diff --git a/debian/patches/23_check_http_chunked_encoding b/debian/patches/23_check_http_chunked_encoding
new file mode 100644
index 0000000..8606277
--- /dev/null
+++ b/debian/patches/23_check_http_chunked_encoding
@@ -0,0 +1,5976 @@
+From 1fb23c6e78c9fd1e5fdce6a9c310165801de1cec Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Sun, 13 Nov 2022 14:47:29 +0100
+Subject: [PATCH 01/16] Use real booleans instead of ints
+
+---
+ plugins/check_http.c | 111 +++++++++++++++++++++----------------------
+ 1 file changed, 55 insertions(+), 56 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 1835a2d09..b1effd8d9 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -57,8 +57,8 @@ enum {
+ };
+
+ #ifdef HAVE_SSL
+-int check_cert = FALSE;
+-int continue_after_check_cert = FALSE;
++bool check_cert = false;
++bool continue_after_check_cert = false;
+ int ssl_version = 0;
+ int days_till_exp_warn, days_till_exp_crit;
+ char *randbuff;
+@@ -69,7 +69,7 @@ X509 *server_cert;
+ # define my_recv(buf, len) read(sd, buf, len)
+ # define my_send(buf, len) send(sd, buf, len, 0)
+ #endif /* HAVE_SSL */
+-int no_body = FALSE;
++bool no_body = false;
+ int maximum_age = -1;
+
+ enum {
+@@ -91,7 +91,7 @@ struct timeval tv_temp;
+ #define HTTP_URL "/"
+ #define CRLF "\r\n"
+
+-int specify_port = FALSE;
++bool specify_port = false;
+ int server_port = HTTP_PORT;
+ int virtual_port = 0;
+ char server_port_text[6] = "";
+@@ -113,16 +113,16 @@ char *critical_thresholds = NULL;
+ thresholds *thlds;
+ char user_auth[MAX_INPUT_BUFFER] = "";
+ char proxy_auth[MAX_INPUT_BUFFER] = "";
+-int display_html = FALSE;
++bool display_html = false;
+ char **http_opt_headers;
+ int http_opt_headers_count = 0;
+ int onredirect = STATE_OK;
+ int followsticky = STICKY_NONE;
+-int use_ssl = FALSE;
+-int use_sni = FALSE;
+-int verbose = FALSE;
+-int show_extended_perfdata = FALSE;
+-int show_body = FALSE;
++bool use_ssl = false;
++bool use_sni = false;
++bool verbose = false;
++bool show_extended_perfdata = false;
++bool show_body = false;
+ int sd;
+ int min_page_len = 0;
+ int max_page_len = 0;
+@@ -136,10 +136,10 @@ char buffer[MAX_INPUT_BUFFER];
+ char *client_cert = NULL;
+ char *client_privkey = NULL;
+
+-int process_arguments (int, char **);
++bool process_arguments (int, char **);
+ int check_http (void);
+ void redir (char *pos, char *status_line);
+-int server_type_check(const char *type);
++bool server_type_check(const char *type);
+ int server_port_check(int ssl_flag);
+ char *perfd_time (double microsec);
+ char *perfd_time_connect (double microsec);
+@@ -169,10 +169,10 @@ main (int argc, char **argv)
+ /* Parse extra opts if any */
+ argv=np_extra_opts (&argc, argv, progname);
+
+- if (process_arguments (argc, argv) == ERROR)
++ if (process_arguments (argc, argv) == false)
+ usage4 (_("Could not parse arguments"));
+
+- if (display_html == TRUE)
++ if (display_html == true)
+ printf ("",
+ use_ssl ? "https" : "http", host_name ? host_name : server_address,
+ server_port, server_url);
+@@ -196,8 +196,7 @@ test_file (char *path)
+ }
+
+ /* process command-line arguments */
+-int
+-process_arguments (int argc, char **argv)
++bool process_arguments (int argc, char **argv)
+ {
+ int c = 1;
+ char *p;
+@@ -252,7 +251,7 @@ process_arguments (int argc, char **argv)
+ };
+
+ if (argc < 2)
+- return ERROR;
++ return false;
+
+ for (c = 1; c < argc; c++) {
+ if (strcmp ("-to", argv[c]) == 0)
+@@ -308,10 +307,10 @@ process_arguments (int argc, char **argv)
+ /* xasprintf (&http_opt_headers, "%s", optarg); */
+ break;
+ case 'L': /* show html link */
+- display_html = TRUE;
++ display_html = true;
+ break;
+ case 'n': /* do not show html link */
+- display_html = FALSE;
++ display_html = false;
+ break;
+ case 'C': /* Check SSL cert validity */
+ #ifdef HAVE_SSL
+@@ -332,12 +331,12 @@ process_arguments (int argc, char **argv)
+ usage2 (_("Invalid certificate expiration period"), optarg);
+ days_till_exp_warn = atoi (optarg);
+ }
+- check_cert = TRUE;
++ check_cert = true;
+ goto enable_ssl;
+ #endif
+ case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */
+ #ifdef HAVE_SSL
+- continue_after_check_cert = TRUE;
++ continue_after_check_cert = true;
+ break;
+ #endif
+ case 'J': /* use client certificate */
+@@ -357,7 +356,7 @@ process_arguments (int argc, char **argv)
+ enable_ssl:
+ /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple
+ parameters, like -S and -C combinations */
+- use_ssl = TRUE;
++ use_ssl = true;
+ if (c=='S' && optarg != NULL) {
+ int got_plus = strchr(optarg, '+') != NULL;
+
+@@ -374,7 +373,7 @@ process_arguments (int argc, char **argv)
+ else
+ usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)"));
+ }
+- if (specify_port == FALSE)
++ if (specify_port == false)
+ server_port = HTTPS_PORT;
+ #else
+ /* -C -J and -K fall through to here without SSL */
+@@ -382,7 +381,7 @@ process_arguments (int argc, char **argv)
+ #endif
+ break;
+ case SNI_OPTION:
+- use_sni = TRUE;
++ use_sni = true;
+ break;
+ case MAX_REDIRS_OPTION:
+ if (!is_intnonneg (optarg))
+@@ -420,7 +419,7 @@ process_arguments (int argc, char **argv)
+ host_name_length = strlen (host_name) - strlen (p) - 1;
+ free (host_name);
+ host_name = strndup (optarg, host_name_length);
+- if (specify_port == FALSE)
++ if (specify_port == false)
+ server_port = virtual_port;
+ }
+ } else if ((p = strchr (host_name, ':')) != NULL
+@@ -430,7 +429,7 @@ process_arguments (int argc, char **argv)
+ host_name_length = strlen (host_name) - strlen (p) - 1;
+ free (host_name);
+ host_name = strndup (optarg, host_name_length);
+- if (specify_port == FALSE)
++ if (specify_port == false)
+ server_port = virtual_port;
+ }
+ break;
+@@ -446,7 +445,7 @@ process_arguments (int argc, char **argv)
+ usage2 (_("Invalid port number"), optarg);
+ else {
+ server_port = atoi (optarg);
+- specify_port = TRUE;
++ specify_port = true;
+ }
+ break;
+ case 'a': /* authorization info */
+@@ -502,7 +501,7 @@ process_arguments (int argc, char **argv)
+ if (errcode != 0) {
+ (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
+ printf (_("Could Not Compile Regular Expression: %s"), errbuf);
+- return ERROR;
++ return false;
+ }
+ break;
+ case INVERT_REGEX:
+@@ -519,7 +518,7 @@ process_arguments (int argc, char **argv)
+ #endif
+ break;
+ case 'v': /* verbose */
+- verbose = TRUE;
++ verbose = true;
+ break;
+ case 'm': /* min_page_length */
+ {
+@@ -544,7 +543,7 @@ process_arguments (int argc, char **argv)
+ break;
+ }
+ case 'N': /* no-body */
+- no_body = TRUE;
++ no_body = true;
+ break;
+ case 'M': /* max-age */
+ {
+@@ -565,10 +564,10 @@ process_arguments (int argc, char **argv)
+ }
+ break;
+ case 'E': /* show extended perfdata */
+- show_extended_perfdata = TRUE;
++ show_extended_perfdata = true;
+ break;
+ case 'B': /* print body content after status line */
+- show_body = TRUE;
++ show_body = true;
+ break;
+ }
+ }
+@@ -605,7 +604,7 @@ process_arguments (int argc, char **argv)
+ if (virtual_port == 0)
+ virtual_port = server_port;
+
+- return TRUE;
++ return true;
+ }
+
+
+@@ -945,7 +944,7 @@ check_http (void)
+ /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
+
+ if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
+- && host_name != NULL && use_ssl == TRUE) {
++ && host_name != NULL && use_ssl == true) {
+
+ if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
+ asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
+@@ -979,7 +978,7 @@ check_http (void)
+ }
+ #ifdef HAVE_SSL
+ elapsed_time_connect = (double)microsec_connect / 1.0e6;
+- if (use_ssl == TRUE) {
++ if (use_ssl == true) {
+ gettimeofday (&tv_temp, NULL);
+ result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
+ if (verbose) printf ("SSL initialized\n");
+@@ -987,9 +986,9 @@ check_http (void)
+ die (STATE_CRITICAL, NULL);
+ microsec_ssl = deltime (tv_temp);
+ elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
+- if (check_cert == TRUE) {
++ if (check_cert == true) {
+ result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
+- if (continue_after_check_cert == FALSE) {
++ if (continue_after_check_cert == false) {
+ if (sd) close(sd);
+ np_net_ssl_cleanup();
+ return result;
+@@ -999,7 +998,7 @@ check_http (void)
+ #endif /* HAVE_SSL */
+
+ if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
+- && host_name != NULL && use_ssl == TRUE)
++ && host_name != NULL && use_ssl == true)
+ asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+ else
+ asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+@@ -1027,10 +1026,10 @@ check_http (void)
+ * 14.23). Some server applications/configurations cause trouble if the
+ * (default) port is explicitly specified in the "Host:" header line.
+ */
+- if ((use_ssl == FALSE && virtual_port == HTTP_PORT) ||
+- (use_ssl == TRUE && virtual_port == HTTPS_PORT) ||
++ if ((use_ssl == false && virtual_port == HTTP_PORT) ||
++ (use_ssl == true && virtual_port == HTTPS_PORT) ||
+ (server_address != NULL && strcmp(http_method, "CONNECT") == 0
+- && host_name != NULL && use_ssl == TRUE))
++ && host_name != NULL && use_ssl == true))
+ xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
+ else
+ xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
+@@ -1334,7 +1333,7 @@ check_http (void)
+ perfd_time (elapsed_time),
+ perfd_size (page_len),
+ perfd_time_connect (elapsed_time_connect),
+- use_ssl == TRUE ? perfd_time_ssl (elapsed_time_ssl) : "",
++ use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "",
+ perfd_time_headers (elapsed_time_headers),
+ perfd_time_firstbyte (elapsed_time_firstbyte),
+ perfd_time_transfer (elapsed_time_transfer));
+@@ -1529,13 +1528,13 @@ redir (char *pos, char *status_line)
+ }
+
+
+-int
++bool
+ server_type_check (const char *type)
+ {
+ if (strcmp (type, "https"))
+- return FALSE;
++ return false;
+ else
+- return TRUE;
++ return true;
+ }
+
+ int
+@@ -1550,42 +1549,42 @@ server_port_check (int ssl_flag)
+ char *perfd_time (double elapsed_time)
+ {
+ return fperfdata ("time", elapsed_time, "s",
+- thlds->warning?TRUE:FALSE, thlds->warning?thlds->warning->end:0,
+- thlds->critical?TRUE:FALSE, thlds->critical?thlds->critical->end:0,
+- TRUE, 0, TRUE, socket_timeout);
++ thlds->warning?true:false, thlds->warning?thlds->warning->end:0,
++ thlds->critical?true:false, thlds->critical?thlds->critical->end:0,
++ true, 0, true, socket_timeout);
+ }
+
+ char *perfd_time_connect (double elapsed_time_connect)
+ {
+- return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
++ return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+ char *perfd_time_ssl (double elapsed_time_ssl)
+ {
+- return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
++ return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+ char *perfd_time_headers (double elapsed_time_headers)
+ {
+- return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
++ return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+ char *perfd_time_firstbyte (double elapsed_time_firstbyte)
+ {
+- return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
++ return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+ char *perfd_time_transfer (double elapsed_time_transfer)
+ {
+- return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout);
++ return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+ char *perfd_size (int page_len)
+ {
+ return perfdata ("size", page_len, "B",
+- (min_page_len>0?TRUE:FALSE), min_page_len,
+- (min_page_len>0?TRUE:FALSE), 0,
+- TRUE, 0, FALSE, 0);
++ (min_page_len>0?true:false), min_page_len,
++ (min_page_len>0?true:false), 0,
++ true, 0, false, 0);
+ }
+
+ void
+
+From f1b15b887a1a1cded1fb994edc7a3e3d4c8ccc21 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Sun, 13 Nov 2022 14:47:54 +0100
+Subject: [PATCH 02/16] Update copyright
+
+---
+ plugins/check_http.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index b1effd8d9..0f652ef88 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -34,7 +34,7 @@
+ /* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */
+
+ const char *progname = "check_http";
+-const char *copyright = "1999-2013";
++const char *copyright = "1999-2022";
+ const char *email = "devel@monitoring-plugins.org";
+
+ #include "common.h"
+
+From 7c46ef1cf400610b3da9e19862801cd42ea0e903 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Sun, 13 Nov 2022 18:48:26 +0100
+Subject: [PATCH 03/16] Document process_arguments a little bit better
+
+---
+ plugins/check_http.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 0f652ef88..6c6810fed 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -195,7 +195,10 @@ test_file (char *path)
+ usage2 (_("file does not exist or is not readable"), path);
+ }
+
+-/* process command-line arguments */
++/*
++ * process command-line arguments
++ * returns true on succes, false otherwise
++ */
+ bool process_arguments (int argc, char **argv)
+ {
+ int c = 1;
+
+From 6857e77e342aab383b32d51aa6c9129a26dc1ff6 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Sun, 13 Nov 2022 18:54:21 +0100
+Subject: [PATCH 04/16] clang format
+
+---
+ plugins/check_http.c | 1685 ++++++++++++++++++++++--------------------
+ 1 file changed, 872 insertions(+), 813 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 6c6810fed..440c84229 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -1,46 +1,47 @@
+ /*****************************************************************************
+-*
+-* Monitoring check_http plugin
+-*
+-* License: GPL
+-* Copyright (c) 1999-2013 Monitoring Plugins Development Team
+-*
+-* Description:
+-*
+-* This file contains the check_http plugin
+-*
+-* This plugin tests the HTTP service on the specified host. It can test
+-* normal (http) and secure (https) servers, follow redirects, search for
+-* strings and regular expressions, check connection times, and report on
+-* certificate expiration times.
+-*
+-*
+-* This program is free software: you can redistribute it and/or modify
+-* it under the terms of the GNU General Public License as published by
+-* the Free Software Foundation, either version 3 of the License, or
+-* (at your option) any later version.
+-*
+-* This program is distributed in the hope that it will be useful,
+-* but WITHOUT ANY WARRANTY; without even the implied warranty of
+-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+-* GNU General Public License for more details.
+-*
+-* You should have received a copy of the GNU General Public License
+-* along with this program. If not, see .
+-*
+-*
+-*****************************************************************************/
+-
+-/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */
++ *
++ * Monitoring check_http plugin
++ *
++ * License: GPL
++ * Copyright (c) 1999-2013 Monitoring Plugins Development Team
++ *
++ * Description:
++ *
++ * This file contains the check_http plugin
++ *
++ * This plugin tests the HTTP service on the specified host. It can test
++ * normal (http) and secure (https) servers, follow redirects, search for
++ * strings and regular expressions, check connection times, and report on
++ * certificate expiration times.
++ *
++ *
++ * This program is free software: you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation, either version 3 of the License, or
++ * (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program. If not, see .
++ *
++ *
++ *****************************************************************************/
++
++/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/
++ * ../../plugins/check_http.c */
+
+ const char *progname = "check_http";
+ const char *copyright = "1999-2022";
+ const char *email = "devel@monitoring-plugins.org";
+
++#include "base64.h"
+ #include "common.h"
+ #include "netutils.h"
+ #include "utils.h"
+-#include "base64.h"
+ #include
+
+ #define STICKY_NONE 0
+@@ -63,19 +64,18 @@ int ssl_version = 0;
+ int days_till_exp_warn, days_till_exp_crit;
+ char *randbuff;
+ X509 *server_cert;
+-# define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
+-# define my_send(buf, len) ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
++#define my_recv(buf, len) \
++ ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
++#define my_send(buf, len) \
++ ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
+ #else /* ifndef HAVE_SSL */
+-# define my_recv(buf, len) read(sd, buf, len)
+-# define my_send(buf, len) send(sd, buf, len, 0)
++#define my_recv(buf, len) read(sd, buf, len)
++#define my_send(buf, len) send(sd, buf, len, 0)
+ #endif /* HAVE_SSL */
+ bool no_body = false;
+ int maximum_age = -1;
+
+-enum {
+- REGS = 2,
+- MAX_RE_SIZE = 1024
+-};
++enum { REGS = 2, MAX_RE_SIZE = 1024 };
+ #include "regex.h"
+ regex_t preg;
+ regmatch_t pmatch[REGS];
+@@ -136,71 +136,67 @@ char buffer[MAX_INPUT_BUFFER];
+ char *client_cert = NULL;
+ char *client_privkey = NULL;
+
+-bool process_arguments (int, char **);
+-int check_http (void);
+-void redir (char *pos, char *status_line);
++bool process_arguments(int, char **);
++int check_http(void);
++void redir(char *pos, char *status_line);
+ bool server_type_check(const char *type);
+ int server_port_check(int ssl_flag);
+-char *perfd_time (double microsec);
+-char *perfd_time_connect (double microsec);
+-char *perfd_time_ssl (double microsec);
+-char *perfd_time_firstbyte (double microsec);
+-char *perfd_time_headers (double microsec);
+-char *perfd_time_transfer (double microsec);
+-char *perfd_size (int page_len);
+-void print_help (void);
+-void print_usage (void);
+-
+-int
+-main (int argc, char **argv)
+-{
++char *perfd_time(double microsec);
++char *perfd_time_connect(double microsec);
++char *perfd_time_ssl(double microsec);
++char *perfd_time_firstbyte(double microsec);
++char *perfd_time_headers(double microsec);
++char *perfd_time_transfer(double microsec);
++char *perfd_size(int page_len);
++void print_help(void);
++void print_usage(void);
++
++int main(int argc, char **argv) {
+ int result = STATE_UNKNOWN;
+
+- setlocale (LC_ALL, "");
+- bindtextdomain (PACKAGE, LOCALEDIR);
+- textdomain (PACKAGE);
++ setlocale(LC_ALL, "");
++ bindtextdomain(PACKAGE, LOCALEDIR);
++ textdomain(PACKAGE);
+
+- /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */
++ /* Set default URL. Must be malloced for subsequent realloc if
++ * --onredirect=follow */
+ server_url = strdup(HTTP_URL);
+ server_url_length = strlen(server_url);
+- xasprintf (&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)",
++ xasprintf(&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)",
+ NP_VERSION, VERSION);
+
+ /* Parse extra opts if any */
+- argv=np_extra_opts (&argc, argv, progname);
++ argv = np_extra_opts(&argc, argv, progname);
+
+- if (process_arguments (argc, argv) == false)
+- usage4 (_("Could not parse arguments"));
++ if (process_arguments(argc, argv) == false)
++ usage4(_("Could not parse arguments"));
+
+ if (display_html == true)
+- printf ("",
+- use_ssl ? "https" : "http", host_name ? host_name : server_address,
+- server_port, server_url);
++ printf("",
++ use_ssl ? "https" : "http", host_name ? host_name : server_address,
++ server_port, server_url);
+
+ /* initialize alarm signal handling, set socket timeout, start timer */
+- (void) signal (SIGALRM, socket_timeout_alarm_handler);
+- (void) alarm (socket_timeout);
+- gettimeofday (&tv, NULL);
++ (void)signal(SIGALRM, socket_timeout_alarm_handler);
++ (void)alarm(socket_timeout);
++ gettimeofday(&tv, NULL);
+
+- result = check_http ();
++ result = check_http();
+ return result;
+ }
+
+ /* check whether a file exists */
+-void
+-test_file (char *path)
+-{
++void test_file(char *path) {
+ if (access(path, R_OK) == 0)
+ return;
+- usage2 (_("file does not exist or is not readable"), path);
++ usage2(_("file does not exist or is not readable"), path);
+ }
+
+ /*
+ * process command-line arguments
+ * returns true on succes, false otherwise
+- */
+-bool process_arguments (int argc, char **argv)
+-{
++ */
++bool process_arguments(int argc, char **argv) {
+ int c = 1;
+ char *p;
+ char *temp;
+@@ -214,83 +210,85 @@ bool process_arguments (int argc, char **argv)
+
+ int option = 0;
+ static struct option longopts[] = {
+- STD_LONG_OPTS,
+- {"link", no_argument, 0, 'L'},
+- {"nohtml", no_argument, 0, 'n'},
+- {"ssl", optional_argument, 0, 'S'},
+- {"sni", no_argument, 0, SNI_OPTION},
+- {"post", required_argument, 0, 'P'},
+- {"method", required_argument, 0, 'j'},
+- {"IP-address", required_argument, 0, 'I'},
+- {"url", required_argument, 0, 'u'},
+- {"port", required_argument, 0, 'p'},
+- {"authorization", required_argument, 0, 'a'},
+- {"proxy-authorization", required_argument, 0, 'b'},
+- {"header-string", required_argument, 0, 'd'},
+- {"string", required_argument, 0, 's'},
+- {"expect", required_argument, 0, 'e'},
+- {"regex", required_argument, 0, 'r'},
+- {"ereg", required_argument, 0, 'r'},
+- {"eregi", required_argument, 0, 'R'},
+- {"linespan", no_argument, 0, 'l'},
+- {"onredirect", required_argument, 0, 'f'},
+- {"certificate", required_argument, 0, 'C'},
+- {"client-cert", required_argument, 0, 'J'},
+- {"private-key", required_argument, 0, 'K'},
+- {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT},
+- {"useragent", required_argument, 0, 'A'},
+- {"header", required_argument, 0, 'k'},
+- {"no-body", no_argument, 0, 'N'},
+- {"max-age", required_argument, 0, 'M'},
+- {"content-type", required_argument, 0, 'T'},
+- {"pagesize", required_argument, 0, 'm'},
+- {"invert-regex", no_argument, NULL, INVERT_REGEX},
+- {"use-ipv4", no_argument, 0, '4'},
+- {"use-ipv6", no_argument, 0, '6'},
+- {"extended-perfdata", no_argument, 0, 'E'},
+- {"show-body", no_argument, 0, 'B'},
+- {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION},
+- {0, 0, 0, 0}
+- };
++ STD_LONG_OPTS,
++ {"link", no_argument, 0, 'L'},
++ {"nohtml", no_argument, 0, 'n'},
++ {"ssl", optional_argument, 0, 'S'},
++ {"sni", no_argument, 0, SNI_OPTION},
++ {"post", required_argument, 0, 'P'},
++ {"method", required_argument, 0, 'j'},
++ {"IP-address", required_argument, 0, 'I'},
++ {"url", required_argument, 0, 'u'},
++ {"port", required_argument, 0, 'p'},
++ {"authorization", required_argument, 0, 'a'},
++ {"proxy-authorization", required_argument, 0, 'b'},
++ {"header-string", required_argument, 0, 'd'},
++ {"string", required_argument, 0, 's'},
++ {"expect", required_argument, 0, 'e'},
++ {"regex", required_argument, 0, 'r'},
++ {"ereg", required_argument, 0, 'r'},
++ {"eregi", required_argument, 0, 'R'},
++ {"linespan", no_argument, 0, 'l'},
++ {"onredirect", required_argument, 0, 'f'},
++ {"certificate", required_argument, 0, 'C'},
++ {"client-cert", required_argument, 0, 'J'},
++ {"private-key", required_argument, 0, 'K'},
++ {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT},
++ {"useragent", required_argument, 0, 'A'},
++ {"header", required_argument, 0, 'k'},
++ {"no-body", no_argument, 0, 'N'},
++ {"max-age", required_argument, 0, 'M'},
++ {"content-type", required_argument, 0, 'T'},
++ {"pagesize", required_argument, 0, 'm'},
++ {"invert-regex", no_argument, NULL, INVERT_REGEX},
++ {"use-ipv4", no_argument, 0, '4'},
++ {"use-ipv6", no_argument, 0, '6'},
++ {"extended-perfdata", no_argument, 0, 'E'},
++ {"show-body", no_argument, 0, 'B'},
++ {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION},
++ {0, 0, 0, 0}};
+
+ if (argc < 2)
+ return false;
+
+ for (c = 1; c < argc; c++) {
+- if (strcmp ("-to", argv[c]) == 0)
+- strcpy (argv[c], "-t");
+- if (strcmp ("-hn", argv[c]) == 0)
+- strcpy (argv[c], "-H");
+- if (strcmp ("-wt", argv[c]) == 0)
+- strcpy (argv[c], "-w");
+- if (strcmp ("-ct", argv[c]) == 0)
+- strcpy (argv[c], "-c");
+- if (strcmp ("-nohtml", argv[c]) == 0)
+- strcpy (argv[c], "-n");
++ if (strcmp("-to", argv[c]) == 0)
++ strcpy(argv[c], "-t");
++ if (strcmp("-hn", argv[c]) == 0)
++ strcpy(argv[c], "-H");
++ if (strcmp("-wt", argv[c]) == 0)
++ strcpy(argv[c], "-w");
++ if (strcmp("-ct", argv[c]) == 0)
++ strcpy(argv[c], "-c");
++ if (strcmp("-nohtml", argv[c]) == 0)
++ strcpy(argv[c], "-n");
+ }
+
+ while (1) {
+- c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option);
++ c = getopt_long(
++ argc, argv,
++ "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB",
++ longopts, &option);
+ if (c == -1 || c == EOF)
+ break;
+
+ switch (c) {
+ case '?': /* usage */
+- usage5 ();
++ usage5();
+ break;
+ case 'h': /* help */
+- print_help ();
+- exit (STATE_UNKNOWN);
++ print_help();
++ exit(STATE_UNKNOWN);
+ break;
+ case 'V': /* version */
+- print_revision (progname, NP_VERSION);
+- exit (STATE_UNKNOWN);
++ print_revision(progname, NP_VERSION);
++ exit(STATE_UNKNOWN);
+ break;
+ case 't': /* timeout period */
+- if (!is_intnonneg (optarg))
+- usage2 (_("Timeout interval must be a positive integer"), optarg);
++ if (!is_intnonneg(optarg))
++ usage2(_("Timeout interval must be a positive integer"), optarg);
+ else
+- socket_timeout = atoi (optarg);
++ socket_timeout = atoi(optarg);
+ break;
+ case 'c': /* critical time threshold */
+ critical_thresholds = optarg;
+@@ -299,13 +297,14 @@ bool process_arguments (int argc, char **argv)
+ warning_thresholds = optarg;
+ break;
+ case 'A': /* User Agent String */
+- xasprintf (&user_agent, "User-Agent: %s", optarg);
++ xasprintf(&user_agent, "User-Agent: %s", optarg);
+ break;
+ case 'k': /* Additional headers */
+ if (http_opt_headers_count == 0)
+- http_opt_headers = malloc (sizeof (char *) * (++http_opt_headers_count));
++ http_opt_headers = malloc(sizeof(char *) * (++http_opt_headers_count));
+ else
+- http_opt_headers = realloc (http_opt_headers, sizeof (char *) * (++http_opt_headers_count));
++ http_opt_headers = realloc(http_opt_headers,
++ sizeof(char *) * (++http_opt_headers_count));
+ http_opt_headers[http_opt_headers_count - 1] = optarg;
+ /* xasprintf (&http_opt_headers, "%s", optarg); */
+ break;
+@@ -317,27 +316,27 @@ bool process_arguments (int argc, char **argv)
+ break;
+ case 'C': /* Check SSL cert validity */
+ #ifdef HAVE_SSL
+- if ((temp=strchr(optarg,','))!=NULL) {
+- *temp='\0';
+- if (!is_intnonneg (optarg))
+- usage2 (_("Invalid certificate expiration period"), optarg);
++ if ((temp = strchr(optarg, ',')) != NULL) {
++ *temp = '\0';
++ if (!is_intnonneg(optarg))
++ usage2(_("Invalid certificate expiration period"), optarg);
+ days_till_exp_warn = atoi(optarg);
+- *temp=',';
++ *temp = ',';
+ temp++;
+- if (!is_intnonneg (temp))
+- usage2 (_("Invalid certificate expiration period"), temp);
+- days_till_exp_crit = atoi (temp);
+- }
+- else {
+- days_till_exp_crit=0;
+- if (!is_intnonneg (optarg))
+- usage2 (_("Invalid certificate expiration period"), optarg);
+- days_till_exp_warn = atoi (optarg);
++ if (!is_intnonneg(temp))
++ usage2(_("Invalid certificate expiration period"), temp);
++ days_till_exp_crit = atoi(temp);
++ } else {
++ days_till_exp_crit = 0;
++ if (!is_intnonneg(optarg))
++ usage2(_("Invalid certificate expiration period"), optarg);
++ days_till_exp_warn = atoi(optarg);
+ }
+ check_cert = true;
+ goto enable_ssl;
+ #endif
+- case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */
++ case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is
++ checked */
+ #ifdef HAVE_SSL
+ continue_after_check_cert = true;
+ break;
+@@ -357,15 +356,16 @@ bool process_arguments (int argc, char **argv)
+ case 'S': /* use SSL */
+ #ifdef HAVE_SSL
+ enable_ssl:
+- /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple
+- parameters, like -S and -C combinations */
++ /* ssl_version initialized to 0 as a default. Only set if it's non-zero.
