Adding d/p/11_check_curl_raise_ssl_issue from upstream
https://patch-diff.githubusercontent.com/raw/monitoring-plugins/monitoring-plugins/pull/2011.patch
This commit is contained in:
parent
672d37c1af
commit
15760add88
2 changed files with 88 additions and 0 deletions
87
debian/patches/11_check_curl_raise_ssl_issue
vendored
Normal file
87
debian/patches/11_check_curl_raise_ssl_issue
vendored
Normal file
|
|
@ -0,0 +1,87 @@
|
||||||
|
From ca40cf81fb94cf57a82df938ed2aa2843691be3a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Yannick Martin <yannick.martin@ovhcloud.com>
|
||||||
|
Date: Fri, 9 Aug 2024 12:14:28 +0200
|
||||||
|
Subject: [PATCH] check_curl: raise SSL issue when --continue-after-certificate
|
||||||
|
is used
|
||||||
|
|
||||||
|
This change aims to raise the worst status between the SSL check and the HTTP check.
|
||||||
|
|
||||||
|
before:
|
||||||
|
check_curl -H www.google.fr -S --continue-after-certificate --certificate 4000,4000 ; echo $?
|
||||||
|
CRITICAL - Certificate '*.google.fr' expires in 74 day(s) (Tue 22 Oct 2024 12:53:52 PM GMT +0000).
|
||||||
|
HTTP OK: HTTP/2 200 - 22807 bytes in 0.076 second response time |time=0.075516s;;;0.000000;10.000000 size=22807B;;;0;
|
||||||
|
0
|
||||||
|
|
||||||
|
after:
|
||||||
|
/usr/lib/nagios/ovh/check_curl -H www.google.fr -S --continue-after-certificate --certificate 4000,4000 ; echo $?
|
||||||
|
CRITICAL - Certificate '*.google.fr' expires in 74 day(s) (Tue 22 Oct 2024 12:53:52 PM GMT +0000).
|
||||||
|
HTTP OK: HTTP/2 200 - 22840 bytes in 0.090 second response time |time=0.090463s;;;0.000000;10.000000 size=22840B;;;0;
|
||||||
|
2
|
||||||
|
---
|
||||||
|
plugins/check_curl.c | 17 +++++++++--------
|
||||||
|
1 file changed, 9 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
|
||||||
|
index 01e2770e3..4522e6c9f 100644
|
||||||
|
--- a/plugins/check_curl.c
|
||||||
|
+++ b/plugins/check_curl.c
|
||||||
|
@@ -468,6 +468,7 @@ int
|
||||||
|
check_http (void)
|
||||||
|
{
|
||||||
|
int result = STATE_OK;
|
||||||
|
+ int result_ssl = STATE_OK;
|
||||||
|
int page_len = 0;
|
||||||
|
int i;
|
||||||
|
char *force_host_header = NULL;
|
||||||
|
@@ -852,9 +853,9 @@ check_http (void)
|
||||||
|
/* check certificate with OpenSSL functions, curl has been built against OpenSSL
|
||||||
|
* and we actually have OpenSSL in the monitoring tools
|
||||||
|
*/
|
||||||
|
- result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit);
|
||||||
|
+ result_ssl = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit);
|
||||||
|
if (!continue_after_check_cert) {
|
||||||
|
- return result;
|
||||||
|
+ return result_ssl;
|
||||||
|
}
|
||||||
|
#else /* USE_OPENSSL */
|
||||||
|
die (STATE_CRITICAL, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL callback used and not linked against OpenSSL\n");
|
||||||
|
@@ -898,17 +899,17 @@ check_http (void)
|
||||||
|
die (STATE_CRITICAL, "HTTP CRITICAL - %s\n", msg);
|
||||||
|
}
|
||||||
|
BIO_free (cert_BIO);
|
||||||
|
- result = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit);
|
||||||
|
+ result_ssl = np_net_ssl_check_certificate(cert, days_till_exp_warn, days_till_exp_crit);
|
||||||
|
if (!continue_after_check_cert) {
|
||||||
|
- return result;
|
||||||
|
+ return result_ssl;
|
||||||
|
}
|
||||||
|
#else /* USE_OPENSSL */
|
||||||
|
/* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our disposal,
|
||||||
|
* so we use the libcurl CURLINFO data
|
||||||
|
*/
|
||||||
|
- result = net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn, days_till_exp_crit);
|
||||||
|
+ result_ssl = net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn, days_till_exp_crit);
|
||||||
|
if (!continue_after_check_cert) {
|
||||||
|
- return result;
|
||||||
|
+ return result_ssl;
|
||||||
|
}
|
||||||
|
#endif /* USE_OPENSSL */
|
||||||
|
} else {
|
||||||
|
@@ -1176,7 +1177,7 @@ check_http (void)
|
||||||
|
}
|
||||||
|
|
||||||
|
/* TODO: separate _() msg and status code: die (result, "HTTP %s: %s\n", state_text(result), msg); */
|
||||||
|
- die (result, "HTTP %s: %s %d %s%s%s - %d bytes in %.3f second response time %s|%s\n%s%s",
|
||||||
|
+ die (max_state_alt(result, result_ssl), "HTTP %s: %s %d %s%s%s - %d bytes in %.3f second response time %s|%s\n%s%s",
|
||||||
|
state_text(result), string_statuscode (status_line.http_major, status_line.http_minor),
|
||||||
|
status_line.http_code, status_line.msg,
|
||||||
|
strlen(msg) > 0 ? " - " : "",
|
||||||
|
@@ -1186,7 +1187,7 @@ check_http (void)
|
||||||
|
(show_body ? body_buf.buf : ""),
|
||||||
|
(show_body ? "\n" : "") );
|
||||||
|
|
||||||
|
- return result;
|
||||||
|
+ return max_state_alt(result, result_ssl);
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
1
debian/patches/series
vendored
1
debian/patches/series
vendored
|
|
@ -2,4 +2,5 @@
|
||||||
03_epn
|
03_epn
|
||||||
# commited upstream
|
# commited upstream
|
||||||
10_check_curl_fix_redirects
|
10_check_curl_fix_redirects
|
||||||
|
11_check_curl_raise_ssl_issue
|
||||||
# feature patches
|
# feature patches
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue