, config.socket_timeout),
117 "CURLOPT_TIMEOUT"); 120 "CURLOPT_TIMEOUT");
118 121
122 /* set proxy */
123 /* http(s) proxy can either be given from the command line, or taken from environment variables */
124 /* socks4(a) / socks5(h) proxy should be given using the command line */
125
126 /* first source to check is the environment variables */
127 /* lower case proxy environment variables are almost always accepted, while some programs also checking
128 uppercase ones. discover both, but take the lowercase one if both are present */
129
130 /* extra information: libcurl does not discover the uppercase version HTTP_PROXY due to security reasons */
131 /* https://github.com/curl/curl/blob/d445f2d930ae701039518d695481ee53b8490521/lib/url.c#L1987 */
132
133 /* first environment variable to read is all_proxy. it can be overridden by protocol specific environment variables */
134 char *all_proxy_env, *all_proxy_uppercase_env;
135 all_proxy_env = getenv("all_proxy");
136 all_proxy_uppercase_env = getenv("ALL_PROXY");
137 if (all_proxy_env != NULL && strlen(all_proxy_env)){
138 working_state.curlopt_proxy = strdup(all_proxy_env);
139 if (all_proxy_uppercase_env != NULL && verbose >= 1) {
140 printf("* cURL ignoring environment variable 'ALL_PROXY' as 'all_proxy' is set\n");
141 }
142 } else if (all_proxy_uppercase_env != NULL && strlen(all_proxy_uppercase_env) > 0) {
143 working_state.curlopt_proxy = strdup(all_proxy_uppercase_env);
144 }
145
146 /* second environment variable to read is http_proxy. only set curlopt_proxy if ssl is not toggled */
147 char *http_proxy_env, *http_proxy_uppercase_env;
148 http_proxy_env = getenv("http_proxy");
149 http_proxy_uppercase_env = getenv("HTTP_PROXY");
150 if (!working_state.use_ssl){
151 if (http_proxy_env != NULL && strlen(http_proxy_env) > 0) {
152 working_state.curlopt_proxy = strdup(http_proxy_env);
153 if (http_proxy_uppercase_env != NULL && verbose >= 1) {
154 printf("* cURL ignoring environment variable 'HTTP_PROXY' as 'http_proxy' is set\n");
155 }
156 } else if (http_proxy_uppercase_env != NULL && strlen(http_proxy_uppercase_env) > 0) {
157 working_state.curlopt_proxy = strdup(http_proxy_uppercase_env);
158 }
159 }
160#ifdef LIBCURL_FEATURE_SSL
161 /* optionally read https_proxy environment variable and set curlopt_proxy if ssl is toggled */
162 char *https_proxy_env, *https_proxy_uppercase_env;
163 https_proxy_env = getenv("https_proxy");
164 https_proxy_uppercase_env = getenv("HTTPS_PROXY");
165 if (working_state.use_ssl) {
166 if (https_proxy_env != NULL && strlen(https_proxy_env) > 0) {
167 working_state.curlopt_proxy = strdup(https_proxy_env);
168 if (https_proxy_uppercase_env != NULL && verbose >= 1) {
169 printf("* cURL ignoring environment variable 'HTTPS_PROXY' as 'https_proxy' is set\n");
170 }
171 }
172 else if (https_proxy_uppercase_env != NULL && strlen(https_proxy_uppercase_env) >= 0) {
173 working_state.curlopt_proxy = strdup(https_proxy_uppercase_env);
174 }
175 }
176#endif /* LIBCURL_FEATURE_SSL */
177
178 /* second source to check for proxies is command line argument, overwriting the environment variables */
179 if (strlen(config.proxy) > 0) {
180 working_state.curlopt_proxy = strdup(config.proxy);
181 }
182
183 if (working_state.curlopt_proxy != NULL && strlen(working_state.curlopt_proxy)){
184 handle_curl_option_return_code(
185 curl_easy_setopt(result.curl_state.curl, CURLOPT_PROXY, working_state.curlopt_proxy), "CURLOPT_PROXY");
186 if (verbose >= 1) {
187 printf("* curl CURLOPT_PROXY: %s\n", working_state.curlopt_proxy);
188 }
189 }
190
191 /* set no_proxy */
192 /* first source to check is environment variables */
193 char *no_proxy_env, *no_proxy_uppercase_env;
194 no_proxy_env = getenv("no_proxy");
195 no_proxy_uppercase_env = getenv("NO_PROXY");
196 if (no_proxy_env != NULL && strlen(no_proxy_env)){
197 working_state.curlopt_noproxy = strdup(no_proxy_env);
198 if (no_proxy_uppercase_env != NULL && verbose >= 1){
199 printf("* cURL ignoring environment variable 'NO_PROXY' as 'no_proxy' is set\n");
200 }
201 }else if (no_proxy_uppercase_env != NULL && strlen(no_proxy_uppercase_env) > 0){
202 working_state.curlopt_noproxy = strdup(no_proxy_uppercase_env);
203 }
204
205 /* second source to check for no_proxy is command line argument, overwriting the environment variables */
206 if (strlen(config.no_proxy) > 0) {
207 working_state.curlopt_noproxy = strdup(config.no_proxy);
208 }
209
210 if ( working_state.curlopt_noproxy != NULL && strlen(working_state.curlopt_noproxy)){
211 handle_curl_option_return_code(
212 curl_easy_setopt(result.curl_state.curl, CURLOPT_NOPROXY, working_state.curlopt_noproxy), "CURLOPT_NOPROXY");
213 if (verbose >= 1) {
214 printf("* curl CURLOPT_NOPROXY: %s\n", working_state.curlopt_noproxy);
215 }
216 }
217
218 int proxy_resolves_hostname = determine_hostname_resolver(working_state, config);
219 if (verbose >= 1) {
220 printf("* proxy_resolves_hostname: %d\n", proxy_resolves_hostname);
221 }
222
119 /* enable haproxy protocol */ 223 /* enable haproxy protocol */
120 if (config.haproxy_protocol) { 224 if (config.haproxy_protocol) {
121 handle_curl_option_return_code( 225 handle_curl_option_return_code(
@@ -123,11 +227,11 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
123 "CURLOPT_HAPROXYPROTOCOL"); 227 "CURLOPT_HAPROXYPROTOCOL");
124 } 228 }
125 229
126 // fill dns resolve cache to make curl connect to the given server_address instead of the 230 /* fill dns resolve cache to make curl connect to the given server_address instead of the */
127 // host_name, only required for ssl, because we use the host_name later on to make SNI happy 231 /* host_name, only required for ssl, because we use the host_name later on to make SNI happy */
128 char dnscache[DEFAULT_BUFFER_SIZE]; 232 char dnscache[DEFAULT_BUFFER_SIZE];
129 char addrstr[DEFAULT_BUFFER_SIZE / 2]; 233 char addrstr[DEFAULT_BUFFER_SIZE / 2];
130 if (working_state.use_ssl && working_state.host_name != NULL) { 234 if (working_state.use_ssl && working_state.host_name != NULL && !proxy_resolves_hostname ) {
131 char *tmp_mod_address; 235 char *tmp_mod_address;
132 236
133 /* lookup_host() requires an IPv6 address without the brackets. */ 237 /* lookup_host() requires an IPv6 address without the brackets. */
@@ -488,7 +592,7 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
488 curl_easy_setopt(result.curl_state.curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4), 592 curl_easy_setopt(result.curl_state.curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4),
489 "CURLOPT_IPRESOLVE(CURL_IPRESOLVE_V4)"); 593 "CURLOPT_IPRESOLVE(CURL_IPRESOLVE_V4)");
490 } 594 }
491#if defined(USE_IPV6) && defined(LIBCURL_FEATURE_IPV6) 595#if defined(LIBCURL_FEATURE_IPV6)
492 else if (config.sin_family == AF_INET6) { 596 else if (config.sin_family == AF_INET6) {
493 handle_curl_option_return_code( 597 handle_curl_option_return_code(
494 curl_easy_setopt(result.curl_state.curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V6), 598 curl_easy_setopt(result.curl_state.curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V6),
@@ -562,7 +666,7 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
562 666
563void handle_curl_option_return_code(CURLcode res, const char *option) { 667void handle_curl_option_return_code(CURLcode res, const char *option) {
564 if (res != CURLE_OK) { 668 if (res != CURLE_OK) {
565 die(STATE_CRITICAL, _("Error while setting cURL option '%s': cURL returned %d - %s"), 669 die(STATE_CRITICAL, _("Error while setting cURL option '%s': cURL returned %d - %s\n"),
566 option, res, curl_easy_strerror(res)); 670 option, res, curl_easy_strerror(res));
567 } 671 }
568} 672}
@@ -589,6 +693,8 @@ check_curl_working_state check_curl_working_state_init() {
589 .serverPort = HTTP_PORT, 693 .serverPort = HTTP_PORT,
590 .use_ssl = false, 694 .use_ssl = false,
591 .no_body = false, 695 .no_body = false,
696 .curlopt_proxy = NULL,
697 .curlopt_noproxy = NULL,
592 }; 698 };
593 return result; 699 return result;
594} 700}
@@ -612,6 +718,8 @@ check_curl_config check_curl_config_init() {
612 .ca_cert = NULL, 718 .ca_cert = NULL,
613 .verify_peer_and_host = false, 719 .verify_peer_and_host = false,
614 .user_agent = {'\0'}, 720 .user_agent = {'\0'},
721 .proxy = "",
722 .no_proxy = "",
615 .proxy_auth = "", 723 .proxy_auth = "",
616 .user_auth = "", 724 .user_auth = "",
617 .http_content_type = NULL, 725 .http_content_type = NULL,
@@ -1214,7 +1322,7 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_
1214 1322
1215 cert_ptr_union cert_ptr = {0}; 1323 cert_ptr_union cert_ptr = {0};
1216 cert_ptr.to_info = NULL; 1324 cert_ptr.to_info = NULL;
1217 CURLcode res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &cert_ptr.to_info); 1325 CURLcode res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &cert_ptr.to_certinfo);
1218 if (!res && cert_ptr.to_info) { 1326 if (!res && cert_ptr.to_info) {
1219# ifdef USE_OPENSSL 1327# ifdef USE_OPENSSL
1220 /* We have no OpenSSL in libcurl, but we can use OpenSSL for X509 cert 1328 /* We have no OpenSSL in libcurl, but we can use OpenSSL for X509 cert
@@ -1295,3 +1403,342 @@ char *fmt_url(check_curl_working_state workingState) {
1295 1403
1296 return url; 1404 return url;
1297} 1405}
1406
1407int determine_hostname_resolver(const check_curl_working_state working_state, const check_curl_static_curl_config config){
1408 char *host_name_display = "NULL";
1409 unsigned long host_name_len = 0;
1410 if( working_state.host_name){
1411 host_name_len = strlen(working_state.host_name);
1412 host_name_display = working_state.host_name;
1413 }
1414
1415 /* IPv4 or IPv6 version of the address */
1416 char *server_address_clean = strdup(working_state.server_address);
1417 /* server address might be a full length ipv6 address encapsulated in square brackets */
1418 if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) && (working_state.server_address[0] == '[') && (working_state.server_address[strlen(working_state.server_address)-1] == ']') ) {
1419 server_address_clean = strndup( working_state.server_address + 1, strlen(working_state.server_address) - 2);
1420 }
1421
1422 /* check curlopt_noproxy option first */
1423 /* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */
1424
1425 /* curlopt_noproxy is specified as a comma separated list of
1426 direct IPv4 or IPv6 addresses e.g 130.133.8.40, 2001:4860:4802:32::a ,
1427 IPv4 or IPv6 CIDR regions e.g 10.241.0.0/16 , abcd:ef01:2345::/48 ,
1428 direct hostnames e.g example.com, google.de */
1429
1430 if (working_state.curlopt_noproxy != NULL){
1431 char* curlopt_noproxy_copy = strdup( working_state.curlopt_noproxy);
1432 char* noproxy_item = strtok(curlopt_noproxy_copy, ",");
1433 while(noproxy_item != NULL){
1434 unsigned long noproxy_item_len = strlen(noproxy_item);
1435
1436 /* According to the CURLOPT_NOPROXY documentation: */
1437 /* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */
1438 /* The only wildcard available is a single * character, which matches all hosts, and effectively disables the proxy. */
1439 if ( strlen(noproxy_item) == 1 && noproxy_item[0] == '*'){
1440 if (verbose >= 1){
1441 printf("* noproxy includes '*' which disables proxy for all host name incl. : %s / server address incl. : %s\n", host_name_display , server_address_clean);
1442 }
1443 free(curlopt_noproxy_copy);
1444 free(server_address_clean);
1445 return 0;
1446 }
1447
1448 /* direct comparison with the server_address */
1449 if( server_address_clean != NULL && strlen(server_address_clean) == strlen(noproxy_item) && strcmp(server_address_clean, noproxy_item) == 0){
1450 if (verbose >= 1){
1451 printf("* server_address is in the no_proxy list: %s\n", noproxy_item);
1452 }
1453 free(curlopt_noproxy_copy);
1454 free(server_address_clean);
1455 return 0;
1456 }
1457
1458 /* direct comparison with the host_name */
1459 if( working_state.host_name != NULL && host_name_len == noproxy_item_len && strcmp(working_state.host_name, noproxy_item) == 0){
1460 if (verbose >= 1){
1461 printf("* host_name is in the no_proxy list: %s\n", noproxy_item);
1462 }
1463 free(curlopt_noproxy_copy);
1464 free(server_address_clean);
1465 return 0;
1466 }
1467
1468 /* check if hostname is a subdomain of the item, e.g www.example.com when token is example.com */
1469 /* subdomain1.acme.com will not will use a proxy if you only specify 'acme' in the noproxy */
1470 /* check if noproxy_item is a suffix */
1471 /* check if the character just before the suffix is '.' */
1472 if( working_state.host_name != NULL && host_name_len > noproxy_item_len){
1473 unsigned long suffix_start_idx = host_name_len - noproxy_item_len;
1474 if (strcmp(working_state.host_name + suffix_start_idx, noproxy_item ) == 0 && working_state.host_name[suffix_start_idx-1] == '.' ){
1475 if (verbose >= 1){
1476 printf("* host_name: %s is a subdomain of the no_proxy list item: %s\n", working_state.host_name , noproxy_item);
1477 }
1478 free(curlopt_noproxy_copy);
1479 free(server_address_clean);
1480 return 0;
1481 }
1482 }
1483
1484 // noproxy_item could be a CIDR IP range
1485 if( server_address_clean != NULL && strlen(server_address_clean)){
1486
1487 int ip_addr_inside_cidr_ret = ip_addr_inside_cidr(noproxy_item, server_address_clean);
1488
1489 switch(ip_addr_inside_cidr_ret){
1490 case 1:
1491 return 0;
1492 break;
1493 case 0:
1494 if(verbose >= 1){
1495 printf("server address: %s is not inside IP cidr: %s\n", server_address_clean, noproxy_item);
1496 }
1497 break;
1498 case -1:
1499 if(verbose >= 1){
1500 printf("could not fully determine if server address: %s is inside the IP cidr: %s\n", server_address_clean, noproxy_item);
1501 }
1502 break;
1503 }
1504 }
1505
1506 noproxy_item = strtok(NULL, ",");
1507 }
1508
1509 free(curlopt_noproxy_copy);
1510 }
1511
1512 if (working_state.curlopt_proxy != NULL){
1513 // Libcurl documentation
1514 // Setting the proxy string to "" (an empty string) explicitly disables the use of a proxy, even if there is an environment variable set for it.
1515 if ( strlen(working_state.curlopt_proxy) == 0){
1516 return 0;
1517 }
1518
1519 if ( strncmp( working_state.curlopt_proxy, "http://", 7) == 0){
1520 if (verbose >= 1){
1521 printf("* proxy scheme is http, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
1522 }
1523 free(server_address_clean);
1524 return 1;
1525 }
1526
1527 if ( strncmp( working_state.curlopt_proxy, "https://", 8) == 0){
1528 if (verbose >= 1){
1529 printf("* proxy scheme is https, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
1530 }
1531 free(server_address_clean);
1532 return 1;
1533 }
1534
1535 if ( strncmp( working_state.curlopt_proxy, "socks4://", 9) == 0){
1536 if (verbose >= 1){
1537 printf("* proxy scheme is socks, proxy: %s does not resolve host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
1538 }
1539 free(server_address_clean);
1540 return 0;
1541 }
1542
1543 if ( strncmp( working_state.curlopt_proxy, "socks4a://", 10) == 0){
1544 if (verbose >= 1){
1545 printf("* proxy scheme is socks4a, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
1546 }
1547 free(server_address_clean);
1548 return 1;
1549 }
1550
1551 if ( strncmp( working_state.curlopt_proxy, "socks5://", 9) == 0){
1552 if (verbose >= 1){
1553 printf("* proxy scheme is socks5, proxy: %s does not resolve host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
1554 }
1555 free(server_address_clean);
1556 return 0;
1557 }
1558
1559 if ( strncmp( working_state.curlopt_proxy, "socks5h://", 10) == 0){
1560 if (verbose >= 1){
1561 printf("* proxy scheme is socks5h, proxy: %s resolves host: %s or server_address: %s\n", working_state.curlopt_proxy, host_name_display, server_address_clean);
1562 }
1563 free(server_address_clean);
1564 return 1;
1565 }
1566
1567 // Libcurl documentation:
1568 // Without a scheme prefix, CURLOPT_PROXYTYPE can be used to specify which kind of proxy the string identifies.
