X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fcheck_http.c;h=cf86d469a91ff7c09c7d0eb6f27ab47dd2caa44e;hb=7ceff0d5a95f5c5f34235ef6682595f169864d2f;hp=306e4a2e4a9f9006fdc80cd249c57586a0b9dc55;hpb=e2a4f7f13939140976fe2a4e8ec785ae10a41c4a;p=nagiosplug.git diff --git a/plugins/check_http.c b/plugins/check_http.c index 306e4a2..cf86d46 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c @@ -23,7 +23,7 @@ * *****************************************************************************/ -#define PROGNAME "check_http" +const char *progname = "check_http"; #define REVISION "$Revision$" #define COPYRIGHT "1999-2001" #define AUTHORS "Ethan Galstad/Karl DeBisschop" @@ -31,7 +31,6 @@ #include "config.h" #include "common.h" -#include "version.h" #include "netutils.h" #include "utils.h" @@ -42,11 +41,11 @@ strings and regular expressions, check connection times, and report on\n\ certificate expiration times.\n" #define OPTIONS "\ -\(-H | -I ) [-u ] [-p ]\n\ +(-H | -I ) [-u ] [-p ]\n\ [-w ] [-c ] [-t ] [-L]\n\ [-a auth] [-f ] [-e ]\n\ - [-s string] [-r | -R ]\n\ - [-P string]" + [-s string] [-l] [-r | -R ]\n\ + [-P string] [-m min_pg_size]" #define LONGOPTIONS "\ -H, --hostname=ADDRESS\n\ @@ -75,7 +74,9 @@ certificate expiration times.\n" -L, --link=URL\n\ Wrap output in HTML link (obsoleted by urlize)\n\ -f, --onredirect=\n\ - How to handle redirected pages\n%s\ + How to handle redirected pages\n%s%s\ +-m, --min=INTEGER\n\ + Minimum page size required (bytes)\n\ -v, --verbose\n\ Show details for command-line debugging (do not use with nagios server)\n\ -h, --help\n\ @@ -94,6 +95,18 @@ certificate expiration times.\n" #define SSLOPTIONS "" #endif +#ifdef HAVE_REGEX_H +#define REGOPTIONS "\ + -l, --linespan\n\ + Allow regex to span newlines (must precede -r or -R)\n\ + -r, --regex, --ereg=STRING\n\ + Search page for regex STRING\n\ + -R, --eregi=STRING\n\ + Search page for case-insensitive regex STRING\n" +#else +#define REGOPTIONS "" +#endif + #define DESCRIPTION "\ This plugin will attempt to open an HTTP connection with the host. Successul\n\ connects return STATE_OK, refusals and timeouts return STATE_CRITICAL, other\n\ @@ -140,7 +153,7 @@ the certificate is expired.\n" #ifdef HAVE_SSL int check_cert = FALSE; int days_till_exp; -unsigned char *randbuff; +char *randbuff = ""; SSL_CTX *ctx; SSL *ssl; X509 *server_cert; @@ -149,8 +162,10 @@ int check_certificate (X509 **); #endif #ifdef HAVE_REGEX_H -#define REGS 2 -#define MAX_RE_SIZE 256 +enum { + REGS = 2, + MAX_RE_SIZE = 256 +}; #include regex_t preg; regmatch_t pmatch[REGS]; @@ -160,38 +175,44 @@ int cflags = REG_NOSUB | REG_EXTENDED | REG_NEWLINE; int errcode; #endif +struct timeval tv; + #define server_type_check(server_type) \ (strcmp (server_type, "https") ? FALSE : TRUE) #define server_port_check(use_ssl) (use_ssl ? HTTPS_PORT : HTTP_PORT) -#define MAX_IPV4_HOSTLENGTH 64 #define HDR_LOCATION "%*[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]: " #define URI_HTTP "%[HTPShtps]://" #define URI_HOST "%[a-zA-Z0-9.