From f064e9bf0049be43d705cb371b61a0a422d86e80 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Tue, 17 Jan 2023 12:57:58 +0000 Subject: [PATCH] Adding d/p/23_check_http_chunked_encoding from upstream --- debian/patches/23_check_http_chunked_encoding | 5976 +++++++++++++++++ debian/patches/series | 1 + 2 files changed, 5977 insertions(+) create mode 100644 debian/patches/23_check_http_chunked_encoding diff --git a/debian/patches/23_check_http_chunked_encoding b/debian/patches/23_check_http_chunked_encoding new file mode 100644 index 0000000..8606277 --- /dev/null +++ b/debian/patches/23_check_http_chunked_encoding @@ -0,0 +1,5976 @@ +From 1fb23c6e78c9fd1e5fdce6a9c310165801de1cec Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Sun, 13 Nov 2022 14:47:29 +0100 +Subject: [PATCH 01/16] Use real booleans instead of ints + +--- + plugins/check_http.c | 111 +++++++++++++++++++++---------------------- + 1 file changed, 55 insertions(+), 56 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 1835a2d09..b1effd8d9 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -57,8 +57,8 @@ enum { + }; + + #ifdef HAVE_SSL +-int check_cert = FALSE; +-int continue_after_check_cert = FALSE; ++bool check_cert = false; ++bool continue_after_check_cert = false; + int ssl_version = 0; + int days_till_exp_warn, days_till_exp_crit; + char *randbuff; +@@ -69,7 +69,7 @@ X509 *server_cert; + # define my_recv(buf, len) read(sd, buf, len) + # define my_send(buf, len) send(sd, buf, len, 0) + #endif /* HAVE_SSL */ +-int no_body = FALSE; ++bool no_body = false; + int maximum_age = -1; + + enum { +@@ -91,7 +91,7 @@ struct timeval tv_temp; + #define HTTP_URL "/" + #define CRLF "\r\n" + +-int specify_port = FALSE; ++bool specify_port = false; + int server_port = HTTP_PORT; + int virtual_port = 0; + char server_port_text[6] = ""; +@@ -113,16 +113,16 @@ char *critical_thresholds = NULL; + thresholds *thlds; + char user_auth[MAX_INPUT_BUFFER] = ""; + char proxy_auth[MAX_INPUT_BUFFER] = ""; +-int display_html = FALSE; ++bool display_html = false; + char **http_opt_headers; + int http_opt_headers_count = 0; + int onredirect = STATE_OK; + int followsticky = STICKY_NONE; +-int use_ssl = FALSE; +-int use_sni = FALSE; +-int verbose = FALSE; +-int show_extended_perfdata = FALSE; +-int show_body = FALSE; ++bool use_ssl = false; ++bool use_sni = false; ++bool verbose = false; ++bool show_extended_perfdata = false; ++bool show_body = false; + int sd; + int min_page_len = 0; + int max_page_len = 0; +@@ -136,10 +136,10 @@ char buffer[MAX_INPUT_BUFFER]; + char *client_cert = NULL; + char *client_privkey = NULL; + +-int process_arguments (int, char **); ++bool process_arguments (int, char **); + int check_http (void); + void redir (char *pos, char *status_line); +-int server_type_check(const char *type); ++bool server_type_check(const char *type); + int server_port_check(int ssl_flag); + char *perfd_time (double microsec); + char *perfd_time_connect (double microsec); +@@ -169,10 +169,10 @@ main (int argc, char **argv) + /* Parse extra opts if any */ + argv=np_extra_opts (&argc, argv, progname); + +- if (process_arguments (argc, argv) == ERROR) ++ if (process_arguments (argc, argv) == false) + usage4 (_("Could not parse arguments")); + +- if (display_html == TRUE) ++ if (display_html == true) + printf ("", + use_ssl ? "https" : "http", host_name ? host_name : server_address, + server_port, server_url); +@@ -196,8 +196,7 @@ test_file (char *path) + } + + /* process command-line arguments */ +-int +-process_arguments (int argc, char **argv) ++bool process_arguments (int argc, char **argv) + { + int c = 1; + char *p; +@@ -252,7 +251,7 @@ process_arguments (int argc, char **argv) + }; + + if (argc < 2) +- return ERROR; ++ return false; + + for (c = 1; c < argc; c++) { + if (strcmp ("-to", argv[c]) == 0) +@@ -308,10 +307,10 @@ process_arguments (int argc, char **argv) + /* xasprintf (&http_opt_headers, "%s", optarg); */ + break; + case 'L': /* show html link */ +- display_html = TRUE; ++ display_html = true; + break; + case 'n': /* do not show html link */ +- display_html = FALSE; ++ display_html = false; + break; + case 'C': /* Check SSL cert validity */ + #ifdef HAVE_SSL +@@ -332,12 +331,12 @@ process_arguments (int argc, char **argv) + usage2 (_("Invalid certificate expiration period"), optarg); + days_till_exp_warn = atoi (optarg); + } +- check_cert = TRUE; ++ check_cert = true; + goto enable_ssl; + #endif + case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ + #ifdef HAVE_SSL +- continue_after_check_cert = TRUE; ++ continue_after_check_cert = true; + break; + #endif + case 'J': /* use client certificate */ +@@ -357,7 +356,7 @@ process_arguments (int argc, char **argv) + enable_ssl: + /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple + parameters, like -S and -C combinations */ +- use_ssl = TRUE; ++ use_ssl = true; + if (c=='S' && optarg != NULL) { + int got_plus = strchr(optarg, '+') != NULL; + +@@ -374,7 +373,7 @@ process_arguments (int argc, char **argv) + else + usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); + } +- if (specify_port == FALSE) ++ if (specify_port == false) + server_port = HTTPS_PORT; + #else + /* -C -J and -K fall through to here without SSL */ +@@ -382,7 +381,7 @@ process_arguments (int argc, char **argv) + #endif + break; + case SNI_OPTION: +- use_sni = TRUE; ++ use_sni = true; + break; + case MAX_REDIRS_OPTION: + if (!is_intnonneg (optarg)) +@@ -420,7 +419,7 @@ process_arguments (int argc, char **argv) + host_name_length = strlen (host_name) - strlen (p) - 1; + free (host_name); + host_name = strndup (optarg, host_name_length); +- if (specify_port == FALSE) ++ if (specify_port == false) + server_port = virtual_port; + } + } else if ((p = strchr (host_name, ':')) != NULL +@@ -430,7 +429,7 @@ process_arguments (int argc, char **argv) + host_name_length = strlen (host_name) - strlen (p) - 1; + free (host_name); + host_name = strndup (optarg, host_name_length); +- if (specify_port == FALSE) ++ if (specify_port == false) + server_port = virtual_port; + } + break; +@@ -446,7 +445,7 @@ process_arguments (int argc, char **argv) + usage2 (_("Invalid port number"), optarg); + else { + server_port = atoi (optarg); +- specify_port = TRUE; ++ specify_port = true; + } + break; + case 'a': /* authorization info */ +@@ -502,7 +501,7 @@ process_arguments (int argc, char **argv) + if (errcode != 0) { + (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); + printf (_("Could Not Compile Regular Expression: %s"), errbuf); +- return ERROR; ++ return false; + } + break; + case INVERT_REGEX: +@@ -519,7 +518,7 @@ process_arguments (int argc, char **argv) + #endif + break; + case 'v': /* verbose */ +- verbose = TRUE; ++ verbose = true; + break; + case 'm': /* min_page_length */ + { +@@ -544,7 +543,7 @@ process_arguments (int argc, char **argv) + break; + } + case 'N': /* no-body */ +- no_body = TRUE; ++ no_body = true; + break; + case 'M': /* max-age */ + { +@@ -565,10 +564,10 @@ process_arguments (int argc, char **argv) + } + break; + case 'E': /* show extended perfdata */ +- show_extended_perfdata = TRUE; ++ show_extended_perfdata = true; + break; + case 'B': /* print body content after status line */ +- show_body = TRUE; ++ show_body = true; + break; + } + } +@@ -605,7 +604,7 @@ process_arguments (int argc, char **argv) + if (virtual_port == 0) + virtual_port = server_port; + +- return TRUE; ++ return true; + } + + +@@ -945,7 +944,7 @@ check_http (void) + /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ + + if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 +- && host_name != NULL && use_ssl == TRUE) { ++ && host_name != NULL && use_ssl == true) { + + if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); + asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); +@@ -979,7 +978,7 @@ check_http (void) + } + #ifdef HAVE_SSL + elapsed_time_connect = (double)microsec_connect / 1.0e6; +- if (use_ssl == TRUE) { ++ if (use_ssl == true) { + gettimeofday (&tv_temp, NULL); + result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); + if (verbose) printf ("SSL initialized\n"); +@@ -987,9 +986,9 @@ check_http (void) + die (STATE_CRITICAL, NULL); + microsec_ssl = deltime (tv_temp); + elapsed_time_ssl = (double)microsec_ssl / 1.0e6; +- if (check_cert == TRUE) { ++ if (check_cert == true) { + result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); +- if (continue_after_check_cert == FALSE) { ++ if (continue_after_check_cert == false) { + if (sd) close(sd); + np_net_ssl_cleanup(); + return result; +@@ -999,7 +998,7 @@ check_http (void) + #endif /* HAVE_SSL */ + + if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 +- && host_name != NULL && use_ssl == TRUE) ++ && host_name != NULL && use_ssl == true) + asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); + else + asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); +@@ -1027,10 +1026,10 @@ check_http (void) + * 14.23). Some server applications/configurations cause trouble if the + * (default) port is explicitly specified in the "Host:" header line. + */ +- if ((use_ssl == FALSE && virtual_port == HTTP_PORT) || +- (use_ssl == TRUE && virtual_port == HTTPS_PORT) || ++ if ((use_ssl == false && virtual_port == HTTP_PORT) || ++ (use_ssl == true && virtual_port == HTTPS_PORT) || + (server_address != NULL && strcmp(http_method, "CONNECT") == 0 +- && host_name != NULL && use_ssl == TRUE)) ++ && host_name != NULL && use_ssl == true)) + xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); + else + xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); +@@ -1334,7 +1333,7 @@ check_http (void) + perfd_time (elapsed_time), + perfd_size (page_len), + perfd_time_connect (elapsed_time_connect), +- use_ssl == TRUE ? perfd_time_ssl (elapsed_time_ssl) : "", ++ use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "", + perfd_time_headers (elapsed_time_headers), + perfd_time_firstbyte (elapsed_time_firstbyte), + perfd_time_transfer (elapsed_time_transfer)); +@@ -1529,13 +1528,13 @@ redir (char *pos, char *status_line) + } + + +-int ++bool + server_type_check (const char *type) + { + if (strcmp (type, "https")) +- return FALSE; ++ return false; + else +- return TRUE; ++ return true; + } + + int +@@ -1550,42 +1549,42 @@ server_port_check (int ssl_flag) + char *perfd_time (double elapsed_time) + { + return fperfdata ("time", elapsed_time, "s", +- thlds->warning?TRUE:FALSE, thlds->warning?thlds->warning->end:0, +- thlds->critical?TRUE:FALSE, thlds->critical?thlds->critical->end:0, +- TRUE, 0, TRUE, socket_timeout); ++ thlds->warning?true:false, thlds->warning?thlds->warning->end:0, ++ thlds->critical?true:false, thlds->critical?thlds->critical->end:0, ++ true, 0, true, socket_timeout); + } + + char *perfd_time_connect (double elapsed_time_connect) + { +- return fperfdata ("time_connect", elapsed_time_connect, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); ++ return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + + char *perfd_time_ssl (double elapsed_time_ssl) + { +- return fperfdata ("time_ssl", elapsed_time_ssl, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); ++ return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + + char *perfd_time_headers (double elapsed_time_headers) + { +- return fperfdata ("time_headers", elapsed_time_headers, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); ++ return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + + char *perfd_time_firstbyte (double elapsed_time_firstbyte) + { +- return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); ++ return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + + char *perfd_time_transfer (double elapsed_time_transfer) + { +- return fperfdata ("time_transfer", elapsed_time_transfer, "s", FALSE, 0, FALSE, 0, FALSE, 0, TRUE, socket_timeout); ++ return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + + char *perfd_size (int page_len) + { + return perfdata ("size", page_len, "B", +- (min_page_len>0?TRUE:FALSE), min_page_len, +- (min_page_len>0?TRUE:FALSE), 0, +- TRUE, 0, FALSE, 0); ++ (min_page_len>0?true:false), min_page_len, ++ (min_page_len>0?true:false), 0, ++ true, 0, false, 0); + } + + void + +From f1b15b887a1a1cded1fb994edc7a3e3d4c8ccc21 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Sun, 13 Nov 2022 14:47:54 +0100 +Subject: [PATCH 02/16] Update copyright + +--- + plugins/check_http.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index b1effd8d9..0f652ef88 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -34,7 +34,7 @@ + /* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */ + + const char *progname = "check_http"; +-const char *copyright = "1999-2013"; ++const char *copyright = "1999-2022"; + const char *email = "devel@monitoring-plugins.org"; + + #include "common.h" + +From 7c46ef1cf400610b3da9e19862801cd42ea0e903 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Sun, 13 Nov 2022 18:48:26 +0100 +Subject: [PATCH 03/16] Document process_arguments a little bit better + +--- + plugins/check_http.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 0f652ef88..6c6810fed 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -195,7 +195,10 @@ test_file (char *path) + usage2 (_("file does not exist or is not readable"), path); + } + +-/* process command-line arguments */ ++/* ++ * process command-line arguments ++ * returns true on succes, false otherwise ++ */ + bool process_arguments (int argc, char **argv) + { + int c = 1; + +From 6857e77e342aab383b32d51aa6c9129a26dc1ff6 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Sun, 13 Nov 2022 18:54:21 +0100 +Subject: [PATCH 04/16] clang format + +--- + plugins/check_http.c | 1685 ++++++++++++++++++++++-------------------- + 1 file changed, 872 insertions(+), 813 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 6c6810fed..440c84229 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -1,46 +1,47 @@ + /***************************************************************************** +-* +-* Monitoring check_http plugin +-* +-* License: GPL +-* Copyright (c) 1999-2013 Monitoring Plugins Development Team +-* +-* Description: +-* +-* This file contains the check_http plugin +-* +-* This plugin tests the HTTP service on the specified host. It can test +-* normal (http) and secure (https) servers, follow redirects, search for +-* strings and regular expressions, check connection times, and report on +-* certificate expiration times. +-* +-* +-* This program is free software: you can redistribute it and/or modify +-* it under the terms of the GNU General Public License as published by +-* the Free Software Foundation, either version 3 of the License, or +-* (at your option) any later version. +-* +-* This program is distributed in the hope that it will be useful, +-* but WITHOUT ANY WARRANTY; without even the implied warranty of +-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-* GNU General Public License for more details. +-* +-* You should have received a copy of the GNU General Public License +-* along with this program. If not, see . +-* +-* +-*****************************************************************************/ +- +-/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ../../plugins/check_http.c */ ++ * ++ * Monitoring check_http plugin ++ * ++ * License: GPL ++ * Copyright (c) 1999-2013 Monitoring Plugins Development Team ++ * ++ * Description: ++ * ++ * This file contains the check_http plugin ++ * ++ * This plugin tests the HTTP service on the specified host. It can test ++ * normal (http) and secure (https) servers, follow redirects, search for ++ * strings and regular expressions, check connection times, and report on ++ * certificate expiration times. ++ * ++ * ++ * This program is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program. If not, see . ++ * ++ * ++ *****************************************************************************/ ++ ++/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ ++ * ../../plugins/check_http.c */ + + const char *progname = "check_http"; + const char *copyright = "1999-2022"; + const char *email = "devel@monitoring-plugins.org"; + ++#include "base64.h" + #include "common.h" + #include "netutils.h" + #include "utils.h" +-#include "base64.h" + #include + + #define STICKY_NONE 0 +@@ -63,19 +64,18 @@ int ssl_version = 0; + int days_till_exp_warn, days_till_exp_crit; + char *randbuff; + X509 *server_cert; +-# define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) +-# define my_send(buf, len) ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) ++#define my_recv(buf, len) \ ++ ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) ++#define my_send(buf, len) \ ++ ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) + #else /* ifndef HAVE_SSL */ +-# define my_recv(buf, len) read(sd, buf, len) +-# define my_send(buf, len) send(sd, buf, len, 0) ++#define my_recv(buf, len) read(sd, buf, len) ++#define my_send(buf, len) send(sd, buf, len, 0) + #endif /* HAVE_SSL */ + bool no_body = false; + int maximum_age = -1; + +-enum { +- REGS = 2, +- MAX_RE_SIZE = 1024 +-}; ++enum { REGS = 2, MAX_RE_SIZE = 1024 }; + #include "regex.h" + regex_t preg; + regmatch_t pmatch[REGS]; +@@ -136,71 +136,67 @@ char buffer[MAX_INPUT_BUFFER]; + char *client_cert = NULL; + char *client_privkey = NULL; + +-bool process_arguments (int, char **); +-int check_http (void); +-void redir (char *pos, char *status_line); ++bool process_arguments(int, char **); ++int check_http(void); ++void redir(char *pos, char *status_line); + bool server_type_check(const char *type); + int server_port_check(int ssl_flag); +-char *perfd_time (double microsec); +-char *perfd_time_connect (double microsec); +-char *perfd_time_ssl (double microsec); +-char *perfd_time_firstbyte (double microsec); +-char *perfd_time_headers (double microsec); +-char *perfd_time_transfer (double microsec); +-char *perfd_size (int page_len); +-void print_help (void); +-void print_usage (void); +- +-int +-main (int argc, char **argv) +-{ ++char *perfd_time(double microsec); ++char *perfd_time_connect(double microsec); ++char *perfd_time_ssl(double microsec); ++char *perfd_time_firstbyte(double microsec); ++char *perfd_time_headers(double microsec); ++char *perfd_time_transfer(double microsec); ++char *perfd_size(int page_len); ++void print_help(void); ++void print_usage(void); ++ ++int main(int argc, char **argv) { + int result = STATE_UNKNOWN; + +- setlocale (LC_ALL, ""); +- bindtextdomain (PACKAGE, LOCALEDIR); +- textdomain (PACKAGE); ++ setlocale(LC_ALL, ""); ++ bindtextdomain(PACKAGE, LOCALEDIR); ++ textdomain(PACKAGE); + +- /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */ ++ /* Set default URL. Must be malloced for subsequent realloc if ++ * --onredirect=follow */ + server_url = strdup(HTTP_URL); + server_url_length = strlen(server_url); +- xasprintf (&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", ++ xasprintf(&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", + NP_VERSION, VERSION); + + /* Parse extra opts if any */ +- argv=np_extra_opts (&argc, argv, progname); ++ argv = np_extra_opts(&argc, argv, progname); + +- if (process_arguments (argc, argv) == false) +- usage4 (_("Could not parse arguments")); ++ if (process_arguments(argc, argv) == false) ++ usage4(_("Could not parse arguments")); + + if (display_html == true) +- printf ("", +- use_ssl ? "https" : "http", host_name ? host_name : server_address, +- server_port, server_url); ++ printf("", ++ use_ssl ? "https" : "http", host_name ? host_name : server_address, ++ server_port, server_url); + + /* initialize alarm signal handling, set socket timeout, start timer */ +- (void) signal (SIGALRM, socket_timeout_alarm_handler); +- (void) alarm (socket_timeout); +- gettimeofday (&tv, NULL); ++ (void)signal(SIGALRM, socket_timeout_alarm_handler); ++ (void)alarm(socket_timeout); ++ gettimeofday(&tv, NULL); + +- result = check_http (); ++ result = check_http(); + return result; + } + + /* check whether a file exists */ +-void +-test_file (char *path) +-{ ++void test_file(char *path) { + if (access(path, R_OK) == 0) + return; +- usage2 (_("file does not exist or is not readable"), path); ++ usage2(_("file does not exist or is not readable"), path); + } + + /* + * process command-line arguments + * returns true on succes, false otherwise +- */ +-bool process_arguments (int argc, char **argv) +-{ ++ */ ++bool process_arguments(int argc, char **argv) { + int c = 1; + char *p; + char *temp; +@@ -214,83 +210,85 @@ bool process_arguments (int argc, char **argv) + + int option = 0; + static struct option longopts[] = { +- STD_LONG_OPTS, +- {"link", no_argument, 0, 'L'}, +- {"nohtml", no_argument, 0, 'n'}, +- {"ssl", optional_argument, 0, 'S'}, +- {"sni", no_argument, 0, SNI_OPTION}, +- {"post", required_argument, 0, 'P'}, +- {"method", required_argument, 0, 'j'}, +- {"IP-address", required_argument, 0, 'I'}, +- {"url", required_argument, 0, 'u'}, +- {"port", required_argument, 0, 'p'}, +- {"authorization", required_argument, 0, 'a'}, +- {"proxy-authorization", required_argument, 0, 'b'}, +- {"header-string", required_argument, 0, 'd'}, +- {"string", required_argument, 0, 's'}, +- {"expect", required_argument, 0, 'e'}, +- {"regex", required_argument, 0, 'r'}, +- {"ereg", required_argument, 0, 'r'}, +- {"eregi", required_argument, 0, 'R'}, +- {"linespan", no_argument, 0, 'l'}, +- {"onredirect", required_argument, 0, 'f'}, +- {"certificate", required_argument, 0, 'C'}, +- {"client-cert", required_argument, 0, 'J'}, +- {"private-key", required_argument, 0, 'K'}, +- {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, +- {"useragent", required_argument, 0, 'A'}, +- {"header", required_argument, 0, 'k'}, +- {"no-body", no_argument, 0, 'N'}, +- {"max-age", required_argument, 0, 'M'}, +- {"content-type", required_argument, 0, 'T'}, +- {"pagesize", required_argument, 0, 'm'}, +- {"invert-regex", no_argument, NULL, INVERT_REGEX}, +- {"use-ipv4", no_argument, 0, '4'}, +- {"use-ipv6", no_argument, 0, '6'}, +- {"extended-perfdata", no_argument, 0, 'E'}, +- {"show-body", no_argument, 0, 'B'}, +- {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, +- {0, 0, 0, 0} +- }; ++ STD_LONG_OPTS, ++ {"link", no_argument, 0, 'L'}, ++ {"nohtml", no_argument, 0, 'n'}, ++ {"ssl", optional_argument, 0, 'S'}, ++ {"sni", no_argument, 0, SNI_OPTION}, ++ {"post", required_argument, 0, 'P'}, ++ {"method", required_argument, 0, 'j'}, ++ {"IP-address", required_argument, 0, 'I'}, ++ {"url", required_argument, 0, 'u'}, ++ {"port", required_argument, 0, 'p'}, ++ {"authorization", required_argument, 0, 'a'}, ++ {"proxy-authorization", required_argument, 0, 'b'}, ++ {"header-string", required_argument, 0, 'd'}, ++ {"string", required_argument, 0, 's'}, ++ {"expect", required_argument, 0, 'e'}, ++ {"regex", required_argument, 0, 'r'}, ++ {"ereg", required_argument, 0, 'r'}, ++ {"eregi", required_argument, 0, 'R'}, ++ {"linespan", no_argument, 0, 'l'}, ++ {"onredirect", required_argument, 0, 'f'}, ++ {"certificate", required_argument, 0, 'C'}, ++ {"client-cert", required_argument, 0, 'J'}, ++ {"private-key", required_argument, 0, 'K'}, ++ {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, ++ {"useragent", required_argument, 0, 'A'}, ++ {"header", required_argument, 0, 'k'}, ++ {"no-body", no_argument, 0, 'N'}, ++ {"max-age", required_argument, 0, 'M'}, ++ {"content-type", required_argument, 0, 'T'}, ++ {"pagesize", required_argument, 0, 'm'}, ++ {"invert-regex", no_argument, NULL, INVERT_REGEX}, ++ {"use-ipv4", no_argument, 0, '4'}, ++ {"use-ipv6", no_argument, 0, '6'}, ++ {"extended-perfdata", no_argument, 0, 'E'}, ++ {"show-body", no_argument, 0, 'B'}, ++ {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, ++ {0, 0, 0, 0}}; + + if (argc < 2) + return false; + + for (c = 1; c < argc; c++) { +- if (strcmp ("-to", argv[c]) == 0) +- strcpy (argv[c], "-t"); +- if (strcmp ("-hn", argv[c]) == 0) +- strcpy (argv[c], "-H"); +- if (strcmp ("-wt", argv[c]) == 0) +- strcpy (argv[c], "-w"); +- if (strcmp ("-ct", argv[c]) == 0) +- strcpy (argv[c], "-c"); +- if (strcmp ("-nohtml", argv[c]) == 0) +- strcpy (argv[c], "-n"); ++ if (strcmp("-to", argv[c]) == 0) ++ strcpy(argv[c], "-t"); ++ if (strcmp("-hn", argv[c]) == 0) ++ strcpy(argv[c], "-H"); ++ if (strcmp("-wt", argv[c]) == 0) ++ strcpy(argv[c], "-w"); ++ if (strcmp("-ct", argv[c]) == 0) ++ strcpy(argv[c], "-c"); ++ if (strcmp("-nohtml", argv[c]) == 0) ++ strcpy(argv[c], "-n"); + } + + while (1) { +- c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option); ++ c = getopt_long( ++ argc, argv, ++ "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", ++ longopts, &option); + if (c == -1 || c == EOF) + break; + + switch (c) { + case '?': /* usage */ +- usage5 (); ++ usage5(); + break; + case 'h': /* help */ +- print_help (); +- exit (STATE_UNKNOWN); ++ print_help(); ++ exit(STATE_UNKNOWN); + break; + case 'V': /* version */ +- print_revision (progname, NP_VERSION); +- exit (STATE_UNKNOWN); ++ print_revision(progname, NP_VERSION); ++ exit(STATE_UNKNOWN); + break; + case 't': /* timeout period */ +- if (!is_intnonneg (optarg)) +- usage2 (_("Timeout interval must be a positive integer"), optarg); ++ if (!is_intnonneg(optarg)) ++ usage2(_("Timeout interval must be a positive integer"), optarg); + else +- socket_timeout = atoi (optarg); ++ socket_timeout = atoi(optarg); + break; + case 'c': /* critical time threshold */ + critical_thresholds = optarg; +@@ -299,13 +297,14 @@ bool process_arguments (int argc, char **argv) + warning_thresholds = optarg; + break; + case 'A': /* User Agent String */ +- xasprintf (&user_agent, "User-Agent: %s", optarg); ++ xasprintf(&user_agent, "User-Agent: %s", optarg); + break; + case 'k': /* Additional headers */ + if (http_opt_headers_count == 0) +- http_opt_headers = malloc (sizeof (char *) * (++http_opt_headers_count)); ++ http_opt_headers = malloc(sizeof(char *) * (++http_opt_headers_count)); + else +- http_opt_headers = realloc (http_opt_headers, sizeof (char *) * (++http_opt_headers_count)); ++ http_opt_headers = realloc(http_opt_headers, ++ sizeof(char *) * (++http_opt_headers_count)); + http_opt_headers[http_opt_headers_count - 1] = optarg; + /* xasprintf (&http_opt_headers, "%s", optarg); */ + break; +@@ -317,27 +316,27 @@ bool process_arguments (int argc, char **argv) + break; + case 'C': /* Check SSL cert validity */ + #ifdef HAVE_SSL +- if ((temp=strchr(optarg,','))!