1569 // We do not set this value
1570 // Without a scheme, it is treated as an http proxy
1571
1572 return 1;
1573 }
1574
1575 if (verbose >= 1){
1576 printf("* proxy scheme is unknown/unavailable, no proxy is assumed for host: %s or server_address: %s\n", host_name_display, server_address_clean);
1577 }
1578
1579 free(server_address_clean);
1580 return 0;
1581}
1582
1583int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_ip){
1584 unsigned int slash_count = 0;
1585 unsigned int last_slash_idx = 0;
1586 for(size_t i = 0; i < strlen(cidr_region_or_ip_addr); i++){
1587 if(cidr_region_or_ip_addr[i] == '/'){
1588 slash_count++;
1589 last_slash_idx = (unsigned int)i;
1590 }
1591 }
1592
1593 char *cidr_ip_part = NULL;
1594 int prefix_length = 0;
1595
1596 if (slash_count == 0) {
1597 cidr_ip_part = strdup(cidr_region_or_ip_addr);
1598 if (!cidr_ip_part) return -1;
1599 } else if (slash_count == 1) {
1600 cidr_ip_part = strndup(cidr_region_or_ip_addr, last_slash_idx);
1601 if (!cidr_ip_part) return -1;
1602
1603 errno = 0;
1604 long long tmp = strtoll(cidr_region_or_ip_addr + last_slash_idx + 1, NULL, 10);
1605 if (errno == ERANGE) {
1606 if (verbose >= 1) {
1607 printf("cidr_region_or_ip: %s , could not parse subnet length\n", cidr_region_or_ip_addr);
1608 }
1609 free(cidr_ip_part);
1610 return -1;
1611 }
1612 prefix_length = (int)tmp;
1613 } else {
1614 printf("cidr_region_or_ip: %s , has %d number of '/' characters, is not a valid cidr_region or IP\n", cidr_region_or_ip_addr, slash_count);
1615 return -1;
1616 }
1617
1618 int cidr_addr_family, target_addr_family;
1619 if (strchr(cidr_ip_part, ':')){
1620 cidr_addr_family = AF_INET6;
1621 } else {
1622 cidr_addr_family = AF_INET;
1623 }
1624
1625 if (strchr(target_ip, ':')){
1626 target_addr_family = AF_INET6;
1627 } else {
1628 target_addr_family = AF_INET;
1629 }
1630
1631 if (cidr_addr_family != target_addr_family){
1632 if (verbose >= 1){
1633 printf("cidr address: %s and target ip address: %s have different address families\n", cidr_ip_part, target_ip);
1634 }
1635 free(cidr_ip_part);
1636 return 0;
1637 }
1638
1639 // If no prefix is given, treat the cidr as a single address (full-length prefix)
1640 if (slash_count == 0) {
1641 prefix_length = (cidr_addr_family == AF_INET) ? 32 : 128;
1642 }
1643
1644 int max_bits = (cidr_addr_family == AF_INET) ? 32u : 128u;
1645 if (prefix_length < 0 || prefix_length > max_bits) {
1646 if (verbose >= 1) {
1647 printf("cidr_region_or_ip: %s has invalid prefix length: %u\n", cidr_region_or_ip_addr, prefix_length);
1648 }
1649 free(cidr_ip_part);
1650 return -1;
1651 }
1652
1653 if (verbose >= 1){
1654 printf("cidr_region_or_ip: %s , has prefix length: %u\n", cidr_region_or_ip_addr, prefix_length);
1655 }
1656
1657 int inet_pton_rc;
1658 uint8_t *cidr_bytes = NULL;
1659 uint8_t *target_bytes = NULL;
1660 uint8_t cidr_buf[16];
1661 uint8_t target_buf[16];
1662 size_t total_bytes = 0;
1663
1664 if (cidr_addr_family == AF_INET) {
1665 struct in_addr cidr_ipv4;
1666 struct in_addr target_ipv4;
1667 inet_pton_rc = inet_pton(AF_INET, cidr_ip_part, &cidr_ipv4);
1668 if (inet_pton_rc != 1) {
1669 if (verbose >= 1) {
1670 printf("ip string: %s contains characters not valid for its address family: IPv4\n", cidr_ip_part);
1671 }
1672 free(cidr_ip_part);
1673 return -1;
1674 }
1675 inet_pton_rc = inet_pton(AF_INET, target_ip, &target_ipv4);
1676 if (inet_pton_rc != 1) {
1677 if (verbose >= 1) {
1678 printf("ip string: %s contains characters not valid for its address family: IPv4\n", target_ip);
1679 }
1680 free(cidr_ip_part);
1681 return -1;
1682 }
1683 // copy the addresses in network byte order to a buffer for comparison
1684 memcpy(cidr_buf, &cidr_ipv4.s_addr, 4);
1685 memcpy(target_buf, &target_ipv4.s_addr, 4);
1686 cidr_bytes = cidr_buf;
1687 target_bytes = target_buf;
1688 total_bytes = 4;
1689 } else {
1690 struct in6_addr cidr_ipv6;
1691 struct in6_addr target_ipv6;
1692 inet_pton_rc = inet_pton(AF_INET6, cidr_ip_part, &cidr_ipv6);
1693 if (inet_pton_rc != 1) {
1694 if (verbose >= 1) {
1695 printf("ip string: %s contains characters not valid for its address family: IPv6\n", cidr_ip_part);
1696 }
1697 free(cidr_ip_part);
1698 return -1;
1699 }
1700 inet_pton_rc = inet_pton(AF_INET6, target_ip, &target_ipv6);
1701 if (inet_pton_rc != 1) {
1702 if (verbose >= 1) {
1703 printf("ip string: %s contains characters not valid for its address family: IPv6\n", target_ip);
1704 }
1705 free(cidr_ip_part);
1706 return -1;
1707 }
1708 memcpy(cidr_buf, &cidr_ipv6, 16);
1709 memcpy(target_buf, &target_ipv6, 16);
1710 cidr_bytes = cidr_buf;
1711 target_bytes = target_buf;
1712 total_bytes = 16;
1713 }
1714
1715 int prefix_bytes = prefix_length / 8;
1716 int prefix_bits = prefix_length % 8;
1717
1718 if (prefix_bytes > 0) {
1719 if (memcmp(cidr_bytes, target_bytes, (size_t)prefix_bytes) != 0) {
1720 if (verbose >= 1) {
1721 printf("the first %d bytes of the cidr_region_or_ip: %s and target_ip: %s are different\n", prefix_bytes, cidr_ip_part, target_ip);
1722 }
1723 free(cidr_ip_part);
1724 return 0;
1725 }
1726 }
1727
1728 if (prefix_bits != 0) {
1729 uint8_t cidr_oct = cidr_bytes[prefix_bytes];
1730 uint8_t target_oct = target_bytes[prefix_bytes];
1731 // the mask has first prefix_bits bits 1, the rest as 0
1732 uint8_t mask = (uint8_t)(0xFFu << (8 - prefix_bits));
1733 if ((cidr_oct & mask) != (target_oct & mask)) {
1734 if (verbose >= 1) {
1735 printf("looking at the last %d bits of the prefix, cidr_region_or_ip(%s) byte is: %u and target_ip byte(%s) is: %u, applying bitmask: %02X returns different results\n", prefix_bits, cidr_ip_part, (unsigned)cidr_oct, target_ip, (unsigned)target_oct, mask);
1736 }
1737 free(cidr_ip_part);
1738 return 0;
1739 }
1740 }
1741
1742 free(cidr_ip_part);
1743 return 1;
1744}
diff --git a/plugins/check_curl.d/check_curl_helpers.h b/plugins/check_curl.d/check_curl_helpers.h
index e77b763b..cc47bf9d 100644
--- a/plugins/check_curl.d/check_curl_helpers.h
+++ b/plugins/check_curl.d/check_curl_helpers.h
@@ -126,3 +126,12 @@ void test_file(char *path);
126mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_till_exp, 126mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_till_exp,
127 int crit_days_till_exp); 127 int crit_days_till_exp);
128char *fmt_url(check_curl_working_state workingState); 128char *fmt_url(check_curl_working_state workingState);
129
130
131/* function that will determine if the host or the proxy resolves the target hostname
132returns 0 if requester resolves the hostname locally, 1 if proxy resolves the hostname */
133int determine_hostname_resolver(const check_curl_working_state working_state, const check_curl_static_curl_config config);
134
135/* Checks if an IP is inside given CIDR region. Using /protocol_size or not specifying the prefix length performs an equality check. Supports both IPv4 and IPv6
136returns 1 if the target_ip address is inside the given cidr_region_or_ip_addr, 0 if its out. return codes < 0 mean an error has occurred. */
137int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char* target_ip);
diff --git a/plugins/check_curl.d/config.h b/plugins/check_curl.d/config.h
index 61067d46..bcdf3010 100644
--- a/plugins/check_curl.d/config.h
+++ b/plugins/check_curl.d/config.h
@@ -48,6 +48,11 @@ typedef struct {
48 48
49 bool use_ssl; 49 bool use_ssl;
50 bool no_body; 50 bool no_body;
51
52 /* curl CURLOPT_PROXY option will be set to this value if not NULL */
53 char *curlopt_proxy;
54 /* curl CURLOPT_NOPROXY option will be set to this value if not NULL */
55 char *curlopt_noproxy;
51} check_curl_working_state; 56} check_curl_working_state;
52 57
53check_curl_working_state check_curl_working_state_init(); 58check_curl_working_state check_curl_working_state_init();
@@ -65,6 +70,8 @@ typedef struct {
65 char *client_privkey; 70 char *client_privkey;
66 char *ca_cert; 71 char *ca_cert;
67 bool verify_peer_and_host; 72 bool verify_peer_and_host;
73 char proxy[DEFAULT_BUFFER_SIZE];
74 char no_proxy[DEFAULT_BUFFER_SIZE];
68 char user_agent[DEFAULT_BUFFER_SIZE]; 75 char user_agent[DEFAULT_BUFFER_SIZE];
69 char proxy_auth[MAX_INPUT_BUFFER]; 76 char proxy_auth[MAX_INPUT_BUFFER];
70 char user_auth[MAX_INPUT_BUFFER]; 77 char user_auth[MAX_INPUT_BUFFER];
diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c
index 81d92952..dd466d00 100644
--- a/plugins/check_dbi.c
+++ b/plugins/check_dbi.c
@@ -470,7 +470,7 @@ check_dbi_config_wrapper process_arguments(int argc, char **argv) {
470 470
471 case 'c': /* critical range */ { 471 case 'c': /* critical range */ {
472 mp_range_parsed tmp = mp_parse_range_string(optarg); 472 mp_range_parsed tmp = mp_parse_range_string(optarg);
473 if (tmp.error != MP_PARSING_SUCCES) { 473 if (tmp.error != MP_PARSING_SUCCESS) {
474 die(STATE_UNKNOWN, "failed to parse critical threshold"); 474 die(STATE_UNKNOWN, "failed to parse critical threshold");
475 } 475 }
476 result.config.thresholds = mp_thresholds_set_crit(result.config.thresholds, tmp.range); 476 result.config.thresholds = mp_thresholds_set_crit(result.config.thresholds, tmp.range);
@@ -478,7 +478,7 @@ check_dbi_config_wrapper process_arguments(int argc, char **argv) {
478 } break; 478 } break;
479 case 'w': /* warning range */ { 479 case 'w': /* warning range */ {
480 mp_range_parsed tmp = mp_parse_range_string(optarg); 480 mp_range_parsed tmp = mp_parse_range_string(optarg);
481 if (tmp.error != MP_PARSING_SUCCES) { 481 if (tmp.error != MP_PARSING_SUCCESS) {
482 die(STATE_UNKNOWN, "failed to parse warning threshold"); 482 die(STATE_UNKNOWN, "failed to parse warning threshold");
483 } 483 }
484 result.config.thresholds = mp_thresholds_set_warn(result.config.thresholds, tmp.range); 484 result.config.thresholds = mp_thresholds_set_warn(result.config.thresholds, tmp.range);
diff --git a/plugins/check_disk.c b/plugins/check_disk.c
index d42b5486..0d941f25 100644
--- a/plugins/check_disk.c
+++ b/plugins/check_disk.c
@@ -838,7 +838,7 @@ check_disk_config_wrapper process_arguments(int argc, char **argv) {
838 } 838 }
839 char *range = argv[index++]; 839 char *range = argv[index++];
840 mp_range_parsed tmp = mp_parse_range_string(range); 840 mp_range_parsed tmp = mp_parse_range_string(range);
841 if (tmp.error != MP_PARSING_SUCCES) { 841 if (tmp.error != MP_PARSING_SUCCESS) {
842 die(STATE_UNKNOWN, "failed to parse warning threshold"); 842 die(STATE_UNKNOWN, "failed to parse warning threshold");
843 } 843 }
844 844
@@ -859,7 +859,7 @@ check_disk_config_wrapper process_arguments(int argc, char **argv) {
859 } 859 }
860 char *range = argv[index++]; 860 char *range = argv[index++];
861 mp_range_parsed tmp = mp_parse_range_string(range); 861 mp_range_parsed tmp = mp_parse_range_string(range);
862 if (tmp.error != MP_PARSING_SUCCES) { 862 if (tmp.error != MP_PARSING_SUCCESS) {
863 die(STATE_UNKNOWN, "failed to parse warning threshold"); 863 die(STATE_UNKNOWN, "failed to parse warning threshold");
864 } 864 }
865 865
@@ -1262,6 +1262,10 @@ mp_subcheck evaluate_filesystem(measurement_unit measurement_unit, bool display_
1262 double free_inode_percentage = 1262 double free_inode_percentage =
1263 calculate_percent(measurement_unit.inodes_free, measurement_unit.inodes_total); 1263 calculate_percent(measurement_unit.inodes_free, measurement_unit.inodes_total);
1264 1264
1265 mp_perfdata inode_percentage_pd = perfdata_init();
1266 inode_percentage_pd = mp_set_pd_value(inode_percentage_pd, free_inode_percentage);
1267 inode_percentage_pd = mp_pd_set_thresholds(inode_percentage_pd, measurement_unit.freeinodes_percent_thresholds);
1268
1265 if (verbose > 0) { 1269 if (verbose > 0) {
1266 printf("free inode percentage computed: %g\n", free_inode_percentage); 1270 printf("free inode percentage computed: %g\n", free_inode_percentage);
1267 } 1271 }
@@ -1293,7 +1297,7 @@ mp_subcheck evaluate_filesystem(measurement_unit measurement_unit, bool display_
1293 inodes_pd = mp_pd_set_thresholds(inodes_pd, absolut_inode_thresholds); 1297 inodes_pd = mp_pd_set_thresholds(inodes_pd, absolut_inode_thresholds);
1294 1298
1295 freeindodes_percent_sc = 1299 freeindodes_percent_sc =
1296 mp_set_subcheck_state(freeindodes_percent_sc, mp_get_pd_status(inodes_pd)); 1300 mp_set_subcheck_state(freeindodes_percent_sc, mp_get_pd_status(inode_percentage_pd));
1297 if (display_inodes_perfdata) { 1301 if (display_inodes_perfdata) {
1298 mp_add_perfdata_to_subcheck(&freeindodes_percent_sc, inodes_pd); 1302 mp_add_perfdata_to_subcheck(&freeindodes_percent_sc, inodes_pd);
1299 } 1303 }
diff --git a/plugins/check_http.c b/plugins/check_http.c
index d2f080c7..71f94b91 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -544,11 +544,7 @@ bool process_arguments(int argc, char **argv) {
544 address_family = AF_INET; 544 address_family = AF_INET;
545 break; 545 break;
546 case '6': 546 case '6':
547#ifdef USE_IPV6
548 address_family = AF_INET6; 547 address_family = AF_INET6;
549#else
550 usage4(_("IPv6 support not available"));
551#endif
552 break; 548 break;
553 case 'v': /* verbose */ 549 case 'v': /* verbose */
554 verbose = true; 550 verbose = true;
diff --git a/plugins/check_ide_smart.c b/plugins/check_ide_smart.c
index 16fe3d01..c1325cf9 100644
--- a/plugins/check_ide_smart.c
+++ b/plugins/check_ide_smart.c
@@ -39,6 +39,8 @@ const char *email = "devel@monitoring-plugins.org";
39 39
40#include "common.h" 40#include "common.h"
41#include "utils.h" 41#include "utils.h"
42#include "check_ide_smart.d/config.h"
43#include "states.h"
42 44
43static void print_help(void); 45static void print_help(void);
44void print_usage(void); 46void print_usage(void);
@@ -46,6 +48,7 @@ void print_usage(void);
46#include <sys/stat.h> 48#include <sys/stat.h>
47#include <sys/ioctl.h> 49#include <sys/ioctl.h>
48#include <fcntl.h> 50#include <fcntl.h>
51
49#ifdef __linux__ 52#ifdef __linux__
50# include <linux/hdreg.h> 53# include <linux/hdreg.h>
51# include <linux/types.h> 54# include <linux/types.h>
@@ -77,30 +80,30 @@ void print_usage(void);
77#define OPERATIONAL 0 80#define OPERATIONAL 0
78#define UNKNOWN -1 81#define UNKNOWN -1
79 82
80typedef struct threshold_s { 83typedef struct {
81 uint8_t id; 84 uint8_t id;
82 uint8_t threshold; 85 uint8_t threshold;
83 uint8_t reserved[10]; 86 uint8_t reserved[10];
84} __attribute__((packed)) threshold_t; 87} __attribute__((packed)) smart_threshold;
85 88
86typedef struct thresholds_s { 89typedef struct {
87 uint16_t revision; 90 uint16_t revision;
88 threshold_t thresholds[NR_ATTRIBUTES]; 91 smart_threshold thresholds[NR_ATTRIBUTES];
89 uint8_t reserved[18]; 92 uint8_t reserved[18];
90 uint8_t vendor[131]; 93 uint8_t vendor[131];
91 uint8_t checksum; 94 uint8_t checksum;
92} __attribute__((packed)) thresholds_t; 95} __attribute__((packed)) smart_thresholds;
93 96
94typedef struct value_s { 97typedef struct {
95 uint8_t id; 98 uint8_t id;
96 uint16_t status; 99 uint16_t status;
97 uint8_t value; 100 uint8_t value;
98 uint8_t vendor[8]; 101 uint8_t vendor[8];
99} __attribute__((packed)) value_t; 102} __attribute__((packed)) smart_value;
100 103
101typedef struct values_s { 104typedef struct {
102 uint16_t revision; 105 uint16_t revision;
103 value_t values[NR_ATTRIBUTES]; 106 smart_value values[NR_ATTRIBUTES];
104 uint8_t offline_status; 107 uint8_t offline_status;
105 uint8_t vendor1; 108 uint8_t vendor1;
106 uint16_t offline_timeout; 109 uint16_t offline_timeout;
@@ -110,7 +113,7 @@ typedef struct values_s {
110 uint8_t reserved[16]; 113 uint8_t reserved[16];
111 uint8_t vendor[125]; 114 uint8_t vendor[125];
112 uint8_t checksum; 115 uint8_t checksum;
113} __attribute__((packed)) values_t; 116} __attribute__((packed)) smart_values;
114 117
115static struct { 118static struct {
116 uint8_t value; 119 uint8_t value;
@@ -133,25 +136,20 @@ enum SmartCommand {
133 SMART_CMD_AUTO_OFFLINE 136 SMART_CMD_AUTO_OFFLINE
134}; 137};
135 138
136static char *get_offline_text(int); 139static char *get_offline_text(int /*status*/);
137static int smart_read_values(int, values_t *); 140static int smart_read_values(int /*fd*/, smart_values * /*values*/);
138static int nagios(values_t *, thresholds_t *); 141static mp_state_enum compare_values_and_thresholds(smart_values * /*p*/, smart_thresholds * /*t*/);
139static void print_value(value_t *, threshold_t *); 142static void print_value(smart_value * /*p*/, smart_threshold * /*t*/);
140static void print_values(values_t *, thresholds_t *); 143static void print_values(smart_values * /*p*/, smart_thresholds * /*t*/);
141static int smart_cmd_simple(int, enum SmartCommand, uint8_t, bool); 144static mp_state_enum smart_cmd_simple(int /*fd*/, enum SmartCommand /*command*/, uint8_t /*val0*/, bool /*show_error*/);
142static int smart_read_thresholds(int, thresholds_t *); 145static int smart_read_thresholds(int /*fd*/, smart_thresholds * /*thresholds*/);
143static bool verbose = false; 146static int verbose = 0;
144 147
145int main(int argc, char *argv[]) { 148typedef struct {
146 char *device = NULL; 149 int errorcode;
147 int o; 150 check_ide_smart_config config;
148 int longindex; 151} check_ide_smart_config_wrapper;
149 int retval = 0; 152static check_ide_smart_config_wrapper process_arguments(int argc, char **argv) {
150
151 thresholds_t thresholds;
152 values_t values;
153 int fd;
154
155 static struct option longopts[] = {{"device", required_argument, 0, 'd'}, 153 static struct option longopts[] = {{"device", required_argument, 0, 'd'},
156 {"immediate", no_argument, 0, 'i'}, 154 {"immediate", no_argument, 0, 'i'},
157 {"quiet-check", no_argument, 0, 'q'}, 155 {"quiet-check", no_argument, 0, 'q'},
@@ -162,24 +160,22 @@ int main(int argc, char *argv[]) {
162 {"version", no_argument, 0, 'V'}, 160 {"version", no_argument, 0, 'V'},
163 {0, 0, 0, 0}}; 161 {0, 0, 0, 0}};
164 162
165 /* Parse extra opts if any */ 163 check_ide_smart_config_wrapper result = {
166 argv = np_extra_opts(&argc, argv, progname); 164 .errorcode = OK,
167 165 .config = check_ide_smart_init(),
168 setlocale(LC_ALL, ""); 166 };
169 bindtextdomain(PACKAGE, LOCALEDIR);
170 textdomain(PACKAGE);
171 167
172 while (true) { 168 while (true) {
169 int longindex = 0;
170 int option_index = getopt_long(argc, argv, "+d:iq10nhVv", longopts, &longindex);
173 171
174 o = getopt_long(argc, argv, "+d:iq10nhVv", longopts, &longindex); 172 if (option_index == -1 || option_index == EOF || option_index == 1) {
175
176 if (o == -1 || o == EOF || o == 1) {
177 break; 173 break;
178 } 174 }
179 175
180 switch (o) { 176 switch (option_index) {
181 case 'd': 177 case 'd':
182 device = optarg; 178 result.config.device = optarg;
183 break; 179 break;
184 case 'q': 180 case 'q':
