diff --git a/plugins/check_http.c b/plugins/check_http.c
index daddfc1993212ffa173c206fa92875c649df598a..cf86d469a91ff7c09c7d0eb6f27ab47dd2caa44e 100644 (file)
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
certificate expiration times.\n"
#define OPTIONS "\
-\(-H <vhost> | -I <IP-address>) [-u <uri>] [-p <port>]\n\
+(-H <vhost> | -I <IP-address>) [-u <uri>] [-p <port>]\n\
[-w <warn time>] [-c <critical time>] [-t <timeout>] [-L]\n\
[-a auth] [-f <ok | warn | critcal | follow>] [-e <expect>]\n\
[-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n\
- [-P string]"
+ [-P string] [-m min_pg_size]"
#define LONGOPTIONS "\
-H, --hostname=ADDRESS\n\
Wrap output in HTML link (obsoleted by urlize)\n\
-f, --onredirect=<ok|warning|critical|follow>\n\
How to handle redirected pages\n%s%s\
+-m, --min=INTEGER\n\
+ Minimum page size required (bytes)\n\
-v, --verbose\n\
Show details for command-line debugging (do not use with nagios server)\n\
-h, --help\n\
#ifdef HAVE_SSL
int check_cert = FALSE;
int days_till_exp;
-unsigned char *randbuff;
+char *randbuff = "";
SSL_CTX *ctx;
SSL *ssl;
X509 *server_cert;
#endif
#ifdef HAVE_REGEX_H
-#define REGS 2
-#define MAX_RE_SIZE 256
+enum {
+ REGS = 2,
+ MAX_RE_SIZE = 256
+};
#include <regex.h>
regex_t preg;
regmatch_t pmatch[REGS];
#define server_port_check(use_ssl) (use_ssl ? HTTPS_PORT : HTTP_PORT)
-#define MAX_IPV4_HOSTLENGTH 64
#define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: "
#define URI_HTTP "%[HTPShtps]://"
#define URI_HOST "%[a-zA-Z0-9.-]"
#define URI_PORT ":%[0-9]"
#define URI_PATH "%[/a-zA-Z0-9._-=@,]"
-#define HTTP_PORT 80
-#define HTTPS_PORT 443
+enum {
+ MAX_IPV4_HOSTLENGTH = 64,
+ HTTP_PORT = 80,
+ HTTPS_PORT = 443
+};
+
#define HTTP_EXPECT "HTTP/1."
#define HTTP_URL "/"
#define CRLF "\r\n"
char server_type[6] = "http";
char *server_address = "";
char *host_name = "";
-char *server_url = HTTP_URL;
-int server_url_length = 1;
+char *server_url = "";
+int server_url_length;
int server_expect_yn = 0;
char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
char string_expect[MAX_INPUT_BUFFER] = "";
int use_ssl = FALSE;
int verbose = FALSE;
int sd;
+int min_page_len = 0;
char *http_method = "GET";
char *http_post_data = "";
char buffer[MAX_INPUT_BUFFER];
{
int result = STATE_UNKNOWN;
+ /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */
+ asprintf (&server_url, "%s", HTTP_URL);
+ server_url_length = strlen(server_url);
+
if (process_arguments (argc, argv) == ERROR)
usage ("check_http: could not parse arguments\n");
{"linespan", no_argument, 0, 'l'},
{"onredirect", required_argument, 0, 'f'},
{"certificate", required_argument, 0, 'C'},
+ {"min", required_argument, 0, 'm'},
{0, 0, 0, 0}
};
#endif
strcpy (argv[c], "-n");
}
-#define OPTCHARS "Vvht:c:w:H:P:I:a:e:p:s:R:r:u:f:C:nlLS"
+#define OPTCHARS "Vvht:c:w:H:P:I:a:e:p:s:R:r:u:f:C:nlLSm:"
while (1) {
#ifdef HAVE_GETOPT_H
case 'v': /* verbose */
verbose = TRUE;
break;
+ case 'm': /* min_page_length */
+ min_page_len = atoi (optarg);
+ break;
}
}
char *x = NULL;
char *orig_url = NULL;
double elapsed_time;
+ int page_len = 0;
#ifdef HAVE_SSL
int sslerr;
#endif
#ifdef HAVE_SSL
if (use_ssl == TRUE) {
- if (connect_SSL () != OK)
+ if (connect_SSL () != OK) {
terminate (STATE_CRITICAL, "Unable to open TCP socket");
+ }
if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) {
X509_free (server_cert);
return STATE_CRITICAL;
}
- asprintf (&buf, "%s %s HTTP/1.0\r\n", http_method, server_url);
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
-
- /* optionally send the host header info (not clear if it's usable) */
- if (strcmp (host_name, "")) {
- asprintf (&buf, "Host: %s\r\n", host_name);
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
- }
-
- /* send user agent */
- asprintf (&buf, "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
- clean_revstring (REVISION), PACKAGE_VERSION);
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
-
- /* optionally send the authentication info */
- if (strcmp (user_auth, "")) {
- auth = base64 (user_auth, strlen (user_auth));
