diff options
Diffstat (limited to 'web/attachments/136573-nagiosplug-check_tcp.diff')
-rw-r--r-- | web/attachments/136573-nagiosplug-check_tcp.diff | 725 |
1 files changed, 725 insertions, 0 deletions
diff --git a/web/attachments/136573-nagiosplug-check_tcp.diff b/web/attachments/136573-nagiosplug-check_tcp.diff new file mode 100644 index 0000000..0b26f13 --- /dev/null +++ b/web/attachments/136573-nagiosplug-check_tcp.diff | |||
@@ -0,0 +1,725 @@ | |||
1 | --- ../orig.nplg/plugins/check_tcp.c 2005-05-26 14:12:21.000000000 +0200 | ||
2 | +++ plugins/check_tcp.c 2005-05-30 23:45:35.000000000 +0200 | ||
3 | @@ -47,240 +47,206 @@ | ||
4 | #endif | ||
5 | |||
6 | #ifdef HAVE_SSL | ||
7 | -int check_cert = FALSE; | ||
8 | -int days_till_exp; | ||
9 | -char *randbuff = ""; | ||
10 | -SSL_CTX *ctx; | ||
11 | -SSL *ssl; | ||
12 | -X509 *server_cert; | ||
13 | -int connect_SSL (void); | ||
14 | -int check_certificate (X509 **); | ||
15 | +static int check_cert = FALSE; | ||
16 | +static int days_till_exp; | ||
17 | +static char *randbuff = ""; | ||
18 | +static SSL_CTX *ctx; | ||
19 | +static SSL *ssl; | ||
20 | +static X509 *server_cert; | ||
21 | +static int connect_SSL (void); | ||
22 | +static int check_certificate (X509 **); | ||
23 | +# define my_recv(buf, len) ((flags & FLAG_SSL) ? SSL_read(ssl, buf, len) : read(sd, buf, len)) | ||
24 | +#else | ||
25 | +# define my_recv(buf, len) read(sd, buf, len) | ||
26 | #endif | ||
27 | |||
28 | -#define MAXBUF 1024 | ||
29 | |||
30 | -int process_arguments (int, char **); | ||
31 | -int my_recv (void); | ||
32 | +/* int my_recv(char *, size_t); */ | ||
33 | +static int process_arguments (int, char **); | ||
34 | void print_help (void); | ||
35 | void print_usage (void); | ||
36 | |||
37 | -char *SERVICE = NULL; | ||
38 | -char *SEND = NULL; | ||
39 | -char *EXPECT = NULL; | ||
40 | -char *QUIT = NULL; | ||
41 | -int PROTOCOL = 0; | ||
42 | -int PORT = 0; | ||
43 | - | ||
44 | -char timestamp[17] = ""; | ||
45 | -int server_port = 0; | ||
46 | -char *server_address = NULL; | ||
47 | -char *server_send = NULL; | ||
48 | -char *server_quit = NULL; | ||
49 | -char **server_expect = NULL; | ||
50 | -size_t server_expect_count = 0; | ||
51 | -int maxbytes = 0; | ||
52 | -char **warn_codes = NULL; | ||
53 | -size_t warn_codes_count = 0; | ||
54 | -char **crit_codes = NULL; | ||
55 | -size_t crit_codes_count = 0; | ||
56 | -unsigned int delay = 0; | ||
57 | -double warning_time = 0; | ||
58 | -int check_warning_time = FALSE; | ||
59 | -double critical_time = 0; | ||
60 | -int check_critical_time = FALSE; | ||
61 | -int hide_output = FALSE; | ||
62 | -double elapsed_time = 0; | ||
63 | -long microsec; | ||
64 | -int verbose = FALSE; | ||
65 | -int use_ssl = FALSE; | ||
66 | -int sd = 0; | ||
67 | -char *buffer; | ||
68 | -int expect_mismatch_state = STATE_WARNING; | ||
69 | -int exact_matching = TRUE; | ||
70 | +#define EXPECT server_expect[0] | ||
71 | +static char *SERVICE = "TCP"; | ||
72 | +static char *SEND = NULL | ||
73 | +static char *QUIT = NULL; | ||
74 | +static int PROTOCOL = IPPROTO_TCP; /* most common is default */ | ||
75 | +static int PORT = 0; | ||
76 | + | ||
77 | +static char timestamp[17] = ""; | ||
78 | +static int server_port = 0; | ||
79 | +static char *server_address = NULL; | ||
80 | +static char *server_send = NULL; | ||
81 | +static char *server_quit = NULL; | ||
82 | +static char **server_expect; | ||
83 | +static size_t server_expect_count = 0; | ||
84 | +static size_t maxbytes = 0; | ||
85 | +static char **warn_codes = NULL; | ||
86 | +static size_t warn_codes_count = 0; | ||
87 | +static char **crit_codes = NULL; | ||
88 | +static size_t crit_codes_count = 0; | ||
89 | +static unsigned int delay = 0; | ||
90 | +static double warning_time = 0; | ||
91 | +static double critical_time = 0; | ||
92 | +static double elapsed_time = 0; | ||
93 | +static long microsec; | ||
94 | +static int sd = 0; | ||
95 | +#define MAXBUF 1024 | ||
96 | +static char buffer[MAXBUF]; | ||
97 | +static int expect_mismatch_state = STATE_WARNING; | ||
98 | + | ||
99 | +#define FLAG_SSL 0x01 | ||
100 | +#define FLAG_VERBOSE 0x02 | ||
101 | +#define FLAG_EXACT_MATCH 0x04 | ||
102 | +#define FLAG_TIME_WARN 0x08 | ||
103 | +#define FLAG_TIME_CRIT 0x10 | ||
104 | +#define FLAG_HIDE_OUTPUT 0x20 | ||
105 | +static size_t flags = FLAG_EXACT_MATCH; | ||
106 | |||
107 | int | ||
108 | main (int argc, char **argv) | ||
109 | { | ||
110 | int result = STATE_UNKNOWN; | ||
111 | int i; | ||
112 | - char *status; | ||
113 | + char *status = NULL; | ||
114 | struct timeval tv; | ||
115 | + size_t len, match = -1; | ||
116 | |||
117 | setlocale (LC_ALL, ""); | ||
118 | bindtextdomain (PACKAGE, LOCALEDIR); | ||
119 | textdomain (PACKAGE); | ||
120 | |||
121 | - if (strstr (argv[0], "check_udp")) { | ||
122 | - progname = strdup ("check_udp"); | ||
123 | - SERVICE = strdup ("UDP"); | ||
124 | - SEND = NULL; | ||
125 | - EXPECT = NULL; | ||
126 | - QUIT = NULL; | ||
127 | + /* determine program- and service-name quickly */ | ||
128 | + progname = strrchr(argv[0], '/'); | ||
129 | + if(progname != NULL) progname++; | ||
130 | + else progname = argv[0]; | ||
131 | + | ||
132 | + len = strlen(progname); | ||
133 | + if(len > 6 && !memcmp(progname, "check_", 6)) { | ||
134 | + SERVICE = progname + 6; | ||
135 | + for(i = 0; i < len - 6; i++) | ||
136 | + SERVICE[i] = toupper(SERVICE[i]); | ||
137 | + } | ||
138 | + | ||
139 | + /* set up a resonable buffer at first (will be realloc()'ed if | ||
140 | + * user specifies other options) */ | ||
141 | + server_expect = calloc(sizeof(char *), 2); | ||
142 | + | ||
143 | + /* determine defaults for this service's protocol */ | ||
144 | + if (!strncmp(SERVICE, "UDP", 3)) { | ||
145 | PROTOCOL = IPPROTO_UDP; | ||
146 | - PORT = 0; | ||
147 | } | ||
148 | - else if (strstr (argv[0], "check_tcp")) { | ||
149 | - progname = strdup ("check_tcp"); | ||
150 | - SERVICE = strdup ("TCP"); | ||
151 | - SEND = NULL; | ||
152 | - EXPECT = NULL; | ||
153 | - QUIT = NULL; | ||
154 | - PROTOCOL = IPPROTO_TCP; | ||
155 | - PORT = 0; | ||
156 | - } | ||
157 | - else if (strstr (argv[0], "check_ftp")) { | ||
158 | - progname = strdup ("check_ftp"); | ||
159 | - SERVICE = strdup ("FTP"); | ||
160 | - SEND = NULL; | ||
161 | - EXPECT = strdup ("220"); | ||
162 | - QUIT = strdup ("QUIT\r\n"); | ||
163 | - PROTOCOL = IPPROTO_TCP; | ||
164 | + else if (!strncmp(SERVICE, "FTP", 3)) { | ||
165 | + EXPECT = "220"; | ||
166 | + QUIT = "QUIT\r\n"; | ||
167 | PORT = 21; | ||
168 | } | ||
169 | - else if (strstr (argv[0], "check_smtp")) { | ||
170 | - progname = strdup ("check_smtp"); | ||
171 | - SERVICE = strdup ("SMTP"); | ||
172 | - SEND = NULL; | ||
173 | - EXPECT = strdup ("220"); | ||
174 | - QUIT = strdup ("QUIT\r\n"); | ||
