1057fdc66889f052c22e8781a7ba9a390696d66c
1 /*****************************************************************************
2 *
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
16 *
17 *****************************************************************************/
19 /* progname changes depending on symlink called */
20 char *progname = "check_tcp";
21 const char *revision = "$Revision$";
22 const char *copyright = "2002-2003";
23 const char *authors = "Nagios Plugin Development Team";
24 const char *email = "nagiosplug-devel@lists.sourceforge.net";
26 const char *summary = "\
27 This plugin tests %s connections with the specified host.\n";
29 const char *option_summary = "\
30 -H host -p port [-w warn_time] [-c crit_time] [-s send]\n\
31 [-e expect] [-W wait] [-t to_sec] [-r refuse_state] [-v]\n";
33 const char *options = "\
34 -H, --hostname=ADDRESS\n\
35 Host name argument for servers using host headers (use numeric\n\
36 address if possible to bypass DNS lookup).\n\
37 -p, --port=INTEGER\n\
38 Port number\n\
39 -s, --send=STRING\n\
40 String to send to the server\n\
41 -e, --expect=STRING\n\
42 String to expect in server response\n\
43 -W, --wait=INTEGER\n\
44 Seconds to wait between sending string and polling for response\n\
45 -w, --warning=DOUBLE\n\
46 Response time to result in warning status (seconds)\n\
47 -c, --critical=DOUBLE\n\
48 Response time to result in critical status (seconds)\n\
49 -t, --timeout=INTEGER\n\
50 Seconds before connection times out (default: %d)\n\
51 -r, --refuse=ok|warn|crit\n\
52 Accept tcp refusals with states ok, warn, crit (default: crit)\n\
53 -v\n\
54 Show details for command-line debugging (do not use with nagios server)\n";
56 const char *standard_options = "\
57 -h, --help\n\
58 Print detailed help screen\n\
59 -V, --version\n\
60 Print version information\n\n";
62 #include "config.h"
63 #include "common.h"
64 #include "netutils.h"
65 #include "utils.h"
67 #ifdef HAVE_SSL_H
68 # include <rsa.h>
69 # include <crypto.h>
70 # include <x509.h>
71 # include <pem.h>
72 # include <ssl.h>
73 # include <err.h>
74 #else
75 # ifdef HAVE_OPENSSL_SSL_H
76 # include <openssl/rsa.h>
77 # include <openssl/crypto.h>
78 # include <openssl/x509.h>
79 # include <openssl/pem.h>
80 # include <openssl/ssl.h>
81 # include <openssl/err.h>
82 # endif
83 #endif
85 #ifdef HAVE_SSL
86 SSL_CTX *ctx;
87 SSL *ssl;
88 int connect_SSL (void);
89 #endif
91 enum {
92 TCP_PROTOCOL = 1,
93 UDP_PROTOCOL = 2,
94 MAXBUF = 1024
95 };
97 int process_arguments (int, char **);
98 void print_usage (void);
99 void print_help (void);
100 int my_recv (void);
102 char *SERVICE = NULL;
103 char *SEND = NULL;
104 char *EXPECT = NULL;
105 char *QUIT = NULL;
106 int PROTOCOL = 0;
107 int PORT = 0;
109 int server_port = 0;
110 char *server_address = NULL;
111 char *server_send = NULL;
112 char *server_quit = NULL;
113 char **server_expect = NULL;
114 int server_expect_count = 0;
115 char **warn_codes = NULL;
116 int warn_codes_count = 0;
117 char **crit_codes = NULL;
118 int crit_codes_count = 0;