++ This helps when we include multiple parameters, like -S and -C
++ combinations */
+ use_ssl = true;
+- if (c=='S' && optarg != NULL) {
++ if (c == 'S' && optarg != NULL) {
+ int got_plus = strchr(optarg, '+') != NULL;
+
+- if (!strncmp (optarg, "1.2", 3))
++ if (!strncmp(optarg, "1.2", 3))
+ ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2;
+- else if (!strncmp (optarg, "1.1", 3))
++ else if (!strncmp(optarg, "1.1", 3))
+ ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1;
+ else if (optarg[0] == '1')
+ ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1;
+@@ -374,101 +374,104 @@ bool process_arguments (int argc, char **argv)
+ else if (optarg[0] == '2')
+ ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2;
+ else
+- usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)"));
++ usage4(_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 "
++ "(with optional '+' suffix)"));
+ }
+ if (specify_port == false)
+ server_port = HTTPS_PORT;
+ #else
+ /* -C -J and -K fall through to here without SSL */
+- usage4 (_("Invalid option - SSL is not available"));
++ usage4(_("Invalid option - SSL is not available"));
+ #endif
+ break;
+ case SNI_OPTION:
+ use_sni = true;
+ break;
+ case MAX_REDIRS_OPTION:
+- if (!is_intnonneg (optarg))
+- usage2 (_("Invalid max_redirs count"), optarg);
++ if (!is_intnonneg(optarg))
++ usage2(_("Invalid max_redirs count"), optarg);
+ else {
+- max_depth = atoi (optarg);
++ max_depth = atoi(optarg);
+ }
+- break;
++ break;
+ case 'f': /* onredirect */
+- if (!strcmp (optarg, "stickyport"))
+- onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT;
+- else if (!strcmp (optarg, "sticky"))
++ if (!strcmp(optarg, "stickyport"))
++ onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST | STICKY_PORT;
++ else if (!strcmp(optarg, "sticky"))
+ onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST;
+- else if (!strcmp (optarg, "follow"))
++ else if (!strcmp(optarg, "follow"))
+ onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE;
+- else if (!strcmp (optarg, "unknown"))
++ else if (!strcmp(optarg, "unknown"))
+ onredirect = STATE_UNKNOWN;
+- else if (!strcmp (optarg, "ok"))
++ else if (!strcmp(optarg, "ok"))
+ onredirect = STATE_OK;
+- else if (!strcmp (optarg, "warning"))
++ else if (!strcmp(optarg, "warning"))
+ onredirect = STATE_WARNING;
+- else if (!strcmp (optarg, "critical"))
++ else if (!strcmp(optarg, "critical"))
+ onredirect = STATE_CRITICAL;
+- else usage2 (_("Invalid onredirect option"), optarg);
++ else
++ usage2(_("Invalid onredirect option"), optarg);
+ if (verbose)
+ printf(_("option f:%d \n"), onredirect);
+ break;
+ /* Note: H, I, and u must be malloc'd or will fail on redirects */
+ case 'H': /* Host Name (virtual host) */
+- host_name = strdup (optarg);
++ host_name = strdup(optarg);
+ if (host_name[0] == '[') {
+- if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */
+- virtual_port = atoi (p + 2);
++ if ((p = strstr(host_name, "]:")) != NULL) { /* [IPv6]:port */
++ virtual_port = atoi(p + 2);
+ /* cut off the port */
+- host_name_length = strlen (host_name) - strlen (p) - 1;
+- free (host_name);
+- host_name = strndup (optarg, host_name_length);
+- if (specify_port == false)
+- server_port = virtual_port;
+- }
+- } else if ((p = strchr (host_name, ':')) != NULL
+- && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */
+- virtual_port = atoi (p);
+- /* cut off the port */
+- host_name_length = strlen (host_name) - strlen (p) - 1;
+- free (host_name);
+- host_name = strndup (optarg, host_name_length);
++ host_name_length = strlen(host_name) - strlen(p) - 1;
++ free(host_name);
++ host_name = strndup(optarg, host_name_length);
+ if (specify_port == false)
+ server_port = virtual_port;
+ }
++ } else if ((p = strchr(host_name, ':')) != NULL &&
++ strchr(++p, ':') == NULL) { /* IPv4:port or host:port */
++ virtual_port = atoi(p);
++ /* cut off the port */
++ host_name_length = strlen(host_name) - strlen(p) - 1;
++ free(host_name);
++ host_name = strndup(optarg, host_name_length);
++ if (specify_port == false)
++ server_port = virtual_port;
++ }
+ break;
+ case 'I': /* Server IP-address */
+- server_address = strdup (optarg);
++ server_address = strdup(optarg);
+ break;
+ case 'u': /* URL path */
+- server_url = strdup (optarg);
+- server_url_length = strlen (server_url);
++ server_url = strdup(optarg);
++ server_url_length = strlen(server_url);
+ break;
+ case 'p': /* Server port */
+- if (!is_intnonneg (optarg))
+- usage2 (_("Invalid port number"), optarg);
++ if (!is_intnonneg(optarg))
++ usage2(_("Invalid port number"), optarg);
+ else {
+- server_port = atoi (optarg);
++ server_port = atoi(optarg);
+ specify_port = true;
+ }
+ break;
+ case 'a': /* authorization info */
+- strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy(user_auth, optarg, MAX_INPUT_BUFFER - 1);
+ user_auth[MAX_INPUT_BUFFER - 1] = 0;
+ break;
+ case 'b': /* proxy-authorization info */
+- strncpy (proxy_auth, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy(proxy_auth, optarg, MAX_INPUT_BUFFER - 1);
+ proxy_auth[MAX_INPUT_BUFFER - 1] = 0;
+ break;
+- case 'P': /* HTTP POST data in URL encoded format; ignored if settings already */
+- if (! http_post_data)
+- http_post_data = strdup (optarg);
+- if (! http_method)
++ case 'P': /* HTTP POST data in URL encoded format; ignored if settings
++ already */
++ if (!http_post_data)
++ http_post_data = strdup(optarg);
++ if (!http_method)
+ http_method = strdup("POST");
+ break;
+ case 'j': /* Set HTTP method */
+ if (http_method)
+ free(http_method);
+- http_method = strdup (optarg);
++ http_method = strdup(optarg);
+ char *tmp;
+ if ((tmp = strstr(http_method, ":")) > 0) {
+ tmp[0] = '\0';
+@@ -477,20 +480,20 @@ bool process_arguments (int argc, char **argv)
+ }
+ break;
+ case 'd': /* string or substring */
+- strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy(header_expect, optarg, MAX_INPUT_BUFFER - 1);
+ header_expect[MAX_INPUT_BUFFER - 1] = 0;
+ break;
+ case 's': /* string or substring */
+- strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy(string_expect, optarg, MAX_INPUT_BUFFER - 1);
+ string_expect[MAX_INPUT_BUFFER - 1] = 0;
+ break;
+ case 'e': /* string or substring */
+- strncpy (server_expect, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy(server_expect, optarg, MAX_INPUT_BUFFER - 1);
+ server_expect[MAX_INPUT_BUFFER - 1] = 0;
+ server_expect_yn = 1;
+ break;
+ case 'T': /* Content-type */
+- xasprintf (&http_content_type, "%s", optarg);
++ xasprintf(&http_content_type, "%s", optarg);
+ break;
+ case 'l': /* linespan */
+ cflags &= ~REG_NEWLINE;
+@@ -498,12 +501,12 @@ bool process_arguments (int argc, char **argv)
+ case 'R': /* regex */
+ cflags |= REG_ICASE;
+ case 'r': /* regex */
+- strncpy (regexp, optarg, MAX_RE_SIZE - 1);
++ strncpy(regexp, optarg, MAX_RE_SIZE - 1);
+ regexp[MAX_RE_SIZE - 1] = 0;
+- errcode = regcomp (&preg, regexp, cflags);
++ errcode = regcomp(&preg, regexp, cflags);
+ if (errcode != 0) {
+- (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
+- printf (_("Could Not Compile Regular Expression: %s"), errbuf);
++ (void)regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
++ printf(_("Could Not Compile Regular Expression: %s"), errbuf);
+ return false;
+ }
+ break;
+@@ -517,55 +520,53 @@ bool process_arguments (int argc, char **argv)
+ #ifdef USE_IPV6
+ address_family = AF_INET6;
+ #else
+- usage4 (_("IPv6 support not available"));
++ usage4(_("IPv6 support not available"));
+ #endif
+ break;
+ case 'v': /* verbose */
+ verbose = true;
+ break;
+ case 'm': /* min_page_length */
+- {
++ {
+ char *tmp;
+ if (strchr(optarg, ':') != (char *)NULL) {
+ /* range, so get two values, min:max */
+ tmp = strtok(optarg, ":");
+ if (tmp == NULL) {
+ printf("Bad format: try \"-m min:max\"\n");
+- exit (STATE_WARNING);
++ exit(STATE_WARNING);
+ } else
+ min_page_len = atoi(tmp);
+
+ tmp = strtok(NULL, ":");
+ if (tmp == NULL) {
+ printf("Bad format: try \"-m min:max\"\n");
+- exit (STATE_WARNING);
++ exit(STATE_WARNING);
+ } else
+ max_page_len = atoi(tmp);
+ } else
+- min_page_len = atoi (optarg);
++ min_page_len = atoi(optarg);
+ break;
+- }
++ }
+ case 'N': /* no-body */
+ no_body = true;
+ break;
+ case 'M': /* max-age */
+- {
+- int L = strlen(optarg);
+- if (L && optarg[L-1] == 'm')
+- maximum_age = atoi (optarg) * 60;
+- else if (L && optarg[L-1] == 'h')
+- maximum_age = atoi (optarg) * 60 * 60;
+- else if (L && optarg[L-1] == 'd')
+- maximum_age = atoi (optarg) * 60 * 60 * 24;
+- else if (L && (optarg[L-1] == 's' ||
+- isdigit (optarg[L-1])))
+- maximum_age = atoi (optarg);
+- else {
+- fprintf (stderr, "unparsable max-age: %s\n", optarg);
+- exit (STATE_WARNING);
+- }
+- }
+- break;
++ {
++ int L = strlen(optarg);
++ if (L && optarg[L - 1] == 'm')
++ maximum_age = atoi(optarg) * 60;
++ else if (L && optarg[L - 1] == 'h')
++ maximum_age = atoi(optarg) * 60 * 60;
++ else if (L && optarg[L - 1] == 'd')
++ maximum_age = atoi(optarg) * 60 * 60 * 24;
++ else if (L && (optarg[L - 1] == 's' || isdigit(optarg[L - 1])))
++ maximum_age = atoi(optarg);
++ else {
++ fprintf(stderr, "unparsable max-age: %s\n", optarg);
++ exit(STATE_WARNING);
++ }
++ } break;
+ case 'E': /* show extended perfdata */
+ show_extended_perfdata = true;
+ break;
+@@ -578,31 +579,32 @@ bool process_arguments (int argc, char **argv)
+ c = optind;
+
+ if (server_address == NULL && c < argc)
+- server_address = strdup (argv[c++]);
++ server_address = strdup(argv[c++]);
+
+ if (host_name == NULL && c < argc)
+- host_name = strdup (argv[c++]);
++ host_name = strdup(argv[c++]);
+
+ if (server_address == NULL) {
+ if (host_name == NULL)
+- usage4 (_("You must specify a server address or host name"));
++ usage4(_("You must specify a server address or host name"));
+ else
+- server_address = strdup (host_name);
++ server_address = strdup(host_name);
+ }
+
+ set_thresholds(&thlds, warning_thresholds, critical_thresholds);
+
+- if (critical_thresholds && thlds->critical->end>(double)socket_timeout)
++ if (critical_thresholds && thlds->critical->end > (double)socket_timeout)
+ socket_timeout = (int)thlds->critical->end + 1;
+
+ if (http_method == NULL)
+- http_method = strdup ("GET");
++ http_method = strdup("GET");
+
+ if (http_method_proxy == NULL)
+- http_method_proxy = strdup ("GET");
++ http_method_proxy = strdup("GET");
+
+ if (client_cert && !client_privkey)
+- usage4 (_("If you use a client certificate you must also specify a private key file"));
++ usage4(_("If you use a client certificate you must also specify a private "
++ "key file"));
+
+ if (virtual_port == 0)
+ virtual_port = server_port;
+@@ -610,89 +612,68 @@ bool process_arguments (int argc, char **argv)
+ return true;
+ }
+
+-
+-
+ /* Returns 1 if we're done processing the document body; 0 to keep going */
+-static int
+-document_headers_done (char *full_page)
+-{
++static int document_headers_done(char *full_page) {
+ const char *body;
+
+ for (body = full_page; *body; body++) {
+- if (!strncmp (body, "\n\n", 2) || !strncmp (body, "\n\r\n", 3))
++ if (!strncmp(body, "\n\n", 2) || !strncmp(body, "\n\r\n", 3))
+ break;
+ }
+
+ if (!*body)
+- return 0; /* haven't read end of headers yet */
++ return 0; /* haven't read end of headers yet */
+
+ full_page[body - full_page] = 0;
+ return 1;
+ }
+
+-static time_t
+-parse_time_string (const char *string)
+-{
++static time_t parse_time_string(const char *string) {
+ struct tm tm;
+ time_t t;
+- memset (&tm, 0, sizeof(tm));
++ memset(&tm, 0, sizeof(tm));
+
+ /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */
+
+- if (isupper (string[0]) && /* Tue */
+- islower (string[1]) &&
+- islower (string[2]) &&
+- ',' == string[3] &&
+- ' ' == string[4] &&
+- (isdigit(string[5]) || string[5] == ' ') && /* 25 */
+- isdigit (string[6]) &&
+- ' ' == string[7] &&
+- isupper (string[8]) && /* Dec */
+- islower (string[9]) &&
+- islower (string[10]) &&
+- ' ' == string[11] &&
+- isdigit (string[12]) && /* 2001 */
+- isdigit (string[13]) &&
+- isdigit (string[14]) &&
+- isdigit (string[15]) &&
+- ' ' == string[16] &&
+- isdigit (string[17]) && /* 02: */
+- isdigit (string[18]) &&
+- ':' == string[19] &&
+- isdigit (string[20]) && /* 59: */
+- isdigit (string[21]) &&
+- ':' == string[22] &&
+- isdigit (string[23]) && /* 03 */
+- isdigit (string[24]) &&
+- ' ' == string[25] &&
+- 'G' == string[26] && /* GMT */
+- 'M' == string[27] && /* GMT */
+- 'T' == string[28]) {
+-
+- tm.tm_sec = 10 * (string[23]-'0') + (string[24]-'0');
+- tm.tm_min = 10 * (string[20]-'0') + (string[21]-'0');
+- tm.tm_hour = 10 * (string[17]-'0') + (string[18]-'0');
+- tm.tm_mday = 10 * (string[5] == ' ' ? 0 : string[5]-'0') + (string[6]-'0');
+- tm.tm_mon = (!strncmp (string+8, "Jan", 3) ? 0 :
+- !strncmp (string+8, "Feb", 3) ? 1 :
+- !strncmp (string+8, "Mar", 3) ? 2 :
+- !strncmp (string+8, "Apr", 3) ? 3 :
+- !strncmp (string+8, "May", 3) ? 4 :
+- !strncmp (string+8, "Jun", 3) ? 5 :
+- !strncmp (string+8, "Jul", 3) ? 6 :
+- !strncmp (string+8, "Aug", 3) ? 7 :
+- !strncmp (string+8, "Sep", 3) ? 8 :
+- !strncmp (string+8, "Oct", 3) ? 9 :
+- !strncmp (string+8, "Nov", 3) ? 10 :
+- !strncmp (string+8, "Dec", 3) ? 11 :
+- -1);
+- tm.tm_year = ((1000 * (string[12]-'0') +
+- 100 * (string[13]-'0') +
+- 10 * (string[14]-'0') +
+- (string[15]-'0'))
+- - 1900);
+-
+- tm.tm_isdst = 0; /* GMT is never in DST, right? */
++ if (isupper(string[0]) && /* Tue */
++ islower(string[1]) && islower(string[2]) && ',' == string[3] &&
++ ' ' == string[4] && (isdigit(string[5]) || string[5] == ' ') && /* 25 */
++ isdigit(string[6]) && ' ' == string[7] && isupper(string[8]) && /* Dec */
++ islower(string[9]) && islower(string[10]) && ' ' == string[11] &&
++ isdigit(string[12]) && /* 2001 */
++ isdigit(string[13]) && isdigit(string[14]) && isdigit(string[15]) &&
++ ' ' == string[16] && isdigit(string[17]) && /* 02: */
++ isdigit(string[18]) && ':' == string[19] &&
++ isdigit(string[20]) && /* 59: */
++ isdigit(string[21]) && ':' == string[22] &&
++ isdigit(string[23]) && /* 03 */
++ isdigit(string[24]) && ' ' == string[25] && 'G' == string[26] && /* GMT */
++ 'M' == string[27] && /* GMT */
++ 'T' == string[28]) {
++
++ tm.tm_sec = 10 * (string[23] - '0') + (string[24] - '0');
++ tm.tm_min = 10 * (string[20] - '0') + (string[21] - '0');
++ tm.tm_hour = 10 * (string[17] - '0') + (string[18] - '0');
++ tm.tm_mday =
++ 10 * (string[5] == ' ' ? 0 : string[5] - '0') + (string[6] - '0');
++ tm.tm_mon = (!strncmp(string + 8, "Jan", 3) ? 0
++ : !strncmp(string + 8, "Feb", 3) ? 1
++ : !strncmp(string + 8, "Mar", 3) ? 2
++ : !strncmp(string + 8, "Apr", 3) ? 3
++ : !strncmp(string + 8, "May", 3) ? 4
++ : !strncmp(string + 8, "Jun", 3) ? 5
++ : !strncmp(string + 8, "Jul", 3) ? 6
++ : !strncmp(string + 8, "Aug", 3) ? 7
++ : !strncmp(string + 8, "Sep", 3) ? 8
++ : !strncmp(string + 8, "Oct", 3) ? 9
++ : !strncmp(string + 8, "Nov", 3) ? 10
++ : !strncmp(string + 8, "Dec", 3) ? 11
++ : -1);
++ tm.tm_year = ((1000 * (string[12] - '0') + 100 * (string[13] - '0') +
++ 10 * (string[14] - '0') + (string[15] - '0')) -
++ 1900);
++
++ tm.tm_isdst = 0; /* GMT is never in DST, right? */
+
+ if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31)
+ return 0;
+@@ -704,14 +685,15 @@ parse_time_string (const char *string)
+ so it doesn't matter what time zone we parse them in.