175 | - PROTOCOL = IPPROTO_TCP; | ||
176 | - PORT = 25; | ||
177 | - } | ||
178 | - else if (strstr (argv[0], "check_pop")) { | ||
179 | - progname = strdup ("check_pop"); | ||
180 | - SERVICE = strdup ("POP"); | ||
181 | - SEND = NULL; | ||
182 | - EXPECT = strdup ("+OK"); | ||
183 | - QUIT = strdup ("QUIT\r\n"); | ||
184 | - PROTOCOL = IPPROTO_TCP; | ||
185 | + else if (!strncmp(SERVICE, "POP", 3) || !strncmp(SERVICE, "POP3", 4)) { | ||
186 | + EXPECT = "+OK"; | ||
187 | + QUIT = "QUIT\r\n"; | ||
188 | PORT = 110; | ||
189 | } | ||
190 | - else if (strstr (argv[0], "check_imap")) { | ||
191 | - progname = strdup ("check_imap"); | ||
192 | - SERVICE = strdup ("IMAP"); | ||
193 | - SEND = NULL; | ||
194 | - EXPECT = strdup ("* OK"); | ||
195 | - QUIT = strdup ("a1 LOGOUT\r\n"); | ||
196 | - PROTOCOL = IPPROTO_TCP; | ||
197 | + else if (!strncmp(SERVICE, "SMTP", 4)) { | ||
198 | + EXPECT = "220"; | ||
199 | + QUIT = "QUIT\r\n"; | ||
200 | + PORT = 25; | ||
201 | + } | ||
202 | + else if (!strncmp(SERVICE, "IMAP", 4)) { | ||
203 | + EXPECT = "* OK"; | ||
204 | + QUIT = "a1 LOGOUT\r\n"; | ||
205 | PORT = 143; | ||
206 | } | ||
207 | #ifdef HAVE_SSL | ||
208 | - else if (strstr(argv[0],"check_simap")) { | ||
209 | - progname = strdup ("check_simap"); | ||
210 | - SERVICE = strdup ("SIMAP"); | ||
211 | - SEND=NULL; | ||
212 | - EXPECT = strdup ("* OK"); | ||
213 | - QUIT = strdup ("a1 LOGOUT\r\n"); | ||
214 | - PROTOCOL=IPPROTO_TCP; | ||
215 | - use_ssl=TRUE; | ||
216 | - PORT=993; | ||
217 | - } | ||
218 | - else if (strstr(argv[0],"check_spop")) { | ||
219 | - progname = strdup ("check_spop"); | ||
220 | - SERVICE = strdup ("SPOP"); | ||
221 | - SEND=NULL; | ||
222 | - EXPECT = strdup ("+OK"); | ||
223 | - QUIT = strdup ("QUIT\r\n"); | ||
224 | - PROTOCOL=IPPROTO_TCP; | ||
225 | - use_ssl=TRUE; | ||
226 | - PORT=995; | ||
227 | - } | ||
228 | - else if (strstr(argv[0],"check_ssmtp")) { | ||
229 | - progname = strdup ("check_ssmtp"); | ||
230 | - SERVICE = strdup ("SSMTP"); | ||
231 | - SEND=NULL; | ||
232 | - EXPECT = strdup ("220"); | ||
233 | - QUIT = strdup ("QUIT\r\n"); | ||
234 | - PROTOCOL=IPPROTO_TCP; | ||
235 | - use_ssl=TRUE; | ||
236 | - PORT=465; | ||
237 | - } | ||
238 | - else if (strstr(argv[0],"check_jabber")) { | ||
239 | - progname = strdup("check_jabber"); | ||
240 | - SERVICE = strdup("JABBER"); | ||
241 | - SEND = strdup("<stream:stream to=\'host\' xmlns=\'jabber:client\' xmlns:stream=\'http://etherx.jabber.org/streams\'>\n"); | ||
242 | - EXPECT = strdup("<?xml version=\'1.0\'?><stream:stream xmlns:stream=\'http://etherx.jabber.org/streams\'"); | ||
243 | - QUIT = strdup("</stream:stream>\n"); | ||
244 | - PROTOCOL=IPPROTO_TCP; | ||
245 | - use_ssl=TRUE; | ||
246 | + else if (!strncmp(SERVICE, "SIMAP", 5)) { | ||
247 | + EXPECT = "* OK"; | ||
248 | + QUIT = "a1 LOGOUT\r\n"; | ||
249 | + flags |= FLAG_SSL; | ||
250 | + PORT = 993; | ||
251 | + } | ||
252 | + else if (!strncmp(SERVICE, "SPOP", 4)) { | ||
253 | + EXPECT = "+OK"; | ||
254 | + QUIT = "QUIT\r\n"; | ||
255 | + flags |= FLAG_SSL; | ||
256 | + PORT = 995; | ||
257 | + } | ||
258 | + else if (!strncmp(SERVICE, "SSMTP", 5)) { | ||
259 | + EXPECT = "220"; | ||
260 | + QUIT = "QUIT\r\n"; | ||
261 | + flags |= FLAG_SSL; | ||
262 | + PORT = 465; | ||
263 | + } | ||
264 | + else if (!strncmp(SERVICE, "JABBER", 6)) { | ||