-]" #define URI_PORT ":%[0-9]" #define URI_PATH "%[/a-zA-Z0-9._-=@,]" -#define HTTP_PORT 80 -#define HTTPS_PORT 443 +enum { + MAX_IPV4_HOSTLENGTH = 64, + HTTP_PORT = 80, + HTTPS_PORT = 443 +}; + #define HTTP_EXPECT "HTTP/1." #define HTTP_URL "/" +#define CRLF "\r\n" -char timestamp[10] = ""; +char timestamp[17] = ""; int specify_port = FALSE; int server_port = HTTP_PORT; char server_port_text[6] = ""; char server_type[6] = "http"; -/*@null@*/ char *server_address = NULL; -/*@null@*/ char *host_name = NULL; -/*@null@*/ char *server_url = NULL; -int server_url_length = 0; +char *server_address = ""; +char *host_name = ""; +char *server_url = ""; +int server_url_length; int server_expect_yn = 0; char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; char string_expect[MAX_INPUT_BUFFER] = ""; -int warning_time = 0; +double warning_time = 0; int check_warning_time = FALSE; -int critical_time = 0; +double critical_time = 0; int check_critical_time = FALSE; char user_auth[MAX_INPUT_BUFFER] = ""; int display_html = FALSE; @@ -199,14 +220,14 @@ int onredirect = STATE_OK; int use_ssl = FALSE; int verbose = FALSE; int sd; -/*@null@*/ char *http_method = NULL; -/*@null@*/ char *http_post_data = NULL; +int min_page_len = 0; +char *http_method = "GET"; +char *http_post_data = ""; char buffer[MAX_INPUT_BUFFER]; void print_usage (void); void print_help (void); int process_arguments (int, char **); -int call_getopt (int, char **); static char *base64 (char *bin, int len); int check_http (void); int my_recv (void); @@ -217,14 +238,18 @@ main (int argc, char **argv) { int result = STATE_UNKNOWN; + /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */ + asprintf (&server_url, "%s", HTTP_URL); + server_url_length = strlen(server_url); + if (process_arguments (argc, argv) == ERROR) usage ("check_http: could not parse arguments\n"); if (strstr (timestamp, ":")) { if (strstr (server_url, "?")) - server_url = ssprintf (server_url, "%s&%s", server_url, timestamp); + asprintf (&server_url, "%s&%s", server_url, timestamp); else - server_url = ssprintf (server_url, "%s?%s", server_url, timestamp); + asprintf (&server_url, "%s?%s", server_url, timestamp); } if (display_html == TRUE) @@ -234,7 +259,7 @@ main (int argc, char **argv) /* initialize alarm signal handling, set socket timeout, start timer */ (void) signal (SIGALRM, socket_timeout_alarm_handler); (void) alarm (socket_timeout); - (void) time (&start_time); + gettimeofday (&tv, NULL); #ifdef HAVE_SSL if (use_ssl && check_cert == TRUE) { @@ -269,13 +294,13 @@ main (int argc, char **argv) int process_arguments (int argc, char **argv) { - int c, i = 1; - char optchars[MAX_INPUT_BUFFER]; + int c = 1; #ifdef HAVE_GETOPT_H int option_index = 0; static struct option long_options[] = { - STD_OPTS_LONG, + STD_LONG_OPTS, + {"file",required_argument,0,'F'}, {"link", no_argument, 0, 'L'}, {"nohtml", no_argument, 0, 'n'}, {"ssl", no_argument, 0, 'S'}, @@ -286,8 +311,10 @@ process_arguments (int argc, char **argv) {"regex", required_argument, 0, 'r'}, {"ereg", required_argument, 0, 'r'}, {"eregi", required_argument, 0, 'R'}, + {"linespan", no_argument, 0, 'l'}, {"onredirect", required_argument, 0, 'f'}, {"certificate", required_argument, 0, 'C'}, + {"min", required_argument, 0, 'm'}, {0, 0, 0, 0} }; #endif @@ -308,14 +335,13 @@ process_arguments (int argc, char **argv) strcpy (argv[c], "-n"); } - snprintf (optchars, MAX_INPUT_BUFFER, "%s%s", STD_OPTS, - "P:I:a:e:p:s:R:r:u:f:C:nLS"); +#define OPTCHARS "Vvht:c:w:H:P:I:a:e:p:s:R:r:u:f:C:nlLSm:" while (1) { #ifdef HAVE_GETOPT_H - c = getopt_long (argc, argv, optchars, long_options, &option_index); + c = getopt_long (argc, argv, OPTCHARS, long_options, &option_index); #else - c = getopt (argc, argv, optchars); + c = getopt (argc, argv, OPTCHARS); #endif if (c == -1 || c == EOF) break; @@ -329,7 +355,7 @@ process_arguments (int argc, char **argv) exit (STATE_OK); break; case 'V': /* version */ - print_revision (PROGNAME, REVISION); + print_revision (progname, REVISION); exit (STATE_OK); break; case 't': /* timeout period */ @@ -340,13 +366,13 @@ process_arguments (int argc, char **argv) case 'c': /* critical time threshold */ if (!is_intnonneg (optarg)) usage2 ("invalid critical threshold", optarg); - critical_time = atoi (optarg); + critical_time = strtod (optarg, NULL); check_critical_time = TRUE; break; case 'w': /* warning time threshold */ if (!is_intnonneg (optarg)) usage2 ("invalid warning threshold", optarg); - warning_time = atoi (optarg); + warning_time = strtod (optarg, NULL); check_warning_time = TRUE; break; case 'L': /* show html link */ @@ -363,7 +389,7 @@ process_arguments (int argc, char **argv) if (specify_port == FALSE) server_port = HTTPS_PORT; break; - case 'C': /* warning time threshold */ + case 'C': /* Check SSL cert validity */ #ifdef HAVE_SSL if (!is_intnonneg (optarg)) usage2 ("invalid certificate expiration period", optarg); @@ -389,14 +415,14 @@ process_arguments (int argc, char **argv) break; /* Note: H, I, and u must be malloc'd or will fail on redirects */ case 'H': /* Host Name (virtual host) */ - host_name = strscpy (host_name, optarg); + asprintf (&host_name, "%s", optarg); break; case 'I': /* Server IP-address */ - server_address = strscpy (server_address, optarg); + asprintf (&server_address, "%s", optarg); break; case 'u': /* Host or server */ - server_url = strscpy (server_url, optarg); - server_url_length = strlen (optarg); + asprintf (&server_url, "%s", optarg); + server_url_length = strlen (server_url); break; case 'p': /* Host or server */ if (!is_intnonneg (optarg)) @@ -409,8 +435,8 @@ process_arguments (int argc, char **argv) user_auth[MAX_INPUT_BUFFER - 1] = 0; break; case 'P': /* HTTP POST data in URL encoded format */ - http_method = strscpy (http_method, "POST"); - http_post_data = strscpy (http_post_data, optarg); + asprintf (&http_method, "%s", "POST"); + asprintf (&http_post_data, "%s", optarg); break; case 's': /* string or substring */ strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); @@ -421,55 +447,51 @@ process_arguments (int argc, char **argv) server_expect[MAX_INPUT_BUFFER - 1] = 0; server_expect_yn = 1; break; - case 'R': /* regex */ -#ifdef HAVE_REGEX_H - cflags = REG_ICASE; -#else +#ifndef HAVE_REGEX_H + case 'l': /* linespan */ + case 'r': /* linespan */ + case 'R': /* linespan */ usage ("check_http: call for regex which was not a compiled option\n"); -#endif + break; +#else + case 'l': /* linespan */ + cflags &= ~REG_NEWLINE; + break; + case 'R': /* regex */ + cflags |= REG_ICASE; case 'r': /* regex */ -#ifdef HAVE_REGEX_H - cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE; strncpy (regexp, optarg, MAX_RE_SIZE - 1); regexp[MAX_RE_SIZE - 1] = 0; errcode = regcomp (&preg, regexp, cflags); if (errcode != 0) { - regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); + (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); printf ("Could Not Compile Regular Expression: %s", errbuf); return ERROR; } -#else - usage ("check_http: call for regex which was not a compiled option\n"); -#endif break; +#endif case 'v': /* verbose */ verbose = TRUE; break; + case 'm': /* min_page_length */ + min_page_len = atoi (optarg); + break; } } c = optind; - if (server_address == NULL && host_name == NULL) { - server_address = strscpy (NULL, argv[c]); - host_name = strscpy (NULL, argv[c++]); - } - - if (server_address == NULL && host_name == NULL) - usage ("check_http: you must specify a host name\n"); - - if (server_address == NULL) - server_address = strscpy (NULL, host_name); + if (strcmp (server_address, "") == 0 && c < argc) + asprintf (&server_address, "%s", argv[c++]); - if (host_name == NULL) - host_name = strscpy (NULL, server_address); + if (strcmp (host_name, "") == 0 && c < argc) + asprintf (&host_name, "%s", argv[c++]); - if (http_method == NULL) - http_method = strscpy (http_method, "GET"); - - if (server_url == NULL) { - server_url = strscpy (NULL, "/"); - server_url_length = strlen(HTTP_URL); + if (strcmp (server_address ,"") == 0) { + if (strcmp (host_name, "") == 0) + usage ("check_http: you must specify a server address or host name\n"); + else + asprintf (&server_address, "%s", host_name); } return TRUE; @@ -523,22 +545,29 @@ int check_http (void) { char *msg = NULL; - char *status_line = NULL; + char *status_line = ""; char *header = NULL; - char *page = NULL; + char *page = ""; char *auth = NULL; int i = 0; size_t pagesize = 0; - char *full_page = NULL; - char *pos = NULL; + char *full_page = ""; + char *buf = NULL; + char *pos = ""; + char *x = NULL; + char *orig_url = NULL; + double elapsed_time; + int page_len = 0; +#ifdef HAVE_SSL + int sslerr; +#endif /* try to connect to the host at the given port number */ #ifdef HAVE_SSL if (use_ssl == TRUE) { if (connect_SSL () != OK) { - msg = ssprintf (msg, "Unable to open TCP socket"); - terminate (STATE_CRITICAL, msg); + terminate (STATE_CRITICAL, "Unable to open TCP socket"); } if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) { @@ -549,123 +578,75 @@ check_http (void) return STATE_CRITICAL; } - snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url); - if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { - ERR_print_errors_fp (stderr); - return STATE_CRITICAL; - } + } + else { +#endif + if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) + terminate (STATE_CRITICAL, "Unable to open TCP socket"); +#ifdef HAVE_SSL + } +#endif - /* optionally send the host header info (not clear if it's usable) */ - if (strcmp (host_name, "")) { - snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name); - if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { - ERR_print_errors_fp (stderr); - return STATE_CRITICAL; - } - } + asprintf (&buf, "%s %s HTTP/1.0\r\n", http_method, server_url); - /* send user agent */ - snprintf (buffer, MAX_INPUT_BUFFER - 1, "User-Agent: check_http/%s (nagios-plugins %s)\r\n", - clean_revstring (REVISION), PACKAGE_VERSION); - if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { - ERR_print_errors_fp (stderr); - return STATE_CRITICAL; - } + /* optionally send the host header info (not clear if it's usable) */ + if (strcmp (host_name, "")) + asprintf (&buf, "%sHost: %s\r\n", buf, host_name); - /* optionally send the authentication info */ - if (strcmp (user_auth, "")) { - auth = base64 (user_auth, strlen (user_auth)); - snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth); - if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { - ERR_print_errors_fp (stderr); - return STATE_CRITICAL; - } - } + /* send user agent */ + asprintf (&buf, "%sUser-Agent: check_http/%s (nagios-plugins %s)\r\n", + buf, clean_revstring (REVISION), PACKAGE_VERSION); - /* optionally send http POST