+ */
+
+- t = mktime (&tm);
+- if (t == (time_t) -1) t = 0;
++ t = mktime(&tm);
++ if (t == (time_t)-1)
++ t = 0;
+
+ if (verbose) {
+ const char *s = string;
+ while (*s && *s != '\r' && *s != '\n')
+- fputc (*s++, stdout);
+- printf (" ==> %lu\n", (unsigned long) t);
++ fputc(*s++, stdout);
++ printf(" ==> %lu\n", (unsigned long)t);
+ }
+
+ return t;
+@@ -722,28 +704,24 @@ parse_time_string (const char *string)
+ }
+
+ /* Checks if the server 'reply' is one of the expected 'statuscodes' */
+-static int
+-expected_statuscode (const char *reply, const char *statuscodes)
+-{
++static int expected_statuscode(const char *reply, const char *statuscodes) {
+ char *expected, *code;
+ int result = 0;
+
+- if ((expected = strdup (statuscodes)) == NULL)
+- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
++ if ((expected = strdup(statuscodes)) == NULL)
++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
+
+- for (code = strtok (expected, ","); code != NULL; code = strtok (NULL, ","))
+- if (strstr (reply, code) != NULL) {
++ for (code = strtok(expected, ","); code != NULL; code = strtok(NULL, ","))
++ if (strstr(reply, code) != NULL) {
+ result = 1;
+ break;
+ }
+
+- free (expected);
++ free(expected);
+ return result;
+ }
+
+-static int
+-check_document_dates (const char *headers, char **msg)
+-{
++static int check_document_dates(const char *headers, char **msg) {
+ const char *s;
+ char *server_date = 0;
+ char *document_date = 0;
+@@ -771,73 +749,78 @@ check_document_dates (const char *headers, char **msg)
+ s++;
+
+ /* Process this header. */
+- if (value && value > field+2) {
+- char *ff = (char *) malloc (value-field);
++ if (value && value > field + 2) {
++ char *ff = (char *)malloc(value - field);
+ char *ss = ff;
+- while (field < value-1)
++ while (field < value - 1)
+ *ss++ = tolower(*field++);
+ *ss++ = 0;
+
+- if (!strcmp (ff, "date") || !strcmp (ff, "last-modified")) {
++ if (!strcmp(ff, "date") || !strcmp(ff, "last-modified")) {
+ const char *e;
+- while (*value && isspace (*value))
++ while (*value && isspace(*value))
+ value++;
+ for (e = value; *e && *e != '\r' && *e != '\n'; e++)
+ ;
+- ss = (char *) malloc (e - value + 1);
+- strncpy (ss, value, e - value);
++ ss = (char *)malloc(e - value + 1);
++ strncpy(ss, value, e - value);
+ ss[e - value] = 0;
+- if (!strcmp (ff, "date")) {
+- if (server_date) free (server_date);
++ if (!strcmp(ff, "date")) {
++ if (server_date)
++ free(server_date);
+ server_date = ss;
+ } else {
+- if (document_date) free (document_date);
++ if (document_date)
++ free(document_date);
+ document_date = ss;
+ }
+ }
+- free (ff);
++ free(ff);
+ }
+ }
+
+ /* Done parsing the body. Now check the dates we (hopefully) parsed. */
+ if (!server_date || !*server_date) {
+- xasprintf (msg, _("%sServer date unknown, "), *msg);
++ xasprintf(msg, _("%sServer date unknown, "), *msg);
+ date_result = max_state_alt(STATE_UNKNOWN, date_result);
+ } else if (!document_date || !*document_date) {
+- xasprintf (msg, _("%sDocument modification date unknown, "), *msg);
++ xasprintf(msg, _("%sDocument modification date unknown, "), *msg);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else {
+- time_t srv_data = parse_time_string (server_date);
+- time_t doc_data = parse_time_string (document_date);
++ time_t srv_data = parse_time_string(server_date);
++ time_t doc_data = parse_time_string(document_date);
+
+ if (srv_data <= 0) {
+- xasprintf (msg, _("%sServer date \"%100s\" unparsable, "), *msg, server_date);
++ xasprintf(msg, _("%sServer date \"%100s\" unparsable, "), *msg,
++ server_date);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else if (doc_data <= 0) {
+- xasprintf (msg, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date);
++ xasprintf(msg, _("%sDocument date \"%100s\" unparsable, "), *msg,
++ document_date);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else if (doc_data > srv_data + 30) {
+- xasprintf (msg, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data);
++ xasprintf(msg, _("%sDocument is %d seconds in the future, "), *msg,
++ (int)doc_data - (int)srv_data);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else if (doc_data < srv_data - maximum_age) {
+ int n = (srv_data - doc_data);
+ if (n > (60 * 60 * 24 * 2)) {
+- xasprintf (msg, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24));
++ xasprintf(msg, _("%sLast modified %.1f days ago, "), *msg,
++ ((float)n) / (60 * 60 * 24));
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else {
+- xasprintf (msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60);
++ xasprintf(msg, _("%sLast modified %d:%02d:%02d ago, "), *msg,
++ n / (60 * 60), (n / 60) % 60, n % 60);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ }
+ }
+- free (server_date);
+- free (document_date);
++ free(server_date);
++ free(document_date);
+ }
+ return date_result;
+ }
+
+-int
+-get_content_length (const char *headers)
+-{
++int get_content_length(const char *headers) {
+ const char *s;
+ int content_length = 0;
+
+@@ -863,50 +846,46 @@ get_content_length (const char *headers)
+ s++;
+
+ /* Process this header. */
+- if (value && value > field+2) {
+- char *ff = (char *) malloc (value-field);
++ if (value && value > field + 2) {
++ char *ff = (char *)malloc(value - field);
+ char *ss = ff;
+- while (field < value-1)
++ while (field < value - 1)
+ *ss++ = tolower(*field++);
+ *ss++ = 0;
+
+- if (!strcmp (ff, "content-length")) {
++ if (!strcmp(ff, "content-length")) {
+ const char *e;
+- while (*value && isspace (*value))
++ while (*value && isspace(*value))
+ value++;
+ for (e = value; *e && *e != '\r' && *e != '\n'; e++)
+ ;
+- ss = (char *) malloc (e - value + 1);
+- strncpy (ss, value, e - value);
++ ss = (char *)malloc(e - value + 1);
++ strncpy(ss, value, e - value);
+ ss[e - value] = 0;
+ content_length = atoi(ss);
+- free (ss);
++ free(ss);
+ }
+- free (ff);
++ free(ff);
+ }
+ }
+ return (content_length);
+ }
+
+-char *
+-prepend_slash (char *path)
+-{
++char *prepend_slash(char *path) {
+ char *newpath;
+
+ if (path[0] == '/')
+ return path;
+
+- if ((newpath = malloc (strlen(path) + 2)) == NULL)
+- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
++ if ((newpath = malloc(strlen(path) + 2)) == NULL)
++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
+ newpath[0] = '/';
+- strcpy (newpath + 1, path);
+- free (path);
++ strcpy(newpath + 1, path);
++ free(path);
+ return newpath;
+ }
+
+-int
+-check_http (void)
+-{
++int check_http(void) {
+ char *msg;
+ char *status_line;
+ char *status_code;
+@@ -937,62 +916,73 @@ check_http (void)
+ char *force_host_header = NULL;
+
+ /* try to connect to the host at the given port number */
+- gettimeofday (&tv_temp, NULL);
+- if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
+- die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
+- microsec_connect = deltime (tv_temp);
++ gettimeofday(&tv_temp, NULL);
++ if (my_tcp_connect(server_address, server_port, &sd) != STATE_OK)
++ die(STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
++ microsec_connect = deltime(tv_temp);
+
+- /* if we are called with the -I option, the -j method is CONNECT and */
+- /* we received -S for SSL, then we tunnel the request through a proxy*/
+- /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
++ /* if we are called with the -I option, the -j method is CONNECT and */
++ /* we received -S for SSL, then we tunnel the request through a proxy*/
++ /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
+
+- if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
+- && host_name != NULL && use_ssl == true) {
++ if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
++ host_name != NULL && use_ssl == true) {
+
+- if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
+- asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
++ if (verbose)
++ printf("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n",
++ server_address, server_port, host_name, HTTPS_PORT);
++ asprintf(&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name,
++ HTTPS_PORT, user_agent);
+ if (strlen(proxy_auth)) {
+- base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth);
+- xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
++ base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth);
++ xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
+ }
+ /* optionally send any other header tag */
+ if (http_opt_headers_count) {
+- for (i = 0; i < http_opt_headers_count ; i++) {
++ for (i = 0; i < http_opt_headers_count; i++) {
+ if (force_host_header != http_opt_headers[i]) {
+- xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
++ xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]);
+ }
+ }
+- /* This cannot be free'd here because a redirection will then try to access this and segfault */
++ /* This cannot be free'd here because a redirection will then try to
++ * access this and segfault */
+ /* Covered in a testcase in tests/check_http.t */
+ /* free(http_opt_headers); */
+ }
+- asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf);
+- asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
++ asprintf(&buf, "%sProxy-Connection: keep-alive\r\n", buf);
++ asprintf(&buf, "%sHost: %s\r\n", buf, host_name);
+ /* we finished our request, send empty line with CRLF */
+- asprintf (&buf, "%s%s", buf, CRLF);
+- if (verbose) printf ("%s\n", buf);
+- send(sd, buf, strlen (buf), 0);
+- buf[0]='\0';
+-
+- if (verbose) printf ("Receive response from proxy\n");
+- read (sd, buffer, MAX_INPUT_BUFFER-1);
+- if (verbose) printf ("%s", buffer);
++ asprintf(&buf, "%s%s", buf, CRLF);
++ if (verbose)
++ printf("%s\n", buf);
++ send(sd, buf, strlen(buf), 0);
++ buf[0] = '\0';
++
++ if (verbose)
++ printf("Receive response from proxy\n");
++ read(sd, buffer, MAX_INPUT_BUFFER - 1);
++ if (verbose)
++ printf("%s", buffer);
+ /* Here we should check if we got HTTP/1.1 200 Connection established */
+ }
+ #ifdef HAVE_SSL
+ elapsed_time_connect = (double)microsec_connect / 1.0e6;
+ if (use_ssl == true) {
+- gettimeofday (&tv_temp, NULL);
+- result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
+- if (verbose) printf ("SSL initialized\n");
++ gettimeofday(&tv_temp, NULL);
++ result = np_net_ssl_init_with_hostname_version_and_cert(
++ sd, (use_sni ? host_name : NULL), ssl_version, client_cert,
++ client_privkey);
++ if (verbose)
++ printf("SSL initialized\n");
+ if (result != STATE_OK)
+- die (STATE_CRITICAL, NULL);
+- microsec_ssl = deltime (tv_temp);
++ die(STATE_CRITICAL, NULL);
++ microsec_ssl = deltime(tv_temp);
+ elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
+ if (check_cert == true) {
+ result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
+ if (continue_after_check_cert == false) {
+- if (sd) close(sd);
++ if (sd)
++ close(sd);
+ np_net_ssl_cleanup();
+ return result;
+ }
+@@ -1000,18 +990,20 @@ check_http (void)
+ }
+ #endif /* HAVE_SSL */
+
+- if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
+- && host_name != NULL && use_ssl == true)
+- asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
++ if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
++ host_name != NULL && use_ssl == true)
++ asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url,
++ host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+ else
+- asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
++ asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method, server_url,
++ host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+
+ /* tell HTTP/1.1 servers not to keep the connection alive */
+- xasprintf (&buf, "%sConnection: close\r\n", buf);
++ xasprintf(&buf, "%sConnection: close\r\n", buf);
+
+ /* check if Host header is explicitly set in options */
+ if (http_opt_headers_count) {
+- for (i = 0; i < http_opt_headers_count ; i++) {
++ for (i = 0; i < http_opt_headers_count; i++) {
+ if (strncmp(http_opt_headers[i], "Host:", 5) == 0) {
+ force_host_header = http_opt_headers[i];
+ }
+@@ -1021,9 +1013,8 @@ check_http (void)
+ /* optionally send the host header info */
+ if (host_name) {
+ if (force_host_header) {
+- xasprintf (&buf, "%s%s\r\n", buf, force_host_header);
+- }
+- else {
++ xasprintf(&buf, "%s%s\r\n", buf, force_host_header);
++ } else {
+ /*
+ * Specify the port only if we're using a non-default port (see RFC 2616,
+ * 14.23). Some server applications/configurations cause trouble if the
+@@ -1031,65 +1022,69 @@ check_http (void)
+ */
+ if ((use_ssl == false && virtual_port == HTTP_PORT) ||
+ (use_ssl == true && virtual_port == HTTPS_PORT) ||
+- (server_address != NULL && strcmp(http_method, "CONNECT") == 0
+- && host_name != NULL && use_ssl == true))
+- xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
++ (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
++ host_name != NULL && use_ssl == true))
++ xasprintf(&buf, "%sHost: %s\r\n", buf, host_name);
+ else
+- xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
++ xasprintf(&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
+ }
+ }
+
+ /* optionally send any other header tag */
+ if (http_opt_headers_count) {
+- for (i = 0; i < http_opt_headers_count ; i++) {
++ for (i = 0; i < http_opt_headers_count; i++) {
+ if (force_host_header != http_opt_headers[i]) {
+- xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
++ xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]);
+ }
+ }
+- /* This cannot be free'd here because a redirection will then try to access this and segfault */
++ /* This cannot be free'd here because a redirection will then try to access
++ * this and segfault */
+ /* Covered in a testcase in tests/check_http.t */
+ /* free(http_opt_headers); */
+ }
+
+ /* optionally send the authentication info */
+ if (strlen(user_auth)) {
+- base64_encode_alloc (user_auth, strlen (user_auth), &auth);
+- xasprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
++ base64_encode_alloc(user_auth, strlen(user_auth), &auth);
++ xasprintf(&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
+ }
+
+ /* optionally send the proxy authentication info */
+ if (strlen(proxy_auth)) {
+- base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth);
+- xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
++ base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth);
++ xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
+ }
+
+ /* either send http POST data (any data, not only POST)*/
+ if (http_post_data) {
+ if (http_content_type) {
+- xasprintf (&buf, "%sContent-Type: %s\r\n", buf, http_content_type);
++ xasprintf(&buf, "%sContent-Type: %s\r\n", buf, http_content_type);
+ } else {
+- xasprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf);
++ xasprintf(&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n",
++ buf);
+ }
+
+- xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data));
+- xasprintf (&buf, "%s%s", buf, http_post_data);
++ xasprintf(&buf, "%sContent-Length: %i\r\n\r\n", buf,
++ (int)strlen(http_post_data));
++ xasprintf(&buf, "%s%s", buf, http_post_data);
+ } else {
+ /* or just a newline so the server knows we're done with the request */
+- xasprintf (&buf, "%s%s", buf, CRLF);
++ xasprintf(&buf, "%s%s", buf, CRLF);
+ }
+
+- if (verbose) printf ("%s\n", buf);
+- gettimeofday (&tv_temp, NULL);
+- my_send (buf, strlen (buf));
+- microsec_headers = deltime (tv_temp);
++ if (verbose)
++ printf("%s\n", buf);
++ gettimeofday(&tv_temp, NULL);
++ my_send(buf, strlen(buf));
++ microsec_headers = deltime(tv_temp);
+ elapsed_time_headers = (double)microsec_headers / 1.0e6;
+
+ /* fetch the page */
+ full_page = strdup("");
+- gettimeofday (&tv_temp, NULL);
+- while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {
++ gettimeofday(&tv_temp, NULL);
++ while ((i = my_recv(buffer, MAX_INPUT_BUFFER - 1)) > 0) {
+ if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) {
+- microsec_firstbyte = deltime (tv_temp);
++ microsec_firstbyte = deltime(tv_temp);
+ elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
+ }
+ while (pos = memchr(buffer, '\0', i)) {
+@@ -1107,12 +1102,12 @@ check_http (void)
+
+ pagesize += i;
+
+- if (no_body && document_headers_done (full_page)) {
+- i = 0;
+- break;
+- }
++ if (no_body && document_headers_done(full_page)) {
++ i = 0;
++ break;
++ }
+ }
+- microsec_transfer = deltime (tv_temp);
++ microsec_transfer = deltime(tv_temp);
+ elapsed_time_transfer = (double)microsec_transfer / 1.0e6;
+
+ if (i < 0 && errno != ECONNRESET) {
+@@ -1129,176 +1124,187 @@ check_http (void)
+ else {
+ */
+ #endif
+- die (STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
++ die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
+ #ifdef HAVE_SSL
+- /* XXX
+- }
+- */
++ /* XXX
++ }
++ */
+ #endif
+ }
+
+ /* return a CRITICAL status if we couldn't read any data */
+- if (pagesize == (size_t) 0)
+- die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n"));
++ if (pagesize == (size_t)0)
++ die(STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n"));
+
+ /* close the connection */
+- if (sd) close(sd);
++ if (sd)
++ close(sd);
+ #ifdef HAVE_SSL
+ np_net_ssl_cleanup();
+ #endif
+
+ /* Save check time */
+- microsec = deltime (tv);
++ microsec = deltime(tv);
+ elapsed_time = (double)microsec / 1.0e6;
+
+ /* leave full_page untouched so we can free it later */
+ page = full_page;
+
+ if (verbose)
+- printf ("%s://%s:%d%s is %d characters\n",
+- use_ssl ? "https" : "http", server_address,
+- server_port, server_url, (int)pagesize);
++ printf("%s://%s:%d%s is %d characters\n", use_ssl ? "https" : "http",
++ server_address, server_port, server_url, (int)pagesize);
+
+ /* find status line and null-terminate it */
+ status_line = page;
+- page += (size_t) strcspn (page, "\r\n");
++ page += (size_t)strcspn(page, "\r\n");
+ pos = page;
+- page += (size_t) strspn (page, "\r\n");
++ page += (size_t)strspn(page, "\r\n");
+ status_line[strcspn(status_line, "\r\n")] = 0;
+- strip (status_line);
++ strip(status_line);
+ if (verbose)
+- printf ("STATUS: %s\n", status_line);
++ printf("STATUS: %s\n", status_line);
+
+ /* find header info and null-terminate it */
+ header = page;
+- while (strcspn (page, "\r\n") > 0) {
+- page += (size_t) strcspn (page, "\r\n");
++ while (strcspn(page, "\r\n") > 0) {
++ page += (size_t)strcspn(page, "\r\n");
+ pos = page;
+- if ((strspn (page, "\r") == 1 && strspn (page, "\r\n") >= 2) ||
+- (strspn (page, "\n") == 1 && strspn (page, "\r\n") >= 2))
+- page += (size_t) 2;
++ if ((strspn(page, "\r") == 1 && strspn(page, "\r\n") >= 2) ||
++ (strspn(page, "\n") == 1 && strspn(page, "\r\n") >= 2))
++ page += (size_t)2;
+ else
+- page += (size_t) 1;
++ page += (size_t)1;
+ }
+- page += (size_t) strspn (page, "\r\n");
++ page += (size_t)strspn(page, "\r\n");
+ header[pos - header] = 0;
+ if (verbose)
+- printf ("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header,
+- (no_body ? " [[ skipped ]]" : page));
++ printf("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header,
++ (no_body ? " [[ skipped ]]" : page));
+
+ /* make sure the status line matches the response we are looking for */
+- if (!expected_statuscode (status_line, server_expect)) {
++ if (!expected_statuscode(status_line, server_expect)) {
+ if (server_port == HTTP_PORT)
+- xasprintf (&msg,
+- _("Invalid HTTP response received from host: %s\n"),
++ xasprintf(&msg, _("Invalid HTTP response received from host: %s\n"),
+ status_line);
+ else
+- xasprintf (&msg,
++ xasprintf(&msg,
+ _("Invalid HTTP response received from host on port %d: %s\n"),
+ server_port, status_line);
+ if (show_body)
+- xasprintf (&msg, _("%s\n%s"), msg, page);
+- die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
++ xasprintf(&msg, _("%s\n%s"), msg, page);
++ die(STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
+ }
+
+- /* Bypass normal status line check if server_expect was set by user and not default */
+- /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string */
+- if ( server_expect_yn ) {
+- xasprintf (&msg,
+- _("Status line output matched \"%s\" - "), server_expect);
++ /* Bypass normal status line check if server_expect was set by user and not
++ * default */
++ /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string
++ */
++ if (server_expect_yn) {
++ xasprintf(&msg, _("Status line output matched \"%s\" - "), server_expect);
+ if (verbose)
+- printf ("%s\n",msg);
+- }
+- else {
++ printf("%s\n", msg);
++ } else {
+ /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */
+ /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */
+ /* Status-Code = 3 DIGITS */
+
+- status_code = strchr (status_line, ' ') + sizeof (char);
+- if (strspn (status_code, "1234567890") != 3)
+- die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), status_line);
++ status_code = strchr(status_line, ' ') + sizeof(char);
++ if (strspn(status_code, "1234567890") != 3)
++ die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"),
++ status_line);
+
+- http_status = atoi (status_code);
++ http_status = atoi(status_code);
+
+ /* check the return code */
+
+ if (http_status >= 600 || http_status < 100) {
+- die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), status_line);
++ die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"),
++ status_line);
+ }
+ /* server errors result in a critical state */
+ else if (http_status >= 500) {
+- xasprintf (&msg, _("%s - "), status_line);
++ xasprintf(&msg, _("%s - "), status_line);
+ result = STATE_CRITICAL;
+ }
+ /* client errors result in a warning state */
+ else if (http_status >= 400) {
+- xasprintf (&msg, _("%s - "), status_line);
++ xasprintf(&msg, _("%s - "), status_line);
+ result = max_state_alt(STATE_WARNING, result);
+ }
+ /* check redirected page if specified */
+ else if (http_status >= 300) {
+
+ if (onredirect == STATE_DEPENDENT)
+- redir (header, status_line);
++ redir(header, status_line);
+ else
+ result = max_state_alt(onredirect, result);
+- xasprintf (&msg, _("%s - "), status_line);
++ xasprintf(&msg, _("%s - "), status_line);
+ } /* end if (http_status >= 300) */
+ else {
+ /* Print OK status anyway */
+- xasprintf (&msg, _("%s - "), status_line);
++ xasprintf(&msg, _("%s - "), status_line);
+ }
+
+ } /* end else (server_expect_yn) */
+
+- /* reset the alarm - must be called *after* redir or we'll never die on redirects! */
+- alarm (0);
++ /* reset the alarm - must be called *after* redir or we'll never die on
++ * redirects! */
++ alarm(0);
+
+ if (maximum_age >= 0) {
+ result = max_state_alt(check_document_dates(header, &msg), result);
+ }
+
+ /* Page and Header content checks go here */
+- if (strlen (header_expect)) {
+- if (!strstr (header, header_expect)) {
+- strncpy(&output_header_search[0],header_expect,sizeof(output_header_search));
+- if(output_header_search[sizeof(output_header_search)-1]!='\0') {
+- bcopy("...",&output_header_search[sizeof(output_header_search)-4],4);
++ if (strlen(header_expect)) {
++ if (!strstr(header, header_expect)) {
++ strncpy(&output_header_search[0], header_expect,
++ sizeof(output_header_search));
++ if (output_header_search[sizeof(output_header_search) - 1] != '\0') {
++ bcopy("...", &output_header_search[sizeof(output_header_search) - 4],
++ 4);
+ }
+- xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
++ xasprintf(&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg,
++ output_header_search, use_ssl ? "https" : "http",
++ host_name ? host_name : server_address, server_port,
++ server_url);
+ result = STATE_CRITICAL;
+ }
+ }
+
+-
+- if (strlen (string_expect)) {
+- if (!strstr (page, string_expect)) {
+- strncpy(&output_string_search[0],string_expect,sizeof(output_string_search));
+- if(output_string_search[sizeof(output_string_search)-1]!='\0') {
+- bcopy("...",&output_string_search[sizeof(output_string_search)-4],4);
++ if (strlen(string_expect)) {
++ if (!strstr(page, string_expect)) {
++ strncpy(&output_string_search[0], string_expect,
++ sizeof(output_string_search));
++ if (output_string_search[sizeof(output_string_search) - 1] != '\0') {
++ bcopy("...", &output_string_search[sizeof(output_string_search) - 4],
++ 4);
+ }
+- xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
++ xasprintf(&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg,
++ output_string_search, use_ssl ? "https" : "http",
++ host_name ? host_name : server_address, server_port,
++ server_url);
+ result = STATE_CRITICAL;
+ }
+ }
+
+- if (strlen (regexp)) {
+- errcode = regexec (&preg, page, REGS, pmatch, 0);
+- if ((errcode == 0 && invert_regex == 0) || (errcode == REG_NOMATCH && invert_regex == 1)) {
++ if (strlen(regexp)) {
++ errcode = regexec(&preg, page, REGS, pmatch, 0);
++ if ((errcode == 0 && invert_regex == 0) ||
++ (errcode == REG_NOMATCH && invert_regex == 1)) {
+ /* OK - No-op to avoid changing the logic around it */
+ result = max_state_alt(STATE_OK, result);
+- }
+- else if ((errcode == REG_NOMATCH && invert_regex == 0) || (errcode == 0 && invert_regex == 1)) {
++ } else if ((errcode == REG_NOMATCH && invert_regex == 0) ||
++ (errcode == 0 && invert_regex == 1)) {
+ if (invert_regex == 0)
+- xasprintf (&msg, _("%spattern not found, "), msg);
++ xasprintf(&msg, _("%spattern not found, "), msg);
+ else
+- xasprintf (&msg, _("%spattern found, "), msg);
++ xasprintf(&msg, _("%spattern found, "), msg);
+ result = STATE_CRITICAL;
+- }
+- else {
++ } else {
+ /* FIXME: Shouldn't that be UNKNOWN? */
+- regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
+- xasprintf (&msg, _("%sExecute Error: %s, "), msg, errbuf);
++ regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
++ xasprintf(&msg, _("%sExecute Error: %s, "), msg, errbuf);
+ result = STATE_CRITICAL;
+ }
+ }
+@@ -1314,68 +1320,64 @@ check_http (void)
+ */
+ page_len = pagesize;
+ if ((max_page_len > 0) && (page_len > max_page_len)) {
+- xasprintf (&msg, _("%spage size %d too large, "), msg, page_len);
++ xasprintf(&msg, _("%spage size %d too large, "), msg, page_len);
+ result = max_state_alt(STATE_WARNING, result);
+ } else if ((min_page_len > 0) && (page_len < min_page_len)) {
+- xasprintf (&msg, _("%spage size %d too small, "), msg, page_len);
++ xasprintf(&msg, _("%spage size %d too small, "), msg, page_len);
+ result = max_state_alt(STATE_WARNING, result);
+ }
+
+ /* Cut-off trailing characters */
+- if(msg[strlen(msg)-2] == ',')
+- msg[strlen(msg)-2] = '\0';
++ if (msg[strlen(msg) - 2] == ',')
++ msg[strlen(msg) - 2] = '\0';
+ else
+- msg[strlen(msg)-3] = '\0';
++ msg[strlen(msg) - 3] = '\0';
+
+ /* check elapsed time */
+ if (show_extended_perfdata)
+- xasprintf (&msg,
+- _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"),
+- msg, page_len, elapsed_time,
+- (display_html ? "" : ""),
+- perfd_time (elapsed_time),
+- perfd_size (page_len),
+- perfd_time_connect (elapsed_time_connect),
+- use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "",
+- perfd_time_headers (elapsed_time_headers),
+- perfd_time_firstbyte (elapsed_time_firstbyte),
+- perfd_time_transfer (elapsed_time_transfer));
++ xasprintf(
++ &msg,
++ _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"),
++ msg, page_len, elapsed_time, (display_html ? "" : ""),
++ perfd_time(elapsed_time), perfd_size(page_len),
++ perfd_time_connect(elapsed_time_connect),
++ use_ssl == true ? perfd_time_ssl(elapsed_time_ssl) : "",
++ perfd_time_headers(elapsed_time_headers),
++ perfd_time_firstbyte(elapsed_time_firstbyte),
++ perfd_time_transfer(elapsed_time_transfer));
+ else
+- xasprintf (&msg,
+- _("%s - %d bytes in %.3f second response time %s|%s %s"),
+- msg, page_len, elapsed_time,
+- (display_html ? "" : ""),
+- perfd_time (elapsed_time),
+- perfd_size (page_len));
++ xasprintf(&msg, _("%s - %d bytes in %.3f second response time %s|%s %s"),
++ msg, page_len, elapsed_time, (display_html ? "" : ""),
++ perfd_time(elapsed_time), perfd_size(page_len));
+
+ if (show_body)
+- xasprintf (&msg, _("%s\n%s"), msg, page);
++ xasprintf(&msg, _("%s\n%s"), msg, page);
+
+ result = max_state_alt(get_status(elapsed_time, thlds), result);
+
+- die (result, "HTTP %s: %s\n", state_text(result), msg);
++ die(result, "HTTP %s: %s\n", state_text(result), msg);
+ /* die failed? */
+ return STATE_UNKNOWN;
+ }
+
+-
+-
+ /* per RFC 2396 */
+ #define URI_HTTP "%5[HTPShtps]"
+-#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
++#define URI_HOST \
++ "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+ #define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */
+-#define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
++#define URI_PATH \
++ "%[-_.!~*'();/" \
++ "?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+ #define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH
+ #define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH
+ #define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT
+ #define HD4 URI_HTTP "://" URI_HOST
+-/* relative reference redirect like //www.site.org/test https://tools.ietf.org/html/rfc3986 */
++/* relative reference redirect like //www.site.org/test
++ * https://tools.ietf.org/html/rfc3986 */
+ #define HD5 "//" URI_HOST "/" URI_PATH
+ #define HD6 URI_PATH
+
+-void
+-redir (char *pos, char *status_line)
+-{
++void redir(char *pos, char *status_line) {
+ int i = 0;
+ char *x;
+ char xx[2];
+@@ -1383,101 +1385,101 @@ redir (char *pos, char *status_line)
+ char *addr;
+ char *url;
+
+- addr = malloc (MAX_IPV4_HOSTLENGTH + 1);
++ addr = malloc(MAX_IPV4_HOSTLENGTH + 1);
+ if (addr == NULL)
+- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n"));
++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n"));
+
+ memset(addr, 0, MAX_IPV4_HOSTLENGTH);
+- url = malloc (strcspn (pos, "\r\n"));
++ url = malloc(strcspn(pos, "\r\n"));
+ if (url == NULL)
+- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
+
+ while (pos) {
+- sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i);
++ sscanf(pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n",
++ xx, &i);
+ if (i == 0) {
+- pos += (size_t) strcspn (pos, "\r\n");
+- pos += (size_t) strspn (pos, "\r\n");
++ pos += (size_t)strcspn(pos, "\r\n");
++ pos += (size_t)strspn(pos, "\r\n");
+ if (strlen(pos) == 0)
+- die (STATE_UNKNOWN,
+- _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"),
+- status_line, (display_html ? "" : ""));
++ die(STATE_UNKNOWN,
++ _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"),
++ status_line, (display_html ? "" : ""));
+ continue;
+ }
+
+ pos += i;
+- pos += strspn (pos, " \t");
++ pos += strspn(pos, " \t");
+
+ /*
+ * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by
+ * preceding each extra line with at least one SP or HT.''