265 | + SEND = "<stream:stream to=\'host\' xmlns=\'jabber:client\' xmlns:stream=\'http://etherx.jabber.org/streams\'>\n"; | ||
266 | + EXPECT = "<?xml version=\'1.0\'?><stream:stream xmlns:stream=\'http://etherx.jabber.org/streams\'"; | ||
267 | + QUIT = "</stream:stream>\n"; | ||
268 | + flags |= FLAG_SSL | FLAG_HIDE_OUTPUT; | ||
269 | PORT = 5222; | ||
270 | } | ||
271 | - else if (strstr (argv[0], "check_nntps")) { | ||
272 | - progname = strdup("check_nntps"); | ||
273 | - SERVICE = strdup("NNTPS"); | ||
274 | - SEND = NULL; | ||
275 | - EXPECT = NULL; | ||
276 | - server_expect = realloc (server_expect, ++server_expect_count); | ||
277 | - asprintf (&server_expect[server_expect_count - 1], "200"); | ||
278 | - server_expect = realloc (server_expect, ++server_expect_count); | ||
279 | - asprintf (&server_expect[server_expect_count - 1], "201"); | ||
280 | - QUIT = strdup("QUIT\r\n"); | ||
281 | - PROTOCOL = IPPROTO_TCP; | ||
282 | - use_ssl=TRUE; | ||
283 | + else if (!strncmp (SERVICE, "NNTPS", 5)) { | ||
284 | + server_expect_count = 2; | ||
285 | + server_expect[0] = "200"; | ||
286 | + server_expect[1] = "201"; | ||
287 | + QUIT = "QUIT\r\n"; | ||
288 | + flags |= FLAG_SSL; | ||
289 | PORT = 563; | ||
290 | -} | ||
291 | - | ||
292 | + } | ||
293 | #endif | ||
294 | - else if (strstr (argv[0], "check_nntp")) { | ||
295 | - progname = strdup ("check_nntp"); | ||
296 | - SERVICE = strdup ("NNTP"); | ||
297 | - SEND = NULL; | ||
298 | - EXPECT = NULL; | ||
299 | - server_expect = realloc (server_expect, sizeof (char *) * (++server_expect_count)); | ||
300 | - asprintf (&server_expect[server_expect_count - 1], "200"); | ||
301 | - server_expect = realloc (server_expect, sizeof (char *) * (++server_expect_count)); | ||
302 | - asprintf (&server_expect[server_expect_count - 1], "201"); | ||
303 | - asprintf (&QUIT, "QUIT\r\n"); | ||
304 | - PROTOCOL = IPPROTO_TCP; | ||
305 | + else if (!strncmp (SERVICE, "NNTP", 4)) { | ||
306 | + server_expect_count = 2; | ||
307 | + server_expect = malloc(sizeof(char *) * server_expect_count); | ||
308 | + server_expect[0] = strdup("200"); | ||
309 | + server_expect[1] = strdup("201"); | ||
310 | + QUIT = "QUIT\r\n"; | ||
311 | PORT = 119; | ||
312 | } | ||
313 | - else { | ||
314 | - progname = strdup ("check_tcp"); | ||
315 | + /* fallthrough check, so it's supposed to use reverse matching */ | ||
316 | + else if (strcmp (SERVICE, "TCP")) | ||
317 | usage (_("CRITICAL - Generic check_tcp called with unknown service\n")); | ||
318 | - } | ||
319 | |||
320 | - server_address = strdup ("127.0.0.1"); | ||
321 | + server_address = "127.0.0.1"; | ||
322 | server_port = PORT; | ||
323 | server_send = SEND; | ||
324 | server_quit = QUIT; | ||
325 | - status = strdup (""); | ||
326 | + status = NULL; | ||
327 | |||
328 | if (process_arguments (argc, argv) == ERROR) | ||
329 | usage4 (_("Could not parse arguments")); | ||
330 | |||
331 | - /* use default expect if none listed in process_arguments() */ | ||
332 | - if (EXPECT && server_expect_count == 0) { | ||
333 | - server_expect = malloc (sizeof (char *) * (++server_expect_count)); | ||
334 | - server_expect[server_expect_count - 1] = EXPECT; | ||
335 | + if(flags & FLAG_VERBOSE) { | ||
336 | + printf("Using service %s\n", SERVICE); | ||
337 | + printf("Port: %d\n", PORT); | ||
338 | + printf("flags: 0x%x\n", flags); | ||
339 | } | ||
340 | |||
