diff options
Diffstat (limited to 'web/attachments/136573-nagiosplug-check_tcp.diff')
| -rw-r--r-- | web/attachments/136573-nagiosplug-check_tcp.diff | 725 |
1 files changed, 725 insertions, 0 deletions
diff --git a/web/attachments/136573-nagiosplug-check_tcp.diff b/web/attachments/136573-nagiosplug-check_tcp.diff new file mode 100644 index 0000000..0b26f13 --- /dev/null +++ b/web/attachments/136573-nagiosplug-check_tcp.diff | |||
| @@ -0,0 +1,725 @@ | |||
| 1 | --- ../orig.nplg/plugins/check_tcp.c 2005-05-26 14:12:21.000000000 +0200 | ||
| 2 | +++ plugins/check_tcp.c 2005-05-30 23:45:35.000000000 +0200 | ||
| 3 | @@ -47,240 +47,206 @@ | ||
| 4 | #endif | ||
| 5 | |||
| 6 | #ifdef HAVE_SSL | ||
| 7 | -int check_cert = FALSE; | ||
| 8 | -int days_till_exp; | ||
| 9 | -char *randbuff = ""; | ||
| 10 | -SSL_CTX *ctx; | ||
| 11 | -SSL *ssl; | ||
| 12 | -X509 *server_cert; | ||
| 13 | -int connect_SSL (void); | ||
| 14 | -int check_certificate (X509 **); | ||
| 15 | +static int check_cert = FALSE; | ||
| 16 | +static int days_till_exp; | ||
| 17 | +static char *randbuff = ""; | ||
| 18 | +static SSL_CTX *ctx; | ||
| 19 | +static SSL *ssl; | ||
| 20 | +static X509 *server_cert; | ||
| 21 | +static int connect_SSL (void); | ||
| 22 | +static int check_certificate (X509 **); | ||
| 23 | +# define my_recv(buf, len) ((flags & FLAG_SSL) ? SSL_read(ssl, buf, len) : read(sd, buf, len)) | ||
| 24 | +#else | ||
| 25 | +# define my_recv(buf, len) read(sd, buf, len) | ||
| 26 | #endif | ||
| 27 | |||
| 28 | -#define MAXBUF 1024 | ||
| 29 | |||
| 30 | -int process_arguments (int, char **); | ||
| 31 | -int my_recv (void); | ||
| 32 | +/* int my_recv(char *, size_t); */ | ||
| 33 | +static int process_arguments (int, char **); | ||
| 34 | void print_help (void); | ||
| 35 | void print_usage (void); | ||
| 36 | |||
| 37 | -char *SERVICE = NULL; | ||
| 38 | -char *SEND = NULL; | ||
| 39 | -char *EXPECT = NULL; | ||
| 40 | -char *QUIT = NULL; | ||
| 41 | -int PROTOCOL = 0; | ||
| 42 | -int PORT = 0; | ||
| 43 | - | ||
| 44 | -char timestamp[17] = ""; | ||
| 45 | -int server_port = 0; | ||
| 46 | -char *server_address = NULL; | ||
| 47 | -char *server_send = NULL; | ||
| 48 | -char *server_quit = NULL; | ||
| 49 | -char **server_expect = NULL; | ||
| 50 | -size_t server_expect_count = 0; | ||
| 51 | -int maxbytes = 0; | ||
| 52 | -char **warn_codes = NULL; | ||
| 53 | -size_t warn_codes_count = 0; | ||
| 54 | -char **crit_codes = NULL; | ||
| 55 | -size_t crit_codes_count = 0; | ||
| 56 | -unsigned int delay = 0; | ||
| 57 | -double warning_time = 0; | ||
| 58 | -int check_warning_time = FALSE; | ||
| 59 | -double critical_time = 0; | ||
| 60 | -int check_critical_time = FALSE; | ||
| 61 | -int hide_output = FALSE; | ||
| 62 | -double elapsed_time = 0; | ||
| 63 | -long microsec; | ||
| 64 | -int verbose = FALSE; | ||
| 65 | -int use_ssl = FALSE; | ||
| 66 | -int sd = 0; | ||
| 67 | -char *buffer; | ||
| 68 | -int expect_mismatch_state = STATE_WARNING; | ||
| 69 | -int exact_matching = TRUE; | ||
| 70 | +#define EXPECT server_expect[0] | ||
| 71 | +static char *SERVICE = "TCP"; | ||
| 72 | +static char *SEND = NULL | ||
| 73 | +static char *QUIT = NULL; | ||
| 74 | +static int PROTOCOL = IPPROTO_TCP; /* most common is default */ | ||
| 75 | +static int PORT = 0; | ||
| 76 | + | ||
| 77 | +static char timestamp[17] = ""; | ||
| 78 | +static int server_port = 0; | ||
| 79 | +static char *server_address = NULL; | ||
| 80 | +static char *server_send = NULL; | ||
| 81 | +static char *server_quit = NULL; | ||
| 82 | +static char **server_expect; | ||
