aboutsummaryrefslogtreecommitdiff
path: root/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'plugins')
-rw-r--r--plugins/check_curl.c39
1 files changed, 31 insertions, 8 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index 2d69b310..8f274c26 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -296,6 +296,28 @@ CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm)
#endif /* USE_OPENSSL */
#endif /* HAVE_SSL */
+/* returns a string "HTTP/1.x" or "HTTP/2" */
+static char *string_statuscode (int major, int minor)
+{
+ static char buf[10];
+
+ switch (major) {
+ case 1:
+ snprintf (buf, sizeof (buf), "HTTP/%d.%d", major, minor);
+ break;
+ case 2:
+ case 3:
+ snprintf (buf, sizeof (buf), "HTTP/%d", major);
+ break;
+ default:
+ /* assuming here HTTP/N with N>=4 */
+ snprintf (buf, sizeof (buf), "HTTP/%d", major);
+ break;
+ }
+
+ return buf;
+}
+
/* Checks if the server 'reply' is one of the expected 'statuscodes' */
static int
expected_statuscode (const char *reply, const char *statuscodes)
@@ -746,7 +768,8 @@ GOT_FIRST_CERT:
if (curlhelp_parse_statusline (header_buf.buf, &status_line) < 0) {
snprintf (msg, DEFAULT_BUFFER_SIZE, "Unparsable status line in %.3g seconds response time|%s\n",
total_time, perfstring);
- die (STATE_CRITICAL, "HTTP CRITICAL HTTP/1.x %ld unknown - %s", code, msg);
+ /* we cannot know the major/minor version here for sure as we cannot parse the first line */
+ die (STATE_CRITICAL, "HTTP CRITICAL HTTP/x.x %ld unknown - %s", code, msg);
}
/* get result code from cURL */
@@ -823,8 +846,8 @@ GOT_FIRST_CERT:
/* check status codes, set exit status accordingly */
if( status_line.http_code != code ) {
- die (STATE_CRITICAL, _("HTTP CRITICAL HTTP/%d.%d %d %s - different HTTP codes (cUrl has %ld)\n"),
- status_line.http_major, status_line.http_minor,
+ die (STATE_CRITICAL, _("HTTP CRITICAL %s %d %s - different HTTP codes (cUrl has %ld)\n"),
+ string_statuscode (status_line.http_major, status_line.http_minor),
status_line.http_code, status_line.msg, code);
}
@@ -895,8 +918,8 @@ GOT_FIRST_CERT:
msg[strlen(msg)-3] = '\0';
/* TODO: separate _() msg and status code: die (result, "HTTP %s: %s\n", state_text(result), msg); */
- die (result, "HTTP %s: HTTP/%d.%d %d %s%s%s - %d bytes in %.3f second response time %s|%s\n",
- state_text(result), status_line.http_major, status_line.http_minor,
+ die (result, "HTTP %s: %s %d %s%s%s - %d bytes in %.3f second response time %s|%s\n",
+ state_text(result), string_statuscode (status_line.http_major, status_line.http_minor),
status_line.http_code, status_line.msg,
strlen(msg) > 0 ? " - " : "",
msg, page_len, total_time,
@@ -1041,7 +1064,7 @@ redir (curlhelp_write_curlbuf* header_buf)
const UriPathSegmentA* p = uri.pathHead;
for (; p; p = p->next) {
strncat (new_url, "/", DEFAULT_BUFFER_SIZE);
- strncat (new_url, uri_string (p->text, buf, DEFAULT_BUFFER_SIZE), DEFAULT_BUFFER_SIZE);
+ strncat (new_url, uri_string (p->text, buf, DEFAULT_BUFFER_SIZE), DEFAULT_BUFFER_SIZE-1);
}
}
@@ -1354,7 +1377,7 @@ process_arguments (int argc, char **argv)
ssl_version = CURL_SSLVERSION_DEFAULT;
#endif /* LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 52, 0) */
else
- usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)"));
+ usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2, 1.3 (with optional '+' suffix)"));
}
#if LIBCURL_VERSION_NUM >= MAKE_LIBCURL_VERSION(7, 54, 0)
if (got_plus) {
@@ -1659,7 +1682,7 @@ print_help (void)
printf (" %s\n", "-S, --ssl=VERSION[+]");
printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents"));
printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
- printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted."));
+ printf (" %s\n", _("1.2 = TLSv1.2, 1.3 = TLSv1.3). With a '+' suffix, newer versions are also accepted."));
printf (" %s\n", _("Note: SSLv2 and SSLv3 are deprecated and are usually disabled in libcurl"));
printf (" %s\n", "--sni");
printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));