From 0b6423f9c99d9edf8c96fefd0f6c453859395aa1 Mon Sep 17 00:00:00 2001 From: Holger Weiss Date: Mon, 30 Sep 2013 00:03:24 +0200 Subject: Import Nagios Plugins site Import the Nagios Plugins web site, Cronjobs, infrastructure scripts, and configuration files. --- ...nagios-plugins-1.4.15-certexpire_warncrit.patch | 293 +++++++++++++++++++++ 1 file changed, 293 insertions(+) create mode 100644 web/attachments/432992-nagios-plugins-1.4.15-certexpire_warncrit.patch (limited to 'web/attachments/432992-nagios-plugins-1.4.15-certexpire_warncrit.patch') diff --git a/web/attachments/432992-nagios-plugins-1.4.15-certexpire_warncrit.patch b/web/attachments/432992-nagios-plugins-1.4.15-certexpire_warncrit.patch new file mode 100644 index 0000000..a3935e8 --- /dev/null +++ b/web/attachments/432992-nagios-plugins-1.4.15-certexpire_warncrit.patch @@ -0,0 +1,293 @@ +diff -ru nagios-plugins-1.4.15/plugins/check_http.c nagios-plugins-1.4.15-modified/plugins/check_http.c +--- nagios-plugins-1.4.15/plugins/check_http.c 2010-07-27 20:47:16.000000000 +0000 ++++ nagios-plugins-1.4.15-modified/plugins/check_http.c 2012-01-11 04:03:34.000000000 +0000 +@@ -58,7 +58,7 @@ + + #ifdef HAVE_SSL + int check_cert = FALSE; +-int days_till_exp; ++int days_till_exp_warn, days_till_exp_crit; + char *randbuff; + X509 *server_cert; + # define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) +@@ -178,6 +178,7 @@ + { + int c = 1; + char *p; ++ char *temp; + + enum { + INVERT_REGEX = CHAR_MAX + 1, +@@ -292,13 +293,25 @@ + break; + case 'C': /* Check SSL cert validity */ + #ifdef HAVE_SSL +- if (!is_intnonneg (optarg)) +- usage2 (_("Invalid certificate expiration period"), optarg); ++ if ((temp=strchr(optarg,','))!=NULL) { ++ *temp='\0'; ++ if (!is_intnonneg (temp)) ++ usage2 (_("Invalid certificate expiration period"), optarg); ++ days_till_exp_warn = atoi(optarg); ++ *temp=','; ++ temp++; ++ if (!is_intnonneg (temp)) ++ usage2 (_("Invalid certificate expiration period"), temp); ++ days_till_exp_crit = atoi (temp); ++ } + else { +- days_till_exp = atoi (optarg); +- check_cert = TRUE; ++ days_till_exp_crit=0; ++ if (!is_intnonneg (optarg)) ++ usage2 (_("Invalid certificate expiration period"), optarg); ++ days_till_exp_warn = atoi (optarg); + } +- /* Fall through to -S option */ ++ check_cert = TRUE; ++ /* Fall through to -S option */ + #endif + case 'S': /* use SSL */ + #ifndef HAVE_SSL +@@ -809,7 +822,7 @@ + if (use_ssl == TRUE) { + np_net_ssl_init_with_hostname(sd, (use_sni ? host_name : NULL)); + if (check_cert == TRUE) { +- result = np_net_ssl_check_cert(days_till_exp); ++ result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); + np_net_ssl_cleanup(); + if (sd) close(sd); + return result; +@@ -1424,6 +1437,13 @@ + printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); + printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); + printf (" %s\n", _("the certificate is expired.")); ++ ++ printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); ++ printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); ++ printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); ++ printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); ++ printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); ++ + #endif + + printf (UT_SUPPORT); +@@ -1441,6 +1461,6 @@ + printf (" [-b proxy_auth] [-f ]\n"); + printf (" [-e ] [-s string] [-l] [-r | -R ]\n"); + printf (" [-P string] [-m :] [-4|-6] [-N] [-M ]\n"); +- printf (" [-A string] [-k string] [-S] [--sni] [-C ] [-T ]\n"); +- printf (" [-j method]\n"); ++ printf (" [-A string] [-k string] [-S] [--sni] [-C [,]]\n"); ++ printf (" [-T ] [-j method]\n"); + } +diff -ru nagios-plugins-1.4.15/plugins/check_smtp.c nagios-plugins-1.4.15-modified/plugins/check_smtp.c +--- nagios-plugins-1.4.15/plugins/check_smtp.c 2010-07-27 