diff --git a/plugins/check_http.c b/plugins/check_http.c
index 0a4b12bb9a413ead9c58d0d74a3c7159cb0eac25..6370e32b823c3f050b65d0bde0e2038604461410 100644 (file)
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
int server_expect_yn = 0;
char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
char string_expect[MAX_INPUT_BUFFER] = "";
+char output_string_search[30] = "";
double warning_time = 0;
int check_warning_time = FALSE;
double critical_time = 0;
int onredirect = STATE_OK;
int followsticky = STICKY_NONE;
int use_ssl = FALSE;
+int use_sni = FALSE;
int verbose = FALSE;
int sd;
int min_page_len = 0;
char *p;
enum {
- INVERT_REGEX = CHAR_MAX + 1
+ INVERT_REGEX = CHAR_MAX + 1,
+ SNI_OPTION
};
int option = 0;
{"link", no_argument, 0, 'L'},
{"nohtml", no_argument, 0, 'n'},
{"ssl", no_argument, 0, 'S'},
+ {"sni", no_argument, 0, SNI_OPTION},
{"post", required_argument, 0, 'P'},
{"method", required_argument, 0, 'j'},
{"IP-address", required_argument, 0, 'I'},
if (specify_port == FALSE)
server_port = HTTPS_PORT;
break;
+ case SNI_OPTION:
+ use_sni = TRUE;
+ break;
case 'f': /* onredirect */
if (!strcmp (optarg, "stickyport"))
onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT;
/* Skip to the end of the header, including continuation lines. */
while (*s && !(*s == '\n' && (s[1] != ' ' && s[1] != '\t')))
s++;
- s++;
+
+ /* Avoid stepping over end-of-string marker */
+ if (*s)
+ s++;
/* Process this header. */
if (value && value > field+2) {
int i = 0;
size_t pagesize = 0;
char *full_page;
+ char *full_page_new;
char *buf;
char *pos;
long microsec;
die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
#ifdef HAVE_SSL
if (use_ssl == TRUE) {
- np_net_ssl_init_with_hostname(sd, host_name);
+ np_net_ssl_init_with_hostname(sd, (use_sni ? host_name : NULL));
if (check_cert == TRUE) {
result = np_net_ssl_check_cert(days_till_exp);
np_net_ssl_cleanup();
full_page = strdup("");
while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {
buffer[i] = '\0';
- asprintf (&full_page, "%s%s", full_page, buffer);
+ asprintf (&full_page_new, "%s%s", full_page, buffer);
+ free (full_page);
+ full_page = full_page_new;
pagesize += i;
if (no_body && document_headers_done (full_page)) {
if (strlen (string_expect)) {
if (!strstr (page, string_expect)) {
- asprintf (&msg, _("%sstring not found, "), msg);
+ strncpy(&output_string_search[0],string_expect,sizeof(output_string_search));
+ if(output_string_search[sizeof(output_string_search)-1]!='\0') {
+ bcopy("...",&output_string_search[sizeof(output_string_search)-4],4);
+ }
+ asprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
result = STATE_CRITICAL;
}
}
printf ("\n");
- printf (_(UT_HELP_VRSN));
- printf (_(UT_EXTRA_OPTS));
+ printf (UT_HELP_VRSN);
+ printf (UT_EXTRA_OPTS);
printf (" %s\n", "-H, --hostname=ADDRESS");
printf (" %s\n", _("Host name argument for servers using host headers (virtual host)"));
printf (" %s", _("Port number (default: "));
printf ("%d)\n", HTTP_PORT);
- printf (_(UT_IPv46));
+ printf (UT_IPv46);
#ifdef HAVE_SSL
printf (" %s\n", "-S, --ssl");
printf (" %s\n", _("Connect via SSL. Port defaults to 443"));
+ printf (" %s\n", "--sni");
+ printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
printf (" %s\n", "-C, --certificate=INTEGER");
printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443"));
printf (" %s\n", _("(when this option is used the URL is not checked.)\n"));
printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
printf (" %s\n", "-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>");
printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the"));
- printf (" %s\n", _("specified IP address. stickyport also ensure post stays the same."));
+ printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same."));
printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)"));
- printf (_(UT_WARN_CRIT));
+ printf (UT_WARN_CRIT);
- printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT);
+ printf (UT_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
- printf (_(UT_VERBOSE));
+ printf (UT_VERBOSE);
printf ("\n");
printf ("%s\n", _("Notes:"));
printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are"));
printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN"));
printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument."));
- printf ("\n");
- printf (_(UT_EXTRA_OPTS_NOTES));
#ifdef HAVE_SSL
printf ("\n");
printf (" %s\n", _("the certificate is expired."));
#endif
- printf (_(UT_SUPPORT));
+ printf (UT_SUPPORT);
}
void
print_usage (void)
{
- printf (_("Usage:"));
+ printf ("%s\n", _("Usage:"));
printf (" %s -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]\n",progname);
printf (" [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-a auth]\n");
printf (" [-b proxy_auth] [-f <ok|warning|critcal|follow|sticky|stickyport>]\n");
printf (" [-e <expect>] [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n");
printf (" [-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]\n");
- printf (" [-A string] [-k string] [-S] [-C <age>] [-T <content-type>] [-j method]\n");
+ printf (" [-A string] [-k string] [-S] [--sni] [-C <age>] [-T <content-type>]\n");
+ printf (" [-j method]\n");
}