![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/plugins/check_ssh.c b/plugins/check_ssh.c
index d78189fc793100e146b2f0da3fe79ec8a66609b4..9a1934383111ff5b5b738d82bb7731b8af546dc6 100644 (file)
--- a/plugins/check_ssh.c
+++ b/plugins/check_ssh.c
-/*
-* check_ssh.c
+/*****************************************************************************
*
-* Made by (Remi PAULMIER)
-* Login <remi@sinfomic.fr>
+* Nagios check_ssh plugin
*
-* Started on Fri Jul 9 09:18:23 1999 Remi PAULMIER
-* Update Thu Jul 22 12:50:04 1999 remi paulmier
-* $Id$
-*
-*/
+* License: GPL
+* Copyright (c) 2000-2007 Nagios Plugins Development Team
+*
+* Description:
+*
+* This file contains the check_ssh plugin
+*
+* Try to connect to an SSH server at specified server and port
+*
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU General Public License as published by
+* the Free Software Foundation, either version 3 of the License, or
+* (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+* GNU General Public License for more details.
+*
+* You should have received a copy of the GNU General Public License
+* along with this program. If not, see <http://www.gnu.org/licenses/>.
+*
+*
+*****************************************************************************/
+
+const char *progname = "check_ssh";
+const char *copyright = "2000-2007";
+const char *email = "nagiosplug-devel@lists.sourceforge.net";
-#include "config.h"
#include "common.h"
#include "netutils.h"
#include "utils.h"
-#define PROGNAME "check_ssh"
-
#ifndef MSG_DONTWAIT
#define MSG_DONTWAIT 0
#endif
#define SSH_DFL_PORT 22
#define BUFF_SZ 256
-short port = -1;
+int port = -1;
char *server_name = NULL;
+char *remote_version = NULL;
int verbose = FALSE;
int process_arguments (int, char **);
-int call_getopt (int, char **);
int validate_arguments (void);
void print_help (void);
void print_usage (void);
-char *ssh_resolve (char *hostname);
-int ssh_connect (char *haddr, short hport);
+int ssh_connect (char *haddr, int hport, char *remote_version);
+
+
int
main (int argc, char **argv)
{
+ int result = STATE_UNKNOWN;
+
+ setlocale (LC_ALL, "");
+ bindtextdomain (PACKAGE, LOCALEDIR);
+ textdomain (PACKAGE);
+
+ /* Parse extra opts if any */
+ argv=np_extra_opts (&argc, argv, progname);
if (process_arguments (argc, argv) == ERROR)
- usage ("Could not parse arguments\n");
+ usage4 (_("Could not parse arguments"));
/* initialize alarm signal handling */
signal (SIGALRM, socket_timeout_alarm_handler);
+
alarm (socket_timeout);
/* ssh_connect exits if error is found */
- ssh_connect (ssh_resolve (server_name), port);
+ result = ssh_connect (server_name, port, remote_version);
alarm (0);
- return (STATE_OK);
+ return (result);
}
+
/* process command-line arguments */
int
process_arguments (int argc, char **argv)
{
int c;
+ int option = 0;
+ static struct option longopts[] = {
+ {"help", no_argument, 0, 'h'},
+ {"version", no_argument, 0, 'V'},
+ {"host", required_argument, 0, 'H'}, /* backward compatibility */
+ {"hostname", required_argument, 0, 'H'},
+ {"port", required_argument, 0, 'p'},
+ {"use-ipv4", no_argument, 0, '4'},
+ {"use-ipv6", no_argument, 0, '6'},
+ {"timeout", required_argument, 0, 't'},
+ {"verbose", no_argument, 0, 'v'},
+ {"remote-version", required_argument, 0, 'r'},
+ {0, 0, 0, 0}
+ };
+
if (argc < 2)
return ERROR;
if (strcmp ("-to", argv[c]) == 0)
strcpy (argv[c], "-t");
- c = 0;
- while (c += (call_getopt (argc - c, &argv[c]))) {
- if (argc <= c)
- break;
