diff options
author | Sven Nierlein <sven@nierlein.de> | 2020-05-18 13:43:17 +0200 |
---|---|---|
committer | Sven Nierlein <sven@nierlein.de> | 2020-05-18 13:43:17 +0200 |
commit | 84fd9ae893b53c7dfde78845817d4e1c87b7fed5 (patch) | |
tree | d40bd5f03c0cf21be2ff3d5031b434021ac74480 | |
parent | 8a64e47083674a83f6825d6438f96ec21e6f3168 (diff) | |
download | monitoring-plugins-84fd9ae893b53c7dfde78845817d4e1c87b7fed5.tar.gz |
check_curl: use CURLOPT_RESOLVE to fix connecting to the right ip
when using ssl, the composed url contains the hostname instead of the specified
ip. So use CURLOPT_RESOLVE to make curl still connect to the ip.
-rw-r--r-- | plugins/check_curl.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 947144a4..2b0e3783 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -366,6 +366,17 @@ check_http (void) handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, socket_timeout), "CURLOPT_CONNECTTIMEOUT"); handle_curl_option_return_code (curl_easy_setopt (curl, CURLOPT_TIMEOUT, socket_timeout), "CURLOPT_TIMEOUT"); + // fill dns resolve cache to make curl connect to the given server_address instead of the host_name, only required for ssl, because we use the host_name later on to make SNI happy + if(use_ssl) { + struct curl_slist *host = NULL; + char dnscache[DEFAULT_BUFFER_SIZE]; + snprintf (dnscache, DEFAULT_BUFFER_SIZE, "%s:%d:%s", host_name, server_port, server_address); + host = curl_slist_append(NULL, dnscache); + curl_easy_setopt(curl, CURLOPT_RESOLVE, host); + if (verbose>=1) + printf ("* curl CURLOPT_RESOLVE: %s\n", dnscache); + } + /* compose URL: use the address we want to connect to, set Host: header later */ snprintf (url, DEFAULT_BUFFER_SIZE, "%s://%s:%d%s", use_ssl ? "https" : "http", |