185 fprintf(stderr, "%s\n", _("DEPRECATION WARNING: the -q switch (quiet output) is no longer \"quiet\".")); 181 fprintf(stderr, "%s\n", _("DEPRECATION WARNING: the -q switch (quiet output) is no longer \"quiet\"."));
@@ -189,84 +185,103 @@ int main(int argc, char *argv[]) {
189 case '1': 185 case '1':
190 case '0': 186 case '0':
191 printf("%s\n", _("SMART commands are broken and have been disabled (See Notes in --help).")); 187 printf("%s\n", _("SMART commands are broken and have been disabled (See Notes in --help)."));
192 return STATE_CRITICAL; 188 result.errorcode = ERROR;
189 return result;
193 break; 190 break;
194 case 'n': 191 case 'n':
195 fprintf(stderr, "%s\n", _("DEPRECATION WARNING: the -n switch (Nagios-compatible output) is now the")); 192 fprintf(stderr, "%s\n", _("DEPRECATION WARNING: the -n switch (Nagios-compatible output) is now the"));
196 fprintf(stderr, "%s\n", _("default and will be removed from future releases.")); 193 fprintf(stderr, "%s\n", _("default and will be removed from future releases."));
197 break; 194 break;
198 case 'v': /* verbose */ 195 case 'v': /* verbose */
199 verbose = true; 196 verbose++;
200 break; 197 break;
201 case 'h': 198 case 'h':
202 print_help(); 199 print_help();
203 return STATE_UNKNOWN; 200 exit(STATE_UNKNOWN);
204 case 'V': 201 case 'V':
205 print_revision(progname, NP_VERSION); 202 print_revision(progname, NP_VERSION);
206 return STATE_UNKNOWN; 203 exit(STATE_UNKNOWN);
207 default: 204 default:
208 usage5(); 205 usage5();
209 } 206 }
210 } 207 }
211 208
212 if (optind < argc) { 209 if (optind < argc) {
213 device = argv[optind]; 210 result.config.device = argv[optind];
214 } 211 }
215 212
216 if (!device) { 213 if (result.config.device == NULL) {
217 print_help(); 214 print_help();
218 return STATE_UNKNOWN; 215 exit(STATE_UNKNOWN);
216 }
217
218 return result;
219}
220
221int main(int argc, char *argv[]) {
222 setlocale(LC_ALL, "");
223 bindtextdomain(PACKAGE, LOCALEDIR);
224 textdomain(PACKAGE);
225
226 /* Parse extra opts if any */
227 argv = np_extra_opts(&argc, argv, progname);
228
229 check_ide_smart_config_wrapper tmp_config = process_arguments(argc, argv);
230
231 if (tmp_config.errorcode != OK) {
232 die(STATE_UNKNOWN, _("Failed to parse commandline"));
219 } 233 }
220 234
221 fd = open(device, OPEN_MODE); 235 check_ide_smart_config config = tmp_config.config;
222 236
223 if (fd < 0) { 237 int device_file_descriptor = open(config.device, OPEN_MODE);
224 printf(_("CRITICAL - Couldn't open device %s: %s\n"), device, strerror(errno)); 238
239 if (device_file_descriptor < 0) {
240 printf(_("CRITICAL - Couldn't open device %s: %s\n"), config.device, strerror(errno));
225 return STATE_CRITICAL; 241 return STATE_CRITICAL;
226 } 242 }
227 243
228 if (smart_cmd_simple(fd, SMART_CMD_ENABLE, 0, false)) { 244 if (smart_cmd_simple(device_file_descriptor, SMART_CMD_ENABLE, 0, false)) {
229 printf(_("CRITICAL - SMART_CMD_ENABLE\n")); 245 printf(_("CRITICAL - SMART_CMD_ENABLE\n"));
230 return STATE_CRITICAL; 246 return STATE_CRITICAL;
231 } 247 }
232 248
233 smart_read_values(fd, &values); 249 smart_values values;
234 smart_read_thresholds(fd, &thresholds); 250 smart_read_values(device_file_descriptor, &values);
235 retval = nagios(&values, &thresholds); 251 smart_thresholds thresholds;
252 smart_read_thresholds(device_file_descriptor, &thresholds);
253 mp_state_enum retval = compare_values_and_thresholds(&values, &thresholds);
236 if (verbose) { 254 if (verbose) {
237 print_values(&values, &thresholds); 255 print_values(&values, &thresholds);
238 } 256 }
239 257
240 close(fd); 258 close(device_file_descriptor);
241 return retval; 259 return retval;
242} 260}
243 261
244char *get_offline_text(int status) { 262char *get_offline_text(int status) {
245 int i; 263 for (int index = 0; offline_status_text[index].text; index++) {
246 for (i = 0; offline_status_text[i].text; i++) { 264 if (offline_status_text[index].value == status) {
247 if (offline_status_text[i].value == status) { 265 return offline_status_text[index].text;
248 return offline_status_text[i].text;
249 } 266 }
250 } 267 }
251 return "UNKNOWN"; 268 return "UNKNOWN";
252} 269}
253 270
254int smart_read_values(int fd, values_t *values) { 271int smart_read_values(int file_descriptor, smart_values *values) {
255#ifdef __linux__ 272#ifdef __linux__
256 int e;
257 uint8_t args[4 + 512]; 273 uint8_t args[4 + 512];
258 args[0] = WIN_SMART; 274 args[0] = WIN_SMART;
259 args[1] = 0; 275 args[1] = 0;
260 args[2] = SMART_READ_VALUES; 276 args[2] = SMART_READ_VALUES;
261 args[3] = 1; 277 args[3] = 1;
262 if (ioctl(fd, HDIO_DRIVE_CMD, &args)) { 278 if (ioctl(file_descriptor, HDIO_DRIVE_CMD, &args)) {
263 e = errno; 279 int errno_storage = errno;
264 printf(_("CRITICAL - SMART_READ_VALUES: %s\n"), strerror(errno)); 280 printf(_("CRITICAL - SMART_READ_VALUES: %s\n"), strerror(errno));
265 return e; 281 return errno_storage;
266 } 282 }
267 memcpy(values, args + 4, 512); 283 memcpy(values, args + 4, 512);
268#endif /* __linux__ */ 284#elif defined __NetBSD__
269#ifdef __NetBSD__
270 struct atareq req; 285 struct atareq req;
271 unsigned char inbuf[DEV_BSIZE]; 286 unsigned char inbuf[DEV_BSIZE];
272 287
@@ -281,34 +296,37 @@ int smart_read_values(int fd, values_t *values) {
281 req.datalen = sizeof(inbuf); 296 req.datalen = sizeof(inbuf);
282 req.cylinder = WDSMART_CYL; 297 req.cylinder = WDSMART_CYL;
283 298
284 if (ioctl(fd, ATAIOCCOMMAND, &req) == 0) { 299 if (ioctl(file_descriptor, ATAIOCCOMMAND, &req) == 0) {
285 if (req.retsts != ATACMD_OK) { 300 if (req.retsts != ATACMD_OK) {
286 errno = ENODEV; 301 errno = ENODEV;
287 } 302 }
288 } 303 }
289 304
290 if (errno != 0) { 305 if (errno != 0) {
291 int e = errno; 306 int errno_storage = errno;
292 printf(_("CRITICAL - SMART_READ_VALUES: %s\n"), strerror(errno)); 307 printf(_("CRITICAL - SMART_READ_VALUES: %s\n"), strerror(errno));
293 return e; 308 return errno_storage;
294 } 309 }
295 310
296 (void)memcpy(values, inbuf, 512); 311 (void)memcpy(values, inbuf, 512);
297#endif /* __NetBSD__ */ 312#else // __linux__ || __NetBSD__
313# error Not implemented for this OS
314#endif
315
298 return 0; 316 return 0;
299} 317}
300 318
301int nagios(values_t *p, thresholds_t *t) { 319mp_state_enum compare_values_and_thresholds(smart_values *values, smart_thresholds *thresholds) {
302 value_t *value = p->values; 320 smart_value *value = values->values;
303 threshold_t *threshold = t->thresholds; 321 smart_threshold *threshold = thresholds->thresholds;
322
304 int status = OPERATIONAL; 323 int status = OPERATIONAL;
305 int prefailure = 0; 324 int prefailure = 0;
306 int advisory = 0; 325 int advisory = 0;
307 int failed = 0; 326 int failed = 0;
308 int passed = 0; 327 int passed = 0;
309 int total = 0; 328 int total = 0;
310 int i; 329 for (int i = 0; i < NR_ATTRIBUTES; i++) {
311 for (i = 0; i < NR_ATTRIBUTES; i++) {
312 if (value->id && threshold->id && value->id == threshold->id) { 330 if (value->id && threshold->id && value->id == threshold->id) {
313 if (value->value < threshold->threshold) { 331 if (value->value < threshold->threshold) {
314 ++failed; 332 ++failed;
@@ -327,6 +345,7 @@ int nagios(values_t *p, thresholds_t *t) {
327 ++value; 345 ++value;
328 ++threshold; 346 ++threshold;
329 } 347 }
348
330 switch (status) { 349 switch (status) {
331 case PREFAILURE: 350 case PREFAILURE:
332 printf(_("CRITICAL - %d Harddrive PreFailure%cDetected! %d/%d tests failed.\n"), prefailure, prefailure > 1 ? 's' : ' ', failed, 351 printf(_("CRITICAL - %d Harddrive PreFailure%cDetected! %d/%d tests failed.\n"), prefailure, prefailure > 1 ? 's' : ' ', failed,
@@ -349,50 +368,51 @@ int nagios(values_t *p, thresholds_t *t) {
349 return status; 368 return status;
350} 369}
351 370
352void print_value(value_t *p, threshold_t *t) { 371void print_value(smart_value *value_pointer, smart_threshold *threshold_pointer) {
353 printf("Id=%3d, Status=%2d {%s , %s}, Value=%3d, Threshold=%3d, %s\n", p->id, p->status, p->status & 1 ? "PreFailure" : "Advisory ", 372 printf("Id=%3d, Status=%2d {%s , %s}, Value=%3d, Threshold=%3d, %s\n", value_pointer->id, value_pointer->status,
354 p->status & 2 ? "OnLine " : "OffLine", p->value, t->threshold, p->value >= t->threshold ? "Passed" : "Failed"); 373 value_pointer->status & 1 ? "PreFailure" : "Advisory ", value_pointer->status & 2 ? "OnLine " : "OffLine",
374 value_pointer->value, threshold_pointer->threshold, value_pointer->value >= threshold_pointer->threshold ? "Passed" : "Failed");
355} 375}
356 376
357void print_values(values_t *p, thresholds_t *t) { 377void print_values(smart_values *values, smart_thresholds *thresholds) {
358 value_t *value = p->values; 378 smart_value *value = values->values;
359 threshold_t *threshold = t->thresholds; 379 smart_threshold *threshold = thresholds->thresholds;
360 int i; 380 for (int i = 0; i < NR_ATTRIBUTES; i++) {
361 for (i = 0; i < NR_ATTRIBUTES; i++) {
362 if (value->id && threshold->id && value->id == threshold->id) { 381 if (value->id && threshold->id && value->id == threshold->id) {
363 print_value(value++, threshold++); 382 print_value(value++, threshold++);
364 } 383 }
365 } 384 }
366 printf(_("OffLineStatus=%d {%s}, AutoOffLine=%s, OffLineTimeout=%d minutes\n"), p->offline_status, 385 printf(_("OffLineStatus=%d {%s}, AutoOffLine=%s, OffLineTimeout=%d minutes\n"), values->offline_status,
367 get_offline_text(p->offline_status & 0x7f), (p->offline_status & 0x80 ? "Yes" : "No"), p->offline_timeout / 60); 386 get_offline_text(values->offline_status & 0x7f), (values->offline_status & 0x80 ? "Yes" : "No"), values->offline_timeout / 60);
368 printf(_("OffLineCapability=%d {%s %s %s}\n"), p->offline_capability, p->offline_capability & 1 ? "Immediate" : "", 387 printf(_("OffLineCapability=%d {%s %s %s}\n"), values->offline_capability, values->offline_capability & 1 ? "Immediate" : "",
369 p->offline_capability & 2 ? "Auto" : "", p->offline_capability & 4 ? "AbortOnCmd" : "SuspendOnCmd"); 388 values->offline_capability & 2 ? "Auto" : "", values->offline_capability & 4 ? "AbortOnCmd" : "SuspendOnCmd");
370 printf(_("SmartRevision=%d, CheckSum=%d, SmartCapability=%d {%s %s}\n"), p->revision, p->checksum, p->smart_capability, 389 printf(_("SmartRevision=%d, CheckSum=%d, SmartCapability=%d {%s %s}\n"), values->revision, values->checksum, values->smart_capability,
371 p->smart_capability & 1 ? "SaveOnStandBy" : "", p->smart_capability & 2 ? "AutoSave" : ""); 390 values->smart_capability & 1 ? "SaveOnStandBy" : "", values->smart_capability & 2 ? "AutoSave" : "");
372} 391}
373 392
374int smart_cmd_simple(int fd, enum SmartCommand command, uint8_t val0, bool show_error) { 393mp_state_enum smart_cmd_simple(int file_descriptor, enum SmartCommand command, uint8_t val0, bool show_error) {
375 int e = STATE_UNKNOWN; 394 mp_state_enum result = STATE_UNKNOWN;
376#ifdef __linux__ 395#ifdef __linux__
377 uint8_t args[4]; 396 uint8_t args[4] = {
378 args[0] = WIN_SMART; 397 WIN_SMART,
379 args[1] = val0; 398 val0,
380 args[2] = smart_command[command].value; 399 smart_command[command].value,
381 args[3] = 0; 400 0,
382 if (ioctl(fd, HDIO_DRIVE_CMD, &args)) { 401 };
383 e = STATE_CRITICAL; 402
403 if (ioctl(file_descriptor, HDIO_DRIVE_CMD, &args)) {
404 result = STATE_CRITICAL;
384 if (show_error) { 405 if (show_error) {
385 printf(_("CRITICAL - %s: %s\n"), smart_command[command].text, strerror(errno)); 406 printf(_("CRITICAL - %s: %s\n"), smart_command[command].text, strerror(errno));
386 } 407 }
387 } else { 408 } else {
388 e = STATE_OK; 409 result = STATE_OK;
389 if (show_error) { 410 if (show_error) {
390 printf(_("OK - Command sent (%s)\n"), smart_command[command].text); 411 printf(_("OK - Command sent (%s)\n"), smart_command[command].text);
391 } 412 }
392 } 413 }
393 414
394#endif /* __linux__ */ 415#elif defined __NetBSD__
395#ifdef __NetBSD__
396 struct atareq req; 416 struct atareq req;
397 417
398 memset(&req, 0, sizeof(req)); 418 memset(&req, 0, sizeof(req));
@@ -403,7 +423,7 @@ int smart_cmd_simple(int fd, enum SmartCommand command, uint8_t val0, bool show_
403 req.cylinder = WDSMART_CYL; 423 req.cylinder = WDSMART_CYL;
404 req.sec_count = val0; 424 req.sec_count = val0;
405 425
406 if (ioctl(fd, ATAIOCCOMMAND, &req) == 0) { 426 if (ioctl(file_descriptor, ATAIOCCOMMAND, &req) == 0) {
407 if (req.retsts != ATACMD_OK) { 427 if (req.retsts != ATACMD_OK) {
408 errno = ENODEV; 428 errno = ENODEV;
409 } 429 }
@@ -413,42 +433,42 @@ int smart_cmd_simple(int fd, enum SmartCommand command, uint8_t val0, bool show_
413 } 433 }
414 434
415 if (errno != 0) { 435 if (errno != 0) {
416 e = STATE_CRITICAL; 436 result = STATE_CRITICAL;
417 if (show_error) { 437 if (show_error) {
418 printf(_("CRITICAL - %s: %s\n"), smart_command[command].text, strerror(errno)); 438 printf(_("CRITICAL - %s: %s\n"), smart_command[command].text, strerror(errno));
419 } 439 }
420 } else { 440 } else {
421 e = STATE_OK; 441 result = STATE_OK;
422 if (show_error) { 442 if (show_error) {
423 printf(_("OK - Command sent (%s)\n"), smart_command[command].text); 443 printf(_("OK - Command sent (%s)\n"), smart_command[command].text);
424 } 444 }
425 } 445 }
426 446#else
447# error Not implemented for this OS
427#endif /* __NetBSD__ */ 448#endif /* __NetBSD__ */
428 return e; 449
450 return result;
429} 451}
430 452
431int smart_read_thresholds(int fd, thresholds_t *thresholds) { 453int smart_read_thresholds(int file_descriptor, smart_thresholds *thresholds) {
432#ifdef __linux__ 454#ifdef __linux__
433 int e;
434 uint8_t args[4 + 512]; 455 uint8_t args[4 + 512];
435 args[0] = WIN_SMART; 456 args[0] = WIN_SMART;
436 args[1] = 0; 457 args[1] = 0;
437 args[2] = SMART_READ_THRESHOLDS; 458 args[2] = SMART_READ_THRESHOLDS;
438 args[3] = 1; 459 args[3] = 1;
439 if (ioctl(fd, HDIO_DRIVE_CMD, &args)) { 460 if (ioctl(file_descriptor, HDIO_DRIVE_CMD, &args)) {
440 e = errno; 461 int errno_storage = errno;
441 printf(_("CRITICAL - SMART_READ_THRESHOLDS: %s\n"), strerror(errno)); 462 printf(_("CRITICAL - SMART_READ_THRESHOLDS: %s\n"), strerror(errno));
442 return e; 463 return errno_storage;
443 } 464 }
444 memcpy(thresholds, args + 4, 512); 465 memcpy(thresholds, args + 4, 512);
445#endif /* __linux__ */ 466#elif defined __NetBSD__
446#ifdef __NetBSD__
447 struct atareq req; 467 struct atareq req;
448 unsigned char inbuf[DEV_BSIZE];
449
450 memset(&req, 0, sizeof(req)); 468 memset(&req, 0, sizeof(req));
451 req.timeout = 1000; 469 req.timeout = 1000;
470
471 unsigned char inbuf[DEV_BSIZE];
452 memset(&inbuf, 0, sizeof(inbuf)); 472 memset(&inbuf, 0, sizeof(inbuf));
453 473
454 req.flags = ATACMD_READ; 474 req.flags = ATACMD_READ;
@@ -458,20 +478,23 @@ int smart_read_thresholds(int fd, thresholds_t *thresholds) {
458 req.datalen = sizeof(inbuf); 478 req.datalen = sizeof(inbuf);
459 req.cylinder = WDSMART_CYL; 479 req.cylinder = WDSMART_CYL;
460 480
461 if (ioctl(fd, ATAIOCCOMMAND, &req) == 0) { 481 if (ioctl(file_descriptor, ATAIOCCOMMAND, &req) == 0) {
462 if (req.retsts != ATACMD_OK) { 482 if (req.retsts != ATACMD_OK) {
463 errno = ENODEV; 483 errno = ENODEV;
464 } 484 }
465 } 485 }
466 486
467 if (errno != 0) { 487 if (errno != 0) {
468 int e = errno; 488 int errno_storage = errno;
469 printf(_("CRITICAL - SMART_READ_THRESHOLDS: %s\n"), strerror(errno)); 489 printf(_("CRITICAL - SMART_READ_THRESHOLDS: %s\n"), strerror(errno));
470 return e; 490 return errno_storage;
471 } 491 }
472 492
473 (void)memcpy(thresholds, inbuf, 512); 493 (void)memcpy(thresholds, inbuf, 512);
494#else
495# error Not implemented for this OS
474#endif /* __NetBSD__ */ 496#endif /* __NetBSD__ */
497
475 return 0; 498 return 0;
476} 499}
477 500
diff --git a/plugins/check_ide_smart.d/config.h b/plugins/check_ide_smart.d/config.h
new file mode 100644
index 00000000..36899abe
--- /dev/null
+++ b/plugins/check_ide_smart.d/config.h
@@ -0,0 +1,15 @@
1#pragma once
2
3#include "../../config.h"
4#include <stddef.h>
5
6typedef struct {
7 char *device;
8} check_ide_smart_config;
9
10check_ide_smart_config check_ide_smart_init() {
11 check_ide_smart_config tmp = {
12 .device = NULL,
13 };
14 return tmp;
15}
diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c
index 1b2e2826..7f8282b4 100644
--- a/plugins/check_ldap.c
+++ b/plugins/check_ldap.c
@@ -400,7 +400,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
400 break; 400 break;
401 case 'w': { 401 case 'w': {
402 mp_range_parsed tmp = mp_parse_range_string(optarg); 402 mp_range_parsed tmp = mp_parse_range_string(optarg);
403 if (tmp.error != MP_PARSING_SUCCES) { 403 if (tmp.error != MP_PARSING_SUCCESS) {
404 die(STATE_UNKNOWN, "failed to parse warning connection time threshold"); 404 die(STATE_UNKNOWN, "failed to parse warning connection time threshold");
405 } 405 }
406 result.config.connection_time_threshold = 406 result.config.connection_time_threshold =
@@ -408,7 +408,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
408 } break; 408 } break;
409 case 'c': { 409 case 'c': {
410 mp_range_parsed tmp = mp_parse_range_string(optarg); 410 mp_range_parsed tmp = mp_parse_range_string(optarg);
411 if (tmp.error != MP_PARSING_SUCCES) { 411 if (tmp.error != MP_PARSING_SUCCESS) {
412 die(STATE_UNKNOWN, "failed to parse critical connection time threshold"); 412 die(STATE_UNKNOWN, "failed to parse critical connection time threshold");
413 } 413 }
414 result.config.connection_time_threshold = 414 result.config.connection_time_threshold =
@@ -416,7 +416,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
416 } break; 416 } break;
417 case 'W': { 417 case 'W': {
418 mp_range_parsed tmp = mp_parse_range_string(optarg); 418 mp_range_parsed tmp = mp_parse_range_string(optarg);
419 if (tmp.error != MP_PARSING_SUCCES) { 419 if (tmp.error != MP_PARSING_SUCCESS) {
420 die(STATE_UNKNOWN, "failed to parse number of entries warning threshold"); 420 die(STATE_UNKNOWN, "failed to parse number of entries warning threshold");
421 } 421 }
422 result.config.entries_thresholds = 422 result.config.entries_thresholds =
@@ -424,7 +424,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
424 } break; 424 } break;
425 case 'C': { 425 case 'C': {
426 mp_range_parsed tmp = mp_parse_range_string(optarg); 426 mp_range_parsed tmp = mp_parse_range_string(optarg);
427 if (tmp.error != MP_PARSING_SUCCES) { 427 if (tmp.error != MP_PARSING_SUCCESS) {
428 die(STATE_UNKNOWN, "failed to parse number of entries critical threshold"); 428 die(STATE_UNKNOWN, "failed to parse number of entries critical threshold");
429 } 429 }
430 result.config.entries_thresholds = 430 result.config.entries_thresholds =
@@ -462,11 +462,7 @@ check_ldap_config_wrapper process_arguments(int argc, char **argv) {
462 } 462 }
463 break; 463 break;
464 case '6': 464 case '6':
465#ifdef USE_IPV6
