summaryrefslogtreecommitdiffstats
path: root/plugins/check_curl.c
AgeCommit message (Collapse)AuthorFilesLines
6 daysMerge pull request #2210 from sthen/curl_typescoverity/masterLorenz Kästle1-10/+10
fix types for most curl_easy_setopt parameters
6 daysMerge branch 'master' into fix/check-curl-append-query-string-on-redirectLorenz Kästle1-3/+7
11 daysfix types for most curl_easy_setopt parametersStuart Henderson1-10/+10
according to https://curl.se/libcurl/c/curl_easy_setopt.html, parameters are either a long, a function pointer, an object pointer or a curl_off_t, depending on what the option expects; curl 8.16 checks and warns about these.
2025-12-14check_curl: --verify-cert / -D in examples (#2204)Alvar1-3/+7
Include the -D flag for certificate verification in the "CHECK CERTIFICATE" examples. Otherwise, only the certificate dates are checked, but not if the certificate matches to the hostname or is signed by a trusted CA. Fixes #2146.
2025-12-04append the query string from parsed uriAhmet Oeztuerk1-1/+20
Check the UriUriA object, and if query string exists append it to the new_url. Only appends the query part, fragments are still not appended Function redir parses the new location header value using the uriParseUriA function already, which populates the query field. This field was already being printed, but it was not being appended to the new_url during its construction. Redirection chain of check_curl --onredirect=follow now mimics the chain of check_http --onredirect=follow. Tested on the url: mail.google.com/chat
2025-11-28Fix/check curl sticky redir (#2188)Lorenz Kästle1-7/+3
* check_curl: avoid freeing memory when we don't know where it came from * check_curl: when using -f sticky conserve IPv6 addresses properly When running the check on an ipv6 address with a sticky onredirect policy like in this example: check_curl -6 -H example.com -I ::1 -f sticky It results in a getaddrinfo error: HTTP CRITICAL - Unable to lookup IP address for '[::1]': getaddrinfo returned -3 - Temporary failure in name resolution This happens because in check_http() if the content of server_addr is an ipv6 address enclosing brackets are added and on redirection a subsequent call to check_http() will pass this now bracketed value to getaddrinfo resulting in the error. To work around this, strip the brackets from the address prior to the lookup_host() call. * add Michael Jeanson to thanks
2025-11-27Merge pull request #2185 from RincewindsHat/fix/curl_segfaultLorenz Kästle1-0/+5
check_curl: abort redir if location is not found
2025-11-27Remove some superfluous newlinesLorenz Kästle1-2/+2
2025-11-27check_curl: try to be more helpful in check_curls helpLorenz Kästle1-2/+5
Trying to be more specific with the check_curl help. The idea is to clarify how the parameters are supposed to be used.
2025-11-27check_curl: abort redir if location is not foundLorenz Kästle1-0/+5
This commit changes the behaviour of check_curl slightly. Previously when the redirection method was set to the old 'check_http' style redirection and there was no "location" header in the original answer 'check_curl' segfaulted. Now, at least it dies properly with a message.
2025-09-15Add output formatting optionLorenz Kästle1-1/+21
2025-09-15Fix typo in error messageLorenz Kästle1-1/+1
2025-09-15Add new cert check functionLorenz Kästle1-1/+2
2025-09-15check_curl: fix perfdata labelLorenz Kästle1-1/+1
2025-09-15check_curl: finish after cert without continue paramLorenz Kästle1-1/+1
2025-09-15Fix regex matchingLorenz Kästle1-5/+11
2025-09-15Improve error messageLorenz Kästle1-3/+2
2025-09-13check_curl: test adaption and output adaptionLorenz Kästle1-17/+22
2025-09-13check_curl: remove display-html optionLorenz Kästle1-24/+11
2025-09-12check_curl: implement new output mechanismLorenz Kästle1-282/+280
2025-09-12Fix struct accessLorenz Kästle1-1/+1
2025-09-12check_curl: create outsourced helpers in extra filesLorenz Kästle1-1261/+51
2025-09-11check_curl: http3 is only available with libcurl 7.66 or laterLorenz Kästle1-1/+4
