upstream/monitoring-plugins
1
0
Fork 0
mirror of https://github.com/monitoring-plugins/monitoring-plugins.git synced 2026-04-24 07:39:14 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

check_curl: check certificates and exit before checking for curl_easy_perform result (#2239)
Some checks failed
CodeQL / Analyze (push) Has been cancelled
Details
Spellcheck / codespell (push) Has been cancelled
Details
Tests / Running unit and integrationt tests (push) Has been cancelled
Details
Tests / Running rpm build test on almalinux:9 (push) Has been cancelled
Details
Tests / Running rpm build test on fedora:latest (push) Has been cancelled
Details
Tests / Running rpm build test on rockylinux:8 (push) Has been cancelled
Details
Tests Debian:Testing and Fedora:Rawhide / Running unit and integrationt tests (push) Has been cancelled
Details
Tests Debian:Testing and Fedora:Rawhide / Running rpm build test on fedora:rawhide (push) Has been cancelled
Details

Browse source 
* check certificates first, before the return code of curl_easy_perform

* fix typo

* simply the comment for the change

details go into PR request.
This commit is contained in:
inqrphl 2026-03-13 17:06:59 +01:00 committed by GitHub
parent b9cd60ec3a
commit a9e23d05a6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 25 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
plugins/check_curl.c
View file

@ -239,10 +239,35 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
// ==============
CURLcode res = curl_easy_perform(curl_state.curl);
if (verbose > 1) {
printf("* curl_easy_perform returned: %s\n", curl_easy_strerror(res));
}
if (verbose >= 2 && workingState.http_post_data) {
printf("**** REQUEST CONTENT ****\n%s\n", workingState.http_post_data);
}
// curl_state is updated after curl_easy_perform, and with updated curl_state certificate checks can be done
// Check_http tries to check certs as early as possible, and exits with certificate check result by default. Behave similarly.
#ifdef LIBCURL_FEATURE_SSL
if (workingState.use_ssl && config.check_cert) {
if (verbose > 1) {
printf("* adding a subcheck for the certificate\n");
}
mp_subcheck sc_certificate = check_curl_certificate_checks(
curl_state.curl, cert, config.days_till_exp_warn, config.days_till_exp_crit);
mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
if (!config.continue_after_check_cert) {
if (verbose > 1) {
printf("* returning after adding the subcheck for certificate, continuing after "
"checking the certificate is turned off\n");
}
return sc_result;
}
}
#endif
mp_subcheck sc_curl = mp_subcheck_init();
/* Curl errors, result in critical Nagios state */
@ -283,18 +308,6 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
// Evaluation
// ==========
#ifdef LIBCURL_FEATURE_SSL
if (workingState.use_ssl && config.check_cert) {
mp_subcheck sc_certificate = check_curl_certificate_checks(
curl_state.curl, cert, config.days_till_exp_warn, config.days_till_exp_crit);
mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
if (!config.continue_after_check_cert) {
return sc_result;
}
}
#endif
/* we got the data and we executed the request in a given time, so we can append
* performance data to the answer always
*/