466 address_family = AF_INET6; 465 address_family = AF_INET6;
467#else
468 usage(_("IPv6 support not available\n"));
469#endif
470 break; 466 break;
471 case output_format_index: { 467 case output_format_index: {
472 parsed_output_format parser = mp_parse_output_format(optarg); 468 parsed_output_format parser = mp_parse_output_format(optarg);
diff --git a/plugins/check_mrtg.c b/plugins/check_mrtg.c
index cdc2a035..bb38fcc5 100644
--- a/plugins/check_mrtg.c
+++ b/plugins/check_mrtg.c
@@ -255,7 +255,7 @@ check_mrtg_config_wrapper process_arguments(int argc, char **argv) {
255 break; 255 break;
256 case 'w': /* critical time threshold */ { 256 case 'w': /* critical time threshold */ {
257 mp_range_parsed tmp = mp_parse_range_string(optarg); 257 mp_range_parsed tmp = mp_parse_range_string(optarg);
258 if (tmp.error != MP_PARSING_SUCCES) { 258 if (tmp.error != MP_PARSING_SUCCESS) {
259 die(STATE_UNKNOWN, "failed to parse warning threshold"); 259 die(STATE_UNKNOWN, "failed to parse warning threshold");
260 } 260 }
261 result.config.values_threshold = 261 result.config.values_threshold =
@@ -263,7 +263,7 @@ check_mrtg_config_wrapper process_arguments(int argc, char **argv) {
263 } break; 263 } break;
264 case 'c': /* warning time threshold */ { 264 case 'c': /* warning time threshold */ {
265 mp_range_parsed tmp = mp_parse_range_string(optarg); 265 mp_range_parsed tmp = mp_parse_range_string(optarg);
266 if (tmp.error != MP_PARSING_SUCCES) { 266 if (tmp.error != MP_PARSING_SUCCESS) {
267 die(STATE_UNKNOWN, "failed to parse critical threshold"); 267 die(STATE_UNKNOWN, "failed to parse critical threshold");
268 } 268 }
269 result.config.values_threshold = 269 result.config.values_threshold =
@@ -330,7 +330,7 @@ check_mrtg_config_wrapper process_arguments(int argc, char **argv) {
330 330
331 if (argc > option_char && !result.config.values_threshold.warning_is_set) { 331 if (argc > option_char && !result.config.values_threshold.warning_is_set) {
332 mp_range_parsed tmp = mp_parse_range_string(argv[option_char++]); 332 mp_range_parsed tmp = mp_parse_range_string(argv[option_char++]);
333 if (tmp.error != MP_PARSING_SUCCES) { 333 if (tmp.error != MP_PARSING_SUCCESS) {
334 die(STATE_UNKNOWN, "failed to parse warning threshold"); 334 die(STATE_UNKNOWN, "failed to parse warning threshold");
335 } 335 }
336 result.config.values_threshold = 336 result.config.values_threshold =
@@ -339,7 +339,7 @@ check_mrtg_config_wrapper process_arguments(int argc, char **argv) {
339 339
340 if (argc > option_char && !result.config.values_threshold.critical_is_set) { 340 if (argc > option_char && !result.config.values_threshold.critical_is_set) {
341 mp_range_parsed tmp = mp_parse_range_string(argv[option_char++]); 341 mp_range_parsed tmp = mp_parse_range_string(argv[option_char++]);
342 if (tmp.error != MP_PARSING_SUCCES) { 342 if (tmp.error != MP_PARSING_SUCCESS) {
343 die(STATE_UNKNOWN, "failed to parse critical threshold"); 343 die(STATE_UNKNOWN, "failed to parse critical threshold");
344 } 344 }
345 result.config.values_threshold = 345 result.config.values_threshold =
diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c
index 26730d4c..15005bf5 100644
--- a/plugins/check_mysql.c
+++ b/plugins/check_mysql.c
@@ -572,7 +572,7 @@ check_mysql_config_wrapper process_arguments(int argc, char **argv) {
572 break; 572 break;
573 case 'w': { 573 case 'w': {
574 mp_range_parsed tmp = mp_parse_range_string(optarg); 574 mp_range_parsed tmp = mp_parse_range_string(optarg);
575 if (tmp.error != MP_PARSING_SUCCES) { 575 if (tmp.error != MP_PARSING_SUCCESS) {
576 die(STATE_UNKNOWN, "failed to parse warning time threshold"); 576 die(STATE_UNKNOWN, "failed to parse warning time threshold");
577 } 577 }
578 result.config.replica_thresholds = 578 result.config.replica_thresholds =
@@ -580,7 +580,7 @@ check_mysql_config_wrapper process_arguments(int argc, char **argv) {
580 } break; 580 } break;
581 case 'c': { 581 case 'c': {
582 mp_range_parsed tmp = mp_parse_range_string(optarg); 582 mp_range_parsed tmp = mp_parse_range_string(optarg);
583 if (tmp.error != MP_PARSING_SUCCES) { 583 if (tmp.error != MP_PARSING_SUCCESS) {
584 die(STATE_UNKNOWN, "failed to parse critical time threshold"); 584 die(STATE_UNKNOWN, "failed to parse critical time threshold");
585 } 585 }
586 result.config.replica_thresholds = 586 result.config.replica_thresholds =
diff --git a/plugins/check_mysql_query.c b/plugins/check_mysql_query.c
index ae6cc15d..fc0966d3 100644
--- a/plugins/check_mysql_query.c
+++ b/plugins/check_mysql_query.c
@@ -277,14 +277,14 @@ check_mysql_query_config_wrapper process_arguments(int argc, char **argv) {
277 break; 277 break;
278 case 'w': { 278 case 'w': {
279 mp_range_parsed tmp = mp_parse_range_string(optarg); 279 mp_range_parsed tmp = mp_parse_range_string(optarg);
280 if (tmp.error != MP_PARSING_SUCCES) { 280 if (tmp.error != MP_PARSING_SUCCESS) {
281 die(STATE_UNKNOWN, "failed to parse warning threshold"); 281 die(STATE_UNKNOWN, "failed to parse warning threshold");
282 } 282 }
283 result.config.thresholds = mp_thresholds_set_warn(result.config.thresholds, tmp.range); 283 result.config.thresholds = mp_thresholds_set_warn(result.config.thresholds, tmp.range);
284 } break; 284 } break;
285 case 'c': { 285 case 'c': {
286 mp_range_parsed tmp = mp_parse_range_string(optarg); 286 mp_range_parsed tmp = mp_parse_range_string(optarg);
287 if (tmp.error != MP_PARSING_SUCCES) { 287 if (tmp.error != MP_PARSING_SUCCESS) {
288 die(STATE_UNKNOWN, "failed to parse critical threshold"); 288 die(STATE_UNKNOWN, "failed to parse critical threshold");
289 } 289 }
290 result.config.thresholds = mp_thresholds_set_crit(result.config.thresholds, tmp.range); 290 result.config.thresholds = mp_thresholds_set_crit(result.config.thresholds, tmp.range);
diff --git a/plugins/check_ntp_peer.c b/plugins/check_ntp_peer.c
index 26f74286..b5cfb460 100644
--- a/plugins/check_ntp_peer.c
+++ b/plugins/check_ntp_peer.c
@@ -548,7 +548,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
548 break; 548 break;
549 case 'w': { 549 case 'w': {
550 mp_range_parsed tmp = mp_parse_range_string(optarg); 550 mp_range_parsed tmp = mp_parse_range_string(optarg);
551 if (tmp.error != MP_PARSING_SUCCES) { 551 if (tmp.error != MP_PARSING_SUCCESS) {
552 die(STATE_UNKNOWN, "failed to parse warning offset threshold"); 552 die(STATE_UNKNOWN, "failed to parse warning offset threshold");
553 } 553 }
554 554
@@ -557,7 +557,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
557 } break; 557 } break;
558 case 'c': { 558 case 'c': {
559 mp_range_parsed tmp = mp_parse_range_string(optarg); 559 mp_range_parsed tmp = mp_parse_range_string(optarg);
560 if (tmp.error != MP_PARSING_SUCCES) { 560 if (tmp.error != MP_PARSING_SUCCESS) {
561 die(STATE_UNKNOWN, "failed to parse critical offset threshold"); 561 die(STATE_UNKNOWN, "failed to parse critical offset threshold");
562 } 562 }
563 563
@@ -567,7 +567,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
567 case 'W': { 567 case 'W': {
568 result.config.do_stratum = true; 568 result.config.do_stratum = true;
569 mp_range_parsed tmp = mp_parse_range_string(optarg); 569 mp_range_parsed tmp = mp_parse_range_string(optarg);
570 if (tmp.error != MP_PARSING_SUCCES) { 570 if (tmp.error != MP_PARSING_SUCCESS) {
571 die(STATE_UNKNOWN, "failed to parse warning stratum threshold"); 571 die(STATE_UNKNOWN, "failed to parse warning stratum threshold");
572 } 572 }
573 573
@@ -577,7 +577,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
577 case 'C': { 577 case 'C': {
578 result.config.do_stratum = true; 578 result.config.do_stratum = true;
579 mp_range_parsed tmp = mp_parse_range_string(optarg); 579 mp_range_parsed tmp = mp_parse_range_string(optarg);
580 if (tmp.error != MP_PARSING_SUCCES) { 580 if (tmp.error != MP_PARSING_SUCCESS) {
581 die(STATE_UNKNOWN, "failed to parse critical stratum threshold"); 581 die(STATE_UNKNOWN, "failed to parse critical stratum threshold");
582 } 582 }
583 583
@@ -587,7 +587,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
587 case 'j': { 587 case 'j': {
588 result.config.do_jitter = true; 588 result.config.do_jitter = true;
589 mp_range_parsed tmp = mp_parse_range_string(optarg); 589 mp_range_parsed tmp = mp_parse_range_string(optarg);
590 if (tmp.error != MP_PARSING_SUCCES) { 590 if (tmp.error != MP_PARSING_SUCCESS) {
591 die(STATE_UNKNOWN, "failed to parse warning jitter threshold"); 591 die(STATE_UNKNOWN, "failed to parse warning jitter threshold");
592 } 592 }
593 593
@@ -597,7 +597,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
597 case 'k': { 597 case 'k': {
598 result.config.do_jitter = true; 598 result.config.do_jitter = true;
599 mp_range_parsed tmp = mp_parse_range_string(optarg); 599 mp_range_parsed tmp = mp_parse_range_string(optarg);
600 if (tmp.error != MP_PARSING_SUCCES) { 600 if (tmp.error != MP_PARSING_SUCCESS) {
601 die(STATE_UNKNOWN, "failed to parse critical jitter threshold"); 601 die(STATE_UNKNOWN, "failed to parse critical jitter threshold");
602 } 602 }
603 603
@@ -607,7 +607,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
607 case 'm': { 607 case 'm': {
608 result.config.do_truechimers = true; 608 result.config.do_truechimers = true;
609 mp_range_parsed tmp = mp_parse_range_string(optarg); 609 mp_range_parsed tmp = mp_parse_range_string(optarg);
610 if (tmp.error != MP_PARSING_SUCCES) { 610 if (tmp.error != MP_PARSING_SUCCESS) {
611 die(STATE_UNKNOWN, "failed to parse warning truechimer threshold"); 611 die(STATE_UNKNOWN, "failed to parse warning truechimer threshold");
612 } 612 }
613 613
@@ -617,7 +617,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
617 case 'n': { 617 case 'n': {
618 result.config.do_truechimers = true; 618 result.config.do_truechimers = true;
619 mp_range_parsed tmp = mp_parse_range_string(optarg); 619 mp_range_parsed tmp = mp_parse_range_string(optarg);
620 if (tmp.error != MP_PARSING_SUCCES) { 620 if (tmp.error != MP_PARSING_SUCCESS) {
621 die(STATE_UNKNOWN, "failed to parse critical truechimer threshold"); 621 die(STATE_UNKNOWN, "failed to parse critical truechimer threshold");
622 } 622 }
623 623
@@ -640,11 +640,7 @@ check_ntp_peer_config_wrapper process_arguments(int argc, char **argv) {
640 address_family = AF_INET; 640 address_family = AF_INET;
641 break; 641 break;
642 case '6': 642 case '6':
643#ifdef USE_IPV6
644 address_family = AF_INET6; 643 address_family = AF_INET6;
645#else
646 usage4(_("IPv6 support not available"));
647#endif
648 break; 644 break;
649 case '?': 645 case '?':
650 /* print short usage statement if args not parsable */ 646 /* print short usage statement if args not parsable */
diff --git a/plugins/check_ntp_time.c b/plugins/check_ntp_time.c
index 9e0beb9c..4e3a55db 100644
--- a/plugins/check_ntp_time.c
+++ b/plugins/check_ntp_time.c
@@ -605,7 +605,7 @@ static check_ntp_time_config_wrapper process_arguments(int argc, char **argv) {
605 break; 605 break;
606 case 'w': { 606 case 'w': {
607 mp_range_parsed tmp = mp_parse_range_string(optarg); 607 mp_range_parsed tmp = mp_parse_range_string(optarg);
608 if (tmp.error != MP_PARSING_SUCCES) { 608 if (tmp.error != MP_PARSING_SUCCESS) {
609 die(STATE_UNKNOWN, "failed to parse warning threshold"); 609 die(STATE_UNKNOWN, "failed to parse warning threshold");
610 } 610 }
611 611
@@ -614,7 +614,7 @@ static check_ntp_time_config_wrapper process_arguments(int argc, char **argv) {
614 } break; 614 } break;
615 case 'c': { 615 case 'c': {
616 mp_range_parsed tmp = mp_parse_range_string(optarg); 616 mp_range_parsed tmp = mp_parse_range_string(optarg);
617 if (tmp.error != MP_PARSING_SUCCES) { 617 if (tmp.error != MP_PARSING_SUCCESS) {
618 die(STATE_UNKNOWN, "failed to parse crit threshold"); 618 die(STATE_UNKNOWN, "failed to parse crit threshold");
619 } 619 }
620 620
@@ -640,11 +640,7 @@ static check_ntp_time_config_wrapper process_arguments(int argc, char **argv) {
640 address_family = AF_INET; 640 address_family = AF_INET;
641 break; 641 break;
642 case '6': 642 case '6':
643#ifdef USE_IPV6
644 address_family = AF_INET6; 643 address_family = AF_INET6;
645#else
646 usage4(_("IPv6 support not available"));
647#endif
648 break; 644 break;
649 case '?': 645 case '?':
650 /* print short usage statement if args not parsable */ 646 /* print short usage statement if args not parsable */
@@ -661,6 +657,14 @@ static check_ntp_time_config_wrapper process_arguments(int argc, char **argv) {
661} 657}
662 658
663int main(int argc, char *argv[]) { 659int main(int argc, char *argv[]) {
660#ifdef __OpenBSD__
661 /* - rpath is required to read --extra-opts (given up later)
662 * - inet is required for sockets
663 * - unix is required for Unix domain sockets
664 * - dns is required for name lookups */
665 pledge("stdio rpath inet unix dns", NULL);
666#endif // __OpenBSD__
667
664 setlocale(LC_ALL, ""); 668 setlocale(LC_ALL, "");
665 bindtextdomain(PACKAGE, LOCALEDIR); 669 bindtextdomain(PACKAGE, LOCALEDIR);
666 textdomain(PACKAGE); 670 textdomain(PACKAGE);
@@ -674,6 +678,10 @@ int main(int argc, char *argv[]) {
674 usage4(_("Could not parse arguments")); 678 usage4(_("Could not parse arguments"));
675 } 679 }
676 680
681#ifdef __OpenBSD__
682 pledge("stdio inet unix dns", NULL);
683#endif // __OpenBSD__
684
677 const check_ntp_time_config config = tmp_config.config; 685 const check_ntp_time_config config = tmp_config.config;
678 686
679 if (config.output_format_is_set) { 687 if (config.output_format_is_set) {
diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c
index 0ce75e0a..8cbaaeeb 100644
--- a/plugins/check_pgsql.c
+++ b/plugins/check_pgsql.c
@@ -401,7 +401,7 @@ static check_pgsql_config_wrapper process_arguments(int argc, char **argv) {
401 break; 401 break;
402 case 'c': /* critical time threshold */ { 402 case 'c': /* critical time threshold */ {
403 mp_range_parsed tmp = mp_parse_range_string(optarg); 403 mp_range_parsed tmp = mp_parse_range_string(optarg);
404 if (tmp.error != MP_PARSING_SUCCES) { 404 if (tmp.error != MP_PARSING_SUCCESS) {
405 die(STATE_UNKNOWN, "failed to parse critical time threshold"); 405 die(STATE_UNKNOWN, "failed to parse critical time threshold");
406 } 406 }
407 result.config.time_thresholds = 407 result.config.time_thresholds =
@@ -409,7 +409,7 @@ static check_pgsql_config_wrapper process_arguments(int argc, char **argv) {
409 } break; 409 } break;
410 case 'w': /* warning time threshold */ { 410 case 'w': /* warning time threshold */ {
411 mp_range_parsed tmp = mp_parse_range_string(optarg); 411 mp_range_parsed tmp = mp_parse_range_string(optarg);
412 if (tmp.error != MP_PARSING_SUCCES) { 412 if (tmp.error != MP_PARSING_SUCCESS) {
413 die(STATE_UNKNOWN, "failed to parse warning time threshold"); 413 die(STATE_UNKNOWN, "failed to parse warning time threshold");
414 } 414 }
415 result.config.time_thresholds = 415 result.config.time_thresholds =
@@ -417,7 +417,7 @@ static check_pgsql_config_wrapper process_arguments(int argc, char **argv) {
417 } break; 417 } break;
418 case 'C': /* critical query threshold */ { 418 case 'C': /* critical query threshold */ {
419 mp_range_parsed tmp = mp_parse_range_string(optarg); 419 mp_range_parsed tmp = mp_parse_range_string(optarg);
420 if (tmp.error != MP_PARSING_SUCCES) { 420 if (tmp.error != MP_PARSING_SUCCESS) {
421 die(STATE_UNKNOWN, "failed to parse critical query threshold"); 421 die(STATE_UNKNOWN, "failed to parse critical query threshold");
422 } 422 }
423 423
@@ -427,7 +427,7 @@ static check_pgsql_config_wrapper process_arguments(int argc, char **argv) {
427 } break; 427 } break;
428 case 'W': /* warning query threshold */ { 428 case 'W': /* warning query threshold */ {
429 mp_range_parsed tmp = mp_parse_range_string(optarg); 429 mp_range_parsed tmp = mp_parse_range_string(optarg);
430 if (tmp.error != MP_PARSING_SUCCES) { 430 if (tmp.error != MP_PARSING_SUCCESS) {
431 die(STATE_UNKNOWN, "failed to parse warning query threshold"); 431 die(STATE_UNKNOWN, "failed to parse warning query threshold");
432 } 432 }
433 result.config.qthresholds = 433 result.config.qthresholds =
diff --git a/plugins/check_ping.c b/plugins/check_ping.c
index 61feb958..e1ee0f5c 100644
--- a/plugins/check_ping.c
+++ b/plugins/check_ping.c
@@ -246,11 +246,7 @@ check_ping_config_wrapper process_arguments(int argc, char **argv) {
246 address_family = AF_INET; 246 address_family = AF_INET;
247 break; 247 break;
248 case '6': /* IPv6 only */ 248 case '6': /* IPv6 only */
249#ifdef USE_IPV6
250 address_family = AF_INET6; 249 address_family = AF_INET6;
251#else
252 usage(_("IPv6 support not available\n"));
253#endif
254 break; 250 break;
255 case 'H': /* hostname */ { 251 case 'H': /* hostname */ {
256 char *ptr = optarg; 252 char *ptr = optarg;
diff --git a/plugins/check_procs.c b/plugins/check_procs.c
index ae6e9c23..50837cb4 100644
--- a/plugins/check_procs.c
+++ b/plugins/check_procs.c
@@ -430,7 +430,7 @@ check_procs_config_wrapper process_arguments(int argc, char **argv) {
430 while (true) { 430 while (true) {
431 int option = 0; 431 int option = 0;
432 int option_index = 432 int option_index =
433 getopt_long(argc, argv, "Vvhkt:c:w:p:s:u:C:a:z:r:m:P:T:X:", longopts, &option); 433 getopt_long(argc, argv, "Vvhkt:c:w:p:s:u:C:a:z:r:m:P:TX:", longopts, &option);
434 434
435 if (option_index == -1 || option_index == EOF) { 435 if (option_index == -1 || option_index == EOF) {
436 break; 436 break;
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index d26f7cf3..93352bcc 100644
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
@@ -28,6 +28,7 @@
28 * 28 *
29 *****************************************************************************/ 29 *****************************************************************************/
30 30
31#include "output.h"
31const char *progname = "check_radius"; 32const char *progname = "check_radius";
32const char *copyright = "2000-2024"; 33const char *copyright = "2000-2024";
33const char *email = "devel@monitoring-plugins.org"; 34const char *email = "devel@monitoring-plugins.org";
@@ -158,49 +159,80 @@ int main(int argc, char **argv) {
158 159
159 check_radius_config config = tmp_config.config; 160 check_radius_config config = tmp_config.config;
160 161
162 if (config.output_format_is_set) {
163 mp_set_format(config.output_format);
164 }
165
161#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || \ 166#if defined(HAVE_LIBFREERADIUS_CLIENT) || defined(HAVE_LIBRADIUSCLIENT_NG) || \
162 defined(HAVE_LIBRADCLI) 167 defined(HAVE_LIBRADCLI)
163 rc_handle *rch = NULL; 168 rc_handle *rch = NULL;
164#endif 169#endif
165 170
171 mp_check overall = mp_check_init();
172 mp_subcheck sc_read_config = mp_subcheck_init();
173
166 char *str = strdup("dictionary"); 174 char *str = strdup("dictionary");
