diff options
86 files changed, 1043 insertions, 898 deletions
diff --git a/.travis.yml b/.travis.yml index 2275be3f..29290fd1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,21 +1,42 @@ +sudo: required +dist: trusty language: c before_install: - - sudo add-apt-repository -y ppa:waja/precise-backports + # Trusty related fixed + # multiverse is no on trusty activated (https://github.com/travis-ci/travis-ci/issues/4979) + - sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty multiverse" && sudo add-apt-repository "deb http://archive.ubuntu.com/ubuntu/ trusty-updates multiverse" + # /etc/hosts has IPv6 hosts (https://github.com/travis-ci/travis-ci/issues/4978) + - sudo [ $(ip addr show | grep "inet6 ::1" | wc -l) -lt "1" ] && sudo sed -i '/^::1/d' /etc/hosts + # Trusty has running ntpd on localhost, but we don't like that for our tests + - sudo killall -9 ntpd + # Trusty has no swap, lets create some + - sudo fallocate -l 20M /swapfile; sudo chmod 600 /swapfile; sudo mkswap /swapfile; sudo swapon /swapfile + - sudo add-apt-repository -y ppa:waja/trusty-backports - sudo apt-get update -qq - sudo apt-get purge -qq gawk - # ensure we have a test database in place for tests - - mysql -e "create database IF NOT EXISTS test;" -uroot + # http://docs.travis-ci.com/user/trusty-ci-environment/ indicates, no MySQL on Trusty (yet) + # # ensure we have a test database in place for tests + # - mysql -e "create database IF NOT EXISTS test;" -uroot install: - sudo apt-get install -qq --no-install-recommends perl autotools-dev libdbi-dev libldap2-dev libpq-dev libmysqlclient-dev libfreeradius-client-dev libkrb5-dev libnet-snmp-perl procps - - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader + - sudo apt-get install -qq --no-install-recommends libdbi0-dev libdbd-sqlite3 libssl-dev dnsutils snmp-mibs-downloader libsnmp-perl snmpd - sudo apt-get install -qq --no-install-recommends fping snmp netcat smbclient fping pure-ftpd apache2 postfix libhttp-daemon-ssl-perl + - sudo apt-get install -qq --no-install-recommends libdbd-sybase-perl libnet-dns-perl + - sudo apt-get install -qq --no-install-recommends slapd ldap-utils - sudo apt-get install -qq --no-install-recommends autoconf automake + - sudo apt-get install -qq --no-install-recommends faketime + # Trusty related dependencies (not yet provided) + - sudo apt-get install -qq --no-install-recommends mariadb-client mariadb-server before_script: + # ensure we have a test database in place for tests + - mysql -e "create database IF NOT EXISTS test;" -uroot + # Detect LDAP configuration (seems volatile on trusty env) + - sed -e 's/cn=admin,dc=nodomain/'$(sudo /usr/sbin/slapcat|grep ^dn:|grep cn=|awk '{print $2}')'/' -i plugins/t/NPTest.cache.travis - tools/setup - - ./configure + - ./configure --enable-libtap - make - export NPTEST_CACHE="$(pwd)/plugins/t/NPTest.cache.travis" - ssh-keygen -t dsa -N "" -f ~/.ssh/id_dsa @@ -21,3 +21,4 @@ Ton Voon Jan Wagner Holger Weiss Michael Wirtgen +Oliver Skibbe @@ -6,18 +6,37 @@ This file documents the major additions and syntax changes between releases. thresholds New check_snmp "-N" option to specify SNMPv3 context name New check_nt "-l" parameters: seconds|minutes|hours|days - Make sure check_disk won't hang on hanging (network) file systems New check_mailq -s option which tells the plugin to use sudo(8) + New -W/-C option for check_ldap to check number of entries (Gerhard Lausser) + The check_http -S/--ssl option now accepts the arguments "1.1" and "1.2" + to force TLSv1.1 and TLSv1.2 connections, respectively + The check_http -S/--ssl option now allows for specifying the desired + protocol with a "+" suffix to also accept newer versions + check_users: add support for range thresholds (John C. Frickson) + check_snmp: add ipv6 support (abrist) + check_http: report certificate expire date in UTC (pirtoo / ylfingr) FIXES Let check_real terminate lines with CRLF when talking to the server, as mandated by 2326 Fix check_procs on HP-UX + check_smtp's -e/--expect option can now be combined with -S/--starttls + Fix incorrect performance data thresholds emitted by check_ups WARNINGS The format of the performance data emitted by check_mrtgtraf has been changed to comply with the development guidelines - check_ssh not returns CRITICAL for protocal/version errors + check_ssh now returns CRITICAL for protocol/version errors + If a plugin is invoked with -h/--help or -V/--version, the exit status + is now UNKNOWN + The superseded check_ntp.pl was removed, please use check_ntp_peer or + check_ntp_time instead + +2.1.2 16th October 2015 + FIXES + Fix incorrect performance data thresholds emitted by check_ups + Fix check_dhcp's option parsing to not crash with certain arguments + Fix check_snmp using correct timeout 2.1.1 2nd December 2014 FIXES @@ -26,6 +45,7 @@ This file documents the major additions and syntax changes between releases. Fix check_apt's handling of invalid regular expressions Fix check_real's server response processing Fix backslash escaping in check_tcp's --help output + Fix check_procs's unclosed filehandle in pst3 on Solaris 2.1 15th October 2014 ENHANCEMENTS diff --git a/NP-VERSION-GEN b/NP-VERSION-GEN index 12efad72..dd82bf11 100755 --- a/NP-VERSION-GEN +++ b/NP-VERSION-GEN @@ -6,7 +6,7 @@ SRC_ROOT=`dirname $0` NPVF=NP-VERSION-FILE -DEF_VER=2.1.1.git +DEF_VER=2.1.2.git LF=' ' @@ -335,3 +335,7 @@ Jonas Genannt Nick Peelman Sebastian Herbszt Christopher Schultz +Matthias Hähnel +Roberto Greiner +Peter (pirtoo) +ylfingr diff --git a/configure.ac b/configure.ac index ce1728e3..0a554af6 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -AC_INIT(monitoring-plugins,2.1.1) +AC_INIT(monitoring-plugins,2.1.2) AC_CONFIG_SRCDIR(NPTest.pm) AC_CONFIG_FILES([gl/Makefile]) AC_CONFIG_AUX_DIR(build-aux) @@ -156,12 +156,6 @@ AC_CHECK_LIB(socket,socket,SOCKETLIBS="$SOCKETLIBS -lsocket") AC_CHECK_LIB(resolv,main,SOCKETLIBS="$SOCKETLIBS -lresolv") AC_SUBST(SOCKETLIBS) -dnl Check for POSIX thread libraries -AC_CHECK_HEADERS(pthread.h) -AC_CHECK_LIB(pthread,pthread_create,THREADLIBS="-lpthread", - AC_CHECK_LIB(pthread,pthread_create,THREADLIBS="-lpthread -lrt",-lrt)) -AC_SUBST(THREADLIBS) - dnl dnl check for math-related functions needing -lm AC_CHECK_HEADERS(math.h) diff --git a/doc/RELEASING b/doc/RELEASING index eee53d7b..30c81ccf 100644 --- a/doc/RELEASING +++ b/doc/RELEASING @@ -19,15 +19,15 @@ git push origin master git push origin v2.1.1 *** Checkout new version -rm -fr /tmp/monitoringlug +rm -fr /tmp/monitoringplug # If you need to checkout the tag, don't forget to "checkout master" later to # get back to your development branch: git checkout tags/v2.1.1 # Beware: the trailing slash of --prefix is REQUIRED -git checkout-index --prefix=/tmp/monitoringlug/ -a +git checkout-index --prefix=/tmp/monitoringplug/ -a *** Build the tarball -cd /tmp/monitoringlug +cd /tmp/monitoringplug tools/setup ./configure make dist diff --git a/doc/developer-guidelines.sgml b/doc/developer-guidelines.sgml index d9340285..6f31f365 100644 --- a/doc/developer-guidelines.sgml +++ b/doc/developer-guidelines.sgml @@ -194,12 +194,13 @@ <row> <entry align="center"><para>3</para></entry> <entry valign="middle"><para>Unknown</para></entry> - <entry><para>Invalid command line arguments were supplied to the + <entry><para>Invalid command line arguments were supplied to the plugin or low-level failures internal to the plugin (such as unable to fork, or open a tcp socket) that prevent it from performing the specified operation. Higher-level errors (such as name resolution errors, socket timeouts, etc) are outside of the control of plugins and should generally NOT be reported as UNKNOWN states. + </para><para>The --help or --version output should also result in Unknown state. </para></entry> </row> </tbody> @@ -610,6 +611,9 @@ <para>The option -v or --verbose should be present in all plugins. The user should be allowed to specify -v multiple times to increase the verbosity level, as described in <xref linkend="verboselevels">.</para> + + <para>The exit code for version information or help should be UNKNOWN + (3).</para> </section> <section> diff --git a/gl/Makefile.am b/gl/Makefile.am index 54abb4c7..15135c8b 100644 --- a/gl/Makefile.am +++ b/gl/Makefile.am @@ -21,7 +21,7 @@ # the same distribution terms as the rest of that program. # # Generated by gnulib-tool. -# Reproduce by: gnulib-tool --import --dir=. --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=tests --aux-dir=build-aux --no-conditional-dependencies --no-libtool --macro-prefix=gl --no-vc-files base64 crypto/sha1 dirname environ floorf fsusage getaddrinfo gethostname getloadavg getopt-gnu gettext idpriv-droptemp mountlist regex setenv strcase strsep timegm unsetenv vasprintf vsnprintf +# Reproduce by: gnulib-tool --import --dir=. --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=tests --aux-dir=build-aux --no-conditional-dependencies --no-libtool --macro-prefix=gl --no-vc-files base64 crypto/sha1 dirname environ floorf fsusage getaddrinfo gethostname getloadavg getopt-gnu gettext idpriv-droptemp mountlist regex setenv strcase strcasestr strsep timegm unsetenv vasprintf vsnprintf AUTOMAKE_OPTIONS = 1.9.6 gnits subdir-objects @@ -1553,6 +1553,15 @@ EXTRA_libgnu_a_SOURCES += strcasecmp.c strncasecmp.c ## end gnulib module strcase +## begin gnulib module strcasestr-simple + + +EXTRA_DIST += str-two-way.h strcasestr.c + +EXTRA_libgnu_a_SOURCES += strcasestr.c + +## end gnulib module strcasestr-simple + ## begin gnulib module streq diff --git a/gl/m4/gnulib-cache.m4 b/gl/m4/gnulib-cache.m4 index d6fca2a3..90ad4aaa 100644 --- a/gl/m4/gnulib-cache.m4 +++ b/gl/m4/gnulib-cache.m4 @@ -27,7 +27,7 @@ # Specification in the form of a command-line invocation: -# gnulib-tool --import --dir=. --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=tests --aux-dir=build-aux --no-conditional-dependencies --no-libtool --macro-prefix=gl --no-vc-files base64 crypto/sha1 dirname environ floorf fsusage getaddrinfo gethostname getloadavg getopt-gnu gettext idpriv-droptemp mountlist regex setenv strcase strsep timegm unsetenv vasprintf vsnprintf +# gnulib-tool --import --dir=. --lib=libgnu --source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=tests --aux-dir=build-aux --no-conditional-dependencies --no-libtool --macro-prefix=gl --no-vc-files base64 crypto/sha1 dirname environ floorf fsusage getaddrinfo gethostname getloadavg getopt-gnu gettext idpriv-droptemp mountlist regex setenv strcase strcasestr strsep timegm unsetenv vasprintf vsnprintf # Specification in the form of a few gnulib-tool.m4 macro invocations: gl_LOCAL_DIR([]) @@ -48,6 +48,7 @@ gl_MODULES([ regex setenv strcase + strcasestr strsep timegm unsetenv diff --git a/gl/m4/gnulib-comp.m4 b/gl/m4/gnulib-comp.m4 index 67a81566..9a4f5027 100644 --- a/gl/m4/gnulib-comp.m4 +++ b/gl/m4/gnulib-comp.m4 @@ -121,6 +121,8 @@ AC_DEFUN([gl_EARLY], # Code from module stdio: # Code from module stdlib: # Code from module strcase: + # Code from module strcasestr: + # Code from module strcasestr-simple: # Code from module streq: # Code from module strerror: # Code from module strerror-override: @@ -390,6 +392,17 @@ AC_DEFUN([gl_INIT], AC_LIBOBJ([strncasecmp]) gl_PREREQ_STRNCASECMP fi + gl_FUNC_STRCASESTR + if test $HAVE_STRCASESTR = 0 || test $REPLACE_STRCASESTR = 1; then + AC_LIBOBJ([strcasestr]) + gl_PREREQ_STRCASESTR + fi + gl_FUNC_STRCASESTR_SIMPLE + if test $HAVE_STRCASESTR = 0 || test $REPLACE_STRCASESTR = 1; then + AC_LIBOBJ([strcasestr]) + gl_PREREQ_STRCASESTR + fi + gl_STRING_MODULE_INDICATOR([strcasestr]) gl_FUNC_STRERROR if test $REPLACE_STRERROR = 1; then AC_LIBOBJ([strerror]) @@ -723,6 +736,7 @@ AC_DEFUN([gl_FILE_LIST], [ lib/stdlib.in.h lib/str-two-way.h lib/strcasecmp.c + lib/strcasestr.c lib/streq.h lib/strerror-override.c lib/strerror-override.h @@ -866,6 +880,7 @@ AC_DEFUN([gl_FILE_LIST], [ m4/stdio_h.m4 m4/stdlib_h.m4 m4/strcase.m4 + m4/strcasestr.m4 m4/strerror.m4 m4/string_h.m4 m4/strings_h.m4 diff --git a/gl/m4/strcasestr.m4 b/gl/m4/strcasestr.m4 new file mode 100644 index 00000000..8681a6a4 --- /dev/null +++ b/gl/m4/strcasestr.m4 @@ -0,0 +1,142 @@ +# strcasestr.m4 serial 21 +dnl Copyright (C) 2005, 2007-2013 Free Software Foundation, Inc. +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +dnl Check that strcasestr is present and works. +AC_DEFUN([gl_FUNC_STRCASESTR_SIMPLE], +[ + AC_REQUIRE([gl_HEADER_STRING_H_DEFAULTS]) + + dnl Persuade glibc <string.h> to declare strcasestr(). + AC_REQUIRE([AC_USE_SYSTEM_EXTENSIONS]) + + AC_REQUIRE([gl_FUNC_MEMCHR]) + AC_CHECK_FUNCS([strcasestr]) + if test $ac_cv_func_strcasestr = no; then + HAVE_STRCASESTR=0 + else + if test "$gl_cv_func_memchr_works" != yes; then + REPLACE_STRCASESTR=1 + else + dnl Detect http://sourceware.org/bugzilla/show_bug.cgi?id=12092. + AC_CACHE_CHECK([whether strcasestr works], + [gl_cv_func_strcasestr_works_always], + [AC_RUN_IFELSE([AC_LANG_PROGRAM([[ +#include <string.h> /* for strcasestr */ +#define P "_EF_BF_BD" +#define HAYSTACK "F_BD_CE_BD" P P P P "_C3_88_20" P P P "_C3_A7_20" P +#define NEEDLE P P P P P +]], [[return !!strcasestr (HAYSTACK, NEEDLE); + ]])], + [gl_cv_func_strcasestr_works_always=yes], + [gl_cv_func_strcasestr_works_always=no], + [dnl glibc 2.12 and cygwin 1.7.7 have a known bug. uClibc is not + dnl affected, since it uses different source code for strcasestr + dnl than glibc. + dnl Assume that it works on all other platforms, even if it is not + dnl linear. + AC_EGREP_CPP([Lucky user], + [ +#ifdef __GNU_LIBRARY__ + #include <features.h> + #if ((__GLIBC__ == 2 && __GLIBC_MINOR__ > 12) || (__GLIBC__ > 2)) \ + || defined __UCLIBC__ + Lucky user + #endif +#elif defined __CYGWIN__ + #include <cygwin/version.h> + #if CYGWIN_VERSION_DLL_COMBINED > CYGWIN_VERSION_DLL_MAKE_COMBINED (1007, 7) + Lucky user + #endif +#else + Lucky user +#endif + ], + [gl_cv_func_strcasestr_works_always="guessing yes"], + [gl_cv_func_strcasestr_works_always="guessing no"]) + ]) + ]) + case "$gl_cv_func_strcasestr_works_always" in + *yes) ;; + *) + REPLACE_STRCASESTR=1 + ;; + esac + fi + fi +]) # gl_FUNC_STRCASESTR_SIMPLE + +dnl