2025-09-11check_curl: refactoring to modularize codeLorenz Kästle1-506/+549
2025-09-11check_curl: improve option handling a bitLorenz Kästle1-5/+5
2025-09-11check_curl: fix function signatureLorenz Kästle1-1/+2
2025-09-11check_curl: less global stateLorenz Kästle1-31/+41
2025-09-10check_curl: remove the other gotosLorenz Kästle1-5/+16
2025-09-10check_curl: remove goto logicLorenz Kästle1-122/+138
2025-09-10check_curl: pre compile regex for string matchingLorenz Kästle1-3/+4
2025-09-10check_curl: remove another global variableLorenz Kästle1-4/+2
2025-09-09check_curl: more refactoringLorenz Kästle1-350/+437
2025-08-01Quick saveLorenz Kästle1-25/+26
2025-07-14check_curl: various small improvementsLorenz Kästle1-66/+68
2025-07-06check_curl: clang-formatLorenz Kästle1-276/+495
2025-03-11Refactor check_curlLorenz Kästle1-529/+464
2025-03-10check_curl: clang-formatLorenz Kästle1-158/+271
2024-12-02check_curl: enable internal cookie handlingAndre Klärner1-1/+7
This enables us to enable curl cookie engine by specifying an empty filename as the cookie jar file. This works, since curl's CURLOPT_COOKIEFILE option allows passing an empty string as filename, which it interprets as a request to enable the cookie processing. But since CURLOPT_COOKIEJAR would now attempt to write to a file named by an empty filename, it would break again (or at least produce a warning in verbose output). Overall this is allows to handle checking URLs with cookie based sessions without persisting the cookies to disk, by using the curl-internal redirect following.
2024-11-27check_curl: update TLS notification notesLorenz Kästle1-1/+1
2024-11-09Fix false formatting directive in printfLorenz Kästle1-1/+1
2024-10-31check_curl: Linter fixesRincewindsHat1-27/+28
2024-10-31check_curl: do not export local variables and remove unused onesRincewindsHat1-129/+118
2024-10-31check_curl: Update copyrightRincewindsHat1-2/+2
2024-10-31check_curl: clang-formatRincewindsHat1-2260/+2156
2024-10-10fix check_curl: OpenSSL SSL_read: error:0A000126:SSL routines::unexpected ↵Sven Nierlein1-7/+22
eof while reading, errno 0 using check_curl on a probably embedded device responding as 'Server: GoAhead-Webs' %> check_curl -H ... -S -vvv > GET / HTTP/1.1 Host: ... User-Agent: check_curl/v2.4.0 (monitoring-plugins 2.4.0, libcurl/7.76.1 OpenSSL/3.0.7 zlib/1.2.11 brotli/1.0.9 libidn2/2.3.0 libpsl/0.21.1 (+libidn2/2.3.0) libssh/0.10.4/openssl/zlib nghttp2/1.43.0) Accept: */* Connection: close * Mark bundle as not supporting multiuse * HTTP 1.0, assume close after body < HTTP/1.0 302 Redirect < Server: GoAhead-Webs < Date: Tue Mar 26 17:57:16 2019 < Cache-Control: no-cache, no-store, must-revalidate,private < Pragma: no-cache < Expires: 0 < Content-Type: text/html < X-Frame-Options: sameorigin < X-XSS-Protection: 1; mode=block < X-Content-Type-Options: nosniff < Location: https://... < * OpenSSL SSL_read: error:0A000126:SSL routines::unexpected eof while reading, errno 0 * Closing connection 0 reading the discussion on https://github.com/openssl/openssl/discussions/22690 suggest to set the option SSL_OP_IGNORE_UNEXPECTED_EOF which makes check_curl behave like check_http at this point. Since this is a rather new flag, fencing it in ifdefs. And since there can only be one ssl ctx function, we need to move both tasks into one function.
2024-10-06Merge branch 'master' into check_curl_regex_stateLorenz Kästle1-2/+0
2024-08-29Remove experimental state from check_curlLorenz Kästle1-2/+0
2024-08-19check_curl: change help for --state-regex again to fix formattingRincewindsHat1-1/+1
2024-08-19check_curl: Parse state-regex option ignoring caseRincewindsHat1-2/+2
Previously the --state-regex option accepted only "critical" and "warning" as values. This commit changes the strcmp there to strcasecmp to be more tolerant regarding the input.
2024-08-19check_curl: Fix help for state regex optionRincewindsHat1-2/+2
The help output of `check-curl` contained a typo, the real option is `state-regex` and not `regex-state` as the help suggests. Also added the two possible options to avoid confusion.