From 9da7cd76813870632ff93659d176ead0848b8ee9 Mon Sep 17 00:00:00 2001 From: Christian Tacke <8560110+ChristianTacke@users.noreply.github.com> Date: Wed, 25 Dec 2019 21:41:17 +0100 Subject: Fix timeout_interval declarations There are different declarations for timeout_interval: lib/utils_base.c has the definition: unsigned int timeout_interval = DEFAULT_SOCKET_TIMEOUT; lib/utils_base.h has the appropiate declaration: extern unsigned int timeout_interval; plugins/popen.h has an extra declaration: extern unsigned int timeout_interval; This doesn't hurt, but it's a dupe. The one in utils_base.h should be enough, so remove this one. plugins/popen.c has a WRONG one: extern int timeout_interval; Remove it! Use #include "utils.h" to get the right one. This makes the local defines for max/min unnecassary, so remove them also. diff --git a/plugins/popen.c b/plugins/popen.c index 557fb44..9eb49b6 100644 --- a/plugins/popen.c +++ b/plugins/popen.c @@ -39,9 +39,9 @@ *****************************************************************************/ #include "common.h" +#include "utils.h" /* extern so plugin has pid to kill exec'd process on timeouts */ -extern int timeout_interval; extern pid_t *childpid; extern int *child_stderr_array; extern FILE *child_process; @@ -76,8 +76,6 @@ RETSIGTYPE popen_timeout_alarm_handler (int); #define SIG_ERR ((Sigfunc *)-1) #endif -#define min(a,b) ((a) < (b) ? (a) : (b)) -#define max(a,b) ((a) > (b) ? (a) : (b)) char *pname = NULL; /* caller can set this from argv[0] */ diff --git a/plugins/popen.h b/plugins/popen.h index fc7e78e..a5dd8fa 100644 --- a/plugins/popen.h +++ b/plugins/popen.h @@ -7,7 +7,6 @@ FILE *spopen (const char *); int spclose (FILE *); RETSIGTYPE popen_timeout_alarm_handler (int); -extern unsigned int timeout_interval; pid_t *childpid=NULL; int *child_stderr_array=NULL; FILE *child_process=NULL; -- cgit v0.10-9-g596f From f53ea7afd8e124690871ebdb79a1432e4dd14488 Mon Sep 17 00:00:00 2001 From: "Alexander A. Klimov" Date: Tue, 7 Jan 2020 20:57:24 +0100 Subject: check_tcp: add --sni diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 61333bd..1365b9c 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -86,6 +86,11 @@ static char buffer[MAXBUF]; static int expect_mismatch_state = STATE_WARNING; static int match_flags = NP_MATCH_EXACT; +#ifdef HAVE_SSL +static char *sni = NULL; +static int sni_specified = FALSE; +#endif + #define FLAG_SSL 0x01 #define FLAG_VERBOSE 0x02 #define FLAG_TIME_WARN 0x04 @@ -241,7 +246,7 @@ main (int argc, char **argv) #ifdef HAVE_SSL if (flags & FLAG_SSL){ - result = np_net_ssl_init(sd); + result = np_net_ssl_init_with_hostname(sd, (sni_specified ? sni : NULL)); if (result == STATE_OK && check_cert == TRUE) { result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); } @@ -401,6 +406,10 @@ process_arguments (int argc, char **argv) int escape = 0; char *temp; + enum { + SNI_OPTION = CHAR_MAX + 1 + }; + int option = 0; static struct option longopts[] = { {"hostname", required_argument, 0, 'H'}, @@ -427,6 +436,7 @@ process_arguments (int argc, char **argv) {"version", no_argument, 0, 'V'}, {"help", no_argument, 0, 'h'}, {"ssl", no_argument, 0, 'S'}, + {"sni", required_argument, 0, SNI_OPTION}, {"certificate", required_argument, 0, 'D'}, {0, 0, 0, 0} }; @@ -604,6 +614,15 @@ process_arguments (int argc, char **argv) die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); #endif break; + case SNI_OPTION: +#ifdef HAVE_SSL + flags |= FLAG_SSL; + sni_specified = TRUE; + sni = optarg; +#else + die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); +#endif + break; case 'A': match_flags |= NP_MATCH_ALL; break; @@ -671,6 +690,8 @@ print_help (void) printf (" %s\n", _("1st is #days for warning, 2nd is critical (if not specified - 0).")); printf (" %s\n", "-S, --ssl"); printf (" %s\n", _("Use SSL for the connection.")); + printf (" %s\n", "--sni=STRING"); + printf (" %s\n", _("SSL server_name")); #endif printf (UT_WARN_CRIT); -- cgit v0.10-9-g596f