=NULL) { +- *temp='\0'; +- if (!is_intnonneg (optarg)) +- usage2 (_("Invalid certificate expiration period"), optarg); ++ if ((temp = strchr(optarg, ',')) != NULL) { ++ *temp = '\0'; ++ if (!is_intnonneg(optarg)) ++ usage2(_("Invalid certificate expiration period"), optarg); + days_till_exp_warn = atoi(optarg); +- *temp=','; ++ *temp = ','; + temp++; +- if (!is_intnonneg (temp)) +- usage2 (_("Invalid certificate expiration period"), temp); +- days_till_exp_crit = atoi (temp); +- } +- else { +- days_till_exp_crit=0; +- if (!is_intnonneg (optarg)) +- usage2 (_("Invalid certificate expiration period"), optarg); +- days_till_exp_warn = atoi (optarg); ++ if (!is_intnonneg(temp)) ++ usage2(_("Invalid certificate expiration period"), temp); ++ days_till_exp_crit = atoi(temp); ++ } else { ++ days_till_exp_crit = 0; ++ if (!is_intnonneg(optarg)) ++ usage2(_("Invalid certificate expiration period"), optarg); ++ days_till_exp_warn = atoi(optarg); + } + check_cert = true; + goto enable_ssl; + #endif +- case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ ++ case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is ++ checked */ + #ifdef HAVE_SSL + continue_after_check_cert = true; + break; +@@ -357,15 +356,16 @@ bool process_arguments (int argc, char **argv) + case 'S': /* use SSL */ + #ifdef HAVE_SSL + enable_ssl: +- /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple +- parameters, like -S and -C combinations */ ++ /* ssl_version initialized to 0 as a default. Only set if it's non-zero. ++ This helps when we include multiple parameters, like -S and -C ++ combinations */ + use_ssl = true; +- if (c=='S' && optarg != NULL) { ++ if (c == 'S' && optarg != NULL) { + int got_plus = strchr(optarg, '+') != NULL; + +- if (!strncmp (optarg, "1.2", 3)) ++ if (!strncmp(optarg, "1.2", 3)) + ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2; +- else if (!strncmp (optarg, "1.1", 3)) ++ else if (!strncmp(optarg, "1.1", 3)) + ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1; + else if (optarg[0] == '1') + ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1; +@@ -374,101 +374,104 @@ bool process_arguments (int argc, char **argv) + else if (optarg[0] == '2') + ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2; + else +- usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); ++ usage4(_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 " ++ "(with optional '+' suffix)")); + } + if (specify_port == false) + server_port = HTTPS_PORT; + #else + /* -C -J and -K fall through to here without SSL */ +- usage4 (_("Invalid option - SSL is not available")); ++ usage4(_("Invalid option - SSL is not available")); + #endif + break; + case SNI_OPTION: + use_sni = true; + break; + case MAX_REDIRS_OPTION: +- if (!is_intnonneg (optarg)) +- usage2 (_("Invalid max_redirs count"), optarg); ++ if (!is_intnonneg(optarg)) ++ usage2(_("Invalid max_redirs count"), optarg); + else { +- max_depth = atoi (optarg); ++ max_depth = atoi(optarg); + } +- break; ++ break; + case 'f': /* onredirect */ +- if (!strcmp (optarg, "stickyport")) +- onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; +- else if (!strcmp (optarg, "sticky")) ++ if (!strcmp(optarg, "stickyport")) ++ onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST | STICKY_PORT; ++ else if (!strcmp(optarg, "sticky")) + onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST; +- else if (!strcmp (optarg, "follow")) ++ else if (!strcmp(optarg, "follow")) + onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE; +- else if (!strcmp (optarg, "unknown")) ++ else if (!strcmp(optarg, "unknown")) + onredirect = STATE_UNKNOWN; +- else if (!strcmp (optarg, "ok")) ++ else if (!strcmp(optarg, "ok")) + onredirect = STATE_OK; +- else if (!strcmp (optarg, "warning")) ++ else if (!strcmp(optarg, "warning")) + onredirect = STATE_WARNING; +- else if (!strcmp (optarg, "critical")) ++ else if (!strcmp(optarg, "critical")) + onredirect = STATE_CRITICAL; +- else usage2 (_("Invalid onredirect option"), optarg); ++ else ++ usage2(_("Invalid onredirect option"), optarg); + if (verbose) + printf(_("option f:%d \n"), onredirect); + break; + /* Note: H, I, and u must be malloc'd or will fail on redirects */ + case 'H': /* Host Name (virtual host) */ +- host_name = strdup (optarg); ++ host_name = strdup(optarg); + if (host_name[0] == '[') { +- if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */ +- virtual_port = atoi (p + 2); ++ if ((p = strstr(host_name, "]:")) != NULL) { /* [IPv6]:port */ ++ virtual_port = atoi(p + 2); + /* cut off the port */ +- host_name_length = strlen (host_name) - strlen (p) - 1; +- free (host_name); +- host_name = strndup (optarg, host_name_length); +- if (specify_port == false) +- server_port = virtual_port; +- } +- } else if ((p = strchr (host_name, ':')) != NULL +- && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */ +- virtual_port = atoi (p); +- /* cut off the port */ +- host_name_length = strlen (host_name) - strlen (p) - 1; +- free (host_name); +- host_name = strndup (optarg, host_name_length); ++ host_name_length = strlen(host_name) - strlen(p) - 1; ++ free(host_name); ++ host_name = strndup(optarg, host_name_length); + if (specify_port == false) + server_port = virtual_port; + } ++ } else if ((p = strchr(host_name, ':')) != NULL && ++ strchr(++p, ':') == NULL) { /* IPv4:port or host:port */ ++ virtual_port = atoi(p); ++ /* cut off the port */ ++ host_name_length = strlen(host_name) - strlen(p) - 1; ++ free(host_name); ++ host_name = strndup(optarg, host_name_length); ++ if (specify_port == false) ++ server_port = virtual_port; ++ } + break; + case 'I': /* Server IP-address */ +- server_address = strdup (optarg); ++ server_address = strdup(optarg); + break; + case 'u': /* URL path */ +- server_url = strdup (optarg); +- server_url_length = strlen (server_url); ++ server_url = strdup(optarg); ++ server_url_length = strlen(server_url); + break; + case 'p': /* Server port */ +- if (!is_intnonneg (optarg)) +- usage2 (_("Invalid port number"), optarg); ++ if (!is_intnonneg(optarg)) ++ usage2(_("Invalid port number"), optarg); + else { +- server_port = atoi (optarg); ++ server_port = atoi(optarg); + specify_port = true; + } + break; + case 'a': /* authorization info */ +- strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy(user_auth, optarg, MAX_INPUT_BUFFER - 1); + user_auth[MAX_INPUT_BUFFER - 1] = 0; + break; + case 'b': /* proxy-authorization info */ +- strncpy (proxy_auth, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy(proxy_auth, optarg, MAX_INPUT_BUFFER - 1); + proxy_auth[MAX_INPUT_BUFFER - 1] = 0; + break; +- case 'P': /* HTTP POST data in URL encoded format; ignored if settings already */ +- if (! http_post_data) +- http_post_data = strdup (optarg); +- if (! http_method) ++ case 'P': /* HTTP POST data in URL encoded format; ignored if settings ++ already */ ++ if (!http_post_data) ++ http_post_data = strdup(optarg); ++ if (!http_method) + http_method = strdup("POST"); + break; + case 'j': /* Set HTTP method */ + if (http_method) + free(http_method); +- http_method = strdup (optarg); ++ http_method = strdup(optarg); + char *tmp; + if ((tmp = strstr(http_method, ":")) > 0) { + tmp[0] = '\0'; +@@ -477,20 +480,20 @@ bool process_arguments (int argc, char **argv) + } + break; + case 'd': /* string or substring */ +- strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy(header_expect, optarg, MAX_INPUT_BUFFER - 1); + header_expect[MAX_INPUT_BUFFER - 1] = 0; + break; + case 's': /* string or substring */ +- strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy(string_expect, optarg, MAX_INPUT_BUFFER - 1); + string_expect[MAX_INPUT_BUFFER - 1] = 0; + break; + case 'e': /* string or substring */ +- strncpy (server_expect, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy(server_expect, optarg, MAX_INPUT_BUFFER - 1); + server_expect[MAX_INPUT_BUFFER - 1] = 0; + server_expect_yn = 1; + break; + case 'T': /* Content-type */ +- xasprintf (&http_content_type, "%s", optarg); ++ xasprintf(&http_content_type, "%s", optarg); + break; + case 'l': /* linespan */ + cflags &= ~REG_NEWLINE; +@@ -498,12 +501,12 @@ bool process_arguments (int argc, char **argv) + case 'R': /* regex */ + cflags |= REG_ICASE; + case 'r': /* regex */ +- strncpy (regexp, optarg, MAX_RE_SIZE - 1); ++ strncpy(regexp, optarg, MAX_RE_SIZE - 1); + regexp[MAX_RE_SIZE - 1] = 0; +- errcode = regcomp (&preg, regexp, cflags); ++ errcode = regcomp(&preg, regexp, cflags); + if (errcode != 0) { +- (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); +- printf (_("Could Not Compile Regular Expression: %s"), errbuf); ++ (void)regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER); ++ printf(_("Could Not Compile Regular Expression: %s"), errbuf); + return false; + } + break; +@@ -517,55 +520,53 @@ bool process_arguments (int argc, char **argv) + #ifdef USE_IPV6 + address_family = AF_INET6; + #else +- usage4 (_("IPv6 support not available")); ++ usage4(_("IPv6 support not available")); + #endif + break; + case 'v': /* verbose */ + verbose = true; + break; + case 'm': /* min_page_length */ +- { ++ { + char *tmp; + if (strchr(optarg, ':') != (char *)NULL) { + /* range, so get two values, min:max */ + tmp = strtok(optarg, ":"); + if (tmp == NULL) { + printf("Bad format: try \"-m min:max\"\n"); +- exit (STATE_WARNING); ++ exit(STATE_WARNING); + } else + min_page_len = atoi(tmp); + + tmp = strtok(NULL, ":"); + if (tmp == NULL) { + printf("Bad format: try \"-m min:max\"\n"); +- exit (STATE_WARNING); ++ exit(STATE_WARNING); + } else + max_page_len = atoi(tmp); + } else +- min_page_len = atoi (optarg); ++ min_page_len = atoi(optarg); + break; +- } ++ } + case 'N': /* no-body */ + no_body = true; + break; + case 'M': /* max-age */ +- { +- int L = strlen(optarg); +- if (L && optarg[L-1] == 'm') +- maximum_age = atoi (optarg) * 60; +- else if (L && optarg[L-1] == 'h') +- maximum_age = atoi (optarg) * 60 * 60; +- else if (L && optarg[L-1] == 'd') +- maximum_age = atoi (optarg) * 60 * 60 * 24; +- else if (L && (optarg[L-1] == 's' || +- isdigit (optarg[L-1]))) +- maximum_age = atoi (optarg); +- else { +- fprintf (stderr, "unparsable max-age: %s\n", optarg); +- exit (STATE_WARNING); +- } +- } +- break; ++ { ++ int L = strlen(optarg); ++ if (L && optarg[L - 1] == 'm') ++ maximum_age = atoi(optarg) * 60; ++ else if (L && optarg[L - 1] == 'h') ++ maximum_age = atoi(optarg) * 60 * 60; ++ else if (L && optarg[L - 1] == 'd') ++ maximum_age = atoi(optarg) * 60 * 60 * 24; ++ else if (L && (optarg[L - 1] == 's' || isdigit(optarg[L - 1]))) ++ maximum_age = atoi(optarg); ++ else { ++ fprintf(stderr, "unparsable max-age: %s\n", optarg); ++ exit(STATE_WARNING); ++ } ++ } break; + case 'E': /* show extended perfdata */ + show_extended_perfdata = true; + break; +@@ -578,31 +579,32 @@ bool process_arguments (int argc, char **argv) + c = optind; + + if (server_address == NULL && c < argc) +- server_address = strdup (argv[c++]); ++ server_address = strdup(argv[c++]); + + if (host_name == NULL && c < argc) +- host_name = strdup (argv[c++]); ++ host_name = strdup(argv[c++]); + + if (server_address == NULL) { + if (host_name == NULL) +- usage4 (_("You must specify a server address or host name")); ++ usage4(_("You must specify a server address or host name")); + else +- server_address = strdup (host_name); ++ server_address = strdup(host_name); + } + + set_thresholds(&thlds, warning_thresholds, critical_thresholds); + +- if (critical_thresholds && thlds->critical->end>(double)socket_timeout) ++ if (critical_thresholds && thlds->critical->end > (double)socket_timeout) + socket_timeout = (int)thlds->critical->end + 1; + + if (http_method == NULL) +- http_method = strdup ("GET"); ++ http_method = strdup("GET"); + + if (http_method_proxy == NULL) +- http_method_proxy = strdup ("GET"); ++ http_method_proxy = strdup("GET"); + + if (client_cert && !client_privkey) +- usage4 (_("If you use a client certificate you must also specify a private key file")); ++ usage4(_("If you use a client certificate you must also specify a private " ++ "key file")); + + if (virtual_port == 0) + virtual_port = server_port; +@@ -610,89 +612,68 @@ bool process_arguments (int argc, char **argv) + return true; + } + +- +- + /* Returns 1 if we're done processing the document body; 0 to keep going */ +-static int +-document_headers_done (char *full_page) +-{ ++static int document_headers_done(char *full_page) { + const char *body; + + for (body = full_page; *body; body++) { +- if (!strncmp (body, "\n\n", 2) || !strncmp (body, "\n\r\n", 3)) ++ if (!strncmp(body, "\n\n", 2) || !strncmp(body, "\n\r\n", 3)) + break; + } + + if (!*body) +- return 0; /* haven't read end of headers yet */ ++ return 0; /* haven't read end of headers yet */ + + full_page[body - full_page] = 0; + return 1; + } + +-static time_t +-parse_time_string (const char *string) +-{ ++static time_t parse_time_string(const char *string) { + struct tm tm; + time_t t; +- memset (&tm, 0, sizeof(tm)); ++ memset(&tm, 0, sizeof(tm)); + + /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */ + +- if (isupper (string[0]) && /* Tue */ +- islower (string[1]) && +- islower (string[2]) && +- ',' == string[3] && +- ' ' == string[4] && +- (isdigit(string[5]) || string[5] == ' ') && /* 25 */ +- isdigit (string[6]) && +- ' ' == string[7] && +- isupper (string[8]) && /* Dec */ +- islower (string[9]) && +- islower (string[10]) && +- ' ' == string[11] && +- isdigit (string[12]) && /* 2001 */ +- isdigit (string[13]) && +- isdigit (string[14]) && +- isdigit (string[15]) && +- ' ' == string[16] && +- isdigit (string[17]) && /* 02: */ +- isdigit (string[18]) && +- ':' == string[19] && +- isdigit (string[20]) && /* 59: */ +- isdigit (string[21]) && +- ':' == string[22] && +- isdigit (string[23]) && /* 03 */ +- isdigit (string[24]) && +- ' ' == string[25] && +- 'G' == string[26] && /* GMT */ +- 'M' == string[27] && /* GMT */ +- 'T' == string[28]) { +- +- tm.tm_sec = 10 * (string[23]-'0') + (string[24]-'0'); +- tm.tm_min = 10 * (string[20]-'0') + (string[21]-'0'); +- tm.tm_hour = 10 * (string[17]-'0') + (string[18]-'0'); +- tm.tm_mday = 10 * (string[5] == ' ' ? 0 : string[5]-'0') + (string[6]-'0'); +- tm.tm_mon = (!strncmp (string+8, "Jan", 3) ? 0 : +- !strncmp (string+8, "Feb", 3) ? 1 : +- !strncmp (string+8, "Mar", 3) ? 2 : +- !strncmp (string+8, "Apr", 3) ? 3 : +- !strncmp (string+8, "May", 3) ? 4 : +- !strncmp (string+8, "Jun", 3) ? 5 : +- !strncmp (string+8, "Jul", 3) ? 6 : +- !strncmp (string+8, "Aug", 3) ? 7 : +- !strncmp (string+8, "Sep", 3) ? 8 : +- !strncmp (string+8, "Oct", 3) ? 9 : +- !strncmp (string+8, "Nov", 3) ? 10 : +- !strncmp (string+8, "Dec", 3) ? 11 : +- -1); +- tm.tm_year = ((1000 * (string[12]-'0') + +- 100 * (string[13]-'0') + +- 10 * (string[14]-'0') + +- (string[15]-'0')) +- - 1900); +- +- tm.tm_isdst = 0; /* GMT is never in DST, right? */ ++ if (isupper(string[0]) && /* Tue */ ++ islower(string[1]) && islower(string[2]) && ',' == string[3] && ++ ' ' == string[4] && (isdigit(string[5]) || string[5] == ' ') && /* 25 */ ++ isdigit(string[6]) && ' ' == string[7] && isupper(string[8]) && /* Dec */ ++ islower(string[9]) && islower(string[10]) && ' ' == string[11] && ++ isdigit(string[12]) && /* 2001 */ ++ isdigit(string[13]) && isdigit(string[14]) && isdigit(string[15]) && ++ ' ' == string[16] && isdigit(string[17]) && /* 02: */ ++ isdigit(string[18]) && ':' == string[19] && ++ isdigit(string[20]) && /* 59: */ ++ isdigit(string[21]) && ':' == string[22] && ++ isdigit(string[23]) && /* 03 */ ++ isdigit(string[24]) && ' ' == string[25] && 'G' == string[26] && /* GMT */ ++ 'M' == string[27] && /* GMT */ ++ 'T' == string[28]) { ++ ++ tm.tm_sec = 10 * (string[23] - '0') + (string[24] - '0'); ++ tm.tm_min = 10 * (string[20] - '0') + (string[21] - '0'); ++ tm.tm_hour = 10 * (string[17] - '0') + (string[18] - '0'); ++ tm.tm_mday = ++ 10 * (string[5] == ' ' ? 0 : string[5] - '0') + (string[6] - '0'); ++ tm.tm_mon = (!strncmp(string + 8, "Jan", 3) ? 0 ++ : !strncmp(string + 8, "Feb", 3) ? 1 ++ : !strncmp(string + 8, "Mar", 3) ? 2 ++ : !strncmp(string + 8, "Apr", 3) ? 3 ++ : !strncmp(string + 8, "May", 3) ? 4 ++ : !strncmp(string + 8, "Jun", 3) ? 5 ++ : !strncmp(string + 8, "Jul", 3) ? 6 ++ : !strncmp(string + 8, "Aug", 3) ? 7 ++ : !strncmp(string + 8, "Sep", 3) ? 8 ++ : !strncmp(string + 8, "Oct", 3) ? 9 ++ : !strncmp(string + 8, "Nov", 3) ? 10 ++ : !strncmp(string + 8, "Dec", 3) ? 11 ++ : -1); ++ tm.tm_year = ((1000 * (string[12] - '0') + 100 * (string[13] - '0') + ++ 10 * (string[14] - '0') + (string[15] - '0')) - ++ 1900); ++ ++ tm.tm_isdst = 0; /* GMT is never in DST, right? */ + + if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31) + return 0; +@@ -704,14 +685,15 @@ parse_time_string (const char *string) + so it doesn't matter what time zone we parse them in. + */ + +- t = mktime (&tm); +- if (t == (time_t) -1) t = 0; ++ t = mktime(&tm); ++ if (t == (time_t)-1) ++ t = 0; + + if (verbose) { + const char *s = string; + while (*s && *s != '\r' && *s != '\n') +- fputc (*s++, stdout); +- printf (" ==> %lu\n", (unsigned long) t); ++ fputc(*s++, stdout); ++ printf(" ==> %lu\n", (unsigned long)t); + } + + return t; +@@ -722,28 +704,24 @@ parse_time_string (const char *string) + } + + /* Checks if the server 'reply' is one of the expected 'statuscodes' */ +-static int +-expected_statuscode (const char *reply, const char *statuscodes) +-{ ++static int expected_statuscode(const char *reply, const char *statuscodes) { + char *expected, *code; + int result = 0; + +- if ((expected = strdup (statuscodes)) == NULL) +- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); ++ if ((expected = strdup(statuscodes)) == NULL) ++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); + +- for (code = strtok (expected, ","); code != NULL; code = strtok (NULL, ",")) +- if (strstr (reply, code) != NULL) { ++ for (code = strtok(expected, ","); code != NULL; code = strtok(NULL, ",")) ++ if (strstr(reply, code) != NULL) { + result = 1; + break; + } + +- free (expected); ++ free(expected); + return result; + } + +-static int +-check_document_dates (const char *headers, char **msg) +-{ ++static int check_document_dates(const char *headers, char **msg) { + const char *s; + char *server_date = 0; + char *document_date = 0; +@@ -771,73 +749,78 @@ check_document_dates (const char *headers, char **msg) + s++; + + /* Process this header. */ +- if (value && value > field+2) { +- char *ff = (char *) malloc (value-field); ++ if (value && value > field + 2) { ++ char *ff = (char *)malloc(value - field); + char *ss = ff; +- while (field < value-1) ++ while (field < value - 1) + *ss++ = tolower(*field++); + *ss++ = 0; + +- if (!strcmp (ff, "date") || !strcmp (ff, "last-modified")) { ++ if (!strcmp(ff, "date") || !strcmp(ff, "last-modified")) { + const char *e; +- while (*value && isspace (*value)) ++ while (*value && isspace(*value)) + value++; + for (e = value; *e && *e != '\r' && *e != '\n'; e++) + ; +- ss = (char *) malloc (e - value + 1); +- strncpy (ss, value, e - value); ++ ss = (char *)malloc(e - value + 1); ++ strncpy(ss, value, e - value); + ss[e - value] = 0; +- if (!strcmp (ff, "date")) { +- if (server_date) free (server_date); ++ if (!strcmp(ff, "date")) { ++ if (server_date) ++ free(server_date); + server_date = ss; + } else { +- if (document_date) free (document_date); ++ if (document_date) ++ free(document_date); + document_date = ss; + } + } +- free (ff); ++ free(ff); + } + } + + /* Done parsing the body. Now check the dates we (hopefully) parsed. */ + if (!server_date || !*server_date) { +- xasprintf (msg, _("%sServer date unknown, "), *msg); ++ xasprintf(msg, _("%sServer date unknown, "), *msg); + date_result = max_state_alt(STATE_UNKNOWN, date_result); + } else if (!document_date || !*document_date) { +- xasprintf (msg, _("%sDocument modification date unknown, "), *msg); ++ xasprintf(msg, _("%sDocument modification date unknown, "), *msg); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else { +- time_t srv_data = parse_time_string (server_date); +- time_t doc_data = parse_time_string (document_date); ++ time_t srv_data = parse_time_string(server_date); ++ time_t doc_data = parse_time_string(document_date); + + if (srv_data <= 0) { +- xasprintf (msg, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); ++ xasprintf(msg, _("%sServer date \"%100s\" unparsable, "), *msg, ++ server_date); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data <= 0) { +- xasprintf (msg, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); ++ xasprintf(msg, _("%sDocument date \"%100s\" unparsable, "), *msg, ++ document_date); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data > srv_data + 30) { +- xasprintf (msg, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); ++ xasprintf(msg, _("%sDocument is %d seconds in the future, "), *msg, ++ (int)doc_data - (int)srv_data); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data < srv_data - maximum_age) { + int n = (srv_data - doc_data); + if (n > (60 * 60 * 24 * 2)) { +- xasprintf (msg, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); ++ xasprintf(msg, _("%sLast modified %.1f days ago, "), *msg, ++ ((float)n) / (60 * 60 * 24)); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else { +- xasprintf (msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); ++ xasprintf(msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, ++ n / (60 * 60), (n / 60) % 60, n % 60); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } + } +- free (server_date); +- free (document_date); ++ free(server_date); ++ free(document_date); + } + return date_result; + } + +-int +-get_content_length (const char *headers) +-{ ++int get_content_length(const char *headers) { + const char *s; + int content_length = 0; + +@@ -863,50 +846,46 @@ get_content_length (const char *headers) + s++; + + /* Process this header. */ +- if (value && value > field+2) { +- char *ff = (char *) malloc (value-field); ++ if (value && value > field + 2) { ++ char *ff = (char *)malloc(value - field); + char *ss = ff; +- while (field < value-1) ++ while (field < value - 1) + *ss++ = tolower(*field++); + *ss++ = 0; + +- if (!strcmp (ff, "content-length")) { ++ if (!strcmp(ff, "content-length")) { + const char *e; +- while (*value && isspace (*value)) ++ while (*value && isspace(*value)) + value++; + for (e = value; *e && *e != '\r' && *e != '\n'; e++) + ; +- ss = (char *) malloc (e - value + 1); +- strncpy (ss, value, e - value); ++ ss = (char *)malloc(e - value + 1); ++ strncpy(ss, value, e - value); + ss[e - value] = 0; + content_length = atoi(ss); +- free (ss); ++ free(ss); + } +- free (ff); ++ free(ff); + } + } + return (content_length); + } + +-char * +-prepend_slash (char *path) +-{ ++char *prepend_slash(char *path) { + char *newpath; + + if (path[0] == '/') + return path; + +- if ((newpath = malloc (strlen(path) + 2)) == NULL) +- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); ++ if ((newpath = malloc(strlen(path) + 2)) == NULL) ++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); + newpath[0] = '/'; +- strcpy (newpath + 1, path); +- free (path); ++ strcpy(newpath + 1, path); ++ free(path); + return newpath; + } + +-int +-check_http (void) +-{ ++int check_http(void) { + char *msg; + char *status_line; + char *status_code; +@@ -937,62 +916,73 @@ check_http (void) + char *force_host_header = NULL; + + /* try to connect to the host at the given port number */ +- gettimeofday (&tv_temp, NULL); +- if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) +- die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); +- microsec_connect = deltime (tv_temp); ++ gettimeofday(&tv_temp, NULL); ++ if (my_tcp_connect(server_address, server_port, &sd) != STATE_OK) ++ die(STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); ++ microsec_connect = deltime(tv_temp); + +- /* if we are called with the -I option, the -j method is CONNECT and */ +- /* we received -S for SSL, then we tunnel the request through a proxy*/ +- /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ ++ /* if we are called with the -I option, the -j method is CONNECT and */ ++ /* we received -S for SSL, then we tunnel the request through a proxy*/ ++ /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ + +- if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 +- && host_name != NULL && use_ssl == true) { ++ if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && ++ host_name != NULL && use_ssl == true) { + +- if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); +- asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); ++ if (verbose) ++ printf("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", ++ server_address, server_port, host_name, HTTPS_PORT); ++ asprintf(&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, ++ HTTPS_PORT, user_agent); + if (strlen(proxy_auth)) { +- base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); +- xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); ++ base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth); ++ xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); + } + /* optionally send any other header tag */ + if (http_opt_headers_count) { +- for (i = 0; i < http_opt_headers_count ; i++) { ++ for (i = 0; i < http_opt_headers_count; i++) { + if (force_host_header != http_opt_headers[i]) { +- xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); ++ xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]); + } + } +- /* This cannot be free'd here because a redirection will then try to access this and segfault */ ++ /* This cannot be free'd here because a redirection will then try to ++ * access this and segfault */ + /* Covered in a testcase in tests/check_http.t */ + /* free(http_opt_headers); */ + } +- asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); +- asprintf (&buf, "%sHost: %s\r\n", buf, host_name); ++ asprintf(&buf, "%sProxy-Connection: keep-alive\r\n", buf); ++ asprintf(&buf, "%sHost: %s\r\n", buf, host_name); + /* we finished our request, send empty line with CRLF */ +- asprintf (&buf, "%s%s", buf, CRLF); +- if (verbose) printf ("%s\n", buf); +- send(sd, buf, strlen (buf), 0); +- buf[0]='\0'; +- +- if (verbose) printf ("Receive response from proxy\n"); +- read (sd, buffer, MAX_INPUT_BUFFER-1); +- if (verbose) printf ("%s", buffer); ++ asprintf(&buf, "%s%s", buf, CRLF); ++ if (verbose) ++ printf("%s\n", buf); ++ send(sd, buf, strlen(buf), 0); ++ buf[0] = '\0'; ++ ++ if (verbose) ++ printf("Receive response from proxy\n"); ++ read(sd, buffer, MAX_INPUT_BUFFER - 1); ++ if (verbose) ++ printf("%s", buffer); + /* Here we should check if we got HTTP/1.1 200 Connection established */ + } + #ifdef HAVE_SSL + elapsed_time_connect = (double)microsec_connect / 1.0e6; + if (use_ssl == true) { +- gettimeofday (&tv_temp, NULL); +- result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); +- if (verbose) printf ("SSL initialized\n"); ++ gettimeofday(&tv_temp, NULL); ++ result = np_net_ssl_init_with_hostname_version_and_cert( ++ sd, (use_sni ? host_name : NULL), ssl_version, client_cert, ++ client_privkey); ++ if (verbose) ++ printf("SSL initialized\n"); + if (result != STATE_OK) +- die (STATE_CRITICAL, NULL); +- microsec_ssl = deltime (tv_temp); ++ die(STATE_CRITICAL, NULL); ++ microsec_ssl = deltime(tv_temp); + elapsed_time_ssl = (double)microsec_ssl / 1.0e6; + if (check_cert == true) { + result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); + if (continue_after_check_cert == false) { +- if (sd) close(sd); ++ if (sd) ++ close(sd); + np_net_ssl_cleanup(); + return result; + } +@@ -1000,18 +990,20 @@ check_http (void) + } + #endif /* HAVE_SSL */ + +- if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 +- && host_name != NULL && use_ssl == true) +- asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); ++ if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && ++ host_name != NULL && use_ssl == true) ++ asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, ++ host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); + else +- asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); ++ asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, ++ host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); + + /* tell HTTP/1.1 servers not to keep the connection alive */ +- xasprintf (&buf, "%sConnection: close\r\n", buf); ++ xasprintf(&buf, "%sConnection: close\r\n", buf); + + /* check if Host header is explicitly set in options */ + if (http_opt_headers_count) { +- for (i = 0; i < http_opt_headers_count ; i++) { ++ for (i = 0; i < http_opt_headers_count; i++) { + if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { + force_host_header = http_opt_headers[i]; + } +@@ -1021,9 +1013,8 @@ check_http (void) + /* optionally send the host header info */ + if (host_name) { + if (force_host_header) { +- xasprintf (&buf, "%s%s\r\n", buf, force_host_header); +- } +- else { ++ xasprintf(&buf, "%s%s\r\n", buf, force_host_header); ++ } else { + /* + * Specify the port only if we're using a non-default port (see RFC 2616, + * 14.23). Some server applications/configurations cause trouble if the +@@ -1031,65 +1022,69 @@ check_http (void) + */ + if ((use_ssl == false && virtual_port == HTTP_PORT) || + (use_ssl == true && virtual_port == HTTPS_PORT) || +- (server_address != NULL && strcmp(http_method, "CONNECT") == 0 +- && host_name != NULL && use_ssl == true)) +- xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); ++ (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && ++ host_name != NULL && use_ssl == true)) ++ xasprintf(&buf, "%sHost: %s\r\n", buf, host_name); + else +- xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); ++ xasprintf(&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); + } + } + + /* optionally send any other header tag */ + if (http_opt_headers_count) { +- for (i = 0; i < http_opt_headers_count ; i++) { ++ for (i = 0; i < http_opt_headers_count; i++) { + if (force_host_header != http_opt_headers[i]) { +- xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); ++ xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]); + } + } +- /* This cannot be free'd here because a redirection will then try to access this and segfault */ ++ /* This cannot be free'd here because a redirection will then try to access ++ * this and segfault */ + /* Covered in a testcase in tests/check_http.t */ + /* free(http_opt_headers); */ + } + + /* optionally send the authentication info */ + if (strlen(user_auth)) { +- base64_encode_alloc (user_auth, strlen (user_auth), &auth); +- xasprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth); ++ base64_encode_alloc(user_auth, strlen(user_auth), &auth); ++ xasprintf(&buf, "%sAuthorization: Basic %s\r\n", buf, auth); + } + + /* optionally send the proxy authentication info */ + if (strlen(proxy_auth)) { +- base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); +- xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); ++ base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth); ++ xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); + } + + /* either send http POST data (any data, not only POST)*/ + if (http_post_data) { + if (http_content_type) { +- xasprintf (&buf, "%sContent-Type: %s\r\n", buf, http_content_type); ++ xasprintf(&buf, "%sContent-Type: %s\r\n", buf, http_content_type); + } else { +- xasprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf); ++ xasprintf(&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", ++ buf); + } + +- xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data)); +- xasprintf (&buf, "%s%s", buf, http_post_data); ++ xasprintf(&buf, "%sContent-Length: %i\r\n\r\n", buf, ++ (int)strlen(http_post_data)); ++ xasprintf(&buf, "%s%s", buf, http_post_data); + } else { + /* or just a newline so the server knows we're done with the request */ +- xasprintf (&buf, "%s%s", buf, CRLF); ++ xasprintf(&buf, "%s%s", buf, CRLF); + } + +- if (verbose) printf ("%s\n", buf); +- gettimeofday (&tv_temp, NULL); +- my_send (buf, strlen (buf)); +- microsec_headers = deltime (tv_temp); ++ if (verbose) ++ printf("%s\n", buf); ++ gettimeofday(&tv_temp, NULL); ++ my_send(buf, strlen(buf)); ++ microsec_headers = deltime(tv_temp); + elapsed_time_headers = (double)microsec_headers / 1.0e6; + + /* fetch the page */ + full_page = strdup(""); +- gettimeofday (&tv_temp, NULL); +- while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) { ++ gettimeofday(&tv_temp, NULL); ++ while ((i = my_recv(buffer, MAX_INPUT_BUFFER - 1)) > 0) { + if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) { +- microsec_firstbyte = deltime (tv_temp); ++ microsec_firstbyte = deltime(tv_temp); + elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; + } + while (pos = memchr(buffer, '\0', i)) { +@@ -1107,12 +1102,12 @@ check_http (void) + + pagesize += i; + +- if (no_body && document_headers_done (full_page)) { +- i = 0; +- break; +- } ++ if (no_body && document_headers_done(full_page)) { ++ i = 0; ++ break; ++ } + } +- microsec_transfer = deltime (tv_temp); ++ microsec_transfer = deltime(tv_temp); + elapsed_time_transfer = (double)microsec_transfer / 1.0e6; + + if (i < 0 && errno != ECONNRESET) { +@@ -1129,176 +1124,187 @@ check_http (void) + else { + */ + #endif +- die (STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n")); ++ die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n")); + #ifdef HAVE_SSL +- /* XXX +- } +- */ ++ /* XXX ++ } ++ */ + #endif + } + + /* return a CRITICAL status if we couldn't read any data */ +- if (pagesize == (size_t) 0) +- die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); ++ if (pagesize == (size_t)0) ++ die(STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); + + /* close the connection */ +- if (sd) close(sd); ++ if (sd) ++ close(sd); + #ifdef HAVE_SSL + np_net_ssl_cleanup(); + #endif + + /* Save check time */ +- microsec = deltime (tv); ++ microsec = deltime(tv); + elapsed_time = (double)microsec / 1.0e6; + + /* leave full_page untouched so we can free it later */ + page = full_page; + + if (verbose) +- printf ("%s://%s:%d%s is %d characters\n", +- use_ssl ? "https" : "http", server_address, +- server_port, server_url, (int)pagesize); ++ printf("%s://%s:%d%s is %d characters\n", use_ssl ? "https" : "http", ++ server_address, server_port, server_url, (int)pagesize); + + /* find status line and null-terminate it */ + status_line = page; +- page += (size_t) strcspn (page, "\r\n"); ++ page += (size_t)strcspn(page, "\r\n"); + pos = page; +- page += (size_t) strspn (page, "\r\n"); ++ page += (size_t)strspn(page, "\r\n"); + status_line[strcspn(status_line, "\r\n")] = 0; +- strip (status_line); ++ strip(status_line); + if (verbose) +- printf ("STATUS: %s\n", status_line); ++ printf("STATUS: %s\n", status_line); + + /* find header info and null-terminate it */ + header = page; +- while (strcspn (page, "\r\n") > 0) { +- page += (size_t) strcspn (page, "\r\n"); ++ while (strcspn(page, "\r\n") > 0) { ++ page += (size_t)strcspn(page, "\r\n"); + pos = page; +- if ((strspn (page, "\r") == 1 && strspn (page, "\r\n") >= 2) || +- (strspn (page, "\n") == 1 && strspn (page, "\r\n") >= 2)) +- page += (size_t) 2; ++ if ((strspn(page, "\r") == 1 && strspn(page, "\r\n") >= 2) || ++ (strspn(page, "\n") == 1 && strspn(page, "\r\n") >= 2)) ++ page += (size_t)2; + else +- page += (size_t) 1; ++ page += (size_t)1; + } +- page += (size_t) strspn (page, "\r\n"); ++ page += (size_t)strspn(page, "\r\n"); + header[pos - header] = 0; + if (verbose) +- printf ("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header, +- (no_body ? " [[ skipped ]]" : page)); ++ printf("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header, ++ (no_body ? " [[ skipped ]]" : page)); + + /* make sure the status line matches the response we are looking for */ +- if (!expected_statuscode (status_line, server_expect)) { ++ if (!expected_statuscode(status_line, server_expect)) { + if (server_port == HTTP_PORT) +- xasprintf (&msg, +- _("Invalid HTTP response received from host: %s\n"), ++ xasprintf(&msg, _("Invalid HTTP response received from host: %s\n"), + status_line); + else +- xasprintf (&msg, ++ xasprintf(&msg, + _("Invalid HTTP response received from host on port %d: %s\n"), + server_port, status_line); + if (show_body) +- xasprintf (&msg, _("%s\n%s"), msg, page); +- die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); ++ xasprintf(&msg, _("%s\n%s"), msg, page); ++ die(STATE_CRITICAL, "HTTP CRITICAL - %s", msg); + } + +- /* Bypass normal status line check if server_expect was set by user and not default */ +- /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string */ +- if ( server_expect_yn ) { +- xasprintf (&msg, +- _("Status line output matched \"%s\" - "), server_expect); ++ /* Bypass normal status line check if server_expect was set by user and not ++ * default */ ++ /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string ++ */ ++ if (server_expect_yn) { ++ xasprintf(&msg, _("Status line output matched \"%s\" - "), server_expect); + if (verbose) +- printf ("%s\n",msg); +- } +- else { ++ printf("%s\n", msg); ++ } else { + /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */ + /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */ + /* Status-Code = 3 DIGITS */ + +- status_code = strchr (status_line, ' ') + sizeof (char); +- if (strspn (status_code, "1234567890") != 3) +- die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), status_line); ++ status_code = strchr(status_line, ' ') + sizeof(char); ++ if (strspn(status_code, "1234567890") != 3) ++ die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), ++ status_line); + +- http_status = atoi (status_code); ++ http_status = atoi(status_code); + + /* check the return code */ + + if (http_status >= 600 || http_status < 100) { +- die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), status_line); ++ die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), ++ status_line); + } + /* server errors result in a critical state */ + else if (http_status >= 500) { +- xasprintf (&msg, _("%s - "), status_line); ++ xasprintf(&msg, _("%s - "), status_line); + result = STATE_CRITICAL; + } + /* client errors result in a warning state */ + else if (http_status >= 400) { +- xasprintf (&msg, _("%s - "), status_line); ++ xasprintf(&msg, _("%s - "), status_line); + result = max_state_alt(STATE_WARNING, result); + } + /* check redirected page if specified */ + else if (http_status >= 300) { + + if (onredirect == STATE_DEPENDENT) +- redir (header, status_line); ++ redir(header, status_line); + else + result = max_state_alt(onredirect, result); +- xasprintf (&msg, _("%s - "), status_line); ++ xasprintf(&msg, _("%s - "), status_line); + } /* end if (http_status >= 300) */ + else { + /* Print OK status anyway */ +- xasprintf (&msg, _("%s - "), status_line); ++ xasprintf(&msg, _("%s - "), status_line); + } + + } /* end else (server_expect_yn) */ + +- /* reset the alarm - must be called *after* redir or we'll never die on redirects! */ +- alarm (0); ++ /* reset the alarm - must be called *after* redir or we'll never die on ++ * redirects! */ ++ alarm(0); + + if (maximum_age >= 0) { + result = max_state_alt(check_document_dates(header, &msg), result); + } + + /* Page and Header content checks go here */ +- if (strlen (header_expect)) { +- if (!strstr (header, header_expect)) { +- strncpy(&output_header_search[0],header_expect,sizeof(output_header_search)); +- if(output_header_search[sizeof(output_header_search)-1]!='\0') { +- bcopy("...",&output_header_search[sizeof(output_header_search)-4],4); ++ if (strlen(header_expect)) { ++ if (!strstr(header, header_expect)) { ++ strncpy(&output_header_search[0], header_expect, ++ sizeof(output_header_search)); ++ if (output_header_search[sizeof(output_header_search) - 1] != '\0') { ++ bcopy("...", &output_header_search[sizeof(output_header_search) - 4], ++ 4); + } +- xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); ++ xasprintf(&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, ++ output_header_search, use_ssl ? "https" : "http", ++ host_name ? host_name : server_address, server_port, ++ server_url); + result = STATE_CRITICAL; + } + } + +- +- if (strlen (string_expect)) { +- if (!strstr (page, string_expect)) { +- strncpy(&output_string_search[0],string_expect,sizeof(output_string_search)); +- if(output_string_search[sizeof(output_string_search)-1]!='\0') { +- bcopy("...",&output_string_search[sizeof(output_string_search)-4],4); ++ if (strlen(string_expect)) { ++ if (!strstr(page, string_expect)) { ++ strncpy(&output_string_search[0], string_expect, ++ sizeof(output_string_search)); ++ if (output_string_search[sizeof(output_string_search) - 1] != '\0') { ++ bcopy("...", &output_string_search[sizeof(output_string_search) - 4], ++ 4); + } +- xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); ++ xasprintf(&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, ++ output_string_search, use_ssl ? "https" : "http", ++ host_name ? host_name : server_address, server_port, ++ server_url); + result = STATE_CRITICAL; + } + } + +- if (strlen (regexp)) { +- errcode = regexec (&preg, page, REGS, pmatch, 0); +- if ((errcode == 0 && invert_regex == 0) || (errcode == REG_NOMATCH && invert_regex == 1)) { ++ if (strlen(regexp)) { ++ errcode = regexec(&preg, page, REGS, pmatch, 0); ++ if ((errcode == 0 && invert_regex == 0) || ++ (errcode == REG_NOMATCH && invert_regex == 1)) { + /* OK - No-op to avoid changing the logic around it */ + result = max_state_alt(STATE_OK, result); +- } +- else if ((errcode == REG_NOMATCH && invert_regex == 0) || (errcode == 0 && invert_regex == 1)) { ++ } else if ((errcode == REG_NOMATCH && invert_regex == 0) || ++ (errcode == 0 && invert_regex == 1)) { + if (invert_regex == 0) +- xasprintf (&msg, _("%spattern not found, "), msg); ++ xasprintf(&msg, _("%spattern not found, "), msg); + else +- xasprintf (&msg, _("%spattern found, "), msg); ++ xasprintf(&msg, _("%spattern found, "), msg); + result = STATE_CRITICAL; +- } +- else { ++ } else { + /* FIXME: Shouldn't that be UNKNOWN? */ +- regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); +- xasprintf (&msg, _("%sExecute Error: %s, "), msg, errbuf); ++ regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER); ++ xasprintf(&msg, _("%sExecute Error: %s, "), msg, errbuf); + result = STATE_CRITICAL; + } + } +@@ -1314,68 +1320,64 @@ check_http (void) + */ + page_len = pagesize; + if ((max_page_len > 0) && (page_len > max_page_len)) { +- xasprintf (&msg, _("%spage size %d too large, "), msg, page_len); ++ xasprintf(&msg, _("%spage size %d too large, "), msg, page_len); + result = max_state_alt(STATE_WARNING, result); + } else if ((min_page_len > 0) && (page_len < min_page_len)) { +- xasprintf (&msg, _("%spage size %d too small, "), msg, page_len); ++ xasprintf(&msg, _("%spage size %d too small, "), msg, page_len); + result = max_state_alt(STATE_WARNING, result); + } + + /* Cut-off trailing characters */ +- if(msg[strlen(msg)-2] == ',') +- msg[strlen(msg)-2] = '\0'; ++ if (msg[strlen(msg) - 2] == ',') ++ msg[strlen(msg) - 2] = '\0'; + else +- msg[strlen(msg)-3] = '\0'; ++ msg[strlen(msg) - 3] = '\0'; + + /* check elapsed time */ + if (show_extended_perfdata) +- xasprintf (&msg, +- _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), +- msg, page_len, elapsed_time, +- (display_html ? "" : ""), +- perfd_time (elapsed_time), +- perfd_size (page_len), +- perfd_time_connect (elapsed_time_connect), +- use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "", +- perfd_time_headers (elapsed_time_headers), +- perfd_time_firstbyte (elapsed_time_firstbyte), +- perfd_time_transfer (elapsed_time_transfer)); ++ xasprintf( ++ &msg, ++ _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), ++ msg, page_len, elapsed_time, (display_html ? "" : ""), ++ perfd_time(elapsed_time), perfd_size(page_len), ++ perfd_time_connect(elapsed_time_connect), ++ use_ssl == true ? perfd_time_ssl(elapsed_time_ssl) : "", ++ perfd_time_headers(elapsed_time_headers), ++ perfd_time_firstbyte(elapsed_time_firstbyte), ++ perfd_time_transfer(elapsed_time_transfer)); + else +- xasprintf (&msg, +- _("%s - %d bytes in %.3f second response time %s|%s %s"), +- msg, page_len, elapsed_time, +- (display_html ? "" : ""), +- perfd_time (elapsed_time), +- perfd_size (page_len)); ++ xasprintf(&msg, _("%s - %d bytes in %.3f second response time %s|%s %s"), ++ msg, page_len, elapsed_time, (display_html ? "" : ""), ++ perfd_time(elapsed_time), perfd_size(page_len)); + + if (show_body) +- xasprintf (&msg, _("%s\n%s"), msg, page); ++ xasprintf(&msg, _("%s\n%s"), msg, page); + + result = max_state_alt(get_status(elapsed_time, thlds), result); + +- die (result, "HTTP %s: %s\n", state_text(result), msg); ++ die(result, "HTTP %s: %s\n", state_text(result), msg); + /* die failed? */ + return STATE_UNKNOWN; + } + +- +- + /* per RFC 2396 */ + #define URI_HTTP "%5[HTPShtps]" +-#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" ++#define URI_HOST \ ++ "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" + #define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */ +-#define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" ++#define URI_PATH \ ++ "%[-_.!~*'();/" \ ++ "?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" + #define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH + #define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH + #define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT + #define HD4 URI_HTTP "://" URI_HOST +-/* relative reference redirect like //www.site.org/test https://tools.ietf.org/html/rfc3986 */ ++/* relative reference redirect like //www.site.org/test ++ * https://tools.ietf.org/html/rfc3986 */ + #define HD5 "//" URI_HOST "/" URI_PATH + #define HD6 URI_PATH + +-void +-redir (char *pos, char *status_line) +-{ ++void redir(char *pos, char *status_line) { + int i = 0; + char *x; + char xx[2]; +@@ -1383,101 +1385,101 @@ redir (char *pos, char *status_line) + char *addr; + char *url; + +- addr = malloc (MAX_IPV4_HOSTLENGTH + 1); ++ addr = malloc(MAX_IPV4_HOSTLENGTH + 1); + if (addr == NULL) +- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); ++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); + + memset(addr, 0, MAX_IPV4_HOSTLENGTH); +- url = malloc (strcspn (pos, "\r\n")); ++ url = malloc(strcspn(pos, "\r\n")); + if (url == NULL) +- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); ++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); + + while (pos) { +- sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i); ++ sscanf(pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", ++ xx, &i); + if (i == 0) { +- pos += (size_t) strcspn (pos, "\r\n"); +- pos += (size_t) strspn (pos, "\r\n"); ++ pos += (size_t)strcspn(pos, "\r\n"); ++ pos += (size_t)strspn(pos, "\r\n"); + if (strlen(pos) == 0) +- die (STATE_UNKNOWN, +- _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"), +- status_line, (display_html ? "" : "")); ++ die(STATE_UNKNOWN, ++ _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"), ++ status_line, (display_html ? "" : "")); + continue; + } + + pos += i; +- pos += strspn (pos, " \t"); ++ pos += strspn(pos, " \t"); + + /* + * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by + * preceding each extra line with at least one SP or HT.'' + */ +- for (; (i = strspn (pos, "\r\n")); pos += i) { ++ for (; (i = strspn(pos, "\r\n")); pos += i) { + pos += i; +- if (!(i = strspn (pos, " \t"))) { +- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"), +- display_html ? "" : ""); ++ if (!(i = strspn(pos, " \t"))) { ++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"), ++ display_html ? "" : ""); + } + } + +- url = realloc (url, strcspn (pos, "\r\n") + 1); ++ url = realloc(url, strcspn(pos, "\r\n") + 1); + if (url == NULL) +- die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); ++ die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); + + /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */ +- if (sscanf (pos, HD1, type, addr, &i, url) == 4) { +- url = prepend_slash (url); +- use_ssl = server_type_check (type); ++ if (sscanf(pos, HD1, type, addr, &i, url) == 4) { ++ url = prepend_slash(url); ++ use_ssl = server_type_check(type); + } + + /* URI_HTTP URI_HOST URI_PATH */ +- else if (sscanf (pos, HD2, type, addr, url) == 3 ) { +- url = prepend_slash (url); +- use_ssl = server_type_check (type); +- i = server_port_check (use_ssl); ++ else if (sscanf(pos, HD2, type, addr, url) == 3) { ++ url = prepend_slash(url); ++ use_ssl = server_type_check(type); ++ i = server_port_check(use_ssl); + } + + /* URI_HTTP URI_HOST URI_PORT */ +- else if (sscanf (pos, HD3, type, addr, &i) == 3) { +- strcpy (url, HTTP_URL); +- use_ssl = server_type_check (type); ++ else if (sscanf(pos, HD3, type, addr, &i) == 3) { ++ strcpy(url, HTTP_URL); ++ use_ssl = server_type_check(type); + } + + /* URI_HTTP URI_HOST */ +- else if (sscanf (pos, HD4, type, addr) == 2) { +- strcpy (url, HTTP_URL); +- use_ssl = server_type_check (type); +- i = server_port_check (use_ssl); ++ else if (sscanf(pos, HD4, type, addr) == 2) { ++ strcpy(url, HTTP_URL); ++ use_ssl = server_type_check(type); ++ i = server_port_check(use_ssl); + } + /* URI_HTTP, URI_HOST, URI_PATH */ +- else if (sscanf (pos, HD5, addr, url) == 2) { +- if(use_ssl){ +- strcpy (type,"https"); +- } +- else{ +- strcpy (type, server_type); ++ else if (sscanf(pos, HD5, addr, url) == 2) { ++ if (use_ssl) { ++ strcpy(type, "https"); ++ } else { ++ strcpy(type, server_type); + } +- xasprintf (&url, "/%s", url); +- use_ssl = server_type_check (type); +- i = server_port_check (use_ssl); ++ xasprintf(&url, "/%s", url); ++ use_ssl = server_type_check(type); ++ i = server_port_check(use_ssl); + } + + /* URI_PATH */ +- else if (sscanf (pos, HD6, url) == 1) { ++ else if (sscanf(pos, HD6, url) == 1) { + /* relative url */ + if ((url[0] != '/')) { + if ((x = strrchr(server_url, '/'))) + *x = '\0'; +- xasprintf (&url, "%s/%s", server_url, url); ++ xasprintf(&url, "%s/%s", server_url, url); + } + i = server_port; +- strcpy (type, server_type); +- strcpy (addr, host_name ? host_name : server_address); ++ strcpy(type, server_type); ++ strcpy(addr, host_name ? host_name : server_address); + } + + else { +- die (STATE_UNKNOWN, +- _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), +- pos, (display_html ? "" : "")); ++ die(STATE_UNKNOWN, ++ _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), pos, ++ (display_html ? "" : "")); + } + + break; +@@ -1485,299 +1487,356 @@ redir (char *pos, char *status_line) + } /* end while (pos) */ + + if (++redir_depth > max_depth) +- die (STATE_WARNING, +- _("HTTP WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"), +- max_depth, type, addr, i, url, (display_html ? "" : "")); ++ die(STATE_WARNING, ++ _("HTTP WARNING - maximum redirection depth %d exceeded - " ++ "%s://%s:%d%s%s\n"), ++ max_depth, type, addr, i, url, (display_html ? "" : "")); + +- if (server_port==i && +- !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && ++ if (server_port == i && !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && + (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && + !strcmp(server_url, url)) +- die (STATE_CRITICAL, +- _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"), +- type, addr, i, url, (display_html ? "" : "")); ++ die(STATE_CRITICAL, ++ _("HTTP CRITICAL - redirection creates an infinite loop - " ++ "%s://%s:%d%s%s\n"), ++ type, addr, i, url, (display_html ? "" : "")); + +- strcpy (server_type, type); ++ strcpy(server_type, type); + +- free (host_name); +- host_name = strndup (addr, MAX_IPV4_HOSTLENGTH); ++ free(host_name); ++ host_name = strndup(addr, MAX_IPV4_HOSTLENGTH); + + if (!(followsticky & STICKY_HOST)) { +- free (server_address); +- server_address = strndup (addr, MAX_IPV4_HOSTLENGTH); ++ free(server_address); ++ server_address = strndup(addr, MAX_IPV4_HOSTLENGTH); + } + if (!