diff options
| -rw-r--r-- | configure.in | 1 | ||||
| -rw-r--r-- | plugins/Makefile.am | 5 | ||||
| -rw-r--r-- | plugins/check_by_ssh.c | 4 | ||||
| -rw-r--r-- | plugins/check_game.c | 4 | ||||
| -rw-r--r-- | plugins/check_http.c | 4 | ||||
| -rw-r--r-- | plugins/check_ide_smart.c | 2 | ||||
| -rw-r--r-- | plugins/check_ldap.c | 67 | ||||
| -rw-r--r-- | plugins/check_snmp.c | 2 | ||||
| -rw-r--r-- | plugins/check_tcp.c | 2 |
9 files changed, 79 insertions, 12 deletions
diff --git a/configure.in b/configure.in index 36f86051..65dc698a 100644 --- a/configure.in +++ b/configure.in @@ -204,6 +204,7 @@ if test "$ac_cv_lib_ldap_main" = "yes"; then AC_SUBST(LDAPINCLUDE) AC_CHECK_FUNCS(ldap_set_option) EXTRAS="$EXTRAS check_ldap" + AC_CHECK_FUNCS(ldap_init ldap_set_option ldap_get_option ldap_start_tls_s) else AC_MSG_WARN([Skipping LDAP plugin]) AC_MSG_WARN([install LDAP libs to compile this plugin (see REQUIREMENTS).]) diff --git a/plugins/Makefile.am b/plugins/Makefile.am index eb67e458..2c0a5c2d 100644 --- a/plugins/Makefile.am +++ b/plugins/Makefile.am @@ -140,8 +140,9 @@ $(check_tcp_programs): check_tcp install-exec-hook: cd $(DESTDIR)$(libexecdir) && \ - for i in $(check_tcp_programs) ; do rm -f $$i; ln -s check_tcp $$i ; done - + for i in $(check_tcp_programs) ; do rm -f $$i; ln -s check_tcp $$i ; done ;\ + rm -f check_ldaps ; ln -s -f check_ldap check_ldaps + clean-local: rm -f $(check_tcp_programs) diff --git a/plugins/check_by_ssh.c b/plugins/check_by_ssh.c index dd2230a0..f31c9c61 100644 --- a/plugins/check_by_ssh.c +++ b/plugins/check_by_ssh.c @@ -393,13 +393,13 @@ To use passive mode, provide multiple '-C' options, and provide\n\ all of -O, -s, and -n options (servicelist order must match '-C'\n\ options)\n")); - printf (_("\n\ + printf ("\n\ $ check_by_ssh -H localhost -n lh -s c1:c2:c3 \\\n\ -C uptime -C uptime -C uptime -O /tmp/foo\n\ $ cat /tmp/foo\n\ [1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c1;0; up 2 days...\n\ [1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c2;0; up 2 days...\n\ -[1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c3;0; up 2 days...\n")); +[1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c3;0; up 2 days...\n"); printf (_(UT_SUPPORT)); } diff --git a/plugins/check_game.c b/plugins/check_game.c index 9a6e53e7..6699c71d 100644 --- a/plugins/check_game.c +++ b/plugins/check_game.c @@ -300,9 +300,9 @@ print_help (void) print_revision (progname, revision); printf ("Copyright (c) 1999 Ian Cass, Knowledge Matters Limited\n"); - printf (_(COPYRIGHT), copyright, email); + printf (COPYRIGHT, copyright, email); - printf (_("This plugin tests game server connections with the specified host."), progname); + printf (_("This plugin tests game server connections with the specified host.")); print_usage (); diff --git a/plugins/check_http.c b/plugins/check_http.c index dd058219..5f96e31e 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c @@ -1490,11 +1490,11 @@ the certificate is expired.\n")); void print_usage (void) { - printf (_("\ + printf ("\ Usage: %s -H <vhost> | -I <IP-address>) [-u <uri>] [-p <port>]\n\ [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L]\n\ [-a auth] [-f <ok | warn | critcal | follow>] [-e <expect>]\n\ [-s string] [-l] [-r <regex> | -R <case-insensitive regex>]\n\ [-P string] [-m min_pg_size] [-4|-6] [-N] [-M <age>]\n\ - [-A string] [-k string]\n"), progname); + [-A string] [-k string]\n", progname); } diff --git a/plugins/check_ide_smart.c b/plugins/check_ide_smart.c index 1c0af310..644dc488 100644 --- a/plugins/check_ide_smart.c +++ b/plugins/check_ide_smart.c @@ -498,7 +498,7 @@ print_help () printf ("(C) 1999 Ragnar Hojland Espinosa <ragnar@lightside.dhis.org>\n"); printf (COPYRIGHT, copyright, email); - printf (_("\ + printf ("\ Usage: %s [DEVICE] [OPTION]\n\ -d, --device=DEVICE\n\ Select device DEVICE\n\ diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c index e77ad308..29bc01b2 100644 --- a/plugins/check_ldap.c +++ b/plugins/check_ldap.c @@ -57,6 +57,10 @@ double warn_time = UNDEFINED; double crit_time = UNDEFINED; struct timeval tv; +/* for ldap tls */ + +char *SERVICE = "LDAP"; + int main (int argc, char *argv[]) { @@ -69,11 +73,20 @@ main (int argc, char *argv[]) int status = STATE_UNKNOWN; long microsec; double elapsed_time; + + /* for ldap tls */ + + int tls; + int version=3; setlocale (LC_ALL, ""); bindtextdomain (PACKAGE, LOCALEDIR); textdomain (PACKAGE); + if (strstr(argv[0],"check_ldaps")) { + asprintf (&progname, "check_ldaps"); + } + if (process_arguments (argc, argv) == ERROR) usage4 (_("Could not parse arguments")); @@ -87,12 +100,19 @@ main (int argc, char *argv[]) gettimeofday (&tv, NULL); /* initialize ldap */ +#ifdef HAVE_LDAP_INIT + if (!(ld = ldap_init (ld_host, ld_port))) { + printf ("Could not connect to the server at port %i\n", ld_port); + return STATE_CRITICAL; + } +#else if (!(ld = ldap_open (ld_host, ld_port))) { /*ldap_perror(ld, "ldap_open"); */ printf (_("Could not connect to the server at port %i\n"), ld_port); return STATE_CRITICAL; } - +#endif /* HAVE_LDAP_INIT */ + #ifdef HAVE_LDAP_SET_OPTION /* set ldap options */ if (ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &ld_protocol) != @@ -101,6 +121,51 @@ main (int argc, char *argv[]) return STATE_CRITICAL; } #endif + + if (strstr(argv[0],"check_ldaps")) { + /* with TLS */ + if ( ld_port == LDAPS_PORT ) { + asprintf (&SERVICE, "LDAPS"); +#if defined(HAVE_LDAP_SET_OPTION) && defined(LDAP_OPT_X_TLS) + /* ldaps: set option tls */ + tls = LDAP_OPT_X_TLS_HARD; + + if (ldap_set_option (ld, LDAP_OPT_X_TLS, &tls) != LDAP_SUCCESS) + { + /*ldap_perror(ld, "ldaps_option"); */ + printf ("Could not init TLS at port %i!\n", ld_port); + return STATE_CRITICAL; + } +#else + printf ("TLS not supported by the libraries!\n", ld_port); + return STATE_CRITICAL; +#endif /* LDAP_OPT_X_TLS */ + } else { + asprintf (&SERVICE, "LDAP-TLS"); +#if defined(HAVE_LDAP_SET_OPTION) && defined(HAVE_LDAP_START_TLS_S) + /* ldap with startTLS: set option version */ + if (ldap_get_option(ld,LDAP_OPT_PROTOCOL_VERSION, &version) == LDAP_OPT_SUCCESS ) + { + if (version < LDAP_VERSION3) + { + version = LDAP_VERSION3; + ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); + } + } + /* call start_tls */ + if (ldap_start_tls_s(ld, NULL, NULL) != LDAP_SUCCESS) + { + /*ldap_perror(ld, "ldap_start_tls"); */ + printf ("Could not init startTLS at port %i!\n", ld_port); + return STATE_CRITICAL; + } +#else + printf ("startTLS not supported by the library, needs LDAPv3!\n"); + return STATE_CRITICAL; +#endif /* HAVE_LDAP_START_TLS_S */ + } + } + /* bind to the ldap server */ if (ldap_bind_s (ld, ld_binddn, ld_passwd, LDAP_AUTH_SIMPLE) != LDAP_SUCCESS) { diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index ab110fbd..c1c4ea83 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -656,7 +656,7 @@ validate_arguments () } else if ( strcmp(seclevel, "authPriv") == 0 ) { if ( secname == NULL || authpasswd == NULL || privpasswd == NULL ) { - printf (("Missing secname (%s), authpassword (%s), or privpasswd (%s)! \n"),secname, authpasswd,privpasswd ); + printf (_("Missing secname (%s), authpassword (%s), or privpasswd (%s)! \n"),secname, authpasswd,privpasswd ); print_usage (); exit (STATE_UNKNOWN); } diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index ce57631a..7d8d8149 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -479,7 +479,7 @@ process_arguments (int argc, char **argv) break; case 'H': /* hostname */ if (is_host (optarg) == FALSE) - usage2 (_("invalid hostname/address"), optarg); + usage2 (_("Invalid hostname/address"), optarg); server_address = optarg; break; case 'c': /* critical */ |