| 83 | +static size_t server_expect_count = 0; | ||
| 84 | +static size_t maxbytes = 0; | ||
| 85 | +static char **warn_codes = NULL; | ||
| 86 | +static size_t warn_codes_count = 0; | ||
| 87 | +static char **crit_codes = NULL; | ||
| 88 | +static size_t crit_codes_count = 0; | ||
| 89 | +static unsigned int delay = 0; | ||
| 90 | +static double warning_time = 0; | ||
| 91 | +static double critical_time = 0; | ||
| 92 | +static double elapsed_time = 0; | ||
| 93 | +static long microsec; | ||
| 94 | +static int sd = 0; | ||
| 95 | +#define MAXBUF 1024 | ||
| 96 | +static char buffer[MAXBUF]; | ||
| 97 | +static int expect_mismatch_state = STATE_WARNING; | ||
| 98 | + | ||
| 99 | +#define FLAG_SSL 0x01 | ||
| 100 | +#define FLAG_VERBOSE 0x02 | ||
| 101 | +#define FLAG_EXACT_MATCH 0x04 | ||
| 102 | +#define FLAG_TIME_WARN 0x08 | ||
| 103 | +#define FLAG_TIME_CRIT 0x10 | ||
| 104 | +#define FLAG_HIDE_OUTPUT 0x20 | ||
| 105 | +static size_t flags = FLAG_EXACT_MATCH; | ||
| 106 | |||
| 107 | int | ||
| 108 | main (int argc, char **argv) | ||
| 109 | { | ||
| 110 | int result = STATE_UNKNOWN; | ||
| 111 | int i; | ||
| 112 | - char *status; | ||
| 113 | + char *status = NULL; | ||
| 114 | struct timeval tv; | ||
| 115 | + size_t len, match = -1; | ||
| 116 | |||
| 117 | setlocale (LC_ALL, ""); | ||
| 118 | bindtextdomain (PACKAGE, LOCALEDIR); | ||
| 119 | textdomain (PACKAGE); | ||
| 120 | |||
| 121 | - if (strstr (argv[0], "check_udp")) { | ||
| 122 | - progname = strdup ("check_udp"); | ||
| 123 | - SERVICE = strdup ("UDP"); | ||
| 124 | - SEND = NULL; | ||
| 125 | - EXPECT = NULL; | ||
| 126 | - QUIT = NULL; | ||
| 127 | + /* determine program- and service-name quickly */ | ||
| 128 | + progname = strrchr(argv[0], '/'); | ||
| 129 | + if(progname != NULL) progname++; | ||
| 130 | + else progname = argv[0]; | ||
| 131 | + | ||
| 132 | + len = strlen(progname); | ||
| 133 | + if(len > 6 && !memcmp(progname, "check_", 6)) { | ||
| 134 | + SERVICE = progname + 6; | ||
| 135 | + for(i = 0; i < len - 6; i++) | ||
| 136 | + SERVICE[i] = toupper(SERVICE[i]); | ||
| 137 | + } | ||
| 138 | + | ||
| 139 | + /* set up a resonable buffer at first (will be realloc()'ed if | ||
| 140 | + * user specifies other options) */ | ||
| 141 | + server_expect = calloc(sizeof(char *), 2); | ||
| 142 | + | ||
| 143 | + /* determine defaults for this service's protocol */ | ||
| 144 | + if (!strncmp(SERVICE, "UDP", 3)) { | ||
| 145 | PROTOCOL = IPPROTO_UDP; | ||
| 146 | - PORT = 0; | ||
| 147 | } | ||
| 148 | - else if (strstr (argv[0], "check_tcp")) { | ||
| 149 | - progname = strdup ("check_tcp"); | ||
| 150 | - SERVICE = strdup ("TCP"); | ||
| 151 | - SEND = NULL; | ||
| 152 | - EXPECT = NULL; | ||
| 153 | - QUIT = NULL; | ||
| 154 | - PROTOCOL = IPPROTO_TCP; | ||
| 155 | - PORT = 0; | ||
| 156 | - } | ||
| 157 | - else if (strstr (argv[0], "check_ftp")) { | ||
| 158 | - progname = strdup ("check_ftp"); | ||
| 159 | - SERVICE = strdup ("FTP"); | ||
| 160 | - SEND = NULL; | ||
| 161 | - EXPECT = strdup ("220"); | ||
| 162 | - QUIT = strdup ("QUIT\r\n"); | ||
| 163 | - PROTOCOL = IPPROTO_TCP; | ||
| 164 | + else if (!strncmp(SERVICE, "FTP", 3)) { | ||
| 165 | + EXPECT = "220"; | ||
| 166 | + QUIT = "QUIT\r\n"; | ||
| 167 | PORT = 21; | ||
| 168 | } | ||
| 169 | - else if (strstr (argv[0], "check_smtp")) { | ||
| 170 | - progname = strdup ("check_smtp"); | ||
| 171 | - SERVICE = strdup ("SMTP"); | ||
| 172 | - SEND = NULL; | ||
| 173 | - EXPECT = strdup ("220"); | ||
| 174 | - QUIT = strdup ("QUIT\r\n"); | ||
