![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/check_http.c b/plugins/check_http.c
index c1016bb0d5447675ad39c948cef9c3b075612e01..27127d6af63e8bafd7097a9b146a39251555aa1b 100644 (file)
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
-/****************************************************************************
- *
- * Program: HTTP plugin for Nagios
- * License: GPL
- *
- * License Information:
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- *
- * $Id$
- *
- *****************************************************************************/
+/******************************************************************************
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+******************************************************************************/
const char *progname = "check_http";
const char *revision = "$Revision$";
HTTPS_PORT = 443
};
-void
-print_usage (void)
-{
- printf (_("\
-Usage: %s (-H <vhost> | -I <IP-address>) [-u <uri>] [-p <port>]\n\
- [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L]\n\
- [-a auth] [-f <ok | warn | critcal | follow>] [-e <expect>]\n\
- [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n\
- [-P string] [-m min_pg_size] [-4|-6]\n"), progname);
- printf (_(UT_HLP_VRS), progname, progname);
-}
-
-void
-print_help (void)
-{
- print_revision (progname, revision);
-
- printf (_(COPYRIGHT), copyright, email);
-
- printf (_("\
-This plugin tests the HTTP service on the specified host. It can test\n\
-normal (http) and secure (https) servers, follow redirects, search for\n\
-strings and regular expressions, check connection times, and report on\n\
-certificate expiration times.\n"));
-
- print_usage ();
-
- printf (_("NOTE: One or both of -H and -I must be specified\n"));
-
- printf (_(UT_HELP_VRSN));
-
- printf (_("\
- -H, --hostname=ADDRESS\n\
- Host name argument for servers using host headers (virtual host)\n\
- -I, --IP-address=ADDRESS\n\
- IP address or name (use numeric address if possible to bypass DNS lookup).\n\
- -p, --port=INTEGER\n\
- Port number (default: %d)\n"), HTTP_PORT);
-
- printf (_(UT_IPv46));
-
-#ifdef HAVE_SSL
- printf (_("\
- -S, --ssl\n\
- Connect via SSL\n\
- -C, --certificate=INTEGER\n\
- Minimum number of days a certificate has to be valid.\n\
- (when this option is used the url is not checked.)\n"));
-#endif
-
- printf (_("\
- -e, --expect=STRING\n\
- String to expect in first (status) line of server response (default: %s)\n\
- If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)\n\
- -s, --string=STRING\n\
- String to expect in the content\n\
- -u, --url=PATH\n\
- URL to GET or POST (default: /)\n\
- -P, --post=STRING\n\
- URL encoded http POST data\n"), HTTP_EXPECT);
-
-#ifdef HAVE_REGEX_H
- printf (_("\
- -l, --linespan\n\
- Allow regex to span newlines (must precede -r or -R)\n\
- -r, --regex, --ereg=STRING\n\
- Search page for regex STRING\n\
- -R, --eregi=STRING\n\
- Search page for case-insensitive regex STRING\n"));
-#endif
-
- printf (_("\
- -a, --authorization=AUTH_PAIR\n\
- Username:password on sites with basic authentication\n\
- -L, --link=URL\n\
- Wrap output in HTML link (obsoleted by urlize)\n\
- -f, --onredirect=<ok|warning|critical|follow>\n\
- How to handle redirected pages\n\
- -m, --min=INTEGER\n\
- Minimum page size required (bytes)\n"));
-
- printf (_(UT_WARN_CRIT));
-
- printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT);
-
- printf (_(UT_VERBOSE));
-
- printf (_("\
-This plugin will attempt to open an HTTP connection with the host. Successful\n\
-connects return STATE_OK, refusals and timeouts return STATE_CRITICAL, other\n\
-errors return STATE_UNKNOWN. Successful connects, but incorrect reponse\n\