+ */
+- for (; (i = strspn (pos, "\r\n")); pos += i) {
++ for (; (i = strspn(pos, "\r\n")); pos += i) {
+ pos += i;
+- if (!(i = strspn (pos, " \t"))) {
+- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"),
+- display_html ? "" : "");
++ if (!(i = strspn(pos, " \t"))) {
++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"),
++ display_html ? "" : "");
+ }
+ }
+
+- url = realloc (url, strcspn (pos, "\r\n") + 1);
++ url = realloc(url, strcspn(pos, "\r\n") + 1);
+ if (url == NULL)
+- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
+
+ /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */
+- if (sscanf (pos, HD1, type, addr, &i, url) == 4) {
+- url = prepend_slash (url);
+- use_ssl = server_type_check (type);
++ if (sscanf(pos, HD1, type, addr, &i, url) == 4) {
++ url = prepend_slash(url);
++ use_ssl = server_type_check(type);
+ }
+
+ /* URI_HTTP URI_HOST URI_PATH */
+- else if (sscanf (pos, HD2, type, addr, url) == 3 ) {
+- url = prepend_slash (url);
+- use_ssl = server_type_check (type);
+- i = server_port_check (use_ssl);
++ else if (sscanf(pos, HD2, type, addr, url) == 3) {
++ url = prepend_slash(url);
++ use_ssl = server_type_check(type);
++ i = server_port_check(use_ssl);
+ }
+
+ /* URI_HTTP URI_HOST URI_PORT */
+- else if (sscanf (pos, HD3, type, addr, &i) == 3) {
+- strcpy (url, HTTP_URL);
+- use_ssl = server_type_check (type);
++ else if (sscanf(pos, HD3, type, addr, &i) == 3) {
++ strcpy(url, HTTP_URL);
++ use_ssl = server_type_check(type);
+ }
+
+ /* URI_HTTP URI_HOST */
+- else if (sscanf (pos, HD4, type, addr) == 2) {
+- strcpy (url, HTTP_URL);
+- use_ssl = server_type_check (type);
+- i = server_port_check (use_ssl);
++ else if (sscanf(pos, HD4, type, addr) == 2) {
++ strcpy(url, HTTP_URL);
++ use_ssl = server_type_check(type);
++ i = server_port_check(use_ssl);
+ }
+ /* URI_HTTP, URI_HOST, URI_PATH */
+- else if (sscanf (pos, HD5, addr, url) == 2) {
+- if(use_ssl){
+- strcpy (type,"https");
+- }
+- else{
+- strcpy (type, server_type);
++ else if (sscanf(pos, HD5, addr, url) == 2) {
++ if (use_ssl) {
++ strcpy(type, "https");
++ } else {
++ strcpy(type, server_type);
+ }
+- xasprintf (&url, "/%s", url);
+- use_ssl = server_type_check (type);
+- i = server_port_check (use_ssl);
++ xasprintf(&url, "/%s", url);
++ use_ssl = server_type_check(type);
++ i = server_port_check(use_ssl);
+ }
+
+ /* URI_PATH */
+- else if (sscanf (pos, HD6, url) == 1) {
++ else if (sscanf(pos, HD6, url) == 1) {
+ /* relative url */
+ if ((url[0] != '/')) {
+ if ((x = strrchr(server_url, '/')))
+ *x = '\0';
+- xasprintf (&url, "%s/%s", server_url, url);
++ xasprintf(&url, "%s/%s", server_url, url);
+ }
+ i = server_port;
+- strcpy (type, server_type);
+- strcpy (addr, host_name ? host_name : server_address);
++ strcpy(type, server_type);
++ strcpy(addr, host_name ? host_name : server_address);
+ }
+
+ else {
+- die (STATE_UNKNOWN,
+- _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"),
+- pos, (display_html ? "" : ""));
++ die(STATE_UNKNOWN,
++ _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), pos,
++ (display_html ? "" : ""));
+ }
+
+ break;
+@@ -1485,299 +1487,356 @@ redir (char *pos, char *status_line)
+ } /* end while (pos) */
+
+ if (++redir_depth > max_depth)
+- die (STATE_WARNING,
+- _("HTTP WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"),
+- max_depth, type, addr, i, url, (display_html ? "" : ""));
++ die(STATE_WARNING,
++ _("HTTP WARNING - maximum redirection depth %d exceeded - "
++ "%s://%s:%d%s%s\n"),
++ max_depth, type, addr, i, url, (display_html ? "" : ""));
+
+- if (server_port==i &&
+- !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
++ if (server_port == i && !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
+ (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) &&
+ !strcmp(server_url, url))
+- die (STATE_CRITICAL,
+- _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"),
+- type, addr, i, url, (display_html ? "" : ""));
++ die(STATE_CRITICAL,
++ _("HTTP CRITICAL - redirection creates an infinite loop - "
++ "%s://%s:%d%s%s\n"),
++ type, addr, i, url, (display_html ? "" : ""));
+
+- strcpy (server_type, type);
++ strcpy(server_type, type);
+
+- free (host_name);
+- host_name = strndup (addr, MAX_IPV4_HOSTLENGTH);
++ free(host_name);
++ host_name = strndup(addr, MAX_IPV4_HOSTLENGTH);
+
+ if (!(followsticky & STICKY_HOST)) {
+- free (server_address);
+- server_address = strndup (addr, MAX_IPV4_HOSTLENGTH);
++ free(server_address);
++ server_address = strndup(addr, MAX_IPV4_HOSTLENGTH);
+ }
+ if (!(followsticky & STICKY_PORT)) {
+ server_port = i;
+ }
+
+- free (server_url);
++ free(server_url);
+ server_url = url;
+
+ if (server_port > MAX_PORT)
+- die (STATE_UNKNOWN,
+- _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"),
+- MAX_PORT, server_type, server_address, server_port, server_url,
+- display_html ? "" : "");
++ die(STATE_UNKNOWN,
++ _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"),
++ MAX_PORT, server_type, server_address, server_port, server_url,
++ display_html ? "" : "");
+
+ /* reset virtual port */
+ virtual_port = server_port;
+
+ if (verbose)
+- printf (_("Redirection to %s://%s:%d%s\n"), server_type,
+- host_name ? host_name : server_address, server_port, server_url);
++ printf(_("Redirection to %s://%s:%d%s\n"), server_type,
++ host_name ? host_name : server_address, server_port, server_url);
+
+ free(addr);
+- check_http ();
++ check_http();
+ }
+
+-
+-bool
+-server_type_check (const char *type)
+-{
+- if (strcmp (type, "https"))
++bool server_type_check(const char *type) {
++ if (strcmp(type, "https"))
+ return false;
+ else
+ return true;
+ }
+
+-int
+-server_port_check (int ssl_flag)
+-{
++int server_port_check(int ssl_flag) {
+ if (ssl_flag)
+ return HTTPS_PORT;
+ else
+ return HTTP_PORT;
+ }
+
+-char *perfd_time (double elapsed_time)
+-{
+- return fperfdata ("time", elapsed_time, "s",
+- thlds->warning?true:false, thlds->warning?thlds->warning->end:0,
+- thlds->critical?true:false, thlds->critical?thlds->critical->end:0,
+- true, 0, true, socket_timeout);
++char *perfd_time(double elapsed_time) {
++ return fperfdata("time", elapsed_time, "s", thlds->warning ? true : false,
++ thlds->warning ? thlds->warning->end : 0,
++ thlds->critical ? true : false,
++ thlds->critical ? thlds->critical->end : 0, true, 0, true,
++ socket_timeout);
+ }
+
+-char *perfd_time_connect (double elapsed_time_connect)
+-{
+- return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout);
++char *perfd_time_connect(double elapsed_time_connect) {
++ return fperfdata("time_connect", elapsed_time_connect, "s", false, 0, false,
++ 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_time_ssl (double elapsed_time_ssl)
+-{
+- return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout);
++char *perfd_time_ssl(double elapsed_time_ssl) {
++ return fperfdata("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false,
++ 0, true, socket_timeout);
+ }
+
+-char *perfd_time_headers (double elapsed_time_headers)
+-{
+- return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout);
++char *perfd_time_headers(double elapsed_time_headers) {
++ return fperfdata("time_headers", elapsed_time_headers, "s", false, 0, false,
++ 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_time_firstbyte (double elapsed_time_firstbyte)
+-{
+- return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout);
++char *perfd_time_firstbyte(double elapsed_time_firstbyte) {
++ return fperfdata("time_firstbyte", elapsed_time_firstbyte, "s", false, 0,
++ false, 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_time_transfer (double elapsed_time_transfer)
+-{
+- return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout);
++char *perfd_time_transfer(double elapsed_time_transfer) {
++ return fperfdata("time_transfer", elapsed_time_transfer, "s", false, 0, false,
++ 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_size (int page_len)
+-{
+- return perfdata ("size", page_len, "B",
+- (min_page_len>0?true:false), min_page_len,
+- (min_page_len>0?true:false), 0,
+- true, 0, false, 0);
++char *perfd_size(int page_len) {
++ return perfdata("size", page_len, "B", (min_page_len > 0 ? true : false),
++ min_page_len, (min_page_len > 0 ? true : false), 0, true, 0,
++ false, 0);
+ }
+
+-void
+-print_help (void)
+-{
+- print_revision (progname, NP_VERSION);
++void print_help(void) {
++ print_revision(progname, NP_VERSION);
+
+- printf ("Copyright (c) 1999 Ethan Galstad \n");
+- printf (COPYRIGHT, copyright, email);
++ printf("Copyright (c) 1999 Ethan Galstad \n");
++ printf(COPYRIGHT, copyright, email);
+
+- printf ("%s\n", _("This plugin tests the HTTP service on the specified host. It can test"));
+- printf ("%s\n", _("normal (http) and secure (https) servers, follow redirects, search for"));
+- printf ("%s\n", _("strings and regular expressions, check connection times, and report on"));
+- printf ("%s\n", _("certificate expiration times."));
++ printf("%s\n", _("This plugin tests the HTTP service on the specified host. "
++ "It can test"));
++ printf("%s\n", _("normal (http) and secure (https) servers, follow "
++ "redirects, search for"));
++ printf("%s\n", _("strings and regular expressions, check connection times, "
++ "and report on"));
++ printf("%s\n", _("certificate expiration times."));
+
+- printf ("\n\n");
++ printf("\n\n");
+
+- print_usage ();
++ print_usage();
+
+ #ifdef HAVE_SSL
+- printf (_("In the first form, make an HTTP request."));
+- printf (_("In the second form, connect to the server and check the TLS certificate."));
++ printf(_("In the first form, make an HTTP request."));
++ printf(_("In the second form, connect to the server and check the TLS "
++ "certificate."));
+ #endif
+- printf (_("NOTE: One or both of -H and -I must be specified"));
++ printf(_("NOTE: One or both of -H and -I must be specified"));
+
+- printf ("\n");
++ printf("\n");
+
+- printf (UT_HELP_VRSN);
+- printf (UT_EXTRA_OPTS);
++ printf(UT_HELP_VRSN);
++ printf(UT_EXTRA_OPTS);
+
+- printf (" %s\n", "-H, --hostname=ADDRESS");
+- printf (" %s\n", _("Host name argument for servers using host headers (virtual host)"));
+- printf (" %s\n", _("Append a port to include it in the header (eg: example.com:5000)"));
+- printf (" %s\n", "-I, --IP-address=ADDRESS");
+- printf (" %s\n", _("IP address or name (use numeric address if possible to bypass DNS lookup)."));
+- printf (" %s\n", "-p, --port=INTEGER");
+- printf (" %s", _("Port number (default: "));
+- printf ("%d)\n", HTTP_PORT);
++ printf(" %s\n", "-H, --hostname=ADDRESS");
++ printf(" %s\n",
++ _("Host name argument for servers using host headers (virtual host)"));
++ printf(" %s\n",
++ _("Append a port to include it in the header (eg: example.com:5000)"));
++ printf(" %s\n", "-I, --IP-address=ADDRESS");
++ printf(" %s\n", _("IP address or name (use numeric address if possible to "
++ "bypass DNS lookup)."));
++ printf(" %s\n", "-p, --port=INTEGER");
++ printf(" %s", _("Port number (default: "));
++ printf("%d)\n", HTTP_PORT);
+
+- printf (UT_IPv46);
++ printf(UT_IPv46);
+
+ #ifdef HAVE_SSL
+- printf (" %s\n", "-S, --ssl=VERSION[+]");
+- printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents"));
+- printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
+- printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted."));
+- printf (" %s\n", "--sni");
+- printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
+- printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
+- printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443"));
+- printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use"));
+- printf (" %s\n", _(" --continue-after-certificate to override this behavior)"));
+- printf (" %s\n", "--continue-after-certificate");
+- printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check."));
+- printf (" %s\n", _("Does nothing unless -C is used."));
+- printf (" %s\n", "-J, --client-cert=FILE");
+- printf (" %s\n", _("Name of file that contains the client certificate (PEM format)"));
+- printf (" %s\n", _("to be used in establishing the SSL session"));
+- printf (" %s\n", "-K, --private-key=FILE");
+- printf (" %s\n", _("Name of file containing the private key (PEM format)"));
+- printf (" %s\n", _("matching the client certificate"));
++ printf(" %s\n", "-S, --ssl=VERSION[+]");
++ printf(" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is "
++ "optional, and prevents"));
++ printf(
++ " %s\n",
++ _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
++ printf(" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are "
++ "also accepted."));
++ printf(" %s\n", "--sni");
++ printf(" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
++ printf(" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
++ printf(" %s\n", _("Minimum number of days a certificate has to be valid. "
++ "Port defaults to 443"));
++ printf(" %s\n", _("(when this option is used the URL is not checked by "
++ "default. You can use"));
++ printf(" %s\n",
++ _(" --continue-after-certificate to override this behavior)"));
++ printf(" %s\n", "--continue-after-certificate");
++ printf(" %s\n", _("Allows the HTTP check to continue after performing the "
++ "certificate check."));
++ printf(" %s\n", _("Does nothing unless -C is used."));
++ printf(" %s\n", "-J, --client-cert=FILE");
++ printf(" %s\n",
++ _("Name of file that contains the client certificate (PEM format)"));
++ printf(" %s\n", _("to be used in establishing the SSL session"));
++ printf(" %s\n", "-K, --private-key=FILE");
++ printf(" %s\n", _("Name of file containing the private key (PEM format)"));
++ printf(" %s\n", _("matching the client certificate"));
+ #endif
+
+- printf (" %s\n", "-e, --expect=STRING");
+- printf (" %s\n", _("Comma-delimited list of strings, at least one of them is expected in"));
+- printf (" %s", _("the first (status) line of the server response (default: "));
+- printf ("%s)\n", HTTP_EXPECT);
+- printf (" %s\n", _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)"));
+- printf (" %s\n", "-d, --header-string=STRING");
+- printf (" %s\n", _("String to expect in the response headers"));
+- printf (" %s\n", "-s, --string=STRING");
+- printf (" %s\n", _("String to expect in the content"));
+- printf (" %s\n", "-u, --url=PATH");
+- printf (" %s\n", _("URL to GET or POST (default: /)"));
+- printf (" %s\n", "-P, --post=STRING");
+- printf (" %s\n", _("URL encoded http POST data"));
+- printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)");
+- printf (" %s\n", _("Set HTTP method."));
+- printf (" %s\n", "-N, --no-body");
+- printf (" %s\n", _("Don't wait for document body: stop reading after headers."));
+- printf (" %s\n", _("(Note that this still does an HTTP GET or POST, not a HEAD.)"));
+- printf (" %s\n", "-M, --max-age=SECONDS");
+- printf (" %s\n", _("Warn if document is more than SECONDS old. the number can also be of"));
+- printf (" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or \"10d\" for days."));
+- printf (" %s\n", "-T, --content-type=STRING");
+- printf (" %s\n", _("specify Content-Type header media type when POSTing\n"));
+-
+- printf (" %s\n", "-l, --linespan");
+- printf (" %s\n", _("Allow regex to span newlines (must precede -r or -R)"));
+- printf (" %s\n", "-r, --regex, --ereg=STRING");
+- printf (" %s\n", _("Search page for regex STRING"));
+- printf (" %s\n", "-R, --eregi=STRING");
+- printf (" %s\n", _("Search page for case-insensitive regex STRING"));
+- printf (" %s\n", "--invert-regex");
+- printf (" %s\n", _("Return CRITICAL if found, OK if not\n"));
+-
+- printf (" %s\n", "-a, --authorization=AUTH_PAIR");
+- printf (" %s\n", _("Username:password on sites with basic authentication"));
+- printf (" %s\n", "-b, --proxy-authorization=AUTH_PAIR");
+- printf (" %s\n", _("Username:password on proxy-servers with basic authentication"));
+- printf (" %s\n", "-A, --useragent=STRING");
+- printf (" %s\n", _("String to be sent in http header as \"User Agent\""));
+- printf (" %s\n", "-k, --header=STRING");
+- printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers"));
+- printf (" %s\n", "-E, --extended-perfdata");
+- printf (" %s\n", _("Print additional performance data"));
+- printf (" %s\n", "-B, --show-body");
+- printf (" %s\n", _("Print body content below status line"));
+- printf (" %s\n", "-L, --link");
+- printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
+- printf (" %s\n", "-f, --onredirect=");
+- printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the"));
+- printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same."));
+- printf (" %s\n", "--max-redirs=INTEGER");
+- printf (" %s", _("Maximal number of redirects (default: "));
+- printf ("%d)\n", DEFAULT_MAX_REDIRS);
+- printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
+- printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)"));
+- printf (UT_WARN_CRIT);
+-
+- printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
+-
+- printf (UT_VERBOSE);
+-
+- printf ("\n");
+- printf ("%s\n", _("Notes:"));
+- printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host."));
+- printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL"));
+- printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response"));
+- printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are"));
+- printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN"));
+- printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument."));
++ printf(" %s\n", "-e, --expect=STRING");
++ printf(" %s\n", _("Comma-delimited list of strings, at least one of them "
++ "is expected in"));
++ printf(" %s",
++ _("the first (status) line of the server response (default: "));
++ printf("%s)\n", HTTP_EXPECT);
++ printf(" %s\n", _("If specified skips all other status line logic (ex: "
++ "3xx, 4xx, 5xx processing)"));
++ printf(" %s\n", "-d, --header-string=STRING");
++ printf(" %s\n", _("String to expect in the response headers"));
++ printf(" %s\n", "-s, --string=STRING");
++ printf(" %s\n", _("String to expect in the content"));
++ printf(" %s\n", "-u, --url=PATH");
++ printf(" %s\n", _("URL to GET or POST (default: /)"));
++ printf(" %s\n", "-P, --post=STRING");
++ printf(" %s\n", _("URL encoded http POST data"));
++ printf(" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, "
++ "PUT, DELETE, CONNECT, CONNECT:POST)");
++ printf(" %s\n", _("Set HTTP method."));
++ printf(" %s\n", "-N, --no-body");
++ printf(" %s\n",
++ _("Don't wait for document body: stop reading after headers."));
++ printf(" %s\n",
++ _("(Note that this still does an HTTP GET or POST, not a HEAD.)"));
++ printf(" %s\n", "-M, --max-age=SECONDS");
++ printf(" %s\n", _("Warn if document is more than SECONDS old. the number "
++ "can also be of"));
++ printf(" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or "
++ "\"10d\" for days."));
++ printf(" %s\n", "-T, --content-type=STRING");
++ printf(" %s\n",
++ _("specify Content-Type header media type when POSTing\n"));
++
++ printf(" %s\n", "-l, --linespan");
++ printf(" %s\n", _("Allow regex to span newlines (must precede -r or -R)"));
++ printf(" %s\n", "-r, --regex, --ereg=STRING");
++ printf(" %s\n", _("Search page for regex STRING"));
++ printf(" %s\n", "-R, --eregi=STRING");
++ printf(" %s\n", _("Search page for case-insensitive regex STRING"));
++ printf(" %s\n", "--invert-regex");
++ printf(" %s\n", _("Return CRITICAL if found, OK if not\n"));
++
++ printf(" %s\n", "-a, --authorization=AUTH_PAIR");
++ printf(" %s\n", _("Username:password on sites with basic authentication"));
++ printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR");
++ printf(" %s\n",
++ _("Username:password on proxy-servers with basic authentication"));
++ printf(" %s\n", "-A, --useragent=STRING");
++ printf(" %s\n", _("String to be sent in http header as \"User Agent\""));
++ printf(" %s\n", "-k, --header=STRING");
++ printf(" %s\n", _("Any other tags to be sent in http header. Use multiple "
++ "times for additional headers"));
++ printf(" %s\n", "-E, --extended-perfdata");
++ printf(" %s\n", _("Print additional performance data"));
++ printf(" %s\n", "-B, --show-body");
++ printf(" %s\n", _("Print body content below status line"));
++ printf(" %s\n", "-L, --link");
++ printf(" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
++ printf(" %s\n",
++ "-f, --onredirect=");
++ printf(" %s\n", _("How to handle redirected pages. sticky is like follow "
++ "but stick to the"));
++ printf(
++ " %s\n",
++ _("specified IP address. stickyport also ensures port stays the same."));
++ printf(" %s\n", "--max-redirs=INTEGER");
++ printf(" %s", _("Maximal number of redirects (default: "));
++ printf("%d)\n", DEFAULT_MAX_REDIRS);
++ printf(" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
++ printf(" %s\n", _("Minimum page size required (bytes) : Maximum page size "
++ "required (bytes)"));
++ printf(UT_WARN_CRIT);
++
++ printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
++
++ printf(UT_VERBOSE);
++
++ printf("\n");
++ printf("%s\n", _("Notes:"));
++ printf(
++ " %s\n",
++ _("This plugin will attempt to open an HTTP connection with the host."));
++ printf(" %s\n", _("Successful connects return STATE_OK, refusals and "
++ "timeouts return STATE_CRITICAL"));
++ printf(" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, "
++ "but incorrect response"));
++ printf(" %s\n", _("messages from the host result in STATE_WARNING return "
++ "values. If you are"));
++ printf(" %s\n", _("checking a virtual server that uses 'host headers' you "
++ "must supply the FQDN"));
++ printf(" %s\n",
++ _("(fully qualified domain name) as the [host_name] argument."));
+
+ #ifdef HAVE_SSL
+- printf ("\n");
+- printf (" %s\n", _("This plugin can also check whether an SSL enabled web server is able to"));
+- printf (" %s\n", _("serve content (optionally within a specified time) or whether the X509 "));
+- printf (" %s\n", _("certificate is still valid for the specified number of days."));
+- printf ("\n");
+- printf (" %s\n", _("Please note that this plugin does not check if the presented server"));
+- printf (" %s\n", _("certificate matches the hostname of the server, or if the certificate"));
+- printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs."));
+- printf ("\n");
+- printf ("%s\n", _("Examples:"));
+- printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com");
+- printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,"));
+- printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
+- printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
+- printf (" %s\n", _("a STATE_CRITICAL will be returned."));
+- printf ("\n");
+- printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");
+- printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));
+- printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
+- printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));
+- printf (" %s\n\n", _("the certificate is expired."));
+- printf ("\n");
+- printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
+- printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,"));
+- printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
+- printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned."));
+- printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days"));
+-
+- printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
+- printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com "));
+- printf (" %s\n", _("all these options are needed: -I -p -u -S(sl) -j CONNECT -H "));
+- printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
+- printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
+- printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used"));
+- printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST"));
++ printf("\n");
++ printf(" %s\n", _("This plugin can also check whether an SSL enabled web "
++ "server is able to"));
++ printf(" %s\n", _("serve content (optionally within a specified time) or "
++ "whether the X509 "));
++ printf(" %s\n",
++ _("certificate is still valid for the specified number of days."));
++ printf("\n");
++ printf(
++ " %s\n",
++ _("Please note that this plugin does not check if the presented server"));
++ printf(" %s\n", _("certificate matches the hostname of the server, or if the "
++ "certificate"));
++ printf(" %s\n",
++ _("has a valid chain of trust to one of the locally installed CAs."));
++ printf("\n");
++ printf("%s\n", _("Examples:"));
++ printf(" %s\n\n",
++ "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com");
++ printf(" %s\n", _("When the 'www.verisign.com' server returns its content "
++ "within 5 seconds,"));
++ printf(" %s\n", _("a STATE_OK will be returned. When the server returns its "
++ "content but exceeds"));
++ printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. "
++ "When an error occurs,"));
++ printf(" %s\n", _("a STATE_CRITICAL will be returned."));
++ printf("\n");
++ printf(" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");
++ printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for "
++ "more than 14 days,"));
++ printf(" %s\n", _("a STATE_OK is returned. When the certificate is still "
++ "valid, but for less than"));
++ printf(" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL "
++ "will be returned when"));
++ printf(" %s\n\n", _("the certificate is expired."));
++ printf("\n");
++ printf(" %s\n\n",
++ "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
++ printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for "
++ "more than 30 days,"));
++ printf(" %s\n", _("a STATE_OK is returned. When the certificate is still "
++ "valid, but for less than"));
++ printf(" %s\n",
++ _("30 days, but more than 14 days, a STATE_WARNING is returned."));
++ printf(" %s\n", _("A STATE_CRITICAL will be returned when certificate "
++ "expires in less than 14 days"));
++
++ printf(" %s\n\n",
++ "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
++ printf(" %s\n",
++ _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S "
++ "-j CONNECT -H www.verisign.com "));
++ printf(" %s\n", _("all these options are needed: -I -p "
++ "-u -S(sl) -j CONNECT -H "));
++ printf(" %s\n", _("a STATE_OK will be returned. When the server returns its "
++ "content but exceeds"));
++ printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. "
++ "When an error occurs,"));
++ printf(" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to "
++ "the method you can set the method used"));
++ printf(" %s\n", _("inside the proxied connection: -j CONNECT:POST"));
+
+ #endif
+
+- printf (UT_SUPPORT);
+-
++ printf(UT_SUPPORT);
+ }
+
+-
+-
+-void
+-print_usage (void)
+-{
+- printf ("%s\n", _("Usage:"));
+- printf (" %s -H | -I [-u ] [-p ]\n",progname);
+- printf (" [-J ] [-K ]\n");
+- printf (" [-w ] [-c ] [-t ] [-L] [-E] [-a auth]\n");
+- printf (" [-b proxy_auth] [-f ]\n");
+- printf (" [-e ] [-d string] [-s string] [-l] [-r | -R ]\n");
+- printf (" [-P string] [-m :] [-4|-6] [-N] [-M ]\n");
+- printf (" [-A string] [-k string] [-S ] [--sni]\n");
+- printf (" [-T ] [-j method]\n");
+- printf (" %s -H | -I -C [,]\n",progname);
+- printf (" [-p ] [-t ] [-4|-6] [--sni]\n");
++void print_usage(void) {
++ printf("%s\n", _("Usage:"));
++ printf(" %s -H | -I [-u ] [-p ]\n", progname);
++ printf(" [-J ] [-K ]\n");
++ printf(" [-w ] [-c ] [-t ] [-L] "
++ "[-E] [-a auth]\n");
++ printf(" [-b proxy_auth] [-f "
++ "]\n");
++ printf(" [-e ] [-d string] [-s string] [-l] [-r | -R "
++ "]\n");
++ printf(" [-P string] [-m :] [-4|-6] [-N] [-M "
++ "]\n");
++ printf(" [-A string] [-k string] [-S ] [--sni]\n");
++ printf(" [-T ] [-j method]\n");
++ printf(" %s -H | -I -C [,]\n",
++ progname);
++ printf(" [-p ] [-t ] [-4|-6] [--sni]\n");
+ }
+
+From f58eca14de455c31a90916918350d1bfc3b8caf0 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Sun, 13 Nov 2022 19:01:33 +0100
+Subject: [PATCH 05/16] Remove dead code
+
+---
+ plugins/check_http.c | 18 ------------------
+ 1 file changed, 18 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 440c84229..ca8746b78 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -1111,25 +1111,7 @@ int check_http(void) {
+ elapsed_time_transfer = (double)microsec_transfer / 1.0e6;
+
+ if (i < 0 && errno != ECONNRESET) {
+-#ifdef HAVE_SSL
+- /*
+- if (use_ssl) {
+- sslerr=SSL_get_error(ssl, i);
+- if ( sslerr == SSL_ERROR_SSL ) {
+- die (STATE_WARNING, _("HTTP WARNING - Client Certificate Required\n"));
+- } else {
+- die (STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
+- }
+- }
+- else {
+- */
+-#endif
+ die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n"));
+-#ifdef HAVE_SSL
+- /* XXX
+- }
+- */
+-#endif
+ }
+
+ /* return a CRITICAL status if we couldn't read any data */
+
+From bbfff3affb2601327b7ef09457edced731aa7d37 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Sun, 13 Nov 2022 23:03:25 +0100
+Subject: [PATCH 06/16] Remove legacy comments and add some new ones
+
+---
+ plugins/check_http.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index ca8746b78..859e3e35c 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -31,9 +31,6 @@
+ *
+ *****************************************************************************/
+
+-/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/
+- * ../../plugins/check_http.c */
+-
+ const char *progname = "check_http";
+ const char *copyright = "1999-2022";
+ const char *email = "devel@monitoring-plugins.org";
+@@ -136,6 +133,7 @@ char buffer[MAX_INPUT_BUFFER];
+ char *client_cert = NULL;
+ char *client_privkey = NULL;
+
++// Forward function declarations
+ bool process_arguments(int, char **);
+ int check_http(void);
+ void redir(char *pos, char *status_line);
+
+From 350972bf011c6dfd9bae2d761842c928b9255d2f Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Sun, 13 Nov 2022 23:06:51 +0100
+Subject: [PATCH 07/16] Restructure code a bit to put things where they are
+ actually needed
+
+---
+ plugins/check_http.c | 12 +++++++-----
+ 1 file changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 859e3e35c..a2c7571bb 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -103,8 +103,6 @@ int server_expect_yn = 0;
+ char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT;
+ char header_expect[MAX_INPUT_BUFFER] = "";
+ char string_expect[MAX_INPUT_BUFFER] = "";
+-char output_header_search[30] = "";
+-char output_string_search[30] = "";
+ char *warning_thresholds = NULL;
+ char *critical_thresholds = NULL;
+ thresholds *thlds;
+@@ -1236,8 +1234,10 @@ int check_http(void) {
+ }
+
+ /* Page and Header content checks go here */
+- if (strlen(header_expect)) {
+- if (!strstr(header, header_expect)) {
++ if (strlen(header_expect) > 0) {
++ if (strstr(header, header_expect) == NULL) {
++ // We did not find the header, the rest is for building the output and setting the state
++ char output_header_search[30] = "";
+ strncpy(&output_header_search[0], header_expect,
+ sizeof(output_header_search));
+ if (output_header_search[sizeof(output_header_search) - 1] != '\0') {
+@@ -1254,6 +1254,8 @@ int check_http(void) {
+
+ if (strlen(string_expect)) {
+ if (!strstr(page, string_expect)) {
++ // We found the string the body, the rest is for building the output
++ char output_string_search[30] = "";
+ strncpy(&output_string_search[0], string_expect,
+ sizeof(output_string_search));
+ if (output_string_search[sizeof(output_string_search) - 1] != '\0') {
+@@ -1268,7 +1270,7 @@ int check_http(void) {
+ }
+ }
+
+- if (strlen(regexp)) {
++ if (strlen(regexp) > 0) {
+ errcode = regexec(&preg, page, REGS, pmatch, 0);
+ if ((errcode == 0 && invert_regex == 0) ||
+ (errcode == REG_NOMATCH && invert_regex == 1)) {
+
+From 34e565a1fa04ea6e878eb203e386efa1bd1ea52b Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Sun, 13 Nov 2022 23:07:14 +0100
+Subject: [PATCH 08/16] Implement chunked encoding decoding
+
+---
+ plugins/check_http.c | 103 ++++++++++++++++++++++++++++++++++++++++++-
+ 1 file changed, 102 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index a2c7571bb..5710cfe17 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -146,6 +146,7 @@ char *perfd_time_transfer(double microsec);
+ char *perfd_size(int page_len);
+ void print_help(void);
+ void print_usage(void);
++char *unchunk_content(char *content);
+
+ int main(int argc, char **argv) {
+ int result = STATE_UNKNOWN;
+@@ -1252,7 +1253,26 @@ int check_http(void) {
+ }
+ }
+
+- if (strlen(string_expect)) {
++ // At this point we should test if the content is chunked and unchunk it, so
++ // it can be searched (and possibly printed)
++ const char *chunked_header_regex_string = "Transfer-Encoding:\\s*chunked\\s*"CRLF;
++ regex_t chunked_header_regex;
++
++ if (regcomp(&chunked_header_regex, chunked_header_regex_string, 0)) {
++ die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to compile chunked_header_regex regex");
++ }
++
++ regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found
++
++ if (regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) {
++ // We actually found the chunked header
++ char *tmp = unchunk_content(page);
++ if (tmp == NULL) {
++ die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to unchunk message body");
++ }
++ }
++
++ if (strlen(string_expect) > 0) {
+ if (!strstr(page, string_expect)) {
+ // We found the string the body, the rest is for building the output
+ char output_string_search[30] = "";
+@@ -1342,6 +1362,87 @@ int check_http(void) {
+ return STATE_UNKNOWN;
+ }
+
++/* Receivces a pointer to the beginning of the body of a HTTP message
++ * which is chunked and returns a pointer to a freshly allocated memory
++ * region containing the unchunked body or NULL if something failed.