119 int delay = 0;
120 double warning_time = 0;
121 int check_warning_time = FALSE;
122 double critical_time = 0;
123 int check_critical_time = FALSE;
124 double elapsed_time = 0;
125 int verbose = FALSE;
126 int use_ssl = FALSE;
127 int sd = 0;
128 char *buffer = "";
130 int
131 main (int argc, char **argv)
132 {
133 int result;
134 int i;
135 char *status = "";
136 struct timeval tv;
138 if (strstr (argv[0], "check_udp")) {
139 progname = strdup ("check_udp");
140 SERVICE = strdup ("UDP");
141 SEND = NULL;
142 EXPECT = NULL;
143 QUIT = NULL;
144 PROTOCOL = UDP_PROTOCOL;
145 PORT = 0;
146 }
147 else if (strstr (argv[0], "check_tcp")) {
148 progname = strdup ("check_tcp");
149 SERVICE = strdup ("TCP");
150 SEND = NULL;
151 EXPECT = NULL;
152 QUIT = NULL;
153 PROTOCOL = TCP_PROTOCOL;
154 PORT = 0;
155 }
156 else if (strstr (argv[0], "check_ftp")) {
157 progname = strdup ("check_ftp");
158 SERVICE = strdup ("FTP");
159 SEND = NULL;
160 EXPECT = strdup ("220");
161 QUIT = strdup ("QUIT\r\n");
162 PROTOCOL = TCP_PROTOCOL;
163 PORT = 21;
164 }
165 else if (strstr (argv[0], "check_smtp")) {
166 progname = strdup ("check_smtp");
167 SERVICE = strdup ("SMTP");
168 SEND = NULL;
169 EXPECT = strdup ("220");
170 QUIT = strdup ("QUIT\r\n");
171 PROTOCOL = TCP_PROTOCOL;
172 PORT = 25;
173 }
174 else if (strstr (argv[0], "check_pop")) {
175 progname = strdup ("check_pop");
176 SERVICE = strdup ("POP");
177 SEND = NULL;
178 EXPECT = strdup ("+OK");
179 QUIT = strdup ("QUIT\r\n");
180 PROTOCOL = TCP_PROTOCOL;
181 PORT = 110;
182 }
183 else if (strstr (argv[0], "check_imap")) {
184 progname = strdup ("check_imap");
185 SERVICE = strdup ("IMAP");
186 SEND = NULL;
187 EXPECT = strdup ("* OK");
188 QUIT = strdup ("a1 LOGOUT\r\n");
189 PROTOCOL = TCP_PROTOCOL;
190 PORT = 143;
191 }
192 #ifdef HAVE_SSL
193 else if (strstr(argv[0],"check_simap")) {
194 progname = strdup ("check_simap");
195 SERVICE = strdup ("SIMAP");
196 SEND=NULL;
197 EXPECT = strdup ("* OK");
198 QUIT = strdup ("a1 LOGOUT\r\n");
199 PROTOCOL=TCP_PROTOCOL;
200 use_ssl=TRUE;
201 PORT=993;
202 }
203 else if (strstr(argv[0],"check_spop")) {
204 progname = strdup ("check_spop");
205 SERVICE = strdup ("SPOP");
206 SEND=NULL;
207 EXPECT = strdup ("+OK");
208 QUIT = strdup ("QUIT\r\n");
209 PROTOCOL=TCP_PROTOCOL;
210 use_ssl=TRUE;
211 PORT=995;
212 }
213 #endif
214 else if (strstr (argv[0], "check_nntp")) {
215 progname = strdup ("check_nntp");
216 SERVICE = strdup ("NNTP");
217 SEND = NULL;
218 EXPECT = NULL;
219 server_expect = realloc (server_expect, ++server_expect_count);
220 asprintf (&server_expect[server_expect_count - 1], "200");
221 server_expect = realloc (server_expect, ++server_expect_count);
222 asprintf (&server_expect[server_expect_count - 1], "201");
223 asprintf (&QUIT, "QUIT\r\n");
224 PROTOCOL = TCP_PROTOCOL;
225 PORT = 119;
226 }
227 else {
228 usage ("ERROR: Generic check_tcp called with unknown service\n");
229 }
231 server_address = strdup ("127.0.0.1");
232 server_port = PORT;
233 server_send = SEND;
234 server_quit = QUIT;