-messages from the host result in STATE_WARNING return values. If you are\n\
-checking a virtual server that uses 'host headers' you must supply the FQDN\n\
-(fully qualified domain name) as the [host_name] argument.\n"));
-
-#ifdef HAVE_SSL
- printf (_("\n\
-This plugin can also check whether an SSL enabled web server is able to\n\
-serve content (optionally within a specified time) or whether the X509 \n\
-certificate is still valid for the specified number of days.\n"));
- printf (_("\n\
-CHECK CONTENT: check_http -w 5 -c 10 --ssl www.verisign.com\n\n\
-When the 'www.verisign.com' server returns its content within 5 seconds, a\n\
-STATE_OK will be returned. When the server returns its content but exceeds\n\
-the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,\n\
-a STATE_CRITICAL will be returned.\n\n"));
-
- printf (_("\
-CHECK CERTIFICATE: check_http www.verisign.com -C 14\n\n\
-When the certificate of 'www.verisign.com' is valid for more than 14 days, a\n\
-STATE_OK is returned. When the certificate is still valid, but for less than\n\
-14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when\n\
-the certificate is expired.\n"));
-#endif
-
- printf (_(UT_SUPPORT));
-
-}
-
#ifdef HAVE_SSL_H
#include <rsa.h>
#include <crypto.h>
#include <ssl.h>
#include <err.h>
#include <rand.h>
-#endif
-
-#ifdef HAVE_OPENSSL_SSL_H
-#include <openssl/rsa.h>
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/rand.h>
+#else
+# ifdef HAVE_OPENSSL_SSL_H
+# include <openssl/rsa.h>
+# include <openssl/crypto.h>
+# include <openssl/x509.h>
+# include <openssl/pem.h>
+# include <openssl/ssl.h>
+# include <openssl/err.h>
+# include <openssl/rand.h>
+# endif
#endif
#ifdef HAVE_SSL
int check_cert = FALSE;
int days_till_exp;
-char *randbuff = "";
+char *randbuff;
SSL_CTX *ctx;
SSL *ssl;
X509 *server_cert;
#define server_port_check(use_ssl) (use_ssl ? HTTPS_PORT : HTTP_PORT)
-/* per RFC 2396 */
-
-#define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: "
-#define URI_HTTP "%[HTPShtps]://"
-#define URI_HOST "%[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
-#define URI_PORT ":%[0123456789]"
-#define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
-
#define HTTP_URL "/"
#define CRLF "\r\n"
int server_port = HTTP_PORT;
char server_port_text[6] = "";
char server_type[6] = "http";
-char *server_address = "";
-char *host_name = "";
-char *server_url = "";
+char *server_address;
+char *host_name;
+char *server_url;
int server_url_length;
int server_expect_yn = 0;
char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
int verbose = FALSE;
int sd;
int min_page_len = 0;
-char *http_method = "GET";
-char *http_post_data = "";
+char *http_method;
+char *http_post_data;
char buffer[MAX_INPUT_BUFFER];
int process_arguments (int, char **);
-static char *base64 (char *bin, int len);
+static char *base64 (char *bin, size_t len);
int check_http (void);
int my_recv (void);
int my_close (void);
+void print_help (void);
+void print_usage (void);
int
main (int argc, char **argv)
int result = STATE_UNKNOWN;
/* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */
- asprintf (&server_url, "%s", HTTP_URL);
+ server_url = strdup(HTTP_URL);
server_url_length = strlen(server_url);
if (process_arguments (argc, argv) == ERROR)
#ifdef HAVE_SSL
if (use_ssl && check_cert == TRUE) {
if (connect_SSL () != OK)
- terminate (STATE_CRITICAL,
- _("HTTP CRITICAL - Could not make SSL connection\n"));
+ die (STATE_CRITICAL, _("HTTP CRITICAL - Could not make SSL connection\n"));
if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) {
result = check_certificate (&server_cert);
X509_free (server_cert);
{
int c = 1;
- int option_index = 0;
- static struct option long_options[] = {