| 175 | - PROTOCOL = IPPROTO_TCP; | ||
| 176 | - PORT = 25; | ||
| 177 | - } | ||
| 178 | - else if (strstr (argv[0], "check_pop")) { | ||
| 179 | - progname = strdup ("check_pop"); | ||
| 180 | - SERVICE = strdup ("POP"); | ||
| 181 | - SEND = NULL; | ||
| 182 | - EXPECT = strdup ("+OK"); | ||
| 183 | - QUIT = strdup ("QUIT\r\n"); | ||
| 184 | - PROTOCOL = IPPROTO_TCP; | ||
| 185 | + else if (!strncmp(SERVICE, "POP", 3) || !strncmp(SERVICE, "POP3", 4)) { | ||
| 186 | + EXPECT = "+OK"; | ||
| 187 | + QUIT = "QUIT\r\n"; | ||
| 188 | PORT = 110; | ||
| 189 | } | ||
| 190 | - else if (strstr (argv[0], "check_imap")) { | ||
| 191 | - progname = strdup ("check_imap"); | ||
| 192 | - SERVICE = strdup ("IMAP"); | ||
| 193 | - SEND = NULL; | ||
| 194 | - EXPECT = strdup ("* OK"); | ||
| 195 | - QUIT = strdup ("a1 LOGOUT\r\n"); | ||
| 196 | - PROTOCOL = IPPROTO_TCP; | ||
| 197 | + else if (!strncmp(SERVICE, "SMTP", 4)) { | ||
| 198 | + EXPECT = "220"; | ||
| 199 | + QUIT = "QUIT\r\n"; | ||
| 200 | + PORT = 25; | ||
| 201 | + } | ||
| 202 | + else if (!strncmp(SERVICE, "IMAP", 4)) { | ||
| 203 | + EXPECT = "* OK"; | ||
| 204 | + QUIT = "a1 LOGOUT\r\n"; | ||
| 205 | PORT = 143; | ||
| 206 | } | ||
| 207 | #ifdef HAVE_SSL | ||
| 208 | - else if (strstr(argv[0],"check_simap")) { | ||
| 209 | - progname = strdup ("check_simap"); | ||
| 210 | - SERVICE = strdup ("SIMAP"); | ||
| 211 | - SEND=NULL; | ||
| 212 | - EXPECT = strdup ("* OK"); | ||
| 213 | - QUIT = strdup ("a1 LOGOUT\r\n"); | ||
| 214 | - PROTOCOL=IPPROTO_TCP; | ||
| 215 | - use_ssl=TRUE; | ||
| 216 | - PORT=993; | ||
| 217 | - } | ||
| 218 | - else if (strstr(argv[0],"check_spop")) { | ||
| 219 | - progname = strdup ("check_spop"); | ||
| 220 | - SERVICE = strdup ("SPOP"); | ||
| 221 | - SEND=NULL; | ||
| 222 | - EXPECT = strdup ("+OK"); | ||
| 223 | - QUIT = strdup ("QUIT\r\n"); | ||
| 224 | - PROTOCOL=IPPROTO_TCP; | ||
| 225 | - use_ssl=TRUE; | ||
| 226 | - PORT=995; | ||
| 227 | - } | ||
| 228 | - else if (strstr(argv[0],"check_ssmtp")) { | ||
| 229 | - progname = strdup ("check_ssmtp"); | ||
| 230 | - SERVICE = strdup ("SSMTP"); | ||
| 231 | - SEND=NULL; | ||
| 232 | - EXPECT = strdup ("220"); | ||
| 233 | - QUIT = strdup ("QUIT\r\n"); | ||
| 234 | - PROTOCOL=IPPROTO_TCP; | ||
| 235 | - use_ssl=TRUE; | ||
| 236 | - PORT=465; | ||
| 237 | - } | ||
| 238 | - else if (strstr(argv[0],"check_jabber")) { | ||
| 239 | - progname = strdup("check_jabber"); | ||
| 240 | - SERVICE = strdup("JABBER"); | ||
| 241 | - SEND = strdup("<stream:stream to=\'host\' xmlns=\'jabber:client\' xmlns:stream=\'http://etherx.jabber.org/streams\'>\n"); | ||
| 242 | - EXPECT = strdup("<?xml version=\'1.0\'?><stream:stream xmlns:stream=\'http://etherx.jabber.org/streams\'"); | ||
| 243 | - QUIT = strdup("</stream:stream>\n"); | ||
| 244 | - PROTOCOL=IPPROTO_TCP; | ||
| 245 | - use_ssl=TRUE; | ||
| 246 | + else if (!strncmp(SERVICE, "SIMAP", 5)) { | ||
| 247 | + EXPECT = "* OK"; | ||
| 248 | + QUIT = "a1 LOGOUT\r\n"; | ||
| 249 | + flags |= FLAG_SSL; | ||
| 250 | + PORT = 993; | ||
| 251 | + } | ||
| 252 | + else if (!strncmp(SERVICE, "SPOP", 4)) { | ||
| 253 | + EXPECT = "+OK"; | ||
| 254 | + QUIT = "QUIT\r\n"; | ||
| 255 | + flags |= FLAG_SSL; | ||
| 256 | + PORT = 995; | ||
| 257 | + } | ||
| 258 | + else if (!strncmp(SERVICE, "SSMTP", 5)) { | ||
| 259 | + EXPECT = "220"; | ||
| 260 | + QUIT = "QUIT\r\n"; | ||
| 261 | + flags |= FLAG_SSL; | ||
| 262 | + PORT = 465; | ||
| 263 | + } | ||
| 264 | + else if (!strncmp(SERVICE, "JABBER", 6)) { | ||