(followsticky & STICKY_PORT)) { + server_port = i; + } + +- free (server_url); ++ free(server_url); + server_url = url; + + if (server_port > MAX_PORT) +- die (STATE_UNKNOWN, +- _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"), +- MAX_PORT, server_type, server_address, server_port, server_url, +- display_html ? "" : ""); ++ die(STATE_UNKNOWN, ++ _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"), ++ MAX_PORT, server_type, server_address, server_port, server_url, ++ display_html ? "" : ""); + + /* reset virtual port */ + virtual_port = server_port; + + if (verbose) +- printf (_("Redirection to %s://%s:%d%s\n"), server_type, +- host_name ? host_name : server_address, server_port, server_url); ++ printf(_("Redirection to %s://%s:%d%s\n"), server_type, ++ host_name ? host_name : server_address, server_port, server_url); + + free(addr); +- check_http (); ++ check_http(); + } + +- +-bool +-server_type_check (const char *type) +-{ +- if (strcmp (type, "https")) ++bool server_type_check(const char *type) { ++ if (strcmp(type, "https")) + return false; + else + return true; + } + +-int +-server_port_check (int ssl_flag) +-{ ++int server_port_check(int ssl_flag) { + if (ssl_flag) + return HTTPS_PORT; + else + return HTTP_PORT; + } + +-char *perfd_time (double elapsed_time) +-{ +- return fperfdata ("time", elapsed_time, "s", +- thlds->warning?true:false, thlds->warning?thlds->warning->end:0, +- thlds->critical?true:false, thlds->critical?thlds->critical->end:0, +- true, 0, true, socket_timeout); ++char *perfd_time(double elapsed_time) { ++ return fperfdata("time", elapsed_time, "s", thlds->warning ? true : false, ++ thlds->warning ? thlds->warning->end : 0, ++ thlds->critical ? true : false, ++ thlds->critical ? thlds->critical->end : 0, true, 0, true, ++ socket_timeout); + } + +-char *perfd_time_connect (double elapsed_time_connect) +-{ +- return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout); ++char *perfd_time_connect(double elapsed_time_connect) { ++ return fperfdata("time_connect", elapsed_time_connect, "s", false, 0, false, ++ 0, false, 0, true, socket_timeout); + } + +-char *perfd_time_ssl (double elapsed_time_ssl) +-{ +- return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout); ++char *perfd_time_ssl(double elapsed_time_ssl) { ++ return fperfdata("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, ++ 0, true, socket_timeout); + } + +-char *perfd_time_headers (double elapsed_time_headers) +-{ +- return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout); ++char *perfd_time_headers(double elapsed_time_headers) { ++ return fperfdata("time_headers", elapsed_time_headers, "s", false, 0, false, ++ 0, false, 0, true, socket_timeout); + } + +-char *perfd_time_firstbyte (double elapsed_time_firstbyte) +-{ +- return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout); ++char *perfd_time_firstbyte(double elapsed_time_firstbyte) { ++ return fperfdata("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, ++ false, 0, false, 0, true, socket_timeout); + } + +-char *perfd_time_transfer (double elapsed_time_transfer) +-{ +- return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout); ++char *perfd_time_transfer(double elapsed_time_transfer) { ++ return fperfdata("time_transfer", elapsed_time_transfer, "s", false, 0, false, ++ 0, false, 0, true, socket_timeout); + } + +-char *perfd_size (int page_len) +-{ +- return perfdata ("size", page_len, "B", +- (min_page_len>0?true:false), min_page_len, +- (min_page_len>0?true:false), 0, +- true, 0, false, 0); ++char *perfd_size(int page_len) { ++ return perfdata("size", page_len, "B", (min_page_len > 0 ? true : false), ++ min_page_len, (min_page_len > 0 ? true : false), 0, true, 0, ++ false, 0); + } + +-void +-print_help (void) +-{ +- print_revision (progname, NP_VERSION); ++void print_help(void) { ++ print_revision(progname, NP_VERSION); + +- printf ("Copyright (c) 1999 Ethan Galstad \n"); +- printf (COPYRIGHT, copyright, email); ++ printf("Copyright (c) 1999 Ethan Galstad \n"); ++ printf(COPYRIGHT, copyright, email); + +- printf ("%s\n", _("This plugin tests the HTTP service on the specified host. It can test")); +- printf ("%s\n", _("normal (http) and secure (https) servers, follow redirects, search for")); +- printf ("%s\n", _("strings and regular expressions, check connection times, and report on")); +- printf ("%s\n", _("certificate expiration times.")); ++ printf("%s\n", _("This plugin tests the HTTP service on the specified host. " ++ "It can test")); ++ printf("%s\n", _("normal (http) and secure (https) servers, follow " ++ "redirects, search for")); ++ printf("%s\n", _("strings and regular expressions, check connection times, " ++ "and report on")); ++ printf("%s\n", _("certificate expiration times.")); + +- printf ("\n\n"); ++ printf("\n\n"); + +- print_usage (); ++ print_usage(); + + #ifdef HAVE_SSL +- printf (_("In the first form, make an HTTP request.")); +- printf (_("In the second form, connect to the server and check the TLS certificate.")); ++ printf(_("In the first form, make an HTTP request.")); ++ printf(_("In the second form, connect to the server and check the TLS " ++ "certificate.")); + #endif +- printf (_("NOTE: One or both of -H and -I must be specified")); ++ printf(_("NOTE: One or both of -H and -I must be specified")); + +- printf ("\n"); ++ printf("\n"); + +- printf (UT_HELP_VRSN); +- printf (UT_EXTRA_OPTS); ++ printf(UT_HELP_VRSN); ++ printf(UT_EXTRA_OPTS); + +- printf (" %s\n", "-H, --hostname=ADDRESS"); +- printf (" %s\n", _("Host name argument for servers using host headers (virtual host)")); +- printf (" %s\n", _("Append a port to include it in the header (eg: example.com:5000)")); +- printf (" %s\n", "-I, --IP-address=ADDRESS"); +- printf (" %s\n", _("IP address or name (use numeric address if possible to bypass DNS lookup).")); +- printf (" %s\n", "-p, --port=INTEGER"); +- printf (" %s", _("Port number (default: ")); +- printf ("%d)\n", HTTP_PORT); ++ printf(" %s\n", "-H, --hostname=ADDRESS"); ++ printf(" %s\n", ++ _("Host name argument for servers using host headers (virtual host)")); ++ printf(" %s\n", ++ _("Append a port to include it in the header (eg: example.com:5000)")); ++ printf(" %s\n", "-I, --IP-address=ADDRESS"); ++ printf(" %s\n", _("IP address or name (use numeric address if possible to " ++ "bypass DNS lookup).")); ++ printf(" %s\n", "-p, --port=INTEGER"); ++ printf(" %s", _("Port number (default: ")); ++ printf("%d)\n", HTTP_PORT); + +- printf (UT_IPv46); ++ printf(UT_IPv46); + + #ifdef HAVE_SSL +- printf (" %s\n", "-S, --ssl=VERSION[+]"); +- printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); +- printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); +- printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted.")); +- printf (" %s\n", "--sni"); +- printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); +- printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); +- printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); +- printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); +- printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); +- printf (" %s\n", "--continue-after-certificate"); +- printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); +- printf (" %s\n", _("Does nothing unless -C is used.")); +- printf (" %s\n", "-J, --client-cert=FILE"); +- printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); +- printf (" %s\n", _("to be used in establishing the SSL session")); +- printf (" %s\n", "-K, --private-key=FILE"); +- printf (" %s\n", _("Name of file containing the private key (PEM format)")); +- printf (" %s\n", _("matching the client certificate")); ++ printf(" %s\n", "-S, --ssl=VERSION[+]"); ++ printf(" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is " ++ "optional, and prevents")); ++ printf( ++ " %s\n", ++ _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); ++ printf(" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are " ++ "also accepted.")); ++ printf(" %s\n", "--sni"); ++ printf(" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); ++ printf(" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); ++ printf(" %s\n", _("Minimum number of days a certificate has to be valid. " ++ "Port defaults to 443")); ++ printf(" %s\n", _("(when this option is used the URL is not checked by " ++ "default. You can use")); ++ printf(" %s\n", ++ _(" --continue-after-certificate to override this behavior)")); ++ printf(" %s\n", "--continue-after-certificate"); ++ printf(" %s\n", _("Allows the HTTP check to continue after performing the " ++ "certificate check.")); ++ printf(" %s\n", _("Does nothing unless -C is used.")); ++ printf(" %s\n", "-J, --client-cert=FILE"); ++ printf(" %s\n", ++ _("Name of file that contains the client certificate (PEM format)")); ++ printf(" %s\n", _("to be used in establishing the SSL session")); ++ printf(" %s\n", "-K, --private-key=FILE"); ++ printf(" %s\n", _("Name of file containing the private key (PEM format)")); ++ printf(" %s\n", _("matching the client certificate")); + #endif + +- printf (" %s\n", "-e, --expect=STRING"); +- printf (" %s\n", _("Comma-delimited list of strings, at least one of them is expected in")); +- printf (" %s", _("the first (status) line of the server response (default: ")); +- printf ("%s)\n", HTTP_EXPECT); +- printf (" %s\n", _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)")); +- printf (" %s\n", "-d, --header-string=STRING"); +- printf (" %s\n", _("String to expect in the response headers")); +- printf (" %s\n", "-s, --string=STRING"); +- printf (" %s\n", _("String to expect in the content")); +- printf (" %s\n", "-u, --url=PATH"); +- printf (" %s\n", _("URL to GET or POST (default: /)")); +- printf (" %s\n", "-P, --post=STRING"); +- printf (" %s\n", _("URL encoded http POST data")); +- printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)"); +- printf (" %s\n", _("Set HTTP method.")); +- printf (" %s\n", "-N, --no-body"); +- printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); +- printf (" %s\n", _("(Note that this still does an HTTP GET or POST, not a HEAD.)")); +- printf (" %s\n", "-M, --max-age=SECONDS"); +- printf (" %s\n", _("Warn if document is more than SECONDS old. the number can also be of")); +- printf (" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or \"10d\" for days.")); +- printf (" %s\n", "-T, --content-type=STRING"); +- printf (" %s\n", _("specify Content-Type header media type when POSTing\n")); +- +- printf (" %s\n", "-l, --linespan"); +- printf (" %s\n", _("Allow regex to span newlines (must precede -r or -R)")); +- printf (" %s\n", "-r, --regex, --ereg=STRING"); +- printf (" %s\n", _("Search page for regex STRING")); +- printf (" %s\n", "-R, --eregi=STRING"); +- printf (" %s\n", _("Search page for case-insensitive regex STRING")); +- printf (" %s\n", "--invert-regex"); +- printf (" %s\n", _("Return CRITICAL if found, OK if not\n")); +- +- printf (" %s\n", "-a, --authorization=AUTH_PAIR"); +- printf (" %s\n", _("Username:password on sites with basic authentication")); +- printf (" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); +- printf (" %s\n", _("Username:password on proxy-servers with basic authentication")); +- printf (" %s\n", "-A, --useragent=STRING"); +- printf (" %s\n", _("String to be sent in http header as \"User Agent\"")); +- printf (" %s\n", "-k, --header=STRING"); +- printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); +- printf (" %s\n", "-E, --extended-perfdata"); +- printf (" %s\n", _("Print additional performance data")); +- printf (" %s\n", "-B, --show-body"); +- printf (" %s\n", _("Print body content below status line")); +- printf (" %s\n", "-L, --link"); +- printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); +- printf (" %s\n", "-f, --onredirect="); +- printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); +- printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); +- printf (" %s\n", "--max-redirs=INTEGER"); +- printf (" %s", _("Maximal number of redirects (default: ")); +- printf ("%d)\n", DEFAULT_MAX_REDIRS); +- printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); +- printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); +- printf (UT_WARN_CRIT); +- +- printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); +- +- printf (UT_VERBOSE); +- +- printf ("\n"); +- printf ("%s\n", _("Notes:")); +- printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host.")); +- printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL")); +- printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response")); +- printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are")); +- printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN")); +- printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument.")); ++ printf(" %s\n", "-e, --expect=STRING"); ++ printf(" %s\n", _("Comma-delimited list of strings, at least one of them " ++ "is expected in")); ++ printf(" %s", ++ _("the first (status) line of the server response (default: ")); ++ printf("%s)\n", HTTP_EXPECT); ++ printf(" %s\n", _("If specified skips all other status line logic (ex: " ++ "3xx, 4xx, 5xx processing)")); ++ printf(" %s\n", "-d, --header-string=STRING"); ++ printf(" %s\n", _("String to expect in the response headers")); ++ printf(" %s\n", "-s, --string=STRING"); ++ printf(" %s\n", _("String to expect in the content")); ++ printf(" %s\n", "-u, --url=PATH"); ++ printf(" %s\n", _("URL to GET or POST (default: /)")); ++ printf(" %s\n", "-P, --post=STRING"); ++ printf(" %s\n", _("URL encoded http POST data")); ++ printf(" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, " ++ "PUT, DELETE, CONNECT, CONNECT:POST)"); ++ printf(" %s\n", _("Set HTTP method.")); ++ printf(" %s\n", "-N, --no-body"); ++ printf(" %s\n", ++ _("Don't wait for document body: stop reading after headers.")); ++ printf(" %s\n", ++ _("(Note that this still does an HTTP GET or POST, not a HEAD.)")); ++ printf(" %s\n", "-M, --max-age=SECONDS"); ++ printf(" %s\n", _("Warn if document is more than SECONDS old. the number " ++ "can also be of")); ++ printf(" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or " ++ "\"10d\" for days.")); ++ printf(" %s\n", "-T, --content-type=STRING"); ++ printf(" %s\n", ++ _("specify Content-Type header media type when POSTing\n")); ++ ++ printf(" %s\n", "-l, --linespan"); ++ printf(" %s\n", _("Allow regex to span newlines (must precede -r or -R)")); ++ printf(" %s\n", "-r, --regex, --ereg=STRING"); ++ printf(" %s\n", _("Search page for regex STRING")); ++ printf(" %s\n", "-R, --eregi=STRING"); ++ printf(" %s\n", _("Search page for case-insensitive regex STRING")); ++ printf(" %s\n", "--invert-regex"); ++ printf(" %s\n", _("Return CRITICAL if found, OK if not\n")); ++ ++ printf(" %s\n", "-a, --authorization=AUTH_PAIR"); ++ printf(" %s\n", _("Username:password on sites with basic authentication")); ++ printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); ++ printf(" %s\n", ++ _("Username:password on proxy-servers with basic authentication")); ++ printf(" %s\n", "-A, --useragent=STRING"); ++ printf(" %s\n", _("String to be sent in http header as \"User Agent\"")); ++ printf(" %s\n", "-k, --header=STRING"); ++ printf(" %s\n", _("Any other tags to be sent in http header. Use multiple " ++ "times for additional headers")); ++ printf(" %s\n", "-E, --extended-perfdata"); ++ printf(" %s\n", _("Print additional performance data")); ++ printf(" %s\n", "-B, --show-body"); ++ printf(" %s\n", _("Print body content below status line")); ++ printf(" %s\n", "-L, --link"); ++ printf(" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); ++ printf(" %s\n", ++ "-f, --onredirect="); ++ printf(" %s\n", _("How to handle redirected pages. sticky is like follow " ++ "but stick to the")); ++ printf( ++ " %s\n", ++ _("specified IP address. stickyport also ensures port stays the same.")); ++ printf(" %s\n", "--max-redirs=INTEGER"); ++ printf(" %s", _("Maximal number of redirects (default: ")); ++ printf("%d)\n", DEFAULT_MAX_REDIRS); ++ printf(" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); ++ printf(" %s\n", _("Minimum page size required (bytes) : Maximum page size " ++ "required (bytes)")); ++ printf(UT_WARN_CRIT); ++ ++ printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); ++ ++ printf(UT_VERBOSE); ++ ++ printf("\n"); ++ printf("%s\n", _("Notes:")); ++ printf( ++ " %s\n", ++ _("This plugin will attempt to open an HTTP connection with the host.")); ++ printf(" %s\n", _("Successful connects return STATE_OK, refusals and " ++ "timeouts return STATE_CRITICAL")); ++ printf(" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, " ++ "but incorrect response")); ++ printf(" %s\n", _("messages from the host result in STATE_WARNING return " ++ "values. If you are")); ++ printf(" %s\n", _("checking a virtual server that uses 'host headers' you " ++ "must supply the FQDN")); ++ printf(" %s\n", ++ _("(fully qualified domain name) as the [host_name] argument.")); + + #ifdef HAVE_SSL +- printf ("\n"); +- printf (" %s\n", _("This plugin can also check whether an SSL enabled web server is able to")); +- printf (" %s\n", _("serve content (optionally within a specified time) or whether the X509 ")); +- printf (" %s\n", _("certificate is still valid for the specified number of days.")); +- printf ("\n"); +- printf (" %s\n", _("Please note that this plugin does not check if the presented server")); +- printf (" %s\n", _("certificate matches the hostname of the server, or if the certificate")); +- printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs.")); +- printf ("\n"); +- printf ("%s\n", _("Examples:")); +- printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); +- printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,")); +- printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); +- printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); +- printf (" %s\n", _("a STATE_CRITICAL will be returned.")); +- printf ("\n"); +- printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); +- printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); +- printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); +- printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); +- printf (" %s\n\n", _("the certificate is expired.")); +- printf ("\n"); +- printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); +- printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); +- printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); +- printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); +- printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); +- +- printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); +- printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); +- printf (" %s\n", _("all these options are needed: -I -p -u -S(sl) -j CONNECT -H ")); +- printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); +- printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); +- printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used")); +- printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST")); ++ printf("\n"); ++ printf(" %s\n", _("This plugin can also check whether an SSL enabled web " ++ "server is able to")); ++ printf(" %s\n", _("serve content (optionally within a specified time) or " ++ "whether the X509 ")); ++ printf(" %s\n", ++ _("certificate is still valid for the specified number of days.")); ++ printf("\n"); ++ printf( ++ " %s\n", ++ _("Please note that this plugin does not check if the presented server")); ++ printf(" %s\n", _("certificate matches the hostname of the server, or if the " ++ "certificate")); ++ printf(" %s\n", ++ _("has a valid chain of trust to one of the locally installed CAs.")); ++ printf("\n"); ++ printf("%s\n", _("Examples:")); ++ printf(" %s\n\n", ++ "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); ++ printf(" %s\n", _("When the 'www.verisign.com' server returns its content " ++ "within 5 seconds,")); ++ printf(" %s\n", _("a STATE_OK will be returned. When the server returns its " ++ "content but exceeds")); ++ printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. " ++ "When an error occurs,")); ++ printf(" %s\n", _("a STATE_CRITICAL will be returned.")); ++ printf("\n"); ++ printf(" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); ++ printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for " ++ "more than 14 days,")); ++ printf(" %s\n", _("a STATE_OK is returned. When the certificate is still " ++ "valid, but for less than")); ++ printf(" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL " ++ "will be returned when")); ++ printf(" %s\n\n", _("the certificate is expired.")); ++ printf("\n"); ++ printf(" %s\n\n", ++ "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); ++ printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for " ++ "more than 30 days,")); ++ printf(" %s\n", _("a STATE_OK is returned. When the certificate is still " ++ "valid, but for less than")); ++ printf(" %s\n", ++ _("30 days, but more than 14 days, a STATE_WARNING is returned.")); ++ printf(" %s\n", _("A STATE_CRITICAL will be returned when certificate " ++ "expires in less than 14 days")); ++ ++ printf(" %s\n\n", ++ "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); ++ printf(" %s\n", ++ _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S " ++ "-j CONNECT -H www.verisign.com ")); ++ printf(" %s\n", _("all these options are needed: -I -p " ++ "-u -S(sl) -j CONNECT -H ")); ++ printf(" %s\n", _("a STATE_OK will be returned. When the server returns its " ++ "content but exceeds")); ++ printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. " ++ "When an error occurs,")); ++ printf(" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to " ++ "the method you can set the method used")); ++ printf(" %s\n", _("inside the proxied connection: -j CONNECT:POST")); + + #endif + +- printf (UT_SUPPORT); +- ++ printf(UT_SUPPORT); + } + +- +- +-void +-print_usage (void) +-{ +- printf ("%s\n", _("Usage:")); +- printf (" %s -H | -I [-u ] [-p ]\n",progname); +- printf (" [-J ] [-K ]\n"); +- printf (" [-w ] [-c ] [-t ] [-L] [-E] [-a auth]\n"); +- printf (" [-b proxy_auth] [-f ]\n"); +- printf (" [-e ] [-d string] [-s string] [-l] [-r | -R ]\n"); +- printf (" [-P string] [-m :] [-4|-6] [-N] [-M ]\n"); +- printf (" [-A string] [-k string] [-S ] [--sni]\n"); +- printf (" [-T ] [-j method]\n"); +- printf (" %s -H | -I -C [,]\n",progname); +- printf (" [-p ] [-t ] [-4|-6] [--sni]\n"); ++void print_usage(void) { ++ printf("%s\n", _("Usage:")); ++ printf(" %s -H | -I [-u ] [-p ]\n", progname); ++ printf(" [-J ] [-K ]\n"); ++ printf(" [-w ] [-c ] [-t ] [-L] " ++ "[-E] [-a auth]\n"); ++ printf(" [-b proxy_auth] [-f " ++ "]\n"); ++ printf(" [-e ] [-d string] [-s string] [-l] [-r | -R " ++ "]\n"); ++ printf(" [-P string] [-m :] [-4|-6] [-N] [-M " ++ "]\n"); ++ printf(" [-A string] [-k string] [-S ] [--sni]\n"); ++ printf(" [-T ] [-j method]\n"); ++ printf(" %s -H | -I -C [,]\n", ++ progname); ++ printf(" [-p ] [-t ] [-4|-6] [--sni]\n"); + } + +From f58eca14de455c31a90916918350d1bfc3b8caf0 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Sun, 13 Nov 2022 19:01:33 +0100 +Subject: [PATCH 05/16] Remove dead code + +--- + plugins/check_http.c | 18 ------------------ + 1 file changed, 18 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 440c84229..ca8746b78 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -1111,25 +1111,7 @@ int check_http(void) { + elapsed_time_transfer = (double)microsec_transfer / 1.0e6; + + if (i < 0 && errno != ECONNRESET) { +-#ifdef HAVE_SSL +- /* +- if (use_ssl) { +- sslerr=SSL_get_error(ssl, i); +- if ( sslerr == SSL_ERROR_SSL ) { +- die (STATE_WARNING, _("HTTP WARNING - Client Certificate Required\n")); +- } else { +- die (STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n")); +- } +- } +- else { +- */ +-#endif + die(STATE_CRITICAL, _("HTTP CRITICAL - Error on receive\n")); +-#ifdef HAVE_SSL +- /* XXX +- } +- */ +-#endif + } + + /* return a CRITICAL status if we couldn't read any data */ + +From bbfff3affb2601327b7ef09457edced731aa7d37 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Sun, 13 Nov 2022 23:03:25 +0100 +Subject: [PATCH 06/16] Remove legacy comments and add some new ones + +--- + plugins/check_http.