167 if ((config.config_file && my_rc_read_config(config.config_file, &rch)) || 175 if ((config.config_file && my_rc_read_config(config.config_file, &rch)) ||
168 my_rc_read_dictionary(my_rc_conf_str(str))) { 176 my_rc_read_dictionary(my_rc_conf_str(str))) {
169 die(STATE_UNKNOWN, _("Config file error\n")); 177 sc_read_config = mp_set_subcheck_state(sc_read_config, STATE_UNKNOWN);
178 xasprintf(&sc_read_config.output, "failed to read config file");
179 mp_add_subcheck_to_check(&overall, sc_read_config);
180 mp_exit(overall);
170 } 181 }
171 182
183 sc_read_config = mp_set_subcheck_state(sc_read_config, STATE_OK);
184 xasprintf(&sc_read_config.output, "read config file successfully");
185 mp_add_subcheck_to_check(&overall, sc_read_config);
186
172 uint32_t service = PW_AUTHENTICATE_ONLY; 187 uint32_t service = PW_AUTHENTICATE_ONLY;
173 188
189 mp_subcheck sc_configuring = mp_subcheck_init();
174 SEND_DATA data; 190 SEND_DATA data;
175 memset(&data, 0, sizeof(data)); 191 memset(&data, 0, sizeof(data));
176 if (!(my_rc_avpair_add(&data.send_pairs, PW_SERVICE_TYPE, &service, 0) && 192 if (!(my_rc_avpair_add(&data.send_pairs, PW_SERVICE_TYPE, &service, 0) &&
177 my_rc_avpair_add(&data.send_pairs, PW_USER_NAME, config.username, 0) && 193 my_rc_avpair_add(&data.send_pairs, PW_USER_NAME, config.username, 0) &&
178 my_rc_avpair_add(&data.send_pairs, PW_USER_PASSWORD, config.password, 0))) { 194 my_rc_avpair_add(&data.send_pairs, PW_USER_PASSWORD, config.password, 0))) {
179 die(STATE_UNKNOWN, _("Out of Memory?\n")); 195 xasprintf(&sc_configuring.output, "Failed to the radius options: Out of Memory?");
196 sc_configuring = mp_set_subcheck_state(sc_configuring, STATE_UNKNOWN);
197 mp_add_subcheck_to_check(&overall, sc_configuring);
198 mp_exit(overall);
180 } 199 }
181 200
182 if (config.nas_id != NULL) { 201 if (config.nas_id != NULL) {
183 if (!(my_rc_avpair_add(&data.send_pairs, PW_NAS_IDENTIFIER, config.nas_id, 0))) { 202 if (!(my_rc_avpair_add(&data.send_pairs, PW_NAS_IDENTIFIER, config.nas_id, 0))) {
184 die(STATE_UNKNOWN, _("Invalid NAS-Identifier\n")); 203 xasprintf(&sc_configuring.output,
204 "Failed to the radius options: invalid NAS identifier?");
205 sc_configuring = mp_set_subcheck_state(sc_configuring, STATE_UNKNOWN);
206 mp_add_subcheck_to_check(&overall, sc_configuring);
207 mp_exit(overall);
185 } 208 }
186 } 209 }
187 210
188 char name[HOST_NAME_MAX]; 211 char name[HOST_NAME_MAX];
189 if (config.nas_ip_address == NULL) { 212 if (config.nas_ip_address == NULL) {
190 if (gethostname(name, sizeof(name)) != 0) { 213 if (gethostname(name, sizeof(name)) != 0) {
191 die(STATE_UNKNOWN, _("gethostname() failed!\n")); 214 xasprintf(&sc_configuring.output, "gethostname() failed");
215 sc_configuring = mp_set_subcheck_state(sc_configuring, STATE_UNKNOWN);
216 mp_add_subcheck_to_check(&overall, sc_configuring);
217 mp_exit(overall);
192 } 218 }
193 config.nas_ip_address = name; 219 config.nas_ip_address = name;
194 } 220 }
195 221
196 struct sockaddr_storage radius_server_socket; 222 struct sockaddr_storage radius_server_socket;
197 if (!dns_lookup(config.nas_ip_address, &radius_server_socket, AF_UNSPEC)) { 223 if (!dns_lookup(config.nas_ip_address, &radius_server_socket, AF_UNSPEC)) {
198 die(STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); 224 xasprintf(&sc_configuring.output, "invalid NAS IP address. Lookup failed");
225 sc_configuring = mp_set_subcheck_state(sc_configuring, STATE_UNKNOWN);
226 mp_add_subcheck_to_check(&overall, sc_configuring);
227 mp_exit(overall);
199 } 228 }
200 229
201 uint32_t client_id = ntohl(((struct sockaddr_in *)&radius_server_socket)->sin_addr.s_addr); 230 uint32_t client_id = ntohl(((struct sockaddr_in *)&radius_server_socket)->sin_addr.s_addr);
202 if (my_rc_avpair_add(&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL) { 231 if (my_rc_avpair_add(&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) == NULL) {
203 die(STATE_UNKNOWN, _("Invalid NAS-IP-Address\n")); 232 xasprintf(&sc_configuring.output, "invalid NAS IP address. Setting option failed");
233 sc_configuring = mp_set_subcheck_state(sc_configuring, STATE_UNKNOWN);
234 mp_add_subcheck_to_check(&overall, sc_configuring);
235 mp_exit(overall);
204 } 236 }
205 237
206 my_rc_buildreq(&data, PW_ACCESS_REQUEST, config.server, config.port, (int)timeout_interval, 238 my_rc_buildreq(&data, PW_ACCESS_REQUEST, config.server, config.port, (int)timeout_interval,
@@ -218,51 +250,78 @@ int main(int argc, char **argv) {
218 rc_avpair_free(data.receive_pairs); 250 rc_avpair_free(data.receive_pairs);
219 } 251 }
220 252
253 mp_subcheck sc_eval = mp_subcheck_init();
254
221 if (result == TIMEOUT_RC) { 255 if (result == TIMEOUT_RC) {
222 printf("Timeout\n"); 256 xasprintf(&sc_eval.output, "timeout");
223 exit(STATE_CRITICAL); 257 sc_eval = mp_set_subcheck_state(sc_eval, STATE_CRITICAL);
258 mp_add_subcheck_to_check(&overall, sc_eval);
259 mp_exit(overall);
224 } 260 }
225 261
226 if (result == ERROR_RC) { 262 if (result == ERROR_RC) {
227 printf(_("Auth Error\n")); 263 xasprintf(&sc_eval.output, "auth error");
228 exit(STATE_CRITICAL); 264 sc_eval = mp_set_subcheck_state(sc_eval, STATE_CRITICAL);
265 mp_add_subcheck_to_check(&overall, sc_eval);
266 mp_exit(overall);
229 } 267 }
230 268
231 if (result == REJECT_RC) { 269 if (result == REJECT_RC) {
232 printf(_("Auth Failed\n")); 270 xasprintf(&sc_eval.output, "auth failed");
233 exit(STATE_WARNING); 271 sc_eval = mp_set_subcheck_state(sc_eval, STATE_WARNING);
272 mp_add_subcheck_to_check(&overall, sc_eval);
273 mp_exit(overall);
234 } 274 }
235 275
236 if (result == BADRESP_RC) { 276 if (result == BADRESP_RC) {
237 printf(_("Bad Response\n")); 277 xasprintf(&sc_eval.output, "bad response");
238 exit(STATE_WARNING); 278 sc_eval = mp_set_subcheck_state(sc_eval, STATE_WARNING);
279 mp_add_subcheck_to_check(&overall, sc_eval);
280 mp_exit(overall);
239 } 281 }
240 282
241 if (config.expect && !strstr(msg, config.expect)) { 283 if (config.expect && !strstr(msg, config.expect)) {
242 printf("%s\n", msg); 284 xasprintf(&sc_eval.output, "%s", msg);
243 exit(STATE_WARNING); 285 sc_eval = mp_set_subcheck_state(sc_eval, STATE_WARNING);
286 mp_add_subcheck_to_check(&overall, sc_eval);
287 mp_exit(overall);
244 } 288 }
245 289
246 if (result == OK_RC) { 290 if (result == OK_RC) {
247 printf(_("Auth OK\n")); 291 xasprintf(&sc_eval.output, "auth OK");
248 exit(STATE_OK); 292 sc_eval = mp_set_subcheck_state(sc_eval, STATE_OK);
293 mp_add_subcheck_to_check(&overall, sc_eval);
294 mp_exit(overall);
249 } 295 }
250 296
251 (void)snprintf(msg, sizeof(msg), _("Unexpected result code %d"), result); 297 xasprintf(&sc_eval.output, "unexpected result code: %d", result);
252 printf("%s\n", msg); 298 sc_eval = mp_set_subcheck_state(sc_eval, STATE_UNKNOWN);
253 exit(STATE_UNKNOWN); 299 mp_add_subcheck_to_check(&overall, sc_eval);
300
301 mp_exit(overall);
254} 302}
255 303
256/* process command-line arguments */ 304/* process command-line arguments */
257check_radius_config_wrapper process_arguments(int argc, char **argv) { 305check_radius_config_wrapper process_arguments(int argc, char **argv) {
258 static struct option longopts[] = { 306 enum {
259 {"hostname", required_argument, 0, 'H'}, {"port", required_argument, 0, 'P'}, 307 output_format_index
260 {"username", required_argument, 0, 'u'}, {"password", required_argument, 0, 'p'}, 308 };
261 {"nas-id", required_argument, 0, 'n'}, {"nas-ip-address", required_argument, 0, 'N'}, 309
262 {"filename", required_argument, 0, 'F'}, {"expect", required_argument, 0, 'e'}, 310 static struct option longopts[] = {{"hostname", required_argument, 0, 'H'},
263 {"retries", required_argument, 0, 'r'}, {"timeout", required_argument, 0, 't'}, 311 {"port", required_argument, 0, 'P'},
264 {"verbose", no_argument, 0, 'v'}, {"version", no_argument, 0, 'V'}, 312 {"username", required_argument, 0, 'u'},
265 {"help", no_argument, 0, 'h'}, {0, 0, 0, 0}}; 313 {"password", required_argument, 0, 'p'},
314 {"nas-id", required_argument, 0, 'n'},
315 {"nas-ip-address", required_argument, 0, 'N'},
316 {"filename", required_argument, 0, 'F'},
317 {"expect", required_argument, 0, 'e'},
318 {"retries", required_argument, 0, 'r'},
319 {"timeout", required_argument, 0, 't'},
320 {"verbose", no_argument, 0, 'v'},
321 {"version", no_argument, 0, 'V'},
322 {"help", no_argument, 0, 'h'},
323 {"output-format", required_argument, 0, output_format_index},
324 {0, 0, 0, 0}};
266 325
267 check_radius_config_wrapper result = { 326 check_radius_config_wrapper result = {
268 .errorcode = OK, 327 .errorcode = OK,
@@ -340,6 +399,18 @@ check_radius_config_wrapper process_arguments(int argc, char **argv) {
340 usage2(_("Timeout interval must be a positive integer"), optarg); 399 usage2(_("Timeout interval must be a positive integer"), optarg);
341 } 400 }
342 break; 401 break;
402 case output_format_index: {
403 parsed_output_format parser = mp_parse_output_format(optarg);
404 if (!parser.parsing_success) {
405 // TODO List all available formats here, maybe add anothoer usage function
406 printf("Invalid output format: %s\n", optarg);
407 exit(STATE_UNKNOWN);
408 }
409
410 result.config.output_format_is_set = true;
411 result.config.output_format = parser.output_format;
412 break;
413 }
343 } 414 }
344 } 415 }
345 416
@@ -393,6 +464,7 @@ void print_help(void) {
393 printf(" %s\n", _("Response string to expect from the server")); 464 printf(" %s\n", _("Response string to expect from the server"));
394 printf(" %s\n", "-r, --retries=INTEGER"); 465 printf(" %s\n", "-r, --retries=INTEGER");
395 printf(" %s\n", _("Number of times to retry a failed connection")); 466 printf(" %s\n", _("Number of times to retry a failed connection"));
467 printf(UT_OUTPUT_FORMAT);
396 468
397 printf(UT_CONN_TIMEOUT, timeout_interval); 469 printf(UT_CONN_TIMEOUT, timeout_interval);
398 470
diff --git a/plugins/check_radius.d/config.h b/plugins/check_radius.d/config.h
index b27d31e7..656bf98e 100644
--- a/plugins/check_radius.d/config.h
+++ b/plugins/check_radius.d/config.h
@@ -1,6 +1,7 @@
1#pragma once 1#pragma once
2 2
3#include "../../config.h" 3#include "../../config.h"
4#include "output.h"
4#include <stddef.h> 5#include <stddef.h>
5#if defined(HAVE_LIBRADCLI) 6#if defined(HAVE_LIBRADCLI)
6# include <radcli/radcli.h> 7# include <radcli/radcli.h>
@@ -23,6 +24,9 @@ typedef struct {
23 unsigned short port; 24 unsigned short port;
24 25
25 char *expect; 26 char *expect;
27
28 bool output_format_is_set;
29 mp_output_format output_format;
26} check_radius_config; 30} check_radius_config;
27 31
28check_radius_config check_radius_config_init() { 32check_radius_config check_radius_config_init() {
@@ -37,6 +41,8 @@ check_radius_config check_radius_config_init() {
37 .port = PW_AUTH_UDP_PORT, 41 .port = PW_AUTH_UDP_PORT,
38 42
39 .expect = NULL, 43 .expect = NULL,
44
45 .output_format_is_set = false,
40 }; 46 };
41 return tmp; 47 return tmp;
42} 48}
diff --git a/plugins/check_real.c b/plugins/check_real.c
index 66d07f8f..b415578f 100644
--- a/plugins/check_real.c
+++ b/plugins/check_real.c
@@ -28,19 +28,21 @@
28 * 28 *
29 *****************************************************************************/ 29 *****************************************************************************/
30 30
31#include "output.h"
32#include "perfdata.h"
31#include "states.h" 33#include "states.h"
32#include <stdio.h> 34#include <stdio.h>
33const char *progname = "check_real";
34const char *copyright = "2000-2024";
35const char *email = "devel@monitoring-plugins.org";
36
37#include "common.h" 35#include "common.h"
38#include "netutils.h" 36#include "netutils.h"
37#include "thresholds.h"
39#include "utils.h" 38#include "utils.h"
40#include "check_real.d/config.h" 39#include "check_real.d/config.h"
41 40
42#define EXPECT "RTSP/1." 41const char *progname = "check_real";
43#define URL "" 42const char *copyright = "2000-2024";
43const char *email = "devel@monitoring-plugins.org";
44
45#define URL ""
44 46
45typedef struct { 47typedef struct {
46 int errorcode; 48 int errorcode;
@@ -68,42 +70,68 @@ int main(int argc, char **argv) {
68 70
69 const check_real_config config = tmp_config.config; 71 const check_real_config config = tmp_config.config;
70 72
73 if (config.output_format_is_set) {
74 mp_set_format(config.output_format);
75 }
76
71 /* initialize alarm signal handling */ 77 /* initialize alarm signal handling */
72 signal(SIGALRM, socket_timeout_alarm_handler); 78 signal(SIGALRM, socket_timeout_alarm_handler);
73 79
74 /* set socket timeout */ 80 /* set socket timeout */
75 alarm(socket_timeout); 81 alarm(socket_timeout);
82 time_t start_time;
76 time(&start_time); 83 time(&start_time);
77 84
85 mp_check overall = mp_check_init();
86 mp_subcheck sc_connect = mp_subcheck_init();
87
78 /* try to connect to the host at the given port number */ 88 /* try to connect to the host at the given port number */
79 int socket; 89 int socket;
80 if (my_tcp_connect(config.server_address, config.server_port, &socket) != STATE_OK) { 90 if (my_tcp_connect(config.server_address, config.server_port, &socket) != STATE_OK) {
81 die(STATE_CRITICAL, _("Unable to connect to %s on port %d\n"), config.server_address, 91 xasprintf(&sc_connect.output, _("unable to connect to %s on port %d"),
82 config.server_port); 92 config.server_address, config.server_port);
93 sc_connect = mp_set_subcheck_state(sc_connect, STATE_CRITICAL);
94 mp_add_subcheck_to_check(&overall, sc_connect);
95 mp_exit(overall);
83 } 96 }
84 97
98 xasprintf(&sc_connect.output, _("connected to %s on port %d"), config.server_address,
99 config.server_port);
100 sc_connect = mp_set_subcheck_state(sc_connect, STATE_OK);
101 mp_add_subcheck_to_check(&overall, sc_connect);
102
85 /* Part I - Server Check */ 103 /* Part I - Server Check */
104 mp_subcheck sc_send = mp_subcheck_init();
86 105
87 /* send the OPTIONS request */ 106 /* send the OPTIONS request */
88 char buffer[MAX_INPUT_BUFFER]; 107 char buffer[MAX_INPUT_BUFFER];
89 sprintf(buffer, "OPTIONS rtsp://%s:%d RTSP/1.0\r\n", config.host_name, config.server_port); 108 sprintf(buffer, "OPTIONS rtsp://%s:%d RTSP/1.0\r\n", config.host_name, config.server_port);
90 ssize_t sent_bytes = send(socket, buffer, strlen(buffer), 0); 109 ssize_t sent_bytes = send(socket, buffer, strlen(buffer), 0);
91 if (sent_bytes == -1) { 110 if (sent_bytes == -1) {
92 die(STATE_CRITICAL, _("Sending options to %s failed\n"), config.host_name); 111 xasprintf(&sc_send.output, _("Sending options to %s failed"), config.host_name);
112 sc_send = mp_set_subcheck_state(sc_send, STATE_CRITICAL);
113 mp_add_subcheck_to_check(&overall, sc_send);
114 mp_exit(overall);
93 } 115 }
94 116
95 /* send the header sync */ 117 /* send the header sync */
96 sprintf(buffer, "CSeq: 1\r\n"); 118 sprintf(buffer, "CSeq: 1\r\n");
97 sent_bytes = send(socket, buffer, strlen(buffer), 0); 119 sent_bytes = send(socket, buffer, strlen(buffer), 0);
98 if (sent_bytes == -1) { 120 if (sent_bytes == -1) {
99 die(STATE_CRITICAL, _("Sending header sync to %s failed\n"), config.host_name); 121 xasprintf(&sc_send.output, _("Sending header sync to %s failed"), config.host_name);
122 sc_send = mp_set_subcheck_state(sc_send, STATE_CRITICAL);
123 mp_add_subcheck_to_check(&overall, sc_send);
124 mp_exit(overall);
100 } 125 }
101 126
102 /* send a newline so the server knows we're done with the request */ 127 /* send a newline so the server knows we're done with the request */
103 sprintf(buffer, "\r\n"); 128 sprintf(buffer, "\r\n");
104 sent_bytes = send(socket, buffer, strlen(buffer), 0); 129 sent_bytes = send(socket, buffer, strlen(buffer), 0);
105 if (sent_bytes == -1) { 130 if (sent_bytes == -1) {
106 die(STATE_CRITICAL, _("Sending newline to %s failed\n"), config.host_name); 131 xasprintf(&sc_send.output, _("Sending newline to %s failed"), config.host_name);
132 sc_send = mp_set_subcheck_state(sc_send, STATE_CRITICAL);
133 mp_add_subcheck_to_check(&overall, sc_send);
134 mp_exit(overall);
107 } 135 }
108 136
109 /* watch for the REAL connection string */ 137 /* watch for the REAL connection string */
@@ -111,60 +139,75 @@ int main(int argc, char **argv) {
111 139
112 /* return a CRITICAL status if we couldn't read any data */ 140 /* return a CRITICAL status if we couldn't read any data */
113 if (received_bytes == -1) { 141 if (received_bytes == -1) {
114 die(STATE_CRITICAL, _("No data received from %s\n"), config.host_name); 142 xasprintf(&sc_send.output, _("No data received from %s"), config.host_name);
143 sc_send = mp_set_subcheck_state(sc_send, STATE_CRITICAL);
144 mp_add_subcheck_to_check(&overall, sc_send);
145 mp_exit(overall);
115 } 146 }
116 147
117 mp_state_enum result = STATE_OK; 148 time_t end_time;
118 char *status_line = NULL; 149 {
119 /* make sure we find the response we are looking for */ 150 mp_subcheck sc_options_request = mp_subcheck_init();
120 if (!strstr(buffer, config.server_expect)) { 151 mp_state_enum options_result = STATE_OK;
121 if (config.server_port == PORT) { 152 /* make sure we find the response we are looking for */
122 printf("%s\n", _("Invalid REAL response received from host")); 153 if (!strstr(buffer, config.server_expect)) {
154 if (config.server_port == PORT) {
155 xasprintf(&sc_options_request.output, "invalid REAL response received from host");
156 } else {
157 xasprintf(&sc_options_request.output,
158 "invalid REAL response received from host on port %d",
159 config.server_port);
160 }
123 } else { 161 } else {
124 printf(_("Invalid REAL response received from host on port %d\n"), config.server_port); 162 /* else we got the REAL string, so check the return code */
125 } 163 time(&end_time);
126 } else {
127 /* else we got the REAL string, so check the return code */
128 164
129 time(&end_time); 165 options_result = STATE_OK;
130 166
131 result = STATE_OK; 167 char *status_line = strtok(buffer, "\n");
168 xasprintf(&sc_options_request.output, "status line: %s", status_line);
132 169
133 status_line = strtok(buffer, "\n"); 170 if (strstr(status_line, "200")) {
134 171 options_result = STATE_OK;
135 if (strstr(status_line, "200")) { 172 }
136 result = STATE_OK; 173 /* client errors options_result in a warning state */
174 else if (strstr(status_line, "400")) {
175 options_result = STATE_WARNING;
176 } else if (strstr(status_line, "401")) {
177 options_result = STATE_WARNING;
178 } else if (strstr(status_line, "402")) {
179 options_result = STATE_WARNING;
180 } else if (strstr(status_line, "403")) {
181 options_result = STATE_WARNING;
182 } else if (strstr(status_line, "404")) {
183 options_result = STATE_WARNING;
184 } else if (strstr(status_line, "500")) {