236 if (process_arguments (argc, argv) == ERROR)
237 usage ("Could not parse arguments\n");
239 /* use default expect if none listed in process_arguments() */
240 if (EXPECT && server_expect_count == 0) {
241 server_expect = malloc (++server_expect_count);
242 server_expect[server_expect_count - 1] = EXPECT;
243 }
245 /* initialize alarm signal handling */
246 signal (SIGALRM, socket_timeout_alarm_handler);
248 /* set socket timeout */
249 alarm (socket_timeout);
251 /* try to connect to the host at the given port number */
252 gettimeofday (&tv, NULL);
253 #ifdef HAVE_SSL
254 if (use_ssl)
255 result = connect_SSL ();
256 else
257 #endif
258 {
259 if (PROTOCOL == UDP_PROTOCOL)
260 result = my_udp_connect (server_address, server_port, &sd);
261 else
262 /* default is TCP */
263 result = my_tcp_connect (server_address, server_port, &sd);
264 }
266 if (result == STATE_CRITICAL)
267 return STATE_CRITICAL;
269 if (server_send != NULL) { /* Something to send? */
270 asprintf (&server_send, "%s\r\n", server_send);
271 #ifdef HAVE_SSL
272 if (use_ssl)
273 SSL_write(ssl, server_send, strlen (server_send));
274 else
275 #endif
276 send (sd, server_send, strlen (server_send), 0);
277 }
279 if (delay > 0) {
280 tv.tv_sec += delay;
281 sleep (delay);
282 }
284 if (server_send || server_expect_count > 0) {
286 buffer = malloc (MAXBUF);
287 memset (buffer, '\0', MAXBUF);
288 /* watch for the expect string */
289 while ((i = my_recv ()) > 0) {
290 buffer[i] = '\0';
291 asprintf (&status, "%s%s", status, buffer);
292 if (buffer[i-2] == '\r' && buffer[i-1] == '\n')
293 break;
294 }
296 /* return a CRITICAL status if we couldn't read any data */
297 if (status == NULL)
298 terminate (STATE_CRITICAL, "No data received from host\n");
300 strip (status);
302 if (status && verbose)
303 printf ("%s\n", status);
305 if (server_expect_count > 0) {
306 for (i = 0;; i++) {
307 if (verbose)
308 printf ("%d %d\n", i, server_expect_count);
309 if (i >= server_expect_count)
310 terminate (STATE_WARNING, "Invalid response from host\n");
311 if (strstr (status, server_expect[i]))
312 break;
313 }
314 }
315 }
317 if (server_quit != NULL) {
318 #ifdef HAVE_SSL
319 if (use_ssl) {
320 SSL_write (ssl, server_quit, strlen (server_quit));
321 SSL_shutdown (ssl);
322 SSL_free (ssl);
323 SSL_CTX_free (ctx);
324 }
325 else {
326 #endif
327 send (sd, server_quit, strlen (server_quit), 0);
328 #ifdef HAVE_SSL
329 }
330 #endif
331 }
333 /* close the connection */
334 if (sd)
335 close (sd);
337 elapsed_time = delta_time (tv);
339 if (check_critical_time == TRUE && elapsed_time > critical_time)
340 result = STATE_CRITICAL;
341 else if (check_warning_time == TRUE && elapsed_time > warning_time)
342 result = STATE_WARNING;
344 /* reset the alarm */
345 alarm (0);
347 printf
348 ("%s %s%s - %.3f second response time on port %d",
349 SERVICE,
350 state_text (result),
351 (was_refused) ? " (refused)" : "",
352 elapsed_time, server_port);
354 if (status && strlen(status) > 0)
355 printf (" [%s]", status);
357 printf ("|time=%.3f\n", elapsed_time);
359 return result;