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index ca8746b78..859e3e35c 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -31,9 +31,6 @@ + * + *****************************************************************************/ + +-/* splint -I. -I../../plugins -I../../lib/ -I/usr/kerberos/include/ +- * ../../plugins/check_http.c */ +- + const char *progname = "check_http"; + const char *copyright = "1999-2022"; + const char *email = "devel@monitoring-plugins.org"; +@@ -136,6 +133,7 @@ char buffer[MAX_INPUT_BUFFER]; + char *client_cert = NULL; + char *client_privkey = NULL; + ++// Forward function declarations + bool process_arguments(int, char **); + int check_http(void); + void redir(char *pos, char *status_line); + +From 350972bf011c6dfd9bae2d761842c928b9255d2f Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Sun, 13 Nov 2022 23:06:51 +0100 +Subject: [PATCH 07/16] Restructure code a bit to put things where they are + actually needed + +--- + plugins/check_http.c | 12 +++++++----- + 1 file changed, 7 insertions(+), 5 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 859e3e35c..a2c7571bb 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -103,8 +103,6 @@ int server_expect_yn = 0; + char server_expect[MAX_INPUT_BUFFER] = HTTP_EXPECT; + char header_expect[MAX_INPUT_BUFFER] = ""; + char string_expect[MAX_INPUT_BUFFER] = ""; +-char output_header_search[30] = ""; +-char output_string_search[30] = ""; + char *warning_thresholds = NULL; + char *critical_thresholds = NULL; + thresholds *thlds; +@@ -1236,8 +1234,10 @@ int check_http(void) { + } + + /* Page and Header content checks go here */ +- if (strlen(header_expect)) { +- if (!strstr(header, header_expect)) { ++ if (strlen(header_expect) > 0) { ++ if (strstr(header, header_expect) == NULL) { ++ // We did not find the header, the rest is for building the output and setting the state ++ char output_header_search[30] = ""; + strncpy(&output_header_search[0], header_expect, + sizeof(output_header_search)); + if (output_header_search[sizeof(output_header_search) - 1] != '\0') { +@@ -1254,6 +1254,8 @@ int check_http(void) { + + if (strlen(string_expect)) { + if (!strstr(page, string_expect)) { ++ // We found the string the body, the rest is for building the output ++ char output_string_search[30] = ""; + strncpy(&output_string_search[0], string_expect, + sizeof(output_string_search)); + if (output_string_search[sizeof(output_string_search) - 1] != '\0') { +@@ -1268,7 +1270,7 @@ int check_http(void) { + } + } + +- if (strlen(regexp)) { ++ if (strlen(regexp) > 0) { + errcode = regexec(&preg, page, REGS, pmatch, 0); + if ((errcode == 0 && invert_regex == 0) || + (errcode == REG_NOMATCH && invert_regex == 1)) { + +From 34e565a1fa04ea6e878eb203e386efa1bd1ea52b Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Sun, 13 Nov 2022 23:07:14 +0100 +Subject: [PATCH 08/16] Implement chunked encoding decoding + +--- + plugins/check_http.c | 103 ++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 102 insertions(+), 1 deletion(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index a2c7571bb..5710cfe17 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -146,6 +146,7 @@ char *perfd_time_transfer(double microsec); + char *perfd_size(int page_len); + void print_help(void); + void print_usage(void); ++char *unchunk_content(char *content); + + int main(int argc, char **argv) { + int result = STATE_UNKNOWN; +@@ -1252,7 +1253,26 @@ int check_http(void) { + } + } + +- if (strlen(string_expect)) { ++ // At this point we should test if the content is chunked and unchunk it, so ++ // it can be searched (and possibly printed) ++ const char *chunked_header_regex_string = "Transfer-Encoding:\\s*chunked\\s*"CRLF; ++ regex_t chunked_header_regex; ++ ++ if (regcomp(&chunked_header_regex, chunked_header_regex_string, 0)) { ++ die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to compile chunked_header_regex regex"); ++ } ++ ++ regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found ++ ++ if (regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) { ++ // We actually found the chunked header ++ char *tmp = unchunk_content(page); ++ if (tmp == NULL) { ++ die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to unchunk message body"); ++ } ++ } ++ ++ if (strlen(string_expect) > 0) { + if (!strstr(page, string_expect)) { + // We found the string the body, the rest is for building the output + char output_string_search[30] = ""; +@@ -1342,6 +1362,87 @@ int check_http(void) { + return STATE_UNKNOWN; + } + ++/* Receivces a pointer to the beginning of the body of a HTTP message ++ * which is chunked and returns a pointer to a freshly allocated memory ++ * region containing the unchunked body or NULL if something failed. ++ * The result must be freed by the caller. ++ */ ++char *unchunk_content(const char *content) { ++ // https://en.wikipedia.org/wiki/Chunked_transfer_encoding ++ // https://www.rfc-editor.org/rfc/rfc7230#section-4.1 ++ char *result = NULL; ++ size_t content_length = strlen(content); ++ char *start_of_chunk, end_of_chunk; ++ long size_of_chunk; ++ char *pointer = content; ++ char *endptr; ++ long length_of_chunk = 0; ++ size_t overall_size = 0; ++ char *result_ptr; ++ ++ while (true) { ++ size_of_chunk = strtol(pointer, &endptr, 16); ++ if (size_of_chunk == LONG_MIN || size_of_chunk == LONG_MAX) { ++ // Apparently underflow or overflow, should not happen ++ if (verbose) { ++ printf("Got an underflow or overflow from strtol at: %u\n", __LINE__); ++ } ++ return NULL; ++ } ++ if (endptr == pointer) { ++ // Apparently this was not a number ++ if (verbose) { ++ printf("Chunked content did not start with a number at all (Line: %u)\n", __LINE__); ++ } ++ return NULL ++ } ++ ++ // So, we got the length of the chunk ++ if (*endptr == ';') { ++ // Chunk extension starts here ++ // TODO ++ while (*endptr != '\r') { ++ endptr++; ++ } ++ } ++ ++ start_of_chunk = endptr + 2; ++ end_of_chunk = start_of_chunk + size_of_chunk; ++ length_of_chunk = end_of_chunk - start_of_chunk; ++ ++ if (length_of_chunk == 0) { ++ // Chunk length is 0, so this is the last one ++ break; ++ } ++ ++ overall_size += length_of_chunk; ++ ++ if (result == NULL) { ++ result = (char *)calloc(length_of_chunk, sizeof(char)); ++ if (result == NULL) { ++ if (verbose) { ++ printf("Failed to allocate memory for unchunked body\n"); ++ } ++ return NULL; ++ } ++ result_ptr = result; ++ } else { ++ void *tmp = realloc(result, overall_size); ++ if (tmp == NULL) { ++ if (verbose) { ++ printf("Failed to allocate memory for unchunked body\n"); ++ } ++ return NULL; ++ } ++ } ++ ++ memcpy(result_ptr, start_of_chunk, size_of_chunk); ++ result_ptr = result_ptr + size_of_chunk; ++ } ++ ++ return result ++} ++ + /* per RFC 2396 */ + #define URI_HTTP "%5[HTPShtps]" + #define URI_HOST \ + +From 6fc520c492efb1e1125f375480d52cf16f4f86d0 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Mon, 14 Nov 2022 00:32:44 +0100 +Subject: [PATCH 09/16] Undo sorting of header file includes, it breaks the + build + +--- + plugins/check_http.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 5710cfe17..5e4536e45 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -35,8 +35,10 @@ const char *progname = "check_http"; + const char *copyright = "1999-2022"; + const char *email = "devel@monitoring-plugins.org"; + +-#include "base64.h" ++// Do NOT sort those headers, it will break the build ++// TODO: Fix this + #include "common.h" ++#include "base64.h" + #include "netutils.h" + #include "utils.h" + #include + +From 9d362bf38b98a3df76bb5f5589b8505a45caa5a6 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Mon, 14 Nov 2022 00:33:26 +0100 +Subject: [PATCH 10/16] Fix type of unchunk_content function declaration + +--- + plugins/check_http.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 5e4536e45..3e021c56c 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -148,7 +148,7 @@ char *perfd_time_transfer(double microsec); + char *perfd_size(int page_len); + void print_help(void); + void print_usage(void); +-char *unchunk_content(char *content); ++char *unchunk_content(const char *content); + + int main(int argc, char **argv) { + int result = STATE_UNKNOWN; + +From 870c73e87e57dada8eb0a1bc597b2d2bcc358a37 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Mon, 14 Nov 2022 00:34:13 +0100 +Subject: [PATCH 11/16] Fix chunked header detection regex + +--- + plugins/check_http.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 3e021c56c..1f7bd0b34 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -1257,10 +1257,10 @@ int check_http(void) { + + // At this point we should test if the content is chunked and unchunk it, so + // it can be searched (and possibly printed) +- const char *chunked_header_regex_string = "Transfer-Encoding:\\s*chunked\\s*"CRLF; ++ const char *chunked_header_regex_string = "Transfer-Encoding: *chunked *"; + regex_t chunked_header_regex; + +- if (regcomp(&chunked_header_regex, chunked_header_regex_string, 0)) { ++ if (regcomp(&chunked_header_regex, chunked_header_regex_string, REG_ICASE)) { + die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to compile chunked_header_regex regex"); + } + + +From 701d0cfb8c229ca273b7c56571e47784cc62a024 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Mon, 14 Nov 2022 00:35:19 +0100 +Subject: [PATCH 12/16] Fix several bug in the implementation of unchunking + +--- + plugins/check_http.c | 18 ++++++++++++------ + 1 file changed, 12 insertions(+), 6 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index 1f7bd0b34..d5b6b3740 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -1267,11 +1267,15 @@ int check_http(void) { + regmatch_t chre_pmatch[1]; // We actually do not care about this, since we only want to know IF it was found + + if (regexec(&chunked_header_regex, header, 1, chre_pmatch, 0) == 0) { ++ if (verbose) { ++ printf("Found chunked content\n"); ++ } + // We actually found the chunked header + char *tmp = unchunk_content(page); + if (tmp == NULL) { + die(STATE_UNKNOWN, "HTTP %s: %s\n", state_text(STATE_UNKNOWN), "Failed to unchunk message body"); + } ++ page = tmp; + } + + if (strlen(string_expect) > 0) { +@@ -1374,9 +1378,10 @@ char *unchunk_content(const char *content) { + // https://www.rfc-editor.org/rfc/rfc7230#section-4.1 + char *result = NULL; + size_t content_length = strlen(content); +- char *start_of_chunk, end_of_chunk; ++ char *start_of_chunk; ++ char* end_of_chunk; + long size_of_chunk; +- char *pointer = content; ++ const char *pointer = content; + char *endptr; + long length_of_chunk = 0; + size_t overall_size = 0; +@@ -1396,13 +1401,12 @@ char *unchunk_content(const char *content) { + if (verbose) { + printf("Chunked content did not start with a number at all (Line: %u)\n", __LINE__); + } +- return NULL ++ return NULL; + } + + // So, we got the length of the chunk + if (*endptr == ';') { + // Chunk extension starts here +- // TODO + while (*endptr != '\r') { + endptr++; + } +@@ -1410,7 +1414,8 @@ char *unchunk_content(const char *content) { + + start_of_chunk = endptr + 2; + end_of_chunk = start_of_chunk + size_of_chunk; +- length_of_chunk = end_of_chunk - start_of_chunk; ++ length_of_chunk = (long)(end_of_chunk - start_of_chunk); ++ pointer = end_of_chunk + 2; //Next number should be here + + if (length_of_chunk == 0) { + // Chunk length is 0, so this is the last one +@@ -1442,7 +1447,8 @@ char *unchunk_content(const char *content) { + result_ptr = result_ptr + size_of_chunk; + } + +- return result ++ result[overall_size] = '\0'; ++ return result; + } + + /* per RFC 2396 */ + +From 5224a74ccd278ee085c1efd72f9bd77e3d832b15 Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Thu, 22 Dec 2022 11:40:19 +0100 +Subject: [PATCH 13/16] Undo clang formatting + +--- + plugins/check_http.c | 1635 ++++++++++++++++++++---------------------- + 1 file changed, 790 insertions(+), 845 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index d5b6b3740..dbaa0d780 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -1,35 +1,35 @@ + /***************************************************************************** +- * +- * Monitoring check_http plugin +- * +- * License: GPL +- * Copyright (c) 1999-2013 Monitoring Plugins Development Team +- * +- * Description: +- * +- * This file contains the check_http plugin +- * +- * This plugin tests the HTTP service on the specified host. It can test +- * normal (http) and secure (https) servers, follow redirects, search for +- * strings and regular expressions, check connection times, and report on +- * certificate expiration times. +- * +- * +- * This program is free software: you can redistribute it and/or modify +- * it under the terms of the GNU General Public License as published by +- * the Free Software Foundation, either version 3 of the License, or +- * (at your option) any later version. +- * +- * This program is distributed in the hope that it will be useful, +- * but WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +- * GNU General Public License for more details. +- * +- * You should have received a copy of the GNU General Public License +- * along with this program. If not, see . +- * +- * +- *****************************************************************************/ ++* ++* Monitoring check_http plugin ++* ++* License: GPL ++* Copyright (c) 1999-2013 Monitoring Plugins Development Team ++* ++* Description: ++* ++* This file contains the check_http plugin ++* ++* This plugin tests the HTTP service on the specified host. It can test ++* normal (http) and secure (https) servers, follow redirects, search for ++* strings and regular expressions, check connection times, and report on ++* certificate expiration times. ++* ++* ++* This program is free software: you can redistribute it and/or modify ++* it under the terms of the GNU General Public License as published by ++* the Free Software Foundation, either version 3 of the License, or ++* (at your option) any later version. ++* ++* This program is distributed in the hope that it will be useful, ++* but WITHOUT ANY WARRANTY; without even the implied warranty of ++* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++* GNU General Public License for more details. ++* ++* You should have received a copy of the GNU General Public License ++* along with this program. If not, see . ++* ++* ++*****************************************************************************/ + + const char *progname = "check_http"; + const char *copyright = "1999-2022"; +@@ -41,6 +41,7 @@ const char *email = "devel@monitoring-plugins.org"; + #include "base64.h" + #include "netutils.h" + #include "utils.h" ++#include "base64.h" + #include + + #define STICKY_NONE 0 +@@ -63,18 +64,19 @@ int ssl_version = 0; + int days_till_exp_warn, days_till_exp_crit; + char *randbuff; + X509 *server_cert; +-#define my_recv(buf, len) \ +- ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) +-#define my_send(buf, len) \ +- ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) ++# define my_recv(buf, len) ((use_ssl) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) ++# define my_send(buf, len) ((use_ssl) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) + #else /* ifndef HAVE_SSL */ +-#define my_recv(buf, len) read(sd, buf, len) +-#define my_send(buf, len) send(sd, buf, len, 0) ++# define my_recv(buf, len) read(sd, buf, len) ++# define my_send(buf, len) send(sd, buf, len, 0) + #endif /* HAVE_SSL */ + bool no_body = false; + int maximum_age = -1; + +-enum { REGS = 2, MAX_RE_SIZE = 1024 }; ++enum { ++ REGS = 2, ++ MAX_RE_SIZE = 1024 ++}; + #include "regex.h" + regex_t preg; + regmatch_t pmatch[REGS]; +@@ -134,68 +136,72 @@ char *client_cert = NULL; + char *client_privkey = NULL; + + // Forward function declarations +-bool process_arguments(int, char **); +-int check_http(void); +-void redir(char *pos, char *status_line); ++bool process_arguments (int, char **); ++int check_http (void); ++void redir (char *pos, char *status_line); + bool server_type_check(const char *type); + int server_port_check(int ssl_flag); +-char *perfd_time(double microsec); +-char *perfd_time_connect(double microsec); +-char *perfd_time_ssl(double microsec); +-char *perfd_time_firstbyte(double microsec); +-char *perfd_time_headers(double microsec); +-char *perfd_time_transfer(double microsec); +-char *perfd_size(int page_len); +-void print_help(void); +-void print_usage(void); ++char *perfd_time (double microsec); ++char *perfd_time_connect (double microsec); ++char *perfd_time_ssl (double microsec); ++char *perfd_time_firstbyte (double microsec); ++char *perfd_time_headers (double microsec); ++char *perfd_time_transfer (double microsec); ++char *perfd_size (int page_len); ++void print_help (void); ++void print_usage (void); + char *unchunk_content(const char *content); + +-int main(int argc, char **argv) { ++int ++main (int argc, char **argv) ++{ + int result = STATE_UNKNOWN; + +- setlocale(LC_ALL, ""); +- bindtextdomain(PACKAGE, LOCALEDIR); +- textdomain(PACKAGE); ++ setlocale (LC_ALL, ""); ++ bindtextdomain (PACKAGE, LOCALEDIR); ++ textdomain (PACKAGE); + +- /* Set default URL. Must be malloced for subsequent realloc if +- * --onredirect=follow */ ++ /* Set default URL. Must be malloced for subsequent realloc if --onredirect=follow */ + server_url = strdup(HTTP_URL); + server_url_length = strlen(server_url); +- xasprintf(&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", ++ xasprintf (&user_agent, "User-Agent: check_http/v%s (monitoring-plugins %s)", + NP_VERSION, VERSION); + + /* Parse extra opts if any */ +- argv = np_extra_opts(&argc, argv, progname); ++ argv=np_extra_opts (&argc, argv, progname); + +- if (process_arguments(argc, argv) == false) +- usage4(_("Could not parse arguments")); ++ if (process_arguments (argc, argv) == false) ++ usage4 (_("Could not parse arguments")); + + if (display_html == true) +- printf("", +- use_ssl ? "https" : "http", host_name ? host_name : server_address, +- server_port, server_url); ++ printf ("", ++ use_ssl ? "https" : "http", host_name ? host_name : server_address, ++ server_port, server_url); + + /* initialize alarm signal handling, set socket timeout, start timer */ +- (void)signal(SIGALRM, socket_timeout_alarm_handler); +- (void)alarm(socket_timeout); +- gettimeofday(&tv, NULL); ++ (void) signal (SIGALRM, socket_timeout_alarm_handler); ++ (void) alarm (socket_timeout); ++ gettimeofday (&tv, NULL); + +- result = check_http(); ++ result = check_http (); + return result; + } + + /* check whether a file exists */ +-void test_file(char *path) { ++void ++test_file (char *path) ++{ + if (access(path, R_OK) == 0) + return; +- usage2(_("file does not exist or is not readable"), path); ++ usage2 (_("file does not exist or is not readable"), path); + } + + /* + * process command-line arguments + * returns true on succes, false otherwise +- */ +-bool process_arguments(int argc, char **argv) { ++ */ ++bool process_arguments (int argc, char **argv) ++{ + int c = 1; + char *p; + char *temp; +@@ -209,85 +215,83 @@ bool process_arguments(int argc, char **argv) { + + int option = 0; + static struct option longopts[] = { +- STD_LONG_OPTS, +- {"link", no_argument, 0, 'L'}, +- {"nohtml", no_argument, 0, 'n'}, +- {"ssl", optional_argument, 0, 'S'}, +- {"sni", no_argument, 0, SNI_OPTION}, +- {"post", required_argument, 0, 'P'}, +- {"method", required_argument, 0, 'j'}, +- {"IP-address", required_argument, 0, 'I'}, +- {"url", required_argument, 0, 'u'}, +- {"port", required_argument, 0, 'p'}, +- {"authorization", required_argument, 0, 'a'}, +- {"proxy-authorization", required_argument, 0, 'b'}, +- {"header-string", required_argument, 0, 'd'}, +- {"string", required_argument, 0, 's'}, +- {"expect", required_argument, 0, 'e'}, +- {"regex", required_argument, 0, 'r'}, +- {"ereg", required_argument, 0, 'r'}, +- {"eregi", required_argument, 0, 'R'}, +- {"linespan", no_argument, 0, 'l'}, +- {"onredirect", required_argument, 0, 'f'}, +- {"certificate", required_argument, 0, 'C'}, +- {"client-cert", required_argument, 0, 'J'}, +- {"private-key", required_argument, 0, 'K'}, +- {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, +- {"useragent", required_argument, 0, 'A'}, +- {"header", required_argument, 0, 'k'}, +- {"no-body", no_argument, 0, 'N'}, +- {"max-age", required_argument, 0, 'M'}, +- {"content-type", required_argument, 0, 'T'}, +- {"pagesize", required_argument, 0, 'm'}, +- {"invert-regex", no_argument, NULL, INVERT_REGEX}, +- {"use-ipv4", no_argument, 0, '4'}, +- {"use-ipv6", no_argument, 0, '6'}, +- {"extended-perfdata", no_argument, 0, 'E'}, +- {"show-body", no_argument, 0, 'B'}, +- {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, +- {0, 0, 0, 0}}; ++ STD_LONG_OPTS, ++ {"link", no_argument, 0, 'L'}, ++ {"nohtml", no_argument, 0, 'n'}, ++ {"ssl", optional_argument, 0, 'S'}, ++ {"sni", no_argument, 0, SNI_OPTION}, ++ {"post", required_argument, 0, 'P'}, ++ {"method", required_argument, 0, 'j'}, ++ {"IP-address", required_argument, 0, 'I'}, ++ {"url", required_argument, 0, 'u'}, ++ {"port", required_argument, 0, 'p'}, ++ {"authorization", required_argument, 0, 'a'}, ++ {"proxy-authorization", required_argument, 0, 'b'}, ++ {"header-string", required_argument, 0, 'd'}, ++ {"string", required_argument, 0, 's'}, ++ {"expect", required_argument, 0, 'e'}, ++ {"regex", required_argument, 0, 'r'}, ++ {"ereg", required_argument, 0, 'r'}, ++ {"eregi", required_argument, 0, 'R'}, ++ {"linespan", no_argument, 0, 'l'}, ++ {"onredirect", required_argument, 0, 'f'}, ++ {"certificate", required_argument, 0, 'C'}, ++ {"client-cert", required_argument, 0, 'J'}, ++ {"private-key", required_argument, 0, 'K'}, ++ {"continue-after-certificate", no_argument, 0, CONTINUE_AFTER_CHECK_CERT}, ++ {"useragent", required_argument, 0, 'A'}, ++ {"header", required_argument, 0, 'k'}, ++ {"no-body", no_argument, 0, 'N'}, ++ {"max-age", required_argument, 0, 'M'}, ++ {"content-type", required_argument, 0, 'T'}, ++ {"pagesize", required_argument, 0, 'm'}, ++ {"invert-regex", no_argument, NULL, INVERT_REGEX}, ++ {"use-ipv4", no_argument, 0, '4'}, ++ {"use-ipv6", no_argument, 0, '6'}, ++ {"extended-perfdata", no_argument, 0, 'E'}, ++ {"show-body", no_argument, 0, 'B'}, ++ {"max-redirs", required_argument, 0, MAX_REDIRS_OPTION}, ++ {0, 0, 0, 0} ++ }; + + if (argc < 2) + return false; + + for (c = 1; c < argc; c++) { +- if (strcmp("-to", argv[c]) == 0) +- strcpy(argv[c], "-t"); +- if (strcmp("-hn", argv[c]) == 0) +- strcpy(argv[c], "-H"); +- if (strcmp("-wt", argv[c]) == 0) +- strcpy(argv[c], "-w"); +- if (strcmp("-ct", argv[c]) == 0) +- strcpy(argv[c], "-c"); +- if (strcmp("-nohtml", argv[c]) == 0) +- strcpy(argv[c], "-n"); ++ if (strcmp ("-to", argv[c]) == 0) ++ strcpy (argv[c], "-t"); ++ if (strcmp ("-hn", argv[c]) == 0) ++ strcpy (argv[c], "-H"); ++ if (strcmp ("-wt", argv[c]) == 0) ++ strcpy (argv[c], "-w"); ++ if (strcmp ("-ct", argv[c]) == 0) ++ strcpy (argv[c], "-c"); ++ if (strcmp ("-nohtml", argv[c]) == 0) ++ strcpy (argv[c], "-n"); + } + + while (1) { +- c = getopt_long( +- argc, argv, +- "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", +- longopts, &option); ++ c = getopt_long (argc, argv, "Vvh46t:c:w:A:k:H:P:j:T:I:a:b:d:e:p:s:R:r:u:f:C:J:K:nlLS::m:M:NEB", longopts, &option); + if (c == -1 || c == EOF) + break; + + switch (c) { + case '?': /* usage */ +- usage5(); ++ usage5 (); + break; + case 'h': /* help */ +- print_help(); +- exit(STATE_UNKNOWN); ++ print_help (); ++ exit (STATE_UNKNOWN); + break; + case 'V': /* version */ +- print_revision(progname, NP_VERSION); +- exit(STATE_UNKNOWN); ++ print_revision (progname, NP_VERSION); ++ exit (STATE_UNKNOWN); + break; + case 't': /* timeout period */ +- if (!is_intnonneg(optarg)) +- usage2(_("Timeout interval must be a positive integer"), optarg); ++ if (!is_intnonneg (optarg)) ++ usage2 (_("Timeout interval must be a positive integer"), optarg); + else +- socket_timeout = atoi(optarg); ++ socket_timeout = atoi (optarg); + break; + case 'c': /* critical time threshold */ + critical_thresholds = optarg; +@@ -296,14 +300,13 @@ bool process_arguments(int argc, char **argv) { + warning_thresholds = optarg; + break; + case 'A': /* User Agent String */ +- xasprintf(&user_agent, "User-Agent: %s", optarg); ++ xasprintf (&user_agent, "User-Agent: %s", optarg); + break; + case 'k': /* Additional headers */ + if (http_opt_headers_count == 0) +- http_opt_headers = malloc(sizeof(char *) * (++http_opt_headers_count)); ++ http_opt_headers = malloc (sizeof (char *) * (++http_opt_headers_count)); + else +- http_opt_headers = realloc(http_opt_headers, +- sizeof(char *) * (++http_opt_headers_count)); ++ http_opt_headers = realloc (http_opt_headers, sizeof (char *) * (++http_opt_headers_count)); + http_opt_headers[http_opt_headers_count - 1] = optarg; + /* xasprintf (&http_opt_headers, "%s", optarg); */ + break; +@@ -315,27 +318,27 @@ bool process_arguments(int argc, char **argv) { + break; + case 'C': /* Check SSL cert validity */ + #ifdef HAVE_SSL +- if ((temp = strchr(optarg, ',')) != NULL) { +- *temp = '\0'; +- if (!is_intnonneg(optarg)) +- usage2(_("Invalid certificate expiration period"), optarg); ++ if ((temp=strchr(optarg,','))!=NULL) { ++ *temp='\0'; ++ if (!is_intnonneg (optarg)) ++ usage2 (_("Invalid certificate expiration period"), optarg); + days_till_exp_warn = atoi(optarg); +- *temp = ','; ++ *temp=','; + temp++; +- if (!is_intnonneg(temp)) +- usage2(_("Invalid certificate expiration period"), temp); +- days_till_exp_crit = atoi(temp); +- } else { +- days_till_exp_crit = 0; +- if (!is_intnonneg(optarg)) +- usage2(_("Invalid certificate expiration period"), optarg); +- days_till_exp_warn = atoi(optarg); ++ if (!is_intnonneg (temp)) ++ usage2 (_("Invalid certificate expiration period"), temp); ++ days_till_exp_crit = atoi (temp); ++ } ++ else { ++ days_till_exp_crit=0; ++ if (!is_intnonneg (optarg)) ++ usage2 (_("Invalid certificate expiration period"), optarg); ++ days_till_exp_warn = atoi (optarg); + } + check_cert = true; + goto enable_ssl; + #endif +- case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is +- checked */ ++ case CONTINUE_AFTER_CHECK_CERT: /* don't stop after the certificate is checked */ + #ifdef HAVE_SSL + continue_after_check_cert = true; + break; +@@ -355,16 +358,15 @@ bool process_arguments(int argc, char **argv) { + case 'S': /* use SSL */ + #ifdef HAVE_SSL + enable_ssl: +- /* ssl_version initialized to 0 as a default. Only set if it's non-zero. +- This helps when we include multiple parameters, like -S and -C +- combinations */ ++ /* ssl_version initialized to 0 as a default. Only set if it's non-zero. This helps when we include multiple ++ parameters, like -S and -C combinations */ + use_ssl = true; +- if (c == 'S' && optarg != NULL) { ++ if (c=='S' && optarg != NULL) { + int got_plus = strchr(optarg, '+') != NULL; + +- if (!strncmp(optarg, "1.2", 3)) ++ if (!strncmp (optarg, "1.2", 3)) + ssl_version = got_plus ? MP_TLSv1_2_OR_NEWER : MP_TLSv1_2; +- else if (!strncmp(optarg, "1.1", 3)) ++ else if (!strncmp (optarg, "1.1", 3)) + ssl_version = got_plus ? MP_TLSv1_1_OR_NEWER : MP_TLSv1_1; + else if (optarg[0] == '1') + ssl_version = got_plus ? MP_TLSv1_OR_NEWER : MP_TLSv1; +@@ -373,104 +375,101 @@ bool process_arguments(int argc, char **argv) { + else if (optarg[0] == '2') + ssl_version = got_plus ? MP_SSLv2_OR_NEWER : MP_SSLv2; + else +- usage4(_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 " +- "(with optional '+' suffix)")); ++ usage4 (_("Invalid option - Valid SSL/TLS versions: 2, 3, 1, 1.1, 1.2 (with optional '+' suffix)")); + } + if (specify_port == false) + server_port = HTTPS_PORT; + #else + /* -C -J and -K fall through to here without SSL */ +- usage4(_("Invalid option - SSL is not available")); ++ usage4 (_("Invalid option - SSL is not available")); + #endif + break; + case SNI_OPTION: + use_sni = true; + break; + case MAX_REDIRS_OPTION: +- if (!is_intnonneg(optarg)) +- usage2(_("Invalid max_redirs count"), optarg); ++ if (!is_intnonneg (optarg)) ++ usage2 (_("Invalid max_redirs count"), optarg); + else { +- max_depth = atoi(optarg); ++ max_depth = atoi (optarg); + } +- break; ++ break; + case 'f': /* onredirect */ +- if (!strcmp(optarg, "stickyport")) +- onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST | STICKY_PORT; +- else if (!strcmp(optarg, "sticky")) ++ if (!strcmp (optarg, "stickyport")) ++ onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST|STICKY_PORT; ++ else if (!strcmp (optarg, "sticky")) + onredirect = STATE_DEPENDENT, followsticky = STICKY_HOST; +- else if (!strcmp(optarg, "follow")) ++ else if (!strcmp (optarg, "follow")) + onredirect = STATE_DEPENDENT, followsticky = STICKY_NONE; +- else if (!strcmp(optarg, "unknown")) ++ else if (!strcmp (optarg, "unknown")) + onredirect = STATE_UNKNOWN; +- else if (!strcmp(optarg, "ok")) ++ else if (!strcmp (optarg, "ok")) + onredirect = STATE_OK; +- else if (!strcmp(optarg, "warning")) ++ else if (!strcmp (optarg, "warning")) + onredirect = STATE_WARNING; +- else if (!strcmp(optarg, "critical")) ++ else if (!strcmp (optarg, "critical")) + onredirect = STATE_CRITICAL; +- else +- usage2(_("Invalid onredirect option"), optarg); ++ else usage2 (_("Invalid onredirect