185 /* server errors options_result in a critical state */
186 options_result = STATE_CRITICAL;
187 } else if (strstr(status_line, "501")) {
188 options_result = STATE_CRITICAL;
189 } else if (strstr(status_line, "502")) {
190 options_result = STATE_CRITICAL;
191 } else if (strstr(status_line, "503")) {
192 options_result = STATE_CRITICAL;
193 } else {
194 options_result = STATE_UNKNOWN;
195 }
137 } 196 }
138 197
139 /* client errors result in a warning state */ 198 sc_options_request = mp_set_subcheck_state(sc_options_request, options_result);
140 else if (strstr(status_line, "400")) { 199 mp_add_subcheck_to_check(&overall, sc_options_request);
141 result = STATE_WARNING; 200
142 } else if (strstr(status_line, "401")) { 201 if (options_result != STATE_OK) {
143 result = STATE_WARNING; 202 // exit here if Setting options already failed
144 } else if (strstr(status_line, "402")) { 203 mp_exit(overall);
145 result = STATE_WARNING;
146 } else if (strstr(status_line, "403")) {
147 result = STATE_WARNING;
148 } else if (strstr(status_line, "404")) {
149 result = STATE_WARNING;
150 } else if (strstr(status_line, "500")) {
151 /* server errors result in a critical state */
152 result = STATE_CRITICAL;
153 } else if (strstr(status_line, "501")) {
154 result = STATE_CRITICAL;
155 } else if (strstr(status_line, "502")) {
156 result = STATE_CRITICAL;
157 } else if (strstr(status_line, "503")) {
158 result = STATE_CRITICAL;
159 } else {
160 result = STATE_UNKNOWN;
161 } 204 }
162 } 205 }
163 206
164 /* Part II - Check stream exists and is ok */ 207 /* Part II - Check stream exists and is ok */
165 if ((result == STATE_OK) && (config.server_url != NULL)) { 208 if (config.server_url != NULL) {
166
167 /* Part I - Server Check */ 209 /* Part I - Server Check */
210 mp_subcheck sc_describe = mp_subcheck_init();
168 211
169 /* send the DESCRIBE request */ 212 /* send the DESCRIBE request */
170 sprintf(buffer, "DESCRIBE rtsp://%s:%d%s RTSP/1.0\r\n", config.host_name, 213 sprintf(buffer, "DESCRIBE rtsp://%s:%d%s RTSP/1.0\r\n", config.host_name,
@@ -172,98 +215,115 @@ int main(int argc, char **argv) {
172 215
173 ssize_t sent_bytes = send(socket, buffer, strlen(buffer), 0); 216 ssize_t sent_bytes = send(socket, buffer, strlen(buffer), 0);
174 if (sent_bytes == -1) { 217 if (sent_bytes == -1) {
175 die(STATE_CRITICAL, _("Sending DESCRIBE request to %s failed\n"), config.host_name); 218 sc_describe = mp_set_subcheck_state(sc_describe, STATE_CRITICAL);
219 xasprintf(&sc_describe.output, "sending DESCRIBE request to %s failed",
220 config.host_name);
221 mp_add_subcheck_to_check(&overall, sc_describe);
222 mp_exit(overall);
176 } 223 }
177 224
178 /* send the header sync */ 225 /* send the header sync */
179 sprintf(buffer, "CSeq: 2\r\n"); 226 sprintf(buffer, "CSeq: 2\r\n");
180 sent_bytes = send(socket, buffer, strlen(buffer), 0); 227 sent_bytes = send(socket, buffer, strlen(buffer), 0);
181 if (sent_bytes == -1) { 228 if (sent_bytes == -1) {
182 die(STATE_CRITICAL, _("Sending DESCRIBE request to %s failed\n"), config.host_name); 229 sc_describe = mp_set_subcheck_state(sc_describe, STATE_CRITICAL);
230 xasprintf(&sc_describe.output, "sending DESCRIBE request to %s failed",
231 config.host_name);
232 mp_add_subcheck_to_check(&overall, sc_describe);
233 mp_exit(overall);
183 } 234 }
184 235
185 /* send a newline so the server knows we're done with the request */ 236 /* send a newline so the server knows we're done with the request */
186 sprintf(buffer, "\r\n"); 237 sprintf(buffer, "\r\n");
187 sent_bytes = send(socket, buffer, strlen(buffer), 0); 238 sent_bytes = send(socket, buffer, strlen(buffer), 0);
188 if (sent_bytes == -1) { 239 if (sent_bytes == -1) {
189 die(STATE_CRITICAL, _("Sending DESCRIBE request to %s failed\n"), config.host_name); 240 sc_describe = mp_set_subcheck_state(sc_describe, STATE_CRITICAL);
241 xasprintf(&sc_describe.output, "sending DESCRIBE request to %s failed",
242 config.host_name);
243 mp_add_subcheck_to_check(&overall, sc_describe);
244 mp_exit(overall);
190 } 245 }
191 246
192 /* watch for the REAL connection string */ 247 /* watch for the REAL connection string */
193 ssize_t recv_bytes = recv(socket, buffer, MAX_INPUT_BUFFER - 1, 0); 248 ssize_t recv_bytes = recv(socket, buffer, MAX_INPUT_BUFFER - 1, 0);
194 if (recv_bytes == -1) { 249 if (recv_bytes == -1) {
195 /* return a CRITICAL status if we couldn't read any data */ 250 /* return a CRITICAL status if we couldn't read any data */
196 printf(_("No data received from host\n")); 251 sc_describe = mp_set_subcheck_state(sc_describe, STATE_CRITICAL);
197 result = STATE_CRITICAL; 252 xasprintf(&sc_describe.output, "No data received from host on DESCRIBE request");
253 mp_add_subcheck_to_check(&overall, sc_describe);
254 mp_exit(overall);
198 } else { 255 } else {
199 buffer[result] = '\0'; /* null terminate received buffer */ 256 buffer[recv_bytes] = '\0'; /* null terminate received buffer */
200 /* make sure we find the response we are looking for */ 257 /* make sure we find the response we are looking for */
201 if (!strstr(buffer, config.server_expect)) { 258 if (!strstr(buffer, config.server_expect)) {
202 if (config.server_port == PORT) { 259 if (config.server_port == PORT) {
203 printf("%s\n", _("Invalid REAL response received from host")); 260 xasprintf(&sc_describe.output, "invalid REAL response received from host");
204 } else { 261 } else {
205 printf(_("Invalid REAL response received from host on port %d\n"), 262 xasprintf(&sc_describe.output,
206 config.server_port); 263 "invalid REAL response received from host on port %d",
264 config.server_port);
207 } 265 }
208 } else {
209 266
267 sc_describe = mp_set_subcheck_state(sc_describe, STATE_UNKNOWN);
268 mp_add_subcheck_to_check(&overall, sc_describe);
269 mp_exit(overall);
270 } else {
210 /* else we got the REAL string, so check the return code */ 271 /* else we got the REAL string, so check the return code */
211 272
212 time(&end_time); 273 time(&end_time);
213 274
214 result = STATE_OK; 275 char *status_line = strtok(buffer, "\n");
215 276 xasprintf(&sc_describe.output, "status line: %s", status_line);
216 status_line = strtok(buffer, "\n");
217 277
278 mp_state_enum describe_result;
218 if (strstr(status_line, "200")) { 279 if (strstr(status_line, "200")) {
219 result = STATE_OK; 280 describe_result = STATE_OK;
220 } 281 }
221 282 /* client errors describe_result in a warning state */
222 /* client errors result in a warning state */
223 else if (strstr(status_line, "400")) { 283 else if (strstr(status_line, "400")) {
224 result = STATE_WARNING; 284 describe_result = STATE_WARNING;
225 } else if (strstr(status_line, "401")) { 285 } else if (strstr(status_line, "401")) {
226 result = STATE_WARNING; 286 describe_result = STATE_WARNING;
227 } else if (strstr(status_line, "402")) { 287 } else if (strstr(status_line, "402")) {
228 result = STATE_WARNING; 288 describe_result = STATE_WARNING;
229 } else if (strstr(status_line, "403")) { 289 } else if (strstr(status_line, "403")) {
230 result = STATE_WARNING; 290 describe_result = STATE_WARNING;
231 } else if (strstr(status_line, "404")) { 291 } else if (strstr(status_line, "404")) {
232 result = STATE_WARNING; 292 describe_result = STATE_WARNING;
233 } 293 }
234 294 /* server errors describe_result in a critical state */
235 /* server errors result in a critical state */
236 else if (strstr(status_line, "500")) { 295 else if (strstr(status_line, "500")) {
237 result = STATE_CRITICAL; 296 describe_result = STATE_CRITICAL;
238 } else if (strstr(status_line, "501")) { 297 } else if (strstr(status_line, "501")) {
239 result = STATE_CRITICAL; 298 describe_result = STATE_CRITICAL;
240 } else if (strstr(status_line, "502")) { 299 } else if (strstr(status_line, "502")) {
241 result = STATE_CRITICAL; 300 describe_result = STATE_CRITICAL;
242 } else if (strstr(status_line, "503")) { 301 } else if (strstr(status_line, "503")) {
243 result = STATE_CRITICAL; 302 describe_result = STATE_CRITICAL;
303 } else {
304 describe_result = STATE_UNKNOWN;
244 } 305 }
245 306
246 else { 307 sc_describe = mp_set_subcheck_state(sc_describe, describe_result);
247 result = STATE_UNKNOWN; 308 mp_add_subcheck_to_check(&overall, sc_describe);
248 }
249 } 309 }
250 } 310 }
251 } 311 }
252 312
253 /* Return results */ 313 /* Return results */
254 if (result == STATE_OK) { 314 mp_subcheck sc_timing = mp_subcheck_init();
255 if (config.check_critical_time && (end_time - start_time) > config.critical_time) { 315 xasprintf(&sc_timing.output, "response time: %lds", end_time - start_time);
256 result = STATE_CRITICAL; 316 sc_timing = mp_set_subcheck_default_state(sc_timing, STATE_OK);
257 } else if (config.check_warning_time && (end_time - start_time) > config.warning_time) {
258 result = STATE_WARNING;
259 }
260 317
261 /* Put some HTML in here to create a dynamic link */ 318 mp_perfdata pd_response_time = perfdata_init();
262 printf(_("REAL %s - %d second response time\n"), state_text(result), 319 pd_response_time = mp_set_pd_value(pd_response_time, (end_time - start_time));
263 (int)(end_time - start_time)); 320 pd_response_time.label = "response_time";
264 } else { 321 pd_response_time.uom = "s";
265 printf("%s\n", status_line); 322 pd_response_time = mp_pd_set_thresholds(pd_response_time, config.time_thresholds);
266 } 323 mp_add_perfdata_to_subcheck(&sc_connect, pd_response_time);
324 sc_timing = mp_set_subcheck_state(sc_timing, mp_get_pd_status(pd_response_time));
325
326 mp_add_subcheck_to_check(&overall, sc_timing);
267 327
268 /* close the connection */ 328 /* close the connection */
269 close(socket); 329 close(socket);
@@ -271,18 +331,28 @@ int main(int argc, char **argv) {
271 /* reset the alarm */ 331 /* reset the alarm */
272 alarm(0); 332 alarm(0);
273 333
274 exit(result); 334 mp_exit(overall);
275} 335}
276 336
277/* process command-line arguments */ 337/* process command-line arguments */
278check_real_config_wrapper process_arguments(int argc, char **argv) { 338check_real_config_wrapper process_arguments(int argc, char **argv) {
279 static struct option longopts[] = { 339 enum {
280 {"hostname", required_argument, 0, 'H'}, {"IPaddress", required_argument, 0, 'I'}, 340 output_format_index = CHAR_MAX + 1,
281 {"expect", required_argument, 0, 'e'}, {"url", required_argument, 0, 'u'}, 341 };
282 {"port", required_argument, 0, 'p'}, {"critical", required_argument, 0, 'c'}, 342
283 {"warning", required_argument, 0, 'w'}, {"timeout", required_argument, 0, 't'}, 343 static struct option longopts[] = {{"hostname", required_argument, 0, 'H'},
284 {"verbose", no_argument, 0, 'v'}, {"version", no_argument, 0, 'V'}, 344 {"IPaddress", required_argument, 0, 'I'},
285 {"help", no_argument, 0, 'h'}, {0, 0, 0, 0}}; 345 {"expect", required_argument, 0, 'e'},
346 {"url", required_argument, 0, 'u'},
347 {"port", required_argument, 0, 'p'},
348 {"critical", required_argument, 0, 'c'},
349 {"warning", required_argument, 0, 'w'},
350 {"timeout", required_argument, 0, 't'},
351 {"verbose", no_argument, 0, 'v'},
352 {"version", no_argument, 0, 'V'},
353 {"help", no_argument, 0, 'h'},
354 {"output-format", required_argument, 0, output_format_index},
355 {0, 0, 0, 0}};
286 356
287 check_real_config_wrapper result = { 357 check_real_config_wrapper result = {
288 .errorcode = OK, 358 .errorcode = OK,
@@ -337,21 +407,23 @@ check_real_config_wrapper process_arguments(int argc, char **argv) {
337 } 407 }
338 break; 408 break;
339 case 'w': /* warning time threshold */ 409 case 'w': /* warning time threshold */
340 if (is_intnonneg(optarg)) { 410 {
341 result.config.warning_time = atoi(optarg); 411 mp_range_parsed critical_range = mp_parse_range_string(optarg);
342 result.config.check_warning_time = true; 412 if (critical_range.error != MP_PARSING_SUCCESS) {
343 } else { 413 die(STATE_UNKNOWN, "failed to parse warning threshold: %s", optarg);
344 usage4(_("Warning time must be a positive integer"));
345 } 414 }
346 break; 415 result.config.time_thresholds =
416 mp_thresholds_set_warn(result.config.time_thresholds, critical_range.range);
417 } break;
347 case 'c': /* critical time threshold */ 418 case 'c': /* critical time threshold */
348 if (is_intnonneg(optarg)) { 419 {
349 result.config.critical_time = atoi(optarg); 420 mp_range_parsed critical_range = mp_parse_range_string(optarg);
350 result.config.check_critical_time = true; 421 if (critical_range.error != MP_PARSING_SUCCESS) {
351 } else { 422 die(STATE_UNKNOWN, "failed to parse critical threshold: %s", optarg);
352 usage4(_("Critical time must be a positive integer"));
353 } 423 }
354 break; 424 result.config.time_thresholds =
425 mp_thresholds_set_crit(result.config.time_thresholds, critical_range.range);
426 } break;
355 case 'v': /* verbose */ 427 case 'v': /* verbose */
356 verbose = true; 428 verbose = true;
357 break; 429 break;
@@ -368,6 +440,18 @@ check_real_config_wrapper process_arguments(int argc, char **argv) {
368 case 'h': /* help */ 440 case 'h': /* help */
369 print_help(); 441 print_help();
370 exit(STATE_UNKNOWN); 442 exit(STATE_UNKNOWN);
443 case output_format_index: {
444 parsed_output_format parser = mp_parse_output_format(optarg);
445 if (!parser.parsing_success) {
446 // TODO List all available formats here, maybe add anothoer usage function
447 printf("Invalid output format: %s\n", optarg);
448 exit(STATE_UNKNOWN);
449 }
450
451 result.config.output_format_is_set = true;
452 result.config.output_format = parser.output_format;
453 break;
454 }
371 case '?': /* usage */ 455 case '?': /* usage */
372 usage5(); 456 usage5();
373 } 457 }
@@ -390,10 +474,6 @@ check_real_config_wrapper process_arguments(int argc, char **argv) {
390 result.config.host_name = strdup(result.config.server_address); 474 result.config.host_name = strdup(result.config.server_address);
391 } 475 }
392 476
393 if (result.config.server_expect == NULL) {
394 result.config.server_expect = strdup(EXPECT);
395 }
396
397 return result; 477 return result;
398} 478}
399 479
@@ -420,7 +500,7 @@ void print_help(void) {
420 printf(" %s\n", "-u, --url=STRING"); 500 printf(" %s\n", "-u, --url=STRING");
421 printf(" %s\n", _("Connect to this url")); 501 printf(" %s\n", _("Connect to this url"));
422 printf(" %s\n", "-e, --expect=STRING"); 502 printf(" %s\n", "-e, --expect=STRING");
423 printf(_("String to expect in first line of server response (default: %s)\n"), EXPECT); 503 printf(_("String to expect in first line of server response (default: %s)\n"), default_expect);
424 504
425 printf(UT_WARN_CRIT); 505 printf(UT_WARN_CRIT);
426 506
diff --git a/plugins/check_real.d/config.h b/plugins/check_real.d/config.h
index c4663cf9..2d99ad49 100644
--- a/plugins/check_real.d/config.h
+++ b/plugins/check_real.d/config.h
@@ -1,12 +1,16 @@
1#pragma once 1#pragma once
2 2
3#include "../../config.h" 3#include "../../config.h"
4#include "output.h"
5#include "thresholds.h"
4#include <stddef.h> 6#include <stddef.h>
5 7
6enum { 8enum {
7 PORT = 554 9 PORT = 554
8}; 10};
9 11
12const char *default_expect = "RTSP/1.";
13
10typedef struct { 14typedef struct {
11 char *server_address; 15 char *server_address;
12 char *host_name; 16 char *host_name;
@@ -14,10 +18,11 @@ typedef struct {
14 char *server_url; 18 char *server_url;
15 19
16 char *server_expect; 20 char *server_expect;
17 int warning_time; 21
18 bool check_warning_time; 22 mp_thresholds time_thresholds;
19 int critical_time; 23
20 bool check_critical_time; 24 bool output_format_is_set;
25 mp_output_format output_format;
21} check_real_config; 26} check_real_config;
22 27
23check_real_config check_real_config_init() { 28check_real_config check_real_config_init() {
@@ -27,11 +32,11 @@ check_real_config check_real_config_init() {
27 .server_port = PORT, 32 .server_port = PORT,
28 .server_url = NULL, 33 .server_url = NULL,
29 34
30 .server_expect = NULL, 35 .server_expect = default_expect,
31 .warning_time = 0, 36
32 .check_warning_time = false, 37 .time_thresholds = mp_thresholds_init(),
33 .critical_time = 0, 38
34 .check_critical_time = false, 39 .output_format_is_set = false,
35 }; 40 };
36 return tmp; 41 return tmp;
37} 42}
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index e8c35f58..24883fd8 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -100,6 +100,14 @@ static int my_close(int /*socket_descriptor*/);
100static int verbose = 0; 100static int verbose = 0;
101 101
102int main(int argc, char **argv) { 102int main(int argc, char **argv) {
103#ifdef __OpenBSD__
104 /* - rpath is required to read --extra-opts (given up later)
105 * - inet is required for sockets
106 * - unix is required for Unix domain sockets
107 * - dns is required for name lookups */
108 pledge("stdio rpath inet unix dns", NULL);
109#endif // __OpenBSD__
110
103 setlocale(LC_ALL, ""); 111 setlocale(LC_ALL, "");
104 bindtextdomain(PACKAGE, LOCALEDIR); 112 bindtextdomain(PACKAGE, LOCALEDIR);
105 textdomain(PACKAGE); 113 textdomain(PACKAGE);
@@ -113,6 +121,10 @@ int main(int argc, char **argv) {
113 usage4(_("Could not parse arguments")); 121 usage4(_("Could not parse arguments"));
114 } 122 }
115 123
124#ifdef __OpenBSD__
125 pledge("stdio inet unix dns", NULL);
126#endif // __OpenBSD__
127
116 const check_smtp_config config = tmp_config.config; 128 const check_smtp_config config = tmp_config.config;
117 129
118 if (config.output_format_is_set) { 130 if (config.output_format_is_set) {
@@ -723,7 +735,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
723 break; 735 break;
724 case 'c': /* critical time threshold */ { 736 case 'c': /* critical time threshold */ {
725 mp_range_parsed tmp = mp_parse_range_string(optarg); 737 mp_range_parsed tmp = mp_parse_range_string(optarg);
726 if (tmp.error != MP_PARSING_SUCCES) { 738 if (tmp.error != MP_PARSING_SUCCESS) {
727 die(STATE_UNKNOWN, "failed to parse critical time threshold"); 739 die(STATE_UNKNOWN, "failed to parse critical time threshold");
728 } 740 }
729 result.config.connection_time = 741 result.config.connection_time =
@@ -731,7 +743,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
731 } break; 743 } break;
732 case 'w': /* warning time threshold */ { 744 case 'w': /* warning time threshold */ {
733 mp_range_parsed tmp = mp_parse_range_string(optarg); 745 mp_range_parsed tmp = mp_parse_range_string(optarg);
734 if (tmp.error != MP_PARSING_SUCCES) { 746 if (tmp.error != MP_PARSING_SUCCESS) {
735 die(STATE_UNKNOWN, "failed to parse warning time threshold"); 747 die(STATE_UNKNOWN, "failed to parse warning time threshold");
736 } 748 }
737 result.config.connection_time = 749 result.config.connection_time =
@@ -807,11 +819,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