| 265 | + SEND = "<stream:stream to=\'host\' xmlns=\'jabber:client\' xmlns:stream=\'http://etherx.jabber.org/streams\'>\n"; | ||
| 266 | + EXPECT = "<?xml version=\'1.0\'?><stream:stream xmlns:stream=\'http://etherx.jabber.org/streams\'"; | ||
| 267 | + QUIT = "</stream:stream>\n"; | ||
| 268 | + flags |= FLAG_SSL | FLAG_HIDE_OUTPUT; | ||
| 269 | PORT = 5222; | ||
| 270 | } | ||
| 271 | - else if (strstr (argv[0], "check_nntps")) { | ||
| 272 | - progname = strdup("check_nntps"); | ||
| 273 | - SERVICE = strdup("NNTPS"); | ||
| 274 | - SEND = NULL; | ||
| 275 | - EXPECT = NULL; | ||
| 276 | - server_expect = realloc (server_expect, ++server_expect_count); | ||
| 277 | - asprintf (&server_expect[server_expect_count - 1], "200"); | ||
| 278 | - server_expect = realloc (server_expect, ++server_expect_count); | ||
| 279 | - asprintf (&server_expect[server_expect_count - 1], "201"); | ||
| 280 | - QUIT = strdup("QUIT\r\n"); | ||
| 281 | - PROTOCOL = IPPROTO_TCP; | ||
| 282 | - use_ssl=TRUE; | ||
| 283 | + else if (!strncmp (SERVICE, "NNTPS", 5)) { | ||
| 284 | + server_expect_count = 2; | ||
| 285 | + server_expect[0] = "200"; | ||
| 286 | + server_expect[1] = "201"; | ||
| 287 | + QUIT = "QUIT\r\n"; | ||
| 288 | + flags |= FLAG_SSL; | ||
| 289 | PORT = 563; | ||
| 290 | -} | ||
| 291 | - | ||
| 292 | + } | ||
| 293 | #endif | ||
| 294 | - else if (strstr (argv[0], "check_nntp")) { | ||
| 295 | - progname = strdup ("check_nntp"); | ||
| 296 | - SERVICE = strdup ("NNTP"); | ||
| 297 | - SEND = NULL; | ||
| 298 | - EXPECT = NULL; | ||
| 299 | - server_expect = realloc (server_expect, sizeof (char *) * (++server_expect_count)); | ||
| 300 | - asprintf (&server_expect[server_expect_count - 1], "200"); | ||
| 301 | - server_expect = realloc (server_expect, sizeof (char *) * (++server_expect_count)); | ||
| 302 | - asprintf (&server_expect[server_expect_count - 1], "201"); | ||
| 303 | - asprintf (&QUIT, "QUIT\r\n"); | ||
| 304 | - PROTOCOL = IPPROTO_TCP; | ||
| 305 | + else if (!strncmp (SERVICE, "NNTP", 4)) { | ||
| 306 | + server_expect_count = 2; | ||
| 307 | + server_expect = malloc(sizeof(char *) * server_expect_count); | ||
| 308 | + server_expect[0] = strdup("200"); | ||
| 309 | + server_expect[1] = strdup("201"); | ||
| 310 | + QUIT = "QUIT\r\n"; | ||
| 311 | PORT = 119; | ||
| 312 | } | ||
| 313 | - else { | ||
| 314 | - progname = strdup ("check_tcp"); | ||
| 315 | + /* fallthrough check, so it's supposed to use reverse matching */ | ||
| 316 | + else if (strcmp (SERVICE, "TCP")) | ||
| 317 | usage (_("CRITICAL - Generic check_tcp called with unknown service\n")); | ||
| 318 | - } | ||
| 319 | |||
| 320 | - server_address = strdup ("127.0.0.1"); | ||
| 321 | + server_address = "127.0.0.1"; | ||
| 322 | server_port = PORT; | ||
| 323 | server_send = SEND; | ||
| 324 | server_quit = QUIT; | ||
| 325 | - status = strdup (""); | ||
| 326 | + status = NULL; | ||
| 327 | |||
| 328 | if (process_arguments (argc, argv) == ERROR) | ||
| 329 | usage4 (_("Could not parse arguments")); | ||
| 330 | |||
| 331 | - /* use default expect if none listed in process_arguments() */ | ||
| 332 | - if (EXPECT && server_expect_count == 0) { | ||
| 333 | - server_expect = malloc (sizeof (char *) * (++server_expect_count)); | ||
| 334 | - server_expect[server_expect_count - 1] = EXPECT; | ||
| 335 | + if(flags & FLAG_VERBOSE) { | ||
| 336 | + printf("Using service %s\n", SERVICE); | ||
| 337 | + printf("Port: %d\n", PORT); | ||
| 338 | + printf("flags: 0x%x\n", flags); | ||
| 339 | } | ||
| 340 | |||
| 341 | - /* initialize alarm signal handling */ | ||
