![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 901f6b668986b9e521bc6bc5b177abc4d1d8e93b..f54f4ab89c19db64bed785f8bdf8930e8d3d7576 100644 (file)
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
-/******************************************************************************
-*
+/*****************************************************************************
+*
* Nagios check_http plugin
-*
+*
* License: GPL
-* Copyright (c) 1999-2006 nagios-plugins team
-*
+* Copyright (c) 1999-2008 Nagios Plugins Development Team
+*
* Last Modified: $Date$
-*
+*
* Description:
-*
+*
* This file contains the check_http plugin
-*
-* This plugin tests the HTTP service on the specified host. It can test
-* normal (http) and secure (https) servers, follow redirects, search for
-* strings and regular expressions, check connection times, and report on
-* certificate expiration times.
-*
-*
-* License Information:
-*
-* This program is free software; you can redistribute it and/or modify
+*
+* This plugin tests the HTTP service on the specified host. It can test
+* normal (http) and secure (https) servers, follow redirects, search for
+* strings and regular expressions, check connection times, and report on
+* certificate expiration times.
+*
+*
+* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
-* the Free Software Foundation; either version 2 of the License, or
+* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
-*
+*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
-*
+*
* You should have received a copy of the GNU General Public License
-* along with this program; if not, write to the Free Software
-* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+* along with this program. If not, see <http://www.gnu.org/licenses/>.
+*
+* $Id$
+*
+*****************************************************************************/
- $Id$
-
-******************************************************************************/
/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */
const char *progname = "check_http";
const char *revision = "$Revision$";
-const char *copyright = "1999-2006";
+const char *copyright = "1999-2008";
const char *email = "nagiosplug-devel@lists.sourceforge.net";
-#include <ctype.h>
-
#include "common.h"
#include "netutils.h"
#include "utils.h"
+#include "base64.h"
+#include <ctype.h>
#define INPUT_DELIMITER ";"
char buffer[MAX_INPUT_BUFFER];
int process_arguments (int, char **);
-static char *base64 (const char *bin, size_t len);
int check_http (void);
void redir (char *pos, char *status_line);
int server_type_check(const char *type);
{
int result = STATE_UNKNOWN;
+ setlocale (LC_ALL, "");
+ bindtextdomain (PACKAGE, LOCALEDIR);
+ textdomain (PACKAGE);
+
/* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */
server_url = strdup(HTTP_URL);
server_url_length = strlen(server_url);
asprintf (&user_agent, "User-Agent: check_http/%s (nagios-plugins %s)",
clean_revstring (revision), VERSION);
+ /* Parse extra opts if any */
+ argv=np_extra_opts (&argc, argv, progname);
+
if (process_arguments (argc, argv) == ERROR)
usage4 (_("Could not parse arguments"));
process_arguments (int argc, char **argv)
{
int c = 1;
+ char *p;
enum {
INVERT_REGEX = CHAR_MAX + 1
/* Note: H, I, and u must be malloc'd or will fail on redirects */
case 'H': /* Host Name (virtual host) */
host_name = strdup (optarg);
- if (strstr (optarg, ":"))
- sscanf (optarg, "%*[^:]:%d", &server_port);
+ if (host_name[0] == '[') {
+ if ((p = strstr (host_name, "]:")) != NULL) /* [IPv6]:port */
+ server_port = atoi (p + 2);
+ } else if ((p = strchr (host_name, ':')) != NULL
+ && strchr (++p, ':') == NULL) /* IPv4:port or host:port */
+ server_port = atoi (p);
break;
case 'I': /* Server IP-address */
server_address = strdup (optarg);
-/* written by lauri alanko */
-static char *