807 address_family = AF_INET; 819 address_family = AF_INET;
808 break; 820 break;
809 case '6': 821 case '6':
810#ifdef USE_IPV6
811 address_family = AF_INET6; 822 address_family = AF_INET6;
812#else
813 usage4(_("IPv6 support not available"));
814#endif
815 break; 823 break;
816 case 'V': /* version */ 824 case 'V': /* version */
817 print_revision(progname, NP_VERSION); 825 print_revision(progname, NP_VERSION);
diff --git a/plugins/check_snmp.d/check_snmp_helpers.c b/plugins/check_snmp.d/check_snmp_helpers.c
index f506537a..83e94a34 100644
--- a/plugins/check_snmp.d/check_snmp_helpers.c
+++ b/plugins/check_snmp.d/check_snmp_helpers.c
@@ -36,7 +36,8 @@ int check_snmp_set_thresholds(const char *threshold_string, check_snmp_test_unit
36 threshold_string++; 36 threshold_string++;
37 } 37 }
38 38
39 for (char *ptr = strtok(threshold_string, ", "); ptr != NULL; 39 char *thr_string_copy = strdup(threshold_string);
40 for (char *ptr = strtok(thr_string_copy, ", "); ptr != NULL;
40 ptr = strtok(NULL, ", "), tu_index++) { 41 ptr = strtok(NULL, ", "), tu_index++) {
41 42
42 if (tu_index > max_test_units) { 43 if (tu_index > max_test_units) {
@@ -51,7 +52,7 @@ int check_snmp_set_thresholds(const char *threshold_string, check_snmp_test_unit
51 } 52 }
52 53
53 mp_range_parsed tmp = mp_parse_range_string(ptr); 54 mp_range_parsed tmp = mp_parse_range_string(ptr);
54 if (tmp.error != MP_PARSING_SUCCES) { 55 if (tmp.error != MP_PARSING_SUCCESS) {
55 die(STATE_UNKNOWN, "Unable to parse critical threshold range: %s", ptr); 56 die(STATE_UNKNOWN, "Unable to parse critical threshold range: %s", ptr);
56 } 57 }
57 58
@@ -64,11 +65,12 @@ int check_snmp_set_thresholds(const char *threshold_string, check_snmp_test_unit
64 } 65 }
65 } 66 }
66 67
68 free(thr_string_copy);
67 } else { 69 } else {
68 // Single value 70 // Single value
69 // only valid for the first test unit 71 // only valid for the first test unit
70 mp_range_parsed tmp = mp_parse_range_string(threshold_string); 72 mp_range_parsed tmp = mp_parse_range_string(threshold_string);
71 if (tmp.error != MP_PARSING_SUCCES) { 73 if (tmp.error != MP_PARSING_SUCCESS) {
72 die(STATE_UNKNOWN, "Unable to parse critical threshold range: %s", threshold_string); 74 die(STATE_UNKNOWN, "Unable to parse critical threshold range: %s", threshold_string);
73 } 75 }
74 76
@@ -843,8 +845,8 @@ char *_np_state_calculate_location_prefix(void) {
843 * Sets variables. Generates filename. Returns np_state_key. die with 845 * Sets variables. Generates filename. Returns np_state_key. die with
844 * UNKNOWN if exception 846 * UNKNOWN if exception
845 */ 847 */
846state_key np_enable_state(char *keyname, int expected_data_version, char *plugin_name, int argc, 848state_key np_enable_state(char *keyname, int expected_data_version, const char *plugin_name,
847 char **argv) { 849 int argc, char **argv) {
848 state_key *this_state = (state_key *)calloc(1, sizeof(state_key)); 850 state_key *this_state = (state_key *)calloc(1, sizeof(state_key));
849 if (this_state == NULL) { 851 if (this_state == NULL) {
850 die(STATE_UNKNOWN, _("Cannot allocate memory: %s"), strerror(errno)); 852 die(STATE_UNKNOWN, _("Cannot allocate memory: %s"), strerror(errno));
@@ -869,7 +871,7 @@ state_key np_enable_state(char *keyname, int expected_data_version, char *plugin
869 tmp_char++; 871 tmp_char++;
870 } 872 }
871 this_state->name = temp_keyname; 873 this_state->name = temp_keyname;
872 this_state->plugin_name = plugin_name; 874 this_state->plugin_name = (char *)plugin_name;
873 this_state->data_version = expected_data_version; 875 this_state->data_version = expected_data_version;
874 this_state->state_data = NULL; 876 this_state->state_data = NULL;
875 877
diff --git a/plugins/check_snmp.d/check_snmp_helpers.h b/plugins/check_snmp.d/check_snmp_helpers.h
index 0f7780b1..95b361ac 100644
--- a/plugins/check_snmp.d/check_snmp_helpers.h
+++ b/plugins/check_snmp.d/check_snmp_helpers.h
@@ -66,6 +66,6 @@ typedef struct state_key_struct {
66} state_key; 66} state_key;
67 67
68state_data *np_state_read(state_key stateKey); 68state_data *np_state_read(state_key stateKey);
69state_key np_enable_state(char *keyname, int expected_data_version, char *plugin_name, int argc, 69state_key np_enable_state(char *keyname, int expected_data_version, const char *plugin_name,
70 char **argv); 70 int argc, char **argv);
71void np_state_write_string(state_key stateKey, time_t timestamp, char *stringToStore); 71void np_state_write_string(state_key stateKey, time_t timestamp, char *stringToStore);
diff --git a/plugins/check_ssh.c b/plugins/check_ssh.c
index f6c8d551..911f6787 100644
--- a/plugins/check_ssh.c
+++ b/plugins/check_ssh.c
@@ -61,6 +61,14 @@ static int ssh_connect(mp_check *overall, char *haddr, int hport, char *remote_v
61 char *remote_protocol); 61 char *remote_protocol);
62 62
63int main(int argc, char **argv) { 63int main(int argc, char **argv) {
64#ifdef __OpenBSD__
65 /* - rpath is required to read --extra-opts (given up later)
66 * - inet is required for sockets
67 * - unix is required for Unix domain sockets
68 * - dns is required for name lookups */
69 pledge("stdio rpath inet unix dns", NULL);
70#endif // __OpenBSD__
71
64 setlocale(LC_ALL, ""); 72 setlocale(LC_ALL, "");
65 bindtextdomain(PACKAGE, LOCALEDIR); 73 bindtextdomain(PACKAGE, LOCALEDIR);
66 textdomain(PACKAGE); 74 textdomain(PACKAGE);
@@ -74,6 +82,10 @@ int main(int argc, char **argv) {
74 usage4(_("Could not parse arguments")); 82 usage4(_("Could not parse arguments"));
75 } 83 }
76 84
85#ifdef __OpenBSD__
86 pledge("stdio inet unix dns", NULL);
87#endif // __OpenBSD__
88
77 check_ssh_config config = tmp_config.config; 89 check_ssh_config config = tmp_config.config;
78 90
79 mp_check overall = mp_check_init(); 91 mp_check overall = mp_check_init();
@@ -161,11 +173,7 @@ process_arguments_wrapper process_arguments(int argc, char **argv) {
161 address_family = AF_INET; 173 address_family = AF_INET;
162 break; 174 break;
163 case '6': 175 case '6':
164#ifdef USE_IPV6
165 address_family = AF_INET6; 176 address_family = AF_INET6;
166#else
167 usage4(_("IPv6 support not available"));
168#endif
169 break; 177 break;
170 case 'r': /* remote version */ 178 case 'r': /* remote version */
171 result.config.remote_version = optarg; 179 result.config.remote_version = optarg;
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 09806373..49a8c4c1 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -89,6 +89,14 @@ const int DEFAULT_NNTPS_PORT = 563;
89const int DEFAULT_CLAMD_PORT = 3310; 89const int DEFAULT_CLAMD_PORT = 3310;
90 90
91int main(int argc, char **argv) { 91int main(int argc, char **argv) {
92#ifdef __OpenBSD__
93 /* - rpath is required to read --extra-opts (given up later)
94 * - inet is required for sockets
95 * - unix is required for Unix domain sockets
96 * - dns is required for name lookups */
97 pledge("stdio rpath inet unix dns", NULL);
98#endif // __OpenBSD__
99
92 setlocale(LC_ALL, ""); 100 setlocale(LC_ALL, "");
93 bindtextdomain(PACKAGE, LOCALEDIR); 101 bindtextdomain(PACKAGE, LOCALEDIR);
94 textdomain(PACKAGE); 102 textdomain(PACKAGE);
@@ -216,6 +224,10 @@ int main(int argc, char **argv) {
216 usage4(_("Could not parse arguments")); 224 usage4(_("Could not parse arguments"));
217 } 225 }
218 226
227#ifdef __OpenBSD__
228 pledge("stdio inet unix dns", NULL);
229#endif // __OpenBSD__
230
219 config = paw.config; 231 config = paw.config;
220 232
221 if (verbosity > 0) { 233 if (verbosity > 0) {
@@ -571,11 +583,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
571 address_family = AF_INET; 583 address_family = AF_INET;
572 break; 584 break;
573 case '6': // Apparently unused TODO 585 case '6': // Apparently unused TODO
574#ifdef USE_IPV6
575 address_family = AF_INET6; 586 address_family = AF_INET6;
576#else
577 usage4(_("IPv6 support not available"));
578#endif
579 break; 587 break;
580 case 'H': /* hostname */ 588 case 'H': /* hostname */
581 config.host_specified = true; 589 config.host_specified = true;
diff --git a/plugins/check_time.c b/plugins/check_time.c
index fc9ba3f9..99708ad3 100644
--- a/plugins/check_time.c
+++ b/plugins/check_time.c
@@ -68,6 +68,7 @@ int main(int argc, char **argv) {
68 68
69 /* set socket timeout */ 69 /* set socket timeout */
70 alarm(socket_timeout); 70 alarm(socket_timeout);
71 time_t start_time;
71 time(&start_time); 72 time(&start_time);
72 73
73 int socket; 74 int socket;
@@ -113,6 +114,7 @@ int main(int argc, char **argv) {
113 close(socket); 114 close(socket);
114 115
115 /* reset the alarm */ 116 /* reset the alarm */
117 time_t end_time;
116 time(&end_time); 118 time(&end_time);
117 alarm(0); 119 alarm(0);
118 120
diff --git a/plugins/check_users.c b/plugins/check_users.c
index 3b2e265e..4027d21a 100644
--- a/plugins/check_users.c
+++ b/plugins/check_users.c
@@ -222,7 +222,7 @@ check_users_config_wrapper process_arguments(int argc, char **argv) {
222 exit(STATE_UNKNOWN); 222 exit(STATE_UNKNOWN);
223 } 223 }
224 224
225 if (tmp.error == MP_PARSING_SUCCES) { 225 if (tmp.error == MP_PARSING_SUCCESS) {
226 result.config.thresholds.warning = tmp.range; 226 result.config.thresholds.warning = tmp.range;
227 result.config.thresholds.warning_is_set = true; 227 result.config.thresholds.warning_is_set = true;
228 } else { 228 } else {
@@ -238,7 +238,7 @@ check_users_config_wrapper process_arguments(int argc, char **argv) {
238 exit(STATE_UNKNOWN); 238 exit(STATE_UNKNOWN);
239 } 239 }
240 240
241 if (tmp.error == MP_PARSING_SUCCES) { 241 if (tmp.error == MP_PARSING_SUCCESS) {
242 result.config.thresholds.critical = tmp.range; 242 result.config.thresholds.critical = tmp.range;
243 result.config.thresholds.critical_is_set = true; 243 result.config.thresholds.critical_is_set = true;
244 } else { 244 } else {
diff --git a/plugins/netutils.c b/plugins/netutils.c
index b4c6ff0a..f9933ebd 100644
--- a/plugins/netutils.c
+++ b/plugins/netutils.c
@@ -38,11 +38,7 @@ mp_state_enum socket_timeout_state = STATE_CRITICAL;
38mp_state_enum econn_refuse_state = STATE_CRITICAL; 38mp_state_enum econn_refuse_state = STATE_CRITICAL;
39bool was_refused = false; 39bool was_refused = false;
40 40
41#if USE_IPV6
42int address_family = AF_UNSPEC; 41int address_family = AF_UNSPEC;
43#else
44int address_family = AF_INET;
45#endif
46 42
47/* handles socket timeouts */ 43/* handles socket timeouts */
48void socket_timeout_alarm_handler(int sig) { 44void socket_timeout_alarm_handler(int sig) {
@@ -348,7 +344,6 @@ void host_or_die(const char *str) {
348} 344}
349 345
350bool is_addr(const char *address) { 346bool is_addr(const char *address) {
351#ifdef USE_IPV6
352 if (address_family == AF_INET && is_inet_addr(address)) { 347 if (address_family == AF_INET && is_inet_addr(address)) {
353 return true; 348 return true;
354 } 349 }
@@ -356,11 +351,6 @@ bool is_addr(const char *address) {
356 if (address_family == AF_INET6 && is_inet6_addr(address)) { 351 if (address_family == AF_INET6 && is_inet6_addr(address)) {
357 return true; 352 return true;
358 } 353 }
359#else
360 if (is_inet_addr(address)) {
361 return true;
362 }
363#endif
364 354
365 return false; 355 return false;
366} 356}
diff --git a/plugins/netutils.h b/plugins/netutils.h
index dbd22398..f3d046c3 100644
--- a/plugins/netutils.h
+++ b/plugins/netutils.h
@@ -78,12 +78,8 @@ bool dns_lookup(const char *, struct sockaddr_storage *, int);
78void host_or_die(const char *str); 78void host_or_die(const char *str);
79#define resolve_host_or_addr(addr, family) dns_lookup(addr, NULL, family) 79#define resolve_host_or_addr(addr, family) dns_lookup(addr, NULL, family)
80#define is_inet_addr(addr) resolve_host_or_addr(addr, AF_INET) 80#define is_inet_addr(addr) resolve_host_or_addr(addr, AF_INET)
81#ifdef USE_IPV6
82# define is_inet6_addr(addr) resolve_host_or_addr(addr, AF_INET6) 81# define is_inet6_addr(addr) resolve_host_or_addr(addr, AF_INET6)
83# define is_hostname(addr) resolve_host_or_addr(addr, address_family) 82# define is_hostname(addr) resolve_host_or_addr(addr, address_family)
84#else
85# define is_hostname(addr) resolve_host_or_addr(addr, AF_INET)
86#endif
87 83
88extern unsigned int socket_timeout; 84extern unsigned int socket_timeout;
89extern mp_state_enum socket_timeout_state; 85extern mp_state_enum socket_timeout_state;
diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t
index 2c2fafde..a8326f12 100644
--- a/plugins/t/check_curl.t
+++ b/plugins/t/check_curl.t
@@ -13,7 +13,7 @@ use vars qw($tests $has_ipv6);
13BEGIN { 13BEGIN {
14 use NPTest; 14 use NPTest;
15 $has_ipv6 = NPTest::has_ipv6(); 15 $has_ipv6 = NPTest::has_ipv6();
16 $tests = $has_ipv6 ? 55 : 53; 16 $tests = $has_ipv6 ? 57 : 92;
17 plan tests => $tests; 17 plan tests => $tests;
18} 18}
19 19
@@ -25,7 +25,13 @@ my $plugin = 'check_http';
25$plugin = 'check_curl' if $0 =~ m/check_curl/mx; 25$plugin = 'check_curl' if $0 =~ m/check_curl/mx;
26 26
27my $host_tcp_http = getTestParameter("NP_HOST_TCP_HTTP", "A host providing the HTTP Service (a web server)", "localhost"); 27my $host_tcp_http = getTestParameter("NP_HOST_TCP_HTTP", "A host providing the HTTP Service (a web server)", "localhost");
28my $host_tcp_http_subdomain = getTestParameter("NP_HOST_TCP_HTTP_SUBDOMAIN", "A host that is served under a subdomain name", "subdomain1.localhost.com");
29my $host_tcp_http_ipv4 = getTestParameter("NP_HOST_TCP_HTTP_IPV4", "An IPv6 address providing a HTTP Service (a web server)", "127.0.0.1");
30my $host_tcp_http_ipv4_cidr_1 = getTestParameter("NP_HOST_TCP_HTTP_IPV4_CIDR_1", "A CIDR that the provided IPv4 address is in.");
31my $host_tcp_http_ipv4_cidr_2 = getTestParameter("NP_HOST_TCP_HTTP_IPV4_CIDR_2", "A CIDR that the provided IPv4 address is in.");
28my $host_tcp_http_ipv6 = getTestParameter("NP_HOST_TCP_HTTP_IPV6", "An IPv6 address providing a HTTP Service (a web server)", "::1"); 32my $host_tcp_http_ipv6 = getTestParameter("NP_HOST_TCP_HTTP_IPV6", "An IPv6 address providing a HTTP Service (a web server)", "::1");
33my $host_tcp_http_ipv6_cidr_1 = getTestParameter("NP_HOST_TCP_HTTP_IPV6_CIDR_1", "A CIDR that the provided IPv6 address is in.");
34my $host_tcp_http_ipv6_cidr_2 = getTestParameter("NP_HOST_TCP_HTTP_IPV6_CIDR_2", "A CIDR that the provided IPv6 address is in.");
29my $host_tls_http = getTestParameter("NP_HOST_TLS_HTTP", "A host providing the HTTPS Service (a tls web server)", "localhost"); 35my $host_tls_http = getTestParameter("NP_HOST_TLS_HTTP", "A host providing the HTTPS Service (a tls web server)", "localhost");
30my $host_tls_cert = getTestParameter("NP_HOST_TLS_CERT", "the common name of the certificate.", "localhost"); 36my $host_tls_cert = getTestParameter("NP_HOST_TLS_CERT", "the common name of the certificate.", "localhost");
31my $host_nonresponsive = getTestParameter("NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1"); 37my $host_nonresponsive = getTestParameter("NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1");
@@ -222,3 +228,110 @@ SKIP: {
222 $res = NPTest->testCmd( "./$plugin -H monitoring-plugins.org --extended-perfdata" ); 228 $res = NPTest->testCmd( "./$plugin -H monitoring-plugins.org --extended-perfdata" );
223 like ( $res->output, '/\'time_connect\'=[\d\.]+/', 'Extended Performance Data Output OK' ); 229 like ( $res->output, '/\'time_connect\'=[\d\.]+/', 'Extended Performance Data Output OK' );
224} 230}
231SKIP: {
232 skip "No internet access", 2 if $internet_access eq "no";
233
234 # Proxy tests
235 # These are the proxy tests that require a working proxy server
236 # The debian container in the github workflow runs a squid proxy server at port 3128
237 # Test that dont require one, like argument/environment variable parsing are in plugins/tests/check_curl.t
238
239 # Test if proxy works
240 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
241 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
242 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
243
244 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
245 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
246 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv4 works" );
247
248 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
249 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
250 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv6 works" );
251
252 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
253 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
254 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http2 works" );
255
256 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
257 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
258 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_subdomain works" );
259
260 $res = NPTest->testCmd( "./$plugin -H $host_tls_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
261 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used, there are no preventative measures ");
262 is( $res->return_code, 0, "Using proxy http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tls_http works" );
263
264 # Noproxy '*' should prevent using proxy in any setting, even if its specified
265 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
266 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" ");
267 is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or without proxy." );
268
269 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
270 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" ");
271 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
272
273 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
274 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since noproxy has \"\*\" ");
275 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
276
277 # Noproxy domain should prevent using proxy for subdomains of that domain
278 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http -v" );
279 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since subdomain: $host_tcp_http_subdomain is under a noproxy domain: $host_tcp_http");
280 is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or without proxy." );
281
282 # Noproxy should prevent using IP matches if an IP is found directly
283 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4 -v" );
284 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is added into noproxy: $host_tcp_http_ipv4");
285 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
286
287 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6 -v" );
288 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is added into noproxy: $host_tcp_http_ipv6");
289 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
290
291 # Noproxy should prevent using IP matches if a CIDR region that contains that Ip is used directly.