Additionally, check that strcasestr is efficient. +AC_DEFUN([gl_FUNC_STRCASESTR], +[ + AC_REQUIRE([gl_FUNC_STRCASESTR_SIMPLE]) + if test $HAVE_STRCASESTR = 1 && test $REPLACE_STRCASESTR = 0; then + AC_CACHE_CHECK([whether strcasestr works in linear time], + [gl_cv_func_strcasestr_linear], + [AC_RUN_IFELSE([AC_LANG_PROGRAM([[ +#include <signal.h> /* for signal */ +#include <string.h> /* for strcasestr */ +#include <stdlib.h> /* for malloc */ +#include <unistd.h> /* for alarm */ +static void quit (int sig) { exit (sig + 128); } +]], [[ + int result = 0; + size_t m = 1000000; + char *haystack = (char *) malloc (2 * m + 2); + char *needle = (char *) malloc (m + 2); + /* Failure to compile this test due to missing alarm is okay, + since all such platforms (mingw) also lack strcasestr. */ + signal (SIGALRM, quit); + alarm (5); + /* Check for quadratic performance. */ + if (haystack && needle) + { + memset (haystack, 'A', 2 * m); + haystack[2 * m] = 'B'; + haystack[2 * m + 1] = 0; + memset (needle, 'A', m); + needle[m] = 'B'; + needle[m + 1] = 0; + if (!strcasestr (haystack, needle)) + result |= 1; + } + return result; + ]])], + [gl_cv_func_strcasestr_linear=yes], [gl_cv_func_strcasestr_linear=no], + [dnl Only glibc > 2.12 and cygwin > 1.7.7 are known to have a + dnl strcasestr that works in linear time. + AC_EGREP_CPP([Lucky user], + [ +#include <features.h> +#ifdef __GNU_LIBRARY__ + #if ((__GLIBC__ == 2 && __GLIBC_MINOR__ > 12) || (__GLIBC__ > 2)) \ + && !defined __UCLIBC__ + Lucky user + #endif +#endif +#ifdef __CYGWIN__ + #include <cygwin/version.h> + #if CYGWIN_VERSION_DLL_COMBINED > CYGWIN_VERSION_DLL_MAKE_COMBINED (1007, 7) + Lucky user + #endif +#endif + ], + [gl_cv_func_strcasestr_linear="guessing yes"], + [gl_cv_func_strcasestr_linear="guessing no"]) + ]) + ]) + case "$gl_cv_func_strcasestr_linear" in + *yes) ;; + *) + REPLACE_STRCASESTR=1 + ;; + esac + fi +]) # gl_FUNC_STRCASESTR + +# Prerequisites of lib/strcasestr.c. +AC_DEFUN([gl_PREREQ_STRCASESTR], [ + : +]) diff --git a/gl/strcasestr.c b/gl/strcasestr.c new file mode 100644 index 00000000..53474a45 --- /dev/null +++ b/gl/strcasestr.c @@ -0,0 +1,82 @@ +/* Case-insensitive searching in a string. + Copyright (C) 2005-2013 Free Software Foundation, Inc. + Written by Bruno Haible <bruno@clisp.org>, 2005. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, see <http://www.gnu.org/licenses/>. */ + +#include <config.h> + +/* Specification. */ +#include <string.h> + +#include <ctype.h> +#include <stdbool.h> +#include <strings.h> + +#define TOLOWER(Ch) (isupper (Ch) ? tolower (Ch) : (Ch)) + +/* Two-Way algorithm. */ +#define RETURN_TYPE char * +#define AVAILABLE(h, h_l, j, n_l) \ + (!memchr ((h) + (h_l), '\0', (j) + (n_l) - (h_l)) \ + && ((h_l) = (j) + (n_l))) +#define CANON_ELEMENT(c) TOLOWER (c) +#define CMP_FUNC(p1, p2, l) \ + strncasecmp ((const char *) (p1), (const char *) (p2), l) +#include "str-two-way.h" + +/* Find the first occurrence of NEEDLE in HAYSTACK, using + case-insensitive comparison. This function gives unspecified + results in multibyte locales. */ +char * +strcasestr (const char *haystack_start, const char *needle_start) +{ + const char *haystack = haystack_start; + const char *needle = needle_start; + size_t needle_len; /* Length of NEEDLE. */ + size_t haystack_len; /* Known minimum length of HAYSTACK. */ + bool ok = true; /* True if NEEDLE is prefix of HAYSTACK. */ + + /* Determine length of NEEDLE, and in the process, make sure + HAYSTACK is at least as long (no point processing all of a long + NEEDLE if HAYSTACK is too short). */ + while (*haystack && *needle) + { + ok &= (TOLOWER ((unsigned char) *haystack) + == TOLOWER ((unsigned char) *needle)); + haystack++; + needle++; + } + if (*needle) + return NULL; + if (ok) + return (char *) haystack_start; + needle_len = needle - needle_start; + haystack = haystack_start + 1; + haystack_len = needle_len - 1; + + /* Perform the search. Abstract memory is considered to be an array + of 'unsigned char' values, not an array of 'char' values. See + ISO C 99 section 6.2.6.1. */ + if (needle_len < LONG_NEEDLE_THRESHOLD) + return two_way_short_needle ((const unsigned char *) haystack, + haystack_len, + (const unsigned char *) needle_start, + needle_len); + return two_way_long_needle ((const unsigned char *) haystack, haystack_len, + (const unsigned char *) needle_start, + needle_len); +} + +#undef LONG_NEEDLE_THRESHOLD diff --git a/perlmods/Monitoring-Plugin-0.37.tar.gz b/perlmods/Monitoring-Plugin-0.37.tar.gz Binary files differdeleted file mode 100644 index bb6fe69e..00000000 --- a/perlmods/Monitoring-Plugin-0.37.tar.gz +++ /dev/null diff --git a/perlmods/Monitoring-Plugin-0.39.tar.gz b/perlmods/Monitoring-Plugin-0.39.tar.gz Binary files differnew file mode 100644 index 00000000..7a35d9e7 --- /dev/null +++ b/perlmods/Monitoring-Plugin-0.39.tar.gz diff --git a/plugins-root/check_dhcp.c b/plugins-root/check_dhcp.c index b874c555..88b7ca10 100644 --- a/plugins-root/check_dhcp.c +++ b/plugins-root/check_dhcp.c @@ -229,7 +229,7 @@ struct in_addr requested_address; int process_arguments(int, char **); int call_getopt(int, char **); -int validate_arguments(void); +int validate_arguments(int, int); void print_usage(void); void print_help(void); @@ -463,10 +463,9 @@ int send_dhcp_discover(int sock){ discover_packet.hlen=ETHERNET_HARDWARE_ADDRESS_LENGTH; /* - * transaction ID is supposed to be random. We won't use the address so - * we don't care about high entropy here. time(2) is good enough. + * transaction ID is supposed to be random. */ - srand(time(NULL)); + srand(time(NULL)^getpid()); packet_xid=random(); discover_packet.xid=htonl(packet_xid); @@ -692,17 +691,11 @@ int receive_dhcp_packet(void *buffer, int buffer_size, int sock, int timeout, st } else{ - - /* why do we need to peek first? i don't know, its a hack. without it, the source address of the first packet received was - not being interpreted correctly. sigh... */ bzero(&source_address,sizeof(source_address)); address_size=sizeof(source_address); recv_result=recvfrom(sock,(char *)buffer,buffer_size,MSG_PEEK,(struct sockaddr *)&source_address,&address_size); if(verbose) - printf("recv_result_1: %d\n",recv_result); - recv_result=recvfrom(sock,(char *)buffer,buffer_size,0,(struct sockaddr *)&source_address,&address_size); - if(verbose) - printf("recv_result_2: %d\n",recv_result); + printf("recv_result: %d\n",recv_result); if(recv_result==-1){ if(verbose){ @@ -1059,29 +1052,19 @@ int get_results(void){ /* process command-line arguments */ int process_arguments(int argc, char **argv){ - int c; + int arg_index; if(argc<1) return ERROR; - c=0; - while((c+=(call_getopt(argc-c,&argv[c])))<argc){ - - /* - if(is_option(argv[c])) - continue; - */ - } - - return validate_arguments(); + arg_index = call_getopt(argc,argv); + return validate_arguments(argc,arg_index); } int call_getopt(int argc, char **argv){ - int c=0; - int i=0; - + extern int optind; int option_index = 0; static struct option long_options[] = { @@ -1098,25 +1081,14 @@ int call_getopt(int argc, char **argv){ }; while(1){ - c=getopt_long(argc,argv,"+hVvt:s:r:t:i:m:u",long_options,&option_index); + int c=0; - i++; + c=getopt_long(argc,argv,"+hVvt:s:r:t:i:m:u",long_options,&option_index); if(c==-1||c==EOF||c==1) break; switch(c){ - case 'w': - case 'r': - case 't': - case 'i': - i++; - break; - default: - break; - } - - switch(c){ case 's': /* DHCP server address */ resolve_host(optarg,&dhcp_ip); @@ -1163,11 +1135,11 @@ int call_getopt(int argc, char **argv){ case 'V': /* version */ print_revision(progname, NP_VERSION); - exit(STATE_OK); + exit(STATE_UNKNOWN); case 'h': /* help */ print_help(); - exit(STATE_OK); + exit(STATE_UNKNOWN); case 'v': /* verbose */ verbose=1; @@ -1181,12 +1153,14 @@ int call_getopt(int argc, char **argv){ break; } } - - return i; + return optind; } -int validate_arguments(void){ +int validate_arguments(int argc, int arg_index){ + + if(argc-optind > 0) + usage(_("Got unexpected non-option argument")); return OK; } diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c index 3982def9..9ed12ba1 100644 --- a/plugins-root/check_icmp.c +++ b/plugins-root/check_icmp.c @@ -526,10 +526,10 @@ main(int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); } } } @@ -880,7 +880,12 @@ send_icmp_ping(int sock, struct rta_host *host) hdr.msg_iov = &iov; hdr.msg_iovlen = 1; +/* MSG_CONFIRM is a linux thing and only available on linux kernels >= 2.3.15, see send(2) */ +#ifdef MSG_CONFIRM len = sendmsg(sock, &hdr, MSG_CONFIRM); +#else + len = sendmsg(sock, &hdr, 0); +#endif if(len < 0 || (unsigned int)len != icmp_pkt_size) { if(debug) printf("Failed to send ping to %s\n", diff --git a/plugins-root/pst3.c b/plugins-root/pst3.c index ee9d108d..c3589f0a 100644 --- a/plugins-root/pst3.c +++ b/plugins-root/pst3.c @@ -139,8 +139,10 @@ try_again: if((ps_fd = open(ps_name, O_RDONLY)) == -1) continue; - if((as_fd = open(as_name, O_RDONLY)) == -1) + if((as_fd = open(as_name, O_RDONLY)) == -1) { + close(ps_fd); continue; + } if(read(ps_fd, &psinfo, sizeof(psinfo)) != sizeof(psinfo)) { int err = errno; diff --git a/plugins-scripts/Makefile.am b/plugins-scripts/Makefile.am index 794a34f8..ea65aed1 100644 --- a/plugins-scripts/Makefile.am +++ b/plugins-scripts/Makefile.am @@ -36,6 +36,8 @@ TESTS = @SCRIPT_TEST@ test: perl -I $(top_builddir) -I $(top_srcdir) ../test.pl perl -I $(top_builddir) -I $(top_srcdir) ../test.pl t/utils.t # utils.t is excluded from above, so manually ask to test + for SCRIPT in *.pl; do perl -wc $$SCRIPT || exit 1; done + set -e; for SCRIPT in *.sh; do sh -n $$SCRIPT || exit 1; done test-debug: NPTEST_DEBUG=1 HARNESS_VERBOSE=1 perl -I $(top_builddir) -I $(top_srcdir) ../test.pl diff --git a/plugins-scripts/check_breeze.pl b/plugins-scripts/check_breeze.pl index 1a3aceba..05b99203 100755 --- a/plugins-scripts/check_breeze.pl +++ b/plugins-scripts/check_breeze.pl @@ -6,7 +6,6 @@ use Getopt::Long; use vars qw($opt_V $opt_h $opt_w $opt_c $opt_H $opt_C $PROGNAME); use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw(%ERRORS &print_revision &support &usage); $PROGNAME = "check_breeze"; @@ -29,10 +28,10 @@ GetOptions if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } -if ($opt_h) {print_help(); exit $ERRORS{'OK'};} +if ($opt_h) {print_help(); exit $ERRORS{'UNKNOWN'};} ($opt_H) || usage("Host name/address not specified\n"); my $host = $1 if ($opt_H =~ /([-.A-Za-z0-9]+)/); diff --git a/plugins-scripts/check_disk_smb.pl b/plugins-scripts/check_disk_smb.pl index 4805434f..98992268 100755 --- a/plugins-scripts/check_disk_smb.pl +++ b/plugins-scripts/check_disk_smb.pl @@ -26,7 +26,6 @@ use vars qw($opt_P $opt_V $opt_h $opt_H $opt_s $opt_W $opt_u $opt_p $opt_w $opt_ use vars qw($PROGNAME); use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw($TIMEOUT %ERRORS &print_revision &support &usage); sub print_help (); @@ -55,10 +54,10 @@ GetOptions if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); #' - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } -if ($opt_h) {print_help(); exit $ERRORS{'OK'};} +if ($opt_h) {print_help(); exit $ERRORS{'UNKNOWN'};} my $smbclient = $utils::PATH_TO_SMBCLIENT; $smbclient || usage("check requires smbclient, smbclient not set\n"); diff --git a/plugins-scripts/check_file_age.pl b/plugins-scripts/check_file_age.pl index 4415fdf4..56b8e97c 100755 --- a/plugins-scripts/check_file_age.pl +++ b/plugins-scripts/check_file_age.pl @@ -27,7 +27,6 @@ use File::stat; use vars qw($PROGNAME); use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw (%ERRORS &print_revision &support); sub print_help (); @@ -61,12 +60,12 @@ GetOptions( if ($opt_V) { print_revision($PROGNAME, '@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if ($opt_h) { print_help(); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } $opt_f = shift unless ($opt_f); diff --git a/plugins-scripts/check_flexlm.pl b/plugins-scripts/check_flexlm.pl index 5f3ed598..e3fe296f 100755 --- a/plugins-scripts/check_flexlm.pl +++ b/plugins-scripts/check_flexlm.pl @@ -37,7 +37,6 @@ use Getopt::Long; use vars qw($opt_V $opt_h $opt_F $opt_t $verbose $PROGNAME); use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw(%ERRORS &print_revision &support &usage); $PROGNAME="check_flexlm"; @@ -59,7 +58,7 @@ GetOptions if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } unless (defined $opt_t) { @@ -67,7 +66,7 @@ unless (defined $opt_t) { } -if ($opt_h) {print_help(); exit $ERRORS{'OK'};} +if ($opt_h) {print_help(); exit $ERRORS{'UNKNOWN'};} unless (defined $opt_F) { print "Missing license.dat file\n"; diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl index cf2c7b58..3eed4bcb 100755 --- a/plugins-scripts/check_ifoperstatus.pl +++ b/plugins-scripts/check_ifoperstatus.pl @@ -37,7 +37,6 @@ use POSIX; use strict; use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw($TIMEOUT %ERRORS &print_revision &support); use Net::SNMP; @@ -368,17 +367,17 @@ sub process_arguments() { if ($status == 0){ print_help(); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if ($opt_h) { print_help(); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if (! utils::is_hostname($hostname)){ diff --git a/plugins-scripts/check_ifstatus.pl b/plugins-scripts/check_ifstatus.pl index 6ec71d14..9f2f7c31 100755 --- a/plugins-scripts/check_ifstatus.pl +++ b/plugins-scripts/check_ifstatus.pl @@ -35,7 +35,6 @@ use POSIX; use strict; use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw($TIMEOUT %ERRORS &print_revision &support); use Net::SNMP; @@ -120,7 +119,7 @@ $status = process_arguments(); if ($status != 0) { print_help() ; - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } @@ -314,17 +313,17 @@ sub process_arguments() { if ($status == 0){ print_help(); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if ($opt_h) { print_help(); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } unless (defined $timeout) { diff --git a/plugins-scripts/check_ircd.pl b/plugins-scripts/check_ircd.pl index 6d40cf5a..22d21c2e 100755 --- a/plugins-scripts/check_ircd.pl +++ b/plugins-scripts/check_ircd.pl @@ -51,7 +51,6 @@ use vars qw($opt_V $opt_h $opt_t $opt_p $opt_H $opt_w $opt_c $verbose); use vars qw($PROGNAME); use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw($TIMEOUT %ERRORS &print_revision &support &usage); # ----------------------------------------------------[ Function Prototypes ]-- @@ -182,10 +181,10 @@ MAIN: if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } - if ($opt_h) {print_help(); exit $ERRORS{'OK'};} + if ($opt_h) {print_help(); exit $ERRORS{'UNKNOWN'};} ($opt_H) || ($opt_H = shift @ARGV) || usage("Host name/address not specified\n"); my $remotehost = $1 if ($opt_H =~ /([-.A-Za-z0-9]+)/); diff --git a/plugins-scripts/check_mailq.pl b/plugins-scripts/check_mailq.pl index 417c4bf7..32f498d3 100755 --- a/plugins-scripts/check_mailq.pl +++ b/plugins-scripts/check_mailq.pl @@ -33,7 +33,6 @@ use vars qw($opt_V $opt_h $opt_v $verbose $PROGNAME $opt_w $opt_c $opt_t $opt_s %srcdomains %dstdomains); use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw(%ERRORS &print_revision &support &usage ); my ($sudo); @@ -574,12 +573,12 @@ sub process_arguments(){ if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if ($opt_h) { print_help(); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if (defined $opt_v ){ diff --git a/plugins-scripts/check_mssql.pl b/plugins-scripts/check_mssql.pl index 1f387884..fb3952d4 100755 --- a/plugins-scripts/check_mssql.pl +++ b/plugins-scripts/check_mssql.pl @@ -31,7 +31,6 @@ use DBD::Sybase; use Getopt::Long; use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw($TIMEOUT %ERRORS &print_revision &support); use strict; @@ -131,7 +130,7 @@ sub process_arguments { if (defined $opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } syntax("Help:") if ($help); diff --git a/plugins-scripts/check_netdns.pl b/plugins-scripts/check_netdns.pl index 59c81a90..38538e56 100755 --- a/plugins-scripts/check_netdns.pl +++ b/plugins-scripts/check_netdns.pl @@ -29,10 +29,12 @@ use Getopt::Long; use Net::DNS; use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; -use utils ; +use utils; my $PROGNAME = "check_netdns"; +sub print_help (); +sub print_version(); +sub print_usage (); $ENV{'PATH'}='@TRUSTED_PATH@'; $ENV{'BASH_ENV'}=''; @@ -44,12 +46,12 @@ GetOptions("V" => $opt_V, "version" => $opt_V, "t=i" => $opt_t, "timeout=i" => $opt_t, "s=s" => $opt_s, "server=s" => $opt_s, "H=s" => $opt_H, "hostname=s" => $opt_H); - + # -h means display verbose help screen -if($opt_h){ print_help(); exit 0; } +if($opt_h){ print_help(); exit 3; } # -V means display version number -if ($opt_V) { print_version(); exit 0; } +if ($opt_V) { print_version(); exit 3; } # -H means host name $opt_H = shift unless ($opt_H); @@ -71,7 +73,7 @@ if ($opt_s) { $server = $1; } else { print "$opt_s is not a valid host name"; - exit -1; + exit 3; } } diff --git a/plugins-scripts/check_ntp.pl b/plugins-scripts/check_ntp.pl deleted file mode 100755 index 13da939c..00000000 --- a/plugins-scripts/check_ntp.pl +++ /dev/null @@ -1,471 +0,0 @@ -#!@PERL@ -w -# -# (c)1999 Ian Cass, Knowledge Matters Ltd. -# Read the GNU copyright stuff for all the legalese -# -# Check NTP time servers plugin. This plugin requires the ntpdate utility to -# be installed on the system, however since it's part of the ntp suite, you -# should already have it installed. -# -# -# Nothing clever done in this program - its a very simple bare basics hack to -# get the job done. -# -# Things to do... -# check @words[9] for time differences greater than +/- x secs & return a -# warning. -# -# (c) 1999 Mark Jewiss, Knowledge Matters Limited -# 22-9-1999, 12:45 -# -# Modified script to accept 2 parameters or set defaults. -# Now issues warning or critical alert is time difference is greater than the -# time passed. -# -# These changes have not been tested completely due to the unavailability of a -# server with the incorrect time. -# -# (c) 1999 Bo Kersey, VirCIO - Managed Server Solutions <bo@vircio.com> -# 22-10-99, 12:17 -# -# Modified the script to give useage if no parameters are input. -# -# Modified the script to check for negative as well as positive -# time differences. -# -# Modified the script to work with ntpdate 3-5.93e Wed Apr 14 20:23:03 EDT 1999 -# -# Modified the script to work with ntpdate's that return adjust or offset... -# -# -# Script modified 2000 June 01 by William Pietri <william@bianca.com> -# -# Modified script to handle weird cases: -# o NTP server doesn't respond (e.g., has died) -# o Server has correct time but isn't suitable synchronization -# source. This happens while starting up and if contact -# with master has been lost. -# -# Modifed to run under Embedded Perl (sghosh@users.sf.net) -# - combined logic some blocks together.. -# -# Added ntpdate check for stratum 16 desynch peer (James Fidell) Feb 03, 2003 -# -# ntpdate - offset is in seconds -# changed ntpdc to ntpq - jitter/dispersion is in milliseconds -# -# Patch for for regex for stratum1 refid. - -require 5.004; -use POSIX; -use strict; -use Getopt::Long; -use vars qw($opt_V $opt_h $opt_H $opt_t $opt_w $opt_c $opt_O $opt_j $opt_k $verbose $PROGNAME $def_jitter $ipv4 $ipv6); -use lib utils.pm; -use utils qw($TIMEOUT %ERRORS &print_revision &support); - -$PROGNAME="check_ntp"; - -sub print_help (); -sub print_usage (); - -$ENV{'PATH'}='@TRUSTED_PATH@'; -$ENV{'BASH_ENV'}=''; -$ENV{'ENV'}=''; - -# defaults in sec -my $DEFAULT_OFFSET_WARN = 60; # 1 minute -my $DEFAULT_OFFSET_CRIT = 120; # 2 minutes -# default in millisec -my $DEFAULT_JITTER_WARN = 5000; # 5 sec -my $DEFAULT_JITTER_CRIT = 10000; # 10 sec - -Getopt::Long::Configure('bundling'); -GetOptions - ("V" => \$opt_V, "version" => \$opt_V, - "h" => \$opt_h, "help" => \$opt_h, - "v" => \$verbose, "verbose" => \$verbose, - "4" => \$ipv4, "use-ipv4" => \$ipv4, - "6" => \$ipv6, "use-ipv6" => \$ipv6, - "w=f" => \$opt_w, "warning=f" => \$opt_w, # offset|adjust warning if above this number - "c=f" => \$opt_c, "critical=f" => \$opt_c, # offset|adjust critical if above this number - "O" => \$opt_O, "zero-offset" => \$opt_O, # zero-offset bad - "j=s" => \$opt_j, "jwarn=i" => \$opt_j, # jitter warning if above this number - "k=s" => \$opt_k, "jcrit=i" => \$opt_k, # jitter critical if above this number - "t=s" => \$opt_t, "timeout=i" => \$opt_t, - "H=s" => \$opt_H, "hostname=s" => \$opt_H); - -if ($opt_V) { - print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; -} - -if ($opt_h) { - print_help(); - exit $ERRORS{'OK'}; -} - -# jitter test params specified -if (defined $opt_j || defined $opt_k ) { - $def_jitter = 1; -} - -$opt_H = shift unless ($opt_H); -my $host = $1 if ($opt_H && $opt_H =~ m/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+|[a-zA-Z][-a-zA-Z0-9]+(\.[a-zA-Z][-a-zA-Z0-9]+)*)$/); -unless ($host) { - print "No target host specified\n"; - print_usage(); - exit $ERRORS{'UNKNOWN'}; -} - -my ($timeout, $owarn, $ocrit, $jwarn, $jcrit); - -$timeout = $TIMEOUT; -($opt_t) && ($opt_t =~ /^([0-9]+)$/) && ($timeout = $1); - -$owarn = $DEFAULT_OFFSET_WARN; -($opt_w) && ($opt_w =~ /^([0-9.]+)$/) && ($owarn = $1); - -$ocrit = $DEFAULT_OFFSET_CRIT; -($opt_c) && ($opt_c =~ /^([0-9.]+)$/) && ($ocrit = $1); - -$jwarn = $DEFAULT_JITTER_WARN; -($opt_j) && ($opt_j =~ /^([0-9]+)$/) && ($jwarn = $1); - -$jcrit = $DEFAULT_JITTER_CRIT; -($opt_k) && ($opt_k =~ /^([0-9]+)$/) && ($jcrit = $1); - -if ($ocrit < $owarn ) { - print "Critical offset should be larger than warning offset\n"; - print_usage(); - exit $ERRORS{"UNKNOWN"}; -} - -if ($def_jitter) { - if ($opt_k < $opt_j) { - print "Critical jitter should be larger than warning jitter\n"; - print_usage(); - exit $ERRORS{'UNKNOWN'}; - } -} - - -my $stratum = -1; -my $ignoreret = 0; -my $answer = undef; -my $offset = undef; -my $jitter = undef; -my $syspeer = undef; -my $candidate = 0; -my @candidates; -my $msg; # first line of output to print if format is invalid - -my $state = $ERRORS{'UNKNOWN'}; -my $ntpdate_error = $ERRORS{'UNKNOWN'}; -my $jitter_error = $ERRORS{'UNKNOWN'}; - -# some systems don't have a proper ntpq (migrated from ntpdc) -my $have_ntpq = undef; -if ($utils::PATH_TO_NTPQ && -x $utils::PATH_TO_NTPQ ) { - $have_ntpq = 1; -}else{ - $have_ntpq = 0; -} - -# Just in case of problems, let's not hang Nagios -$SIG{'ALRM'} = sub { - print ("ERROR: No response from ntp server (alarm)\n"); - exit $ERRORS{"UNKNOWN"}; -}; -alarm($timeout); - -# Determine protocol to be used for ntpdate and ntpq -my $ntpdate = $utils::PATH_TO_NTPDATE; -my $ntpq = $utils::PATH_TO_NTPQ; -if ($ipv4) { - $ntpdate .= " -4"; - $ntpq .= " -4"; -} -elsif ($ipv6) { - $ntpdate .= " -6"; - $ntpq .= " -6"; -} -# else don't use any flags - -### -### -### First, check ntpdate -### -### - -if (!open (NTPDATE, $ntpdate . " -q $host 2>&1 |")) { - print "Could not open $ntpdate: $!\n"; - exit $ERRORS{"UNKNOWN"}; -} - -my $out; -while (<NTPDATE>) { - #print if ($verbose); # noop - $msg = $_ unless ($msg); - $out .= "$_ "; - - if (/stratum\s(\d+)/) { - $stratum = $1; - } - - if (/(offset|adjust)\s+([-.\d]+)/i) { - $offset = $2; - - # An offset of 0.000000 with an error is probably bogus. Actually, - # it's probably always bogus, but let's be paranoid here. - # Has been reported that 0.0000 happens in a production environment - # on Solaris 8 so this check should be taken out - SF tracker 1150777 - if (defined $opt_O ) { - if ($offset == 0) { undef $offset;} - } - - $ntpdate_error = defined ($offset) ? $ERRORS{"OK"} : $ERRORS{"CRITICAL"}; - print "ntperr = $ntpdate_error \n" if $verbose; - - } - - if (/no server suitable for synchronization found/) { - if ($stratum == 16) { - $ntpdate_error = $ERRORS{"WARNING"}; - $msg = "Desynchronized peer server found"; - $ignoreret=1; - } - else { - $ntpdate_error = $ERRORS{"CRITICAL"}; - $msg = "No suitable peer server found - "; - } - } - -} -$out =~ s/\n//g; -close (NTPDATE) || - die $! ? "$out - Error closing $ntpdate pipe: $!" - : "$out - Exit status: $? from $ntpdate\n"; - -# declare an error if we also get a non-zero return code from ntpdate -# unless already set to critical -if ( $? && !$ignoreret ) { - print "stderr = $? : $! \n" if $verbose; - $ntpdate_error = $ntpdate_error == $ERRORS{"CRITICAL"} ? $ERRORS{"CRITICAL"} : $ERRORS{"UNKNOWN"} ; - print "ntperr = $ntpdate_error : $!\n" if $verbose; -} - -### -### -### Then scan xntpq/ntpq if it exists -### and look in the 11th column for jitter -### -# Field 1: Tally Code ( Space, 'x','.','-','+','#','*','o') -# Only match for '*' which implies sys.peer -# or 'o' which implies pps.peer -# If both exist, the last one is picked. -# Field 2: address of the remote peer -# Field 3: Refid of the clock (0.0.0.0 if unknown, WWWV/PPS/GPS/ACTS/USNO/PCS/... if Stratum1) -# Field 4: stratum (0-15) -# Field 5: Type of the peer: local (l), unicast (u), multicast (m) -# broadcast (b); not sure about multicast/broadcast -# Field 6: last packet receive (in seconds) -# Field 7: polling interval -# Field 8: reachability resgister (octal) -# Field 9: delay -# Field 10: offset -# Field 11: dispersion/jitter -# -# According to bug 773588 Some solaris xntpd implementations seemto match on -# "#" even though the docs say it exceeds maximum distance. Providing patch -# here which will generate a warining. - -if ($have_ntpq) { - - if ( open(NTPQ, $ntpq . " -np $host 2>&1 |") ) { - while (<NTPQ>) { - print $_ if ($verbose); - if ( /timed out/ ){ - $have_ntpq = 0 ; - last ; - } - # number of candidates on <host> for sys.peer - if (/^(\*|\+|\#|o])/) { - ++$candidate; - push (@candidates, $_); - print "Candidate count= $candidate\n" if ($verbose); - } - - # match sys.peer or pps.peer - if (/^(\*|o)(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)/) { - $syspeer = $2; - $stratum = $4; - $jitter = $11; - print "match $_ \n" if $verbose; - if ($jitter > $jcrit) { - print "Jitter_crit = $11 :$jcrit\n" if ($verbose); - $jitter_error = $ERRORS{'CRITICAL'}; - } elsif ($jitter > $jwarn ) { - print "Jitter_warn = $11 :$jwarn\n" if ($verbose); - $jitter_error = $ERRORS{'WARNING'}; - } else { - $jitter_error = $ERRORS{'OK'}; - } - } else { - print "No match!\n" if $verbose; - $jitter = '(not parsed)'; - } - - } - close NTPQ || - die $! ? "Error closing $ntpq pipe: $!" - : "Exit status: $? from $ntpq\n"; - - # if we did not match sys.peer or pps.peer but matched # candidates only - # generate a warning - # based on bug id 773588 - unless (defined $syspeer) { - if ($#candidates >=0) { - foreach my $c (@candidates) { - $c =~ /^(#)([-0-9.\s]+)\s+([-0-9A-Za-z_().]+)\s+([-0-9.]+)\s+([lumb-]+)\s+([-0-9m.]+)\s+([-0-9.]+)\s+([-0-9.]+)\s+([-0-9.]+)\s+([-0-9.]+)\s+([-0-9.]+)/; - $syspeer = $2; - $stratum = $4; - $jitter = $11; - print "candidate match $c \n" if $verbose; - if ($jitter > $jcrit) { - print "Candidate match - Jitter_crit = $11 :$jcrit\n" if ($verbose); - $jitter_error = $ERRORS{'CRITICAL'}; - }elsif ($jitter > $jwarn ) { - print "Candidate match - Jitter_warn = $11 :$jwarn \n" if ($verbose); - $jitter_error = $ERRORS{'WARNING'}; - } else { - $jitter_error = $ERRORS{'WARNING'}; - } - } - - } - } - } -} - - -if ($ntpdate_error != $ERRORS{'OK'}) { - $state = $ntpdate_error; - if ($ntpdate_error == $ERRORS{'WARNING'} ) { - $answer = $msg; - } - else { - $answer = $msg . "Server for ntp probably down"; - } - - if (defined($offset) && abs($offset) > $ocrit) { - $state = $ERRORS{'CRITICAL'}; - $answer = "Server Error and offset $offset sec > +/- $ocrit sec"; - } elsif (defined($offset) && abs($offset) > $owarn) { - $answer = "Server error and offset $offset sec > +/- $owarn sec"; - } elsif (defined($jitter) && abs($jitter) > $jcrit) { - $answer = "Server error and jitter $jitter msec > +/- $jcrit msec"; - } elsif (defined($jitter) && abs($jitter) > $jwarn) { - $answer = "Server error and jitter $jitter msec > +/- $jwarn msec"; - } - -} elsif ($have_ntpq && $jitter_error != $ERRORS{'OK'}) { - $state = $jitter_error; - $answer = "Jitter $jitter too high"; - if (defined($offset) && abs($offset) > $ocrit) { - $state = $ERRORS{'CRITICAL'}; - $answer = "Jitter error and offset $offset sec > +/- $ocrit sec"; - } elsif (defined($offset) && abs($offset) > $owarn) { - $answer = "Jitter error and offset $offset sec > +/- $owarn sec"; - } elsif (defined($jitter) && abs($jitter) > $jcrit) { - $answer = "Jitter error and jitter $jitter msec > +/- $jcrit msec"; - } elsif (defined($jitter) && abs($jitter) > $jwarn) { - $answer = "Jitter error and jitter $jitter msec > +/- $jwarn msec"; - } - -} elsif( !