option"), optarg); + if (verbose) + printf(_("option f:%d \n"), onredirect); + break; + /* Note: H, I, and u must be malloc'd or will fail on redirects */ + case 'H': /* Host Name (virtual host) */ +- host_name = strdup(optarg); ++ host_name = strdup (optarg); + if (host_name[0] == '[') { +- if ((p = strstr(host_name, "]:")) != NULL) { /* [IPv6]:port */ +- virtual_port = atoi(p + 2); ++ if ((p = strstr (host_name, "]:")) != NULL) { /* [IPv6]:port */ ++ virtual_port = atoi (p + 2); + /* cut off the port */ +- host_name_length = strlen(host_name) - strlen(p) - 1; +- free(host_name); +- host_name = strndup(optarg, host_name_length); ++ host_name_length = strlen (host_name) - strlen (p) - 1; ++ free (host_name); ++ host_name = strndup (optarg, host_name_length); ++ if (specify_port == false) ++ server_port = virtual_port; ++ } ++ } else if ((p = strchr (host_name, ':')) != NULL ++ && strchr (++p, ':') == NULL) { /* IPv4:port or host:port */ ++ virtual_port = atoi (p); ++ /* cut off the port */ ++ host_name_length = strlen (host_name) - strlen (p) - 1; ++ free (host_name); ++ host_name = strndup (optarg, host_name_length); + if (specify_port == false) + server_port = virtual_port; + } +- } else if ((p = strchr(host_name, ':')) != NULL && +- strchr(++p, ':') == NULL) { /* IPv4:port or host:port */ +- virtual_port = atoi(p); +- /* cut off the port */ +- host_name_length = strlen(host_name) - strlen(p) - 1; +- free(host_name); +- host_name = strndup(optarg, host_name_length); +- if (specify_port == false) +- server_port = virtual_port; +- } + break; + case 'I': /* Server IP-address */ +- server_address = strdup(optarg); ++ server_address = strdup (optarg); + break; + case 'u': /* URL path */ +- server_url = strdup(optarg); +- server_url_length = strlen(server_url); ++ server_url = strdup (optarg); ++ server_url_length = strlen (server_url); + break; + case 'p': /* Server port */ +- if (!is_intnonneg(optarg)) +- usage2(_("Invalid port number"), optarg); ++ if (!is_intnonneg (optarg)) ++ usage2 (_("Invalid port number"), optarg); + else { +- server_port = atoi(optarg); ++ server_port = atoi (optarg); + specify_port = true; + } + break; + case 'a': /* authorization info */ +- strncpy(user_auth, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy (user_auth, optarg, MAX_INPUT_BUFFER - 1); + user_auth[MAX_INPUT_BUFFER - 1] = 0; + break; + case 'b': /* proxy-authorization info */ +- strncpy(proxy_auth, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy (proxy_auth, optarg, MAX_INPUT_BUFFER - 1); + proxy_auth[MAX_INPUT_BUFFER - 1] = 0; + break; +- case 'P': /* HTTP POST data in URL encoded format; ignored if settings +- already */ +- if (!http_post_data) +- http_post_data = strdup(optarg); +- if (!http_method) ++ case 'P': /* HTTP POST data in URL encoded format; ignored if settings already */ ++ if (! http_post_data) ++ http_post_data = strdup (optarg); ++ if (! http_method) + http_method = strdup("POST"); + break; + case 'j': /* Set HTTP method */ + if (http_method) + free(http_method); +- http_method = strdup(optarg); ++ http_method = strdup (optarg); + char *tmp; + if ((tmp = strstr(http_method, ":")) > 0) { + tmp[0] = '\0'; +@@ -479,20 +478,20 @@ bool process_arguments(int argc, char **argv) { + } + break; + case 'd': /* string or substring */ +- strncpy(header_expect, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy (header_expect, optarg, MAX_INPUT_BUFFER - 1); + header_expect[MAX_INPUT_BUFFER - 1] = 0; + break; + case 's': /* string or substring */ +- strncpy(string_expect, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy (string_expect, optarg, MAX_INPUT_BUFFER - 1); + string_expect[MAX_INPUT_BUFFER - 1] = 0; + break; + case 'e': /* string or substring */ +- strncpy(server_expect, optarg, MAX_INPUT_BUFFER - 1); ++ strncpy (server_expect, optarg, MAX_INPUT_BUFFER - 1); + server_expect[MAX_INPUT_BUFFER - 1] = 0; + server_expect_yn = 1; + break; + case 'T': /* Content-type */ +- xasprintf(&http_content_type, "%s", optarg); ++ xasprintf (&http_content_type, "%s", optarg); + break; + case 'l': /* linespan */ + cflags &= ~REG_NEWLINE; +@@ -500,12 +499,12 @@ bool process_arguments(int argc, char **argv) { + case 'R': /* regex */ + cflags |= REG_ICASE; + case 'r': /* regex */ +- strncpy(regexp, optarg, MAX_RE_SIZE - 1); ++ strncpy (regexp, optarg, MAX_RE_SIZE - 1); + regexp[MAX_RE_SIZE - 1] = 0; +- errcode = regcomp(&preg, regexp, cflags); ++ errcode = regcomp (&preg, regexp, cflags); + if (errcode != 0) { +- (void)regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER); +- printf(_("Could Not Compile Regular Expression: %s"), errbuf); ++ (void) regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); ++ printf (_("Could Not Compile Regular Expression: %s"), errbuf); + return false; + } + break; +@@ -519,53 +518,55 @@ bool process_arguments(int argc, char **argv) { + #ifdef USE_IPV6 + address_family = AF_INET6; + #else +- usage4(_("IPv6 support not available")); ++ usage4 (_("IPv6 support not available")); + #endif + break; + case 'v': /* verbose */ + verbose = true; + break; + case 'm': /* min_page_length */ +- { ++ { + char *tmp; + if (strchr(optarg, ':') != (char *)NULL) { + /* range, so get two values, min:max */ + tmp = strtok(optarg, ":"); + if (tmp == NULL) { + printf("Bad format: try \"-m min:max\"\n"); +- exit(STATE_WARNING); ++ exit (STATE_WARNING); + } else + min_page_len = atoi(tmp); + + tmp = strtok(NULL, ":"); + if (tmp == NULL) { + printf("Bad format: try \"-m min:max\"\n"); +- exit(STATE_WARNING); ++ exit (STATE_WARNING); + } else + max_page_len = atoi(tmp); + } else +- min_page_len = atoi(optarg); ++ min_page_len = atoi (optarg); + break; +- } ++ } + case 'N': /* no-body */ + no_body = true; + break; + case 'M': /* max-age */ +- { +- int L = strlen(optarg); +- if (L && optarg[L - 1] == 'm') +- maximum_age = atoi(optarg) * 60; +- else if (L && optarg[L - 1] == 'h') +- maximum_age = atoi(optarg) * 60 * 60; +- else if (L && optarg[L - 1] == 'd') +- maximum_age = atoi(optarg) * 60 * 60 * 24; +- else if (L && (optarg[L - 1] == 's' || isdigit(optarg[L - 1]))) +- maximum_age = atoi(optarg); +- else { +- fprintf(stderr, "unparsable max-age: %s\n", optarg); +- exit(STATE_WARNING); +- } +- } break; ++ { ++ int L = strlen(optarg); ++ if (L && optarg[L-1] == 'm') ++ maximum_age = atoi (optarg) * 60; ++ else if (L && optarg[L-1] == 'h') ++ maximum_age = atoi (optarg) * 60 * 60; ++ else if (L && optarg[L-1] == 'd') ++ maximum_age = atoi (optarg) * 60 * 60 * 24; ++ else if (L && (optarg[L-1] == 's' || ++ isdigit (optarg[L-1]))) ++ maximum_age = atoi (optarg); ++ else { ++ fprintf (stderr, "unparsable max-age: %s\n", optarg); ++ exit (STATE_WARNING); ++ } ++ } ++ break; + case 'E': /* show extended perfdata */ + show_extended_perfdata = true; + break; +@@ -578,32 +579,31 @@ bool process_arguments(int argc, char **argv) { + c = optind; + + if (server_address == NULL && c < argc) +- server_address = strdup(argv[c++]); ++ server_address = strdup (argv[c++]); + + if (host_name == NULL && c < argc) +- host_name = strdup(argv[c++]); ++ host_name = strdup (argv[c++]); + + if (server_address == NULL) { + if (host_name == NULL) +- usage4(_("You must specify a server address or host name")); ++ usage4 (_("You must specify a server address or host name")); + else +- server_address = strdup(host_name); ++ server_address = strdup (host_name); + } + + set_thresholds(&thlds, warning_thresholds, critical_thresholds); + +- if (critical_thresholds && thlds->critical->end > (double)socket_timeout) ++ if (critical_thresholds && thlds->critical->end>(double)socket_timeout) + socket_timeout = (int)thlds->critical->end + 1; + + if (http_method == NULL) +- http_method = strdup("GET"); ++ http_method = strdup ("GET"); + + if (http_method_proxy == NULL) +- http_method_proxy = strdup("GET"); ++ http_method_proxy = strdup ("GET"); + + if (client_cert && !client_privkey) +- usage4(_("If you use a client certificate you must also specify a private " +- "key file")); ++ usage4 (_("If you use a client certificate you must also specify a private key file")); + + if (virtual_port == 0) + virtual_port = server_port; +@@ -611,68 +611,89 @@ bool process_arguments(int argc, char **argv) { + return true; + } + ++ ++ + /* Returns 1 if we're done processing the document body; 0 to keep going */ +-static int document_headers_done(char *full_page) { ++static int ++document_headers_done (char *full_page) ++{ + const char *body; + + for (body = full_page; *body; body++) { +- if (!strncmp(body, "\n\n", 2) || !strncmp(body, "\n\r\n", 3)) ++ if (!strncmp (body, "\n\n", 2) || !strncmp (body, "\n\r\n", 3)) + break; + } + + if (!*body) +- return 0; /* haven't read end of headers yet */ ++ return 0; /* haven't read end of headers yet */ + + full_page[body - full_page] = 0; + return 1; + } + +-static time_t parse_time_string(const char *string) { ++static time_t ++parse_time_string (const char *string) ++{ + struct tm tm; + time_t t; +- memset(&tm, 0, sizeof(tm)); ++ memset (&tm, 0, sizeof(tm)); + + /* Like this: Tue, 25 Dec 2001 02:59:03 GMT */ + +- if (isupper(string[0]) && /* Tue */ +- islower(string[1]) && islower(string[2]) && ',' == string[3] && +- ' ' == string[4] && (isdigit(string[5]) || string[5] == ' ') && /* 25 */ +- isdigit(string[6]) && ' ' == string[7] && isupper(string[8]) && /* Dec */ +- islower(string[9]) && islower(string[10]) && ' ' == string[11] && +- isdigit(string[12]) && /* 2001 */ +- isdigit(string[13]) && isdigit(string[14]) && isdigit(string[15]) && +- ' ' == string[16] && isdigit(string[17]) && /* 02: */ +- isdigit(string[18]) && ':' == string[19] && +- isdigit(string[20]) && /* 59: */ +- isdigit(string[21]) && ':' == string[22] && +- isdigit(string[23]) && /* 03 */ +- isdigit(string[24]) && ' ' == string[25] && 'G' == string[26] && /* GMT */ +- 'M' == string[27] && /* GMT */ +- 'T' == string[28]) { +- +- tm.tm_sec = 10 * (string[23] - '0') + (string[24] - '0'); +- tm.tm_min = 10 * (string[20] - '0') + (string[21] - '0'); +- tm.tm_hour = 10 * (string[17] - '0') + (string[18] - '0'); +- tm.tm_mday = +- 10 * (string[5] == ' ' ? 0 : string[5] - '0') + (string[6] - '0'); +- tm.tm_mon = (!strncmp(string + 8, "Jan", 3) ? 0 +- : !strncmp(string + 8, "Feb", 3) ? 1 +- : !strncmp(string + 8, "Mar", 3) ? 2 +- : !strncmp(string + 8, "Apr", 3) ? 3 +- : !strncmp(string + 8, "May", 3) ? 4 +- : !strncmp(string + 8, "Jun", 3) ? 5 +- : !strncmp(string + 8, "Jul", 3) ? 6 +- : !strncmp(string + 8, "Aug", 3) ? 7 +- : !strncmp(string + 8, "Sep", 3) ? 8 +- : !strncmp(string + 8, "Oct", 3) ? 9 +- : !strncmp(string + 8, "Nov", 3) ? 10 +- : !strncmp(string + 8, "Dec", 3) ? 11 +- : -1); +- tm.tm_year = ((1000 * (string[12] - '0') + 100 * (string[13] - '0') + +- 10 * (string[14] - '0') + (string[15] - '0')) - +- 1900); +- +- tm.tm_isdst = 0; /* GMT is never in DST, right? */ ++ if (isupper (string[0]) && /* Tue */ ++ islower (string[1]) && ++ islower (string[2]) && ++ ',' == string[3] && ++ ' ' == string[4] && ++ (isdigit(string[5]) || string[5] == ' ') && /* 25 */ ++ isdigit (string[6]) && ++ ' ' == string[7] && ++ isupper (string[8]) && /* Dec */ ++ islower (string[9]) && ++ islower (string[10]) && ++ ' ' == string[11] && ++ isdigit (string[12]) && /* 2001 */ ++ isdigit (string[13]) && ++ isdigit (string[14]) && ++ isdigit (string[15]) && ++ ' ' == string[16] && ++ isdigit (string[17]) && /* 02: */ ++ isdigit (string[18]) && ++ ':' == string[19] && ++ isdigit (string[20]) && /* 59: */ ++ isdigit (string[21]) && ++ ':' == string[22] && ++ isdigit (string[23]) && /* 03 */ ++ isdigit (string[24]) && ++ ' ' == string[25] && ++ 'G' == string[26] && /* GMT */ ++ 'M' == string[27] && /* GMT */ ++ 'T' == string[28]) { ++ ++ tm.tm_sec = 10 * (string[23]-'0') + (string[24]-'0'); ++ tm.tm_min = 10 * (string[20]-'0') + (string[21]-'0'); ++ tm.tm_hour = 10 * (string[17]-'0') + (string[18]-'0'); ++ tm.tm_mday = 10 * (string[5] == ' ' ? 0 : string[5]-'0') + (string[6]-'0'); ++ tm.tm_mon = (!strncmp (string+8, "Jan", 3) ? 0 : ++ !strncmp (string+8, "Feb", 3) ? 1 : ++ !strncmp (string+8, "Mar", 3) ? 2 : ++ !strncmp (string+8, "Apr", 3) ? 3 : ++ !strncmp (string+8, "May", 3) ? 4 : ++ !strncmp (string+8, "Jun", 3) ? 5 : ++ !strncmp (string+8, "Jul", 3) ? 6 : ++ !strncmp (string+8, "Aug", 3) ? 7 : ++ !strncmp (string+8, "Sep", 3) ? 8 : ++ !strncmp (string+8, "Oct", 3) ? 9 : ++ !strncmp (string+8, "Nov", 3) ? 10 : ++ !strncmp (string+8, "Dec", 3) ? 11 : ++ -1); ++ tm.tm_year = ((1000 * (string[12]-'0') + ++ 100 * (string[13]-'0') + ++ 10 * (string[14]-'0') + ++ (string[15]-'0')) ++ - 1900); ++ ++ tm.tm_isdst = 0; /* GMT is never in DST, right? */ + + if (tm.tm_mon < 0 || tm.tm_mday < 1 || tm.tm_mday > 31) + return 0; +@@ -684,15 +705,14 @@ static time_t parse_time_string(const char *string) { + so it doesn't matter what time zone we parse them in. + */ + +- t = mktime(&tm); +- if (t == (time_t)-1) +- t = 0; ++ t = mktime (&tm); ++ if (t == (time_t) -1) t = 0; + + if (verbose) { + const char *s = string; + while (*s && *s != '\r' && *s != '\n') +- fputc(*s++, stdout); +- printf(" ==> %lu\n", (unsigned long)t); ++ fputc (*s++, stdout); ++ printf (" ==> %lu\n", (unsigned long) t); + } + + return t; +@@ -703,24 +723,28 @@ static time_t parse_time_string(const char *string) { + } + + /* Checks if the server 'reply' is one of the expected 'statuscodes' */ +-static int expected_statuscode(const char *reply, const char *statuscodes) { ++static int ++expected_statuscode (const char *reply, const char *statuscodes) ++{ + char *expected, *code; + int result = 0; + +- if ((expected = strdup(statuscodes)) == NULL) +- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); ++ if ((expected = strdup (statuscodes)) == NULL) ++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); + +- for (code = strtok(expected, ","); code != NULL; code = strtok(NULL, ",")) +- if (strstr(reply, code) != NULL) { ++ for (code = strtok (expected, ","); code != NULL; code = strtok (NULL, ",")) ++ if (strstr (reply, code) != NULL) { + result = 1; + break; + } + +- free(expected); ++ free (expected); + return result; + } + +-static int check_document_dates(const char *headers, char **msg) { ++static int ++check_document_dates (const char *headers, char **msg) ++{ + const char *s; + char *server_date = 0; + char *document_date = 0; +@@ -748,78 +772,73 @@ static int check_document_dates(const char *headers, char **msg) { + s++; + + /* Process this header. */ +- if (value && value > field + 2) { +- char *ff = (char *)malloc(value - field); ++ if (value && value > field+2) { ++ char *ff = (char *) malloc (value-field); + char *ss = ff; +- while (field < value - 1) ++ while (field < value-1) + *ss++ = tolower(*field++); + *ss++ = 0; + +- if (!strcmp(ff, "date") || !strcmp(ff, "last-modified")) { ++ if (!strcmp (ff, "date") || !strcmp (ff, "last-modified")) { + const char *e; +- while (*value && isspace(*value)) ++ while (*value && isspace (*value)) + value++; + for (e = value; *e && *e != '\r' && *e != '\n'; e++) + ; +- ss = (char *)malloc(e - value + 1); +- strncpy(ss, value, e - value); ++ ss = (char *) malloc (e - value + 1); ++ strncpy (ss, value, e - value); + ss[e - value] = 0; +- if (!strcmp(ff, "date")) { +- if (server_date) +- free(server_date); ++ if (!strcmp (ff, "date")) { ++ if (server_date) free (server_date); + server_date = ss; + } else { +- if (document_date) +- free(document_date); ++ if (document_date) free (document_date); + document_date = ss; + } + } +- free(ff); ++ free (ff); + } + } + + /* Done parsing the body. Now check the dates we (hopefully) parsed. */ + if (!server_date || !*server_date) { +- xasprintf(msg, _("%sServer date unknown, "), *msg); ++ xasprintf (msg, _("%sServer date unknown, "), *msg); + date_result = max_state_alt(STATE_UNKNOWN, date_result); + } else if (!document_date || !*document_date) { +- xasprintf(msg, _("%sDocument modification date unknown, "), *msg); ++ xasprintf (msg, _("%sDocument modification date unknown, "), *msg); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else { +- time_t srv_data = parse_time_string(server_date); +- time_t doc_data = parse_time_string(document_date); ++ time_t srv_data = parse_time_string (server_date); ++ time_t doc_data = parse_time_string (document_date); + + if (srv_data <= 0) { +- xasprintf(msg, _("%sServer date \"%100s\" unparsable, "), *msg, +- server_date); ++ xasprintf (msg, _("%sServer date \"%100s\" unparsable, "), *msg, server_date); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data <= 0) { +- xasprintf(msg, _("%sDocument date \"%100s\" unparsable, "), *msg, +- document_date); ++ xasprintf (msg, _("%sDocument date \"%100s\" unparsable, "), *msg, document_date); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data > srv_data + 30) { +- xasprintf(msg, _("%sDocument is %d seconds in the future, "), *msg, +- (int)doc_data - (int)srv_data); ++ xasprintf (msg, _("%sDocument is %d seconds in the future, "), *msg, (int)doc_data - (int)srv_data); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else if (doc_data < srv_data - maximum_age) { + int n = (srv_data - doc_data); + if (n > (60 * 60 * 24 * 2)) { +- xasprintf(msg, _("%sLast modified %.1f days ago, "), *msg, +- ((float)n) / (60 * 60 * 24)); ++ xasprintf (msg, _("%sLast modified %.1f days ago, "), *msg, ((float) n) / (60 * 60 * 24)); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } else { +- xasprintf(msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, +- n / (60 * 60), (n / 60) % 60, n % 60); ++ xasprintf (msg, _("%sLast modified %d:%02d:%02d ago, "), *msg, n / (60 * 60), (n / 60) % 60, n % 60); + date_result = max_state_alt(STATE_CRITICAL, date_result); + } + } +- free(server_date); +- free(document_date); ++ free (server_date); ++ free (document_date); + } + return date_result; + } + +-int get_content_length(const char *headers) { ++int ++get_content_length (const char *headers) ++{ + const char *s; + int content_length = 0; + +@@ -845,46 +864,50 @@ int get_content_length(const char *headers) { + s++; + + /* Process this header. */ +- if (value && value > field + 2) { +- char *ff = (char *)malloc(value - field); ++ if (value && value > field+2) { ++ char *ff = (char *) malloc (value-field); + char *ss = ff; +- while (field < value - 1) ++ while (field < value-1) + *ss++ = tolower(*field++); + *ss++ = 0; + +- if (!strcmp(ff, "content-length")) { ++ if (!strcmp (ff, "content-length")) { + const char *e; +- while (*value && isspace(*value)) ++ while (*value && isspace (*value)) + value++; + for (e = value; *e && *e != '\r' && *e != '\n'; e++) + ; +- ss = (char *)malloc(e - value + 1); +- strncpy(ss, value, e - value); ++ ss = (char *) malloc (e - value + 1); ++ strncpy (ss, value, e - value); + ss[e - value] = 0; + content_length = atoi(ss); +- free(ss); ++ free (ss); + } +- free(ff); ++ free (ff); + } + } + return (content_length); + } + +-char *prepend_slash(char *path) { ++char * ++prepend_slash (char *path) ++{ + char *newpath; + + if (path[0] == '/') + return path; + +- if ((newpath = malloc(strlen(path) + 2)) == NULL) +- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); ++ if ((newpath = malloc (strlen(path) + 2)) == NULL) ++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n")); + newpath[0] = '/'; +- strcpy(newpath + 1, path); +- free(path); ++ strcpy (newpath + 1, path); ++ free (path); + return newpath; + } + +-int check_http(void) { ++int ++check_http (void) ++{ + char *msg; + char *status_line; + char *status_code; +@@ -915,73 +938,62 @@ int check_http(void) { + char *force_host_header = NULL; + + /* try to connect to the host at the given port number */ +- gettimeofday(&tv_temp, NULL); +- if (my_tcp_connect(server_address, server_port, &sd) != STATE_OK) +- die(STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); +- microsec_connect = deltime(tv_temp); ++ gettimeofday (&tv_temp, NULL); ++ if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK) ++ die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); ++ microsec_connect = deltime (tv_temp); + +- /* if we are called with the -I option, the -j method is CONNECT and */ +- /* we received -S for SSL, then we tunnel the request through a proxy*/ +- /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ ++ /* if we are called with the -I option, the -j method is CONNECT and */ ++ /* we received -S for SSL, then we tunnel the request through a proxy*/ ++ /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto */ + +- if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && +- host_name != NULL && use_ssl == true) { ++ if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 ++ && host_name != NULL && use_ssl == true) { + +- if (verbose) +- printf("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", +- server_address, server_port, host_name, HTTPS_PORT); +- asprintf(&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, +- HTTPS_PORT, user_agent); ++ if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT); ++ asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent); + if (strlen(proxy_auth)) { +- base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth); +- xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); ++ base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); ++ xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); + } + /* optionally send any other header tag */ + if (http_opt_headers_count) { +- for (i = 0; i < http_opt_headers_count; i++) { ++ for (i = 0; i < http_opt_headers_count ; i++) { + if (force_host_header != http_opt_headers[i]) { +- xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]); ++ xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); + } + } +- /* This cannot be free'd here because a redirection will then try to +- * access this and segfault */ ++ /* This cannot be free'd here because a redirection will then try to access this and segfault */ + /* Covered in a testcase in tests/check_http.t */ + /* free(http_opt_headers); */ + } +- asprintf(&buf, "%sProxy-Connection: keep-alive\r\n", buf); +- asprintf(&buf, "%sHost: %s\r\n", buf, host_name); ++ asprintf (&buf, "%sProxy-Connection: keep-alive\r\n", buf); ++ asprintf (&buf, "%sHost: %s\r\n", buf, host_name); + /* we finished our request, send empty line with CRLF */ +- asprintf(&buf, "%s%s", buf, CRLF); +- if (verbose) +- printf("%s\n", buf); +- send(sd, buf, strlen(buf), 0); +- buf[0] = '\0'; +- +- if (verbose) +- printf("Receive response from proxy\n"); +- read(sd, buffer, MAX_INPUT_BUFFER - 1); +- if (verbose) +- printf("%s", buffer); ++ asprintf (&buf, "%s%s", buf, CRLF); ++ if (verbose) printf ("%s\n", buf); ++ send(sd, buf, strlen (buf), 0); ++ buf[0]='\0'; ++ ++ if (verbose) printf ("Receive response from proxy\n"); ++ read (sd, buffer, MAX_INPUT_BUFFER-1); ++ if (verbose) printf ("%s", buffer); + /* Here we should check if we got HTTP/1.1 200 Connection established */ + } + #ifdef HAVE_SSL + elapsed_time_connect = (double)microsec_connect / 1.0e6; + if (use_ssl == true) { +- gettimeofday(&tv_temp, NULL); +- result = np_net_ssl_init_with_hostname_version_and_cert( +- sd, (use_sni ? host_name : NULL), ssl_version, client_cert, +- client_privkey); +- if (verbose) +- printf("SSL initialized\n"); ++ gettimeofday (&tv_temp, NULL); ++ result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey); ++ if (verbose) printf ("SSL initialized\n"); + if (result != STATE_OK) +- die(STATE_CRITICAL, NULL); +- microsec_ssl = deltime(tv_temp); ++ die (STATE_CRITICAL, NULL); ++ microsec_ssl = deltime (tv_temp); + elapsed_time_ssl = (double)microsec_ssl / 1.0e6; + if (check_cert == true) { + result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); + if (continue_after_check_cert == false) { +- if (sd) +- close(sd); ++ if (sd) close(sd); + np_net_ssl_cleanup(); + return result; + } +@@ -989,20 +1001,18 @@ int check_http(void) { + } + #endif /* HAVE_SSL */ + +- if (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && +- host_name != NULL && use_ssl == true) +- asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, +- host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); ++ if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0 ++ && host_name != NULL && use_ssl == true) ++ asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); + else +- asprintf(&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, +- host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); ++ asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent); + + /* tell HTTP/1.1 servers not to keep the connection alive */ +- xasprintf(&buf, "%sConnection: close\r\n", buf); ++ xasprintf (&buf, "%sConnection: close\r\n", buf); + + /* check if Host header is explicitly set in options */ + if (http_opt_headers_count) { +- for (i = 0; i < http_opt_headers_count; i++) { ++ for (i = 0; i < http_opt_headers_count ; i++) { + if (strncmp(http_opt_headers[i], "Host:", 5) == 0) { + force_host_header = http_opt_headers[i]; + } +@@ -1012,8 +1022,9 @@ int check_http(void) { + /* optionally send the host header info */ + if (host_name) { + if (force_host_header) { +- xasprintf(&buf, "%s%s\r\n", buf, force_host_header); +- } else { ++ xasprintf (&buf, "%s%s\r\n", buf, force_host_header); ++ } ++ else { + /* + * Specify the port only if we're using a non-default port (see RFC 2616, + * 14.23). Some server applications/configurations cause trouble if the +@@ -1021,69 +1032,65 @@ int check_http(void) { + */ + if ((use_ssl == false && virtual_port == HTTP_PORT) || + (use_ssl == true && virtual_port == HTTPS_PORT) || +- (server_address != NULL && strcmp(http_method, "CONNECT") == 0 && +- host_name != NULL && use_ssl == true)) +- xasprintf(&buf, "%sHost: %s\r\n", buf, host_name); ++ (server_address != NULL && strcmp(http_method, "CONNECT") == 0 ++ && host_name != NULL && use_ssl == true)) ++ xasprintf (&buf, "%sHost: %s\r\n", buf, host_name); + else +- xasprintf(&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); ++ xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port); + } + } + + /* optionally send any other header tag */ + if (http_opt_headers_count) { +- for (i = 0; i < http_opt_headers_count; i++) { ++ for (i = 0; i < http_opt_headers_count ; i++) { + if (force_host_header != http_opt_headers[i]) { +- xasprintf(&buf, "%s%s\r\n", buf, http_opt_headers[i]); ++ xasprintf (&buf, "%s%s\r\n", buf, http_opt_headers[i]); + } + } +- /* This cannot be free'd