diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index 614d467bc520b1d94e594d3663510734935436ba..07ee4c7f35bcedaa7c61d7a3a585060cb6d7b369 100644 (file)
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
/******************************************************************************
- *
- * Program: radius server check plugin for Nagios
- * License: GPL
- *
- * License Information:
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- *
- * $Id$
- *
- *****************************************************************************/
-
-#define PROGNAME "check_radius"
-#define REVISION "$Revision$"
-#define COPYRIGHT "1999-2001"
-#define AUTHORS "Robert August Vincent II/Karl DeBisschop"
-#define EMAIL "kdebisschop@users.sourceforge.net"
-#define SUMMARY "Tests to see if a radius server is accepting connections.\n"
-
-#define OPTIONS "\
--H host -F config_file -u username -p password\'\
- [-P port] [-t timeout] [-r retries] [-e expect]"
-
-#define LONGOPTIONS "\
- -H, --hostname=HOST\n\
- Host name argument for servers using host headers (use numeric\n\
- address if possible to bypass DNS lookup).\n\
- -P, --port=INTEGER\n\
- Port number (default: %d)\n\
- -u, --username=STRING\n\
- The user to authenticate\n\
- -p, --password=STRING\n\
- Password for autentication (SECURITY RISK)\n\
- -F, --filename=STRING\n\
- Configuration file\n\
- -e, --expect=STRING\n\
- Response string to expect from the server\n\
- -r, --retries=INTEGER\n\
- Number of times to retry a failed connection\n\
- -t, --timeout=INTEGER\n\
- Seconds before connection times out (default: %d)\n\
- -v\n\
- Show details for command-line debugging (do not use with nagios server)\n\
- -h, --help\n\
- Print detailed help screen\n\
- -V, --version\n\
- Print version information\n"
-
-#define DESCRIPTION "\
-The password option presents a substantial security issue because the
-password can be determined by careful watching of the command line in
-a process listing. This risk is exacerbated because nagios will
-run the plugin at regular prdictable intervals. Please be sure that
-the password used does not allow access to sensitive system resources,
-otherwise compormise could occur.\n"
-
-#include "config.h"
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+ $Id$
+
+ ******************************************************************************/
+
+const char *progname = "check_radius";
+const char *revision = "$Revision$";
+const char *copyright = "2000-2003";
+const char *email = "nagiosplug-devel@lists.sourceforge.net";
+
#include "common.h"
#include "utils.h"
+#include "netutils.h"
+
#include <radiusclient.h>
int process_arguments (int, char **);
-void print_usage (void);
void print_help (void);
+void print_usage (void);
char *server = NULL;
-int port = PW_AUTH_UDP_PORT;
char *username = NULL;
char *password = NULL;
+char *nasid = NULL;
char *expect = NULL;
char *config_file = NULL;
+unsigned short port = PW_AUTH_UDP_PORT;
int retries = 1;
int verbose = FALSE;
-
ENV *env = NULL;
/******************************************************************************
<manvolnum>5<manvolnum>
</refmeta>
<refnamdiv>
-<refname>&PROGNAME;</refname>
+<refname>&progname;</refname>
<refpurpose>&SUMMARY;</refpurpose>
</refnamdiv>
</refentry>
<sect2>
<title>Future Enhancements</title>
-<para>ToDo List</para>
+<para>Todo List</para>
<itemizedlist>
<listitem>Add option to get password from a secured file rather than the command line</listitem>
</itemizedlist>
-@@
******************************************************************************/
+
+
int
main (int argc, char **argv)
{
UINT4 service;
char msg[BUFFER_LEN];
- SEND_DATA data = { 0 };
- int result;
+ SEND_DATA data;
+ int result = STATE_UNKNOWN;
UINT4 client_id;
+ char *str;
+
+ setlocale (LC_ALL, "");
+ bindtextdomain (PACKAGE, LOCALEDIR);
+ textdomain (PACKAGE);
if (process_arguments (argc, argv) == ERROR)
- usage ("Could not parse arguments\n");
+ usage4 (_("Could not parse arguments"));
+ str = strdup ("dictionary");
if ((config_file && rc_read_config (config_file)) ||
- rc_read_dictionary (rc_conf_str ("dictionary")))
- terminate (STATE_UNKNOWN, "Config file error");
+ rc_read_dictionary (rc_conf_str (str)))
+ die (STATE_UNKNOWN, _("Config file error"));
service = PW_AUTHENTICATE_ONLY;
if (!(rc_avpair_add (&data.send_pairs, PW_SERVICE_TYPE, &service, 0) &&
rc_avpair_add (&data.send_pairs, PW_USER_NAME, username, 0) &&
- rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0)))
- terminate (STATE_UNKNOWN, "Out of Memory?");
+ rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0) &&
+ (nasid==NULL || rc_avpair_add (&data.send_pairs, PW_NAS_IDENTIFIER, nasid, 0))))
+ die (STATE_UNKNOWN, _("Out of Memory?"));
/*
* Fill in NAS-IP-Address
if (rc_avpair_add (&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) ==
NULL) return (ERROR_RC);
- rc_buildreq (&data, PW_ACCESS_REQUEST, server, port, timeout_interval,
- retries);
+ rc_buildreq (&data, PW_ACCESS_REQUEST, server, port, (int)timeout_interval,
+ retries);
result = rc_send_server (&data, msg);
rc_avpair_free (data.send_pairs);
rc_avpair_free (data.receive_pairs);
if (result == TIMEOUT_RC)
- terminate (STATE_CRITICAL, "Timeout");
+ die (STATE_CRITICAL, _("Timeout"));
if (result == ERROR_RC)
- terminate (STATE_CRITICAL, "Auth Error");
+ die (STATE_CRITICAL, _("Auth Error"));
if (result == BADRESP_RC)
- terminate (STATE_WARNING, "Auth Failed");
+ die (STATE_WARNING, _("Auth Failed"));
if (expect && !strstr (msg, expect))
- terminate (STATE_WARNING, msg);
+ die (STATE_WARNING, "%s", msg);
if (result == OK_RC)
- terminate (STATE_OK, "Auth OK");
+ die (STATE_OK, _("Auth OK"));
return (0);
}
{
int c;
-#ifdef HAVE_GETOPT_H
- int option_index = 0;
- static struct option long_options[] = {
+ int option = 0;
+ static struct option longopts[] = {
{"hostname", required_argument, 0, 'H'},
{"port", required_argument, 0, 'P'},
{"username", required_argument, 0, 'u'},
{"password", required_argument, 0, 'p'},
+ {"nas-id", required_argument, 0, 'n'},
{"filename", required_argument, 0, 'F'},
{"expect", required_argument, 0, 'e'},
{"retries", required_argument, 0, 'r'},
{"help", no_argument, 0, 'h'},
{0, 0, 0, 0}
};
-#endif
if (argc < 2)
return ERROR;
if (is_intpos (argv[4]))
timeout_interval = atoi (argv[4]);
else
- usage ("Timeout interval must be a positive integer");
+ usage2 (_("Timeout interval must be a positive integer"), optarg);
if (is_intpos (argv[5]))
retries = atoi (argv[5]);
else
- usage ("Number of retries must be a positive integer");
+ usage4 (_("Number of retries must be a positive integer"));
server = argv[6];
if (is_intpos (argv[7]))
port = atoi (argv[7]);
else
- usage ("Server port must be a positive integer");
+ usage4 (_("Port must be a positive integer"));
expect = argv[8];
return OK;
}
while (1) {
-#ifdef HAVE_GETOPT_H
- c =
- getopt_long (argc, argv, "+hVvH:P:F:u:p:t:r:e:", long_options,
- &option_index);
-#else
- c = getopt (argc, argv, "+hVvH:P:F:u:p:t:r:e:");
-#endif
+ c = getopt_long (argc, argv, "+hVvH:P:F:u:p:n:t:r:e:", longopts,
+ &option);
if (c == -1 || c == EOF || c == 1)
break;
switch (c) {
case '?': /* print short usage statement if args not parsable */
- printf ("%s: Unknown argument: %s\n\n", my_basename (argv[0]), optarg);
- print_usage ();