-base64 (const char *bin, size_t len)
-{
-
- char *buf = (char *) malloc ((len + 2) / 3 * 4 + 1);
- size_t i = 0, j = 0;
-
- char BASE64_END = '=';
- char base64_table[64];
- strncpy (base64_table, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", 64);
-
- while (j < len - 2) {
- buf[i++] = base64_table[bin[j] >> 2];
- buf[i++] = base64_table[((bin[j] & 3) << 4) | (bin[j + 1] >> 4)];
- buf[i++] = base64_table[((bin[j + 1] & 15) << 2) | (bin[j + 2] >> 6)];
- buf[i++] = base64_table[bin[j + 2] & 63];
- j += 3;
- }
-
- switch (len - j) {
- case 1:
- buf[i++] = base64_table[bin[j] >> 2];
- buf[i++] = base64_table[(bin[j] & 3) << 4];
- buf[i++] = BASE64_END;
- buf[i++] = BASE64_END;
- break;
- case 2:
- buf[i++] = base64_table[bin[j] >> 2];
- buf[i++] = base64_table[((bin[j] & 3) << 4) | (bin[j + 1] >> 4)];
- buf[i++] = base64_table[(bin[j + 1] & 15) << 2];
- buf[i++] = BASE64_END;
- break;
- case 0:
- break;
- }
-
- buf[i] = '\0';
- return buf;
-}
-
-
-
/* Returns 1 if we're done processing the document body; 0 to keep going */
static int
document_headers_done (char *full_page)
}
}
+/* Checks if the server 'reply' is one of the expected 'statuscodes' */
+static int
+expected_statuscode (const char *reply, const char *statuscodes)
+{
+ char *expected, *code;
+ int result = 0;
+
+ if ((expected = strdup (statuscodes)) == NULL)
+ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
+ for (code = strtok (expected, ","); code != NULL; code = strtok (NULL, ","))
+ if (strstr (reply, code) != NULL) {
+ result = 1;
+ break;
+ }
+
+ free (expected);
+ return result;
+}
static void
check_document_dates (const char *headers)
/* Skip to the end of the header, including continuation lines. */
while (*s && !(*s == '\n' && (s[1] != ' ' && s[1] != '\t')))
s++;
- s++;
+
+ /* Avoid stepping over end-of-string marker */
+ if (*s)
+ s++;
/* Process this header. */
if (value && value > field+2) {
if (check_cert == TRUE) {
result = np_net_ssl_check_cert(days_till_exp);
np_net_ssl_cleanup();
- if(sd) close(sd);
+ if (sd) close(sd);
return result;
}
}
#endif /* HAVE_SSL */
- asprintf (&buf, "%s %s HTTP/1.0\r\n%s\r\n", http_method, server_url, user_agent);
+ /* If a hostname is provided, use HTTP/1.1 and send the hostname before the
+ * Useragent. This fixes an issue with getting 301 responses from servers
+ * with virtual hosts */
+ if (host_name)
+ asprintf (&buf, "%s %s HTTP/1.1\r\nHost: %s\r\n%s\r\n", http_method, server_url, host_name, user_agent);
+ else
+ asprintf (&buf, "%s %s HTTP/1.0\r\n%s\r\n", http_method, server_url, user_agent);
/* tell HTTP/1.1 servers not to keep the connection alive */
asprintf (&buf, "%sConnection: close\r\n", buf);
- /* optionally send the host header info */
- if (host_name)
- asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
-
/* optionally send any other header tag */
if (http_opt_headers_count) {
for (i = 0; i < http_opt_headers_count ; i++) {
/* optionally send the authentication info */
if (strlen(user_auth)) {
- auth = base64 (user_auth, strlen (user_auth));
+ base64_encode_alloc (user_auth, strlen (user_auth), &auth);
asprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
}
} else {
asprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf);
}
-
+
asprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data));
asprintf (&buf, "%s%s%s", buf, http_post_data, CRLF);
}
#ifdef HAVE_SSL
np_net_ssl_cleanup();
#endif
- if(sd) close(sd);
+ if (sd) close(sd);
/* reset the alarm */
alarm (0);
(no_body ? " [[ skipped ]]" : page));
/* make sure the status line matches the response we are looking for */
- if (!strstr (status_line, server_expect)) {
+ if (!expected_statuscode (status_line, server_expect)) {
if (server_port == HTTP_PORT)
asprintf (&msg,
- _("Invalid HTTP response received from host\n"));