+ int option = 0;
+ static struct option longopts[] = {
STD_LONG_OPTS,
{"file",required_argument,0,'F'},
{"link", no_argument, 0, 'L'},
}
while (1) {
- c = getopt_long (argc, argv, "Vvh46t:c:w:H:P:I:a:e:p:s:R:r:u:f:C:nlLSm:", long_options, &option_index);
+ c = getopt_long (argc, argv, "Vvh46t:c:w:H:P:I:a:e:p:s:R:r:u:f:C:nlLSm:", longopts, &option);
if (c == -1 || c == EOF)
break;
case 't': /* timeout period */
if (!is_intnonneg (optarg))
usage2 (_("timeout interval must be a non-negative integer"), optarg);
- socket_timeout = atoi (optarg);
+ else
+ socket_timeout = atoi (optarg);
break;
case 'c': /* critical time threshold */
if (!is_intnonneg (optarg))
usage2 (_("invalid critical threshold"), optarg);
- critical_time = strtod (optarg, NULL);
- check_critical_time = TRUE;
+ else {
+ critical_time = strtod (optarg, NULL);
+ check_critical_time = TRUE;
+ }
break;
case 'w': /* warning time threshold */
if (!is_intnonneg (optarg))
usage2 (_("invalid warning threshold"), optarg);
- warning_time = strtod (optarg, NULL);
- check_warning_time = TRUE;
+ else {
+ warning_time = strtod (optarg, NULL);
+ check_warning_time = TRUE;
+ }
break;
case 'L': /* show html link */
display_html = TRUE;
#ifdef HAVE_SSL
if (!is_intnonneg (optarg))
usage2 (_("invalid certificate expiration period"), optarg);
- days_till_exp = atoi (optarg);
- check_cert = TRUE;
+ else {
+ days_till_exp = atoi (optarg);
+ check_cert = TRUE;
+ }
#else
usage (_("check_http: invalid option - SSL is not available\n"));
#endif
break;
/* Note: H, I, and u must be malloc'd or will fail on redirects */
case 'H': /* Host Name (virtual host) */
- asprintf (&host_name, "%s", optarg);
+ host_name = optarg;
break;
case 'I': /* Server IP-address */
- asprintf (&server_address, "%s", optarg);
+ server_address = optarg;
break;
- case 'u': /* Host or server */
+ case 'u': /* URL path */
asprintf (&server_url, "%s", optarg);
server_url_length = strlen (server_url);
break;
- case 'p': /* Host or server */
+ case 'p': /* Server port */
if (!is_intnonneg (optarg))
usage2 (_("invalid port number"), optarg);
- server_port = atoi (optarg);
- specify_port = TRUE;
+ else {
+ server_port = atoi (optarg);
+ specify_port = TRUE;
+ }
break;
case 'a': /* authorization info */
strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1);
user_auth[MAX_INPUT_BUFFER - 1] = 0;
break;
case 'P': /* HTTP POST data in URL encoded format */
- asprintf (&http_method, "%s", "POST");
- asprintf (&http_post_data, "%s", optarg);
+ if (http_method || http_post_data) break;
+ http_method = strdup("POST");
+ http_post_data = optarg;
break;
case 's': /* string or substring */
strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1);
c = optind;
- if (strcmp (server_address, "") == 0 && c < argc)
- asprintf (&server_address, "%s", argv[c++]);
+ if (server_address == NULL && c < argc)
+ server_address = strdup (argv[c++]);
- if (strcmp (host_name, "") == 0 && c < argc)
+ if (host_name == NULL && c < argc)
asprintf (&host_name, "%s", argv[c++]);
- if (strcmp (server_address ,"") == 0) {
- if (strcmp (host_name, "") == 0)
+ if (server_address == NULL) {
+ if (host_name == NULL)
usage (_("check_http: you must specify a server address or host name\n"));
else
- asprintf (&server_address, "%s", host_name);
+ server_address = strdup (host_name);
}
if (check_critical_time && critical_time>(double)socket_timeout)
socket_timeout = (int)critical_time + 1;
+ if (http_method == NULL)
+ http_method = strdup ("GET");
+
return TRUE;
}
\f
/* written by lauri alanko */
static char *
-base64 (char *bin, int len)
+base64 (char *bin, size_t len)
{
char *buf = (char *) malloc ((len + 2) / 3 * 4 + 1);
- int i = 0, j = 0;
+ size_t i = 0, j = 0;