- if (server_name == NULL) {
- server_name = argv[c];
- }
- else if (port == -1) {
- if (is_intpos (argv[c])) {
- port = atoi (argv[c]);
- }
- else {
- print_usage ();
- exit (STATE_UNKNOWN);
- }
- }
- }
-
- return validate_arguments ();
-}
-
-
-/************************************************************************
-*
-* Run the getopt until we encounter a non-option entry in the arglist
-*
-*-----------------------------------------------------------------------*/
-
-int
-call_getopt (int argc, char **argv)
-{
- int c, i = 1;
-
-#ifdef HAVE_GETOPT_H
- int option_index = 0;
- static struct option long_options[] = {
- {"version", no_argument, 0, 'V'},
- {"help", no_argument, 0, 'h'},
- {"verbose", no_argument, 0, 'v'},
- {"timeout", required_argument, 0, 't'},
- {"host", required_argument, 0, 'H'},
- {0, 0, 0, 0}
- };
-#endif
-
while (1) {
-#ifdef HAVE_GETOPT_H
- c = getopt_long (argc, argv, "+Vhvt:H:p:", long_options, &option_index);
-#else
- c = getopt (argc, argv, "+Vhvt:H:p:");
-#endif
+ c = getopt_long (argc, argv, "+Vhv46t:r:H:p:", longopts, &option);
if (c == -1 || c == EOF)
break;
- i++;
- switch (c) {
- case 't':
- case 'H':
- case 'p':
- i++;
- }
-
switch (c) {
case '?': /* help */
- usage ("");
+ usage5 ();
case 'V': /* version */
- print_revision (my_basename (argv[0]), "$Revision$");
+ print_revision (progname, NP_VERSION);
exit (STATE_OK);
case 'h': /* help */
print_help ();
exit (STATE_OK);
- case 'v': /* verose */
+ case 'v': /* verbose */
verbose = TRUE;
break;
case 't': /* timeout period */
if (!is_integer (optarg))
- usage ("Timeout Interval must be an integer!\n\n");
- socket_timeout = atoi (optarg);
+ usage2 (_("Timeout interval must be a positive integer"), optarg);
+ else
+ socket_timeout = atoi (optarg);
+ break;
+ case '4':
+ address_family = AF_INET;
+ break;
+ case '6':
+#ifdef USE_IPV6
+ address_family = AF_INET6;
+#else
+ usage4 (_("IPv6 support not available"));
+#endif
+ break;
+ case 'r': /* remote version */
+ remote_version = optarg;
break;
case 'H': /* host */
+ if (is_host (optarg) == FALSE)
+ usage2 (_("Invalid hostname/address"), optarg);
server_name = optarg;
break;
case 'p': /* port */
port = atoi (optarg);
}
else {
- printf ("Port number nust be a positive integer: %s\n", optarg);
- usage ("");
+ usage2 (_("Port number must be a positive integer"), optarg);
}
}
+ }
+ c = optind;
+ if (server_name == NULL && c < argc) {
+ if (is_host (argv[c])) {
+ server_name = argv[c++];
+ }
}
- return i;
+
+ if (port == -1 && c < argc) {
+ if (is_intpos (argv[c])) {
+ port = atoi (argv[c++]);
+ }
+ else {
+ print_usage ();
+ exit (STATE_UNKNOWN);
+ }
+ }
+
+ return validate_arguments ();
}
int
}
-/************************************************************************
-*
-* Resolve hostname into IP address
-*
-*-----------------------------------------------------------------------*/
-
-char *
-ssh_resolve (char *hostname)
-{
- struct hostent *host;
-
- host = gethostbyname (hostname);
- if (!host) {
- herror (hostname);
- exit (STATE_CRITICAL);
- }
- return (host->h_addr);
-}
-
-
/************************************************************************
*
* Try to connect to SSH server at specified server and port
*
*-----------------------------------------------------------------------*/
+
int
-ssh_connect (char *haddr, short hport)
+ssh_connect (char *haddr, int hport, char *remote_version)
{
- int s;
- struct sockaddr_in addr;
- int addrlen;
- int len;
+ int sd;
+ int result;
char *output = NULL;