$have_ntpq ) { # no errors from ntpdate and no ntpq or ntpq timed out - if (abs($offset) > $ocrit) { - $state = $ERRORS{'CRITICAL'}; - $answer = "Offset $offset sec > +/- $ocrit sec"; - } elsif (abs($offset) > $owarn) { - $state = $ERRORS{'WARNING'}; - $answer = "Offset $offset sec > +/- $owarn sec"; - } elsif (( abs($offset) > $owarn) && $def_jitter ) { - $state = $ERRORS{'WARNING'}; - $answer = "Offset $offset sec > +/- $owarn sec, ntpq timed out"; - } elsif ( $def_jitter ) { - $state = $ERRORS{'WARNING'}; - $answer = "Offset $offset secs, ntpq timed out"; - } else{ - $state = $ERRORS{'OK'}; - $answer = "Offset $offset secs"; - } - - - -} else { # no errors from ntpdate or ntpq - if (abs($offset) > $ocrit) { - $state = $ERRORS{'CRITICAL'}; - $answer = "Offset $offset sec > +/- $ocrit sec, jitter $jitter msec"; - } elsif (abs($jitter) > $jcrit ) { - $state = $ERRORS{'CRITICAL'}; - $answer = "Jitter $jitter msec> +/- $jcrit msec, offset $offset sec"; - } elsif (abs($offset) > $owarn) { - $state = $ERRORS{'WARNING'}; - $answer = "Offset $offset sec > +/- $owarn sec, jitter $jitter msec"; - } elsif (abs($jitter) > $jwarn ) { - $state = $ERRORS{'WARNING'}; - $answer = "Jitter $jitter msec> +/- $jwarn msec, offset $offset sec"; - - } else { - $state = $ERRORS{'OK'}; - $answer = "Offset $offset secs, jitter $jitter msec, peer is stratum $stratum"; - } - -} - -foreach my $key (keys %ERRORS) { - if ($state==$ERRORS{$key}) { -# print ("NTP $key: $answer"); - print ("NTP $key: $answer|offset=$offset, jitter=" . $jitter/1000 . ",peer_stratum=$stratum\n"); - last; - } -} -exit $state; - - -#### -#### subs - -sub print_usage () { - print "Usage: $PROGNAME -H <host> [-46] [-O] [-w <warn>] [-c <crit>] [-j <warn>] [-k <crit>] [-v verbose]\n"; -} - -sub print_help () { - print_revision($PROGNAME,'@NP_VERSION@'); - print "Copyright (c) 2003 Bo Kersey/Karl DeBisschop\n"; - print "\n"; - print_usage(); - print " -Checks the local timestamp offset versus <host> with ntpdate -Checks the jitter/dispersion of clock signal between <host> and its sys.peer with ntpq\n --O (--zero-offset) - A zero offset on \"ntpdate\" will generate a CRITICAL.\n --w (--warning) - Clock offset in seconds at which a warning message will be generated.\n Defaults to $DEFAULT_OFFSET_WARN. --c (--critical) - Clock offset in seconds at which a critical message will be generated.\n Defaults to $DEFAULT_OFFSET_CRIT. --j (--jwarn) - Clock jitter in milliseconds at which a warning message will be generated.\n Defaults to $DEFAULT_JITTER_WARN. --k (--jcrit) - Clock jitter in milliseconds at which a critical message will be generated.\n Defaults to $DEFAULT_JITTER_CRIT. - - If jitter/dispersion is specified with -j or -k and ntpq times out, then a - warning is returned.\n --4 (--use-ipv4) - Use IPv4 connection --6 (--use-ipv6) - Use IPv6 connection -\n"; -support(); -} diff --git a/plugins-scripts/check_rpc.pl b/plugins-scripts/check_rpc.pl index b1c61471..47d6e49e 100755 --- a/plugins-scripts/check_rpc.pl +++ b/plugins-scripts/check_rpc.pl @@ -22,7 +22,6 @@ use strict; use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw($TIMEOUT %ERRORS &print_revision &support); use vars qw($PROGNAME); my ($verbose,@proto,%prognum,$host,$response,$prognum,$port,$cmd,$progver,$state); @@ -64,12 +63,12 @@ GetOptions( ); # -h means display verbose help screen -if ($opt_h) { print_help(); exit $ERRORS{'OK'}; } +if ($opt_h) { print_help(); exit $ERRORS{'UNKNOWN'}; } # -V means display version number if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } # Hash containing all RPC program names and numbers diff --git a/plugins-scripts/check_wave.pl b/plugins-scripts/check_wave.pl index ee0fda4d..41e15f50 100755 --- a/plugins-scripts/check_wave.pl +++ b/plugins-scripts/check_wave.pl @@ -5,7 +5,6 @@ use strict; use FindBin; use lib "$FindBin::Bin"; -use lib '@libexecdir@'; use utils qw($TIMEOUT %ERRORS &print_revision &support); use vars qw($PROGNAME); use Getopt::Long; @@ -32,12 +31,12 @@ GetOptions if ($opt_V) { print_revision($PROGNAME,'@NP_VERSION@'); #' - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } if ($opt_h) { print_help(); - exit $ERRORS{'OK'}; + exit $ERRORS{'UNKNOWN'}; } $opt_H = shift unless ($opt_H); diff --git a/plugins-scripts/t/check_rpc.t b/plugins-scripts/t/check_rpc.t index be8ae2f7..c58f7bf7 100644 --- a/plugins-scripts/t/check_rpc.t +++ b/plugins-scripts/t/check_rpc.t @@ -15,7 +15,7 @@ my $successOutput = '/^check_rpc/'; my $t; -$t += checkCmd( "./check_rpc -V", 0, $successOutput ); +$t += checkCmd( "./check_rpc -V", 3, $successOutput ); exit(0) if defined($Test::Harness::VERSION); exit($tests - $t); diff --git a/plugins/Makefile.am b/plugins/Makefile.am index 41906c53..0ddf9bd1 100644 --- a/plugins/Makefile.am +++ b/plugins/Makefile.am @@ -71,7 +71,7 @@ check_apt_LDADD = $(BASEOBJS) check_cluster_LDADD = $(BASEOBJS) check_dbi_LDADD = $(NETLIBS) $(DBILIBS) check_dig_LDADD = $(NETLIBS) -check_disk_LDADD = $(BASEOBJS) $(THREADLIBS) +check_disk_LDADD = $(BASEOBJS) check_dns_LDADD = $(NETLIBS) check_dummy_LDADD = $(BASEOBJS) check_fping_LDADD = $(NETLIBS) diff --git a/plugins/check_apt.c b/plugins/check_apt.c index 8747f904..a639a411 100644 --- a/plugins/check_apt.c +++ b/plugins/check_apt.c @@ -160,10 +160,10 @@ int process_arguments (int argc, char **argv) { switch(c) { case 'h': print_help(); - exit(STATE_OK); + exit(STATE_UNKNOWN); case 'V': print_revision(progname, NP_VERSION); - exit(STATE_OK); + exit(STATE_UNKNOWN); case 'v': verbose++; break; diff --git a/plugins/check_by_ssh.c b/plugins/check_by_ssh.c index a877f888..13d8bc3b 100644 --- a/plugins/check_by_ssh.c +++ b/plugins/check_by_ssh.c @@ -100,6 +100,13 @@ main (int argc, char **argv) result = cmd_run_array (commargv, &chld_out, &chld_err, 0); + if (verbose) { + for(i = 0; i < chld_out.lines; i++) + printf("stdout: %s\n", chld_out.line[i]); + for(i = 0; i < chld_err.lines; i++) + printf("stderr: %s\n", chld_err.line[i]); + } + if (skip_stdout == -1) /* --skip-stdout specified without argument */ skip_stdout = chld_out.lines; if (skip_stderr == -1) /* --skip-stderr specified without argument */ @@ -209,10 +216,10 @@ process_arguments (int argc, char **argv) switch (c) { case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'v': /* help */ verbose = TRUE; break; diff --git a/plugins/check_cluster.c b/plugins/check_cluster.c index cf699e1f..b86e501d 100644 --- a/plugins/check_cluster.c +++ b/plugins/check_cluster.c @@ -200,7 +200,7 @@ int process_arguments(int argc, char **argv){ case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); break; case 'H': /* help */ diff --git a/plugins/check_dbi.c b/plugins/check_dbi.c index a3d033f4..826eb8d9 100644 --- a/plugins/check_dbi.c +++ b/plugins/check_dbi.c @@ -368,10 +368,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'c': /* critical range */ critical_range = optarg; diff --git a/plugins/check_dig.c b/plugins/check_dig.c index d899b119..473d4b97 100644 --- a/plugins/check_dig.c +++ b/plugins/check_dig.c @@ -125,7 +125,7 @@ main (int argc, char **argv) if (verbose) printf ("%s\n", chld_out.line[i]); - if (strstr (chld_out.line[i], (expected_address == NULL ? query_address : expected_address)) != NULL) { + if (strcasestr (chld_out.line[i], (expected_address == NULL ? query_address : expected_address)) != NULL) { msg = chld_out.line[i]; result = STATE_OK; @@ -223,10 +223,10 @@ process_arguments (int argc, char **argv) switch (c) { case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'H': /* hostname */ host_or_die(optarg); dns_server = optarg; diff --git a/plugins/check_disk.c b/plugins/check_disk.c index eb573f5f..e73a0083 100644 --- a/plugins/check_disk.c +++ b/plugins/check_disk.c @@ -51,9 +51,6 @@ const char *email = "devel@monitoring-plugins.org"; # include <limits.h> #endif #include "regex.h" -#if HAVE_PTHREAD_H -# include <pthread.h> -#endif #ifdef __CYGWIN__ # include <windows.h> @@ -61,9 +58,6 @@ const char *email = "devel@monitoring-plugins.org"; # define ERROR -1 #endif -/* If nonzero, show inode information. */ -static int inode_format = 1; - /* If nonzero, show even filesystems with zero size or uninteresting types. */ static int show_all_fs = 1; @@ -133,7 +127,6 @@ void print_help (void); void print_usage (void); double calculate_percent(uintmax_t, uintmax_t); void stat_path (struct parameter_list *p); -void *do_stat_path (void *p); void get_stats (struct parameter_list *p, struct fs_usage *fsp); void get_path_stats (struct parameter_list *p, struct fs_usage *fsp); @@ -182,7 +175,7 @@ main (int argc, char **argv) int temp_result; struct mount_entry *me; - struct fs_usage fsp, tmpfsp; + struct fs_usage fsp; struct parameter_list *temp_list, *path; #ifdef __CYGWIN__ @@ -427,9 +420,7 @@ process_arguments (int argc, char **argv) int c, err; struct parameter_list *se; struct parameter_list *temp_list = NULL, *previous = NULL; - struct parameter_list *temp_path_select_list = NULL; - struct mount_entry *me, *temp_me; - int result = OK; + struct mount_entry *me; regex_t re; int cflags = REG_NOSUB | REG_EXTENDED; int default_cflags = cflags; @@ -766,10 +757,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case '?': /* help */ usage (_("Unknown argument")); } @@ -972,44 +963,6 @@ print_usage (void) void stat_path (struct parameter_list *p) { -#ifdef HAVE_PTHREAD_H - pthread_t stat_thread; - int statdone = 0; - int timer = timeout_interval; - struct timespec req, rem; - - req.tv_sec = 0; - pthread_create(&stat_thread, NULL, do_stat_path, p); - while (timer-- > 0) { - req.tv_nsec = 10000000; - nanosleep(&req, &rem); - if (pthread_kill(stat_thread, 0)) { - statdone = 1; - break; - } else { - req.tv_nsec = 990000000; - nanosleep(&req, &rem); - } - } - if (statdone == 1) { - pthread_join(stat_thread, NULL); - } else { - pthread_detach(stat_thread); - if (verbose >= 3) - printf("stat did not return within %ds on %s\n", timeout_interval, p->name); - printf("DISK %s - ", _("CRITICAL")); - die (STATE_CRITICAL, _("%s %s: %s\n"), p->name, _("hangs"), _("Timeout")); - } -#else - do_stat_path(p); -#endif -} - -void * -do_stat_path (void *in) -{ - struct parameter_list *p = in; - /* Stat entry to check that dir exists and is accessible */ if (verbose >= 3) printf("calling stat on %s\n", p->name); @@ -1019,7 +972,6 @@ do_stat_path (void *in) printf("DISK %s - ", _("CRITICAL")); die (STATE_CRITICAL, _("%s %s: %s\n"), p->name, _("is not accessible"), strerror(errno)); } - return NULL; } diff --git a/plugins/check_dns.c b/plugins/check_dns.c index 22121226..54ce7d16 100644 --- a/plugins/check_dns.c +++ b/plugins/check_dns.c @@ -81,7 +81,6 @@ main (int argc, char **argv) double elapsed_time; long microsec; struct timeval tv; - int multi_address; int parse_address = FALSE; /* This flag scans for Address: but only after Name: */ output chld_out, chld_err; size_t i; @@ -127,7 +126,7 @@ main (int argc, char **argv) if (verbose) puts(chld_out.line[i]); - if (strstr (chld_out.line[i], ".in-addr.arpa")) { + if (strcasestr (chld_out.line[i], ".in-addr.arpa")) { if ((temp_buffer = strstr (chld_out.line[i], "name = "))) addresses[n_addresses++] = strdup (temp_buffer + 7); else { @@ -249,11 +248,6 @@ main (int argc, char **argv) elapsed_time = (double)microsec / 1.0e6; if (result == STATE_OK) { - if (strchr (address, ',') == NULL) - multi_address = FALSE; - else - multi_address = TRUE; - result = get_status(elapsed_time, time_thresholds); if (result == STATE_OK) { printf ("DNS %s: ", _("OK")); @@ -395,10 +389,10 @@ process_arguments (int argc, char **argv) switch (c) { case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'v': /* version */ verbose = TRUE; break; diff --git a/plugins/check_dummy.c b/plugins/check_dummy.c index 3ed68717..212a1344 100644 --- a/plugins/check_dummy.c +++ b/plugins/check_dummy.c @@ -52,11 +52,11 @@ main (int argc, char **argv) usage4 (_("Could not parse arguments")); else if (strcmp (argv[1], "-V") == 0 || strcmp (argv[1], "--version") == 0) { print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); } else if (strcmp (argv[1], "-h") == 0 || strcmp (argv[1], "--help") == 0) { print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); } else if (!is_integer (argv[1])) usage4 (_("Arguments to check_dummy must be an integer")); diff --git a/plugins/check_fping.c b/plugins/check_fping.c index 46046b4f..da1ce1a6 100644 --- a/plugins/check_fping.c +++ b/plugins/check_fping.c @@ -105,7 +105,7 @@ main (int argc, char **argv) xasprintf(&option_string, "%s-I %s ", option_string, sourceif); #ifdef PATH_TO_FPING6 - if (address_family == AF_INET6) + if (address_family != AF_INET && is_inet6_addr(server)) fping_prog = strdup(PATH_TO_FPING6); else fping_prog = strdup(PATH_TO_FPING); @@ -314,10 +314,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'v': /* verbose mode */ verbose = TRUE; break; diff --git a/plugins/check_game.c b/plugins/check_game.c index 29e59e2f..709dae1b 100644 --- a/plugins/check_game.c +++ b/plugins/check_game.c @@ -196,10 +196,10 @@ process_arguments (int argc, char **argv) switch (c) { case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'v': /* version */ verbose = TRUE; break; diff --git a/plugins/check_hpjd.c b/plugins/check_hpjd.c index 5fe06984..f159f5a2 100644 --- a/plugins/check_hpjd.c +++ b/plugins/check_hpjd.c @@ -350,10 +350,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case '?': /* help */ usage5 (); } diff --git a/plugins/check_http.c b/plugins/check_http.c index 51679975..2038f4a1 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c @@ -267,11 +267,11 @@ process_arguments (int argc, char **argv) break; case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); break; case 't': /* timeout period */ if (!is_intnonneg (optarg)) @@ -343,9 +343,20 @@ process_arguments (int argc, char **argv) parameters, like -S and -C combinations */ use_ssl = TRUE; if (c=='S' && optarg != NULL) { - ssl_version = atoi(optarg); - if (ssl_version < 1 || ssl_version > 3) - usage4 (_("Invalid option - Valid values for SSL Version are 1 (TLSv1), 2 (SSLv2) or 3 (SSLv3)")); + int got_plus = strchr(optarg, '+') != NULL; + + if (!strncmp (optarg, "1.2", 3)) + ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2; + else if (!strncmp (optarg, "1.1", 3)) + ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1; + else if (optarg[0] == '1') + ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1; + else if (optarg[0] == '3') + ssl_version = got_plus ? MP_SSLv3_OR_NEWER : MP_SSLv3; + else if (optarg[0] == '2') + ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2; + else + usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); } if (specify_port == FALSE) server_port = HTTPS_PORT; @@ -869,17 +880,42 @@ check_http (void) double elapsed_time_transfer = 0.0; int page_len = 0; int result = STATE_OK; + char *force_host_header = NULL; /* try to connect to the host at the given port number */ gettimeofday (&tv_temp, NULL); if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); microsec_connect = deltime (tv_temp); + + /* if we are called with the -I option, the -j method is CONNECT and */ + /* we received -S for SSL, then we tunnel the request through a proxy*/ + /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ + + if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 + && host_name != NULL && use_ssl == TRUE) { + + if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); + asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); + asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); + asprintf (&buf, "%sHost: %s\r\n", buf, host_name); + /* we finished our request, send empty line with CRLF */ + asprintf (&buf, "%s%s", buf, CRLF); + if (verbose) printf ("%s\n", buf); + send(sd, buf, strlen (buf), 0); + buf[0]='\0'; + + if (verbose) printf ("Receive response from proxy\n"); + read (sd, buffer, MAX_INPUT_BUFFER-1); + if (verbose) printf ("%s", buffer); + /* Here we should check if we got HTTP/1.1 200 Connection established */ + } #ifdef HAVE_SSL elapsed_time_connect = (double)microsec_connect / 1.0e6; if (use_ssl == TRUE) { gettimeofday (&tv_temp, NULL); result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); + if (verbose) printf ("SSL initialized\n"); if (result != STATE_OK) die (STATE_CRITICAL, NULL); microsec_ssl = deltime (tv_temp); @@ -893,29 +929,51 @@ check_http (void) } #endif /* HAVE_SSL */ - xasprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); + if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 + && host_name != NULL && use_ssl == TRUE) + asprintf (&buf, "%s %s %s\r\n%s\r\n", "GET", server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); + else + asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); /* tell HTTP/1.1 servers not to keep the connection alive */ xasprintf (&buf, "%sConnection: close\r\n", buf); + /* check if Host header is explicitly set in options */ + if (http_opt_headers_count) { + for (i = 0; i < http_opt_headers_count ; i++) { + if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { + force_host_header = http_opt_headers[i]; + } + } + } + /* optionally send the host header info */ if (host_name) { - /* - * Specify the port only if we're using a non-default port (see RFC 2616, - * 14.23). Some server applications/configurations cause trouble if the - * (default) port is explicitly specified in the "Host:" header line. - */ - if ((use_ssl == FALSE && server_port == HTTP_PORT) || - (use_ssl == TRUE && server_port == HTTPS_PORT)) - xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); - else - xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port); + if (force_host_header) { + xasprintf (&buf, "%s%s\r\n", buf, force_host_header); + } + else { + /* + * Specify the port only if we're using a non-default port (see RFC 2616, + * 14.23). Some server applications/configurations cause trouble if the + * (default) port is explicitly specified in the "Host:" header line. + */ + if ((use_ssl == FALSE && server_port == HTTP_PORT) || + (use_ssl == TRUE && server_port == HTTPS_PORT) || + (server_address != NULL && strcmp(http_method, "CONNECT") == 0 + && host_name != NULL && use_ssl == TRUE)) + xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); + else + xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, server_port); + } } /* optionally send any other header tag */ if (http_opt_headers_count) { for (i = 0; i < http_opt_headers_count ; i++) { - xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); + if (force_host_header != http_opt_headers[i]) { + xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); + } } /* This cannot be free'd here because a redirection will then try to access this and segfault */ /* Covered in a testcase in tests/check_http.t */ @@ -1467,9 +1525,10 @@ print_help (void) printf (UT_IPv46); #ifdef HAVE_SSL - printf (" %s\n", "-S, --ssl=VERSION"); + printf (" %s\n", "-S, --ssl=VERSION[+]"); printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); - printf (" %s\n", _("auto-negotiation (1 = TLSv1, 2 = SSLv2, 3 = SSLv3).")); + printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); + printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted.")); printf (" %s\n", "--sni"); printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); @@ -1496,7 +1555,7 @@ print_help (void) printf (" %s\n", _("URL to GET or POST (default: /)")); printf (" %s\n", "-P, --post=STRING"); printf (" %s\n", _("URL encoded http POST data")); - printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE)"); + printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)"); printf (" %s\n", _("Set HTTP method.")); printf (" %s\n", "-N, --no-body"); printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); @@ -1570,7 +1629,7 @@ print_help (void) printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); - printf (" %s\n", _("the certificate is expired.")); + printf (" %s\n\n", _("the certificate is expired.")); printf ("\n"); printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); @@ -1578,6 +1637,13 @@ print_help (void) printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); + printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); + printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); + printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>")); + printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); + printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); + printf (" %s\n", _("a STATE_CRITICAL will be returned.")); + #endif printf (UT_SUPPORT); diff --git a/plugins/check_ide_smart.c b/plugins/check_ide_smart.c index 47605e96..8d540ca1 100644 --- a/plugins/check_ide_smart.c +++ b/plugins/check_ide_smart.c @@ -234,10 +234,10 @@ main (int argc, char *argv[]) break; case 'h': print_help (); - return STATE_OK; + return STATE_UNKNOWN; case 'V': print_revision (progname, NP_VERSION); - return STATE_OK; + return STATE_UNKNOWN; default: usage5 (); } @@ -249,7 +249,7 @@ main (int argc, char *argv[]) if (!device) { print_help (); - return STATE_OK; + return STATE_UNKNOWN; } fd = open (device, OPEN_MODE); diff --git a/plugins/check_ldap.c b/plugins/check_ldap.c index c371be97..66be4b46 100644 --- a/plugins/check_ldap.c +++ b/plugins/check_ldap.c @@ -1,29 +1,29 @@ /***************************************************************************** -* +* * Monitoring check_ldap plugin -* +* * License: GPL * Copyright (c) 2000-2008 Monitoring Plugins Development Team -* +* * Description: -* +* * This file contains the check_ldap plugin -* -* +* +* * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. -* +* * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. -* +* * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. -* -* +* +* *****************************************************************************/ /* progname may be check_ldaps */ @@ -67,7 +67,10 @@ int ld_protocol = DEFAULT_PROTOCOL; #endif double warn_time = UNDEFINED; double crit_time = UNDEFINED; +thresholds *entries_thresholds = NULL; struct timeval tv; +char* warn_entries = NULL; +char* crit_entries = NULL; int starttls = FALSE; int ssl_on_connect = FALSE; int verbose = 0; @@ -94,6 +97,12 @@ main (int argc, char *argv[]) int tls; int version=3; + /* for entry counting */ + + LDAPMessage *next_entry; + int status_entries = STATE_OK; + int num_entries = 0; + setlocale (LC_ALL, ""); bindtextdomain (PACKAGE, LOCALEDIR); textdomain (PACKAGE); @@ -197,12 +206,14 @@ main (int argc, char *argv[]) } /* do a search of all objectclasses in the base dn */ - if (ldap_search_s (ld, ld_base, LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) + if (ldap_search_s (ld, ld_base, (crit_entries!=NULL || warn_entries!=NULL) ? LDAP_SCOPE_SUBTREE : LDAP_SCOPE_BASE, ld_attr, NULL, 0, &result) != LDAP_SUCCESS) { if (verbose) ldap_perror(ld, "ldap_search"); printf (_("Could not search/find objectclasses in %s\n"), ld_base); return STATE_CRITICAL; + } else if (crit_entries!=NULL || warn_entries!=NULL) { + num_entries = ldap_count_entries(ld, result); } /* unbind from the ldap server */ @@ -223,14 +234,42 @@ main (int argc, char *argv[]) else status = STATE_OK; + if(entries_thresholds != NULL) { + if (verbose) { + printf ("entries found: %d\n", num_entries); + print_thresholds("entry threasholds", entries_thresholds); + } + status_entries = get_status(num_entries, entries_thresholds); + if (status_entries == STATE_CRITICAL) { + status = STATE_CRITICAL; + } else if (status != STATE_CRITICAL) { + status = status_entries; + } + } + /* print out the result */ - printf (_("LDAP %s - %.3f seconds response time|%s\n"), - state_text (status), - elapsed_time, - fperfdata ("time", elapsed_time, "s", - (int)warn_time, warn_time, - (int)crit_time, crit_time, - TRUE, 0, FALSE, 0)); + if (crit_entries!=NULL || warn_entries!=NULL) { + printf (_("LDAP %s - found %d entries in %.3f seconds|%s %s\n"), + state_text (status), + num_entries, + elapsed_time, + fperfdata ("time", elapsed_time, "s", + (int)warn_time, warn_time, + (int)crit_time, crit_time, + TRUE, 0, FALSE, 0), + sperfdata ("entries", (double)num_entries, "", + warn_entries, + crit_entries, + TRUE, 0.0, FALSE, 0.0)); + } else { + printf (_("LDAP %s - %.3f seconds response time|%s\n"), + state_text (status), + elapsed_time, + fperfdata ("time", elapsed_time, "s", + (int)warn_time, warn_time, + (int)crit_time, crit_time, + TRUE, 0, FALSE, 0)); + } return status; } @@ -263,6 +302,8 @@ process_arguments (int argc, char **argv) {"port", required_argument, 0, 'p'}, {"warn", required_argument, 0, 'w'}, {"crit", required_argument, 0, 'c'}, + {"warn-entries", required_argument, 0, 'W'}, + {"crit-entries", required_argument, 0, 'C'}, {"verbose", no_argument, 0, 'v'}, {0, 0, 0, 0} }; @@ -276,7 +317,7 @@ process_arguments (int argc, char **argv) } while (1) { - c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:", longopts, &option); + c = getopt_long (argc, argv, "hvV234TS6t:c:w:H:b:p:a:D:P:C:W:", longopts, &option); if (c == -1 || c == EOF) break; @@ -284,10 +325,10 @@ process_arguments (int argc, char **argv) switch (c) { case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 't': /* timeout period */ if (!is_intnonneg (optarg)) usage2 (_("Timeout interval must be a positive integer"), optarg); @@ -318,6 +359,12 @@ process_arguments (int argc, char **argv) case 'c': crit_time = strtod (optarg, NULL); break; + case 'W': + warn_entries = optarg; + break; + case 'C': + crit_entries = optarg; + break; #ifdef HAVE_LDAP_SET_OPTION case '2': ld_protocol = 2; @@ -381,6 +428,10 @@ validate_arguments () if (ld_base==NULL) usage4 (_("Please specify the LDAP base\n")); + if (crit_entries!=NULL || warn_entries!=NULL) { + set_thresholds(&entries_thresholds, + warn_entries, crit_entries); + } return OK; } @@ -430,6 +481,11 @@ print_help (void) printf (UT_WARN_CRIT); + printf (" %s\n", "-W [--warn-entries]"); + printf (" %s\n", _("Number of found entries to result in warning status")); + printf (" %s\n", "-C [--crit-entries]"); + printf (" %s\n", _("Number of found entries to result in critical status")); + printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); printf (UT_VERBOSE); @@ -441,6 +497,7 @@ print_help (void) printf (" %s\n", _("'SSL on connect' will be used no matter how the plugin was called.")); printf (" %s\n", _("This detection is deprecated, please use 'check_ldap' with the '--starttls' or '--ssl' flags")); printf (" %s\n", _("to define the behaviour explicitly instead.")); + printf (" %s\n", _("The parameters --warn-entries and --crit-entries are optional.")); printf (UT_SUPPORT); } diff --git a/plugins/check_load.c b/plugins/check_load.c index cde63e56..a96435f4 100644 --- a/plugins/check_load.c +++ b/plugins/check_load.c @@ -251,10 +251,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case '?': /* help */ usage5 (); } diff --git a/plugins/check_mrtg.c b/plugins/check_mrtg.c index cf3fe044..1fda5492 100644 --- a/plugins/check_mrtg.c +++ b/plugins/check_mrtg.c @@ -234,10 +234,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case '?': /* help */ usage5 (); } diff --git a/plugins/check_mrtgtraf.c b/plugins/check_mrtgtraf.c index 3b038cf1..eb66f622 100644 --- a/plugins/check_mrtgtraf.c +++ b/plugins/check_mrtgtraf.c @@ -270,10 +270,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case '?': /* help */ usage5 (); } diff --git a/plugins/check_mysql.c b/plugins/check_mysql.c index 216626bc..5773afd9 100644 --- a/plugins/check_mysql.c +++ b/plugins/check_mysql.c @@ -444,10 +444,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'v': verbose++; break; diff --git a/plugins/check_mysql_query.c b/plugins/check_mysql_query.c index 71ab7768..49a14dd3 100644 --- a/plugins/check_mysql_query.c +++ b/plugins/check_mysql_query.c @@ -250,10 +250,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'q': xasprintf(&sql_query, "%s", optarg); break; diff --git a/plugins/check_nagios.c b/plugins/check_nagios.c index 791b6dbe..40d68f03 100644 --- a/plugins/check_nagios.c +++ b/plugins/check_nagios.c @@ -235,10 +235,10 @@ process_arguments (int argc, char **argv) switch (c) { case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'F': /* status log */ status_log = optarg; break; diff --git a/plugins/check_nt.c b/plugins/check_nt.c index f621b0a8..59c135db 100644 --- a/plugins/check_nt.c +++ b/plugins/check_nt.c @@ -553,10 +553,10 @@ int process_arguments(int argc, char **argv){ usage5 (); case 'h': /* help */ print_help(); - exit(STATE_OK); + exit(STATE_UNKNOWN); case 'V': /* version */ print_revision(progname, NP_VERSION); - exit(STATE_OK); + exit(STATE_UNKNOWN); case 'H': /* hostname */ server_address = optarg; break; diff --git a/plugins/check_ntp.c b/plugins/check_ntp.c index 74501711..5ac6c65b 100644 --- a/plugins/check_ntp.c +++ b/plugins/check_ntp.c @@ -689,11 +689,11 @@ int process_arguments(int argc, char **argv){ switch (c) { case 'h': print_help(); - exit(STATE_OK); + exit(STATE_UNKNOWN); break; case 'V': print_revision(progname, NP_VERSION); - exit(STATE_OK); + exit(STATE_UNKNOWN); break; case 'v': verbose++; diff --git a/plugins/check_ntp_peer.c b/plugins/check_ntp_peer.c index 44424af5..c656b0f5 100644 --- a/plugins/check_ntp_peer.c +++ b/plugins/check_ntp_peer.c @@ -448,11 +448,11 @@ int process_arguments(int argc, char **argv){ switch (c) { case 'h': print_help(); - exit(STATE_OK); + exit(STATE_UNKNOWN); break; case 'V': print_revision(progname, NP_VERSION); - exit(STATE_OK); + exit(STATE_UNKNOWN); break; case 'v': verbose++; diff --git a/plugins/check_ntp_time.c b/plugins/check_ntp_time.c index e344f8b7..1cc8cbfb 100644 --- a/plugins/check_ntp_time.c +++ b/plugins/check_ntp_time.c @@ -244,7 +244,7 @@ void setup_request(ntp_message *p){ * this is done by filtering servers based on stratum, dispersion, and * finally round-trip delay. */ int best_offset_server(const ntp_server_results *slist, int nservers){ - int i=0, cserver=0, best_server=-1; + int cserver=0, best_server=-1; /* for each server */ for(cserver=0; cserver<nservers; cserver++){ @@ -303,7 +303,7 @@ int best_offset_server(const ntp_server_results *slist, int nservers){ * we have to do it in a way that our lazy macros don't handle currently :( */ double offset_request(const char *host, int *status){ int i=0, j=0, ga_result=0, num_hosts=0, *socklist=NULL, respnum=0; - int servers_completed=0, one_written=0, one_read=0, servers_readable=0, best_index=-1; + int servers_completed=0, one_read=0, servers_readable=0, best_index=-1; time_t now_time=0, start_ts=0; ntp_message *req=NULL; double avg_offset=0.; @@ -368,7 +368,6 @@ double offset_request(const char *host, int *status){ * been touched in the past second or so and is still lacking * some responses. For each of these servers, send a new request, * and update the "waiting" timestamp with the current time. */ - one_written=0; now_time=time(NULL); for(i=0; i<num_hosts; i++){ @@ -378,7 +377,6 @@ double offset_request(const char *host, int *status){ setup_request(&req[i]); write(socklist[i], &req[i], sizeof(ntp_message)); servers[i].waiting=now_time; - one_written=1; break; } } @@ -477,11 +475,11 @@ int process_arguments(int argc, char **argv){ switch (c) { case 'h': print_help(); - exit(STATE_OK); + exit(STATE_UNKNOWN); break; case 'V': print_revision(progname, NP_VERSION); - exit(STATE_OK); + exit(STATE_UNKNOWN); break; case 'v': verbose++; diff --git a/plugins/check_nwstat.c b/plugins/check_nwstat.c index 1a7bfa16..e7e8de05 100644 --- a/plugins/check_nwstat.c +++ b/plugins/check_nwstat.c @@ -1354,10 +1354,10 @@ int process_arguments(int argc, char **argv) { usage5 (); case 'h': /* help */ print_help(); - exit(STATE_OK); + exit(STATE_UNKNOWN); case 'V': /* version */ print_revision(progname, NP_VERSION); - exit(STATE_OK); + exit(STATE_UNKNOWN); case 'H': /* hostname */ server_address=optarg; break; diff --git a/plugins/check_overcr.c b/plugins/check_overcr.c index af5eb9b9..9a4d25fa 100644 --- a/plugins/check_overcr.c +++ b/plugins/check_overcr.c @@ -340,10 +340,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'H': /* hostname */ server_address = optarg; break; diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c index 9bad1ec5..2eb699e8 100644 --- a/plugins/check_pgsql.c +++ b/plugins/check_pgsql.c @@ -302,10 +302,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 't': /* timeout period */ if (!is_integer (optarg)) usage2 (_("Timeout interval must be a positive integer"), optarg); diff --git a/plugins/check_ping.c b/plugins/check_ping.c index dbc5c3e4..423ecbe5 100644 --- a/plugins/check_ping.c +++ b/plugins/check_ping.c @@ -224,11 +224,11 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); break; case 't': /* timeout period */ timeout_interval = atoi (optarg); diff --git a/plugins/check_procs.c b/plugins/check_procs.c index 402aac53..4bcc56bc 100644 --- a/plugins/check_procs.c +++ b/plugins/check_procs.c @@ -428,10 +428,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 't': /* timeout period */ if (!is_integer (optarg)) usage2 (_("Timeout interval must be a positive integer"), optarg); diff --git a/plugins/check_radius.c b/plugins/check_radius.c index b2943475..03cbb8b0 100644 --- a/plugins/check_radius.c +++ b/plugins/check_radius.c @@ -259,10 +259,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (OK); + exit (STATE_UNKNOWN); case 'v': /* verbose mode */ verbose = TRUE; break; diff --git a/plugins/check_real.c b/plugins/check_real.c index 00bd4d20..6491e6e9 100644 --- a/plugins/check_real.c +++ b/plugins/check_real.c @@ -359,10 +359,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case '?': /* usage */ usage5 (); } diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 24304534..1996c6d3 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -231,7 +231,7 @@ main (int argc, char **argv) send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); recvlines(buffer, MAX_INPUT_BUFFER); /* wait for it */ - if (!strstr (buffer, server_expect)) { + if (!strstr (buffer, SMTP_EXPECT)) { printf (_("Server does not support STARTTLS\n")); smtp_quit(); return STATE_UNKNOWN; @@ -276,6 +276,7 @@ main (int argc, char **argv) # ifdef USE_OPENSSL if ( check_cert ) { result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); + smtp_quit(); my_close(); return result; } @@ -581,11 +582,6 @@ process_arguments (int argc, char **argv) usage4 (_("Timeout interval must be a positive integer")); } break; - case 'S': - /* starttls */ - use_ssl = TRUE; - use_ehlo = TRUE; - break; case 'D': /* Check SSL cert validity */ #ifdef USE_OPENSSL @@ -607,9 +603,14 @@ process_arguments (int argc, char **argv) days_till_exp_warn = atoi (optarg); } check_cert = TRUE; + ignore_send_quit_failure = TRUE; #else usage (_("SSL support not available - install OpenSSL and recompile")); #endif + case 'S': + /* starttls */ + use_ssl = TRUE; + use_ehlo = TRUE; break; case '4': address_family = AF_INET; @@ -623,10 +624,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case '?': /* help */ usage5 (); } diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 9d966faa..da9638c4 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -41,7 +41,6 @@ const char *email = "devel@monitoring-plugins.org"; #define DEFAULT_PORT "161" #define DEFAULT_MIBLIST "ALL" #define DEFAULT_PROTOCOL "1" -#define DEFAULT_TIMEOUT 1 #define DEFAULT_RETRIES 5 #define DEFAULT_AUTH_PROTOCOL "MD5" #define DEFAULT_PRIV_PROTOCOL "DES" @@ -153,7 +152,7 @@ state_data *previous_state; double *previous_value; size_t previous_size = OID_COUNT_STEP; int perf_labels = 1; - +char* ip_version = ""; static char *fix_snmp_range(char *th) { @@ -227,7 +226,7 @@ main (int argc, char **argv) outbuff = strdup (""); delimiter = strdup (" = "); output_delim = strdup (DEFAULT_OUTPUT_DELIMITER); - timeout_interval = DEFAULT_TIMEOUT; + timeout_interval = DEFAULT_SOCKET_TIMEOUT; retries = DEFAULT_RETRIES; np_init( (char *) progname, argc, argv ); @@ -418,6 +417,9 @@ main (int argc, char **argv) else if (strstr (response, "INTEGER: ")) { show = strstr (response, "INTEGER: ") + 9; } + else if (strstr (response, "OID: ")) { + show = strstr (response, "OID: ") + 5; + } else if (strstr (response, "STRING: ")) { show = strstr (response, "STRING: ") + 8; conv = "%.10g"; @@ -678,6 +680,8 @@ process_arguments (int argc, char **argv) {"offset", required_argument, 0, L_OFFSET}, {"invert-search", no_argument, 0, L_INVERT_SEARCH}, {"perf-oids", no_argument, 0, 'O'}, + {"ipv4", no_argument, 0, '4'}, + {"ipv6", no_argument, 0, '6'}, {0, 0, 0, 0} }; @@ -695,7 +699,7 @@ process_arguments (int argc, char **argv) } while (1) { - c = getopt_long (argc, argv, "nhvVOt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:", + c = getopt_long (argc, argv, "nhvVO46t:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:N:L:U:a:x:A:X:", longopts, &option); if (c == -1 || c == EOF) @@ -706,10 +710,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'v': /* verbose */ verbose++; break; @@ -920,6 +924,13 @@ process_arguments (int argc, char **argv) case 'O': perf_labels=0; break; + case '4': + break; + case '6': + xasprintf(&ip_version, "udp6:"); + if(verbose>2) + printf("IPv6 detected! Will pass \"udp6:\" to snmpget.\n"); + break; } } @@ -1125,6 +1136,7 @@ print_help (void) printf (UT_HELP_VRSN); printf (UT_EXTRA_OPTS); + printf (UT_IPv46); printf (UT_HOST_PORT, 'p', DEFAULT_PORT); @@ -1243,5 +1255,5 @@ print_usage (void) printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n"); printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n"); printf ("[-m miblist] [-P snmp version] [-N context] [-L seclevel] [-U secname]\n"); - printf ("[-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd]\n"); + printf ("[-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd] [-4|6]\n"); } diff --git a/plugins/check_ssh.c b/plugins/check_ssh.c index 3658965e..8ccbd5a7 100644 --- a/plugins/check_ssh.c +++ b/plugins/check_ssh.c @@ -128,10 +128,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'v': /* verbose */ verbose = TRUE; break; diff --git a/plugins/check_swap.c b/plugins/check_swap.c index 25e0bacd..4d5a4071 100644 --- a/plugins/check_swap.c +++ b/plugins/check_swap.c @@ -470,10 +470,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case '?': /* error */ usage5 (); } diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 63f9fd9c..6dc9aa96 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -237,7 +237,7 @@ main (int argc, char **argv) gettimeofday (&tv, NULL); result = np_net_connect (server_address, server_port, &sd, PROTOCOL); - if (result == STATE_CRITICAL) return STATE_CRITICAL; + if (result == STATE_CRITICAL) return econn_refuse_state; #ifdef HAVE_SSL if (flags & FLAG_SSL){ @@ -463,10 +463,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'v': /* verbose mode */ flags |= FLAG_VERBOSE; match_flags |= NP_MATCH_VERBOSE; @@ -577,7 +577,8 @@ process_arguments (int argc, char **argv) if ((temp=strchr(optarg,','))!=NULL) { *temp='\0'; if (!is_intnonneg (optarg)) - usage2 (_("Invalid certificate expiration period"), optarg); days_till_exp_warn = atoi(optarg); + usage2 (_("Invalid certificate expiration period"), optarg); + days_till_exp_warn = atoi (optarg); *temp=','; temp++; if (!is_intnonneg (temp)) diff --git a/plugins/check_time.c b/plugins/check_time.c index 3943742a..baf8c591 100644 --- a/plugins/check_time.c +++ b/plugins/check_time.c @@ -231,10 +231,10 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'H': /* hostname */ if (is_host (optarg) == FALSE) usage2 (_("Invalid hostname/address"), optarg); diff --git a/plugins/check_ups.c b/plugins/check_ups.c index 099881d0..e9e56a51 100644 --- a/plugins/check_ups.c +++ b/plugins/check_ups.c @@ -242,8 +242,8 @@ main (int argc, char **argv) } xasprintf (&data, "%s %s", data, perfdata ("battery", (long)ups_battery_percent, "%", - check_warn, (long)(1000*warning_value), - check_crit, (long)(1000*critical_value), + check_warn, (long)(warning_value), + check_crit, (long)(critical_value), TRUE, 0, TRUE, 100)); } else { xasprintf (&data, "%s %s", data, @@ -271,8 +271,8 @@ main (int argc, char **argv) } xasprintf (&data, "%s %s", data, perfdata ("load", (long)ups_load_percent, "%", - check_warn, (long)(1000*warning_value), - check_crit, (long)(1000*critical_value), + check_warn, (long)(warning_value), + check_crit, (long)(critical_value), TRUE, 0, TRUE, 100)); } else { xasprintf (&data, "%s %s", data, @@ -308,8 +308,8 @@ main (int argc, char **argv) } xasprintf (&data, "%s %s", data, perfdata ("temp", (long)ups_temperature, tunits, - check_warn, (long)(1000*warning_value), - check_crit, (long)(1000*critical_value), + check_warn, (long)(warning_value), + check_crit, (long)(critical_value), TRUE, 0, FALSE, 0)); } else { xasprintf (&data, "%s %s", data, @@ -558,10 +558,10 @@ process_arguments (int argc, char **argv) break; case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); } } diff --git a/plugins/check_users.c b/plugins/check_users.c index a009f20b..f6f4b362 100644 --- a/plugins/check_users.c +++ b/plugins/check_users.c @@ -54,15 +54,15 @@ int process_arguments (int, char **); void print_help (void); void print_usage (void); -int wusers = -1; -int cusers = -1; +char *warning_range = NULL; +char *critical_range = NULL; +thresholds *thlds = NULL; int main (int argc, char **argv) { int users = -1; int result = STATE_UNKNOWN; - char *perf; #if HAVE_WTSAPI32_H WTS_SESSION_INFO *wtsinfo; DWORD wtscount; @@ -77,8 +77,6 @@ main (int argc, char **argv) bindtextdomain (PACKAGE, LOCALEDIR); textdomain (PACKAGE); - perf = strdup (""); - /* Parse extra opts if any */ argv = np_extra_opts (&argc, argv, progname); @@ -160,23 +158,15 @@ main (int argc, char **argv) #endif /* check the user count against warning and critical thresholds */ - if (users > cusers) - result = STATE_CRITICAL; - else if (users > wusers) - result = STATE_WARNING; - else if (users >= 0) - result = STATE_OK; + result = get_status((double)users, thlds); if (result == STATE_UNKNOWN) printf ("%s\n", _("Unable to read output")); else { - xasprintf (&perf, "%s", perfdata ("users", users, "", - TRUE, wusers, - TRUE, cusers, - TRUE, 0, - FALSE, 0)); - printf (_("USERS %s - %d users currently logged in |%s\n"), state_text (result), - users, perf); + printf (_("USERS %s - %d users currently logged in |%s\n"), + state_text(result), users, + sperfdata_int("users", users, "", warning_range, + critical_range, TRUE, 0, FALSE, 0)); } return result; @@ -210,38 +200,32 @@ process_arguments (int argc, char **argv) usage5 (); case 'h': /* help */ print_help (); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'V': /* version */ print_revision (progname, NP_VERSION); - exit (STATE_OK); + exit (STATE_UNKNOWN); case 'c': /* critical */ - if (!is_intnonneg (optarg)) - usage4 (_("Critical threshold must be a positive integer")); - else - cusers = atoi (optarg); + critical_range = optarg; break; case 'w': /* warning */ - if (!is_intnonneg (optarg)) - usage4 (_("Warning threshold must be a positive integer")); - else - wusers = atoi (optarg); + warning_range = optarg; break; } } c = optind; - if (wusers == -1 && argc > c) { - if (is_intnonneg (argv[c]) == FALSE) - usage4 (_("Warning threshold must be a positive integer")); - else - wusers = atoi (argv[c++]); - } - if (cusers == -1 && argc > c) { - if (is_intnonneg (argv[c]) == FALSE) - usage4 (_("Warning threshold must be a positive integer")); - else - cusers = atoi (argv[c]); - } + if (warning_range == NULL && argc > c) + warning_range = argv[c++]; + if (critical_range == NULL && argc > c) + critical_range = argv[c++]; + + /* this will abort in case of invalid ranges */ + set_thresholds (&thlds, warning_range, critical_range); + + if (thlds->warning->end < 0) + usage4 (_("Warning threshold must be a positive integer")); + if (thlds->critical->end < 0) + usage4 (_("Critical threshold must be a positive integer")); return OK; } diff --git a/plugins/negate.c b/plugins/negate.c index beaed1ea..b320e356 100644 --- a/plugins/negate.c +++ b/plugins/negate.c @@ -59,8 +59,8 @@ static int state[4] = { int main (int argc, char **argv) { - int found = 0, result = STATE_UNKNOWN; - char *buf, *sub; + int result = STATE_UNKNOWN; + char *sub; char **command_line; output chld_out, chld_err; int i; diff --git a/plugins/netutils.c b/plugins/netutils.c index 83f8942f..705aaf09 100644 --- a/plugins/netutils.c +++ b/plugins/netutils.c @@ -161,6 +161,10 @@ process_request (const char *server_address, int server_port, int proto, int np_net_connect (const char *host_name, int port, int *sd, int proto) { + /* send back STATE_UNKOWN if there's an error + send back STATE_OK if we connect + send back STATE_CRITICAL if we can't connect. + Let upstream figure out what to send to the user. */ struct addrinfo hints; struct addrinfo *r, *res; struct sockaddr_un su; @@ -250,16 +254,14 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) else if (was_refused) { switch (econn_refuse_state) { /* a user-defined expected outcome */ case STATE_OK: - case STATE_WARNING: /* user wants WARN or OK on refusal */ - return econn_refuse_state; - break; - case STATE_CRITICAL: /* user did not set econn_refuse_state */ + case STATE_WARNING: /* user wants WARN or OK on refusal, or... */ + case STATE_CRITICAL: /* user did not set econn_refuse_state, or wanted critical */ if (is_socket) printf("connect to file socket %s: %s\n", host_name, strerror(errno)); else printf("connect to address %s and port %d: %s\n", host_name, port, strerror(errno)); - return econn_refuse_state; + return STATE_CRITICAL; break; default: /* it's a logic error if we do not end up in STATE_(OK|WARNING|CRITICAL) */ return STATE_UNKNOWN; diff --git a/plugins/netutils.h b/plugins/netutils.h index c6fce901..2766029e 100644 --- a/plugins/netutils.h +++ b/plugins/netutils.h @@ -91,6 +91,16 @@ RETSIGTYPE socket_timeout_alarm_handler (int) __attribute__((noreturn)); /* SSL-Related functionality */ #ifdef HAVE_SSL +# define MP_SSLv2 1 +# define MP_SSLv3 2 +# define MP_TLSv1 3 +# define MP_TLSv1_1 4 +# define MP_TLSv1_2 5 +# define MP_SSLv2_OR_NEWER 6 +# define MP_SSLv3_OR_NEWER 7 +# define MP_TLSv1_OR_NEWER 8 +# define MP_TLSv1_1_OR_NEWER 9 +# define MP_TLSv1_2_OR_NEWER 10 /* maybe this could be merged with the above np_net_connect, via some flags */ int np_net_ssl_init(int sd); int np_net_ssl_init_with_hostname(int sd, char *host_name); diff --git a/plugins/sslutils.c b/plugins/sslutils.c index d0ae4741..b412ef3d 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c @@ -49,28 +49,78 @@ int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int versi int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) { SSL_METHOD *method = NULL; + long options = 0; switch (version) { - case 0: /* Deafult to auto negotiation */ - method = SSLv23_client_method(); - break; - case 1: /* TLSv1 protocol */ - method = TLSv1_client_method(); - break; - case 2: /* SSLv2 protocol */ + case MP_SSLv2: /* SSLv2 protocol */ #if defined(USE_GNUTLS) || defined(OPENSSL_NO_SSL2) - printf(("%s\n", _("CRITICAL - SSL protocol version 2 is not supported by your SSL library."))); - return STATE_CRITICAL; + printf("%s\n", _("UNKNOWN - SSL protocol version 2 is not supported by your SSL library.")); + return STATE_UNKNOWN; #else method = SSLv2_client_method(); -#endif break; - case 3: /* SSLv3 protocol */ +#endif + case MP_SSLv3: /* SSLv3 protocol */ +#if defined(OPENSSL_NO_SSL3) + printf("%s\n", _("UNKNOWN - SSL protocol version 3 is not supported by your SSL library.")); + return STATE_UNKNOWN; +#else method = SSLv3_client_method(); break; - default: /* Unsupported */ - printf("%s\n", _("CRITICAL - Unsupported SSL protocol version.")); - return STATE_CRITICAL; +#endif + case MP_TLSv1: /* TLSv1 protocol */ +#if defined(OPENSSL_NO_TLS1) + printf("%s\n", _("UNKNOWN - TLS protocol version 1 is not supported by your SSL library.")); + return STATE_UNKNOWN; +#else + method = TLSv1_client_method(); + break; +#endif + case MP_TLSv1_1: /* TLSv1.1 protocol */ +#if !defined(SSL_OP_NO_TLSv1_1) + printf("%s\n", _("UNKNOWN - TLS protocol version 1.1 is not supported by your SSL library.")); + return STATE_UNKNOWN; +#else + method = TLSv1_1_client_method(); + break; +#endif + case MP_TLSv1_2: /* TLSv1.2 protocol */ +#if !defined(SSL_OP_NO_TLSv1_2) + printf("%s\n", _("UNKNOWN - TLS protocol version 1.2 is not supported by your SSL library.")); + return STATE_UNKNOWN; +#else + method = TLSv1_2_client_method(); + break; +#endif + case MP_TLSv1_2_OR_NEWER: +#if !defined(SSL_OP_NO_TLSv1_1) + printf("%s\n", _("UNKNOWN - Disabling TLSv1.1 is not supported by your SSL library.")); + return STATE_UNKNOWN; +#else + options |= SSL_OP_NO_TLSv1_1; +#endif + /* FALLTHROUGH */ + case MP_TLSv1_1_OR_NEWER: +#if !defined(SSL_OP_NO_TLSv1) + printf("%s\n", _("UNKNOWN - Disabling TLSv1 is not supported by your SSL library.")); + return STATE_UNKNOWN; +#else + options |= SSL_OP_NO_TLSv1; +#endif + /* FALLTHROUGH */ + case MP_TLSv1_OR_NEWER: +#if defined(SSL_OP_NO_SSLv3) + options |= SSL_OP_NO_SSLv3; +#endif + /* FALLTHROUGH */ + case MP_SSLv3_OR_NEWER: +#if defined(SSL_OP_NO_SSLv2) + options |= SSL_OP_NO_SSLv2; +#endif + case MP_SSLv2_OR_NEWER: + /* FALLTHROUGH */ + default: /* Default to auto negotiation */ + method = SSLv23_client_method(); } if (!initialized) { /* Initialize SSL context */ @@ -94,8 +144,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int #endif } #ifdef SSL_OP_NO_TICKET - SSL_CTX_set_options(c, SSL_OP_NO_TICKET); + options |= SSL_OP_NO_TICKET; #endif + SSL_CTX_set_options(c, options); SSL_CTX_set_mode(c, SSL_MODE_AUTO_RETRY); if ((s = SSL_new(c)) != NULL) { #ifdef SSL_set_tlsext_host_name @@ -144,7 +195,10 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ # ifdef USE_OPENSSL X509 *certificate=NULL; X509_NAME *subj=NULL; + char timestamp[50] = ""; char cn[MAX_CN_LENGTH]= ""; + char *tz; + int cnlen =-1; int status=STATE_UNKNOWN; @@ -153,7 +207,7 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ struct tm stamp; float time_left; int days_left; - char timestamp[50] = ""; + int time_remaining; time_t tm_t; certificate=SSL_get_peer_certificate(s); @@ -207,32 +261,55 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ (tm->data[6 + offset] - '0') * 10 + (tm->data[7 + offset] - '0'); stamp.tm_min = (tm->data[8 + offset] - '0') * 10 + (tm->data[9 + offset] - '0'); - stamp.tm_sec = 0; + stamp.tm_sec = + (tm->data[10 + offset] - '0') * 10 + (tm->data[11 + offset] - '0'); stamp.tm_isdst = -1; - time_left = difftime(timegm(&stamp), time(NULL)); + tm_t = timegm(&stamp); + time_left = difftime(tm_t, time(NULL)); days_left = time_left / 86400; - tm_t = mktime (&stamp); - strftime(timestamp, 50, "%c", localtime(&tm_t)); + tz = getenv("TZ"); + setenv("TZ", "GMT", 1); + tzset(); + strftime(timestamp, 50, "%c %z", localtime(&tm_t)); + if (tz) + setenv("TZ", tz, 1); + else + unsetenv("TZ"); + tzset(); if (days_left > 0 && days_left <= days_till_exp_warn) { printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); if (days_left > days_till_exp_crit) - return STATE_WARNING; + status = STATE_WARNING; else - return STATE_CRITICAL; + status = STATE_CRITICAL; + } else if (days_left == 0 && time_left > 0) { + if (time_left >= 3600) + time_remaining = (int) time_left / 3600; + else + time_remaining = (int) time_left / 60; + + printf (_("%s - Certificate '%s' expires in %u %s (%s)\n"), + (days_left>days_till_exp_crit) ? "WARNING" : "CRITICAL", cn, time_remaining, + time_left >= 3600 ? "hours" : "minutes", timestamp); + + if ( days_left > days_till_exp_crit) + status = STATE_WARNING; + else + status = STATE_CRITICAL; } else if (time_left < 0) { printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); status=STATE_CRITICAL; } else if (days_left == 0) { - printf (_("%s - Certificate '%s' expires today (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp); + printf (_("%s - Certificate '%s' just expired (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp); if (days_left > days_till_exp_crit) - return STATE_WARNING; + status = STATE_WARNING; else - return STATE_CRITICAL; + status = STATE_CRITICAL; } else { printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); - status=STATE_OK; + status = STATE_OK; } X509_free(certificate); return status; diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis index 4ebfb90e..fe8aabdb 100644 --- a/plugins/t/NPTest.cache.travis +++ b/plugins/t/NPTest.cache.travis @@ -17,13 +17,15 @@ 'NP_HOST_HPJD_PORT_INVALID' => '161', 'NP_HOST_HPJD_PORT_VALID' => '', 'NP_HOST_TCP_HTTP' => 'localhost', - 'NP_HOST_TCP_HTTP2' => 'labs.consol.de', + 'NP_HOST_TCP_HTTP2' => 'test.monitoring-plugins.org', 'NP_HOST_TCP_IMAP' => 'imap.web.de', + 'NP_HOST_TCP_LDAP' => 'localhost', 'NP_HOST_TCP_POP' => 'pop.web.de', 'NP_HOST_TCP_SMTP' => 'localhost', 'NP_HOST_TCP_SMTP_NOTLS' => '', 'NP_HOST_TCP_SMTP_TLS' => '', 'NP_INTERNET_ACCESS' => 'yes', + 'NP_LDAP_BASE_DN' => 'cn=admin,dc=nodomain', 'NP_MOUNTPOINT2_VALID' => '', 'NP_MOUNTPOINT_VALID' => '/', 'NP_MYSQL_SERVER' => 'localhost', diff --git a/plugins/t/check_http.t b/plugins/t/check_http.t index 2539a289..f514ca6f 100644 --- a/plugins/t/check_http.t +++ b/plugins/t/check_http.t @@ -6,9 +6,10 @@ use strict; use Test::More; +use POSIX qw/mktime strftime/; use NPTest; -plan tests => 30; +plan tests => 42; my $successOutput = '/OK.*HTTP.*second/'; @@ -34,6 +35,8 @@ my $host_tcp_http2 = getTestParameter( "NP_HOST_TCP_HTTP2", "A host providing an index page containing the string 'monitoring'", "test.monitoring-plugins.org" ); +my $faketime = -x '/usr/bin/faketime' ? 1 : 0; + $res = NPTest->testCmd( "./check_http $host_tcp_http -wt 300 -ct 600" @@ -47,10 +50,10 @@ $res = NPTest->testCmd( like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" ); $res = NPTest->testCmd( - "./check_http $host_nonresponsive -wt 1 -ct 2" + "./check_http $host_nonresponsive -wt 1 -ct 2 -t 3" ); cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" ); -cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 10 seconds", "Output OK"); +cmp_ok( $res->output, 'eq', "CRITICAL - Socket timeout after 3 seconds", "Output OK"); $res = NPTest->testCmd( "./check_http $hostname_invalid -wt 1 -ct 2" @@ -112,12 +115,46 @@ SKIP: { $res = NPTest->testCmd( "./check_http www.verisign.com -C 1" ); cmp_ok( $res->output, 'eq', $saved_cert_output, "Old syntax for cert checking still works"); + # run some certificate checks with faketime + SKIP: { + skip "No faketime binary found", 12 if !$faketime; + $res = NPTest->testCmd("LC_TIME=C TZ=UTC ./check_http -C 1 www.verisign.com"); + like($res->output, qr/OK - Certificate 'www.verisign.com' will expire on/, "Catch cert output"); + is( $res->return_code, 0, "Catch cert output exit code" ); + my($mon,$day,$hour,$min,$sec,$year) = ($res->output =~ /(\w+)\s+(\d+)\s+(\d+):(\d+):(\d+)\s+(\d+)/); + if(!defined $year) { + die("parsing date failed from: ".$res->output); + } + my $months = {'Jan' => 0, 'Feb' => 1, 'Mar' => 2, 'Apr' => 3, 'May' => 4, 'Jun' => 5, 'Jul' => 6, 'Aug' => 7, 'Sep' => 8, 'Oct' => 9, 'Nov' => 10, 'Dec' => 11}; + my $ts = mktime($sec, $min, $hour, $day, $months->{$mon}, $year-1900); + my $time = strftime("%Y-%m-%d %H:%M:%S", localtime($ts)); + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts))."' ./check_http -C 1 www.verisign.com"); + like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' just expired/, "Output on expire date"); + is( $res->return_code, 2, "Output on expire date" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-1))."' ./check_http -C 1 www.verisign.com"); + like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 0 minutes/, "cert expires in 1 second output"); + is( $res->return_code, 2, "cert expires in 1 second exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-120))."' ./check_http -C 1 www.verisign.com"); + like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 minutes/, "cert expires in 2 minutes output"); + is( $res->return_code, 2, "cert expires in 2 minutes exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts-7200))."' ./check_http -C 1 www.verisign.com"); + like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expires in 2 hours/, "cert expires in 2 hours output"); + is( $res->return_code, 2, "cert expires in 2 hours exit code" ); + + $res = NPTest->testCmd("LC_TIME=C TZ=UTC faketime -f '".strftime("%Y-%m-%d %H:%M:%S", localtime($ts+1))."' ./check_http -C 1 www.verisign.com"); + like($res->output, qr/CRITICAL - Certificate 'www.verisign.com' expired on/, "Certificate expired output"); + is( $res->return_code, 2, "Certificate expired exit code" ); + }; + $res = NPTest->testCmd( "./check_http --ssl www.verisign.com -E" ); like ( $res->output, '/time_connect=[\d\.]