data */ - if (http_post_data) { - snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n"); - if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { - ERR_print_errors_fp (stderr); - return STATE_CRITICAL; - } - snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); - if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { - ERR_print_errors_fp (stderr); - return STATE_CRITICAL; - } - http_post_data = strscat (http_post_data, "\r\n"); - if (SSL_write (ssl, http_post_data, strlen (http_post_data)) == -1) { - ERR_print_errors_fp (stderr); - return STATE_CRITICAL; - } - } + /* optionally send the authentication info */ + if (strcmp (user_auth, "")) { + auth = base64 (user_auth, strlen (user_auth)); + asprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth); + } + + /* either send http POST data */ + if (strlen (http_post_data)) { + asprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf); + asprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, strlen (http_post_data)); + asprintf (&buf, "%s%s%s", buf, http_post_data, CRLF); + } + else { + /* or just a newline so the server knows we're done with the request */ + asprintf (&buf, "%s%s", buf, CRLF); + } - /* send a newline so the server knows we're done with the request */ - snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n"); - if (SSL_write (ssl, buffer, strlen (buffer)) == -1) { +#ifdef HAVE_SSL + if (use_ssl == TRUE) { + if (SSL_write (ssl, buf, strlen (buf)) == -1) { ERR_print_errors_fp (stderr); return STATE_CRITICAL; } - } else { #endif - if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) { - msg = ssprintf (msg, "Unable to open TCP socket"); - terminate (STATE_CRITICAL, msg); - } - snprintf (buffer, MAX_INPUT_BUFFER - 1, "%s %s HTTP/1.0\r\n", http_method, server_url); - send (sd, buffer, strlen (buffer), 0); - - - - /* optionally send the host header info */ - if (strcmp (host_name, "")) { - snprintf (buffer, MAX_INPUT_BUFFER - 1, "Host: %s\r\n", host_name); - send (sd, buffer, strlen (buffer), 0); - } - - /* send user agent */ - snprintf (buffer, MAX_INPUT_BUFFER - 1, - "User-Agent: check_http/%s (nagios-plugins %s)\r\n", - clean_revstring (REVISION), PACKAGE_VERSION); - send (sd, buffer, strlen (buffer), 0); - - /* optionally send the authentication info */ - if (strcmp (user_auth, "")) { - auth = base64 (user_auth, strlen (user_auth)); - snprintf (buffer, MAX_INPUT_BUFFER - 1, "Authorization: Basic %s\r\n", auth); - send (sd, buffer, strlen (buffer), 0); - } - - /* optionally send http POST data */ - /* written by Chris Henesy */ - if (http_post_data) { - snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Type: application/x-www-form-urlencoded\r\n"); - send (sd, buffer, strlen (buffer), 0); - snprintf (buffer, MAX_INPUT_BUFFER - 1, "Content-Length: %i\r\n\r\n", strlen (http_post_data)); - send (sd, buffer, strlen (buffer), 0); - http_post_data = strscat (http_post_data, "\r\n"); - send (sd, http_post_data, strlen (http_post_data), 0); - } - - /* send a newline so the server knows we're done with the request */ - snprintf (buffer, MAX_INPUT_BUFFER - 1, "\r\n\r\n"); - send (sd, buffer, strlen (buffer), 0); + send (sd, buf, strlen (buf), 0); #ifdef HAVE_SSL } #endif /* fetch the page */ - pagesize = (size_t) 0; while ((i = my_recv ()) > 0) { - full_page = strscat (full_page, buffer); + buffer[i] = '\0'; + asprintf (&full_page, "%s%s", full_page, buffer); pagesize += i; } - if (i < 