341 | - /* initialize alarm signal handling */ | ||
342 | - signal (SIGALRM, socket_timeout_alarm_handler); | ||
343 | + if(EXPECT && !server_expect_count) | ||
344 | + server_expect_count++; | ||
345 | |||
346 | - /* set socket timeout */ | ||
347 | + /* set up the timer */ | ||
348 | + signal (SIGALRM, socket_timeout_alarm_handler); | ||
349 | alarm (socket_timeout); | ||
350 | |||
351 | /* try to connect to the host at the given port number */ | ||
352 | gettimeofday (&tv, NULL); | ||
353 | #ifdef HAVE_SSL | ||
354 | - if (use_ssl && check_cert == TRUE) { | ||
355 | - if (connect_SSL () != OK) | ||
356 | - die (STATE_CRITICAL,_("CRITICAL - Could not make SSL connection\n")); | ||
357 | - if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) { | ||
358 | - result = check_certificate (&server_cert); | ||
359 | - X509_free(server_cert); | ||
360 | - } | ||
361 | - else { | ||
362 | - printf(_("CRITICAL - Cannot retrieve server certificate.\n")); | ||
363 | - result = STATE_CRITICAL; | ||
364 | - } | ||
365 | - SSL_shutdown (ssl); | ||
366 | - SSL_free (ssl); | ||
367 | - SSL_CTX_free (ctx); | ||
368 | - close (sd); | ||
369 | - return result; | ||
370 | + if (flags & FLAG_SSL && check_cert == TRUE) { | ||
371 | + if (connect_SSL () != OK) | ||
372 | + die (STATE_CRITICAL,_("CRITICAL - Could not make SSL connection\n")); | ||
373 | + if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) { | ||
374 | + result = check_certificate (&server_cert); | ||
375 | + X509_free(server_cert); | ||
376 | + } | ||
377 | + else { | ||
378 | + printf(_("CRITICAL - Cannot retrieve server certificate.\n")); | ||
379 | + result = STATE_CRITICAL; | ||
380 | + } | ||
381 | + | ||
382 | + SSL_shutdown (ssl); | ||
383 | + SSL_free (ssl); | ||
384 | + SSL_CTX_free (ctx); | ||
385 | + close (sd); | ||
386 | + return result; | ||
387 | } | ||
388 | - else if (use_ssl) | ||
389 | + else if (flags & FLAG_SSL) | ||
390 | result = connect_SSL (); | ||
391 | else | ||
392 | #endif | ||
393 | @@ -290,9 +256,8 @@ | ||
394 | return STATE_CRITICAL; | ||
395 | |||
396 | if (server_send != NULL) { /* Something to send? */ | ||
397 | - asprintf (&server_send, "%s\r\n", server_send); | ||
398 | #ifdef HAVE_SSL | ||
399 | - if (use_ssl) | ||
400 | + if (flags & FLAG_SSL) | ||
401 | SSL_write(ssl, server_send, (int)strlen(server_send)); | ||
402 | else | ||
403 | #endif | ||
404 | @@ -304,63 +269,71 @@ | ||
405 | sleep (delay); | ||
406 | } | ||
407 | |||
408 | - if (server_send || server_expect_count > 0) { | ||
409 | + if(flags & FLAG_VERBOSE) { | ||
410 | + printf("server_expect_count: %d\n", server_expect_count); | ||
411 | + for(i = 0; i < server_expect_count; i++) | ||
412 | + printf("\t%d: %s\n", i, server_expect[i]); | ||
413 | + } | ||
414 | + | ||
415 | + /* if(len) later on, we know we have a non-NULL response */ | ||
416 | + len = 0; | ||
417 | + if (server_expect_count) { | ||
418 | |||
419 | - buffer = malloc (MAXBUF); | ||
420 | - memset (buffer, '\0', MAXBUF); | ||
421 | /* watch for the expect string */ | ||
422 | - while ((i = my_recv ()) > 0) { | ||
423 | - buffer[i] = '\0'; | ||
424 | - asprintf (&status, "%s%s", status, buffer); | ||
425 | - if (buffer[i-1] == '\n') { | ||
426 | - if (buffer[i-2] == '\r' || i < MAXBUF-1) | ||
427 | - break; | ||
428 | - } | ||
429 | - if (maxbytes>0 && strlen(status) >= (unsigned)maxbytes) | ||
430 | + while ((i = my_recv(buffer, sizeof(buffer))) > 0) { | ||
