![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/check_radius.c b/plugins/check_radius.c
index 3aa5ae713401df11c9b273bc87bbec061c5d0ac9..9e1046865e2e4e0a574db7cb2bdc786e460f37f4 100644 (file)
--- a/plugins/check_radius.c
+++ b/plugins/check_radius.c
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ $Id$
+
******************************************************************************/
const char *progname = "check_radius";
const char *copyright = "2000-2003";
const char *email = "nagiosplug-devel@lists.sourceforge.net";
-#include "config.h"
#include "common.h"
#include "utils.h"
-#include <radiusclient.h>
-
-void
-print_usage (void)
-{
- printf ("\
-Usage: %s -H host -F config_file -u username -p password [-P port]\n\
- [-t timeout] [-r retries] [-e expect]\n", progname);
- printf (_(UT_HLP_VRS), progname, progname);
-}
-
-void
-print_help (void)
-{
- char *myport;
- asprintf (&myport, "%d", PW_AUTH_UDP_PORT);
-
- print_revision (progname, revision);
+#include "netutils.h"
- printf (_("Copyright (c) 1999 Robert August Vincent II\n"));
- printf (_(COPYRIGHT), copyright, email);
-
- printf(_("Tests to see if a radius server is accepting connections.\n\n"));
-
- print_usage ();
-
- printf (_(UT_HELP_VRSN));
-
- printf (_(UT_HOST_PORT), 'P', myport);
-
- printf (_("\
- -u, --username=STRING\n\
- The user to authenticate\n\
- -p, --password=STRING\n\
- Password for autentication (SECURITY RISK)\n\
- -F, --filename=STRING\n\
- Configuration file\n\
- -e, --expect=STRING\n\
- Response string to expect from the server\n\
- -r, --retries=INTEGER\n\
- Number of times to retry a failed connection\n"));
-
- printf (_(UT_TIMEOUT), timeout_interval);
-
- printf (_("\n\
-This plugin tests a radius server to see if it is accepting connections.\n\
-\n\
-The server to test must be specified in the invocation, as well as a user\n\
-name and password. A configuration file may also be present. The format of\n\
-the configuration file is described in the radiusclient library sources.\n\n"));
-
- printf (_("\
-The password option presents a substantial security issue because the\n\
-password can be determined by careful watching of the command line in\n\
-a process listing. This risk is exacerbated because nagios will\n\
-run the plugin at regular prdictable intervals. Please be sure that\n\
-the password used does not allow access to sensitive system resources,\n\
-otherwise compormise could occur.\n"));
+#include <radiusclient.h>
- printf (_(UT_SUPPORT));
-}
-\f
int process_arguments (int, char **);
+void print_help (void);
+void print_usage (void);
char *server = NULL;
char *username = NULL;
char *password = NULL;
+char *nasid = NULL;
char *expect = NULL;
char *config_file = NULL;
-int port = PW_AUTH_UDP_PORT;
+unsigned short port = PW_AUTH_UDP_PORT;
int retries = 1;
int verbose = FALSE;
ENV *env = NULL;
-@@
******************************************************************************/
+
+
int
main (int argc, char **argv)
{
UINT4 service;
char msg[BUFFER_LEN];
SEND_DATA data;
- int result;
+ int result = STATE_UNKNOWN;
UINT4 client_id;
+ char *str;
+
+ setlocale (LC_ALL, "");
+ bindtextdomain (PACKAGE, LOCALEDIR);
+ textdomain (PACKAGE);
if (process_arguments (argc, argv) == ERROR)
- usage (_("Could not parse arguments\n"));
+ usage4 (_("Could not parse arguments"));
+ str = strdup ("dictionary");
if ((config_file && rc_read_config (config_file)) ||
- rc_read_dictionary (rc_conf_str ("dictionary")))
- terminate (STATE_UNKNOWN, _("Config file error"));
+ rc_read_dictionary (rc_conf_str (str)))
+ die (STATE_UNKNOWN, _("Config file error"));
service = PW_AUTHENTICATE_ONLY;
if (!(rc_avpair_add (&data.send_pairs, PW_SERVICE_TYPE, &service, 0) &&
rc_avpair_add (&data.send_pairs, PW_USER_NAME, username, 0) &&
- rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0)))
- terminate (STATE_UNKNOWN, _("Out of Memory?"));
+ rc_avpair_add (&data.send_pairs, PW_USER_PASSWORD, password, 0) &&
+ (nasid==NULL || rc_avpair_add (&data.send_pairs, PW_NAS_IDENTIFIER, nasid, 0))))
+ die (STATE_UNKNOWN, _("Out of Memory?"));
/*
* Fill in NAS-IP-Address
if (rc_avpair_add (&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0) ==
NULL) return (ERROR_RC);
- rc_buildreq (&data, PW_ACCESS_REQUEST, server, port, timeout_interval,
- retries);
+ rc_buildreq (&data, PW_ACCESS_REQUEST, server, port, (int)timeout_interval,
+ retries);
result = rc_send_server (&data, msg);