| 342 | - signal (SIGALRM, socket_timeout_alarm_handler); | ||
| 343 | + if(EXPECT && !server_expect_count) | ||
| 344 | + server_expect_count++; | ||
| 345 | |||
| 346 | - /* set socket timeout */ | ||
| 347 | + /* set up the timer */ | ||
| 348 | + signal (SIGALRM, socket_timeout_alarm_handler); | ||
| 349 | alarm (socket_timeout); | ||
| 350 | |||
| 351 | /* try to connect to the host at the given port number */ | ||
| 352 | gettimeofday (&tv, NULL); | ||
| 353 | #ifdef HAVE_SSL | ||
| 354 | - if (use_ssl && check_cert == TRUE) { | ||
| 355 | - if (connect_SSL () != OK) | ||
| 356 | - die (STATE_CRITICAL,_("CRITICAL - Could not make SSL connection\n")); | ||
| 357 | - if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) { | ||
| 358 | - result = check_certificate (&server_cert); | ||
| 359 | - X509_free(server_cert); | ||
| 360 | - } | ||
| 361 | - else { | ||
| 362 | - printf(_("CRITICAL - Cannot retrieve server certificate.\n")); | ||
| 363 | - result = STATE_CRITICAL; | ||
| 364 | - } | ||
| 365 | - SSL_shutdown (ssl); | ||
| 366 | - SSL_free (ssl); | ||
| 367 | - SSL_CTX_free (ctx); | ||
| 368 | - close (sd); | ||
| 369 | - return result; | ||
| 370 | + if (flags & FLAG_SSL && check_cert == TRUE) { | ||
| 371 | + if (connect_SSL () != OK) | ||
| 372 | + die (STATE_CRITICAL,_("CRITICAL - Could not make SSL connection\n")); | ||
| 373 | + if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) { | ||
| 374 | + result = check_certificate (&server_cert); | ||
| 375 | + X509_free(server_cert); | ||
| 376 | + } | ||
| 377 | + else { | ||
| 378 | + printf(_("CRITICAL - Cannot retrieve server certificate.\n")); | ||
| 379 | + result = STATE_CRITICAL; | ||
| 380 | + } | ||
| 381 | + | ||
| 382 | + SSL_shutdown (ssl); | ||
| 383 | + SSL_free (ssl); | ||
| 384 | + SSL_CTX_free (ctx); | ||
| 385 | + close (sd); | ||
| 386 | + return result; | ||
| 387 | } | ||
| 388 | - else if (use_ssl) | ||
| 389 | + else if (flags & FLAG_SSL) | ||
| 390 | result = connect_SSL (); | ||
| 391 | else | ||
| 392 | #endif | ||
| 393 | @@ -290,9 +256,8 @@ | ||
| 394 | return STATE_CRITICAL; | ||
| 395 | |||
| 396 | if (server_send != NULL) { /* Something to send? */ | ||
| 397 | - asprintf (&server_send, "%s\r\n", server_send); | ||
| 398 | #ifdef HAVE_SSL | ||
| 399 | - if (use_ssl) | ||
| 400 | + if (flags & FLAG_SSL) | ||
| 401 | SSL_write(ssl, server_send, (int)strlen(server_send)); | ||
| 402 | else | ||
| 403 | #endif | ||
| 404 | @@ -304,63 +269,71 @@ | ||
| 405 | sleep (delay); | ||
| 406 | } | ||
| 407 | |||
| 408 | - if (server_send || server_expect_count > 0) { | ||
| 409 | + if(flags & FLAG_VERBOSE) { | ||
| 410 | + printf("server_expect_count: %d\n", server_expect_count); | ||
| 411 | + for(i = 0; i < server_expect_count; i++) | ||
| 412 | + printf("\t%d: %s\n", i, server_expect[i]); | ||
| 413 | + } | ||
| 414 | + | ||
| 415 | + /* if(len) later on, we know we have a non-NULL response */ | ||
| 416 | + len = 0; | ||
| 417 | + if (server_expect_count) { | ||
| 418 | |||
| 419 | - buffer = malloc (MAXBUF); | ||
| 420 | - memset (buffer, '\0', MAXBUF); | ||
| 421 | /* watch for the expect string */ | ||
| 422 | - while ((i = my_recv ()) > 0) { | ||
| 423 | - buffer[i] = '\0'; | ||
| 424 | - asprintf (&status, "%s%s", status, buffer); | ||
| 425 | - if (buffer[i-1] == '\n') { | ||
| 426 | - if (buffer[i-2] == '\r' || i < MAXBUF-1) | ||
| 427 | - break; | ||
| 428 | - } | ||
| 429 | - if (maxbytes>0 && strlen(status) >= (unsigned)maxbytes) | ||
| 430 | + while ((i = my_recv(buffer, sizeof(buffer))) > 0) { | ||