431 | + status = realloc(status, len + i + 1); | ||
432 | + memcpy(&status[len], buffer, i); | ||
433 | + len += i; | ||
434 | + | ||
435 | + /* stop reading if user-forced or data-starved */ | ||
436 | + if(i < sizeof(buffer) || (maxbytes && len >= maxbytes)) | ||
437 | + break; | ||
438 | + | ||
439 | + if (maxbytes && len >= maxbytes) | ||
440 | break; | ||
441 | } | ||
442 | |||
443 | - /* return a CRITICAL status if we couldn't read any data */ | ||
444 | - if (strlen(status) == 0) | ||
445 | + /* no data when expected, so return critical */ | ||
446 | + if (len == 0) | ||
447 | die (STATE_CRITICAL, _("No data received from host\n")); | ||
448 | |||
449 | - strip (status); | ||
450 | - | ||
451 | - if (status && verbose) | ||
452 | - printf ("%s\n", status); | ||
453 | - | ||
454 | - if (server_expect_count > 0) { | ||
455 | - for (i = 0;; i++) { | ||
456 | - if (verbose) | ||
457 | - printf ("%d %d\n", i, (int)server_expect_count); | ||
458 | - if (i >= (int)server_expect_count) | ||
459 | - die (expect_mismatch_state, _("Unexpected response from host: %s\n"), status); | ||
460 | - /* default expect gets exact matching */ | ||
461 | - if (exact_matching) { | ||
462 | - if (strncmp(status, server_expect[i], strlen(server_expect[i])) == 0) | ||
463 | - break; | ||
464 | - } else { | ||
465 | - if (strstr (status, server_expect[i])) | ||
466 | - break; | ||
467 | - } | ||
468 | + /* force null-termination and strip whitespace from end of output */ | ||
469 | + status[len--] = '\0'; | ||
470 | + /* print raw output if we're debugging */ | ||
471 | + if(flags & FLAG_VERBOSE) | ||
472 | + printf("received %d bytes from host\n#-raw-recv-------#\n%s\n#-raw-recv-------#\n", | ||
473 | + len + 1, status); | ||
474 | + while(isspace(status[len])) status[len--] = '\0'; | ||
475 | + | ||
476 | + for (i = 0; i < server_expect_count; i++) { | ||
477 | + match = -2; /* tag it so we know if we tried and failed */ | ||
478 | + if (flags & FLAG_VERBOSE) | ||
479 | + printf ("looking for [%s] %s [%s]\n", server_expect[i], | ||
480 | + (flags & FLAG_EXACT_MATCH) ? "in beginning of" : "anywhere in", | ||
481 | + status); | ||
482 | + | ||
483 | + /* match it. math first in short-circuit */ | ||
484 | + if ((flags & FLAG_EXACT_MATCH && !strncmp(status, server_expect[i], strlen(server_expect[i]))) || | ||
485 | + (!(flags & FLAG_EXACT_MATCH) && strstr(status, server_expect[i]))) | ||
486 | + { | ||
487 | + if(flags & FLAG_VERBOSE) puts("found it"); | ||
488 | + match = i; | ||
489 | + break; | ||
490 | } | ||
491 | } | ||
492 | } | ||
493 | |||
494 | if (server_quit != NULL) { | ||
495 | #ifdef HAVE_SSL | ||
496 | - if (use_ssl) { | ||
497 | + if (flags & FLAG_SSL) { | ||
498 | SSL_write (ssl, server_quit, (int)strlen(server_quit)); | ||
499 | SSL_shutdown (ssl); | ||
500 | SSL_free (ssl); | ||
501 | SSL_CTX_free (ctx); | ||
502 | } | ||
503 | - else { | ||
504 | + else | ||
505 | #endif | ||
506 | send (sd, server_quit, strlen (server_quit), 0); | ||
507 | -#ifdef HAVE_SSL | ||
508 | - } | ||
509 | -#endif | ||
510 | } | ||
511 | |||
512 | /* close the connection */ | ||
513 | @@ -370,37 +343,53 @@ | ||
514 | microsec = deltime (tv); | ||
515 | elapsed_time = (double)microsec / 1.0e6; | ||
516 | |||
517 | - if (check_critical_time == TRUE && elapsed_time > critical_time) | ||
518 | + if (flags & FLAG_TIME_CRIT && elapsed_time > critical_time) | ||