360 }
361 \f
365 /* process command-line arguments */
366 int
367 process_arguments (int argc, char **argv)
368 {
369 int c;
371 int option_index = 0;
372 static struct option long_options[] = {
373 {"hostname", required_argument, 0, 'H'},
374 {"critical-time", required_argument, 0, 'c'},
375 {"warning-time", required_argument, 0, 'w'},
376 {"critical-codes", required_argument, 0, 'C'},
377 {"warning-codes", required_argument, 0, 'W'},
378 {"timeout", required_argument, 0, 't'},
379 {"protocol", required_argument, 0, 'P'},
380 {"port", required_argument, 0, 'p'},
381 {"send", required_argument, 0, 's'},
382 {"expect", required_argument, 0, 'e'},
383 {"quit", required_argument, 0, 'q'},
384 {"delay", required_argument, 0, 'd'},
385 {"refuse", required_argument, 0, 'r'},
386 {"verbose", no_argument, 0, 'v'},
387 {"version", no_argument, 0, 'V'},
388 {"help", no_argument, 0, 'h'},
389 {0, 0, 0, 0}
390 };
392 if (argc < 2)
393 usage ("No arguments found\n");
395 /* backwards compatibility */
396 for (c = 1; c < argc; c++) {
397 if (strcmp ("-to", argv[c]) == 0)
398 strcpy (argv[c], "-t");
399 else if (strcmp ("-wt", argv[c]) == 0)
400 strcpy (argv[c], "-w");
401 else if (strcmp ("-ct", argv[c]) == 0)
402 strcpy (argv[c], "-c");
403 }
405 if (!is_option (argv[1])) {
406 server_address = argv[1];
407 argv[1] = argv[0];
408 argv = &argv[1];
409 argc--;
410 }
412 while (1) {
413 c = getopt_long (argc, argv, "+hVvH:s:e:q:c:w:t:p:C:W:d:Sr:", long_options,
414 &option_index);
416 if (c == -1 || c == EOF || c == 1)
417 break;
419 switch (c) {
420 case '?': /* print short usage statement if args not parsable */
421 printf ("%s: Unknown argument: %s\n\n", progname, optarg);
422 print_usage ();
423 exit (STATE_UNKNOWN);
424 case 'h': /* help */
425 print_help ();
426 exit (STATE_OK);
427 case 'V': /* version */
428 print_revision (progname, "$Revision$");
429 exit (STATE_OK);
430 case 'v': /* verbose mode */
431 verbose = TRUE;
432 break;
433 case 'H': /* hostname */
434 if (is_host (optarg) == FALSE)
435 usage2 ("invalid host name or address", optarg);
436 server_address = optarg;
437 break;
438 case 'c': /* critical */
439 if (!is_intnonneg (optarg))
440 usage ("Critical threshold must be a nonnegative integer\n");
441 critical_time = strtod (optarg, NULL);
442 check_critical_time = TRUE;
443 break;
444 case 'w': /* warning */
445 if (!is_intnonneg (optarg))
446 usage ("Warning threshold must be a nonnegative integer\n");
447 warning_time = strtod (optarg, NULL);
448 check_warning_time = TRUE;
449 break;
450 case 'C':
451 crit_codes = realloc (crit_codes, ++crit_codes_count);
452 crit_codes[crit_codes_count - 1] = optarg;
453 break;
454 case 'W':
455 warn_codes = realloc (warn_codes, ++warn_codes_count);
456 warn_codes[warn_codes_count - 1] = optarg;
457 break;
458 case 't': /* timeout */
459 if (!is_intpos (optarg))
460 usage ("Timeout interval must be a positive integer\n");
461 socket_timeout = atoi (optarg);
462 break;
463 case 'p': /* port */
464 if (!is_intpos (optarg))
465 usage ("Server port must be a positive integer\n");