char BASE64_END = '=';
- char base64_table[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+ char base64_table[64];
+ strncpy (base64_table, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", 64);
while (j < len - 2) {
buf[i++] = base64_table[bin[j] >> 2];
\f
+/* per RFC 2396 */
+#define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: "
+#define URI_HTTP "%[HTPShtps]://"
+#define URI_HOST "%[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+#define URI_PORT ":%[0123456789]"
+#define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+#define HD1 HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH
+#define HD2 HDR_LOCATION URI_HTTP URI_HOST URI_PATH
+#define HD3 HDR_LOCATION URI_HTTP URI_HOST URI_PORT
+#define HD4 HDR_LOCATION URI_HTTP URI_HOST
+#define HD5 HDR_LOCATION URI_PATH
+
int
check_http (void)
{
- char *msg = NULL;
- char *status_line = "";
- char *header = NULL;
- char *page = "";
- char *auth = NULL;
+ char *msg;
+ char *status_line;
+ char *header;
+ char *page;
+ char *auth;
int i = 0;
size_t pagesize = 0;
- char *full_page = "";
- char *buf = NULL;
- char *pos = "";
- char *x = NULL;
- char *orig_url = NULL;
+ char *full_page;
+ char *buf;
+ char *pos;
+ char *x;
+ char *orig_url;
+ long microsec;
double elapsed_time;
int page_len = 0;
#ifdef HAVE_SSL
if (use_ssl == TRUE) {
if (connect_SSL () != OK) {
- terminate (STATE_CRITICAL, _("Unable to open TCP socket"));
+ die (STATE_CRITICAL, _("Unable to open TCP socket"));
}
if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) {
else {
#endif
if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
- terminate (STATE_CRITICAL, _("Unable to open TCP socket"));
+ die (STATE_CRITICAL, _("Unable to open TCP socket"));
#ifdef HAVE_SSL
}
#endif
asprintf (&buf, "%s %s HTTP/1.0\r\n", http_method, server_url);
/* optionally send the host header info (not clear if it's usable) */
- if (strcmp (host_name, ""))
+ if (host_name)
asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
/* send user agent */
buf, clean_revstring (revision), VERSION);
/* optionally send the authentication info */
- if (strcmp (user_auth, "")) {
+ if (strlen(user_auth)) {
auth = base64 (user_auth, strlen (user_auth));
asprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
}
/* either send http POST data */
- if (strlen (http_post_data)) {
+ if (http_post_data) {
asprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf);
asprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, strlen (http_post_data));
asprintf (&buf, "%s%s%s", buf, http_post_data, CRLF);
#ifdef HAVE_SSL
if (use_ssl == TRUE) {
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
+ if (SSL_write (ssl, buf, (int)strlen(buf)) == -1) {
ERR_print_errors_fp (stderr);
return STATE_CRITICAL;
}
#endif
/* fetch the page */
+ full_page = strdup("");
while ((i = my_recv ()) > 0) {
buffer[i] = '\0';
asprintf (&full_page, "%s%s", full_page, buffer);
if (use_ssl) {
sslerr=SSL_get_error(ssl, i);
if ( sslerr == SSL_ERROR_SSL ) {
- terminate (STATE_WARNING, _("Client Certificate Required\n"));
+ die (STATE_WARNING, _("Client Certificate Required\n"));
} else {
- terminate (STATE_CRITICAL, _("Error in recv()"));
+ die (STATE_CRITICAL, _("Error in recv()"));
}
}
else {
#endif
- terminate (STATE_CRITICAL, _("Error in recv()"));
+ die (STATE_CRITICAL, _("Error in recv()"));
#ifdef HAVE_SSL
}
#endif
/* return a CRITICAL status if we couldn't read any data */
if (pagesize == (size_t) 0)
- terminate (STATE_CRITICAL, _("No data received %s"), timestamp);
+ die (STATE_CRITICAL, _("No data received %s"), timestamp);
/* close the connection */
my_close ();
if (verbose)
printf ("STATUS: %s\n", status_line);
- /* find header info and null terminate it */