519 | result = STATE_CRITICAL; | ||
520 | - else if (check_warning_time == TRUE && elapsed_time > warning_time) | ||
521 | + else if (flags & FLAG_TIME_WARN && elapsed_time > warning_time) | ||
522 | + result = STATE_WARNING; | ||
523 | + | ||
524 | + /* did we get the response we hoped? */ | ||
525 | + if(match == -2 && result != STATE_CRITICAL) | ||
526 | result = STATE_WARNING; | ||
527 | |||
528 | /* reset the alarm */ | ||
529 | alarm (0); | ||
530 | |||
531 | - printf | ||
532 | - (_("%s %s%s - %.3f second response time on port %d"), | ||
533 | - SERVICE, | ||
534 | - state_text (result), | ||
535 | - (was_refused) ? " (refused)" : "", | ||
536 | - elapsed_time, server_port); | ||
537 | + /* this is a bit stupid, because we don't want to print the | ||
538 | + * response time (which can look ok to the user) if we didn't get | ||
539 | + * the response we were looking for. if-else */ | ||
540 | + printf(_("%s %s - "), SERVICE, state_text(result)); | ||
541 | |||
542 | - if (hide_output == FALSE && status && strlen(status) > 0) | ||
543 | + if(match == -2 && len && !(flags & FLAG_HIDE_OUTPUT)) | ||
544 | + printf("Unexpected response from host: %s", status); | ||
545 | + else | ||
546 | + printf("%.3f second response time on port %d", | ||
547 | + elapsed_time, server_port); | ||
548 | + | ||
549 | + if (match != -2 && !(flags & FLAG_HIDE_OUTPUT) && len) | ||
550 | printf (" [%s]", status); | ||
551 | |||
552 | - printf (" |%s\n", fperfdata ("time", elapsed_time, "s", | ||
553 | - TRUE, warning_time, | ||
554 | - TRUE, critical_time, | ||
555 | - TRUE, 0, | ||
556 | - TRUE, socket_timeout)); | ||
557 | + /* perf-data doesn't apply when server doesn't talk properly, | ||
558 | + * so print all zeroes on warn and crit */ | ||
559 | + if(match == -2) | ||
560 | + printf ("|time=%fs;0.0;0.0;0.0;0.0", elapsed_time); | ||
561 | + else | ||
562 | + printf("|%s", | ||
563 | + fperfdata ("time", elapsed_time, "s", | ||
564 | + TRUE, warning_time, | ||
565 | + TRUE, critical_time, | ||
566 | + TRUE, 0, | ||
567 | + TRUE, socket_timeout) | ||
568 | + ); | ||
569 | |||
570 | + putchar('\n'); | ||
571 | return result; | ||
572 | } | ||
573 | |||
574 | |||
575 | |||
576 | /* process command-line arguments */ | ||
577 | -int | ||
578 | +static int | ||
579 | process_arguments (int argc, char **argv) | ||
580 | { | ||
581 | int c; | ||
582 | @@ -472,7 +461,7 @@ | ||
583 | print_revision (progname, revision); | ||
584 | exit (STATE_OK); | ||
585 | case 'v': /* verbose mode */ | ||
586 | - verbose = TRUE; | ||
587 | + flags |= FLAG_VERBOSE; | ||
588 | break; | ||
589 | case '4': | ||
590 | address_family = AF_INET; | ||
591 | @@ -494,17 +483,17 @@ | ||
592 | usage4 (_("Critical threshold must be a positive integer")); | ||
593 | else | ||
594 | critical_time = strtod (optarg, NULL); | ||
595 | - check_critical_time = TRUE; | ||
596 | + flags |= FLAG_TIME_CRIT; | ||
597 | break; | ||
598 | case 'j': /* hide output */ | ||
599 | - hide_output = TRUE; | ||
600 | + flags |= FLAG_HIDE_OUTPUT; | ||
601 | break; | ||
602 | case 'w': /* warning */ | ||
603 | if (!is_intnonneg (optarg)) | ||
604 | usage4 (_("Warning threshold must be a positive integer")); | ||
605 | else | ||
606 | warning_time = strtod (optarg, NULL); | ||
607 | - check_warning_time = TRUE; | ||
608 | + flags |= FLAG_TIME_WARN; | ||
609 | break; | ||