+/', 'Extended Performance Data Output OK' ); like ( $res->output, '/time_ssl=[\d\.]+/', 'Extended Performance Data SSL Output OK' ); $res = NPTest->testCmd( - "./check_http --ssl www.e-paycobalt.com" + "./check_http --ssl -H www.e-paycobalt.com" ); cmp_ok( $res->return_code, "==", 0, "Can read https for www.e-paycobalt.com (uses AES certificate)" ); diff --git a/plugins/t/check_ldap.t b/plugins/t/check_ldap.t new file mode 100644 index 00000000..b8944d4b --- /dev/null +++ b/plugins/t/check_ldap.t @@ -0,0 +1,80 @@ +#!/usr/bin/env perl -I .. +# +# Lightweight Directory Access Protocol (LDAP) Test via check_ldap +# +# + +use strict; +use warnings; +use Test::More; +use NPTest; + +my $host_tcp_ldap = getTestParameter("NP_HOST_TCP_LDAP", + "A host providing the LDAP Service", + "localhost" ); + +my $ldap_base_dn = getTestParameter("NP_LDAP_BASE_DN", + "A base dn for the LDAP Service", + "cn=admin" ); + +my $host_nonresponsive = getTestParameter("host_nonresponsive", "NP_HOST_NONRESPONSIVE", "10.0.0.1", + "The hostname of system not responsive to network requests" ); + +my $hostname_invalid = getTestParameter("hostname_invalid", "NP_HOSTNAME_INVALID", "nosuchhost", + "An invalid (not known to DNS) hostname" ); + +my($result, $cmd); +my $command = './check_ldap'; + +plan tests => 16; + +SKIP: { + skip "NP_HOST_NONRESPONSIVE not set", 2 if ! $host_nonresponsive; + + $result = NPTest->testCmd("$command -H $host_nonresponsive -b ou=blah -t 2 -w 1 -c 1"); + is( $result->return_code, 2, "$command -H $host_nonresponsive -b ou=blah -t 5 -w 2 -c 3" ); + is( $result->output, 'CRITICAL - Socket timeout after 2 seconds', "output ok" ); +}; + +SKIP: { + skip "NP_HOSTNAME_INVALID not set", 2 if ! $hostname_invalid; + + $result = NPTest->testCmd("$command -H $hostname_invalid -b ou=blah -t 5"); + is( $result->return_code, 2, "$command -H $hostname_invalid -b ou=blah -t 5" ); + is( $result->output, 'Could not bind to the LDAP server', "output ok" ); +}; + +SKIP: { + skip "NP_HOST_TCP_LDAP not set", 12 if ! $host_tcp_ldap; + skip "NP_LDAP_BASE_DN not set", 12 if ! $ldap_base_dn; + + $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3"; + $result = NPTest->testCmd($cmd); + is( $result->return_code, 0, $cmd ); + like( $result->output, '/^LDAP OK - \d+.\d+ seconds response time\|time=\d+\.\d+s;2\.0+;3\.0+;0\.0+$/', "output ok" ); + + $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000 -C 10000001"; + $result = NPTest->testCmd($cmd); + is( $result->return_code, 0, $cmd ); + like( $result->output, '/^LDAP OK - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000;10000001;0\.0+$/', "output ok" ); + + $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000: -C 10000001:"; + $result = NPTest->testCmd($cmd); + is( $result->return_code, 2, $cmd ); + like( $result->output, '/^LDAP CRITICAL - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000:;10000001:;0\.0+$/', "output ok" ); + + $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 0 -C 0"; + $result = NPTest->testCmd($cmd); + is( $result->return_code, 2, $cmd ); + like( $result->output, '/^LDAP CRITICAL - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;0;0;0\.0+$/', "output ok" ); + + $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -W 10000000: -C 10000001"; + $result = NPTest->testCmd($cmd); + is( $result->return_code, 1, $cmd ); + like( $result->output, '/^LDAP WARNING - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;10000000:;10000001;0\.0+$/', "output ok" ); + + $cmd = "$command -H $host_tcp_ldap -b $ldap_base_dn -t 5 -w 2 -c 3 -3 -C 10000001"; + $result = NPTest->testCmd($cmd); + is( $result->return_code, 0, $cmd ); + like( $result->output, '/^LDAP OK - found \d+ entries in \d+\.\d+ seconds\|time=\d\.\d+s;2\.0+;3\.0+;0\.0+ entries=\d+\.0+;;10000001;0\.0+$/', "output ok" ); +}; diff --git a/plugins/t/check_snmp.t b/plugins/t/check_snmp.t index 2d6c44a7..aefd872a 100644 --- a/plugins/t/check_snmp.t +++ b/plugins/t/check_snmp.t @@ -166,8 +166,8 @@ SKIP: { SKIP: { skip "no non responsive host defined", 2 if ( ! $host_nonresponsive ); $res = NPTest->testCmd( "./check_snmp -H $host_nonresponsive -C np_foobar -o system.sysUpTime.0 -w 1: -c 1:"); - cmp_ok( $res->return_code, '==', 3, "Exit UNKNOWN with non responsive host" ); - like($res->output, '/External command error: Timeout: No Response from /', "String matches timeout problem"); + cmp_ok( $res->return_code, '==', 2, "Exit CRITICAL with non responsive host" ); + like($res->output, '/Plugin timed out while executing system call/', "String matches timeout problem"); } SKIP: { diff --git a/plugins/t/check_users.t b/plugins/t/check_users.t index 39044bb5..088f3b52 100644 --- a/plugins/t/check_users.t +++ b/plugins/t/check_users.t @@ -13,7 +13,7 @@ use Test; use NPTest; use vars qw($tests); -BEGIN {$tests = 4; plan tests => $tests} +BEGIN {$tests = 8; plan tests => $tests} my $successOutput = '/^USERS OK - [0-9]+ users currently logged in/'; my $failureOutput = '/^USERS CRITICAL - [0-9]+ users currently logged in/'; @@ -22,6 +22,8 @@ my $t; $t += checkCmd( "./check_users 1000 1000", 0, $successOutput ); $t += checkCmd( "./check_users 0 0", 2, $failureOutput ); +$t += checkCmd( "./check_users -w 0:1000 -c 0:1000", 0, $successOutput ); +$t += checkCmd( "./check_users -w 0:0 -c 0:0", 2, $failureOutput ); exit(0) if defined($Test::Harness::VERSION); exit($tests - $t); diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index d93a0ecf..5984d489 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t @@ -186,21 +186,21 @@ SKIP: { $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); - is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:00 2019.', "output ok" ); + is( $result->output, 'OK - Certificate \'Ton Voon\' will expire on Sun Mar 3 21:41:28 2019 +0000.', "output ok" ); $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); - like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:00 2019\)./', "output ok" ); + like( $result->output, '/WARNING - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" ); # Expired cert tests $result = NPTest->testCmd( "$command -p $port_https -S -C 13960,14000" ); is( $result->return_code, 2, "$command -p $port_https -S -C 13960,14000" ); - like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:00 2019\)./', "output ok" ); + like( $result->output, '/CRITICAL - Certificate \'Ton Voon\' expires in \d+ day\(s\) \(Sun Mar 3 21:41:28 2019 \+0000\)./', "output ok" ); $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); is( $result->output, - 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:00 2009.', + 'CRITICAL - Certificate \'Ton Voon\' expired on Thu Mar 5 00:13:16 2009 +0000.', "output ok" ); } diff --git a/plugins/tests/check_snmp.t b/plugins/tests/check_snmp.t index 2fd033d2..73a68b20 100755 --- a/plugins/tests/check_snmp.t +++ b/plugins/tests/check_snmp.t @@ -128,7 +128,7 @@ sleep 1; $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); is($res->return_code, 1, "WARNING - due to going above rate calculation" ); -is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666 "); +is($res->output, "SNMP RATE WARNING - *666* | iso.3.6.1.4.1.8072.3.2.67.10=666;600 "); $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.10 --rate -w 600" ); is($res->return_code, 3, "UNKNOWN - basically the divide by zero error" ); @@ -209,7 +209,7 @@ is($res->output, 'SNMP OK - "stringtests" | ', "OK as inverted string no match" $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.12 -w 4:5" ); is($res->return_code, 1, "Numeric in string test" ); -is($res->output, 'SNMP WARNING - *3.5* | iso.3.6.1.4.1.8072.3.2.67.12=3.5 ', "WARNING threshold checks for string masquerading as number" ); +is($res->output, 'SNMP WARNING - *3.5* | iso.3.6.1.4.1.8072.3.2.67.12=3.5;4:5 ', "WARNING threshold checks for string masquerading as number" ); $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.13" ); is($res->return_code, 0, "Not really numeric test" ); @@ -225,29 +225,29 @@ is($res->output, 'SNMP OK - "CUSTOM CHECK OK: foo is 12345" | ', "String check w $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); is($res->return_code, 0, "Negative integer check OK" ); -is($res->output, 'SNMP OK - -2 | iso.3.6.1.4.1.8072.3.2.67.16=-2 ', "Negative integer check OK output" ); +is($res->output, 'SNMP OK - -2 | iso.3.6.1.4.1.8072.3.2.67.16=-2;-2:;-3: ', "Negative integer check OK output" ); $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); is($res->return_code, 1, "Negative integer check WARNING" ); -is($res->output, 'SNMP WARNING - *-3* | iso.3.6.1.4.1.8072.3.2.67.16=-3 ', "Negative integer check WARNING output" ); +is($res->output, 'SNMP WARNING - *-3* | iso.3.6.1.4.1.8072.3.2.67.16=-3;-2:;-3: ', "Negative integer check WARNING output" ); $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.16 -w -2: -c -3:" ); is($res->return_code, 2, "Negative integer check CRITICAL" ); -is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.16=-4 ', "Negative integer check CRITICAL output" ); +is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.16=-4;-2:;-3: ', "Negative integer check CRITICAL output" ); $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -3: -c -6:" ); is($res->return_code, 1, "Negative integer as string, WARNING" ); -is($res->output, 'SNMP WARNING - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4 ', "Negative integer as string, WARNING output" ); +is($res->output, 'SNMP WARNING - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4;-3:;-6: ', "Negative integer as string, WARNING output" ); $res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.17 -w -2: -c -3:" ); is($res->return_code, 2, "Negative integer as string, CRITICAL" ); -is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4 ', "Negative integer as string, CRITICAL output" ); +is($res->output, 'SNMP CRITICAL - *-4* | iso.3.6.1.4.1.8072.3.2.67.17=-4;-2:;-3: ', "Negative integer as string, CRITICAL output" ); -$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -c ~:-6.5" ); +$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -c '~:-6.5'" ); is($res->return_code, 0, "Negative float OK" ); -is($res->output, 'SNMP OK - -6.6 | iso.3.6.1.4.1.8072.3.2.67.18=-6.6 ', "Negative float OK output" ); +is($res->output, 'SNMP OK - -6.6 | iso.3.6.1.4.1.8072.3.2.67.18=-6.6;;~:-6.5 ', "Negative float OK output" ); -$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -w ~:-6.65 -c ~:-6.55" ); +$res = NPTest->testCmd( "./check_snmp -H 127.0.0.1 -C public -p $port_snmp -o .1.3.6.1.4.1.8072.3.2.67.18 -w '~:-6.65' -c '~:-6.55'" ); is($res->return_code, 1, "Negative float WARNING" ); -is($res->output, 'SNMP WARNING - *-6.6* | iso.3.6.1.4.1.8072.3.2.67.18=-6.6 ', "Negative float WARNING output" ); +is($res->output, 'SNMP WARNING - *-6.6* | iso.3.6.1.4.1.8072.3.2.67.18=-6.6;~:-6.65;~:-6.55 ', "Negative float WARNING output" ); diff --git a/plugins/utils.c b/plugins/utils.c index 58b153d8..231af92b 100644 --- a/plugins/utils.c +++ b/plugins/utils.c @@ -144,8 +144,6 @@ usage5 (void) void print_revision (const char *command_name, const char *revision) { - char plugin_revision[STRLEN]; - printf ("%s v%s (%s %s)\n", command_name, revision, PACKAGE, VERSION); } @@ -630,3 +628,84 @@ char *fperfdata (const char *label, return data; } + +char *sperfdata (const char *label, + double val, + const char *uom, + char *warn, + char *crit, + int minp, + double minv, + int maxp, + double maxv) +{ + char *data = NULL; + if (strpbrk (label, "'= ")) + xasprintf (&data, "'%s'=", label); + else + xasprintf (&data, "%s=", label); + + xasprintf (&data, "%s%f", data, val); + xasprintf (&data, "%s%s;", data, uom); + + if (warn!=NULL) + xasprintf (&data, "%s%s", data, warn); + + xasprintf (&data, "%s;", data); + + if (crit!=NULL) + xasprintf (&data, "%s%s", data, crit); + + xasprintf (&data, "%s;", data); + + if (minp) + xasprintf (&data, "%s%f", data, minv); + + if (maxp) { + xasprintf (&data, "%s;", data); + xasprintf (&data, "%s%f", data, maxv); + } + + return data; +} + +char *sperfdata_int (const char *label, + int val, + const char *uom, + char *warn, + char *crit, + int minp, + int minv, + int maxp, + int maxv) +{ + char *data = NULL; + if (strpbrk (label, "'= ")) + xasprintf (&data, "'%s'=", label); + else + xasprintf (&data, "%s=", label); + + xasprintf (&data, "%s%d", data, val); + xasprintf (&data, "%s%s;", data, uom); + + if (warn!=NULL) + xasprintf (&data, "%s%s", data, warn); + + xasprintf (&data, "%s;", data); + + if (crit!=NULL) + xasprintf (&data, "%s%s", data, crit); + + xasprintf (&data, "%s;", data); + + if (minp) + xasprintf (&data, "%s%d", data, minv); + + if (maxp) { + xasprintf (&data, "%s;", data); + xasprintf (&data, "%s%d", data, maxv); + } + + return data; +} + diff --git a/plugins/utils.h b/plugins/utils.h index 4c4aaccc..a436e1ca 100644 --- a/plugins/utils.h +++ b/plugins/utils.h @@ -94,29 +94,17 @@ const char *state_text (int); #define max(a,b) (((a)>(b))?(a):(b)) #define min(a,b) (((a)<(b))?(a):(b)) -char *perfdata (const char *, - long int, - const char *, - int, - long int, - int, - long int, - int, - long int, - int, - long int); - -char *fperfdata (const char *, - double, - const char *, - int, - double, - int, - double, - int, - double, - int, - double); +char *perfdata (const char *, long int, const char *, int, long int, + int, long int, int, long int, int, long int); + +char *fperfdata (const char *, double, const char *, int, double, + int, double, int, double, int, double); + +char *sperfdata (const char *, double, const char *, char *, char *, + int, double, int, double); + +char *sperfdata_int (const char *, int, const char *, char *, char *, + int, int, int, int); /* The idea here is that, although not every plugin will use all of these, most will or should. Therefore, for consistency, these very common |