X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fcheck_http.c;h=4734d75c5c43b4fde66490986f89046399424786;hb=11b35b92e3195d230bef359f6a0679ae4414716b;hp=7cdd5e01c170dc27b6c086b4b34bbebd28e4a041;hpb=d27d9950b2e698a015479b2a95e2503fe2d41848;p=nagiosplug.git diff --git a/plugins/check_http.c b/plugins/check_http.c index 7cdd5e0..4734d75 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c @@ -41,11 +41,11 @@ strings and regular expressions, check connection times, and report on\n\ certificate expiration times.\n" #define OPTIONS "\ -\(-H | -I ) [-u ] [-p ]\n\ +(-H | -I ) [-u ] [-p ]\n\ [-w ] [-c ] [-t ] [-L]\n\ [-a auth] [-f ] [-e ]\n\ [-s string] [-l] [-r | -R ]\n\ - [-P string]" + [-P string] [-m min_pg_size]" #define LONGOPTIONS "\ -H, --hostname=ADDRESS\n\ @@ -75,6 +75,8 @@ certificate expiration times.\n" Wrap output in HTML link (obsoleted by urlize)\n\ -f, --onredirect=\n\ How to handle redirected pages\n%s%s\ +-m, --min=INTEGER\n\ + Minimum page size required (bytes)\n\ -v, --verbose\n\ Show details for command-line debugging (do not use with nagios server)\n\ -h, --help\n\ @@ -151,7 +153,7 @@ the certificate is expired.\n" #ifdef HAVE_SSL int check_cert = FALSE; int days_till_exp; -unsigned char *randbuff; +char *randbuff = ""; SSL_CTX *ctx; SSL *ssl; X509 *server_cert; @@ -203,8 +205,8 @@ char server_port_text[6] = ""; char server_type[6] = "http"; char *server_address = ""; char *host_name = ""; -char *server_url = HTTP_URL; -int server_url_length = 1; +char *server_url = ""; +int server_url_length; int server_expect_yn = 0; char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; char string_expect[MAX_INPUT_BUFFER] = ""; @@ -218,6 +220,7 @@ int onredirect = STATE_OK; int use_ssl = FALSE; int verbose = FALSE; int sd; +int min_page_len = 0; char *http_method = "GET"; char *http_post_data = ""; char buffer[MAX_INPUT_BUFFER]; @@ -235,6 +238,10 @@ main (int argc, char **argv) { int result = STATE_UNKNOWN; + /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */ + asprintf (&server_url, "%s", HTTP_URL); + server_url_length = strlen(server_url); + if (process_arguments (argc, argv) == ERROR) usage ("check_http: could not parse arguments\n"); @@ -289,7 +296,6 @@ process_arguments (int argc, char **argv) { int c = 1; -#ifdef HAVE_GETOPT_H int option_index = 0; static struct option long_options[] = { STD_LONG_OPTS, @@ -307,9 +313,9 @@ process_arguments (int argc, char **argv) {"linespan", no_argument, 0, 'l'}, {"onredirect", required_argument, 0, 'f'}, {"certificate", required_argument, 0, 'C'}, + {"min", required_argument, 0, 'm'}, {0, 0, 0, 0} }; -#endif if (argc < 2) return ERROR; @@ -327,14 +333,8 @@ process_arguments (int argc, char **argv) strcpy (argv[c], "-n"); } -#define OPTCHARS "Vvht:c:w:H:P:I:a:e:p:s:R:r:u:f:C:nlLS" - while (1) { -#ifdef HAVE_GETOPT_H - c = getopt_long (argc, argv, OPTCHARS, long_options, &option_index); -#else - c = getopt (argc, argv, OPTCHARS); -#endif + c = getopt_long (argc, argv, "Vvht:c:w:H:P:I:a:e:p:s:R:r:u:f:C:nlLSm:", long_options, &option_index); if (c == -1 || c == EOF) break; @@ -465,6 +465,9 @@ process_arguments (int argc, char **argv) case 'v': /* verbose */ verbose = TRUE; break; + case 'm': /* min_page_length */ + min_page_len = atoi (optarg); + break; } } @@ -546,6 +549,7 @@ check_http (void) char *x = NULL; char *orig_url = NULL; double elapsed_time; + int page_len = 0; #ifdef HAVE_SSL int sslerr; #endif @@ -777,21 +781,21 @@ check_http (void) pos += (size_t) strcspn (pos, "\r\n"); pos += (size_t) strspn (pos, "\r\n"); } /* end while (pos) */ - printf ("HTTP UNKNOWN: Could not find redirect location - %s%s", + printf ("UNKNOWN - Could not find redirect location - %s%s", status_line, (display_html ? "" : "")); exit (STATE_UNKNOWN); } /* end if (onredirect == STATE_DEPENDENT) */ else if (onredirect == STATE_UNKNOWN) - printf ("HTTP UNKNOWN"); + printf ("UNKNOWN"); else if (onredirect == STATE_OK) - printf ("HTTP ok"); + printf ("OK"); else if (onredirect == STATE_WARNING) - printf ("HTTP WARNING"); + printf ("WARNING"); else if (onredirect == STATE_CRITICAL) - printf ("HTTP CRITICAL"); + printf ("CRITICAL"); elapsed_time = delta_time (tv); - asprintf (&msg, ": %s - %7.3f second response time %s%s|time=%7.3f\n", + asprintf (&msg, " - %s - %.3f second response time %s%s|time=%.3f\n", status_line, elapsed_time, timestamp, (display_html ? "" : ""), elapsed_time); terminate (onredirect, msg); @@ -803,7 +807,7 @@ check_http (void) /* check elapsed time */ elapsed_time = delta_time (tv); - asprintf (&msg, "HTTP problem: %s - %7.3f second response time %s%s|time=%7.3f\n", + asprintf (&msg, "HTTP problem: %s - %.3f second response time %s%s|time=%.3f\n", status_line, elapsed_time, timestamp, (display_html ? "" : ""), elapsed_time); if (check_critical_time == TRUE && elapsed_time > critical_time) @@ -816,13 +820,13 @@ check_http (void) if (strlen (string_expect)) { if (strstr (page, string_expect)) { - printf ("HTTP ok: %s - %7.3f second response time %s%s|time=%7.3f\n", + printf ("HTTP OK %s - %.3f second response time %s%s|time=%.3f\n", status_line, elapsed_time, timestamp, (display_html ? "" : ""), elapsed_time); exit (STATE_OK); } else { - printf ("HTTP CRITICAL: string not found%s|time=%7.3f\n", + printf ("CRITICAL - string not found%s|time=%.3f\n", (display_html ? "" : ""), elapsed_time); exit (STATE_CRITICAL); } @@ -831,28 +835,35 @@ check_http (void) if (strlen (regexp)) { errcode = regexec (&preg, page, REGS, pmatch, 0); if (errcode == 0) { - printf ("HTTP ok: %s - %7.3f second response time %s%s|time=%7.3f\n", + printf ("HTTP OK %s - %.3f second response time %s%s|time=%.3f\n", status_line, elapsed_time, timestamp, (display_html ? "" : ""), elapsed_time); exit (STATE_OK); } else { if (errcode == REG_NOMATCH) { - printf ("HTTP CRITICAL: pattern not found%s|time=%7.3f\n", + printf ("CRITICAL - pattern not found%s|time=%.3f\n", (display_html ? "" : ""), elapsed_time); exit (STATE_CRITICAL); } else { regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); - printf ("Execute Error: %s\n", errbuf); + printf ("CRITICAL - Execute Error: %s\n", errbuf); exit (STATE_CRITICAL); } } } #endif + /* make sure the page is of an appropriate size */ + page_len = strlen (page); + if ((min_page_len > 0) && (page_len < min_page_len)) { + printf ("HTTP WARNING: page size too small%s|size=%i\n", + (display_html ? "" : ""), page_len ); + exit (STATE_WARNING); + } /* We only get here if all tests have been passed */ - asprintf (&msg, "HTTP ok: %s - %7.3f second response time %s%s|time=%7.3f\n", + asprintf (&msg, "HTTP OK %s - %.3f second response time %s%s|time=%.3f\n", status_line, (float)elapsed_time, timestamp, (display_html ? "" : ""), elapsed_time); terminate (STATE_OK, msg); @@ -866,14 +877,17 @@ int connect_SSL (void) { SSL_METHOD *meth; - asprintf (&randbuff, "%s", "qwertyuiopasdfghjkl"); + asprintf (&randbuff, "%s", "qwertyuiopasdfghjklqwertyuiopasdfghjkl"); RAND_seed (randbuff, strlen (randbuff)); + if (verbose) + printf("SSL seeding: %s\n", (RAND_status()==1 ? "OK" : "Failed") ); + /* Initialize SSL context */ SSLeay_add_ssl_algorithms (); meth = SSLv23_client_method (); SSL_load_error_strings (); if ((ctx = SSL_CTX_new (meth)) == NULL) { - printf ("ERROR: Cannot create SSL context.\n"); + printf ("CRITICAL - Cannot create SSL context.\n"); return STATE_CRITICAL; } @@ -897,7 +911,7 @@ int connect_SSL (void) ERR_print_errors_fp (stderr); } else { - printf ("ERROR: Cannot initiate SSL handshake.\n"); + printf ("CRITICAL - Cannot initiate SSL handshake.\n"); } SSL_free (ssl); } @@ -925,7 +939,7 @@ check_certificate (X509 ** certificate) /* Generate tm structure to process timestamp */ if (tm->type == V_ASN1_UTCTIME) { if (tm->length < 10) { - printf ("ERROR: Wrong time format in certificate.\n"); + printf ("CRITICAL - Wrong time format in certificate.\n"); return STATE_CRITICAL; } else { @@ -937,7 +951,7 @@ check_certificate (X509 ** certificate) } else { if (tm->length < 12) { - printf ("ERROR: Wrong time format in certificate.\n"); + printf ("CRITICAL - Wrong time format in certificate.\n"); return STATE_CRITICAL; } else { @@ -966,20 +980,20 @@ check_certificate (X509 ** certificate) stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); if (days_left > 0 && days_left <= days_till_exp) { - printf ("Certificate expires in %d day(s) (%s).\n", days_left, timestamp); + printf ("WARNING - Certificate expires in %d day(s) (%s).\n", days_left, timestamp); return STATE_WARNING; } if (days_left < 0) { - printf ("Certificate expired on %s.\n", timestamp); + printf ("CRITICAL - Certificate expired on %s.\n", timestamp); return STATE_CRITICAL; } if (days_left == 0) { - printf ("Certificate expires today (%s).\n", timestamp); + printf ("WARNING - Certificate expires today (%s).\n", timestamp); return STATE_WARNING; } - printf ("Certificate will expire on %s.\n", timestamp); + printf ("OK - Certificate will expire on %s.\n", timestamp); return STATE_OK; } @@ -1046,12 +1060,7 @@ void print_usage (void) { printf ("Usage:\n" " %s %s\n" -#ifdef HAVE_GETOPT_H " %s (-h | --help) for detailed help\n" " %s (-V | --version) for version information\n", -#else - " %s -h for detailed help\n" - " %s -V for version information\n", -#endif progname, OPTIONS, progname, progname); }