aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Sven Nierlein <sven@nierlein.de> 2020-05-18 13:43:17 +0200
committerGravatar Sven Nierlein <sven@nierlein.de> 2020-05-18 13:43:17 +0200
commit84fd9ae893b53c7dfde78845817d4e1c87b7fed5 (patch)
treed40bd5f03c0cf21be2ff3d5031b434021ac74480
parent8a64e47083674a83f6825d6438f96ec21e6f3168 (diff)
downloadmonitoring-plugins-84fd9ae893b53c7dfde78845817d4e1c87b7fed5.tar.gz
check_curl: use CURLOPT_RESOLVE to fix connecting to the right ip
when using ssl, the composed url contains the hostname instead of the specified ip. So use CURLOPT_RESOLVE to make curl still connect to the ip.
-rw-r--r--plugins/check_curl.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index 947144a4..2b0e3783 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -366,6 +366,17 @@ check_http (void)
handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, socket_timeout), "CURLOPT_CONNECTTIMEOUT");
handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_TIMEOUT, socket_timeout), "CURLOPT_TIMEOUT");
+ // fill dns resolve cache to make curl connect to the given server_address instead of the host_name, only required for ssl, because we use the host_name later on to make SNI happy
+ if(use_ssl) {
+ struct curl_slist *host = NULL;
+ char dnscache[DEFAULT_BUFFER_SIZE];
+ snprintf (dnscache, DEFAULT_BUFFER_SIZE, "%s:%d:%s", host_name, server_port, server_address);
+ host = curl_slist_append(NULL, dnscache);
+ curl_easy_setopt(curl, CURLOPT_RESOLVE, host);
+ if (verbose>=1)
+ printf ("* curl CURLOPT_RESOLVE: %s\n", dnscache);
+ }
+
/* compose URL: use the address we want to connect to, set Host: header later */
snprintf (url, DEFAULT_BUFFER_SIZE, "%s://%s:%d%s",
use_ssl ? "https" : "http",