char *buffer = NULL;
char *ssh_proto = NULL;
char *ssh_server = NULL;
- char revision[20];
+ static char *rev_no = VERSION;
- sscanf ("$Revision$", "$Revision: %[0123456789.]", revision);
+ result = my_tcp_connect (haddr, hport, &sd);
- addrlen = sizeof (addr);
- memset (&addr, 0, addrlen);
- addr.sin_port = htons (hport);
- addr.sin_family = AF_INET;
- bcopy (haddr, (void *) &addr.sin_addr.s_addr, 4);
-
- s = socket (AF_INET, SOCK_STREAM, 0);
- if (!s) {
- printf ("socket(): %s for %s:%d\n", strerror (errno), server_name, hport);
- exit (STATE_CRITICAL);
- }
-
- if (connect (s, (struct sockaddr *) &addr, addrlen)) {
- printf ("connect(): %s for %s:%d\n", strerror (errno), server_name,
- hport);
- exit (STATE_CRITICAL);
- }
+ if (result != STATE_OK)
+ return result;
output = (char *) malloc (BUFF_SZ + 1);
memset (output, 0, BUFF_SZ + 1);
- recv (s, output, BUFF_SZ, 0);
+ recv (sd, output, BUFF_SZ, 0);
if (strncmp (output, "SSH", 3)) {
- printf ("Server answer: %s", output);
+ printf (_("Server answer: %s"), output);
+ close(sd);
exit (STATE_CRITICAL);
}
else {
if (verbose)
printf ("%s\n", output);
ssh_proto = output + 4;
- ssh_server = ssh_proto + strspn (ssh_proto, "0123456789-. ");
- ssh_proto[strspn (ssh_proto, "0123456789-. ")] = 0;
- printf
- ("SSH ok - protocol version %s - server version %s\n",
- ssh_proto, ssh_server);
- buffer =
- ssprintf (buffer, "SSH-%s-check_ssh_%s\r\n", ssh_proto, revision);
- send (s, buffer, strlen (buffer), MSG_DONTWAIT);
+ ssh_server = ssh_proto + strspn (ssh_proto, "-0123456789. ");
+ ssh_proto[strspn (ssh_proto, "0123456789. ")] = 0;
+
+ asprintf (&buffer, "SSH-%s-check_ssh_%s\r\n", ssh_proto, rev_no);
+ send (sd, buffer, strlen (buffer), MSG_DONTWAIT);
if (verbose)
printf ("%s\n", buffer);
+
+ if (remote_version && strcmp(remote_version, ssh_server)) {
+ printf
+ (_("SSH WARNING - %s (protocol %s) version mismatch, expected '%s'\n"),
+ ssh_server, ssh_proto, remote_version);
+ close(sd);
+ exit (STATE_WARNING);
+ }
+
+ printf
+ (_("SSH OK - %s (protocol %s)\n"),
+ ssh_server, ssh_proto);
+ close(sd);
exit (STATE_OK);
}
}
+
+
void
print_help (void)
{
- print_revision (PROGNAME, "$Revision$");
- printf ("Copyright (c) 1999 Remi Paulmier (remi@sinfomic.fr)\n\n");
+ char *myport;
+ asprintf (&myport, "%d", SSH_DFL_PORT);
+
+ print_revision (progname, NP_VERSION);
+
+ printf ("Copyright (c) 1999 Remi Paulmier <remi@sinfomic.fr>\n");
+ printf (COPYRIGHT, copyright, email);
+
+ printf ("%s\n", _("Try to connect to an SSH server at specified server and port"));
+
+ printf ("\n\n");
+
print_usage ();
- printf ("by default, port is %d\n", SSH_DFL_PORT);
+
+ printf (UT_HELP_VRSN);
+ printf (UT_EXTRA_OPTS);
+
+ printf (UT_HOST_PORT, 'p', myport);
+
+ printf (UT_IPv46);
+
+ printf (UT_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
+
+ printf (" %s\n", "-r, --remote-version=STRING");
+ printf (" %s\n", _("Warn if string doesn't match expected server version (ex: OpenSSH_3.9p1)"));
+
+ printf (UT_VERBOSE);
+
+#ifdef NP_EXTRA_OPTS
+ printf ("\n");
+ printf ("%s\n", _("Notes:"));
+ printf (UT_EXTRA_OPTS_NOTES);
+#endif
+
+ printf (UT_SUPPORT);
}
+
+
void
print_usage (void)
{
- printf
- ("Usage:\n"
- " %s -t [timeout] -p [port] <host>\n"
- " %s -V prints version info\n"
- " %s -h prints more detailed help\n", PROGNAME, PROGNAME, PROGNAME);
+ printf (_("Usage:"));
+ printf ("%s [-46] [-t <timeout>] [-r <remote version>] [-p <port>] <host>\n", progname);
}
-/* end of check_ssh.c */