here because a redirection will then try to access +- * this and segfault */ ++ /* This cannot be free'd here because a redirection will then try to access this and segfault */ + /* Covered in a testcase in tests/check_http.t */ + /* free(http_opt_headers); */ + } + + /* optionally send the authentication info */ + if (strlen(user_auth)) { +- base64_encode_alloc(user_auth, strlen(user_auth), &auth); +- xasprintf(&buf, "%sAuthorization: Basic %s\r\n", buf, auth); ++ base64_encode_alloc (user_auth, strlen (user_auth), &auth); ++ xasprintf (&buf, "%sAuthorization: Basic %s\r\n", buf, auth); + } + + /* optionally send the proxy authentication info */ + if (strlen(proxy_auth)) { +- base64_encode_alloc(proxy_auth, strlen(proxy_auth), &auth); +- xasprintf(&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); ++ base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth); ++ xasprintf (&buf, "%sProxy-Authorization: Basic %s\r\n", buf, auth); + } + + /* either send http POST data (any data, not only POST)*/ + if (http_post_data) { + if (http_content_type) { +- xasprintf(&buf, "%sContent-Type: %s\r\n", buf, http_content_type); ++ xasprintf (&buf, "%sContent-Type: %s\r\n", buf, http_content_type); + } else { +- xasprintf(&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", +- buf); ++ xasprintf (&buf, "%sContent-Type: application/x-www-form-urlencoded\r\n", buf); + } + +- xasprintf(&buf, "%sContent-Length: %i\r\n\r\n", buf, +- (int)strlen(http_post_data)); +- xasprintf(&buf, "%s%s", buf, http_post_data); ++ xasprintf (&buf, "%sContent-Length: %i\r\n\r\n", buf, (int)strlen (http_post_data)); ++ xasprintf (&buf, "%s%s", buf, http_post_data); + } else { + /* or just a newline so the server knows we're done with the request */ +- xasprintf(&buf, "%s%s", buf, CRLF); ++ xasprintf (&buf, "%s%s", buf, CRLF); + } + +- if (verbose) +- printf("%s\n", buf); +- gettimeofday(&tv_temp, NULL); +- my_send(buf, strlen(buf)); +- microsec_headers = deltime(tv_temp); ++ if (verbose) printf ("%s\n", buf); ++ gettimeofday (&tv_temp, NULL); ++ my_send (buf, strlen (buf)); ++ microsec_headers = deltime (tv_temp); + elapsed_time_headers = (double)microsec_headers / 1.0e6; + + /* fetch the page */ + full_page = strdup(""); +- gettimeofday(&tv_temp, NULL); +- while ((i = my_recv(buffer, MAX_INPUT_BUFFER - 1)) > 0) { ++ gettimeofday (&tv_temp, NULL); ++ while ((i = my_recv (buffer, MAX_INPUT_BUFFER-1)) > 0) { + if ((i >= 1) && (elapsed_time_firstbyte <= 0.000001)) { +- microsec_firstbyte = deltime(tv_temp); ++ microsec_firstbyte = deltime (tv_temp); + elapsed_time_firstbyte = (double)microsec_firstbyte / 1.0e6; + } + while (pos = memchr(buffer, '\0', i)) { +@@ -1101,12 +1108,12 @@ int check_http(void) { + + pagesize += i; + +- if (no_body && document_headers_done(full_page)) { +- i = 0; +- break; +- } ++ if (no_body && document_headers_done (full_page)) { ++ i = 0; ++ break; ++ } + } +- microsec_transfer = deltime(tv_temp); ++ microsec_transfer = deltime (tv_temp); + elapsed_time_transfer = (double)microsec_transfer / 1.0e6; + + if (i < 0 && errno != ECONNRESET) { +@@ -1114,123 +1121,121 @@ int check_http(void) { + } + + /* return a CRITICAL status if we couldn't read any data */ +- if (pagesize == (size_t)0) +- die(STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); ++ if (pagesize == (size_t) 0) ++ die (STATE_CRITICAL, _("HTTP CRITICAL - No data received from host\n")); + + /* close the connection */ +- if (sd) +- close(sd); ++ if (sd) close(sd); + #ifdef HAVE_SSL + np_net_ssl_cleanup(); + #endif + + /* Save check time */ +- microsec = deltime(tv); ++ microsec = deltime (tv); + elapsed_time = (double)microsec / 1.0e6; + + /* leave full_page untouched so we can free it later */ + page = full_page; + + if (verbose) +- printf("%s://%s:%d%s is %d characters\n", use_ssl ? "https" : "http", +- server_address, server_port, server_url, (int)pagesize); ++ printf ("%s://%s:%d%s is %d characters\n", ++ use_ssl ? "https" : "http", server_address, ++ server_port, server_url, (int)pagesize); + + /* find status line and null-terminate it */ + status_line = page; +- page += (size_t)strcspn(page, "\r\n"); ++ page += (size_t) strcspn (page, "\r\n"); + pos = page; +- page += (size_t)strspn(page, "\r\n"); ++ page += (size_t) strspn (page, "\r\n"); + status_line[strcspn(status_line, "\r\n")] = 0; +- strip(status_line); ++ strip (status_line); + if (verbose) +- printf("STATUS: %s\n", status_line); ++ printf ("STATUS: %s\n", status_line); + + /* find header info and null-terminate it */ + header = page; +- while (strcspn(page, "\r\n") > 0) { +- page += (size_t)strcspn(page, "\r\n"); ++ while (strcspn (page, "\r\n") > 0) { ++ page += (size_t) strcspn (page, "\r\n"); + pos = page; +- if ((strspn(page, "\r") == 1 && strspn(page, "\r\n") >= 2) || +- (strspn(page, "\n") == 1 && strspn(page, "\r\n") >= 2)) +- page += (size_t)2; ++ if ((strspn (page, "\r") == 1 && strspn (page, "\r\n") >= 2) || ++ (strspn (page, "\n") == 1 && strspn (page, "\r\n") >= 2)) ++ page += (size_t) 2; + else +- page += (size_t)1; ++ page += (size_t) 1; + } +- page += (size_t)strspn(page, "\r\n"); ++ page += (size_t) strspn (page, "\r\n"); + header[pos - header] = 0; + if (verbose) +- printf("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header, +- (no_body ? " [[ skipped ]]" : page)); ++ printf ("**** HEADER ****\n%s\n**** CONTENT ****\n%s\n", header, ++ (no_body ? " [[ skipped ]]" : page)); + + /* make sure the status line matches the response we are looking for */ +- if (!expected_statuscode(status_line, server_expect)) { ++ if (!expected_statuscode (status_line, server_expect)) { + if (server_port == HTTP_PORT) +- xasprintf(&msg, _("Invalid HTTP response received from host: %s\n"), ++ xasprintf (&msg, ++ _("Invalid HTTP response received from host: %s\n"), + status_line); + else +- xasprintf(&msg, ++ xasprintf (&msg, + _("Invalid HTTP response received from host on port %d: %s\n"), + server_port, status_line); + if (show_body) +- xasprintf(&msg, _("%s\n%s"), msg, page); +- die(STATE_CRITICAL, "HTTP CRITICAL - %s", msg); ++ xasprintf (&msg, _("%s\n%s"), msg, page); ++ die (STATE_CRITICAL, "HTTP CRITICAL - %s", msg); + } + +- /* Bypass normal status line check if server_expect was set by user and not +- * default */ +- /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string +- */ +- if (server_expect_yn) { +- xasprintf(&msg, _("Status line output matched \"%s\" - "), server_expect); ++ /* Bypass normal status line check if server_expect was set by user and not default */ ++ /* NOTE: After this if/else block msg *MUST* be an asprintf-allocated string */ ++ if ( server_expect_yn ) { ++ xasprintf (&msg, ++ _("Status line output matched \"%s\" - "), server_expect); + if (verbose) +- printf("%s\n", msg); +- } else { ++ printf ("%s\n",msg); ++ } ++ else { + /* Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF */ + /* HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT */ + /* Status-Code = 3 DIGITS */ + +- status_code = strchr(status_line, ' ') + sizeof(char); +- if (strspn(status_code, "1234567890") != 3) +- die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), +- status_line); ++ status_code = strchr (status_line, ' ') + sizeof (char); ++ if (strspn (status_code, "1234567890") != 3) ++ die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status Line (%s)\n"), status_line); + +- http_status = atoi(status_code); ++ http_status = atoi (status_code); + + /* check the return code */ + + if (http_status >= 600 || http_status < 100) { +- die(STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), +- status_line); ++ die (STATE_CRITICAL, _("HTTP CRITICAL: Invalid Status (%s)\n"), status_line); + } + /* server errors result in a critical state */ + else if (http_status >= 500) { +- xasprintf(&msg, _("%s - "), status_line); ++ xasprintf (&msg, _("%s - "), status_line); + result = STATE_CRITICAL; + } + /* client errors result in a warning state */ + else if (http_status >= 400) { +- xasprintf(&msg, _("%s - "), status_line); ++ xasprintf (&msg, _("%s - "), status_line); + result = max_state_alt(STATE_WARNING, result); + } + /* check redirected page if specified */ + else if (http_status >= 300) { + + if (onredirect == STATE_DEPENDENT) +- redir(header, status_line); ++ redir (header, status_line); + else + result = max_state_alt(onredirect, result); +- xasprintf(&msg, _("%s - "), status_line); ++ xasprintf (&msg, _("%s - "), status_line); + } /* end if (http_status >= 300) */ + else { + /* Print OK status anyway */ +- xasprintf(&msg, _("%s - "), status_line); ++ xasprintf (&msg, _("%s - "), status_line); + } + + } /* end else (server_expect_yn) */ + +- /* reset the alarm - must be called *after* redir or we'll never die on +- * redirects! */ +- alarm(0); ++ /* reset the alarm - must be called *after* redir or we'll never die on redirects! */ ++ alarm (0); + + if (maximum_age >= 0) { + result = max_state_alt(check_document_dates(header, &msg), result); +@@ -1247,10 +1252,7 @@ int check_http(void) { + bcopy("...", &output_header_search[sizeof(output_header_search) - 4], + 4); + } +- xasprintf(&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, +- output_header_search, use_ssl ? "https" : "http", +- host_name ? host_name : server_address, server_port, +- server_url); ++ xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); + result = STATE_CRITICAL; + } + } +@@ -1288,10 +1290,7 @@ int check_http(void) { + bcopy("...", &output_string_search[sizeof(output_string_search) - 4], + 4); + } +- xasprintf(&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, +- output_string_search, use_ssl ? "https" : "http", +- host_name ? host_name : server_address, server_port, +- server_url); ++ xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); + result = STATE_CRITICAL; + } + } +@@ -1302,17 +1301,18 @@ int check_http(void) { + (errcode == REG_NOMATCH && invert_regex == 1)) { + /* OK - No-op to avoid changing the logic around it */ + result = max_state_alt(STATE_OK, result); +- } else if ((errcode == REG_NOMATCH && invert_regex == 0) || +- (errcode == 0 && invert_regex == 1)) { ++ } ++ else if ((errcode == REG_NOMATCH && invert_regex == 0) || (errcode == 0 && invert_regex == 1)) { + if (invert_regex == 0) +- xasprintf(&msg, _("%spattern not found, "), msg); ++ xasprintf (&msg, _("%spattern not found, "), msg); + else +- xasprintf(&msg, _("%spattern found, "), msg); ++ xasprintf (&msg, _("%spattern found, "), msg); + result = STATE_CRITICAL; +- } else { ++ } ++ else { + /* FIXME: Shouldn't that be UNKNOWN? */ +- regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER); +- xasprintf(&msg, _("%sExecute Error: %s, "), msg, errbuf); ++ regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); ++ xasprintf (&msg, _("%sExecute Error: %s, "), msg, errbuf); + result = STATE_CRITICAL; + } + } +@@ -1328,42 +1328,46 @@ int check_http(void) { + */ + page_len = pagesize; + if ((max_page_len > 0) && (page_len > max_page_len)) { +- xasprintf(&msg, _("%spage size %d too large, "), msg, page_len); ++ xasprintf (&msg, _("%spage size %d too large, "), msg, page_len); + result = max_state_alt(STATE_WARNING, result); + } else if ((min_page_len > 0) && (page_len < min_page_len)) { +- xasprintf(&msg, _("%spage size %d too small, "), msg, page_len); ++ xasprintf (&msg, _("%spage size %d too small, "), msg, page_len); + result = max_state_alt(STATE_WARNING, result); + } + + /* Cut-off trailing characters */ +- if (msg[strlen(msg) - 2] == ',') +- msg[strlen(msg) - 2] = '\0'; ++ if(msg[strlen(msg)-2] == ',') ++ msg[strlen(msg)-2] = '\0'; + else +- msg[strlen(msg) - 3] = '\0'; ++ msg[strlen(msg)-3] = '\0'; + + /* check elapsed time */ + if (show_extended_perfdata) +- xasprintf( +- &msg, +- _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), +- msg, page_len, elapsed_time, (display_html ? "" : ""), +- perfd_time(elapsed_time), perfd_size(page_len), +- perfd_time_connect(elapsed_time_connect), +- use_ssl == true ? perfd_time_ssl(elapsed_time_ssl) : "", +- perfd_time_headers(elapsed_time_headers), +- perfd_time_firstbyte(elapsed_time_firstbyte), +- perfd_time_transfer(elapsed_time_transfer)); ++ xasprintf (&msg, ++ _("%s - %d bytes in %.3f second response time %s|%s %s %s %s %s %s %s"), ++ msg, page_len, elapsed_time, ++ (display_html ? "" : ""), ++ perfd_time (elapsed_time), ++ perfd_size (page_len), ++ perfd_time_connect (elapsed_time_connect), ++ use_ssl == true ? perfd_time_ssl (elapsed_time_ssl) : "", ++ perfd_time_headers (elapsed_time_headers), ++ perfd_time_firstbyte (elapsed_time_firstbyte), ++ perfd_time_transfer (elapsed_time_transfer)); + else +- xasprintf(&msg, _("%s - %d bytes in %.3f second response time %s|%s %s"), +- msg, page_len, elapsed_time, (display_html ? "" : ""), +- perfd_time(elapsed_time), perfd_size(page_len)); ++ xasprintf (&msg, ++ _("%s - %d bytes in %.3f second response time %s|%s %s"), ++ msg, page_len, elapsed_time, ++ (display_html ? "" : ""), ++ perfd_time (elapsed_time), ++ perfd_size (page_len)); + + if (show_body) +- xasprintf(&msg, _("%s\n%s"), msg, page); ++ xasprintf (&msg, _("%s\n%s"), msg, page); + + result = max_state_alt(get_status(elapsed_time, thlds), result); + +- die(result, "HTTP %s: %s\n", state_text(result), msg); ++ die (result, "HTTP %s: %s\n", state_text(result), msg); + /* die failed? */ + return STATE_UNKNOWN; + } +@@ -1453,22 +1457,20 @@ char *unchunk_content(const char *content) { + + /* per RFC 2396 */ + #define URI_HTTP "%5[HTPShtps]" +-#define URI_HOST \ +- "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" ++#define URI_HOST "%255[-.abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" + #define URI_PORT "%6d" /* MAX_PORT's width is 5 chars, 6 to detect overflow */ +-#define URI_PATH \ +- "%[-_.!~*'();/" \ +- "?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" ++#define URI_PATH "%[-_.!~*'();/?:@&=+$,%#abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]" + #define HD1 URI_HTTP "://" URI_HOST ":" URI_PORT "/" URI_PATH + #define HD2 URI_HTTP "://" URI_HOST "/" URI_PATH + #define HD3 URI_HTTP "://" URI_HOST ":" URI_PORT + #define HD4 URI_HTTP "://" URI_HOST +-/* relative reference redirect like //www.site.org/test +- * https://tools.ietf.org/html/rfc3986 */ ++/* relative reference redirect like //www.site.org/test https://tools.ietf.org/html/rfc3986 */ + #define HD5 "//" URI_HOST "/" URI_PATH + #define HD6 URI_PATH + +-void redir(char *pos, char *status_line) { ++void ++redir (char *pos, char *status_line) ++{ + int i = 0; + char *x; + char xx[2]; +@@ -1476,101 +1478,101 @@ void redir(char *pos, char *status_line) { + char *addr; + char *url; + +- addr = malloc(MAX_IPV4_HOSTLENGTH + 1); ++ addr = malloc (MAX_IPV4_HOSTLENGTH + 1); + if (addr == NULL) +- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); ++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate addr\n")); + + memset(addr, 0, MAX_IPV4_HOSTLENGTH); +- url = malloc(strcspn(pos, "\r\n")); ++ url = malloc (strcspn (pos, "\r\n")); + if (url == NULL) +- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); ++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); + + while (pos) { +- sscanf(pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", +- xx, &i); ++ sscanf (pos, "%1[Ll]%*1[Oo]%*1[Cc]%*1[Aa]%*1[Tt]%*1[Ii]%*1[Oo]%*1[Nn]:%n", xx, &i); + if (i == 0) { +- pos += (size_t)strcspn(pos, "\r\n"); +- pos += (size_t)strspn(pos, "\r\n"); ++ pos += (size_t) strcspn (pos, "\r\n"); ++ pos += (size_t) strspn (pos, "\r\n"); + if (strlen(pos) == 0) +- die(STATE_UNKNOWN, +- _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"), +- status_line, (display_html ? "" : "")); ++ die (STATE_UNKNOWN, ++ _("HTTP UNKNOWN - Could not find redirect location - %s%s\n"), ++ status_line, (display_html ? "" : "")); + continue; + } + + pos += i; +- pos += strspn(pos, " \t"); ++ pos += strspn (pos, " \t"); + + /* + * RFC 2616 (4.2): ``Header fields can be extended over multiple lines by + * preceding each extra line with at least one SP or HT.'' + */ +- for (; (i = strspn(pos, "\r\n")); pos += i) { ++ for (; (i = strspn (pos, "\r\n")); pos += i) { + pos += i; +- if (!(i = strspn(pos, " \t"))) { +- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"), +- display_html ? "" : ""); ++ if (!(i = strspn (pos, " \t"))) { ++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Empty redirect location%s\n"), ++ display_html ? "" : ""); + } + } + +- url = realloc(url, strcspn(pos, "\r\n") + 1); ++ url = realloc (url, strcspn (pos, "\r\n") + 1); + if (url == NULL) +- die(STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); ++ die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate URL\n")); + + /* URI_HTTP, URI_HOST, URI_PORT, URI_PATH */ +- if (sscanf(pos, HD1, type, addr, &i, url) == 4) { +- url = prepend_slash(url); +- use_ssl = server_type_check(type); ++ if (sscanf (pos, HD1, type, addr, &i, url) == 4) { ++ url = prepend_slash (url); ++ use_ssl = server_type_check (type); + } + + /* URI_HTTP URI_HOST URI_PATH */ +- else if (sscanf(pos, HD2, type, addr, url) == 3) { +- url = prepend_slash(url); +- use_ssl = server_type_check(type); +- i = server_port_check(use_ssl); ++ else if (sscanf (pos, HD2, type, addr, url) == 3 ) { ++ url = prepend_slash (url); ++ use_ssl = server_type_check (type); ++ i = server_port_check (use_ssl); + } + + /* URI_HTTP URI_HOST URI_PORT */ +- else if (sscanf(pos, HD3, type, addr, &i) == 3) { +- strcpy(url, HTTP_URL); +- use_ssl = server_type_check(type); ++ else if (sscanf (pos, HD3, type, addr, &i) == 3) { ++ strcpy (url, HTTP_URL); ++ use_ssl = server_type_check (type); + } + + /* URI_HTTP URI_HOST */ +- else if (sscanf(pos, HD4, type, addr) == 2) { +- strcpy(url, HTTP_URL); +- use_ssl = server_type_check(type); +- i = server_port_check(use_ssl); ++ else if (sscanf (pos, HD4, type, addr) == 2) { ++ strcpy (url, HTTP_URL); ++ use_ssl = server_type_check (type); ++ i = server_port_check (use_ssl); + } + /* URI_HTTP, URI_HOST, URI_PATH */ +- else if (sscanf(pos, HD5, addr, url) == 2) { +- if (use_ssl) { +- strcpy(type, "https"); +- } else { +- strcpy(type, server_type); ++ else if (sscanf (pos, HD5, addr, url) == 2) { ++ if(use_ssl){ ++ strcpy (type,"https"); + } +- xasprintf(&url, "/%s", url); +- use_ssl = server_type_check(type); +- i = server_port_check(use_ssl); ++ else{ ++ strcpy (type, server_type); ++ } ++ xasprintf (&url, "/%s", url); ++ use_ssl = server_type_check (type); ++ i = server_port_check (use_ssl); + } + + /* URI_PATH */ +- else if (sscanf(pos, HD6, url) == 1) { ++ else if (sscanf (pos, HD6, url) == 1) { + /* relative url */ + if ((url[0] != '/')) { + if ((x = strrchr(server_url, '/'))) + *x = '\0'; +- xasprintf(&url, "%s/%s", server_url, url); ++ xasprintf (&url, "%s/%s", server_url, url); + } + i = server_port; +- strcpy(type, server_type); +- strcpy(addr, host_name ? host_name : server_address); ++ strcpy (type, server_type); ++ strcpy (addr, host_name ? host_name : server_address); + } + + else { +- die(STATE_UNKNOWN, +- _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), pos, +- (display_html ? "" : "")); ++ die (STATE_UNKNOWN, ++ _("HTTP UNKNOWN - Could not parse redirect location - %s%s\n"), ++ pos, (display_html ? "" : "")); + } + + break; +@@ -1578,356 +1580,299 @@ void redir(char *pos, char *status_line) { + } /* end while (pos) */ + + if (++redir_depth > max_depth) +- die(STATE_WARNING, +- _("HTTP WARNING - maximum redirection depth %d exceeded - " +- "%s://%s:%d%s%s\n"), +- max_depth, type, addr, i, url, (display_html ? "" : "")); ++ die (STATE_WARNING, ++ _("HTTP WARNING - maximum redirection depth %d exceeded - %s://%s:%d%s%s\n"), ++ max_depth, type, addr, i, url, (display_html ? "" : "")); + +- if (server_port == i && !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && ++ if (server_port==i && ++ !strncmp(server_address, addr, MAX_IPV4_HOSTLENGTH) && + (host_name && !strncmp(host_name, addr, MAX_IPV4_HOSTLENGTH)) && + !strcmp(server_url, url)) +- die(STATE_CRITICAL, +- _("HTTP CRITICAL - redirection creates an infinite loop - " +- "%s://%s:%d%s%s\n"), +- type, addr, i, url, (display_html ? "" : "")); ++ die (STATE_CRITICAL, ++ _("HTTP CRITICAL - redirection creates an infinite loop - %s://%s:%d%s%s\n"), ++ type, addr, i, url, (display_html ? "" : "")); + +- strcpy(server_type, type); ++ strcpy (server_type, type); + +- free(host_name); +- host_name = strndup(addr, MAX_IPV4_HOSTLENGTH); ++ free (host_name); ++ host_name = strndup (addr, MAX_IPV4_HOSTLENGTH); + + if (!(followsticky & STICKY_HOST)) { +- free(server_address); +- server_address = strndup(addr, MAX_IPV4_HOSTLENGTH); ++ free (server_address); ++ server_address = strndup (addr, MAX_IPV4_HOSTLENGTH); + } + if (!(followsticky & STICKY_PORT)) { + server_port = i; + } + +- free(server_url); ++ free (server_url); + server_url = url; + + if (server_port > MAX_PORT) +- die(STATE_UNKNOWN, +- _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"), +- MAX_PORT, server_type, server_address, server_port, server_url, +- display_html ? "" : ""); ++ die (STATE_UNKNOWN, ++ _("HTTP UNKNOWN - Redirection to port above %d - %s://%s:%d%s%s\n"), ++ MAX_PORT, server_type, server_address, server_port, server_url, ++ display_html ? "" : ""); + + /* reset virtual port */ + virtual_port = server_port; + + if (verbose) +- printf(_("Redirection to %s://%s:%d%s\n"), server_type, +- host_name ? host_name : server_address, server_port, server_url); ++ printf (_("Redirection to %s://%s:%d%s\n"), server_type, ++ host_name ? host_name : server_address, server_port, server_url); + + free(addr); +- check_http(); ++ check_http (); + } + +-bool server_type_check(const char *type) { +- if (strcmp(type, "https")) ++ ++bool ++server_type_check (const char *type) ++{ ++ if (strcmp (type, "https")) + return false; + else + return true; + } + +-int server_port_check(int ssl_flag) { ++int ++server_port_check (int ssl_flag) ++{ + if (ssl_flag) + return HTTPS_PORT; + else + return HTTP_PORT; + } + +-char *perfd_time(double elapsed_time) { +- return fperfdata("time", elapsed_time, "s", thlds->warning ? true : false, +- thlds->warning ? thlds->warning->end : 0, +- thlds->critical ? true : false, +- thlds->critical ? thlds->critical->end : 0, true, 0, true, +- socket_timeout); ++char *perfd_time (double elapsed_time) ++{ ++ return fperfdata ("time", elapsed_time, "s", ++ thlds->warning?true:false, thlds->warning?thlds->warning->end:0, ++ thlds->critical?true:false, thlds->critical?thlds->critical->end:0, ++ true, 0, true, socket_timeout); + } + +-char *perfd_time_connect(double elapsed_time_connect) { +- return fperfdata("time_connect", elapsed_time_connect, "s", false, 0, false, +- 0, false, 0, true, socket_timeout); ++char *perfd_time_connect (double elapsed_time_connect) ++{ ++ return fperfdata ("time_connect", elapsed_time_connect, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + +-char *perfd_time_ssl(double elapsed_time_ssl) { +- return fperfdata("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, +- 0, true, socket_timeout); ++char *perfd_time_ssl (double elapsed_time_ssl) ++{ ++ return fperfdata ("time_ssl", elapsed_time_ssl, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + +-char *perfd_time_headers(double elapsed_time_headers) { +- return fperfdata("time_headers", elapsed_time_headers, "s", false, 0, false, +- 0, false, 0, true, socket_timeout); ++char *perfd_time_headers (double elapsed_time_headers) ++{ ++ return fperfdata ("time_headers", elapsed_time_headers, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + +-char *perfd_time_firstbyte(double elapsed_time_firstbyte) { +- return fperfdata("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, +- false, 0, false, 0, true, socket_timeout); ++char *perfd_time_firstbyte (double elapsed_time_firstbyte) ++{ ++ return fperfdata ("time_firstbyte", elapsed_time_firstbyte, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + +-char *perfd_time_transfer(double elapsed_time_transfer) { +- return fperfdata("time_transfer", elapsed_time_transfer, "s", false, 0, false, +- 0, false, 0, true, socket_timeout); ++char *perfd_time_transfer (double elapsed_time_transfer) ++{ ++ return fperfdata ("time_transfer", elapsed_time_transfer, "s", false, 0, false, 0, false, 0, true, socket_timeout); + } + +-char *perfd_size(int page_len) { +- return perfdata("size", page_len, "B", (min_page_len > 0 ? true : false), +- min_page_len, (min_page_len > 0 ? true : false), 0, true, 0, +- false, 0); ++char *perfd_size (int page_len) ++{ ++ return perfdata ("size", page_len, "B", ++ (min_page_len>0?true:false), min_page_len, ++ (min_page_len>0?true:false), 0, ++ true, 0, false, 0); + } + +-void print_help(void) { +- print_revision(progname, NP_VERSION); ++void ++print_help (void) ++{ ++ print_revision (progname, NP_VERSION); + +- printf("Copyright (c) 1999 Ethan Galstad \n"); +- printf(COPYRIGHT, copyright, email); ++ printf ("Copyright (c) 1999 Ethan Galstad \n"); ++ printf (COPYRIGHT, copyright, email); + +- printf("%s\n", _("This plugin tests the HTTP service on the specified host. " +- "It can test")); +- printf("%s\n", _("normal (http) and secure (https) servers, follow " +- "redirects, search for")); +- printf("%s\n", _("strings and regular expressions, check connection times, " +- "and report on")); +- printf("%s\n", _("certificate expiration times.")); ++ printf ("%s\n", _("This plugin tests the HTTP service on the specified host. It can test")); ++ printf ("%s\n", _("normal (http) and secure (https) servers, follow redirects, search for")); ++ printf ("%s\n", _("strings and regular expressions, check connection times, and report on")); ++ printf ("%s\n", _("certificate expiration times.")); + +- printf("\n\n"); ++ printf ("\n\n"); + +- print_usage(); ++ print_usage (); + + #ifdef HAVE_SSL +- printf(_("In the first form, make an HTTP request.")); +- printf(_("In the second form, connect to the server and check the TLS " +- "certificate.")); ++ printf (_("In the first form, make an HTTP request.")); ++ printf (_("In the second form, connect to the server and check the TLS certificate.")); + #endif +- printf(_("NOTE: One or both of -H and -I must be specified")); ++ printf (_("NOTE: One or both of -H and -I must be specified")); + +- printf("\n"); ++ printf ("\n"); + +- printf(UT_HELP_VRSN); +- printf(UT_EXTRA_OPTS); ++ printf (UT_HELP_VRSN); ++ printf (UT_EXTRA_OPTS); + +- printf(" %s\n", "-H, --hostname=ADDRESS"); +- printf(" %s\n", +- _("Host name argument for servers using host headers (virtual host)")); +- printf(" %s\n", +- _("Append a port to include it in the header (eg: example.com:5000)")); +- printf(" %s\n", "-I, --IP-address=ADDRESS"); +- printf(" %s\n", _("IP address or name (use numeric address if possible to " +- "bypass DNS lookup).")); +- printf(" %s\n", "-p, --port=INTEGER"); +- printf(" %s", _("Port number (default: ")); +- printf("%d)\n", HTTP_PORT); ++ printf (" %s\n", "-H, --hostname=ADDRESS"); ++ printf (" %s\n", _("Host name argument for servers using host headers (virtual host)")); ++ printf (" %s\n", _("Append a port to include it in the header (eg: example.com:5000)")); ++ printf (" %s\n", "-I, --IP-address=ADDRESS"); ++ printf (" %s\n", _("IP address or name (use numeric address if possible to bypass DNS lookup).")); ++ printf (" %s\n", "-p, --port=INTEGER"); ++ printf (" %s", _("Port number (default: ")); ++ printf ("%d)\n", HTTP_PORT); + +- printf(UT_IPv46); ++ printf (UT_IPv46); + + #ifdef HAVE_SSL +- printf(" %s\n", "-S, --ssl=VERSION[+]"); +- printf(" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is " +- "optional, and prevents")); +- printf( +- " %s\n", +- _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); +- printf(" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are " +- "also accepted.")); +- printf(" %s\n", "--sni"); +- printf(" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); +- printf(" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); +- printf(" %s\n", _("Minimum number of days a certificate has to be valid. " +- "Port defaults to 443")); +- printf(" %s\n", _("(when this option is used the URL is not checked by " +- "default. You can use")); +- printf(" %s\n", +- _(" --continue-after-certificate to override this behavior)")); +- printf(" %s\n", "--continue-after-certificate"); +- printf(" %s\n", _("Allows the HTTP check to continue after performing the " +- "certificate check.")); +- printf(" %s\n", _("Does nothing unless -C is used.")); +- printf(" %s\n", "-J, --client-cert=FILE"); +- printf(" %s\n", +- _("Name of file that contains the client certificate (PEM format)")); +- printf(" %s\n", _("to be used in establishing the SSL session")); +- printf(" %s\n", "-K, --private-key=FILE"); +- printf(" %s\n", _("Name of file containing the private key (PEM format)")); +- printf(" %s\n", _("matching the client certificate")); ++ printf (" %s\n", "-S, --ssl=VERSION[+]"); ++ printf (" %s\n", _("Connect via SSL. Port defaults to 443. VERSION is optional, and prevents")); ++ printf (" %s\n", _("auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,")); ++ printf (" %s\n", _("1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted.")); ++ printf (" %s\n", "--sni"); ++ printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); ++ printf (" %s\n", "-C, --certificate=INTEGER[,INTEGER]"); ++ printf (" %s\n", _("Minimum number of days a certificate has to be valid. Port defaults to 443")); ++ printf (" %s\n", _("(when this option is used the URL is not checked by default. You can use")); ++ printf (" %s\n", _(" --continue-after-certificate to override this behavior)")); ++ printf (" %s\n", "--continue-after-certificate"); ++ printf (" %s\n", _("Allows the HTTP check to continue after performing the certificate check.")); ++ printf (" %s\n", _("Does nothing unless -C is used.")); ++ printf (" %s\n", "-J, --client-cert=FILE"); ++ printf (" %s\n", _("Name of file that contains the client certificate (PEM format)")); ++ printf (" %s\n", _("to be used in establishing the SSL session")); ++ printf (" %s\n", "-K, --private-key=FILE"); ++ printf (" %s\n", _("Name of file containing the private key (PEM format)")); ++ printf (" %s\n", _("matching the client certificate")); + #endif + +- printf(" %s\n", "-e, --expect=STRING"); +- printf(" %s\n", _("Comma-delimited list of strings, at least one of them " +- "is expected in")); +- printf(" %s", +- _("the first (status) line of the server response (default: ")); +- printf("%s)\n", HTTP_EXPECT); +- printf(" %s\n", _("If specified skips all other status line logic (ex: " +- "3xx, 4xx, 5xx processing)")); +- printf(" %s\n", "-d, --header-string=STRING"); +- printf(" %s\n", _("String to expect in the response headers")); +- printf(" %s\n", "-s, --string=STRING"); +- printf(" %s\n", _("String to expect in the content")); +- printf(" %s\n", "-u, --url=PATH"); +- printf(" %s\n", _("URL to GET or POST (default: /)")); +- printf(" %s\n", "-P, --post=STRING"); +- printf(" %s\n", _("URL encoded http POST data")); +- printf(" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, " +- "PUT, DELETE, CONNECT, CONNECT:POST)"); +- printf(" %s\n", _("Set HTTP method.")); +- printf(" %s\n", "-N, --no-body"); +- printf(" %s\n", +- _("Don't wait for document body: stop reading after headers.")); +- printf(" %s\n", +- _("(Note that this still does an HTTP GET or POST, not a HEAD.)")); +- printf(" %s\n", "-M, --max-age=SECONDS"); +- printf(" %s\n", _("Warn if document is more than SECONDS old. the number " +- "can also be of")); +- printf(" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or " +- "\"10d\" for days.")); +- printf(" %s\n", "-T, --content-type=STRING"); +- printf(" %s\n", +- _("specify Content-Type header media type when POSTing\n")); +- +- printf(" %s\n", "-l, --linespan"); +- printf(" %s\n", _("Allow regex to span newlines (must precede -r or -R)")); +- printf(" %s\n", "-r, --regex, --ereg=STRING"); +- printf(" %s\n", _("Search page for regex STRING")); +- printf(" %s\n", "-R, --eregi=STRING"); +- printf(" %s\n", _("Search page for case-insensitive regex STRING")); +- printf(" %s\n", "--invert-regex"); +- printf(" %s\n", _("Return CRITICAL if found, OK if not\n")); +- +- printf(" %s\n", "-a, --authorization=AUTH_PAIR"); +- printf(" %s\n", _("Username:password on sites with basic authentication")); +- printf(" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); +- printf(" %s\n", +- _("Username:password on proxy-servers with basic authentication")); +- printf(" %s\n", "-A, --useragent=STRING"); +- printf(" %s\n", _("String to be sent in http header as \"User Agent\"")); +- printf(" %s\n", "-k, --header=STRING"); +- printf(" %s\n", _("Any other tags to be sent in http header. Use multiple " +- "times for additional headers")); +- printf(" %s\n", "-E, --extended-perfdata"); +- printf(" %s\n", _("Print additional performance data")); +- printf(" %s\n", "-B, --show-body"); +- printf(" %s\n", _("Print body content below status line")); +- printf(" %s\n", "-L, --link"); +- printf(" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); +- printf(" %s\n", +- "-f, --onredirect="); +- printf(" %s\n", _("How to handle redirected pages. sticky is like follow " +- "but stick to the")); +- printf( +- " %s\n", +- _("specified IP address. stickyport also ensures port stays the same.")); +- printf(" %s\n", "--max-redirs=INTEGER"); +- printf(" %s", _("Maximal number of redirects (default: ")); +- printf("%d)\n", DEFAULT_MAX_REDIRS); +- printf(" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); +- printf(" %s\n", _("Minimum page size required (bytes) : Maximum page size " +- "required (bytes)")); +- printf(UT_WARN_CRIT); +- +- printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); +- +- printf(UT_VERBOSE); +- +- printf("\n"); +- printf("%s\n", _("Notes:")); +- printf( +- " %s\n", +- _("This plugin will attempt to open an HTTP connection with the host.")); +- printf(" %s\n", _("Successful connects return STATE_OK, refusals and " +- "timeouts return STATE_CRITICAL")); +- printf(" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, " +- "but incorrect response")); +- printf(" %s\n", _("messages from the host result in STATE_WARNING return " +- "values. If you are")); +- printf(" %s\n", _("checking a virtual server that uses 'host headers' you " +- "must supply the FQDN")); +- printf(" %s\n", +- _("(fully qualified domain name) as the [host_name] argument.")); ++ printf (" %s\n", "-e, --expect=STRING"); ++ printf (" %s\n", _("Comma-delimited list of strings, at least one of them is expected in")); ++ printf (" %s", _("the first (status) line of the server response (default: ")); ++ printf ("%s)\n", HTTP_EXPECT); ++ printf (" %s\n", _("If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)")); ++ printf (" %s\n", "-d, --header-string=STRING"); ++ printf (" %s\n", _("String to expect in the response headers")); ++ printf (" %s\n", "-s, --string=STRING"); ++ printf (" %s\n", _("String to expect in the content")); ++ printf (" %s\n", "-u, --url=PATH"); ++ printf (" %s\n", _("URL to GET or POST (default: /)")); ++ printf (" %s\n", "-P, --post=STRING"); ++ printf (" %s\n", _("URL encoded http POST data")); ++ printf (" %s\n", "-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)"); ++ printf (" %s\n", _("Set HTTP method.")); ++ printf (" %s\n", "-N, --no-body"); ++ printf (" %s\n", _("Don't wait for document body: stop reading after headers.")); ++ printf (" %s\n", _("(Note that this still does an HTTP GET or POST, not a HEAD.)")); ++ printf (" %s\n", "-M, --max-age=SECONDS"); ++ printf (" %s\n", _("Warn if document is more than SECONDS old. the number can also be of")); ++ printf (" %s\n", _("the form \"10m\" for minutes, \"10h\" for hours, or \"10d\" for days.")); ++ printf (" %s\n", "-T, --content-type=STRING"); ++ printf (" %s\n", _("specify Content-Type header media type when POSTing\n")); ++ ++ printf (" %s\n", "-l, --linespan"); ++ printf (" %s\n", _("Allow regex to span newlines (must precede -r or -R)")); ++ printf (" %s\n", "-r, --regex, --ereg=STRING"); ++ printf (" %s\n", _("Search page for regex STRING")); ++ printf (" %s\n", "-R, --eregi=STRING"); ++ printf (" %s\n", _("Search page for case-insensitive regex STRING")); ++ printf (" %s\n", "--invert-regex"); ++ printf (" %s\n", _("Return CRITICAL if found, OK if not\n")); ++ ++ printf (" %s\n", "-a, --authorization=AUTH_PAIR"); ++ printf (" %s\n", _("Username:password on sites with basic authentication")); ++ printf (" %s\n", "-b, --proxy-authorization=AUTH_PAIR"); ++ printf (" %s\n", _("Username:password on proxy-servers with basic authentication")); ++ printf (" %s\n", "-A, --useragent=STRING"); ++ printf (" %s\n", _("String to be sent in http header as \"User Agent\"")); ++ printf (" %s\n", "-k, --header=STRING"); ++ printf (" %s\n", _("Any other tags to be sent in http header. Use multiple times for additional headers")); ++ printf (" %s\n", "-E, --extended-perfdata"); ++ printf (" %s\n", _("Print additional performance data")); ++ printf (" %s\n", "-B, --show-body"); ++ printf (" %s\n", _("Print body content below status line")); ++ printf (" %s\n", "-L, --link"); ++ printf (" %s\n", _("Wrap output in HTML link (obsoleted by urlize)")); ++ printf (" %s\n", "-f, --onredirect="); ++ printf (" %s\n", _("How to handle redirected pages. sticky is like follow but stick to the")); ++ printf (" %s\n", _("specified IP address. stickyport also ensures port stays the same.")); ++ printf (" %s\n", "--max-redirs=INTEGER"); ++ printf (" %s", _("Maximal number of redirects (default: ")); ++ printf ("%d)\n", DEFAULT_MAX_REDIRS); ++ printf (" %s\n", "-m, --pagesize=INTEGER<:INTEGER>"); ++ printf (" %s\n", _("Minimum page size required (bytes) : Maximum page size required (bytes)")); ++ printf (UT_WARN_CRIT); ++ ++ printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); ++ ++ printf (UT_VERBOSE); ++ ++ printf ("\n"); ++ printf ("%s\n", _("Notes:")); ++ printf (" %s\n", _("This plugin will attempt to open an HTTP connection with the host.")); ++ printf (" %s\n", _("Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL")); ++ printf (" %s\n", _("other errors return STATE_UNKNOWN. Successful connects, but incorrect response")); ++ printf (" %s\n", _("messages from the host result in STATE_WARNING return values. If you are")); ++ printf (" %s\n", _("checking a virtual server that uses 'host headers' you must supply the FQDN")); ++ printf (" %s\n", _("(fully qualified domain name) as the [host_name] argument.")); + + #ifdef HAVE_SSL +- printf("\n"); +- printf(" %s\n", _("This plugin can also check whether an SSL enabled web " +- "server is able to")); +- printf(" %s\n", _("serve content (optionally within a specified time) or " +- "whether the X509 ")); +- printf(" %s\n", +- _("certificate is still valid for the specified number of days.")); +- printf("\n"); +- printf( +- " %s\n", +- _("Please note that this plugin does not check if the presented server")); +- printf(" %s\n", _("certificate matches the hostname of the server, or if the " +- "certificate")); +- printf(" %s\n", +- _("has a valid chain of trust to one of the locally installed CAs.")); +- printf("\n"); +- printf("%s\n", _("Examples:")); +- printf(" %s\n\n", +- "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); +- printf(" %s\n", _("When the 'www.verisign.com' server returns its content " +- "within 5 seconds,")); +- printf(" %s\n", _("a STATE_OK will be returned. When the server returns its " +- "content but exceeds")); +- printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. " +- "When an error occurs,")); +- printf(" %s\n", _("a STATE_CRITICAL will be returned.")); +- printf("\n"); +- printf(" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); +- printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for " +- "more than 14 days,")); +- printf(" %s\n", _("a STATE_OK is returned. When the certificate is still " +- "valid, but for less than")); +- printf(" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL " +- "will be returned when")); +- printf(" %s\n\n", _("the certificate is expired.")); +- printf("\n"); +- printf(" %s\n\n", +- "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); +- printf(" %s\n", _("When the certificate of 'www.verisign.com' is valid for " +- "more than 30 days,")); +- printf(" %s\n", _("a STATE_OK is returned. When the certificate is still " +- "valid, but for less than")); +- printf(" %s\n", +- _("30 days, but more than 14 days, a STATE_WARNING is returned.")); +- printf(" %s\n", _("A STATE_CRITICAL will be returned when certificate " +- "expires in less than 14 days")); +- +- printf(" %s\n\n", +- "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); +- printf(" %s\n", +- _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S " +- "-j CONNECT -H www.verisign.com ")); +- printf(" %s\n", _("all these options are needed: -I -p " +- "-u -S(sl) -j CONNECT -H ")); +- printf(" %s\n", _("a STATE_OK will be returned. When the server returns its " +- "content but exceeds")); +- printf(" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. " +- "When an error occurs,")); +- printf(" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to " +- "the method you can set the method used")); +- printf(" %s\n", _("inside the proxied connection: -j CONNECT:POST")); ++ printf ("\n"); ++ printf (" %s\n", _("This plugin can also check whether an SSL enabled web server is able to")); ++ printf (" %s\n", _("serve content (optionally within a specified time) or whether the X509 ")); ++ printf (" %s\n", _("certificate is still valid for the specified number of days.")); ++ printf ("\n"); ++ printf (" %s\n", _("Please note that this plugin does not check if the presented server")); ++ printf (" %s\n", _("certificate matches the hostname of the server, or if the certificate")); ++ printf (" %s\n", _("has a valid chain of trust to one of the locally installed CAs.")); ++ printf ("\n"); ++ printf ("%s\n", _("Examples:")); ++ printf (" %s\n\n", "CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com"); ++ printf (" %s\n", _("When the 'www.verisign.com' server returns its content within 5 seconds,")); ++ printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); ++ printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); ++ printf (" %s\n", _("a STATE_CRITICAL will be returned.")); ++ printf ("\n"); ++ printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 14"); ++ printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 14 days,")); ++ printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); ++ printf (" %s\n", _("14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when")); ++ printf (" %s\n\n", _("the certificate is expired.")); ++ printf ("\n"); ++ printf (" %s\n\n", "CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14"); ++ printf (" %s\n", _("When the certificate of 'www.verisign.com' is valid for more than 30 days,")); ++ printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than")); ++ printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned.")); ++ printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days")); ++ ++ printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: "); ++ printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com ")); ++ printf (" %s\n", _("all these options are needed: -I -p -u -S(sl) -j CONNECT -H ")); ++ printf (" %s\n", _("a STATE_OK will be returned. When the server returns its content but exceeds")); ++ printf (" %s\n", _("the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,")); ++ printf (" %s\n", _("a STATE_CRITICAL will be returned. By adding a colon to the method you can set the method used")); ++ printf (" %s\n", _("inside the proxied connection: -j CONNECT:POST")); + + #endif + +- printf(UT_SUPPORT); ++ printf (UT_SUPPORT); ++ + } + +-void print_usage(void) { +- printf("%s\n", _("Usage:")); +- printf(" %s -H | -I [-u ] [-p ]\n", progname); +- printf(" [-J ] [-K ]\n"); +- printf(" [-w ] [-c ] [-t ] [-L] " +- "[-E] [-a auth]\n"); +- printf(" [-b proxy_auth] [-f " +- "]\n"); +- printf(" [-e ] [-d string] [-s string] [-l] [-r | -R " +- "]\n"); +- printf(" [-P string] [-m :] [-4|-6] [-N] [-M " +- "]\n"); +- printf(" [-A string] [-k string] [-S ] [--sni]\n"); +- printf(" [-T ] [-j method]\n"); +- printf(" %s -H | -I -C [,]\n", +- progname); +- printf(" [-p ] [-t ] [-4|-6] [--sni]\n"); ++ ++ ++void ++print_usage (void) ++{ ++ printf ("%s\n", _("Usage:")); ++ printf (" %s -H | -I [-u ] [-p ]\n",progname); ++ printf (" [-J ] [-K ]\n"); ++ printf (" [-w ] [-c ] [-t ] [-L] [-E] [-a auth]\n"); ++ printf (" [-b proxy_auth] [-f ]\n"); ++ printf (" [-e ] [-d string] [-s string] [-l] [-r | -R ]\n"); ++ printf (" [-P string] [-m :] [-4|-6] [-N] [-M ]\n"); ++ printf (" [-A string] [-k string] [-S ] [--sni]\n"); ++ printf (" [-T ] [-j method]\n"); ++ printf (" %s -H | -I -C [,]\n",progname); ++ printf (" [-p ] [-t ] [-4|-6] [--sni]\n"); + } + +From ad32adf4ef09572715ce7bc207947ba7ffb7dc8d Mon Sep 17 00:00:00 2001 +From: RincewindsHat <12514511+RincewindsHat@users.noreply.github.com> +Date: Thu, 22 Dec 2022 13:16:19 +0100 +Subject: [PATCH 14/16] Reformat a part to increase readability + +--- + plugins/check_http.c | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +diff --git a/plugins/check_http.c b/plugins/check_http.c +index dbaa0d780..a9c22389e 100644 +--- a/plugins/check_http.c ++++ b/plugins/check_http.c +@@ -1246,13 +1246,23 @@ check_http (void) + if (strstr(header, header_expect) == NULL) { + // We did not find the header, the rest is for building the output and setting the state + char output_header_search[30] = ""; ++ + strncpy(&output_header_search[0], header_expect, + sizeof(output_header_search)); ++ + if (output_header_search[sizeof(output_header_search) - 1] != '\0') { +- bcopy("...", &output_header_search[sizeof(output_header_search) - 4], +- 4); ++ bcopy("...", ++ &output_header_search[sizeof(output_header_search) - 4], ++ 4); + } +- xasprintf (&msg, _("%sheader '%s' not found on '%s://%s:%d%s', "), msg, output_header_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url); ++ ++ xasprintf (&msg, ++ _("%sheader '%s' not found on '%s://%s:%d%s', "), ++ msg, ++ output_header_search, use_ssl ? "https" : "http", ++ host_name ? host_name : server_address, server_port, ++ server_url); ++ + result = STATE_CRITICAL; + } + } + +From a03c4bbc1ecdad247a32e469a37aa1f0126581c7 Mon Sep 17 00:00:00 2001 +From: Sven Nierlein +Date: Thu, 22 Dec 2022 14:06:08 +0100 +Subject: [PATCH 15/16] check_http/check_curl: add chunked encoding test + +--- + plugins/tests/check_curl.t | 18 +++++++++++++++++- + plugins/tests/check_http.t | 18 +++++++++++++++++- + 2 files changed, 34 insertions(+), 2 deletions(-) + +diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t +index aa72ef671..86bfb5381 100755 +--- a/plugins/tests/check_curl.t ++++ b/plugins/tests/check_curl.t +@@ -21,7 +21,7 @@ use FindBin qw($Bin); + + $ENV{'LC_TIME'} = "C"; + +-my $common_tests = 72; ++my $common_tests = 74; + my $ssl_only_tests = 8; + # Check that all dependent modules are available + eval "use HTTP::Daemon 6.01;"; +@@ -200,6 +200,17 @@ sub run_server { + $c->send_basic_header; + $c->send_crlf; + $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host'))); ++ } elsif ($r->url->path eq "/chunked") { ++ $c->send_basic_header; ++ $c->send_header('Transfer-Encoding', "chunked"); ++ $c->send_crlf; ++ my $chunks = ["chunked", "encoding", "test\n"]; ++ $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub { ++ my $chunk = shift @{$chunks}; ++ return unless $chunk; ++ sleep(1); ++ return($chunk); ++ })); + } else { + $c->send_error(HTTP::Status->RC_FORBIDDEN); + } +@@ -508,4 +519,9 @@ sub run_common_tests { + }; + is( $@, "", $cmd ); + ++ $cmd = "$command -u /chunked -s 'chunkedencodingtest'"; ++ eval { ++ $result = NPTest->testCmd( $cmd, 5 ); ++ }; ++ is( $@, "", $cmd ); + } +diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t +index ea11b2ac3..132c6659d 100755 +--- a/plugins/tests/check_http.t ++++ b/plugins/tests/check_http.t +@@ -12,7 +12,7 @@ use FindBin qw($Bin); + + $ENV{'LC_TIME'} = "C"; + +-my $common_tests = 70; ++my $common_tests = 72; + my $virtual_port_tests = 8; + my $ssl_only_tests = 12; + # Check that all dependent modules are available +@@ -190,6 +190,17 @@ sub run_server { + $c->send_basic_header; + $c->send_crlf; + $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host'))); ++ } elsif ($r->url->path eq "/chunked") { ++ $c->send_basic_header; ++ $c->send_header('Transfer-Encoding', "chunked"); ++ $c->send_crlf; ++ my $chunks = ["chunked", "encoding", "test\n"]; ++ $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub { ++ my $chunk = shift @{$chunks}; ++ return unless $chunk; ++ sleep(1); ++ return($chunk); ++ })); + } else { + $c->send_error(HTTP::Status->RC_FORBIDDEN); + } +@@ -497,4 +508,9 @@ sub run_common_tests { + }; + is( $@, "", $cmd ); + ++ $cmd = "$command -u /chunked -s 'chunkedencodingtest'"; ++ eval { ++ $result = NPTest->testCmd( $cmd, 5 ); ++ }; ++ is( $@, "", $cmd ); + } + +From ab082d93fe90781309d71f3feea837dd0e32841c Mon Sep 17 00:00:00 2001 +From: Sven Nierlein +Date: Thu, 22 Dec 2022 14:58:01 +0100 +Subject: [PATCH 16/16] tests: fix chunked encoding test server + +--- + plugins/tests/check_curl.t | 29 ++++++++++++++--------------- + plugins/tests/check_http.t | 7 ++----- + 2 files changed, 16 insertions(+), 20 deletions(-) + +diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t +index 86bfb5381..72f2b7c2d 100755 +--- a/plugins/tests/check_curl.t ++++ b/plugins/tests/check_curl.t +@@ -21,7 +21,7 @@ use FindBin qw($Bin); + + $ENV{'LC_TIME'} = "C"; + +-my $common_tests = 74; ++my $common_tests = 73; + my $ssl_only_tests = 8; + # Check that all dependent modules are available + eval "use HTTP::Daemon 6.01;"; +@@ -200,17 +200,14 @@ sub run_server { + $c->send_basic_header; + $c->send_crlf; + $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host'))); +- } elsif ($r->url->path eq "/chunked") { +- $c->send_basic_header; +- $c->send_header('Transfer-Encoding', "chunked"); +- $c->send_crlf; +- my $chunks = ["chunked", "encoding", "test\n"]; +- $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub { +- my $chunk = shift @{$chunks}; +- return unless $chunk; +- sleep(1); +- return($chunk); +- })); ++ } elsif ($r->url->path eq "/chunked") { ++ my $chunks = ["chunked", "encoding", "test\n"]; ++ $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub { ++ my $chunk = shift @{$chunks}; ++ return unless $chunk; ++ sleep(1); ++ return($chunk); ++ })); + } else { + $c->send_error(HTTP::Status->RC_FORBIDDEN); + } +@@ -483,7 +480,8 @@ sub run_common_tests { + local $SIG{ALRM} = sub { die "alarm\n" }; + alarm(2); + $result = NPTest->testCmd( $cmd ); +- alarm(0); }; ++ }; ++ alarm(0); + isnt( $@, "alarm\n", $cmd ); + is( $result->return_code, 0, $cmd ); + +@@ -493,7 +491,8 @@ sub run_common_tests { + local $SIG{ALRM} = sub { die "alarm\n" }; + alarm(2); + $result = NPTest->testCmd( $cmd ); +- alarm(0); }; ++ }; ++ alarm(0); + isnt( $@, "alarm\n", $cmd ); + isnt( $result->return_code, 0, $cmd ); + +@@ -519,7 +518,7 @@ sub run_common_tests { + }; + is( $@, "", $cmd ); + +- $cmd = "$command -u /chunked -s 'chunkedencodingtest'"; ++ $cmd = "$command -u /chunked -s 'chunkedencodingtest' -d 'Transfer-Encoding: chunked'"; + eval { + $result = NPTest->testCmd( $cmd, 5 ); + }; +diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t +index 132c6659d..d766ac372 100755 +--- a/plugins/tests/check_http.t ++++ b/plugins/tests/check_http.t +@@ -12,7 +12,7 @@ use FindBin qw($Bin); + + $ENV{'LC_TIME'} = "C"; + +-my $common_tests = 72; ++my $common_tests = 71; + my $virtual_port_tests = 8; + my $ssl_only_tests = 12; + # Check that all dependent modules are available +@@ -191,9 +191,6 @@ sub run_server { + $c->send_crlf; + $c->send_response(HTTP::Response->new( 200, 'OK', undef, $r->header ('Host'))); + } elsif ($r->url->path eq "/chunked") { +- $c->send_basic_header; +- $c->send_header('Transfer-Encoding', "chunked"); +- $c->send_crlf; + my $chunks = ["chunked", "encoding", "test\n"]; + $c->send_response(HTTP::Response->new( 200, 'OK', undef, sub { + my $chunk = shift @{$chunks}; +@@ -508,7 +505,7 @@ sub run_common_tests { + }; + is( $@, "", $cmd ); + +- $cmd = "$command -u /chunked -s 'chunkedencodingtest'"; ++ $cmd = "$command -u /chunked -s 'chunkedencodingtest' -d 'Transfer-Encoding: chunked'"; + eval { + $result = NPTest->testCmd( $cmd, 5 ); + }; diff --git a/debian/patches/series b/debian/patches/series index 590ad33..b7c19b7 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -11,4 +11,5 @@ 20_check_apt_unknown_escape_sequence 21_check_http_faster_with_large_files 22_check_curl_faster_with_large_files +23_check_http_chunked_encoding 24_check_apt_usage