0) + if (i < 0) { +#ifdef HAVE_SSL + sslerr=SSL_get_error(ssl, i); + if ( sslerr == SSL_ERROR_SSL ) { + terminate (STATE_WARNING, "Client Certificate Required\n"); + } else { + terminate (STATE_CRITICAL, "Error in recv()"); + } +#else terminate (STATE_CRITICAL, "Error in recv()"); +#endif + } /* return a CRITICAL status if we couldn't read any data */ if (pagesize == (size_t) 0) @@ -688,7 +669,7 @@ check_http (void) page += (size_t) strcspn (page, "\r\n"); pos = page; page += (size_t) strspn (page, "\r\n"); - status_line[pos - status_line] = 0; + status_line[strcspn(status_line, "\r\n")] = 0; strip (status_line); if (verbose) printf ("STATUS: %s\n", status_line); @@ -712,9 +693,9 @@ check_http (void) /* make sure the status line matches the response we are looking for */ if (!strstr (status_line, server_expect)) { if (server_port == HTTP_PORT) - msg = ssprintf (msg, "Invalid HTTP response received from host\n"); + asprintf (&msg, "Invalid HTTP response received from host\n"); else - msg = ssprintf (msg, + asprintf (&msg, "Invalid HTTP response received from host on port %d\n", server_port); terminate (STATE_CRITICAL, msg); @@ -723,7 +704,7 @@ check_http (void) /* Exit here if server_expect was set by user and not default */ if ( server_expect_yn ) { - msg = ssprintf (msg, "HTTP OK: Status line output matched \"%s\"\n", + asprintf (&msg, "HTTP OK: Status line output matched \"%s\"\n", server_expect); if (verbose) printf ("%s\n",msg); @@ -738,8 +719,7 @@ check_http (void) strstr (status_line, "501") || strstr (status_line, "502") || strstr (status_line, "503")) { - msg = ssprintf (msg, "HTTP CRITICAL: %s\n", status_line); - terminate (STATE_CRITICAL, msg); + terminate (STATE_CRITICAL, "HTTP CRITICAL: %s\n", status_line); } /* client errors result in a warning state */ @@ -748,8 +728,7 @@ check_http (void) strstr (status_line, "402") || strstr (status_line, "403") || strstr (status_line, "404")) { - msg = ssprintf (msg, "HTTP WARNING: %s\n", status_line); - terminate (STATE_WARNING, msg); + terminate (STATE_WARNING, "HTTP WARNING: %s\n", status_line); } /* check redirected page if specified */ @@ -759,49 +738,54 @@ check_http (void) strstr (status_line, "303") || strstr (status_line, "304")) { if (onredirect == STATE_DEPENDENT) { - + + asprintf (&orig_url, "%s", server_url); pos = header; while (pos) { server_address = realloc (server_address, MAX_IPV4_HOSTLENGTH); if (server_address == NULL) terminate (STATE_UNKNOWN, "HTTP UNKNOWN: could not allocate server_address"); - if (strspn (pos, "\r\n") > server_url_length) { - server_url = realloc (server_url, strspn (pos, "\r\n")); + if (strcspn (pos, "\r\n") > server_url_length) { + server_url = realloc (server_url, strcspn (pos, "\r\n")); if (server_url == NULL) terminate (STATE_UNKNOWN, - "HTTP UNKNOWN: could not allocate server_url"); - server_url_length = strspn (pos, "\r\n"); + "HTTP UNKNOWN: could not allocate server_url"); + server_url_length = strcspn (pos, "\r\n"); } if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT URI_PATH, server_type, server_address, server_port_text, server_url) == 4) { - host_name = strscpy (host_name, server_address); + asprintf (&host_name, "%s", server_address); use_ssl = server_type_check (server_type); server_port = atoi (server_port_text); check_http (); } else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PATH, server_type, server_address, server_url) == 3 ) { - host_name = strscpy (host_name, server_address); + asprintf (&host_name, "%s", server_address); use_ssl = server_type_check (server_type); server_port = server_port_check (use_ssl); check_http (); } else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST URI_PORT, server_type, server_address, server_port_text) == 3) { - host_name = strscpy (host_name, server_address); + asprintf (&host_name, "%s", server_address); strcpy (server_url, "/"); use_ssl = server_type_check (server_type); server_port = atoi (server_port_text); check_http (); } else if (sscanf (pos, HDR_LOCATION URI_HTTP URI_HOST, server_type, server_address) == 2) { - host_name = strscpy (host_name, server_address); + asprintf (&host_name, "%s", server_address); strcpy (server_url, "/"); use_ssl = server_type_check (server_type); server_port = server_port_check (use_ssl); check_http (); } - else if (sscanf (pos, HDR_LOCATION URI_PATH, server_url) == 1) { + else if (sscanf (pos, HDR_LOCATION URI_PATH, server_url) == 1) { + if ((server_url[0] != '/') && (x = strrchr(orig_url, '/'))) { + *x = '\0'; + asprintf (&server_url, "%s/%s", orig_url, server_url); + } check_http (); - } + } pos += (size_t) strcspn (pos, "\r\n"); pos += (size_t) strspn (pos, "\r\n"); } /* end while (pos) */ @@ -818,10 +802,10 @@ check_http (void) printf ("HTTP WARNING"); else if (onredirect == STATE_CRITICAL) printf ("HTTP CRITICAL"); - time (&end_time); - msg = ssprintf (msg, ": %s - %d second response time %s%s|time=%d\n", - status_line, (int) (end_time - start_time), timestamp, - (display_html ? "" : ""), (int) (end_time - start_time)); + elapsed_time = delta_time (tv); + asprintf (&msg, ": %s - %7.3f second response time %s%s|time=%7.3f\n", + status_line, elapsed_time, timestamp, + (display_html ? "" : ""), elapsed_time); terminate (onredirect, msg); } /* end if (strstr (status_line, "30[0-4]") */ @@ -830,13 +814,13 @@ check_http (void) /* check elapsed time */ - time (&end_time); - msg = ssprintf (msg, "HTTP problem: %s - %d second response time %s%s|time=%d\n", - status_line, (int) (end_time - start_time), timestamp, - (display_html ? "" : ""), (int) (end_time - start_time)); - if (check_critical_time == TRUE && (end_time - start_time) > critical_time) + elapsed_time = delta_time (tv); + asprintf (&msg, "HTTP problem: %s - %7.3f second response time %s%s|time=%7.3f\n", + status_line, elapsed_time, timestamp, + (display_html ? "" : ""), elapsed_time); + if (check_critical_time == TRUE && elapsed_time > critical_time) terminate (STATE_CRITICAL, msg); - if (check_warning_time == TRUE && (end_time - start_time) > warning_time) + if (check_warning_time == TRUE && elapsed_time > warning_time) terminate (STATE_WARNING, msg); /* Page and Header content checks go here */ @@ -844,14 +828,14 @@ check_http (void) if (strlen (string_expect)) { if (strstr (page, string_expect)) { - printf ("HTTP ok: %s - %d second response time %s%s|time=%d\n", - status_line, (int) (end_time - start_time), - timestamp, (display_html ? "" : ""), (int) (end_time - start_time)); + printf ("HTTP ok: %s - %7.3f second response time %s%s|time=%7.3f\n", + status_line, elapsed_time, + timestamp, (display_html ? "" : ""), elapsed_time); exit (STATE_OK); } else { - printf ("HTTP CRITICAL: string not found%s|time=%d\n", - (display_html ? "" : ""), (int) (end_time - start_time)); + printf ("HTTP CRITICAL: string not found%s|time=%7.3f\n", + (display_html ? "" : ""), elapsed_time); exit (STATE_CRITICAL); } } @@ -859,15 +843,15 @@ check_http (void) if (strlen (regexp)) { errcode = regexec (&preg, page, REGS, pmatch, 0); if (errcode == 0) { - printf ("HTTP ok: %s - %d second response time %s%s|time=%d\n", - status_line, (int) (end_time - start_time), - timestamp, (display_html ? "" : ""), (int) (end_time - start_time)); + printf ("HTTP ok: %s - %7.3f second response time %s%s|time=%7.3f\n", + status_line, elapsed_time, + timestamp, (display_html ? "" : ""), elapsed_time); exit (STATE_OK); } else { if (errcode == REG_NOMATCH) { - printf ("HTTP CRITICAL: pattern not found%s|time=%d\n", - (display_html ? "" : ""), (int) (end_time - start_time)); + printf ("HTTP CRITICAL: pattern not found%s|time=%7.3f\n", + (display_html ? "" : ""), elapsed_time); exit (STATE_CRITICAL); } else { @@ -879,10 +863,17 @@ check_http (void) } #endif + /* make sure the page is of an appropriate size */ + page_len = strlen (page); + if ((min_page_len > 0) && (page_len < min_page_len)) { + printf ("HTTP WARNING: page size too small%s|size=%i\n", + (display_html ? "" : ""), page_len ); + exit (STATE_WARNING); + } /* We only get here if all tests have been passed */ - msg = ssprintf (msg, "HTTP ok: %s - %d second response time %s%s|time=%d\n", - status_line, (int) (end_time - start_time), - timestamp, (display_html ? "" : ""), (int) (end_time - start_time)); + asprintf (&msg, "HTTP ok: %s - %7.3f second response time %s%s|time=%7.3f\n", + status_line, (float)elapsed_time, + timestamp, (display_html ? "" : ""), elapsed_time); terminate (STATE_OK, msg); return STATE_UNKNOWN; } @@ -894,8 +885,11 @@ int connect_SSL (void) { SSL_METHOD *meth; - randbuff = strscpy (NULL, "qwertyuiopasdfghjkl"); + asprintf (&randbuff, "%s", "qwertyuiopasdfghjklqwertyuiopasdfghjkl"); RAND_seed (randbuff, strlen (randbuff)); + if (verbose) + printf("SSL seeding: %s\n", (RAND_status()==1 ? "OK" : "Failed") ); + /* Initialize SSL context */ SSLeay_add_ssl_algorithms (); meth = SSLv23_client_method (); @@ -912,7 +906,7 @@ int connect_SSL (void) alarm (socket_timeout); /* Save start time */ - time (&start_time); + gettimeofday (&tv, NULL); /* Make TCP connection */ if (my_tcp_connect (server_address, server_port, &sd) == STATE_OK) { @@ -945,8 +939,6 @@ check_certificate (X509 ** certificate) int offset; struct tm stamp; int days_left; - /* int result = STATE_OK; */ - /* char timestamp[14]; */ /* Retrieve timestamp of certificate */ @@ -991,7 +983,7 @@ check_certificate (X509 ** certificate) days_left = (mktime (&stamp) - time (NULL)) / 86400; snprintf - (timestamp, MAX_INPUT_BUFFER - 1, "%02d/%02d/%04d %02d:%02d", + (timestamp, 16, "%02d/%02d/%04d %02d:%02d", stamp.tm_mon + 1, stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); @@ -1058,14 +1050,14 @@ my_close (void) void print_help (void) { - print_revision (PROGNAME, REVISION); + print_revision (progname, REVISION); printf ("Copyright (c) %s %s <%s>\n\n%s\n", COPYRIGHT, AUTHORS, EMAIL, SUMMARY); print_usage (); printf ("NOTE: One or both of -H and -I must be specified\n"); printf ("\nOptions:\n" LONGOPTIONS "\n", HTTP_EXPECT, HTTP_PORT, - DEFAULT_SOCKET_TIMEOUT, SSLOPTIONS); + DEFAULT_SOCKET_TIMEOUT, SSLOPTIONS, REGOPTIONS); #ifdef HAVE_SSL printf (SSLDESCRIPTION); #endif @@ -1083,5 +1075,5 @@ print_usage (void) " %s -h for detailed help\n" " %s -V for version information\n", #endif - PROGNAME, OPTIONS, PROGNAME, PROGNAME); + progname, OPTIONS, progname, progname); }