+ /* find header info and null-terminate it */
header = page;
while (strcspn (page, "\r\n") > 0) {
page += (size_t) strcspn (page, "\r\n");
asprintf (&msg,
_("Invalid HTTP response received from host on port %d\n"),
server_port);
- terminate (STATE_CRITICAL, msg);
+ die (STATE_CRITICAL, "%s", msg);
}
strstr (status_line, "501") ||
strstr (status_line, "502") ||
strstr (status_line, "503")) {
- terminate (STATE_CRITICAL, _("HTTP CRITICAL: %s\n"), status_line);
+ die (STATE_CRITICAL, _("HTTP CRITICAL: %s\n"), status_line);
}
/* client errors result in a warning state */
strstr (status_line, "402") ||
strstr (status_line, "403") ||
strstr (status_line, "404")) {
- terminate (STATE_WARNING, _("HTTP WARNING: %s\n"), status_line);
+ die (STATE_WARNING, _("HTTP WARNING: %s\n"), status_line);
}
/* check redirected page if specified */
while (pos) {
server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH + 1);
if (server_address == NULL)
- terminate (STATE_UNKNOWN,
- _("HTTP UNKNOWN: could not allocate server_address"));
+ die (STATE_UNKNOWN,_("ERROR: could not allocate server_address"));
if (strcspn (pos, "\r\n") > (size_t)server_url_length) {
server_url = realloc (server_url, strcspn (pos, "\r\n"));
if (server_url == NULL)
- terminate (STATE_UNKNOWN,
- _("HTTP UNKNOWN: could not allocate server_url"));
+ die (STATE_UNKNOWN, _("ERROR: could not allocate server_url"));
server_url_length = strcspn (pos, "\r\n");
}
- if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) {
- asprintf (&host_name, "%s", server_address);
+ /* HDR_LOCATION, URI_HTTP, URI_HOST, URI_PORT, URI_PATH */
+ if (sscanf (pos, HD1, server_type, server_address, server_port_text, server_url) == 4) {
+ if (host_name != NULL) free(host_name);
+ host_name = strdup(server_address);
use_ssl = server_type_check (server_type);
server_port = atoi (server_port_text);
check_http ();
}
- else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) {
- asprintf (&host_name, "%s", server_address);
+ /* HDR_LOCATION URI_HTTP URI_HOST URI_PATH */
+ else if (sscanf (pos, HD2, server_type, server_address, server_url) == 3 ) {
+ if (host_name != NULL) free(host_name);
+ host_name = strdup(server_address);
use_ssl = server_type_check (server_type);
server_port = server_port_check (use_ssl);
check_http ();
}
- else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) {
- asprintf (&host_name, "%s", server_address);
+ /* HDR_LOCATION URI_HTTP URI_HOST URI_PORT */
+ else if(sscanf (pos, HD3, server_type, server_address, server_port_text) == 3) {
+ if (host_name != NULL) free(host_name);
+ host_name = strdup(server_address);
strcpy (server_url, "/");
use_ssl = server_type_check (server_type);
server_port = atoi (server_port_text);
check_http ();
}
- else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) {
- asprintf (&host_name, "%s", server_address);
+ /* HDR_LOCATION URI_HTTP URI_HOST */
+ else if(sscanf (pos, HD4, server_type, server_address) == 2) {
+ if (host_name != NULL) free(host_name);
+ host_name = strdup(server_address);
strcpy (server_url, "/");
use_ssl = server_type_check (server_type);
server_port = server_port_check (use_ssl);
check_http ();
}
- else if (sscanf (pos, HDR_LOCATION URI_PATH, server_url) == 1) {
+ /* HDR_LOCATION URI_PATH */
+ else if (sscanf (pos, HD5, server_url) == 1) {
if ((server_url[0] != '/') && (x = strrchr(orig_url, '/'))) {
*x = '\0';
asprintf (&server_url, "%s/%s", orig_url, server_url);
printf (_("WARNING"));
else if (onredirect == STATE_CRITICAL)
printf (_("CRITICAL"));
- elapsed_time = delta_time (tv);
- asprintf (&msg, _(" - %s - %.3f second response time %s%s|time=%.3f\n"),
+ microsec = deltime (tv);
+ elapsed_time = (double)microsec / 1.0e6;