20:47:16.000000000 +0000 ++++ nagios-plugins-1.4.15-modified/plugins/check_smtp.c 2012-01-11 04:19:41.000000000 +0000 +@@ -41,7 +41,7 @@ + + #ifdef HAVE_SSL + int check_cert = FALSE; +-int days_till_exp; ++int days_till_exp_warn, days_till_exp_crit; + # define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) + # define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) + #else /* ifndef HAVE_SSL */ +@@ -271,7 +271,7 @@ + + # ifdef USE_OPENSSL + if ( check_cert ) { +- result = np_net_ssl_check_cert(days_till_exp); ++ result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); + if(result != STATE_OK){ + printf ("%s\n", _("CRITICAL - Cannot retrieve server certificate.")); + } +@@ -453,6 +453,7 @@ + process_arguments (int argc, char **argv) + { + int c; ++ char* temp; + + int option = 0; + static struct option longopts[] = { +@@ -595,12 +596,26 @@ + case 'D': + /* Check SSL cert validity */ + #ifdef USE_OPENSSL +- if (!is_intnonneg (optarg)) +- usage2 ("Invalid certificate expiration period",optarg); +- days_till_exp = atoi (optarg); +- check_cert = TRUE; ++ if ((temp=strchr(optarg,','))!=NULL) { ++ *temp='\0'; ++ if (!is_intnonneg (temp)) ++ usage2 ("Invalid certificate expiration period", optarg); ++ days_till_exp_warn = atoi(optarg); ++ *temp=','; ++ temp++; ++ if (!is_intnonneg (temp)) ++ usage2 (_("Invalid certificate expiration period"), temp); ++ days_till_exp_crit = atoi (temp); ++ } ++ else { ++ days_till_exp_crit=0; ++ if (!is_intnonneg (optarg)) ++ usage2 ("Invalid certificate expiration period", optarg); ++ days_till_exp_warn = atoi (optarg); ++ } ++ check_cert = TRUE; + #else +- usage (_("SSL support not available - install OpenSSL and recompile")); ++ usage (_("SSL support not available - install OpenSSL and recompile")); + #endif + break; + case '4': +@@ -785,7 +800,7 @@ + printf (" %s\n", "-F, --fqdn=STRING"); + printf (" %s\n", _("FQDN used for HELO")); + #ifdef HAVE_SSL +- printf (" %s\n", "-D, --certificate=INTEGER"); ++ printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); + printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); + printf (" %s\n", "-S, --starttls"); + printf (" %s\n", _("Use STARTTLS for the connection.")); +@@ -819,8 +834,8 @@ + print_usage (void) + { + printf ("%s\n", _("Usage:")); +- printf ("%s -H host [-p port] [-e expect] [-C command] [-f from addr]", progname); +- printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout]\n"); +- printf ("[-F fqdn] [-S] [-D days] [-v] [-4|-6]\n"); ++ printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-f from addr]\n", progname); ++ printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-v]\n"); ++ printf ("[-F fqdn] [-S] [-D []\n"); + } + +diff -ru nagios-plugins-1.4.15/plugins/check_tcp.c nagios-plugins-1.4.15-modified/plugins/check_tcp.c +--- nagios-plugins-1.4.15/plugins/check_tcp.c 2010-07-27 20:47:16.000000000 +0000 ++++ nagios-plugins-1.4.15-modified/plugins/check_tcp.c 2012-01-11 04:20:15.000000000 +0000 +@@ -39,7 +39,7 @@ + + #ifdef HAVE_SSL + static int check_cert = FALSE; +-static int days_till_exp; ++static int days_till_exp_warn, days_till_exp_crit; + # define my_recv(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) + # define my_send(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) + #else +@@ -235,8 +235,8 @@ + if (flags & FLAG_SSL){ + result = np_net_ssl_init(sd); + if (result == STATE_OK && check_cert == TRUE) { +- result = np_net_ssl_check_cert(days_till_exp); +- if(result != STATE_OK) { ++ result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); ++ if (result != STATE_OK) { + printf(_("CRITICAL - Cannot retrieve server certificate.