++ * The result must be freed by the caller.
++ */
++char *unchunk_content(const char *content) {
++ // https://en.wikipedia.org/wiki/Chunked_transfer_encoding
++ // https://www.rfc-editor.org/rfc/rfc7230#section-4.1
++ char *result = NULL;
++ size_t content_length = strlen(content);
++ char *start_of_chunk, end_of_chunk;
++ long size_of_chunk;
++ char *pointer = content;
++ char *endptr;
++ long length_of_chunk = 0;
++ size_t overall_size = 0;
++ char *result_ptr;
++
++ while (true) {
++ size_of_chunk = strtol(pointer, &endptr, 16);
++ if (size_of_chunk == LONG_MIN || size_of_chunk == LONG_MAX) {
++ // Apparently underflow or overflow, should not happen
++ if (verbose) {
++ printf("Got an underflow or overflow from strtol at: %u\n", __LINE__);
++ }
++ return NULL;
++ }
++ if (endptr == pointer) {
++ // Apparently this was not a number
++ if (verbose) {
++ printf("Chunked content did not start with a number at all (Line: %u)\n", __LINE__);
++ }
++ return NULL
++ }
++
++ // So, we got the length of the chunk
++ if (*endptr == ';') {
++ // Chunk extension starts here
++ // TODO
++ while (*endptr != '\r') {
++ endptr++;
++ }
++ }
++
++ start_of_chunk = endptr + 2;
++ end_of_chunk = start_of_chunk + size_of_chunk;
++ length_of_chunk = end_of_chunk - start_of_chunk;
++
++ if (length_of_chunk == 0) {
++ // Chunk length is 0, so this is the last one
++ break;
++ }
++
++ overall_size += length_of_chunk;
++
++ if (result == NULL) {
++ result = (char *)calloc(length_of_chunk, sizeof(char));
++ if (result == NULL) {
++ if (verbose) {
++ printf("Failed to allocate memory for unchunked body\n");
++ }
++ return NULL;
++ }
++ result_ptr = result;
++ } else {
++ void *tmp = realloc(result, overall_size);
++ if (tmp == NULL) {
++ if (verbose) {
++ printf("Failed to allocate memory for unchunked body\n");
++ }
++ return NULL;
++ }
++ }
++
++ memcpy(result_ptr, start_of_chunk, size_of_chunk);
++ result_ptr = result_ptr + size_of_chunk;
++ }
++
++ return result
++}
++
+ /* per RFC 2396 */
+ #define URI_HTTP "%5[HTPShtps]"
+ #define URI_HOST \
+
+From 6fc520c492efb1e1125f375480d52cf16f4f86d0 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Mon, 14 Nov 2022 00:32:44 +0100
+Subject: [PATCH 09/16] Undo sorting of header file includes, it breaks the
+ build
+
+---
+ plugins/check_http.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 5710cfe17..5e4536e45 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -35,8 +35,10 @@ const char *progname = "check_http";
+ const char *copyright = "1999-2022";
+ const char *email = "devel@monitoring-plugins.org";
+
+-#include "base64.h"
++// Do NOT sort those headers, it will break the build
++// TODO: Fix this
+ #include "common.h"
++#include "base64.h"
+ #include "netutils.h"
+ #include "utils.h"
+ #include
+
+From 9d362bf38b98a3df76bb5f5589b8505a45caa5a6 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Mon, 14 Nov 2022 00:33:26 +0100
+Subject: [PATCH 10/16] Fix type of unchunk_content function declaration
+
+---
+ plugins/check_http.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 5e4536e45..3e021c56c 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -148,7 +148,7 @@ char *perfd_time_transfer(double microsec);
+ char *perfd_size(int page_len);
+ void print_help(void);
+ void print_usage(void);
+-char *unchunk_content(char *content);
++char *unchunk_content(const char *content);
+
+ int main(int argc, char **argv) {
+ int result = STATE_UNKNOWN;
+
+From 870c73e87e57dada8eb0a1bc597b2d2bcc358a37 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Mon, 14 Nov 2022 00:34:13 +0100
+Subject: [PATCH 11/16] Fix chunked header detection regex
+
+---
+ plugins/check_http.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 3e021c56c..1f7bd0b34 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -1257,10 +1257,10 @@ int check_http(void) {
+
+ // At this point we should test if the content is chunked and unchunk it, so
+ // it can be searched (and possibly printed)
+- const char *chunked_header_regex_string = "Transfer-Encoding:\\s*chunked\\s*"CRLF;
++ const char *chunked_header_regex_string = "Transfer-Encoding: *chunked *";
+ regex_t chunked_header_regex;
+
+- if (regcomp(&chunked_header_regex, chunked_header_regex_string, 0)) {
++ if (regcomp(&chunked_header_regex, chunked_header_regex_string, REG_ICASE)) {
+ die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to compile chunked_header_regex regex");
+ }
+
+
+From 701d0cfb8c229ca273b7c56571e47784cc62a024 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Mon, 14 Nov 2022 00:35:19 +0100
+Subject: [PATCH 12/16] Fix several bug in the implementation of unchunking
+
+---
+ plugins/check_http.c | 18 ++++++++++++------
+ 1 file changed, 12 insertions(+), 6 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 1f7bd0b34..d5b6b3740 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -1267,11 +1267,15 @@ int check_http(void) {
+ regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found
+
+ if (regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) {
++ if (verbose) {
++ printf("Found chunked content\n");
++ }
+ // We actually found the chunked header
+ char *tmp = unchunk_content(page);
+ if (tmp == NULL) {
+ die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to unchunk message body");
+ }
++ page = tmp;
+ }
+
+ if (strlen(string_expect) > 0) {
+@@ -1374,9 +1378,10 @@ char *unchunk_content(const char *content) {
+ // https://www.rfc-editor.org/rfc/rfc7230#section-4.1
+ char *result = NULL;
+ size_t content_length = strlen(content);
+- char *start_of_chunk, end_of_chunk;
++ char *start_of_chunk;
++ char* end_of_chunk;
+ long size_of_chunk;
+- char *pointer = content;
++ const char *pointer = content;
+ char *endptr;
+ long length_of_chunk = 0;
+ size_t overall_size = 0;
+@@ -1396,13 +1401,12 @@ char *unchunk_content(const char *content) {
+ if (verbose) {
+ printf("Chunked content did not start with a number at all (Line: %u)\n", __LINE__);
+ }
+- return NULL
++ return NULL;
+ }
+
+ // So, we got the length of the chunk
+ if (*endptr == ';') {
+ // Chunk extension starts here
+- // TODO
+ while (*endptr != '\r') {
+ endptr++;
+ }
+@@ -1410,7 +1414,8 @@ char *unchunk_content(const char *content) {
+
+ start_of_chunk = endptr + 2;
+ end_of_chunk = start_of_chunk + size_of_chunk;
+- length_of_chunk = end_of_chunk - start_of_chunk;
++ length_of_chunk = (long)(end_of_chunk - start_of_chunk);
++ pointer = end_of_chunk + 2; //Next number should be here
+
+ if (length_of_chunk == 0) {
+ // Chunk length is 0, so this is the last one
+@@ -1442,7 +1447,8 @@ char *unchunk_content(const char *content) {
+ result_ptr = result_ptr + size_of_chunk;
+ }
+
+- return result
++ result[overall_size] = '\0';
++ return result;
+ }
+
+ /* per RFC 2396 */
+
+From 5224a74ccd278ee085c1efd72f9bd77e3d832b15 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Thu, 22 Dec 2022 11:40:19 +0100
+Subject: [PATCH 13/16] Undo clang formatting
+
+---
+ plugins/check_http.c | 1635 ++++++++++++++++++++----------------------
+ 1 file changed, 790 insertions(+), 845 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index d5b6b3740..dbaa0d780 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -1,35 +1,35 @@
+ /*****************************************************************************
+- *
+- * Monitoring check_http plugin
+- *
+- * License: GPL
+- * Copyright (c) 1999-2013 Monitoring Plugins Development Team
+- *
+- * Description:
+- *
+- * This file contains the check_http plugin
+- *
+- * This plugin tests the HTTP service on the specified host. It can test
+- * normal (http) and secure (https) servers, follow redirects, search for
+- * strings and regular expressions, check connection times, and report on
+- * certificate expiration times.
+- *
+- *
+- * This program is free software: you can redistribute it and/or modify
+- * it under the terms of the GNU General Public License as published by
+- * the Free Software Foundation, either version 3 of the License, or
+- * (at your option) any later version.
+- *
+- * This program is distributed in the hope that it will be useful,
+- * but WITHOUT ANY WARRANTY; without even the implied warranty of
+- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+- * GNU General Public License for more details.
+- *
+- * You should have received a copy of the GNU General Public License
+- * along with this program. If not, see .
+- *
+- *
+- *****************************************************************************/
++*
++* Monitoring check_http plugin
++*
++* License: GPL
++* Copyright (c) 1999-2013 Monitoring Plugins Development Team
++*
++* Description:
++*
++* This file contains the check_http plugin
++*
++* This plugin tests the HTTP service on the specified host. It can test
++* normal (http) and secure (https) servers, follow redirects, search for
++* strings and regular expressions, check connection times, and report on
++* certificate expiration times.
++*
++*
++* This program is free software: you can redistribute it and/or modify
++* it under the terms of the GNU General Public License as published by
++* the Free Software Foundation, either version 3 of the License, or
++* (at your option) any later version.
++*
++* This program is distributed in the hope that it will be useful,
++* but WITHOUT ANY WARRANTY; without even the implied warranty of
++* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++* GNU General Public License for more details.
++*
++* You should have received a copy of the GNU General Public License
++* along with this program. If not, see .
++*
++*
++*****************************************************************************/
+
+ const char *progname = "check_http";
+ const char *copyright = "1999-2022";
+@@ -41,6 +41,7 @@ const char *email = "devel@monitoring-plugins.org";
+ #include "base64.h"
+ #include "netutils.h"
+ #include "utils.h"
++#include "base64.h"
+ #include
+
+ #define STICKY_NONE 0
+@@ -63,18 +64,19 @@ int ssl_version = 0;
+ int days_till_exp_warn, days_till_exp_crit;
+ char *randbuff;
+ X509 *server_cert;
+-#define my_recv(buf, len) \
+- ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
+-#define my_send(buf, len) \
+- ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
++# define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
++# define my_send(buf, len) ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
+ #else /* ifndef HAVE_SSL */
+-#define my_recv(buf, len) read(sd, buf, len)
+-#define my_send(buf, len) send(sd, buf, len, 0)
++# define my_recv(buf, len) read(sd, buf, len)
++# define my_send(buf, len) send(sd, buf, len, 0)
+ #endif /* HAVE_SSL */
+ bool no_body = false;
+ int maximum_age = -1;
+
+-enum { REGS = 2, MAX_RE_SIZE = 1024 };
++enum {
++ REGS = 2,
++ MAX_RE_SIZE = 1024
++};
+ #include "regex.h"
+ regex_t preg;
+ regmatch_t pmatch[REGS];
+@@ -134,68 +136,72 @@ char *client_cert = NULL;
+ char *client_privkey = NULL;
+
+ // Forward function declarations
+-bool process_arguments(int, char **);
+-int check_http(void);
+-void redir(char *pos, char *status_line);
++bool process_arguments (int, char **);
++int check_http (void);
++void redir (char *pos, char *status_line);
+ bool server_type_check(const char *type);
+ int server_port_check(int ssl_flag);
+-char *perfd_time(double microsec);
+-char *perfd_time_connect(double microsec);
+-char *perfd_time_ssl(double microsec);
+-char *perfd_time_firstbyte(double microsec);
+-char *perfd_time_headers(double microsec);
+-char *perfd_time_transfer(double microsec);
+-char *perfd_size(int page_len);
+-void print_help(void);
+-void print_usage(void);
++char *perfd_time (double microsec);
++char *perfd_time_connect (double microsec);
++char *perfd_time_ssl (double microsec);
++char *perfd_time_firstbyte (double microsec);
++char *perfd_time_headers (double microsec);
++char *perfd_time_transfer (double microsec);
++char *perfd_size (int page_len);
++void print_help (void);
++void print_usage (void);
+ char *unchunk_content(const char *content);
+
+-int main(int argc, char **argv) {
++int
++main (int argc, char **argv)
++{
+ int result = STATE_UNKNOWN;
+
+- setlocale(LC_ALL, "");
+- bindtextdomain(PACKAGE, LOCALEDIR);
+- textdomain(PACKAGE);
++ setlocale (LC_ALL, "");
++ bindtextdomain (PACKAGE, LOCALEDIR);
++ textdomain (PACKAGE);
+
+- /* Set default URL. Must be malloced for subsequent realloc if
+- * --onredirect=follow */
++ /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */
+ server_url = strdup(HTTP_URL);
+ server_url_length = strlen(server_url);
+- xasprintf(&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)",
++ xasprintf (&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)",
+ NP_VERSION, VERSION);
+
+ /* Parse extra opts if any */
+- argv = np_extra_opts(&argc, argv, progname);
++ argv=np_extra_opts (&argc, argv, progname);
+
+- if (process_arguments(argc, argv) == false)
+- usage4(_("Could not parse arguments"));
++ if (process_arguments (argc, argv) == false)
++ usage4 (_("Could not parse arguments"));
+
+ if (display_html == true)
+- printf("",
+- use_ssl ? "https" : "http", host_name ? host_name : server_address,
+- server_port, server_url);
++ printf ("",
++ use_ssl ? "https" : "http", host_name ? host_name : server_address,
++ server_port, server_url);
+
+ /* initialize alarm signal handling, set socket timeout, start timer */
+- (void)signal(SIGALRM, socket_timeout_alarm_handler);
+- (void)alarm(socket_timeout);
+- gettimeofday(&tv, NULL);
++ (void) signal (SIGALRM, socket_timeout_alarm_handler);
++ (void) alarm (socket_timeout);
++ gettimeofday (&tv, NULL);
+
+- result = check_http();
++ result = check_http ();
+ return result;
+ }
+
+ /* check whether a file exists */
+-void test_file(char *path) {
++void
++test_file (char *path)
++{
+ if (access(path, R_OK) == 0)
+ return;
+- usage2(_("file does not exist or is not readable"), path);
++ usage2 (_("file does not exist or is not readable"), path);
+ }
+
+ /*
+ * process command-line arguments
+ * returns true on succes, false otherwise
+- */
+-bool process_arguments(int argc, char **argv) {
++ */
++bool process_arguments (int argc, char **argv)
++{
+ int c = 1;
+ char *p;
+ char *temp;
+@@ -209,85 +215,83 @@ bool process_arguments(int argc, char **argv) {
+
+ int option = 0;
+ static struct option longopts[] = {
+- STD_LONG_OPTS,
+- {"link", no_argument, 0, 'L'},
+- {"nohtml", no_argument, 0, 'n'},
+- {"ssl", optional_argument, 0, 'S'},
+- {"sni", no_argument, 0, SNI_OPTION},
+- {"post", required_argument, 0, 'P'},
+- {"method", required_argument, 0, 'j'},
+- {"IP-address", required_argument, 0, 'I'},
+- {"url", required_argument, 0, 'u'},
+- {"port", required_argument, 0, 'p'},
+- {"authorization", required_argument, 0, 'a'},
+- {"proxy-authorization", required_argument, 0, 'b'},
+- {"header-string", required_argument, 0, 'd'},
+- {"string", required_argument, 0, 's'},
+- {"expect", required_argument, 0, 'e'},
+- {"regex", required_argument, 0, 'r'},
+- {"ereg", required_argument, 0, 'r'},
+- {"eregi", required_argument, 0, 'R'},
+- {"linespan", no_argument, 0, 'l'},
+- {"onredirect", required_argument, 0, 'f'},
+- {"certificate", required_argument, 0, 'C'},
+- {"client-cert", required_argument, 0, 'J'},
+- {"private-key", required_argument, 0, 'K'},
+- {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT},
+- {"useragent", required_argument, 0, 'A'},
+- {"header", required_argument, 0, 'k'},
+- {"no-body", no_argument, 0, 'N'},
+- {"max-age", required_argument, 0, 'M'},
+- {"content-type", required_argument, 0, 'T'},
+- {"pagesize", required_argument, 0, 'm'},
+- {"invert-regex", no_argument, NULL, INVERT_REGEX},
+- {"use-ipv4", no_argument, 0, '4'},
+- {"use-ipv6", no_argument, 0, '6'},
+- {"extended-perfdata", no_argument, 0, 'E'},
+- {"show-body", no_argument, 0, 'B'},
+- {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION},
+- {0, 0, 0, 0}};
++ STD_LONG_OPTS,
++ {"link", no_argument, 0, 'L'},
++ {"nohtml", no_argument, 0, 'n'},
++ {"ssl", optional_argument, 0, 'S'},
++ {"sni", no_argument, 0, SNI_OPTION},
++ {"post", required_argument, 0, 'P'},
++ {"method", required_argument, 0, 'j'},
++ {"IP-address", required_argument, 0, 'I'},
++ {"url", required_argument, 0, 'u'},
++ {"port", required_argument, 0, 'p'},
++ {"authorization", required_argument, 0, 'a'},
++ {"proxy-authorization", required_argument, 0, 'b'},
++ {"header-string", required_argument, 0, 'd'},
++ {"string", required_argument, 0, 's'},
++ {"expect", required_argument, 0, 'e'},
++ {"regex", required_argument, 0, 'r'},
++ {"ereg", required_argument, 0, 'r'},
++ {"eregi", required_argument, 0, 'R'},
++ {"linespan", no_argument, 0, 'l'},
++ {"onredirect", required_argument, 0, 'f'},
++ {"certificate", required_argument, 0, 'C'},
++ {"client-cert", required_argument, 0, 'J'},
++ {"private-key", required_argument, 0, 'K'},
++ {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT},
++ {"useragent", required_argument, 0, 'A'},
++ {"header", required_argument, 0, 'k'},
++ {"no-body", no_argument, 0, 'N'},
++ {"max-age", required_argument, 0, 'M'},
++ {"content-type", required_argument, 0, 'T'},
++ {"pagesize", required_argument, 0, 'm'},
++ {"invert-regex", no_argument, NULL, INVERT_REGEX},
++ {"use-ipv4", no_argument, 0, '4'},
++ {"use-ipv6", no_argument, 0, '6'},
++ {"extended-perfdata", no_argument, 0, 'E'},
++ {"show-body", no_argument, 0, 'B'},
++ {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION},
++ {0, 0, 0, 0}
++ };
+
+ if (argc < 2)
+ return false;
+
+ for (c = 1; c < argc; c++) {
+- if (strcmp("-to", argv[c]) == 0)
+- strcpy(argv[c], "-t");
+- if (strcmp("-hn", argv[c]) == 0)
+- strcpy(argv[c], "-H");
+- if (strcmp("-wt", argv[c]) == 0)
+- strcpy(argv[c], "-w");
+- if (strcmp("-ct", argv[c]) == 0)
+- strcpy(argv[c], "-c");
+- if (strcmp("-nohtml", argv[c]) == 0)
+- strcpy(argv[c], "-n");
++ if (strcmp ("-to", argv[c]) == 0)
++ strcpy (argv[c], "-t");
++ if (strcmp ("-hn", argv[c]) == 0)
++ strcpy (argv[c], "-H");
++ if (strcmp ("-wt", argv[c]) == 0)
++ strcpy (argv[c], "-w");
++ if (strcmp ("-ct", argv[c]) == 0)
++ strcpy (argv[c], "-c");
++ if (strcmp ("-nohtml", argv[c]) == 0)
++ strcpy (argv[c], "-n");
+ }
+
+ while (1) {
+- c = getopt_long(
+- argc, argv,
+- "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB",
+- longopts, &option);
++ c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option);
+ if (c == -1 || c == EOF)
+ break;
+
+ switch (c) {
+ case '?': /* usage */
+- usage5();
++ usage5 ();
+ break;
+ case 'h': /* help */
+- print_help();
+- exit(STATE_UNKNOWN);
++ print_help ();
++ exit (STATE_UNKNOWN);
+ break;
+ case 'V': /* version */
+- print_revision(progname, NP_VERSION);
+- exit(STATE_UNKNOWN);
++ print_revision (progname, NP_VERSION);
++ exit (STATE_UNKNOWN);
+ break;
+ case 't': /* timeout period */
+- if (!is_intnonneg(optarg))
+- usage2(_("Timeout interval must be a positive integer"), optarg);
++ if (!is_intnonneg (optarg))
++ usage2 (_("Timeout interval must be a positive integer"), optarg);
+ else
+- socket_timeout = atoi(optarg);
++ socket_timeout = atoi (optarg);
+ break;
+ case 'c': /* critical time threshold */
+ critical_thresholds = optarg;
+@@ -296,14 +300,13 @@ bool process_arguments(int argc, char **argv) {
+ warning_thresholds = optarg;
+ break;
+ case 'A': /* User Agent String */
+- xasprintf(&user_agent, "User-Agent: %s", optarg);
++ xasprintf (&user_agent, "User-Agent: %s", optarg);
+ break;
+ case 'k': /* Additional headers */
+ if (http_opt_headers_count == 0)
+- http_opt_headers = malloc(sizeof(char *) * (++http_opt_headers_count));
++ http_opt_headers = malloc (sizeof (char *) * (++http_opt_headers_count));
+ else
+- http_opt_headers = realloc(http_opt_headers,
+- sizeof(char *) * (++http_opt_headers_count));
++ http_opt_headers = realloc (http_opt_headers, sizeof (char *) * (++http_opt_headers_count));
+ http_opt_headers[http_opt_headers_count - 1] = optarg;
+ /* xasprintf (&http_opt_headers, "%s", optarg); */
+ break;
+@@ -315,27 +318,27 @@ bool process_arguments(int argc, char **argv) {
+ break;
+ case 'C': /* Check SSL cert validity */
+ #ifdef HAVE_SSL
+- if ((temp = strchr(optarg, ',')) != NULL) {
+- *temp = '\0';
+- if (!is_intnonneg(optarg))
+- usage2(_("Invalid certificate expiration period"), optarg);
++ if ((temp=strchr(optarg,','))!=NULL) {
++ *temp='\0';
++ if (!is_intnonneg (optarg))
++ usage2 (_("Invalid certificate expiration period"), optarg);
+ days_till_exp_warn = atoi(optarg);
+- *temp = ',';
++ *temp=',';
+ temp++;
+- if (!is_intnonneg(temp))
+- usage2(_("Invalid certificate expiration period"), temp);
+- days_till_exp_crit = atoi(temp);
+- } else {
+- days_till_exp_crit = 0;
+- if (!is_intnonneg(optarg))
+- usage2(_("Invalid certificate expiration period"), optarg);
+- days_till_exp_warn = atoi(optarg);
++ if (!is_intnonneg (temp))
++ usage2 (_("Invalid certificate expiration period"), temp);
++ days_till_exp_crit = atoi (temp);
++ }
++ else {
++ days_till_exp_crit=0;
++ if (!is_intnonneg (optarg))
++ usage2 (_("Invalid certificate expiration period"), optarg);
++ days_till_exp_warn = atoi (optarg);
+ }
+ check_cert = true;
+ goto enable_ssl;
+ #endif
+- case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is
+- checked */
++ case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */
+ #ifdef HAVE_SSL
+ continue_after_check_cert = true;
+ break;
+@@ -355,16 +358,15 @@ bool process_arguments(int argc, char **argv) {
+ case 'S': /* use SSL */
+ #ifdef HAVE_SSL
+ enable_ssl:
+- /* ssl_version initialized to 0 as a default. Only set if it's non-zero.