| 431 | + status = realloc(status, len + i + 1); | ||
| 432 | + memcpy(&status[len], buffer, i); | ||
| 433 | + len += i; | ||
| 434 | + | ||
| 435 | + /* stop reading if user-forced or data-starved */ | ||
| 436 | + if(i < sizeof(buffer) || (maxbytes && len >= maxbytes)) | ||
| 437 | + break; | ||
| 438 | + | ||
| 439 | + if (maxbytes && len >= maxbytes) | ||
| 440 | break; | ||
| 441 | } | ||
| 442 | |||
| 443 | - /* return a CRITICAL status if we couldn't read any data */ | ||
| 444 | - if (strlen(status) == 0) | ||
| 445 | + /* no data when expected, so return critical */ | ||
| 446 | + if (len == 0) | ||
| 447 | die (STATE_CRITICAL, _("No data received from host\n")); | ||
| 448 | |||
| 449 | - strip (status); | ||
| 450 | - | ||
| 451 | - if (status && verbose) | ||
| 452 | - printf ("%s\n", status); | ||
| 453 | - | ||
| 454 | - if (server_expect_count > 0) { | ||
| 455 | - for (i = 0;; i++) { | ||
| 456 | - if (verbose) | ||
| 457 | - printf ("%d %d\n", i, (int)server_expect_count); | ||
| 458 | - if (i >= (int)server_expect_count) | ||
| 459 | - die (expect_mismatch_state, _("Unexpected response from host: %s\n"), status); | ||
| 460 | - /* default expect gets exact matching */ | ||
| 461 | - if (exact_matching) { | ||
| 462 | - if (strncmp(status, server_expect[i], strlen(server_expect[i])) == 0) | ||
| 463 | - break; | ||
| 464 | - } else { | ||
| 465 | - if (strstr (status, server_expect[i])) | ||
| 466 | - break; | ||
| 467 | - } | ||
| 468 | + /* force null-termination and strip whitespace from end of output */ | ||
| 469 | + status[len--] = '\0'; | ||
| 470 | + /* print raw output if we're debugging */ | ||
| 471 | + if(flags & FLAG_VERBOSE) | ||
| 472 | + printf("received %d bytes from host\n#-raw-recv-------#\n%s\n#-raw-recv-------#\n", | ||
| 473 | + len + 1, status); | ||
| 474 | + while(isspace(status[len])) status[len--] = '\0'; | ||
| 475 | + | ||
| 476 | + for (i = 0; i < server_expect_count; i++) { | ||
| 477 | + match = -2; /* tag it so we know if we tried and failed */ | ||
| 478 | + if (flags & FLAG_VERBOSE) | ||
| 479 | + printf ("looking for [%s] %s [%s]\n", server_expect[i], | ||
| 480 | + (flags & FLAG_EXACT_MATCH) ? "in beginning of" : "anywhere in", | ||
| 481 | + status); | ||
| 482 | + | ||
| 483 | + /* match it. math first in short-circuit */ | ||
| 484 | + if ((flags & FLAG_EXACT_MATCH && !strncmp(status, server_expect[i], strlen(server_expect[i]))) || | ||
| 485 | + (!(flags & FLAG_EXACT_MATCH) && strstr(status, server_expect[i]))) | ||
| 486 | + { | ||
| 487 | + if(flags & FLAG_VERBOSE) puts("found it"); | ||
| 488 | + match = i; | ||
| 489 | + break; | ||
| 490 | } | ||
| 491 | } | ||
| 492 | } | ||
| 493 | |||
| 494 | if (server_quit != NULL) { | ||
| 495 | #ifdef HAVE_SSL | ||
| 496 | - if (use_ssl) { | ||
| 497 | + if (flags & FLAG_SSL) { | ||
| 498 | SSL_write (ssl, server_quit, (int)strlen(server_quit)); | ||
| 499 | SSL_shutdown (ssl); | ||
| 500 | SSL_free (ssl); | ||
| 501 | SSL_CTX_free (ctx); | ||
| 502 | } | ||
| 503 | - else { | ||
| 504 | + else | ||
| 505 | #endif | ||
| 506 | send (sd, server_quit, strlen (server_quit), 0); | ||
| 507 | -#ifdef HAVE_SSL | ||
| 508 | - } | ||
| 509 | -#endif | ||
| 510 | } | ||
| 511 | |||
| 512 | /* close the connection */ | ||
| 513 | @@ -370,37 +343,53 @@ | ||
| 514 | microsec = deltime (tv); | ||
| 515 | elapsed_time = (double)microsec / 1.0e6; | ||
| 516 | |||
| 517 | - if (check_critical_time == TRUE && elapsed_time > critical_time) | ||
| 518 | + if (flags & FLAG_TIME_CRIT && elapsed_time > critical_time) | ||