+ asprintf (&msg, _(" - %s - %.3f second response time %s%s|time=%ldus size=%dB\n"),
status_line, elapsed_time, timestamp,
- (display_html ? "</A>" : ""), elapsed_time);
- terminate (onredirect, msg);
+ (display_html ? "</A>" : ""), microsec, pagesize);
+ die (onredirect, "%s", msg);
} /* end if (strstr (status_line, "30[0-4]") */
/* check elapsed time */
- elapsed_time = delta_time (tv);
- asprintf (&msg, _("HTTP problem: %s - %.3f second response time %s%s|time=%.3f\n"),
+ microsec = deltime (tv);
+ elapsed_time = (double)microsec / 1.0e6;
+ asprintf (&msg, _("HTTP problem: %s - %.3f second response time %s%s|time=%ldus size=%dB\n"),
status_line, elapsed_time, timestamp,
- (display_html ? "</A>" : ""), elapsed_time);
+ (display_html ? "</A>" : ""), microsec, pagesize);
if (check_critical_time == TRUE && elapsed_time > critical_time)
- terminate (STATE_CRITICAL, msg);
+ die (STATE_CRITICAL, "%s", msg);
if (check_warning_time == TRUE && elapsed_time > warning_time)
- terminate (STATE_WARNING, msg);
+ die (STATE_WARNING, "%s", msg);
/* Page and Header content checks go here */
/* these checks should be last */
if (strlen (string_expect)) {
if (strstr (page, string_expect)) {
- printf (_("HTTP OK %s - %.3f second response time %s%s|time=%.3f\n"),
+ printf (_("HTTP OK %s - %.3f second response time %s%s|time=%ldus size=%dB\n"),
status_line, elapsed_time,
- timestamp, (display_html ? "</A>" : ""), elapsed_time);
+ timestamp, (display_html ? "</A>" : ""), microsec, pagesize);
exit (STATE_OK);
}
else {
- printf (_("CRITICAL - string not found%s|time=%.3f\n"),
- (display_html ? "</A>" : ""), elapsed_time);
+ printf (_("CRITICAL - string not found%s|time=%ldus\n size=%dB"),
+ (display_html ? "</A>" : ""), microsec, pagesize);
exit (STATE_CRITICAL);
}
}
if (strlen (regexp)) {
errcode = regexec (&preg, page, REGS, pmatch, 0);
if (errcode == 0) {
- printf (_("HTTP OK %s - %.3f second response time %s%s|time=%.3f\n"),
+ printf (_("HTTP OK %s - %.3f second response time %s%s|time=%ldus size=%dB\n"),
status_line, elapsed_time,
- timestamp, (display_html ? "</A>" : ""), elapsed_time);
+ timestamp, (display_html ? "</A>" : ""), microsec, pagesize);
exit (STATE_OK);
}
else {
if (errcode == REG_NOMATCH) {
- printf (_("CRITICAL - pattern not found%s|time=%.3f\n"),
- (display_html ? "</A>" : ""), elapsed_time);
+ printf (_("CRITICAL - pattern not found%s|time=%ldus size=%dB\n"),
+ (display_html ? "</A>" : ""), microsec, pagesize);
exit (STATE_CRITICAL);
}
else {
exit (STATE_WARNING);
}
/* We only get here if all tests have been passed */
- asprintf (&msg, _("HTTP OK %s - %.3f second response time %s%s|time=%.3f\n"),
- status_line, (float)elapsed_time,
- timestamp, (display_html ? "</A>" : ""), elapsed_time);
- terminate (STATE_OK, msg);
+ asprintf (&msg, _("HTTP OK %s - %.3f second response time %s%s|time=%ldus size=%dB\n"),
+ status_line, elapsed_time,
+ timestamp, (display_html ? "</A>" : ""), microsec, pagesize);
+ die (STATE_OK, "%s", msg);
return STATE_UNKNOWN;
}
SSL_METHOD *meth;
asprintf (&randbuff, "%s", "qwertyuiopasdfghjklqwertyuiopasdfghjkl");
- RAND_seed (randbuff, strlen (randbuff));
+ RAND_seed (randbuff, (int)strlen(randbuff));
if (verbose)
printf(_("SSL seeding: %s\n"), (RAND_status()==1 ? _("OK") : _("Failed")) );
}
#endif
}
+
+
+
+
+
+\f
+void
+print_help (void)
+{
+ print_revision (progname, revision);
+
+ printf (_("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n"));
+ printf (_(COPYRIGHT), copyright, email);
+
+ printf (_("\
+This plugin tests the HTTP service on the specified host. It can test\n\
+normal (http) and secure (https) servers, follow redirects, search for\n\
+strings and regular expressions, check connection times, and report on\n\