+ _("Invalid HTTP response received from host: %s\n"),
+ status_line);
else
asprintf (&msg,
- _("Invalid HTTP response received from host on port %d\n"),
- server_port);
+ _("Invalid HTTP response received from host on port %d: %s\n"),
+ server_port, status_line);
die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
}
} /* end if (http_status >= 300) */
} /* end else (server_expect_yn) */
-
+
if (maximum_age >= 0) {
check_document_dates (header);
}
microsec = deltime (tv);
elapsed_time = (double)microsec / 1.0e6;
asprintf (&msg,
- _("HTTP WARNING: %s - %.3f second response time %s|%s %s\n"),
+ _(" - %s - %.3f second response time %s|%s %s\n"),
status_line, elapsed_time,
(display_html ? "</A>" : ""),
perfd_time (elapsed_time), perfd_size (pagesize));
if (check_critical_time == TRUE && elapsed_time > critical_time)
- die (STATE_CRITICAL, "%s", msg);
+ die (STATE_CRITICAL, "HTTP %s: %s", _("CRITICAL"), msg);
if (check_warning_time == TRUE && elapsed_time > warning_time)
- die (STATE_WARNING, "%s", msg);
+ die (STATE_WARNING, "HTTP %s: %s", _("WARNING"), msg);
/* Page and Header content checks go here */
/* these checks should be last */
addr = malloc (MAX_IPV4_HOSTLENGTH + 1);
if (addr == NULL)
die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n"));
-
+
url = malloc (strcspn (pos, "\r\n"));
if (url == NULL)
die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate url\n"));
}
/* URI_HTTP URI_HOST URI_PORT */
- else if(sscanf (pos, HD3, type, addr, &i) == 3) {
+ else if (sscanf (pos, HD3, type, addr, &i) == 3) {
strcpy (url, HTTP_URL);
use_ssl = server_type_check (type);
}
/* URI_HTTP URI_HOST */
- else if(sscanf (pos, HD4, type, addr) == 2) {
+ else if (sscanf (pos, HD4, type, addr) == 2) {
strcpy (url, HTTP_URL);
use_ssl = server_type_check (type);
i = server_port_check (use_ssl);
printf ("\n");
printf (_(UT_HELP_VRSN));
+ printf (_(UT_EXTRA_OPTS));
printf (" %s\n", "-H, --hostname=ADDRESS");
printf (" %s\n", _("Host name argument for servers using host headers (virtual host)"));
#endif
printf (" %s\n", "-e, --expect=STRING");
- printf (" %s\n", _("String to expect in first (status) line of server response (default: "));
+ printf (" %s\n", _("Comma-delimited list of strings, at least one of them is expected in"));
+ printf (" %s", _("the first (status) line of the server response (default: "));
printf ("%s)\n", HTTP_EXPECT);
printf (" %s\n", _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)"));
printf (" %s\n", "-s, --string=STRING");
printf (_(UT_VERBOSE));
- printf (_("Notes:"));
+ printf ("\n");
+ printf ("%s\n", _("Notes:"));
printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host."));
printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL"));
printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect reponse"));
printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are"));
printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN"));
printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument."));
+ printf ("\n");
+ printf (_(UT_EXTRA_OPTS_NOTES));
#ifdef HAVE_SSL
+ printf ("\n");
printf (" %s\n", _("This plugin can also check whether an SSL enabled web server is able to"));
printf (" %s\n", _("serve content (optionally within a specified time) or whether the X509 "));
printf (" %s\n", _("certificate is still valid for the specified number of days."));
- printf (_("Examples:"));
+ printf ("\n");
+ printf ("%s\n", _("Examples:"));
printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com");
printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,"));
printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));
printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));
- printf (" %s\n\n", _("the certificate is expired."));
+ printf (" %s\n", _("the certificate is expired."));
#endif
printf (_(UT_SUPPORT));