610 | case 'C': | ||
611 | crit_codes = realloc (crit_codes, ++crit_codes_count); | ||
612 | @@ -531,7 +520,7 @@ | ||
613 | break; | ||
614 | case 'e': /* expect string (may be repeated) */ | ||
615 | EXPECT = NULL; | ||
616 | - exact_matching = FALSE; | ||
617 | + flags &= ~FLAG_EXACT_MATCH; | ||
618 | if (server_expect_count == 0) | ||
619 | server_expect = malloc (sizeof (char *) * (++server_expect_count)); | ||
620 | else | ||
621 | @@ -542,7 +531,7 @@ | ||
622 | if (!is_intpos (optarg)) | ||
623 | usage4 (_("Maxbytes must be a positive integer")); | ||
624 | else | ||
625 | - maxbytes = atoi (optarg); | ||
626 | + maxbytes = strtol (optarg, NULL, 0); | ||
627 | case 'q': | ||
628 | asprintf(&server_quit, "%s\r\n", optarg); | ||
629 | break; | ||
630 | @@ -572,16 +561,19 @@ | ||
631 | else | ||
632 | usage4 (_("Delay must be a positive integer")); | ||
633 | break; | ||
634 | - case 'D': /* Check SSL cert validity - days 'til certificate expiration */ | ||
635 | + case 'D': /* Check SSL cert validity - days 'til certificate expiration */ | ||
636 | #ifdef HAVE_SSL | ||
637 | if (!is_intnonneg (optarg)) | ||
638 | usage2 (_("Invalid certificate expiration period"), optarg); | ||
639 | days_till_exp = atoi (optarg); | ||
640 | check_cert = TRUE; | ||
641 | - use_ssl = TRUE; | ||
642 | + flags |= FLAG_SSL; | ||
643 | break; | ||
644 | +#endif | ||
645 | + /* fallthrough if we don't have ssl */ | ||
646 | case 'S': | ||
647 | - use_ssl = TRUE; | ||
648 | +#ifdef HAVE_SSL | ||
649 | + flags |= FLAG_SSL; | ||
650 | #else | ||
651 | die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); | ||
652 | #endif | ||
653 | @@ -596,9 +588,9 @@ | ||
654 | } | ||
655 | |||
656 | |||
657 | - | ||
658 | +/* SSL-specific functions */ | ||
659 | #ifdef HAVE_SSL | ||
660 | -int | ||
661 | +static int | ||
662 | connect_SSL (void) | ||
663 | { | ||
664 | SSL_METHOD *meth; | ||
665 | @@ -649,12 +641,8 @@ | ||
666 | |||
667 | return STATE_CRITICAL; | ||
668 | } | ||
669 | -#endif | ||
670 | - | ||
671 | - | ||
672 | |||
673 | -#ifdef HAVE_SSL | ||
674 | -int | ||
675 | +static int | ||
676 | check_certificate (X509 ** certificate) | ||
677 | { | ||
678 | ASN1_STRING *tm; | ||
679 | @@ -727,29 +715,7 @@ | ||
680 | |||
681 | return STATE_OK; | ||
682 | } | ||
683 | -#endif | ||
684 | - | ||
685 | - | ||
686 | - | ||
687 | -int | ||
688 | -my_recv (void) | ||
689 | -{ | ||
690 | - int i; | ||
691 | - | ||
692 | -#ifdef HAVE_SSL | ||
693 | - if (use_ssl) { | ||
694 | - i = SSL_read (ssl, buffer, MAXBUF - 1); | ||
695 | - } | ||
696 | - else { | ||
697 | -#endif | ||
698 | - i = read (sd, buffer, MAXBUF - 1); | ||
699 | -#ifdef HAVE_SSL | ||
700 | - } | ||
701 | -#endif | ||
702 | - | ||
703 | - return i; | ||
704 | -} | ||
705 | - | ||
706 | +#endif /* HAVE_SSL */ | ||
707 | |||
708 | |||
709 | void | ||
710 | @@ -809,7 +775,6 @@ | ||
711 | } | ||
712 | |||
713 | |||
714 | - | ||
715 | void | ||
716 | print_usage (void) | ||
717 | { | ||
718 | @@ -818,5 +783,6 @@ | ||
719 | [-s <send string>] [-e <expect string>] [-q <quit string>]\n\ | ||
720 | [-m <maximum bytes>] [-d <delay>] [-t <timeout seconds>]\n\ | ||
721 | [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n\ | ||
722 | - [-D <days to cert expiry>] [-S <use SSL>]\n", progname); | ||
723 | + [-D <days to cert expiry>] [-S <use SSL>]\n", progname); | ||
724 | } | ||
725 | + | ||