+- This helps when we include multiple parameters, like -S and -C
+- combinations */
++ /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple
++ parameters, like -S and -C combinations */
+ use_ssl = true;
+- if (c == 'S' && optarg != NULL) {
++ if (c=='S' && optarg != NULL) {
+ int got_plus = strchr(optarg, '+') != NULL;
+
+- if (!strncmp(optarg, "1.2", 3))
++ if (!strncmp (optarg, "1.2", 3))
+ ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2;
+- else if (!strncmp(optarg, "1.1", 3))
++ else if (!strncmp (optarg, "1.1", 3))
+ ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1;
+ else if (optarg[0] == '1')
+ ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1;
+@@ -373,104 +375,101 @@ bool process_arguments(int argc, char **argv) {
+ else if (optarg[0] == '2')
+ ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2;
+ else
+- usage4(_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 "
+- "(with optional '+' suffix)"));
++ usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)"));
+ }
+ if (specify_port == false)
+ server_port = HTTPS_PORT;
+ #else
+ /* -C -J and -K fall through to here without SSL */
+- usage4(_("Invalid option - SSL is not available"));
++ usage4 (_("Invalid option - SSL is not available"));
+ #endif
+ break;
+ case SNI_OPTION:
+ use_sni = true;
+ break;
+ case MAX_REDIRS_OPTION:
+- if (!is_intnonneg(optarg))
+- usage2(_("Invalid max_redirs count"), optarg);
++ if (!is_intnonneg (optarg))
++ usage2 (_("Invalid max_redirs count"), optarg);
+ else {
+- max_depth = atoi(optarg);
++ max_depth = atoi (optarg);
+ }
+- break;
++ break;
+ case 'f': /* onredirect */
+- if (!strcmp(optarg, "stickyport"))
+- onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST | STICKY_PORT;
+- else if (!strcmp(optarg, "sticky"))
++ if (!strcmp (optarg, "stickyport"))
++ onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT;
++ else if (!strcmp (optarg, "sticky"))
+ onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST;
+- else if (!strcmp(optarg, "follow"))
++ else if (!strcmp (optarg, "follow"))
+ onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE;
+- else if (!strcmp(optarg, "unknown"))
++ else if (!strcmp (optarg, "unknown"))
+ onredirect = STATE_UNKNOWN;
+- else if (!strcmp(optarg, "ok"))
++ else if (!strcmp (optarg, "ok"))
+ onredirect = STATE_OK;
+- else if (!strcmp(optarg, "warning"))
++ else if (!strcmp (optarg, "warning"))
+ onredirect = STATE_WARNING;
+- else if (!strcmp(optarg, "critical"))
++ else if (!strcmp (optarg, "critical"))
+ onredirect = STATE_CRITICAL;
+- else
+- usage2(_("Invalid onredirect option"), optarg);
++ else usage2 (_("Invalid onredirect option"), optarg);
+ if (verbose)
+ printf(_("option f:%d \n"), onredirect);
+ break;
+ /* Note: H, I, and u must be malloc'd or will fail on redirects */
+ case 'H': /* Host Name (virtual host) */
+- host_name = strdup(optarg);
++ host_name = strdup (optarg);
+ if (host_name[0] == '[') {
+- if ((p = strstr(host_name, "]:")) != NULL) { /* [IPv6]:port */
+- virtual_port = atoi(p + 2);
++ if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */
++ virtual_port = atoi (p + 2);
+ /* cut off the port */
+- host_name_length = strlen(host_name) - strlen(p) - 1;
+- free(host_name);
+- host_name = strndup(optarg, host_name_length);
++ host_name_length = strlen (host_name) - strlen (p) - 1;
++ free (host_name);
++ host_name = strndup (optarg, host_name_length);
++ if (specify_port == false)
++ server_port = virtual_port;
++ }
++ } else if ((p = strchr (host_name, ':')) != NULL
++ && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */
++ virtual_port = atoi (p);
++ /* cut off the port */
++ host_name_length = strlen (host_name) - strlen (p) - 1;
++ free (host_name);
++ host_name = strndup (optarg, host_name_length);
+ if (specify_port == false)
+ server_port = virtual_port;
+ }
+- } else if ((p = strchr(host_name, ':')) != NULL &&
+- strchr(++p, ':') == NULL) { /* IPv4:port or host:port */
+- virtual_port = atoi(p);
+- /* cut off the port */
+- host_name_length = strlen(host_name) - strlen(p) - 1;
+- free(host_name);
+- host_name = strndup(optarg, host_name_length);
+- if (specify_port == false)
+- server_port = virtual_port;
+- }
+ break;
+ case 'I': /* Server IP-address */
+- server_address = strdup(optarg);
++ server_address = strdup (optarg);
+ break;
+ case 'u': /* URL path */
+- server_url = strdup(optarg);
+- server_url_length = strlen(server_url);
++ server_url = strdup (optarg);
++ server_url_length = strlen (server_url);
+ break;
+ case 'p': /* Server port */
+- if (!is_intnonneg(optarg))
+- usage2(_("Invalid port number"), optarg);
++ if (!is_intnonneg (optarg))
++ usage2 (_("Invalid port number"), optarg);
+ else {
+- server_port = atoi(optarg);
++ server_port = atoi (optarg);
+ specify_port = true;
+ }
+ break;
+ case 'a': /* authorization info */
+- strncpy(user_auth, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1);
+ user_auth[MAX_INPUT_BUFFER - 1] = 0;
+ break;
+ case 'b': /* proxy-authorization info */
+- strncpy(proxy_auth, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy (proxy_auth, optarg, MAX_INPUT_BUFFER - 1);
+ proxy_auth[MAX_INPUT_BUFFER - 1] = 0;
+ break;
+- case 'P': /* HTTP POST data in URL encoded format; ignored if settings
+- already */
+- if (!http_post_data)
+- http_post_data = strdup(optarg);
+- if (!http_method)
++ case 'P': /* HTTP POST data in URL encoded format; ignored if settings already */
++ if (! http_post_data)
++ http_post_data = strdup (optarg);
++ if (! http_method)
+ http_method = strdup("POST");
+ break;
+ case 'j': /* Set HTTP method */
+ if (http_method)
+ free(http_method);
+- http_method = strdup(optarg);
++ http_method = strdup (optarg);
+ char *tmp;
+ if ((tmp = strstr(http_method, ":")) > 0) {
+ tmp[0] = '\0';
+@@ -479,20 +478,20 @@ bool process_arguments(int argc, char **argv) {
+ }
+ break;
+ case 'd': /* string or substring */
+- strncpy(header_expect, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1);
+ header_expect[MAX_INPUT_BUFFER - 1] = 0;
+ break;
+ case 's': /* string or substring */
+- strncpy(string_expect, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1);
+ string_expect[MAX_INPUT_BUFFER - 1] = 0;
+ break;
+ case 'e': /* string or substring */
+- strncpy(server_expect, optarg, MAX_INPUT_BUFFER - 1);
++ strncpy (server_expect, optarg, MAX_INPUT_BUFFER - 1);
+ server_expect[MAX_INPUT_BUFFER - 1] = 0;
+ server_expect_yn = 1;
+ break;
+ case 'T': /* Content-type */
+- xasprintf(&http_content_type, "%s", optarg);
++ xasprintf (&http_content_type, "%s", optarg);
+ break;
+ case 'l': /* linespan */
+ cflags &= ~REG_NEWLINE;
+@@ -500,12 +499,12 @@ bool process_arguments(int argc, char **argv) {
+ case 'R': /* regex */
+ cflags |= REG_ICASE;
+ case 'r': /* regex */
+- strncpy(regexp, optarg, MAX_RE_SIZE - 1);
++ strncpy (regexp, optarg, MAX_RE_SIZE - 1);
+ regexp[MAX_RE_SIZE - 1] = 0;
+- errcode = regcomp(&preg, regexp, cflags);
++ errcode = regcomp (&preg, regexp, cflags);
+ if (errcode != 0) {
+- (void)regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
+- printf(_("Could Not Compile Regular Expression: %s"), errbuf);
++ (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
++ printf (_("Could Not Compile Regular Expression: %s"), errbuf);
+ return false;
+ }
+ break;
+@@ -519,53 +518,55 @@ bool process_arguments(int argc, char **argv) {
+ #ifdef USE_IPV6
+ address_family = AF_INET6;
+ #else
+- usage4(_("IPv6 support not available"));
++ usage4 (_("IPv6 support not available"));
+ #endif
+ break;
+ case 'v': /* verbose */
+ verbose = true;
+ break;
+ case 'm': /* min_page_length */
+- {
++ {
+ char *tmp;
+ if (strchr(optarg, ':') != (char *)NULL) {
+ /* range, so get two values, min:max */
+ tmp = strtok(optarg, ":");
+ if (tmp == NULL) {
+ printf("Bad format: try \"-m min:max\"\n");
+- exit(STATE_WARNING);
++ exit (STATE_WARNING);
+ } else
+ min_page_len = atoi(tmp);
+
+ tmp = strtok(NULL, ":");
+ if (tmp == NULL) {
+ printf("Bad format: try \"-m min:max\"\n");
+- exit(STATE_WARNING);
++ exit (STATE_WARNING);
+ } else
+ max_page_len = atoi(tmp);
+ } else
+- min_page_len = atoi(optarg);
++ min_page_len = atoi (optarg);
+ break;
+- }
++ }
+ case 'N': /* no-body */
+ no_body = true;
+ break;
+ case 'M': /* max-age */
+- {
+- int L = strlen(optarg);
+- if (L && optarg[L - 1] == 'm')
+- maximum_age = atoi(optarg) * 60;
+- else if (L && optarg[L - 1] == 'h')
+- maximum_age = atoi(optarg) * 60 * 60;
+- else if (L && optarg[L - 1] == 'd')
+- maximum_age = atoi(optarg) * 60 * 60 * 24;
+- else if (L && (optarg[L - 1] == 's' || isdigit(optarg[L - 1])))
+- maximum_age = atoi(optarg);
+- else {
+- fprintf(stderr, "unparsable max-age: %s\n", optarg);
+- exit(STATE_WARNING);
+- }
+- } break;
++ {
++ int L = strlen(optarg);
++ if (L && optarg[L-1] == 'm')
++ maximum_age = atoi (optarg) * 60;
++ else if (L && optarg[L-1] == 'h')
++ maximum_age = atoi (optarg) * 60 * 60;
++ else if (L && optarg[L-1] == 'd')
++ maximum_age = atoi (optarg) * 60 * 60 * 24;
++ else if (L && (optarg[L-1] == 's' ||
++ isdigit (optarg[L-1])))
++ maximum_age = atoi (optarg);
++ else {
++ fprintf (stderr, "unparsable max-age: %s\n", optarg);
++ exit (STATE_WARNING);
++ }
++ }
++ break;
+ case 'E': /* show extended perfdata */
+ show_extended_perfdata = true;
+ break;
+@@ -578,32 +579,31 @@ bool process_arguments(int argc, char **argv) {
+ c = optind;
+
+ if (server_address == NULL && c < argc)
+- server_address = strdup(argv[c++]);
++ server_address = strdup (argv[c++]);
+
+ if (host_name == NULL && c < argc)
+- host_name = strdup(argv[c++]);
++ host_name = strdup (argv[c++]);
+
+ if (server_address == NULL) {
+ if (host_name == NULL)
+- usage4(_("You must specify a server address or host name"));
++ usage4 (_("You must specify a server address or host name"));
+ else
+- server_address = strdup(host_name);
++ server_address = strdup (host_name);
+ }
+
+ set_thresholds(&thlds, warning_thresholds, critical_thresholds);
+
+- if (critical_thresholds && thlds->critical->end > (double)socket_timeout)
++ if (critical_thresholds && thlds->critical->end>(double)socket_timeout)
+ socket_timeout = (int)thlds->critical->end + 1;
+
+ if (http_method == NULL)
+- http_method = strdup("GET");
++ http_method = strdup ("GET");
+
+ if (http_method_proxy == NULL)
+- http_method_proxy = strdup("GET");
++ http_method_proxy = strdup ("GET");
+
+ if (client_cert && !client_privkey)
+- usage4(_("If you use a client certificate you must also specify a private "
+- "key file"));
++ usage4 (_("If you use a client certificate you must also specify a private key file"));
+
+ if (virtual_port == 0)
+ virtual_port = server_port;
+@@ -611,68 +611,89 @@ bool process_arguments(int argc, char **argv) {
+ return true;
+ }
+
++
++
+ /* Returns 1 if we're done processing the document body; 0 to keep going */
+-static int document_headers_done(char *full_page) {
++static int
++document_headers_done (char *full_page)
++{
+ const char *body;
+
+ for (body = full_page; *body; body++) {
+- if (!strncmp(body, "\n\n", 2) || !strncmp(body, "\n\r\n", 3))
++ if (!strncmp (body, "\n\n", 2) || !strncmp (body, "\n\r\n", 3))
+ break;
+ }
+
+ if (!*body)
+- return 0; /* haven't read end of headers yet */
++ return 0; /* haven't read end of headers yet */
+
+ full_page[body - full_page] = 0;
+ return 1;
+ }
+
+-static time_t parse_time_string(const char *string) {
++static time_t
++parse_time_string (const char *string)
++{
+ struct tm tm;
+ time_t t;
+- memset(&tm, 0, sizeof(tm));
++ memset (&tm, 0, sizeof(tm));
+
+ /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */
+
+- if (isupper(string[0]) && /* Tue */
+- islower(string[1]) && islower(string[2]) && ',' == string[3] &&
+- ' ' == string[4] && (isdigit(string[5]) || string[5] == ' ') && /* 25 */
+- isdigit(string[6]) && ' ' == string[7] && isupper(string[8]) && /* Dec */
+- islower(string[9]) && islower(string[10]) && ' ' == string[11] &&
+- isdigit(string[12]) && /* 2001 */
+- isdigit(string[13]) && isdigit(string[14]) && isdigit(string[15]) &&
+- ' ' == string[16] && isdigit(string[17]) && /* 02: */
+- isdigit(string[18]) && ':' == string[19] &&
+- isdigit(string[20]) && /* 59: */
+- isdigit(string[21]) && ':' == string[22] &&
+- isdigit(string[23]) && /* 03 */
+- isdigit(string[24]) && ' ' == string[25] && 'G' == string[26] && /* GMT */
+- 'M' == string[27] && /* GMT */
+- 'T' == string[28]) {
+-
+- tm.tm_sec = 10 * (string[23] - '0') + (string[24] - '0');
+- tm.tm_min = 10 * (string[20] - '0') + (string[21] - '0');
+- tm.tm_hour = 10 * (string[17] - '0') + (string[18] - '0');
+- tm.tm_mday =
+- 10 * (string[5] == ' ' ? 0 : string[5] - '0') + (string[6] - '0');
+- tm.tm_mon = (!strncmp(string + 8, "Jan", 3) ? 0
+- : !strncmp(string + 8, "Feb", 3) ? 1
+- : !strncmp(string + 8, "Mar", 3) ? 2
+- : !strncmp(string + 8, "Apr", 3) ? 3
+- : !strncmp(string + 8, "May", 3) ? 4
+- : !strncmp(string + 8, "Jun", 3) ? 5
+- : !strncmp(string + 8, "Jul", 3) ? 6
+- : !strncmp(string + 8, "Aug", 3) ? 7
+- : !strncmp(string + 8, "Sep", 3) ? 8
+- : !strncmp(string + 8, "Oct", 3) ? 9
+- : !strncmp(string + 8, "Nov", 3) ? 10
+- : !strncmp(string + 8, "Dec", 3) ? 11
+- : -1);
+- tm.tm_year = ((1000 * (string[12] - '0') + 100 * (string[13] - '0') +
+- 10 * (string[14] - '0') + (string[15] - '0')) -
+- 1900);
+-
+- tm.tm_isdst = 0; /* GMT is never in DST, right? */
++ if (isupper (string[0]) && /* Tue */
++ islower (string[1]) &&
++ islower (string[2]) &&
++ ',' == string[3] &&
++ ' ' == string[4] &&
++ (isdigit(string[5]) || string[5] == ' ') && /* 25 */
++ isdigit (string[6]) &&
++ ' ' == string[7] &&
++ isupper (string[8]) && /* Dec */
++ islower (string[9]) &&
++ islower (string[10]) &&
++ ' ' == string[11] &&
++ isdigit (string[12]) && /* 2001 */
++ isdigit (string[13]) &&
++ isdigit (string[14]) &&
++ isdigit (string[15]) &&
++ ' ' == string[16] &&
++ isdigit (string[17]) && /* 02: */
++ isdigit (string[18]) &&
++ ':' == string[19] &&
++ isdigit (string[20]) && /* 59: */
++ isdigit (string[21]) &&
++ ':' == string[22] &&
++ isdigit (string[23]) && /* 03 */
++ isdigit (string[24]) &&
++ ' ' == string[25] &&
++ 'G' == string[26] && /* GMT */
++ 'M' == string[27] && /* GMT */
++ 'T' == string[28]) {
++
++ tm.tm_sec = 10 * (string[23]-'0') + (string[24]-'0');
++ tm.tm_min = 10 * (string[20]-'0') + (string[21]-'0');
++ tm.tm_hour = 10 * (string[17]-'0') + (string[18]-'0');
++ tm.tm_mday = 10 * (string[5] == ' ' ? 0 : string[5]-'0') + (string[6]-'0');
++ tm.tm_mon = (!strncmp (string+8, "Jan", 3) ? 0 :
++ !strncmp (string+8, "Feb", 3) ? 1 :
++ !strncmp (string+8, "Mar", 3) ? 2 :
++ !strncmp (string+8, "Apr", 3) ? 3 :
++ !strncmp (string+8, "May", 3) ? 4 :
++ !strncmp (string+8, "Jun", 3) ? 5 :
++ !strncmp (string+8, "Jul", 3) ? 6 :
++ !strncmp (string+8, "Aug", 3) ? 7 :
++ !strncmp (string+8, "Sep", 3) ? 8 :
++ !strncmp (string+8, "Oct", 3) ? 9 :
++ !strncmp (string+8, "Nov", 3) ? 10 :
++ !strncmp (string+8, "Dec", 3) ? 11 :
++ -1);
++ tm.tm_year = ((1000 * (string[12]-'0') +
++ 100 * (string[13]-'0') +
++ 10 * (string[14]-'0') +
++ (string[15]-'0'))
++ - 1900);
++
++ tm.tm_isdst = 0; /* GMT is never in DST, right? */
+
+ if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31)
+ return 0;
+@@ -684,15 +705,14 @@ static time_t parse_time_string(const char *string) {
+ so it doesn't matter what time zone we parse them in.
+ */
+
+- t = mktime(&tm);
+- if (t == (time_t)-1)
+- t = 0;
++ t = mktime (&tm);
++ if (t == (time_t) -1) t = 0;
+
+ if (verbose) {
+ const char *s = string;
+ while (*s && *s != '\r' && *s != '\n')
+- fputc(*s++, stdout);
+- printf(" ==> %lu\n", (unsigned long)t);
++ fputc (*s++, stdout);
++ printf (" ==> %lu\n", (unsigned long) t);
+ }
+
+ return t;
+@@ -703,24 +723,28 @@ static time_t parse_time_string(const char *string) {
+ }
+
+ /* Checks if the server 'reply' is one of the expected 'statuscodes' */
+-static int expected_statuscode(const char *reply, const char *statuscodes) {
++static int
++expected_statuscode (const char *reply, const char *statuscodes)
++{
+ char *expected, *code;
+ int result = 0;
+
+- if ((expected = strdup(statuscodes)) == NULL)
+- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
++ if ((expected = strdup (statuscodes)) == NULL)
++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
+
+- for (code = strtok(expected, ","); code != NULL; code = strtok(NULL, ","))
+- if (strstr(reply, code) != NULL) {
++ for (code = strtok (expected, ","); code != NULL; code = strtok (NULL, ","))
++ if (strstr (reply, code) != NULL) {
+ result = 1;
+ break;
+ }
+
+- free(expected);
++ free (expected);
+ return result;
+ }
+
+-static int check_document_dates(const char *headers, char **msg) {
++static int
++check_document_dates (const char *headers, char **msg)
++{
+ const char *s;
+ char *server_date = 0;
+ char *document_date = 0;
+@@ -748,78 +772,73 @@ static int check_document_dates(const char *headers, char **msg) {
+ s++;
+
+ /* Process this header. */
+- if (value && value > field + 2) {
+- char *ff = (char *)malloc(value - field);
++ if (value && value > field+2) {
++ char *ff = (char *) malloc (value-field);
+ char *ss = ff;
+- while (field < value - 1)
++ while (field < value-1)
+ *ss++ = tolower(*field++);
+ *ss++ = 0;
+
+- if (!strcmp(ff, "date") || !strcmp(ff, "last-modified")) {
++ if (!strcmp (ff, "date") || !strcmp (ff, "last-modified")) {
+ const char *e;
+- while (*value && isspace(*value))
++ while (*value && isspace (*value))
+ value++;
+ for (e = value; *e && *e != '\r' && *e != '\n'; e++)
+ ;
+- ss = (char *)malloc(e - value + 1);
+- strncpy(ss, value, e - value);
++ ss = (char *) malloc (e - value + 1);
++ strncpy (ss, value, e - value);
+ ss[e - value] = 0;
+- if (!strcmp(ff, "date")) {
+- if (server_date)
+- free(server_date);
++ if (!strcmp (ff, "date")) {
++ if (server_date) free (server_date);
+ server_date = ss;
+ } else {
+- if (document_date)
+- free(document_date);
++ if (document_date) free (document_date);
+ document_date = ss;
+ }
+ }
+- free(ff);
++ free (ff);
+ }
+ }
+
+ /* Done parsing the body. Now check the dates we (hopefully) parsed. */
+ if (!server_date || !*server_date) {
+- xasprintf(msg, _("%sServer date unknown, "), *msg);
++ xasprintf (msg, _("%sServer date unknown, "), *msg);
+ date_result = max_state_alt(STATE_UNKNOWN, date_result);
+ } else if (!document_date || !*document_date) {
+- xasprintf(msg, _("%sDocument modification date unknown, "), *msg);
++ xasprintf (msg, _("%sDocument modification date unknown, "), *msg);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else {
+- time_t srv_data = parse_time_string(server_date);
+- time_t doc_data = parse_time_string(document_date);
++ time_t srv_data = parse_time_string (server_date);
++ time_t doc_data = parse_time_string (document_date);
+
+ if (srv_data <= 0) {
+- xasprintf(msg, _("%sServer date \"%100s\" unparsable, "), *msg,
+- server_date);
++ xasprintf (msg, _("%sServer date \"%100s\" unparsable, "), *msg, server_date);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else if (doc_data <= 0) {
+- xasprintf(msg, _("%sDocument date \"%100s\" unparsable, "), *msg,
+- document_date);
++ xasprintf (msg, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else if (doc_data > srv_data + 30) {
+- xasprintf(msg, _("%sDocument is %d seconds in the future, "), *msg,
+- (int)doc_data - (int)srv_data);
++ xasprintf (msg, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else if (doc_data < srv_data - maximum_age) {
+ int n = (srv_data - doc_data);
+ if (n > (60 * 60 * 24 * 2)) {
+- xasprintf(msg, _("%sLast modified %.1f days ago, "), *msg,
+- ((float)n) / (60 * 60 * 24));
++ xasprintf (msg, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24));
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ } else {
+- xasprintf(msg, _("%sLast modified %d:%02d:%02d ago, "), *msg,
+- n / (60 * 60), (n / 60) % 60, n % 60);
++ xasprintf (msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60);
+ date_result = max_state_alt(STATE_CRITICAL, date_result);
+ }
+ }
+- free(server_date);
+- free(document_date);
++ free (server_date);
++ free (document_date);
+ }
+ return date_result;
+ }
+
+-int get_content_length(const char *headers) {
++int
++get_content_length (const char *headers)
++{
+ const char *s;
+ int content_length = 0;
+
+@@ -845,46 +864,50 @@ int get_content_length(const char *headers) {
+ s++;
+
+ /* Process this header. */
+- if (value && value > field + 2) {
+- char *ff = (char *)malloc(value - field);
++ if (value && value > field+2) {
++ char *ff = (char *) malloc (value-field);
+ char *ss = ff;
+- while (field < value - 1)
++ while (field < value-1)
+ *ss++ = tolower(*field++);
+ *ss++ = 0;
+
+- if (!strcmp(ff, "content-length")) {
++ if (!strcmp (ff, "content-length")) {
+ const char *e;
+- while (*value && isspace(*value))
++ while (*value && isspace (*value))
+ value++;
+ for (e = value; *e && *e != '\r' && *e != '\n'; e++)
+ ;
+- ss = (char *)malloc(e - value + 1);
+- strncpy(ss, value, e - value);
++ ss = (char *) malloc (e - value + 1);
++ strncpy (ss, value, e - value);
+ ss[e - value] = 0;
+ content_length = atoi(ss);
+- free(ss);
++ free (ss);
+ }
+- free(ff);
++ free (ff);
+ }
+ }
+ return (content_length);
+ }
+
+-char *prepend_slash(char *path) {
++char *
++prepend_slash (char *path)
++{
+ char *newpath;
+
+ if (path[0] == '/')
+ return path;
+
+- if ((newpath = malloc(strlen(path) + 2)) == NULL)
+- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
++ if ((newpath = malloc (strlen(path) + 2)) == NULL)
++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
+ newpath[0] = '/';
+- strcpy(newpath + 1, path);
+- free(path);
++ strcpy (newpath + 1, path);
++ free (path);
+ return newpath;
+ }
+
+-int check_http(void) {
++int
++check_http (void)
++{
+ char *msg;
+ char *status_line;
+ char *status_code;
+@@ -915,73 +938,62 @@ int check_http(void) {
+ char *force_host_header = NULL;
+
+ /* try to connect to the host at the given port number */
+- gettimeofday(&tv_temp, NULL);
+- if (my_tcp_connect(server_address, server_port, &sd) != STATE_OK)
+- die(STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
+- microsec_connect = deltime(tv_temp);
++ gettimeofday (&tv_temp, NULL);
++ if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
++ die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
++ microsec_connect = deltime (tv_temp);
+
+- /* if we are called with the -I option, the -j method is CONNECT and */
+- /* we received -S for SSL, then we tunnel the request through a proxy*/
+- /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
++ /* if we are called with the -I option, the -j method is CONNECT and */
++ /* we received -S for SSL, then we tunnel the request through a proxy*/
++ /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */
+
+- if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
+- host_name != NULL && use_ssl == true) {
++ if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
++ && host_name != NULL && use_ssl == true) {
+
+- if (verbose)
+- printf("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n",
+- server_address, server_port, host_name, HTTPS_PORT);
+- asprintf(&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name,
+- HTTPS_PORT, user_agent);
++ if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
++ asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
+ if (strlen(proxy_auth)) {
+- base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth);
+- xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
++ base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth);
++ xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
+ }
+ /* optionally send any other header tag */
+ if (http_opt_headers_count) {
+- for (i = 0; i < http_opt_headers_count; i++) {
++ for (i = 0; i < http_opt_headers_count ; i++) {
+ if (force_host_header != http_opt_headers[i]) {
+- xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]);
++ xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
+ }
+ }
+- /* This cannot be free'd here because a redirection will then try to
+- * access this and segfault */
++ /* This cannot be free'd here because a redirection will then try to access this and segfault */
+ /* Covered in a testcase in tests/check_http.t */
+ /* free(http_opt_headers); */
+ }
+- asprintf(&buf, "%sProxy-Connection: keep-alive\r\n", buf);
+- asprintf(&buf, "%sHost: %s\r\n", buf, host_name);
++ asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf);
++ asprintf (&buf, "%sHost: %s\r\n", buf, host_name);
+ /* we finished our request, send empty line with CRLF */
+- asprintf(&buf, "%s%s", buf, CRLF);
+- if (verbose)
+- printf("%s\n", buf);
+- send(sd, buf, strlen(buf), 0);
+- buf[0] = '\0';
+-
+- if (verbose)
+- printf("Receive response from proxy\n");
+- read(sd, buffer, MAX_INPUT_BUFFER - 1);
+- if (verbose)
+- printf("%s", buffer);
++ asprintf (&buf, "%s%s", buf, CRLF);
++ if (verbose) printf ("%s\n", buf);
++ send(sd, buf, strlen (buf), 0);
++ buf[0]='\0';
++
++ if (verbose) printf ("Receive response from proxy\n");
++ read (sd, buffer, MAX_INPUT_BUFFER-1);
++ if (verbose) printf ("%s", buffer);
+ /* Here we should check if we got HTTP/1.1 200 Connection established */
+ }
+ #ifdef HAVE_SSL
+ elapsed_time_connect = (double)microsec_connect / 1.0e6;
+ if (use_ssl == true) {
+- gettimeofday(&tv_temp, NULL);
+- result = np_net_ssl_init_with_hostname_version_and_cert(
+- sd, (use_sni ? host_name : NULL), ssl_version, client_cert,
+- client_privkey);
+- if (verbose)
+- printf("SSL initialized\n");
++ gettimeofday (&tv_temp, NULL);
++ result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
++ if (verbose) printf ("SSL initialized\n");
+ if (result != STATE_OK)
+- die(STATE_CRITICAL, NULL);
+- microsec_ssl = deltime(tv_temp);
++ die (STATE_CRITICAL, NULL);
++ microsec_ssl = deltime (tv_temp);
+ elapsed_time_ssl = (double)microsec_ssl / 1.0e6;
+ if (check_cert == true) {
+ result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit);
+ if (continue_after_check_cert == false) {
+- if (sd)
+- close(sd);
++ if (sd) close(sd);
+ np_net_ssl_cleanup();
+ return result;
+ }
+@@ -989,20 +1001,18 @@ int check_http(void) {
+ }
+ #endif /* HAVE_SSL */
+
+- if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
+- host_name != NULL && use_ssl == true)
+- asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url,
+- host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
++ if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
++ && host_name != NULL && use_ssl == true)
++ asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+ else
+- asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method, server_url,
+- host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
++ asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+
+ /* tell HTTP/1.1 servers not to keep the connection alive */
+- xasprintf(&buf, "%sConnection: close\r\n", buf);
++ xasprintf (&buf, "%sConnection: close\r\n", buf);
+
+ /* check if Host header is explicitly set in options */
+ if (http_opt_headers_count) {
+- for (i = 0; i < http_opt_headers_count; i++) {
++ for (i = 0; i < http_opt_headers_count ; i++) {
+ if (strncmp(http_opt_headers[i], "Host:", 5) == 0) {
+ force_host_header = http_opt_headers[i];
+ }
+@@ -1012,8 +1022,9 @@ int check_http(void) {
+ /* optionally send the host header info */
+ if (host_name) {
+ if (force_host_header) {
+- xasprintf(&buf, "%s%s\r\n", buf, force_host_header);
+- } else {
++ xasprintf (&buf, "%s%s\r\n", buf, force_host_header);
++ }
++ else {
+ /*
+ * Specify the port only if we're using a non-default port (see RFC 2616,
+ * 14.23). Some server applications/configurations cause trouble if the
+@@ -1021,69 +1032,65 @@ int check_http(void) {
+ */
+ if ((use_ssl == false && virtual_port == HTTP_PORT) ||
+ (use_ssl == true && virtual_port == HTTPS_PORT) ||
+- (server_address != NULL && strcmp(http_method, "CONNECT") == 0 &&
+- host_name != NULL && use_ssl == true))
+- xasprintf(&buf, "%sHost: %s\r\n", buf, host_name);
++ (server_address != NULL && strcmp(http_method, "CONNECT") == 0
++ && host_name != NULL && use_ssl == true))
++ xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
+ else
+- xasprintf(&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
++ xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
+ }
+ }
+
+ /* optionally send any other header tag */
+ if (http_opt_headers_count) {
+- for (i = 0; i < http_opt_headers_count; i++) {
++ for (i = 0; i < http_opt_headers_count ; i++) {
+ if (force_host_header != http_opt_headers[i]) {
+- xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]);
++ xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]);
+ }
+ }
+- /* This cannot be free'd here because a redirection will then try to access
+- * this and segfault */
++ /* This cannot be free'd here because a redirection will then try to access this and segfault */
+ /* Covered in a testcase in tests/check_http.t */
+ /* free(http_opt_headers); */
+ }
+
+ /* optionally send the authentication info */
+ if (strlen(user_auth)) {
+- base64_encode_alloc(user_auth, strlen(user_auth), &auth);
+- xasprintf(&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
++ base64_encode_alloc (user_auth, strlen (user_auth), &auth);
++ xasprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth);
+ }
+
+ /* optionally send the proxy authentication info */
+ if (strlen(proxy_auth)) {
+- base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth);
+- xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
++ base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth);
++ xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth);
+ }
+
+ /* either send http POST data (any data, not only POST)*/
+ if (http_post_data) {
+ if (http_content_type) {
+- xasprintf(&buf, "%sContent-Type: %s\r\n", buf, http_content_type);
++ xasprintf (&buf, "%sContent-Type: %s\r\n", buf, http_content_type);
+ } else {
+- xasprintf(&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n",
+- buf);
++ xasprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf);
+ }
+
+- xasprintf(&buf, "%sContent-Length: %i\r\n\r\n", buf,
+- (int)strlen(http_post_data));
+- xasprintf(&buf, "%s%s", buf, http_post_data);
++ xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data));
++ xasprintf (&buf, "%s%s", buf, http_post_data);
+ } else {
+ /* or just a newline so the server knows we're done with the request */
+- xasprintf(&buf, "%s%s", buf, CRLF);
++ xasprintf (&buf, "%s%s", buf, CRLF);
+ }
+
+- if (verbose)
+- printf("%s\n", buf);
+- gettimeofday(&tv_temp, NULL);
+- my_send(buf, strlen(buf));
+- microsec_headers = deltime(tv_temp);
++ if (verbose) printf ("%s\n", buf);
++ gettimeofday (&tv_temp, NULL);
++ my_send (buf, strlen (buf));
++ microsec_headers = deltime (tv_temp);
+ elapsed_time_headers = (double)microsec_headers / 1.0e6;
+
+ /* fetch the page */
+ full_page = strdup("");
+- gettimeofday(&tv_temp, NULL);
+- while ((i = my_recv(buffer, MAX_INPUT_BUFFER - 1)) > 0) {
++ gettimeofday (&tv_temp, NULL);
++ while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) {
+ if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) {
+- microsec_firstbyte = deltime(tv_temp);
++ microsec_firstbyte = deltime (tv_temp);
+ elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6;
+ }
+ while (pos = memchr(buffer, '\0', i)) {
+@@ -1101,12 +1108,12 @@ int check_http(void) {
+
+ pagesize += i;
+
+- if (no_body && document_headers_done(full_page)) {
+- i = 0;
+- break;
+- }
++ if (no_body && document_headers_done (full_page)) {
++ i = 0;
++ break;
++ }
+ }
+- microsec_transfer = deltime(tv_temp);
++ microsec_transfer = deltime (tv_temp);
+ elapsed_time_transfer = (double)microsec_transfer / 1.0e6;
+
+ if (i < 0 && errno != ECONNRESET) {
+@@ -1114,123 +1121,121 @@ int check_http(void) {
+ }
+
+ /* return a CRITICAL status if we couldn't read any data */
+- if (pagesize == (size_t)0)
+- die(STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n"));
++ if (pagesize == (size_t) 0)
++ die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n"));
+
+ /* close the connection */
+- if (sd)
+- close(sd);
++ if (sd) close(sd);
+ #ifdef HAVE_SSL
+ np_net_ssl_cleanup();
+ #endif
+
+ /* Save check time */
+- microsec = deltime(tv);
++ microsec = deltime (tv);
+ elapsed_time = (double)microsec / 1.0e6;
+
+ /* leave full_page untouched so we can free it later */
+ page = full_page;
+
+ if (verbose)
+- printf("%s://%s:%d%s is %d characters\n", use_ssl ? "https" : "http",
+- server_address, server_port, server_url, (int)pagesize);
++ printf ("%s://%s:%d%s is %d characters\n",
++ use_ssl ? "https" : "http", server_address,
++ server_port, server_url, (int)pagesize);
+
+ /* find status line and null-terminate it */
+ status_line = page;
+- page += (size_t)strcspn(page, "\r\n");
++ page += (size_t) strcspn (page, "\r\n");
+ pos = page;
+- page += (size_t)strspn(page, "\r\n");
++ page += (size_t) strspn (page, "\r\n");
+ status_line[strcspn(status_line, "\r\n")] = 0;
+- strip(status_line);
++ strip (status_line);
+ if (verbose)
+- printf("STATUS: %s\n", status_line);
++ printf ("STATUS: %s\n", status_line);
+
+ /* find header info and null-terminate it */
+ header = page;
+- while (strcspn(page, "\r\n") > 0) {
+- page += (size_t)strcspn(page, "\r\n");
++ while (strcspn (page, "\r\n") > 0) {
++ page += (size_t) strcspn (page, "\r\n");
+ pos = page;
+- if ((strspn(page, "\r") == 1 && strspn(page, "\r\n") >= 2) ||
+- (strspn(page, "\n") == 1 && strspn(page, "\r\n") >= 2))
+- page += (size_t)2;
++ if ((strspn (page, "\r") == 1 && strspn (page, "\r\n") >= 2) ||
++ (strspn (page, "\n") == 1 && strspn (page, "\r\n") >= 2))
++ page += (size_t) 2;
+ else
+- page += (size_t)1;
++ page += (size_t) 1;
+ }
+- page += (size_t)strspn(page, "\r\n");
++ page += (size_t) strspn (page, "\r\n");
+ header[pos - header] = 0;
+ if (verbose)
+- printf("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header,
+- (no_body ? " [[ skipped ]]" : page));
++ printf ("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header,
++ (no_body ? " [[ skipped ]]" : page));
+
+ /* make sure the status line matches the response we are looking for */
+- if (!expected_statuscode(status_line, server_expect)) {
++ if (!expected_statuscode (status_line, server_expect)) {
+ if (server_port == HTTP_PORT)
+- xasprintf(&msg, _("Invalid HTTP response received from host: %s\n"),
++ xasprintf (&msg,
++ _("Invalid HTTP response received from host: %s\n"),
+ status_line);
+ else
+- xasprintf(&msg,
++ xasprintf (&msg,
+ _("Invalid HTTP response received from host on port %d: %s\n"),
+ server_port, status_line);
+ if (show_body)
+- xasprintf(&msg, _("%s\n%s"), msg, page);
+- die(STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
++ xasprintf (&msg, _("%s\n%s"), msg, page);
++ die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg);
+ }
+
+- /* Bypass normal status line check if server_expect was set by user and not
+- * default */
+- /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string
+- */
+- if (server_expect_yn) {
+- xasprintf(&msg, _("Status line output matched \"%s\" - "), server_expect);
++ /* Bypass normal status line check if server_expect was set by user and not default */
++ /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string */
++ if ( server_expect_yn ) {
++ xasprintf (&msg,
++ _("Status line output matched \"%s\" - "), server_expect);
+ if (verbose)
+- printf("%s\n", msg);
+- } else {
++ printf ("%s\n",msg);
++ }
++ else {
+ /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */
+ /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */
+ /* Status-Code = 3 DIGITS */
+
+- status_code = strchr(status_line, ' ') + sizeof(char);
+- if (strspn(status_code, "1234567890") != 3)
+- die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"),
+- status_line);
++ status_code = strchr (status_line, ' ') + sizeof (char);
++ if (strspn (status_code, "1234567890") != 3)
++ die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), status_line);
+
+- http_status = atoi(status_code);
++ http_status = atoi (status_code);
+
+ /* check the return code */
+
+ if (http_status >= 600 || http_status < 100) {
+- die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"),
+- status_line);
++ die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), status_line);
+ }
+ /* server errors result in a critical state */
+ else if (http_status >= 500) {
+- xasprintf(&msg, _("%s - "), status_line);
++ xasprintf (&msg, _("%s - "), status_line);
+ result = STATE_CRITICAL;
+ }
+ /* client errors result in a warning state */
+ else if (http_status >= 400) {
+- xasprintf(&msg, _("%s - "), status_line);
++ xasprintf (&msg, _("%s - "), status_line);
+ result = max_state_alt(STATE_WARNING, result);
+ }
+ /* check redirected page if specified */
+ else if (http_status >= 300) {
+
+ if (onredirect == STATE_DEPENDENT)
+- redir(header, status_line);
++ redir (header, status_line);
+ else
+ result = max_state_alt(onredirect, result);
+- xasprintf(&msg, _("%s - "), status_line);
++ xasprintf (&msg, _("%s - "), status_line);
+ } /* end if (http_status >= 300) */
+ else {
+ /* Print OK status anyway */
+- xasprintf(&msg, _("%s - "), status_line);
++ xasprintf (&msg, _("%s - "), status_line);
+ }
+
+ } /* end else (server_expect_yn) */
+
+- /* reset the alarm - must be called *after* redir or we'll never die on
+- * redirects! */
+- alarm(0);
++ /* reset the alarm - must be called *after* redir or we'll never die on redirects! */
++ alarm (0);
+
+ if (maximum_age >= 0) {
+ result = max_state_alt(check_document_dates(header, &msg), result);
+@@ -1247,10 +1252,7 @@ int check_http(void) {
+ bcopy("...", &output_header_search[sizeof(output_header_search) - 4],
+ 4);
+ }
+- xasprintf(&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg,
+- output_header_search, use_ssl ? "https" : "http",
+- host_name ? host_name : server_address, server_port,
+- server_url);
++ xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
+ result = STATE_CRITICAL;
+ }
+ }
+@@ -1288,10 +1290,7 @@ int check_http(void) {
+ bcopy("...", &output_string_search[sizeof(output_string_search) - 4],
+ 4);
+ }
+- xasprintf(&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg,
+- output_string_search, use_ssl ? "https" : "http",
+- host_name ? host_name : server_address, server_port,
+- server_url);
++ xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
+ result = STATE_CRITICAL;
+ }
+ }
+@@ -1302,17 +1301,18 @@ int check_http(void) {
+ (errcode == REG_NOMATCH && invert_regex == 1)) {
+ /* OK - No-op to avoid changing the logic around it */
+ result = max_state_alt(STATE_OK, result);
+- } else if ((errcode == REG_NOMATCH && invert_regex == 0) ||
+- (errcode == 0 && invert_regex == 1)) {
++ }
++ else if ((errcode == REG_NOMATCH && invert_regex == 0) || (errcode == 0 && invert_regex == 1)) {
+ if (invert_regex == 0)
+- xasprintf(&msg, _("%spattern not found, "), msg);
++ xasprintf (&msg, _("%spattern not found, "), msg);
+ else
+- xasprintf(&msg, _("%spattern found, "), msg);
++ xasprintf (&msg, _("%spattern found, "), msg);
+ result = STATE_CRITICAL;
+- } else {
++ }
++ else {
+ /* FIXME: Shouldn't that be UNKNOWN? */
+- regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
+- xasprintf(&msg, _("%sExecute Error: %s, "), msg, errbuf);
++ regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
++ xasprintf (&msg, _("%sExecute Error: %s, "), msg, errbuf);
+ result = STATE_CRITICAL;
+ }
+ }
+@@ -1328,42 +1328,46 @@ int check_http(void) {
+ */
+ page_len = pagesize;
+ if ((max_page_len > 0) && (page_len > max_page_len)) {
+- xasprintf(&msg, _("%spage size %d too large, "), msg, page_len);
++ xasprintf (&msg, _("%spage size %d too large, "), msg, page_len);
+ result = max_state_alt(STATE_WARNING, result);
+ } else if ((min_page_len > 0) && (page_len < min_page_len)) {
+- xasprintf(&msg, _("%spage size %d too small, "), msg, page_len);
++ xasprintf (&msg, _("%spage size %d too small, "), msg, page_len);
+ result = max_state_alt(STATE_WARNING, result);
+ }
+
+ /* Cut-off trailing characters */
+- if (msg[strlen(msg) - 2] == ',')
+- msg[strlen(msg) - 2] = '\0';
++ if(msg[strlen(msg)-2] == ',')
++ msg[strlen(msg)-2] = '\0';
+ else
+- msg[strlen(msg) - 3] = '\0';
++ msg[strlen(msg)-3] = '\0';
+
+ /* check elapsed time */
+ if (show_extended_perfdata)
+- xasprintf(
+- &msg,
+- _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"),
+- msg, page_len, elapsed_time, (display_html ? "" : ""),
+- perfd_time(elapsed_time), perfd_size(page_len),
+- perfd_time_connect(elapsed_time_connect),
+- use_ssl == true ? perfd_time_ssl(elapsed_time_ssl) : "",
+- perfd_time_headers(elapsed_time_headers),
+- perfd_time_firstbyte(elapsed_time_firstbyte),
+- perfd_time_transfer(elapsed_time_transfer));
++ xasprintf (&msg,
++ _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"),
++ msg, page_len, elapsed_time,
++ (display_html ? "" : ""),
++ perfd_time (elapsed_time),
++ perfd_size (page_len),
++ perfd_time_connect (elapsed_time_connect),
++ use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "",
++ perfd_time_headers (elapsed_time_headers),
++ perfd_time_firstbyte (elapsed_time_firstbyte),
++ perfd_time_transfer (elapsed_time_transfer));
+ else
+- xasprintf(&msg, _("%s - %d bytes in %.3f second response time %s|%s %s"),
+- msg, page_len, elapsed_time, (display_html ? "" : ""),
+- perfd_time(elapsed_time), perfd_size(page_len));
++ xasprintf (&msg,
++ _("%s - %d bytes in %.3f second response time %s|%s %s"),
++ msg, page_len, elapsed_time,
++ (display_html ? "" : ""),
++ perfd_time (elapsed_time),
++ perfd_size (page_len));
+
+ if (show_body)
+- xasprintf(&msg, _("%s\n%s"), msg, page);
++ xasprintf (&msg, _("%s\n%s"), msg, page);
+
+ result = max_state_alt(get_status(elapsed_time, thlds), result);
+
+- die(result, "HTTP %s: %s\n", state_text(result), msg);
++ die (result, "HTTP %s: %s\n", state_text(result), msg);
+ /* die failed? */
+ return STATE_UNKNOWN;
+ }
+@@ -1453,22 +1457,20 @@ char *unchunk_content(const char *content) {
+
+ /* per RFC 2396 */
+ #define URI_HTTP "%5[HTPShtps]"
+-#define URI_HOST \
+- "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
++#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+ #define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */
+-#define URI_PATH \
+- "%[-_.!~*'();/" \
+- "?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
++#define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]"
+ #define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH
+ #define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH
+ #define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT
+ #define HD4 URI_HTTP "://" URI_HOST
+-/* relative reference redirect like //www.site.org/test
+- * https://tools.ietf.org/html/rfc3986 */
++/* relative reference redirect like //www.site.org/test https://tools.ietf.org/html/rfc3986 */
+ #define HD5 "//" URI_HOST "/" URI_PATH
+ #define HD6 URI_PATH
+
+-void redir(char *pos, char *status_line) {
++void
++redir (char *pos, char *status_line)
++{
+ int i = 0;
+ char *x;
+ char xx[2];
+@@ -1476,101 +1478,101 @@ void redir(char *pos, char *status_line) {
+ char *addr;
+ char *url;
+
+- addr = malloc(MAX_IPV4_HOSTLENGTH + 1);
++ addr = malloc (MAX_IPV4_HOSTLENGTH + 1);
+ if (addr == NULL)
+- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n"));
++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n"));
+
+ memset(addr, 0, MAX_IPV4_HOSTLENGTH);
+- url = malloc(strcspn(pos, "\r\n"));
++ url = malloc (strcspn (pos, "\r\n"));
+ if (url == NULL)
+- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
+
+ while (pos) {
+- sscanf(pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n",
+- xx, &i);
++ sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i);
+ if (i == 0) {
+- pos += (size_t)strcspn(pos, "\r\n");
+- pos += (size_t)strspn(pos, "\r\n");
++ pos += (size_t) strcspn (pos, "\r\n");
++ pos += (size_t) strspn (pos, "\r\n");
+ if (strlen(pos) == 0)
+- die(STATE_UNKNOWN,
+- _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"),
+- status_line, (display_html ? "" : ""));
++ die (STATE_UNKNOWN,
++ _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"),
++ status_line, (display_html ? "" : ""));
+ continue;
+ }
+
+ pos += i;
+- pos += strspn(pos, " \t");
++ pos += strspn (pos, " \t");
+
+ /*
+ * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by
+ * preceding each extra line with at least one SP or HT.''
+ */
+- for (; (i = strspn(pos, "\r\n")); pos += i) {
++ for (; (i = strspn (pos, "\r\n")); pos += i) {
+ pos += i;
+- if (!(i = strspn(pos, " \t"))) {
+- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"),
+- display_html ? "" : "");
++ if (!(i = strspn (pos, " \t"))) {
++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"),
++ display_html ? "" : "");
+ }
+ }
+
+- url = realloc(url, strcspn(pos, "\r\n") + 1);
++ url = realloc (url, strcspn (pos, "\r\n") + 1);
+ if (url == NULL)
+- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n"));
+
+ /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */
+- if (sscanf(pos, HD1, type, addr, &i, url) == 4) {
+- url = prepend_slash(url);
+- use_ssl = server_type_check(type);
++ if (sscanf (pos, HD1, type, addr, &i, url) == 4) {
++ url = prepend_slash (url);
++ use_ssl = server_type_check (type);
+ }
+
+ /* URI_HTTP URI_HOST URI_PATH */
+- else if (sscanf(pos, HD2, type, addr, url) == 3) {
+- url = prepend_slash(url);
+- use_ssl = server_type_check(type);
+- i = server_port_check(use_ssl);
++ else if (sscanf (pos, HD2, type, addr, url) == 3 ) {
++ url = prepend_slash (url);
++ use_ssl = server_type_check (type);
++ i = server_port_check (use_ssl);
+ }
+
+ /* URI_HTTP URI_HOST URI_PORT */
+- else if (sscanf(pos, HD3, type, addr, &i) == 3) {
+- strcpy(url, HTTP_URL);
+- use_ssl = server_type_check(type);
++ else if (sscanf (pos, HD3, type, addr, &i) == 3) {
++ strcpy (url, HTTP_URL);
++ use_ssl = server_type_check (type);
+ }
+
+ /* URI_HTTP URI_HOST */
+- else if (sscanf(pos, HD4, type, addr) == 2) {
+- strcpy(url, HTTP_URL);
+- use_ssl = server_type_check(type);
+- i = server_port_check(use_ssl);
++ else if (sscanf (pos, HD4, type, addr) == 2) {
++ strcpy (url, HTTP_URL);
++ use_ssl = server_type_check (type);
++ i = server_port_check (use_ssl);
+ }
+ /* URI_HTTP, URI_HOST, URI_PATH */
+- else if (sscanf(pos, HD5, addr, url) == 2) {
+- if (use_ssl) {
+- strcpy(type, "https");
+- } else {
+- strcpy(type, server_type);
++ else if (sscanf (pos, HD5, addr, url) == 2) {
++ if(use_ssl){
++ strcpy (type,"https");
+ }
+- xasprintf(&url, "/%s", url);
+- use_ssl = server_type_check(type);
+- i = server_port_check(use_ssl);
++ else{
++ strcpy (type, server_type);
++ }
++ xasprintf (&url, "/%s", url);
++ use_ssl = server_type_check (type);
++ i = server_port_check (use_ssl);
+ }
+
+ /* URI_PATH */
+- else if (sscanf(pos, HD6, url) == 1) {
++ else if (sscanf (pos, HD6, url) == 1) {
+ /* relative url */
+ if ((url[0] != '/')) {
+ if ((x = strrchr(server_url, '/')))
+ *x = '\0';
+- xasprintf(&url, "%s/%s", server_url, url);
++ xasprintf (&url, "%s/%s", server_url, url);
+ }
+ i = server_port;
+- strcpy(type, server_type);
+- strcpy(addr, host_name ? host_name : server_address);
++ strcpy (type, server_type);
++ strcpy (addr, host_name ? host_name : server_address);
+ }
+
+ else {
+- die(STATE_UNKNOWN,
+- _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), pos,
+- (display_html ? "" : ""));
++ die (STATE_UNKNOWN,
++ _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"),
++ pos, (display_html ? "" : ""));
+ }
+
+ break;
+@@ -1578,356 +1580,299 @@ void redir(char *pos, char *status_line) {
+ } /* end while (pos) */
+
+ if (++redir_depth > max_depth)
+- die(STATE_WARNING,
+- _("HTTP WARNING - maximum redirection depth %d exceeded - "
+- "%s://%s:%d%s%s\n"),
+- max_depth, type, addr, i, url, (display_html ? "" : ""));
++ die (STATE_WARNING,
++ _("HTTP WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"),
++ max_depth, type, addr, i, url, (display_html ? "" : ""));
+
+- if (server_port == i && !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
++ if (server_port==i &&
++ !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) &&
+ (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) &&
+ !strcmp(server_url, url))
+- die(STATE_CRITICAL,
+- _("HTTP CRITICAL - redirection creates an infinite loop - "
+- "%s://%s:%d%s%s\n"),
+- type, addr, i, url, (display_html ? "" : ""));
++ die (STATE_CRITICAL,
++ _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"),
++ type, addr, i, url, (display_html ? "" : ""));
+
+- strcpy(server_type, type);
++ strcpy (server_type, type);
+
+- free(host_name);
+- host_name = strndup(addr, MAX_IPV4_HOSTLENGTH);
++ free (host_name);
++ host_name = strndup (addr, MAX_IPV4_HOSTLENGTH);
+
+ if (!(followsticky & STICKY_HOST)) {
+- free(server_address);
+- server_address = strndup(addr, MAX_IPV4_HOSTLENGTH);
++ free (server_address);
++ server_address = strndup (addr, MAX_IPV4_HOSTLENGTH);
+ }
+ if (!(followsticky & STICKY_PORT)) {
+ server_port = i;
+ }
+
+- free(server_url);
++ free (server_url);
+ server_url = url;
+
+ if (server_port > MAX_PORT)
+- die(STATE_UNKNOWN,
+- _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"),
+- MAX_PORT, server_type, server_address, server_port, server_url,
+- display_html ? "" : "");
++ die (STATE_UNKNOWN,
++ _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"),
++ MAX_PORT, server_type, server_address, server_port, server_url,
++ display_html ? "" : "");
+
+ /* reset virtual port */
+ virtual_port = server_port;
+
+ if (verbose)
+- printf(_("Redirection to %s://%s:%d%s\n"), server_type,
+- host_name ? host_name : server_address, server_port, server_url);
++ printf (_("Redirection to %s://%s:%d%s\n"), server_type,
++ host_name ? host_name : server_address, server_port, server_url);
+
+ free(addr);
+- check_http();
++ check_http ();
+ }
+
+-bool server_type_check(const char *type) {
+- if (strcmp(type, "https"))
++
++bool
++server_type_check (const char *type)
++{
++ if (strcmp (type, "https"))
+ return false;
+ else
+ return true;
+ }
+
+-int server_port_check(int ssl_flag) {
++int
++server_port_check (int ssl_flag)
++{
+ if (ssl_flag)
+ return HTTPS_PORT;
+ else
+ return HTTP_PORT;
+ }
+
+-char *perfd_time(double elapsed_time) {
+- return fperfdata("time", elapsed_time, "s", thlds->warning ? true : false,
+- thlds->warning ? thlds->warning->end : 0,
+- thlds->critical ? true : false,
+- thlds->critical ? thlds->critical->end : 0, true, 0, true,
+- socket_timeout);
++char *perfd_time (double elapsed_time)
++{
++ return fperfdata ("time", elapsed_time, "s",
++ thlds->warning?true:false, thlds->warning?thlds->warning->end:0,
++ thlds->critical?true:false, thlds->critical?thlds->critical->end:0,
++ true, 0, true, socket_timeout);
+ }
+
+-char *perfd_time_connect(double elapsed_time_connect) {
+- return fperfdata("time_connect", elapsed_time_connect, "s", false, 0, false,
+- 0, false, 0, true, socket_timeout);
++char *perfd_time_connect (double elapsed_time_connect)
++{
++ return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_time_ssl(double elapsed_time_ssl) {
+- return fperfdata("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false,
+- 0, true, socket_timeout);
++char *perfd_time_ssl (double elapsed_time_ssl)
++{
++ return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_time_headers(double elapsed_time_headers) {
+- return fperfdata("time_headers", elapsed_time_headers, "s", false, 0, false,
+- 0, false, 0, true, socket_timeout);
++char *perfd_time_headers (double elapsed_time_headers)
++{
++ return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_time_firstbyte(double elapsed_time_firstbyte) {
+- return fperfdata("time_firstbyte", elapsed_time_firstbyte, "s", false, 0,
+- false, 0, false, 0, true, socket_timeout);
++char *perfd_time_firstbyte (double elapsed_time_firstbyte)
++{
++ return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_time_transfer(double elapsed_time_transfer) {
+- return fperfdata("time_transfer", elapsed_time_transfer, "s", false, 0, false,
+- 0, false, 0, true, socket_timeout);
++char *perfd_time_transfer (double elapsed_time_transfer)
++{
++ return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout);
+ }
+
+-char *perfd_size(int page_len) {
+- return perfdata("size", page_len, "B", (min_page_len > 0 ? true : false),
+- min_page_len, (min_page_len > 0 ? true : false), 0, true, 0,
+- false, 0);
++char *perfd_size (int page_len)
++{
++ return perfdata ("size", page_len, "B",
++ (min_page_len>0?true:false), min_page_len,
++ (min_page_len>0?true:false), 0,
++ true, 0, false, 0);
+ }
+
+-void print_help(void) {
+- print_revision(progname, NP_VERSION);
++void
++print_help (void)
++{
++ print_revision (progname, NP_VERSION);
+
+- printf("Copyright (c) 1999 Ethan Galstad \n");
+- printf(COPYRIGHT, copyright, email);
++ printf ("Copyright (c) 1999 Ethan Galstad \n");
++ printf (COPYRIGHT, copyright, email);
+
+- printf("%s\n", _("This plugin tests the HTTP service on the specified host. "
+- "It can test"));
+- printf("%s\n", _("normal (http) and secure (https) servers, follow "
+- "redirects, search for"));
+- printf("%s\n", _("strings and regular expressions, check connection times, "