- exit (STATE_UNKNOWN);
+ usage2 (_("Unknown argument"), optarg);
case 'h': /* help */
print_help ();
exit (OK);
case 'V': /* version */
- print_revision (my_basename (argv[0]), "$Revision$");
+ print_revision (progname, revision);
exit (OK);
case 'v': /* verbose mode */
verbose = TRUE;
break;
case 'H': /* hostname */
if (is_host (optarg) == FALSE) {
- printf ("Invalid host name/address\n\n");
- print_usage ();
- exit (STATE_UNKNOWN);
+ usage2 (_("Invalid hostname/address"), optarg);
}
server = optarg;
break;
if (is_intnonneg (optarg))
port = atoi (optarg);
else
- usage ("Server port must be a positive integer");
+ usage4 (_("Port must be a positive integer"));
break;
case 'u': /* username */
username = optarg;
case 'p': /* password */
password = optarg;
break;
+ case 'n': /* nas id */
+ nasid = optarg;
+ break;
case 'F': /* configuration file */
config_file = optarg;
break;
if (is_intpos (optarg))
retries = atoi (optarg);
else
- usage ("Number of retries must be a positive integer");
+ usage4 (_("Number of retries must be a positive integer"));
break;
case 't': /* timeout */
if (is_intpos (optarg))
timeout_interval = atoi (optarg);
else
- usage ("Timeout interval must be a positive integer");
+ usage2 (_("Timeout interval must be a positive integer"), optarg);
break;
}
}
return OK;
}
-\f
+
void
print_help (void)
{
- print_revision (PROGNAME, REVISION);
- printf
- ("Copyright (c) %s %s <%s>\n\n%s\n",
- COPYRIGHT, AUTHORS, EMAIL, SUMMARY);
+ char *myport;
+ asprintf (&myport, "%d", PW_AUTH_UDP_PORT);
+
+ print_revision (progname, revision);
+
+ printf ("Copyright (c) 1999 Robert August Vincent II\n");
+ printf (COPYRIGHT, copyright, email);
+
+ printf(_("Tests to see if a radius server is accepting connections.\n\n"));
+
print_usage ();
- printf
- ("\nOptions:\n" LONGOPTIONS "\n" DESCRIPTION "\n",
- port, timeout_interval);
- support ();
+
+ printf (_(UT_HELP_VRSN));
+
+ printf (_(UT_HOST_PORT), 'P', myport);
+
+ printf (_("\
+ -u, --username=STRING\n\
+ The user to authenticate\n\
+ -p, --password=STRING\n\
+ Password for autentication (SECURITY RISK)\n\
+ -n, --nas-id=STRING\n\
+ NAS identifier\n\
+ -F, --filename=STRING\n\
+ Configuration file\n\
+ -e, --expect=STRING\n\
+ Response string to expect from the server\n\
+ -r, --retries=INTEGER\n\
+ Number of times to retry a failed connection\n"));
+
+ printf (_(UT_TIMEOUT), timeout_interval);
+
+ printf (_("\n\
+This plugin tests a radius server to see if it is accepting connections.\n\
+\n\
+The server to test must be specified in the invocation, as well as a user\n\
+name and password. A configuration file may also be present. The format of\n\
+the configuration file is described in the radiusclient library sources.\n\n"));
+
+ printf (_("\
+The password option presents a substantial security issue because the\n\
+password can be determined by careful watching of the command line in\n\
+a process listing. This risk is exacerbated because nagios will\n\
+run the plugin at regular prdictable intervals. Please be sure that\n\
+the password used does not allow access to sensitive system resources,\n\
+otherwise compormise could occur.\n"));
+
+ printf (_(UT_SUPPORT));
}
+
void
print_usage (void)
{
- printf ("Usage:\n" " %s %s\n"
-#ifdef HAVE_GETOPT_H
- " %s (-h | --help) for detailed help\n"
- " %s (-V | --version) for version information\n",
-#else
- " %s -h for detailed help\n"
- " %s -V for version information\n",
-#endif
- PROGNAME, OPTIONS, PROGNAME, PROGNAME);
+ printf ("\
+Usage: %s -H host -F config_file -u username -p password [-n nas-id] [-P port]\n\
+ [-t timeout] [-r retries] [-e expect]\n", progname);
}