upstream/monitoring-plugins
1
0
Fork 0
mirror of https://github.com/monitoring-plugins/monitoring-plugins.git synced 2026-03-23 19:03:04 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Revert "check certificates first, before the return code of curl_easy_perform"

Browse source 
This reverts commit 7c2fd30a1e.
This commit is contained in:
Ahmet Ozturk 2026-03-02 15:09:11 +01:00
parent 7c2fd30a1e
commit de92f63ec1
1 changed files with 12 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
plugins/check_curl.c
View file

@ -239,40 +239,10 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
// ==============
CURLcode res = curl_easy_perform(curl_state.curl);
if (verbose > 1) {
printf("* curl_easy_perform returned: %s\n", curl_easy_strerror(res));
}
if (verbose >= 2 && workingState.http_post_data) {
printf("**** REQUEST CONTENT ****\n%s\n", workingState.http_post_data);
}
/* If SSL cert checking is enabled, check the certs before checking for curl errors.
* curl_state is updated after curl_easy_perform, and a cert check can be done at this point
* check_http tries to check certs as early as possible, and returns afterwards unless
* continue_after_check_cert is enabled. there may be servers with valid certificates
* that return erroneus responses, but check_http returns OK since it only concerned with
* certificates. Behave similarly here and check CURLcode after certificates.
*/
#ifdef LIBCURL_FEATURE_SSL
if (workingState.use_ssl && config.check_cert) {
if (verbose > 1) {
printf("* adding a subcheck for the certificate\n");
}
mp_subcheck sc_certificate = check_curl_certificate_checks(
curl_state.curl, cert, config.days_till_exp_warn, config.days_till_exp_crit);
mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
if (!config.continue_after_check_cert) {
if (verbose > 1) {
printf("* returning after adding the subcheck for certificate, continuing after "
"checking the certificate is turned off\n");
}
return sc_result;
}
}
#endif
mp_subcheck sc_curl = mp_subcheck_init();
/* Curl errors, result in critical Nagios state */
@ -313,6 +283,18 @@ mp_subcheck check_http(const check_curl_config config, check_curl_working_state
// Evaluation
// ==========
#ifdef LIBCURL_FEATURE_SSL
if (workingState.use_ssl && config.check_cert) {
mp_subcheck sc_certificate = check_curl_certificate_checks(
curl_state.curl, cert, config.days_till_exp_warn, config.days_till_exp_crit);
mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
if (!config.continue_after_check_cert) {
return sc_result;
}
}
#endif
/* we got the data and we executed the request in a given time, so we can append
* performance data to the answer always
*/