466 server_port = atoi (optarg);
467 break;
468 case 's':
469 server_send = optarg;
470 break;
471 case 'e': /* expect string (may be repeated) */
472 EXPECT = NULL;
473 if (server_expect_count == 0)
474 server_expect = malloc (++server_expect_count);
475 else
476 server_expect = realloc (server_expect, ++server_expect_count);
477 server_expect[server_expect_count - 1] = optarg;
478 break;
479 case 'q':
480 server_quit = optarg;
481 break;
482 case 'r':
483 if (!strncmp(optarg,"ok",2))
484 econn_refuse_state = STATE_OK;
485 else if (!strncmp(optarg,"warn",4))
486 econn_refuse_state = STATE_WARNING;
487 else if (!strncmp(optarg,"crit",4))
488 econn_refuse_state = STATE_CRITICAL;
489 else
490 usage ("Refuse mut be one of ok, warn, crit\n");
491 break;
492 case 'd':
493 if (is_intpos (optarg))
494 delay = atoi (optarg);
495 else
496 usage ("Delay must be a positive integer\n");
497 break;
498 case 'S':
499 #ifndef HAVE_SSL
500 terminate (STATE_UNKNOWN,
501 "SSL support not available. Install OpenSSL and recompile.");
502 #endif
503 use_ssl = TRUE;
504 break;
505 }
506 }
508 if (server_address == NULL)
509 usage ("You must provide a server address\n");
511 return OK;
512 }
513 \f
517 void
518 print_help (void)
519 {
520 print_revision (progname, revision);
521 printf ("Copyright (c) %s %s\n\t<%s>\n\n", copyright, authors, email);
522 printf (summary, SERVICE);
523 print_usage ();
524 printf ("\nOptions:\n");
525 printf (options, DEFAULT_SOCKET_TIMEOUT);
526 printf (standard_options);
527 support ();
528 }
530 void
531 print_usage (void)
532 {
533 printf ("Usage: %s %s\n", progname, option_summary);
534 printf (" %s (-h|--help)\n", progname);
535 printf (" %s (-V|--version)\n", progname);
536 }
537 \f
541 #ifdef HAVE_SSL
542 int
543 connect_SSL (void)
544 {
545 SSL_METHOD *meth;
547 /* Initialize SSL context */
548 SSLeay_add_ssl_algorithms ();
549 meth = SSLv2_client_method ();
550 SSL_load_error_strings ();
551 if ((ctx = SSL_CTX_new (meth)) == NULL)
552 {
553 printf ("ERROR: Cannot create SSL context.\n");
554 return STATE_CRITICAL;
555 }
557 /* Initialize alarm signal handling */
558 signal (SIGALRM, socket_timeout_alarm_handler);
560 /* Set socket timeout */
561 alarm (socket_timeout);
563 /* Save start time */
564 time (&start_time);
566 /* Make TCP connection */
567 if (my_tcp_connect (server_address, server_port, &sd) == STATE_OK && was_refused == FALSE)
568 {
569 /* Do the SSL handshake */
570 if ((ssl = SSL_new (ctx)) != NULL)
571 {
572 SSL_set_fd (ssl, sd);
573 if (SSL_connect (ssl) != -1)
574 return OK;
575 ERR_print_errors_fp (stderr);
576 }
577 else
578 {
579 printf ("ERROR: Cannot initiate SSL handshake.\n");
580 }
581 SSL_free (ssl);
582 }
584 SSL_CTX_free (ctx);
585 close (sd);
587 return STATE_CRITICAL;
588 }
589 #endif
593 int
594 my_recv (void)
595 {
596 int i;
598 #ifdef HAVE_SSL
599 if (use_ssl) {
600 i = SSL_read (ssl, buffer, MAXBUF - 1);
601 }
602 else {
603 #endif
604 i = read (sd, buffer, MAXBUF - 1);
605 #ifdef HAVE_SSL
606 }
607 #endif
609 return i;
610 }