| 519 | result = STATE_CRITICAL; | ||
| 520 | - else if (check_warning_time == TRUE && elapsed_time > warning_time) | ||
| 521 | + else if (flags & FLAG_TIME_WARN && elapsed_time > warning_time) | ||
| 522 | + result = STATE_WARNING; | ||
| 523 | + | ||
| 524 | + /* did we get the response we hoped? */ | ||
| 525 | + if(match == -2 && result != STATE_CRITICAL) | ||
| 526 | result = STATE_WARNING; | ||
| 527 | |||
| 528 | /* reset the alarm */ | ||
| 529 | alarm (0); | ||
| 530 | |||
| 531 | - printf | ||
| 532 | - (_("%s %s%s - %.3f second response time on port %d"), | ||
| 533 | - SERVICE, | ||
| 534 | - state_text (result), | ||
| 535 | - (was_refused) ? " (refused)" : "", | ||
| 536 | - elapsed_time, server_port); | ||
| 537 | + /* this is a bit stupid, because we don't want to print the | ||
| 538 | + * response time (which can look ok to the user) if we didn't get | ||
| 539 | + * the response we were looking for. if-else */ | ||
| 540 | + printf(_("%s %s - "), SERVICE, state_text(result)); | ||
| 541 | |||
| 542 | - if (hide_output == FALSE && status && strlen(status) > 0) | ||
| 543 | + if(match == -2 && len && !(flags & FLAG_HIDE_OUTPUT)) | ||
| 544 | + printf("Unexpected response from host: %s", status); | ||
| 545 | + else | ||
| 546 | + printf("%.3f second response time on port %d", | ||
| 547 | + elapsed_time, server_port); | ||
| 548 | + | ||
| 549 | + if (match != -2 && !(flags & FLAG_HIDE_OUTPUT) && len) | ||
| 550 | printf (" [%s]", status); | ||
| 551 | |||
| 552 | - printf (" |%s\n", fperfdata ("time", elapsed_time, "s", | ||
| 553 | - TRUE, warning_time, | ||
| 554 | - TRUE, critical_time, | ||
| 555 | - TRUE, 0, | ||
| 556 | - TRUE, socket_timeout)); | ||
| 557 | + /* perf-data doesn't apply when server doesn't talk properly, | ||
| 558 | + * so print all zeroes on warn and crit */ | ||
| 559 | + if(match == -2) | ||
| 560 | + printf ("|time=%fs;0.0;0.0;0.0;0.0", elapsed_time); | ||
| 561 | + else | ||
| 562 | + printf("|%s", | ||
| 563 | + fperfdata ("time", elapsed_time, "s", | ||
| 564 | + TRUE, warning_time, | ||
| 565 | + TRUE, critical_time, | ||
| 566 | + TRUE, 0, | ||
| 567 | + TRUE, socket_timeout) | ||
| 568 | + ); | ||
| 569 | |||
| 570 | + putchar('\n'); | ||
| 571 | return result; | ||
| 572 | } | ||
| 573 | |||
| 574 | |||
| 575 | |||
| 576 | /* process command-line arguments */ | ||
| 577 | -int | ||
| 578 | +static int | ||
| 579 | process_arguments (int argc, char **argv) | ||
| 580 | { | ||
| 581 | int c; | ||
| 582 | @@ -472,7 +461,7 @@ | ||
| 583 | print_revision (progname, revision); | ||
| 584 | exit (STATE_OK); | ||
| 585 | case 'v': /* verbose mode */ | ||
| 586 | - verbose = TRUE; | ||
| 587 | + flags |= FLAG_VERBOSE; | ||
| 588 | break; | ||
| 589 | case '4': | ||
| 590 | address_family = AF_INET; | ||
| 591 | @@ -494,17 +483,17 @@ | ||
| 592 | usage4 (_("Critical threshold must be a positive integer")); | ||
| 593 | else | ||
| 594 | critical_time = strtod (optarg, NULL); | ||
| 595 | - check_critical_time = TRUE; | ||
| 596 | + flags |= FLAG_TIME_CRIT; | ||
| 597 | break; | ||
| 598 | case 'j': /* hide output */ | ||
| 599 | - hide_output = TRUE; | ||
| 600 | + flags |= FLAG_HIDE_OUTPUT; | ||
| 601 | break; | ||
| 602 | case 'w': /* warning */ | ||
| 603 | if (!is_intnonneg (optarg)) | ||
| 604 | usage4 (_("Warning threshold must be a positive integer")); | ||
| 605 | else | ||
| 606 | warning_time = strtod (optarg, NULL); | ||
| 607 | - check_warning_time = TRUE; | ||
| 608 | + flags |= FLAG_TIME_WARN; | ||
| 609 | break; | ||
| 610 | case 'C': | ||