292 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_1 -v" );
293 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is inside CIDR range: $host_tcp_http_ipv4_cidr_1");
294 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
295
296 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_2 -v" );
297 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv4 is inside CIDR range: $host_tcp_http_ipv4_cidr_2");
298 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or without proxy." );
299
300 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_1 -v " );
301 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is inside CIDR range: $host_tcp_http_ipv6_cidr_1");
302 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
303
304 $res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_2 -v" );
305 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used since IP address: $host_tcp_http_ipv6 is inside CIDR range: $host_tcp_http_ipv6_cidr_2");
306 is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or without proxy." );
307
308 # Noproxy should discern over different types of proxy schemes
309 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy http://$host_tcp_proxy:$port_tcp_proxy -v" );
310 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme http ");
311 is( $res->return_code, 0, "Using proxy http:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
312
313 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy https://$host_tcp_proxy:$port_tcp_proxy -v" );
314 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme https");
315 # Squid is not configured for https
316 # is( $res->return_code, 0, "Using proxy https:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
317
318 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks4://$host_tcp_proxy:$port_tcp_proxy -v" );
319 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used for resolving hostname, and is using scheme socks4");
320 # Squid is not configured for socks4
321 # is( $res->return_code, 0, "Using proxy socks4:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
322
323 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks4a://$host_tcp_proxy:$port_tcp_proxy -v" );
324 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme socks4a");
325 # Squid is not configured for socks4a
326 # is( $res->return_code, 0, "Using proxy socks4a:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
327
328 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks5://$host_tcp_proxy:$port_tcp_proxy -v" );
329 like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used for resolving hostname, and is using scheme socks5");
330 # Squid is not configured for socks5
331 # is( $res->return_code, 0, "Using proxy socks5:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
332
333 $res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy socks5h://$host_tcp_proxy:$port_tcp_proxy -v" );
334 like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for resolving hostname, and is using scheme socks5h");
335 # Squid is not configured for socks5h
336 # is( $res->return_code, 0, "Using proxy socks5h:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
337}
diff --git a/plugins/t/check_disk.t b/plugins/t/check_disk.t
index 0f62fb2b..72a83ea4 100644
--- a/plugins/t/check_disk.t
+++ b/plugins/t/check_disk.t
@@ -80,14 +80,25 @@ if($free_percent_on_mp1 == $avg_free_percent || $free_percent_on_mp2 == $avg_fre
80 die "One mountpoints has average space free - cannot do rest of test"; 80 die "One mountpoints has average space free - cannot do rest of test";
81} 81}
82 82
83my $free_inodes_on_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2]->{'perfdata'}->[0]->{'value'}->{'value'}; 83my $used_inodes_on_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2]->{'perfdata'}->[0]->{'value'}->{'value'};
84my $total_inodes_on_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2]->{'perfdata'}->[0]->{'max'}->{'value'}; 84my $total_inodes_on_mp1 = $result->{'mp_test_result'}->{'checks'}->[1]->{'checks'}[2]->{'perfdata'}->[0]->{'max'}->{'value'};
85
86my $free_inodes_on_mp1 = $total_inodes_on_mp1 - $used_inodes_on_mp1;
85my $free_inode_percentage_on_mp1 = $free_inodes_on_mp1 / ($total_inodes_on_mp1 / 100); 87my $free_inode_percentage_on_mp1 = $free_inodes_on_mp1 / ($total_inodes_on_mp1 / 100);
86 88
87my $free_inodes_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[2]->{'perfdata'}->[0]->{'value'}->{'value'}; 89# print("free inodes on mp1: " . $free_inodes_on_mp1 . "\n");
90# print("total inodes on mp1: " . $total_inodes_on_mp1 . "\n");
91# print("free inode percentage on mp1: " . $free_inode_percentage_on_mp1 . "\n");
92
93my $used_inodes_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[2]->{'perfdata'}->[0]->{'value'}->{'value'};
88my $total_inodes_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[2]->{'perfdata'}->[0]->{'max'}->{'value'}; 94my $total_inodes_on_mp2 = $result->{'mp_test_result'}->{'checks'}->[0]->{'checks'}[2]->{'perfdata'}->[0]->{'max'}->{'value'};
95my $free_inodes_on_mp2 = $total_inodes_on_mp2 - $used_inodes_on_mp2;
89my $free_inode_percentage_on_mp2 = $free_inodes_on_mp2 / ($total_inodes_on_mp2 / 100); 96my $free_inode_percentage_on_mp2 = $free_inodes_on_mp2 / ($total_inodes_on_mp2 / 100);
90 97
98# print("free inodes on mp2: " . $free_inodes_on_mp2 . "\n");
99# print("total inodes on mp2: " . $total_inodes_on_mp2 . "\n");
100# print("free inode percentage on mp2: " . $free_inode_percentage_on_mp2 . "\n");
101
91my $avg_inode_free_percentage = ceil(($free_inode_percentage_on_mp1 + $free_inode_percentage_on_mp2)/2); 102my $avg_inode_free_percentage = ceil(($free_inode_percentage_on_mp1 + $free_inode_percentage_on_mp2)/2);
92my ($more_inode_free, $less_inode_free); 103my ($more_inode_free, $less_inode_free);
93if ($free_inode_percentage_on_mp1 > $free_inode_percentage_on_mp2) { 104if ($free_inode_percentage_on_mp1 > $free_inode_percentage_on_mp2) {
diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
index 248eb4c5..94058d5b 100755
--- a/plugins/tests/check_curl.t
+++ b/plugins/tests/check_curl.t
@@ -27,8 +27,8 @@ use HTTP::Daemon::SSL;
27 27
28$ENV{'LC_TIME'} = "C"; 28$ENV{'LC_TIME'} = "C";
29 29
30my $common_tests = 95; 30my $common_tests = 111;
31my $ssl_only_tests = 8; 31my $ssl_only_tests = 12;
32# Check that all dependent modules are available 32# Check that all dependent modules are available
33eval "use HTTP::Daemon 6.01;"; 33eval "use HTTP::Daemon 6.01;";
34plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@; 34plan skip_all => 'HTTP::Daemon >= 6.01 required' if $@;
@@ -41,7 +41,7 @@ my $plugin = 'check_http';
41$plugin = 'check_curl' if $0 =~ m/check_curl/mx; 41$plugin = 'check_curl' if $0 =~ m/check_curl/mx;
42 42
43# look for libcurl version to see if some advanced checks are possible (>= 7.49.0) 43# look for libcurl version to see if some advanced checks are possible (>= 7.49.0)
44my $advanced_checks = 12; 44my $advanced_checks = 16;
45my $use_advanced_checks = 0; 45my $use_advanced_checks = 0;
46my $required_version = '7.49.0'; 46my $required_version = '7.49.0';
47my $virtual_host = 'www.somefunnyhost.com'; 47my $virtual_host = 'www.somefunnyhost.com';
@@ -410,6 +410,41 @@ SKIP: {
410 $result = NPTest->testCmd( $cmd ); 410 $result = NPTest->testCmd( $cmd );
411 is( $result->return_code, 0, $cmd); 411 is( $result->return_code, 0, $cmd);
412 like( $result->output, '/.*HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second.*/', "Output correct: ".$result->output ); 412 like( $result->output, '/.*HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second.*/', "Output correct: ".$result->output );
413
414 # curlopt proxy/noproxy parsing tests, ssl disabled
415 {
416 # Make a scope and change environment variables here, to not mess them up for other tests using environment variables
417
418 local $ENV{"http_proxy"} = 'http://proxy.example.com:8080';
419 $cmd = "$command -u /statuscode/200 -v";
420 $result = NPTest->testCmd( $cmd );
421 like( $result->output, '/.*CURLOPT_PROXY: http://proxy.example.com:8080 */', "Correctly took 'http_proxy' environment variable: ".$result->output );
422 delete($ENV{"http_proxy"});
423
424 local $ENV{"http_proxy"} = 'http://taken.proxy.example:8080';
425 local $ENV{"HTTP_PROXY"} = 'http://discarded.proxy.example:8080';
426 $cmd = "$command -u /statuscode/200 -v";
427 $result = NPTest->testCmd( $cmd );
428 like( $result->output, '/.*CURLOPT_PROXY: http://taken.proxy.example:8080 */', "Correctly took 'http_proxy' environment variable over 'HTTP_PROXY': ".$result->output );
429 delete(local $ENV{"http_proxy"});
430 delete(local $ENV{"HTTP_PROXY"});
431
432 local $ENV{"http_proxy"} = 'http://discarded1.proxy.example:8080';
433 local $ENV{"HTTP_PROXY"} = 'http://discarded2.proxy.example:8080';
434 $cmd = "$command -u /statuscode/200 -x 'http://taken.proxy.example:8080' -v";
435 $result = NPTest->testCmd( $cmd );
436 like( $result->output, '/.*CURLOPT_PROXY: http://taken.proxy.example:8080 */', "Argument -x overwrote 'http_proxy' and 'HTTP_PROXY' environment variables: ".$result->output );
437 delete(local $ENV{"http_proxy"});
438 delete(local $ENV{"HTTP_PROXY"});
439
440 local $ENV{"http_proxy"} = 'http://discarded1.proxy.example:8080';
441 local $ENV{"HTTP_PROXY"} = 'http://discarded2.proxy.example:8080';
442 $cmd = "$command -u /statuscode/200 --proxy 'http://taken.example.com:8080' -v";
443 $result = NPTest->testCmd( $cmd );
444 like( $result->output, '/.*CURLOPT_PROXY: http://taken.example.com:8080 */', "Argument --proxy overwrote 'http_proxy' and 'HTTP_PROXY' environment variables: ".$result->output );
445 delete(local $ENV{"http_proxy"});
446 delete(local $ENV{"HTTP_PROXY"});
447 }
413} 448}
414 449
415# and the same for SSL 450# and the same for SSL
@@ -432,6 +467,41 @@ SKIP: {
432 $result = NPTest->testCmd( $cmd ); 467 $result = NPTest->testCmd( $cmd );
433 is( $result->return_code, 0, $cmd); 468 is( $result->return_code, 0, $cmd);
434 like( $result->output, '/.*HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second.*/', "Output correct: ".$result->output ); 469 like( $result->output, '/.*HTTP/1.1 200 OK - \d+ bytes in [\d\.]+ second.*/', "Output correct: ".$result->output );
470
471 # curlopt proxy/noproxy parsing tests, ssl enabled
472 {
473 # Make a scope and change environment variables here, to not mess them up for other tests using environment variables
474
475 local $ENV{"https_proxy"} = 'http://proxy.example.com:8080';
476 $cmd = "$command -u /statuscode/200 --ssl -v";
477 $result = NPTest->testCmd( $cmd );
478 like( $result->output, '/.*CURLOPT_PROXY: http://proxy.example.com:8080 */', "Correctly took 'https_proxy' environment variable: ".$result->output );
479 delete($ENV{"https_proxy"});
480
481 local $ENV{"https_proxy"} = 'http://taken.proxy.example:8080';
482 local $ENV{"HTTPS_PROXY"} = 'http://discarded.proxy.example:8080';
483 $cmd = "$command -u /statuscode/200 --ssl -v";
484 $result = NPTest->testCmd( $cmd );
485 like( $result->output, '/.*CURLOPT_PROXY: http://taken.proxy.example:8080 */', "Correctly took 'https_proxy' environment variable over 'HTTPS_PROXY': ".$result->output );
486 delete(local $ENV{"https_proxy"});
487 delete(local $ENV{"HTTPS_PROXY"});
488
489 local $ENV{"https_proxy"} = 'http://discarded1.proxy.example:8080';
490 local $ENV{"HTTPS_PROXY"} = 'http://discarded2.proxy.example:8080';
491 $cmd = "$command -u /statuscode/200 --ssl -x 'http://taken.example.com:8080' -v";
492 $result = NPTest->testCmd( $cmd );
493 like( $result->output, '/.*CURLOPT_PROXY: http://taken.example.com:8080 */', "Argument -x overwrote environment variables 'https_proxy' and 'HTTPS_PROXY': ".$result->output );
494 delete(local $ENV{"https_proxy"});
495 delete(local $ENV{"HTTPS_PROXY"});
496
497 local $ENV{"https_proxy"} = 'http://discarded1.proxy.example:8080';
498 local $ENV{"HTTPS_PROXY"} = 'http://discarded2.proxy.example:8080';
499 $cmd = "$command -u /statuscode/200 --ssl --proxy 'http://taken.example.com:8080' -v";
500 $result = NPTest->testCmd( $cmd );
501 like( $result->output, '/.*CURLOPT_PROXY: http://taken.example.com:8080 */', "Argument --proxy overwrote environment variables 'https_proxy' and 'HTTPS_PROXY': ".$result->output );
502 delete(local $ENV{"https_proxy"});
503 delete(local $ENV{"HTTPS_PROXY"});
504 }
435} 505}
436 506
437 507
@@ -712,4 +782,63 @@ sub run_common_tests {
712 $result = NPTest->testCmd( $cmd, 5 ); 782 $result = NPTest->testCmd( $cmd, 5 );
713 }; 783 };
714 is( $@, "", $cmd ); 784 is( $@, "", $cmd );
785
786 # curlopt proxy/noproxy parsing tests
787 {
788 # Make a scope and change environment variables here, to not mess them up for other tests using environment variables
789
790 local $ENV{"no_proxy"} = 'internal.acme.org';
791 $cmd = "$command -u /statuscode/200 -v";
792 $result = NPTest->testCmd( $cmd );
793 like( $result->output, '/.* curl CURLOPT_NOPROXY: internal.acme.org */', "Correctly took 'no_proxy' environment variable: ".$result->output );
794 delete($ENV{"no_proxy"});
795
796 local $ENV{"no_proxy"} = 'taken.acme.org';
797 local $ENV{"NO_PROXY"} = 'discarded.acme.org';
798 $cmd = "$command -u /statuscode/200 -v";
799 $result = NPTest->testCmd( $cmd );
800 is( $result->return_code, 0, $cmd);
801 like( $result->output, '/.*CURLOPT_NOPROXY: taken.acme.org*/', "Correctly took 'no_proxy' environment variable over 'NO_PROXY': ".$result->output );
802 delete(local $ENV{"no_proxy"});
803 delete(local $ENV{"NO_PROXY"});
804
805 local $ENV{"no_proxy"} = 'taken.acme.org';
806 local $ENV{"NO_PROXY"} = 'discarded.acme.org';
807 $cmd = "$command -u /statuscode/200 --noproxy 'taken.acme.org' -v";
808 $result = NPTest->testCmd( $cmd );
809 is( $result->return_code, 0, $cmd);
810 like( $result->output, '/.*CURLOPT_NOPROXY: taken.acme.org*/', "Argument --noproxy overwrote environment variables 'no_proxy' and 'NO_PROXY': ".$result->output );
811 delete(local $ENV{"no_proxy"});
812 delete(local $ENV{"NO_PROXY"});
813
814 $cmd = "$command -u /statuscode/200 --noproxy 'internal1.acme.org,internal2.acme.org,internal3.acme.org' -v";
815 $result = NPTest->testCmd( $cmd );
816 is( $result->return_code, 0, $cmd);
817 like( $result->output, '/.*CURLOPT_NOPROXY: internal1.acme.org,internal2.acme.org,internal3.acme.org*/', "Argument --noproxy read multiple noproxy domains: ".$result->output );
818
819 $cmd = "$command -u /statuscode/200 --noproxy '10.11.12.13,256.256.256.256,0.0.0.0,192.156.0.0/22,10.0.0.0/4' -v";
820 $result = NPTest->testCmd( $cmd );
821 is( $result->return_code, 0, $cmd);
822 like( $result->output, '/.*CURLOPT_NOPROXY: 10.11.12.13,256.256.256.256,0.0.0.0,192.156.0.0/22,10.0.0.0/4*/', "Argument --noproxy took multiple noproxy domains: ".$result->output );
823
824 $cmd = "$command -u /statuscode/200 --noproxy '0123:4567:89AB:CDEF:0123:4567:89AB:CDEF,0123::CDEF,0123:4567/96,[::1],::1,[1234::5678:ABCD/4]' -v";
825 $result = NPTest->testCmd( $cmd );
826 is( $result->return_code, 0, $cmd);
827 like( $result->output, '/.*CURLOPT_NOPROXY: 0123:4567:89AB:CDEF:0123:4567:89AB:CDEF,0123::CDEF,0123:4567\/96,\[::1\],::1,\[1234::5678:ABCD\/4\].*/', "Argument --noproxy took multiple noproxy domains: ".$result->output );
828
829 $cmd = "$command -u /statuscode/200 --noproxy '300.400.500.600,1.2.3,XYZD:0123::,1:2:3:4:5:6:7,1::2::3,1.1.1.1/64,::/256' -v";
830 $result = NPTest->testCmd( $cmd );
831 is( $result->return_code, 0, $cmd);
832
833 $cmd = "$command -u /statuscode/200 --proxy http://proxy.example.com:8080 --noproxy '*' -v";
834 $result = NPTest->testCmd( $cmd );
835 is( $result->return_code, 0, $cmd);
836 like( $result->output, '/.*proxy_resolves_hostname: 0.*/', "Proxy will not be used due to '*' in noproxy: ".$result->output );
837
838 $cmd = "$command -u /statuscode/200 --proxy http://proxy.example.com:8080 --noproxy '127.0.0.1' -v";
839 $result = NPTest->testCmd( $cmd );
840 is( $result->return_code, 0, $cmd);
841 like( $result->output, '/.*proxy_resolves_hostname: 0.*/', "Proxy will not be used due to '127.0.0.1' in noproxy: ".$result->output );
842 }
843
715} 844}
diff --git a/plugins/utils.c b/plugins/utils.c
index 41fe5fcf..dc6f5a85 100644
--- a/plugins/utils.c
+++ b/plugins/utils.c
@@ -40,7 +40,6 @@ extern const char *progname;
40#define STRLEN 64 40#define STRLEN 64
41#define TXTBLK 128 41#define TXTBLK 128
42 42
43time_t start_time, end_time;
44 43
45void usage(const char *msg) { 44void usage(const char *msg) {
46 printf("%s\n", msg); 45 printf("%s\n", msg);
diff --git a/plugins/utils.h b/plugins/utils.h
index 1f0e021b..68ff1630 100644
--- a/plugins/utils.h
+++ b/plugins/utils.h
@@ -32,8 +32,6 @@ suite of plugins. */
32void support(void); 32void support(void);
33void print_revision(const char *, const char *); 33void print_revision(const char *, const char *);
34 34
35extern time_t start_time, end_time;
36
37/* Test input types */ 35/* Test input types */
38 36
39bool is_integer(char *); 37bool is_integer(char *);