\n")); + } + } +@@ -383,6 +383,7 @@ + { + int c; + int escape = 0; ++ char *temp; + + int option = 0; + static struct option longopts[] = { +@@ -555,9 +556,22 @@ + case 'D': /* Check SSL cert validity - days 'til certificate expiration */ + #ifdef HAVE_SSL + # ifdef USE_OPENSSL /* XXX */ +- if (!is_intnonneg (optarg)) ++ if ((temp=strchr(optarg,','))!=NULL) { ++ *temp='\0'; ++ if (!is_intnonneg (temp)) ++ usage2 (_("Invalid certificate expiration period"), optarg); days_till_exp_warn = atoi(optarg); ++ *temp=','; ++ temp++; ++ if (!is_intnonneg (temp)) ++ usage2 (_("Invalid certificate expiration period"), temp); ++ days_till_exp_crit = atoi (temp); ++ } ++ else { ++ days_till_exp_crit=0; ++ if (!is_intnonneg (optarg)) + usage2 (_("Invalid certificate expiration period"), optarg); +- days_till_exp = atoi (optarg); ++ days_till_exp_warn = atoi (optarg); ++ } + check_cert = TRUE; + flags |= FLAG_SSL; + break; +@@ -629,8 +643,9 @@ + printf (" %s\n", _("Seconds to wait between sending string and polling for response")); + + #ifdef HAVE_SSL +- printf (" %s\n", "-D, --certificate=INTEGER"); ++ printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); + printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); ++ printf (" %s\n", _("1st is #days for warning, 2nd is critical (if not specified - 0).")); + printf (" %s\n", "-S, --ssl"); + printf (" %s\n", _("Use SSL for the connection.")); + #endif +@@ -652,6 +667,6 @@ + printf ("%s -H host -p port [-w ] [-c ] [-s ]\n",progname); + printf ("[-e ] [-q ][-m ] [-d ]\n"); + printf ("[-t ] [-r ] [-M ] [-v] [-4|-6] [-j]\n"); +- printf ("[-D ] [-S ] [-E]\n"); ++ printf ("[-D [,]] [-S ] [-E]\n"); + } + +Only in nagios-plugins-1.4.15-modified/plugins: .deps +Only in nagios-plugins-1.4.15-modified/plugins: Makefile +diff -ru nagios-plugins-1.4.15/plugins/netutils.h nagios-plugins-1.4.15-modified/plugins/netutils.h +--- nagios-plugins-1.4.15/plugins/netutils.h 2010-07-27 20:47:16.000000000 +0000 ++++ nagios-plugins-1.4.15-modified/plugins/netutils.h 2012-01-11 03:52:18.000000000 +0000 +@@ -103,7 +103,7 @@ + void np_net_ssl_cleanup(); + int np_net_ssl_write(const void *buf, int num); + int np_net_ssl_read(void *buf, int num); +-int np_net_ssl_check_cert(int days_till_exp); ++int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit); + #endif /* HAVE_SSL */ + + #endif /* _NETUTILS_H_ */ +diff -ru nagios-plugins-1.4.15/plugins/sslutils.c nagios-plugins-1.4.15-modified/plugins/sslutils.c +--- nagios-plugins-1.4.15/plugins/sslutils.c 2010-07-27 20:47:16.000000000 +0000 ++++ nagios-plugins-1.4.15-modified/plugins/sslutils.c 2012-01-11 03:51:39.000000000 +0000 +@@ -94,7 +94,7 @@ + return SSL_read(s, buf, num); + } + +-int np_net_ssl_check_cert(int days_till_exp){ ++int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ + # ifdef USE_OPENSSL + X509 *certificate=NULL; + ASN1_STRING *tm; +@@ -154,15 +154,21 @@ + stamp.tm_mon + 1, + stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); + +- if (days_left > 0 && days_left <= days_till_exp) { +- printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp); +- return STATE_WARNING; ++ if (days_left > 0 && days_left <= days_till_exp_warn) { ++ printf (_("%s - Certificate expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"CRITICAL":"WARNING", days_left, timestamp); ++ if (days_left > days_till_exp_crit) ++ return STATE_WARNING; ++ else ++ return STATE_CRITICAL; + } else if (time_left < 0) { + printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp); + return STATE_CRITICAL; + } else if (days_left == 0) { +- printf (_("WARNING - Certificate expires today (%s).\n"), timestamp); +- return STATE_WARNING; ++ printf (_("%s - Certificate expires today (%s).\n"), (days_left>days_till_exp_crit)?"CRITICAL":"WARNING", timestamp); ++ if (days_left > days_till_exp_crit) ++ return STATE_WARNING; ++ else ++ return STATE_CRITICAL; + } + + printf (_("OK - Certificate will expire on %s.\n"), timestamp); -- cgit v1.2.3-74-g34f1