- asprintf (&buf, "Authorization: Basic %s\r\n", auth);
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
- }
-
- /* either send http POST data */
- if (strlen (http_post_data)) {
- asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
- asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
- if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
- asprintf (&buf, CRLF);
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
- }
- else {
- /* or just a newline so the server knows we're done with the request */
- asprintf (&buf, "\r\n");
- if (SSL_write (ssl, buf, strlen (buf)) == -1) {
- ERR_print_errors_fp (stderr);
- return STATE_CRITICAL;
- }
- }
-
}
else {
#endif
if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
terminate (STATE_CRITICAL, "Unable to open TCP socket");
- asprintf (&buf, "%s %s HTTP/1.0\r\n", http_method, server_url);
- send (sd, buf, strlen (buf), 0);
+#ifdef HAVE_SSL
+ }
+#endif
- /* optionally send the host header info */
- if (strcmp (host_name, "")) {
- asprintf (&buf, "Host: %s\r\n", host_name);
- send (sd, buf, strlen (buf), 0);
- }
+ asprintf (&buf, "%s %s HTTP/1.0\r\n", http_method, server_url);
- /* send user agent */
- asprintf (&buf,
- "User-Agent: check_http/%s (nagios-plugins %s)\r\n",
- clean_revstring (REVISION), PACKAGE_VERSION);
- send (sd, buf, strlen (buf), 0);
+ /* optionally send the host header info (not clear if it's usable) */
+ if (strcmp (host_name, ""))
+ asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
- /* optionally send the authentication info */
- if (strcmp (user_auth, "")) {
- auth = base64 (user_auth, strlen (user_auth));
- asprintf (&buf, "Authorization: Basic %s\r\n", auth);
- send (sd, buf, strlen (buf), 0);
- }
+ /* send user agent */
+ asprintf (&buf, "%sUser-Agent: check_http/%s (nagios-plugins %s)\r\n",
+ buf, clean_revstring (REVISION), PACKAGE_VERSION);
- /* either send http POST data */
- /* written by Chris Henesy <lurker@shadowtech.org> */
- if (strlen (http_post_data)) {
- asprintf (&buf, "Content-Type: application/x-www-form-urlencoded\r\n");
- send (sd, buf, strlen (buf), 0);
- asprintf (&buf, "Content-Length: %i\r\n\r\n", strlen (http_post_data));
- send (sd, buf, strlen (buf), 0);
- send (sd, http_post_data, strlen (http_post_data), 0);
- send (sd, CRLF, strlen (CRLF), 0);
- }
- else {
- /* or just a newline so the server knows we're done with the request */
- asprintf (&buf, "\r\n");
- send (sd, buf, strlen (buf), 0);
+ /* optionally send the authentication info */
+ if (strcmp (user_auth, "")) {
+ auth = base64 (user_auth, strlen (user_auth));
+ asprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
+ }
+
+ /* either send http POST data */
+ if (strlen (http_post_data)) {
+ asprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf);
+ asprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, strlen (http_post_data));
+ asprintf (&buf, "%s%s%s", buf, http_post_data, CRLF);
+ }
+ else {
+ /* or just a newline so the server knows we're done with the request */
+ asprintf (&buf, "%s%s", buf, CRLF);
+ }
+
+#ifdef HAVE_SSL
+ if (use_ssl == TRUE) {
+ if (SSL_write (ssl, buf, strlen (buf)) == -1) {
+ ERR_print_errors_fp (stderr);
+ return STATE_CRITICAL;
}
+ }
+ else {
+#endif
+ send (sd, buf, strlen (buf), 0);
#ifdef HAVE_SSL
}
#endif
}
#endif
+ /* make sure the page is of an appropriate size */
+ page_len = strlen (page);
+ if ((min_page_len > 0) && (page_len < min_page_len)) {
+ printf ("HTTP WARNING: page size too small%s|size=%i\n",
+ (display_html ? "</A>" : ""), page_len );
+ exit (STATE_WARNING);
+ }
/* We only get here if all tests have been passed */
asprintf (&msg, "HTTP ok: %s - %7.3f second response time %s%s|time=%7.3f\n",
status_line, (float)elapsed_time,
{
SSL_METHOD *meth;
- asprintf (randbuff, "%s", "qwertyuiopasdfghjkl");
+ asprintf (&randbuff, "%s", "qwertyuiopasdfghjklqwertyuiopasdfghjkl");
RAND_seed (randbuff, strlen (randbuff));
+ if (verbose)
+ printf("SSL seeding: %s\n", (RAND_status()==1 ? "OK" : "Failed") );
+
/* Initialize SSL context */
SSLeay_add_ssl_algorithms ();
meth = SSLv23_client_method ();