+certificate expiration times.\n"));
+
+ print_usage ();
+
+ printf (_("NOTE: One or both of -H and -I must be specified\n"));
+
+ printf (_(UT_HELP_VRSN));
+
+ printf (_("\
+ -H, --hostname=ADDRESS\n\
+ Host name argument for servers using host headers (virtual host)\n\
+ -I, --IP-address=ADDRESS\n\
+ IP address or name (use numeric address if possible to bypass DNS lookup).\n\
+ -p, --port=INTEGER\n\
+ Port number (default: %d)\n"), HTTP_PORT);
+
+ printf (_(UT_IPv46));
+
+#ifdef HAVE_SSL
+ printf (_("\
+ -S, --ssl\n\
+ Connect via SSL\n\
+ -C, --certificate=INTEGER\n\
+ Minimum number of days a certificate has to be valid.\n\
+ (when this option is used the url is not checked.)\n"));
+#endif
+
+ printf (_("\
+ -e, --expect=STRING\n\
+ String to expect in first (status) line of server response (default: %s)\n\
+ If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)\n\
+ -s, --string=STRING\n\
+ String to expect in the content\n\
+ -u, --url=PATH\n\
+ URL to GET or POST (default: /)\n\
+ -P, --post=STRING\n\
+ URL encoded http POST data\n"), HTTP_EXPECT);
+
+#ifdef HAVE_REGEX_H
+ printf (_("\
+ -l, --linespan\n\
+ Allow regex to span newlines (must precede -r or -R)\n\
+ -r, --regex, --ereg=STRING\n\
+ Search page for regex STRING\n\
+ -R, --eregi=STRING\n\
+ Search page for case-insensitive regex STRING\n"));
+#endif
+
+ printf (_("\
+ -a, --authorization=AUTH_PAIR\n\
+ Username:password on sites with basic authentication\n\
+ -L, --link=URL\n\
+ Wrap output in HTML link (obsoleted by urlize)\n\
+ -f, --onredirect=<ok|warning|critical|follow>\n\
+ How to handle redirected pages\n\
+ -m, --min=INTEGER\n\
+ Minimum page size required (bytes)\n"));
+
+ printf (_(UT_WARN_CRIT));
+
+ printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT);
+
+ printf (_(UT_VERBOSE));
+
+ printf (_("\
+This plugin will attempt to open an HTTP connection with the host. Successful\n\
+connects return STATE_OK, refusals and timeouts return STATE_CRITICAL, other\n\
+errors return STATE_UNKNOWN. Successful connects, but incorrect reponse\n\
+messages from the host result in STATE_WARNING return values. If you are\n\
+checking a virtual server that uses 'host headers' you must supply the FQDN\n\
+(fully qualified domain name) as the [host_name] argument.\n"));
+
+#ifdef HAVE_SSL
+ printf (_("\n\
+This plugin can also check whether an SSL enabled web server is able to\n\
+serve content (optionally within a specified time) or whether the X509 \n\
+certificate is still valid for the specified number of days.\n"));
+ printf (_("\n\
+CHECK CONTENT: check_http -w 5 -c 10 --ssl www.verisign.com\n\n\
+When the 'www.verisign.com' server returns its content within 5 seconds, a\n\
+STATE_OK will be returned. When the server returns its content but exceeds\n\
+the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,\n\
+a STATE_CRITICAL will be returned.\n\n"));
+
+ printf (_("\
+CHECK CERTIFICATE: check_http www.verisign.com -C 14\n\n\
+When the certificate of 'www.verisign.com' is valid for more than 14 days, a\n\
+STATE_OK is returned. When the certificate is still valid, but for less than\n\
+14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when\n\
+the certificate is expired.\n"));
+#endif
+
+ printf (_(UT_SUPPORT));
+
+}
+
+
+
+
+void
+print_usage (void)
+{
+ printf (_("\
+Usage: %s (-H <vhost> | -I <IP-address>) [-u <uri>] [-p <port>]\n\
+ [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L]\n\
+ [-a auth] [-f <ok | warn | critcal | follow>] [-e <expect>]\n\
+ [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n\
+ [-P string] [-m min_pg_size] [-4|-6]\n"), progname);
+ printf (_(UT_HLP_VRS), progname, progname);
+}