rc_avpair_free (data.send_pairs);
rc_avpair_free (data.receive_pairs);
if (result == TIMEOUT_RC)
- terminate (STATE_CRITICAL, _("Timeout"));
+ die (STATE_CRITICAL, _("Timeout"));
if (result == ERROR_RC)
- terminate (STATE_CRITICAL, _("Auth Error"));
+ die (STATE_CRITICAL, _("Auth Error"));
if (result == BADRESP_RC)
- terminate (STATE_WARNING, _("Auth Failed"));
+ die (STATE_WARNING, _("Auth Failed"));
if (expect && !strstr (msg, expect))
- terminate (STATE_WARNING, msg);
+ die (STATE_WARNING, "%s", msg);
if (result == OK_RC)
- terminate (STATE_OK, _("Auth OK"));
+ die (STATE_OK, _("Auth OK"));
return (0);
}
{
int c;
- int option_index = 0;
- static struct option long_options[] = {
+ int option = 0;
+ static struct option longopts[] = {
{"hostname", required_argument, 0, 'H'},
{"port", required_argument, 0, 'P'},
{"username", required_argument, 0, 'u'},
{"password", required_argument, 0, 'p'},
+ {"nas-id", required_argument, 0, 'n'},
{"filename", required_argument, 0, 'F'},
{"expect", required_argument, 0, 'e'},
{"retries", required_argument, 0, 'r'},
if (is_intpos (argv[4]))
timeout_interval = atoi (argv[4]);
else
- usage (_("Timeout interval must be a positive integer"));
+ usage2 (_("Timeout interval must be a positive integer"), optarg);
if (is_intpos (argv[5]))
retries = atoi (argv[5]);
else
if (is_intpos (argv[7]))
port = atoi (argv[7]);
else
- usage (_("Server port must be a positive integer"));
+ usage (_("Port must be a positive integer"));
expect = argv[8];
return OK;
}
while (1) {
- c = getopt_long (argc, argv, "+hVvH:P:F:u:p:t:r:e:", long_options,
- &option_index);
+ c = getopt_long (argc, argv, "+hVvH:P:F:u:p:n:t:r:e:", longopts,
+ &option);
if (c == -1 || c == EOF || c == 1)
break;
break;
case 'H': /* hostname */
if (is_host (optarg) == FALSE) {
- printf (_("Invalid host name/address\n\n"));
- print_usage ();
- exit (STATE_UNKNOWN);
+ usage2 (_("Invalid hostname/address"), optarg);
}
server = optarg;
break;
if (is_intnonneg (optarg))
port = atoi (optarg);
else
- usage (_("Server port must be a positive integer"));
+ usage (_("Port must be a positive integer"));
break;
case 'u': /* username */
username = optarg;
case 'p': /* password */
password = optarg;
break;
+ case 'n': /* nas id */
+ nasid = optarg;
+ break;
case 'F': /* configuration file */
config_file = optarg;
break;
if (is_intpos (optarg))
timeout_interval = atoi (optarg);
else
- usage (_("Timeout interval must be a positive integer"));
+ usage2 (_("Timeout interval must be a positive integer"), optarg);
break;
}
}
return OK;
}
+
+
+
+void
+print_help (void)
+{
+ char *myport;
+ asprintf (&myport, "%d", PW_AUTH_UDP_PORT);
+
+ print_revision (progname, revision);
+
+ printf ("Copyright (c) 1999 Robert August Vincent II\n");
+ printf (COPYRIGHT, copyright, email);
+
+ printf(_("Tests to see if a radius server is accepting connections.\n\n"));
+
+ print_usage ();
+
+ printf (_(UT_HELP_VRSN));
+
+ printf (_(UT_HOST_PORT), 'P', myport);
+
+ printf (_("\
+ -u, --username=STRING\n\
+ The user to authenticate\n\
+ -p, --password=STRING\n\
+ Password for autentication (SECURITY RISK)\n\
+ -n, --nas-id=STRING\n\
+ NAS identifier\n\
+ -F, --filename=STRING\n\
+ Configuration file\n\
+ -e, --expect=STRING\n\
+ Response string to expect from the server\n\
+ -r, --retries=INTEGER\n\
+ Number of times to retry a failed connection\n"));
+
+ printf (_(UT_TIMEOUT), timeout_interval);
+
+ printf (_("\n\
+This plugin tests a radius server to see if it is accepting connections.\n\
+\n\
+The server to test must be specified in the invocation, as well as a user\n\
+name and password. A configuration file may also be present. The format of\n\
+the configuration file is described in the radiusclient library sources.\n\n"));
+
+ printf (_("\
+The password option presents a substantial security issue because the\n\
+password can be determined by careful watching of the command line in\n\
+a process listing. This risk is exacerbated because nagios will\n\
+run the plugin at regular prdictable intervals. Please be sure that\n\
+the password used does not allow access to sensitive system resources,\n\
+otherwise compormise could occur.\n"));
+
+ printf (_(UT_SUPPORT));
+}
+
+
+
+void
+print_usage (void)
+{
+ printf ("\
+Usage: %s -H host -F config_file -u username -p password [-n nas-id] [-P port]\n\
+ [-t timeout] [-r retries] [-e expect]\n", progname);
+}