| 611 | crit_codes = realloc (crit_codes, ++crit_codes_count); | ||
| 612 | @@ -531,7 +520,7 @@ | ||
| 613 | break; | ||
| 614 | case 'e': /* expect string (may be repeated) */ | ||
| 615 | EXPECT = NULL; | ||
| 616 | - exact_matching = FALSE; | ||
| 617 | + flags &= ~FLAG_EXACT_MATCH; | ||
| 618 | if (server_expect_count == 0) | ||
| 619 | server_expect = malloc (sizeof (char *) * (++server_expect_count)); | ||
| 620 | else | ||
| 621 | @@ -542,7 +531,7 @@ | ||
| 622 | if (!is_intpos (optarg)) | ||
| 623 | usage4 (_("Maxbytes must be a positive integer")); | ||
| 624 | else | ||
| 625 | - maxbytes = atoi (optarg); | ||
| 626 | + maxbytes = strtol (optarg, NULL, 0); | ||
| 627 | case 'q': | ||
| 628 | asprintf(&server_quit, "%s\r\n", optarg); | ||
| 629 | break; | ||
| 630 | @@ -572,16 +561,19 @@ | ||
| 631 | else | ||
| 632 | usage4 (_("Delay must be a positive integer")); | ||
| 633 | break; | ||
| 634 | - case 'D': /* Check SSL cert validity - days 'til certificate expiration */ | ||
| 635 | + case 'D': /* Check SSL cert validity - days 'til certificate expiration */ | ||
| 636 | #ifdef HAVE_SSL | ||
| 637 | if (!is_intnonneg (optarg)) | ||
| 638 | usage2 (_("Invalid certificate expiration period"), optarg); | ||
| 639 | days_till_exp = atoi (optarg); | ||
| 640 | check_cert = TRUE; | ||
| 641 | - use_ssl = TRUE; | ||
| 642 | + flags |= FLAG_SSL; | ||
| 643 | break; | ||
| 644 | +#endif | ||
| 645 | + /* fallthrough if we don't have ssl */ | ||
| 646 | case 'S': | ||
| 647 | - use_ssl = TRUE; | ||
| 648 | +#ifdef HAVE_SSL | ||
| 649 | + flags |= FLAG_SSL; | ||
| 650 | #else | ||
| 651 | die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); | ||
| 652 | #endif | ||
| 653 | @@ -596,9 +588,9 @@ | ||
| 654 | } | ||
| 655 | |||
| 656 | |||
| 657 | - | ||
| 658 | +/* SSL-specific functions */ | ||
| 659 | #ifdef HAVE_SSL | ||
| 660 | -int | ||
| 661 | +static int | ||
| 662 | connect_SSL (void) | ||
| 663 | { | ||
| 664 | SSL_METHOD *meth; | ||
| 665 | @@ -649,12 +641,8 @@ | ||
| 666 | |||
| 667 | return STATE_CRITICAL; | ||
| 668 | } | ||
| 669 | -#endif | ||
| 670 | - | ||
| 671 | - | ||
| 672 | |||
| 673 | -#ifdef HAVE_SSL | ||
| 674 | -int | ||
| 675 | +static int | ||
| 676 | check_certificate (X509 ** certificate) | ||
| 677 | { | ||
| 678 | ASN1_STRING *tm; | ||
| 679 | @@ -727,29 +715,7 @@ | ||
| 680 | |||
| 681 | return STATE_OK; | ||
| 682 | } | ||
| 683 | -#endif | ||
| 684 | - | ||
| 685 | - | ||
| 686 | - | ||
| 687 | -int | ||
| 688 | -my_recv (void) | ||
| 689 | -{ | ||
| 690 | - int i; | ||
| 691 | - | ||
| 692 | -#ifdef HAVE_SSL | ||
| 693 | - if (use_ssl) { | ||
| 694 | - i = SSL_read (ssl, buffer, MAXBUF - 1); | ||
| 695 | - } | ||
| 696 | - else { | ||
| 697 | -#endif | ||
| 698 | - i = read (sd, buffer, MAXBUF - 1); | ||
| 699 | -#ifdef HAVE_SSL | ||
| 700 | - } | ||
| 701 | -#endif | ||
| 702 | - | ||
| 703 | - return i; | ||
| 704 | -} | ||
| 705 | - | ||
| 706 | +#endif /* HAVE_SSL */ | ||
| 707 | |||
| 708 | |||
| 709 | void | ||
| 710 | @@ -809,7 +775,6 @@ | ||
| 711 | } | ||
| 712 | |||
| 713 | |||
| 714 | - | ||
| 715 | void | ||
| 716 | print_usage (void) | ||
| 717 | { | ||
| 718 | @@ -818,5 +783,6 @@ | ||
| 719 | [-s <send string>] [-e <expect string>] [-q <quit string>]\n\ | ||
| 720 | [-m <maximum bytes>] [-d <delay>] [-t <timeout seconds>]\n\ | ||
| 721 | [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n\ | ||
| 722 | - [-D <days to cert expiry>] [-S <use SSL>]\n", progname); | ||
| 723 | + [-D <days to cert expiry>] [-S <use SSL>]\n", progname); | ||
| 724 | } | ||
| 725 | + | ||