+- "and report on"));
+- printf("%s\n", _("certificate expiration times."));
++ printf ("%s\n", _("This plugin tests the HTTP service on the specified host. It can test"));
++ printf ("%s\n", _("normal (http) and secure (https) servers, follow redirects, search for"));
++ printf ("%s\n", _("strings and regular expressions, check connection times, and report on"));
++ printf ("%s\n", _("certificate expiration times."));
+
+- printf("\n\n");
++ printf ("\n\n");
+
+- print_usage();
++ print_usage ();
+
+ #ifdef HAVE_SSL
+- printf(_("In the first form, make an HTTP request."));
+- printf(_("In the second form, connect to the server and check the TLS "
+- "certificate."));
++ printf (_("In the first form, make an HTTP request."));
++ printf (_("In the second form, connect to the server and check the TLS certificate."));
+ #endif
+- printf(_("NOTE: One or both of -H and -I must be specified"));
++ printf (_("NOTE: One or both of -H and -I must be specified"));
+
+- printf("\n");
++ printf ("\n");
+
+- printf(UT_HELP_VRSN);
+- printf(UT_EXTRA_OPTS);
++ printf (UT_HELP_VRSN);
++ printf (UT_EXTRA_OPTS);
+
+- printf(" %s\n", "-H, --hostname=ADDRESS");
+- printf(" %s\n",
+- _("Host name argument for servers using host headers (virtual host)"));
+- printf(" %s\n",
+- _("Append a port to include it in the header (eg: example.com:5000)"));
+- printf(" %s\n", "-I, --IP-address=ADDRESS");
+- printf(" %s\n", _("IP address or name (use numeric address if possible to "
+- "bypass DNS lookup)."));
+- printf(" %s\n", "-p, --port=INTEGER");
+- printf(" %s", _("Port number (default: "));
+- printf("%d)\n", HTTP_PORT);
++ printf (" %s\n", "-H, --hostname=ADDRESS");
++ printf (" %s\n", _("Host name argument for servers using host headers (virtual host)"));
++ printf (" %s\n", _("Append a port to include it in the header (eg: example.com:5000)"));
++ printf (" %s\n", "-I, --IP-address=ADDRESS");
++ printf (" %s\n", _("IP address or name (use numeric address if possible to bypass DNS lookup)."));
++ printf (" %s\n", "-p, --port=INTEGER");
++ printf (" %s", _("Port number (default: "));
++ printf ("%d)\n", HTTP_PORT);
+
+- printf(UT_IPv46);
++ printf (UT_IPv46);
+
+ #ifdef HAVE_SSL
+- printf(" %s\n", "-S, --ssl=VERSION[+]");
+- printf(" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is "
+- "optional, and prevents"));
+- printf(
+- " %s\n",
+- _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
+- printf(" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are "
+- "also accepted."));
+- printf(" %s\n", "--sni");
+- printf(" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
+- printf(" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
+- printf(" %s\n", _("Minimum number of days a certificate has to be valid. "
+- "Port defaults to 443"));
+- printf(" %s\n", _("(when this option is used the URL is not checked by "
+- "default. You can use"));
+- printf(" %s\n",
+- _(" --continue-after-certificate to override this behavior)"));
+- printf(" %s\n", "--continue-after-certificate");
+- printf(" %s\n", _("Allows the HTTP check to continue after performing the "
+- "certificate check."));
+- printf(" %s\n", _("Does nothing unless -C is used."));
+- printf(" %s\n", "-J, --client-cert=FILE");
+- printf(" %s\n",
+- _("Name of file that contains the client certificate (PEM format)"));
+- printf(" %s\n", _("to be used in establishing the SSL session"));
+- printf(" %s\n", "-K, --private-key=FILE");
+- printf(" %s\n", _("Name of file containing the private key (PEM format)"));
+- printf(" %s\n", _("matching the client certificate"));
++ printf (" %s\n", "-S, --ssl=VERSION[+]");
++ printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents"));
++ printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,"));
++ printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted."));
++ printf (" %s\n", "--sni");
++ printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
++ printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]");
++ printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443"));
++ printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use"));
++ printf (" %s\n", _(" --continue-after-certificate to override this behavior)"));
++ printf (" %s\n", "--continue-after-certificate");
++ printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check."));
++ printf (" %s\n", _("Does nothing unless -C is used."));
++ printf (" %s\n", "-J, --client-cert=FILE");
++ printf (" %s\n", _("Name of file that contains the client certificate (PEM format)"));
++ printf (" %s\n", _("to be used in establishing the SSL session"));
++ printf (" %s\n", "-K, --private-key=FILE");
++ printf (" %s\n", _("Name of file containing the private key (PEM format)"));
++ printf (" %s\n", _("matching the client certificate"));
+ #endif
+
+- printf(" %s\n", "-e, --expect=STRING");
+- printf(" %s\n", _("Comma-delimited list of strings, at least one of them "
+- "is expected in"));
+- printf(" %s",
+- _("the first (status) line of the server response (default: "));
+- printf("%s)\n", HTTP_EXPECT);
+- printf(" %s\n", _("If specified skips all other status line logic (ex: "
+- "3xx, 4xx, 5xx processing)"));
+- printf(" %s\n", "-d, --header-string=STRING");
+- printf(" %s\n", _("String to expect in the response headers"));
+- printf(" %s\n", "-s, --string=STRING");
+- printf(" %s\n", _("String to expect in the content"));
+- printf(" %s\n", "-u, --url=PATH");
+- printf(" %s\n", _("URL to GET or POST (default: /)"));
+- printf(" %s\n", "-P, --post=STRING");
+- printf(" %s\n", _("URL encoded http POST data"));
+- printf(" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, "
+- "PUT, DELETE, CONNECT, CONNECT:POST)");
+- printf(" %s\n", _("Set HTTP method."));
+- printf(" %s\n", "-N, --no-body");
+- printf(" %s\n",
+- _("Don't wait for document body: stop reading after headers."));
+- printf(" %s\n",
+- _("(Note that this still does an HTTP GET or POST, not a HEAD.)"));
+- printf(" %s\n", "-M, --max-age=SECONDS");
+- printf(" %s\n", _("Warn if document is more than SECONDS old. the number "
+- "can also be of"));
+- printf(" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or "
+- "\"10d\" for days."));
+- printf(" %s\n", "-T, --content-type=STRING");
+- printf(" %s\n",
+- _("specify Content-Type header media type when POSTing\n"));
+-
+- printf(" %s\n", "-l, --linespan");
+- printf(" %s\n", _("Allow regex to span newlines (must precede -r or -R)"));
+- printf(" %s\n", "-r, --regex, --ereg=STRING");
+- printf(" %s\n", _("Search page for regex STRING"));
+- printf(" %s\n", "-R, --eregi=STRING");
+- printf(" %s\n", _("Search page for case-insensitive regex STRING"));
+- printf(" %s\n", "--invert-regex");
+- printf(" %s\n", _("Return CRITICAL if found, OK if not\n"));
+-
+- printf(" %s\n", "-a, --authorization=AUTH_PAIR");
+- printf(" %s\n", _("Username:password on sites with basic authentication"));
+- printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR");
+- printf(" %s\n",
+- _("Username:password on proxy-servers with basic authentication"));
+- printf(" %s\n", "-A, --useragent=STRING");
+- printf(" %s\n", _("String to be sent in http header as \"User Agent\""));
+- printf(" %s\n", "-k, --header=STRING");
+- printf(" %s\n", _("Any other tags to be sent in http header. Use multiple "
+- "times for additional headers"));
+- printf(" %s\n", "-E, --extended-perfdata");
+- printf(" %s\n", _("Print additional performance data"));
+- printf(" %s\n", "-B, --show-body");
+- printf(" %s\n", _("Print body content below status line"));
+- printf(" %s\n", "-L, --link");
+- printf(" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
+- printf(" %s\n",
+- "-f, --onredirect=");
+- printf(" %s\n", _("How to handle redirected pages. sticky is like follow "
+- "but stick to the"));
+- printf(
+- " %s\n",
+- _("specified IP address. stickyport also ensures port stays the same."));
+- printf(" %s\n", "--max-redirs=INTEGER");
+- printf(" %s", _("Maximal number of redirects (default: "));
+- printf("%d)\n", DEFAULT_MAX_REDIRS);
+- printf(" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
+- printf(" %s\n", _("Minimum page size required (bytes) : Maximum page size "
+- "required (bytes)"));
+- printf(UT_WARN_CRIT);
+-
+- printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
+-
+- printf(UT_VERBOSE);
+-
+- printf("\n");
+- printf("%s\n", _("Notes:"));
+- printf(
+- " %s\n",
+- _("This plugin will attempt to open an HTTP connection with the host."));
+- printf(" %s\n", _("Successful connects return STATE_OK, refusals and "
+- "timeouts return STATE_CRITICAL"));
+- printf(" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, "
+- "but incorrect response"));
+- printf(" %s\n", _("messages from the host result in STATE_WARNING return "
+- "values. If you are"));
+- printf(" %s\n", _("checking a virtual server that uses 'host headers' you "
+- "must supply the FQDN"));
+- printf(" %s\n",
+- _("(fully qualified domain name) as the [host_name] argument."));
++ printf (" %s\n", "-e, --expect=STRING");
++ printf (" %s\n", _("Comma-delimited list of strings, at least one of them is expected in"));
++ printf (" %s", _("the first (status) line of the server response (default: "));
++ printf ("%s)\n", HTTP_EXPECT);
++ printf (" %s\n", _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)"));
++ printf (" %s\n", "-d, --header-string=STRING");
++ printf (" %s\n", _("String to expect in the response headers"));
++ printf (" %s\n", "-s, --string=STRING");
++ printf (" %s\n", _("String to expect in the content"));
++ printf (" %s\n", "-u, --url=PATH");
++ printf (" %s\n", _("URL to GET or POST (default: /)"));
++ printf (" %s\n", "-P, --post=STRING");
++ printf (" %s\n", _("URL encoded http POST data"));
++ printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)");
++ printf (" %s\n", _("Set HTTP method."));
++ printf (" %s\n", "-N, --no-body");
++ printf (" %s\n", _("Don't wait for document body: stop reading after headers."));
++ printf (" %s\n", _("(Note that this still does an HTTP GET or POST, not a HEAD.)"));
++ printf (" %s\n", "-M, --max-age=SECONDS");
++ printf (" %s\n", _("Warn if document is more than SECONDS old. the number can also be of"));
++ printf (" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or \"10d\" for days."));
++ printf (" %s\n", "-T, --content-type=STRING");
++ printf (" %s\n", _("specify Content-Type header media type when POSTing\n"));
++
++ printf (" %s\n", "-l, --linespan");
++ printf (" %s\n", _("Allow regex to span newlines (must precede -r or -R)"));
++ printf (" %s\n", "-r, --regex, --ereg=STRING");
++ printf (" %s\n", _("Search page for regex STRING"));
++ printf (" %s\n", "-R, --eregi=STRING");
++ printf (" %s\n", _("Search page for case-insensitive regex STRING"));
++ printf (" %s\n", "--invert-regex");
++ printf (" %s\n", _("Return CRITICAL if found, OK if not\n"));
++
++ printf (" %s\n", "-a, --authorization=AUTH_PAIR");
++ printf (" %s\n", _("Username:password on sites with basic authentication"));
++ printf (" %s\n", "-b, --proxy-authorization=AUTH_PAIR");
++ printf (" %s\n", _("Username:password on proxy-servers with basic authentication"));
++ printf (" %s\n", "-A, --useragent=STRING");
++ printf (" %s\n", _("String to be sent in http header as \"User Agent\""));
++ printf (" %s\n", "-k, --header=STRING");
++ printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers"));
++ printf (" %s\n", "-E, --extended-perfdata");
++ printf (" %s\n", _("Print additional performance data"));
++ printf (" %s\n", "-B, --show-body");
++ printf (" %s\n", _("Print body content below status line"));
++ printf (" %s\n", "-L, --link");
++ printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)"));
++ printf (" %s\n", "-f, --onredirect=");
++ printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the"));
++ printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same."));
++ printf (" %s\n", "--max-redirs=INTEGER");
++ printf (" %s", _("Maximal number of redirects (default: "));
++ printf ("%d)\n", DEFAULT_MAX_REDIRS);
++ printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>");
++ printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)"));
++ printf (UT_WARN_CRIT);
++
++ printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
++
++ printf (UT_VERBOSE);
++
++ printf ("\n");
++ printf ("%s\n", _("Notes:"));
++ printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host."));
++ printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL"));
++ printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response"));
++ printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are"));
++ printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN"));
++ printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument."));
+
+ #ifdef HAVE_SSL
+- printf("\n");
+- printf(" %s\n", _("This plugin can also check whether an SSL enabled web "
+- "server is able to"));
+- printf(" %s\n", _("serve content (optionally within a specified time) or "
+- "whether the X509 "));
+- printf(" %s\n",
+- _("certificate is still valid for the specified number of days."));
+- printf("\n");
+- printf(
+- " %s\n",
+- _("Please note that this plugin does not check if the presented server"));
+- printf(" %s\n", _("certificate matches the hostname of the server, or if the "
+- "certificate"));
+- printf(" %s\n",
+- _("has a valid chain of trust to one of the locally installed CAs."));
+- printf("\n");
+- printf("%s\n", _("Examples:"));
+- printf(" %s\n\n",
+- "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com");
+- printf(" %s\n", _("When the 'www.verisign.com' server returns its content "
+- "within 5 seconds,"));
+- printf(" %s\n", _("a STATE_OK will be returned. When the server returns its "
+- "content but exceeds"));
+- printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. "
+- "When an error occurs,"));
+- printf(" %s\n", _("a STATE_CRITICAL will be returned."));
+- printf("\n");
+- printf(" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");
+- printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for "
+- "more than 14 days,"));
+- printf(" %s\n", _("a STATE_OK is returned. When the certificate is still "
+- "valid, but for less than"));
+- printf(" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL "
+- "will be returned when"));
+- printf(" %s\n\n", _("the certificate is expired."));
+- printf("\n");
+- printf(" %s\n\n",
+- "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
+- printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for "
+- "more than 30 days,"));
+- printf(" %s\n", _("a STATE_OK is returned. When the certificate is still "
+- "valid, but for less than"));
+- printf(" %s\n",
+- _("30 days, but more than 14 days, a STATE_WARNING is returned."));
+- printf(" %s\n", _("A STATE_CRITICAL will be returned when certificate "
+- "expires in less than 14 days"));
+-
+- printf(" %s\n\n",
+- "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
+- printf(" %s\n",
+- _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S "
+- "-j CONNECT -H www.verisign.com "));
+- printf(" %s\n", _("all these options are needed: -I -p "
+- "-u -S(sl) -j CONNECT -H "));
+- printf(" %s\n", _("a STATE_OK will be returned. When the server returns its "
+- "content but exceeds"));
+- printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. "
+- "When an error occurs,"));
+- printf(" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to "
+- "the method you can set the method used"));
+- printf(" %s\n", _("inside the proxied connection: -j CONNECT:POST"));
++ printf ("\n");
++ printf (" %s\n", _("This plugin can also check whether an SSL enabled web server is able to"));
++ printf (" %s\n", _("serve content (optionally within a specified time) or whether the X509 "));
++ printf (" %s\n", _("certificate is still valid for the specified number of days."));
++ printf ("\n");
++ printf (" %s\n", _("Please note that this plugin does not check if the presented server"));
++ printf (" %s\n", _("certificate matches the hostname of the server, or if the certificate"));
++ printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs."));
++ printf ("\n");
++ printf ("%s\n", _("Examples:"));
++ printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com");
++ printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,"));
++ printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
++ printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
++ printf (" %s\n", _("a STATE_CRITICAL will be returned."));
++ printf ("\n");
++ printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14");
++ printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,"));
++ printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
++ printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when"));
++ printf (" %s\n\n", _("the certificate is expired."));
++ printf ("\n");
++ printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14");
++ printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,"));
++ printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
++ printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned."));
++ printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days"));
++
++ printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
++ printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com "));
++ printf (" %s\n", _("all these options are needed: -I -p -u -S(sl) -j CONNECT -H "));
++ printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds"));
++ printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,"));
++ printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used"));
++ printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST"));
+
+ #endif
+
+- printf(UT_SUPPORT);
++ printf (UT_SUPPORT);
++
+ }
+
+-void print_usage(void) {
+- printf("%s\n", _("Usage:"));
+- printf(" %s -H | -I [-u ] [-p ]\n", progname);
+- printf(" [-J ] [-K ]\n");
+- printf(" [-w ] [-c ] [-t ] [-L] "
+- "[-E] [-a auth]\n");
+- printf(" [-b proxy_auth] [-f "
+- "]\n");
+- printf(" [-e ] [-d string] [-s string] [-l] [-r | -R "
+- "]\n");
+- printf(" [-P string] [-m :] [-4|-6] [-N] [-M "
+- "]\n");
+- printf(" [-A string] [-k string] [-S ] [--sni]\n");
+- printf(" [-T ] [-j method]\n");
+- printf(" %s -H | -I -C [,]\n",
+- progname);
+- printf(" [-p ] [-t ] [-4|-6] [--sni]\n");
++
++
++void
++print_usage (void)
++{
++ printf ("%s\n", _("Usage:"));
++ printf (" %s -H | -I [-u ] [-p ]\n",progname);
++ printf (" [-J ] [-K ]\n");
++ printf (" [-w ] [-c ] [-t ] [-L] [-E] [-a auth]\n");
++ printf (" [-b proxy_auth] [-f ]\n");
++ printf (" [-e ] [-d string] [-s string] [-l] [-r | -R ]\n");
++ printf (" [-P string] [-m :] [-4|-6] [-N] [-M ]\n");
++ printf (" [-A string] [-k string] [-S ] [--sni]\n");
++ printf (" [-T ] [-j method]\n");
++ printf (" %s -H | -I -C [,]\n",progname);
++ printf (" [-p ] [-t ] [-4|-6] [--sni]\n");
+ }
+
+From ad32adf4ef09572715ce7bc207947ba7ffb7dc8d Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com>
+Date: Thu, 22 Dec 2022 13:16:19 +0100
+Subject: [PATCH 14/16] Reformat a part to increase readability
+
+---
+ plugins/check_http.c | 16 +++++++++++++---
+ 1 file changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index dbaa0d780..a9c22389e 100644
+--- a/plugins/check_http.c
++++ b/plugins/check_http.c
+@@ -1246,13 +1246,23 @@ check_http (void)
+ if (strstr(header, header_expect) == NULL) {
+ // We did not find the header, the rest is for building the output and setting the state
+ char output_header_search[30] = "";
++
+ strncpy(&output_header_search[0], header_expect,
+ sizeof(output_header_search));
++
+ if (output_header_search[sizeof(output_header_search) - 1] != '\0') {
+- bcopy("...", &output_header_search[sizeof(output_header_search) - 4],
+- 4);
++ bcopy("...",
++ &output_header_search[sizeof(output_header_search) - 4],
++ 4);
+ }
+- xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
++
++ xasprintf (&msg,
++ _("%sheader '%s' not found on '%s://%s:%d%s', "),
++ msg,
++ output_header_search, use_ssl ? "https" : "http",
++ host_name ? host_name : server_address, server_port,
++ server_url);
++
+ result = STATE_CRITICAL;
+ }
+ }
+
+From a03c4bbc1ecdad247a32e469a37aa1f0126581c7 Mon Sep 17 00:00:00 2001
+From: Sven Nierlein
+Date: Thu, 22 Dec 2022 14:06:08 +0100
+Subject: [PATCH 15/16] check_http/check_curl: add chunked encoding test
+
+---
+ plugins/tests/check_curl.t | 18 +++++++++++++++++-
+ plugins/tests/check_http.t | 18 +++++++++++++++++-
+ 2 files changed, 34 insertions(+), 2 deletions(-)
+
+diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
+index aa72ef671..86bfb5381 100755
+--- a/plugins/tests/check_curl.t
++++ b/plugins/tests/check_curl.t
+@@ -21,7 +21,7 @@ use FindBin qw($Bin);
+
+ $ENV{'LC_TIME'} = "C";
+
+-my $common_tests = 72;
++my $common_tests = 74;
+ my $ssl_only_tests = 8;
+ # Check that all dependent modules are available
+ eval "use HTTP::Daemon 6.01;";
+@@ -200,6 +200,17 @@ sub run_server {
+ $c->send_basic_header;
+ $c->send_crlf;
+ $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host')));
++ } elsif ($r->url->path eq "/chunked") {
++ $c->send_basic_header;
++ $c->send_header('Transfer-Encoding', "chunked");
++ $c->send_crlf;
++ my $chunks = ["chunked", "encoding", "test\n"];
++ $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub {
++ my $chunk = shift @{$chunks};
++ return unless $chunk;
++ sleep(1);
++ return($chunk);
++ }));
+ } else {
+ $c->send_error(HTTP::Status->RC_FORBIDDEN);
+ }
+@@ -508,4 +519,9 @@ sub run_common_tests {
+ };
+ is( $@, "", $cmd );
+
++ $cmd = "$command -u /chunked -s 'chunkedencodingtest'";
++ eval {
++ $result = NPTest->testCmd( $cmd, 5 );
++ };
++ is( $@, "", $cmd );
+ }
+diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t
+index ea11b2ac3..132c6659d 100755
+--- a/plugins/tests/check_http.t
++++ b/plugins/tests/check_http.t
+@@ -12,7 +12,7 @@ use FindBin qw($Bin);
+
+ $ENV{'LC_TIME'} = "C";
+
+-my $common_tests = 70;
++my $common_tests = 72;
+ my $virtual_port_tests = 8;
+ my $ssl_only_tests = 12;
+ # Check that all dependent modules are available
+@@ -190,6 +190,17 @@ sub run_server {
+ $c->send_basic_header;
+ $c->send_crlf;
+ $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host')));
++ } elsif ($r->url->path eq "/chunked") {
++ $c->send_basic_header;
++ $c->send_header('Transfer-Encoding', "chunked");
++ $c->send_crlf;
++ my $chunks = ["chunked", "encoding", "test\n"];
++ $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub {
++ my $chunk = shift @{$chunks};
++ return unless $chunk;
++ sleep(1);
++ return($chunk);
++ }));
+ } else {
+ $c->send_error(HTTP::Status->RC_FORBIDDEN);
+ }
+@@ -497,4 +508,9 @@ sub run_common_tests {
+ };
+ is( $@, "", $cmd );
+
++ $cmd = "$command -u /chunked -s 'chunkedencodingtest'";
++ eval {
++ $result = NPTest->testCmd( $cmd, 5 );
++ };
++ is( $@, "", $cmd );
+ }
+
+From ab082d93fe90781309d71f3feea837dd0e32841c Mon Sep 17 00:00:00 2001
+From: Sven Nierlein
+Date: Thu, 22 Dec 2022 14:58:01 +0100
+Subject: [PATCH 16/16] tests: fix chunked encoding test server
+
+---
+ plugins/tests/check_curl.t | 29 ++++++++++++++---------------
+ plugins/tests/check_http.t | 7 ++-----
+ 2 files changed, 16 insertions(+), 20 deletions(-)
+
+diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
+index 86bfb5381..72f2b7c2d 100755
+--- a/plugins/tests/check_curl.t
++++ b/plugins/tests/check_curl.t
+@@ -21,7 +21,7 @@ use FindBin qw($Bin);
+
+ $ENV{'LC_TIME'} = "C";
+
+-my $common_tests = 74;
++my $common_tests = 73;
+ my $ssl_only_tests = 8;
+ # Check that all dependent modules are available
+ eval "use HTTP::Daemon 6.01;";
+@@ -200,17 +200,14 @@ sub run_server {
+ $c->send_basic_header;
+ $c->send_crlf;
+ $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host')));
+- } elsif ($r->url->path eq "/chunked") {
+- $c->send_basic_header;
+- $c->send_header('Transfer-Encoding', "chunked");
+- $c->send_crlf;
+- my $chunks = ["chunked", "encoding", "test\n"];
+- $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub {
+- my $chunk = shift @{$chunks};
+- return unless $chunk;
+- sleep(1);
+- return($chunk);
+- }));
++ } elsif ($r->url->path eq "/chunked") {
++ my $chunks = ["chunked", "encoding", "test\n"];
++ $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub {
++ my $chunk = shift @{$chunks};
++ return unless $chunk;
++ sleep(1);
++ return($chunk);
++ }));
+ } else {
+ $c->send_error(HTTP::Status->RC_FORBIDDEN);
+ }
+@@ -483,7 +480,8 @@ sub run_common_tests {
+ local $SIG{ALRM} = sub { die "alarm\n" };
+ alarm(2);
+ $result = NPTest->testCmd( $cmd );
+- alarm(0); };
++ };
++ alarm(0);
+ isnt( $@, "alarm\n", $cmd );
+ is( $result->return_code, 0, $cmd );
+
+@@ -493,7 +491,8 @@ sub run_common_tests {
+ local $SIG{ALRM} = sub { die "alarm\n" };
+ alarm(2);
+ $result = NPTest->testCmd( $cmd );
+- alarm(0); };
++ };
++ alarm(0);
+ isnt( $@, "alarm\n", $cmd );
+ isnt( $result->return_code, 0, $cmd );
+
+@@ -519,7 +518,7 @@ sub run_common_tests {
+ };
+ is( $@, "", $cmd );
+
+- $cmd = "$command -u /chunked -s 'chunkedencodingtest'";
++ $cmd = "$command -u /chunked -s 'chunkedencodingtest' -d 'Transfer-Encoding: chunked'";
+ eval {
+ $result = NPTest->testCmd( $cmd, 5 );
+ };
+diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t
+index 132c6659d..d766ac372 100755
+--- a/plugins/tests/check_http.t
++++ b/plugins/tests/check_http.t
+@@ -12,7 +12,7 @@ use FindBin qw($Bin);
+
+ $ENV{'LC_TIME'} = "C";
+
+-my $common_tests = 72;
++my $common_tests = 71;
+ my $virtual_port_tests = 8;
+ my $ssl_only_tests = 12;
+ # Check that all dependent modules are available
+@@ -191,9 +191,6 @@ sub run_server {
+ $c->send_crlf;
+ $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host')));
+ } elsif ($r->url->path eq "/chunked") {
+- $c->send_basic_header;
+- $c->send_header('Transfer-Encoding', "chunked");
+- $c->send_crlf;
+ my $chunks = ["chunked", "encoding", "test\n"];
+ $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub {
+ my $chunk = shift @{$chunks};
+@@ -508,7 +505,7 @@ sub run_common_tests {
+ };
+ is( $@, "", $cmd );
+
+- $cmd = "$command -u /chunked -s 'chunkedencodingtest'";
++ $cmd = "$command -u /chunked -s 'chunkedencodingtest' -d 'Transfer-Encoding: chunked'";
+ eval {
+ $result = NPTest->testCmd( $cmd, 5 );
+ };
diff --git a/debian/patches/series b/debian/patches/series
index 590ad33..b7c19b7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -11,4 +11,5 @@
20_check_apt_unknown_escape_sequence
21_check_http_faster_with_large_files
22_check_curl_faster_with_large_files
+23_check_http_chunked_encoding
24_check_apt_usage