Module: monitoring-plugins
Branch: master
Commit: a9e23d05a6c0180b76cc5dc796c8892aaa5ddd3e
Author: inqrphl <[email protected]>
Committer: GitHub <[email protected]>
Date: Fri Mar 13 17:06:59 2026 +0100
URL:
https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=a9e23d05
check_curl: check certificates and exit before checking for curl_easy_perform
result (#2239)
* check certificates first, before the return code of curl_easy_perform
* fix typo
* simply the comment for the change
details go into PR request.
---
plugins/check_curl.c | 37 +++++++++++++++++++++++++------------
1 file changed, 25 insertions(+), 12 deletions(-)
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index 4a1fb647..f63cdea2 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -239,10 +239,35 @@ mp_subcheck check_http(const check_curl_config config,
check_curl_working_state
// ==============
CURLcode res = curl_easy_perform(curl_state.curl);
+ if (verbose > 1) {
+ printf("* curl_easy_perform returned: %s\n",
curl_easy_strerror(res));
+ }
+
if (verbose >= 2 && workingState.http_post_data) {
printf("**** REQUEST CONTENT ****\n%s\n",
workingState.http_post_data);
}
+ // curl_state is updated after curl_easy_perform, and with updated
curl_state certificate checks can be done
+ // Check_http tries to check certs as early as possible, and exits
with certificate check result by default. Behave similarly.
+#ifdef LIBCURL_FEATURE_SSL
+ if (workingState.use_ssl && config.check_cert) {
+ if (verbose > 1) {
+ printf("* adding a subcheck for the certificate\n");
+ }
+ mp_subcheck sc_certificate = check_curl_certificate_checks(
+ curl_state.curl, cert, config.days_till_exp_warn,
config.days_till_exp_crit);
+
+ mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
+ if (!config.continue_after_check_cert) {
+ if (verbose > 1) {
+ printf("* returning after adding the subcheck
for certificate, continuing after "
+ "checking the certificate is turned
off\n");
+ }
+ return sc_result;
+ }
+ }
+#endif
+
mp_subcheck sc_curl = mp_subcheck_init();
/* Curl errors, result in critical Nagios state */
@@ -283,18 +308,6 @@ mp_subcheck check_http(const check_curl_config config,
check_curl_working_state
// Evaluation
// ==========
-#ifdef LIBCURL_FEATURE_SSL
- if (workingState.use_ssl && config.check_cert) {
- mp_subcheck sc_certificate = check_curl_certificate_checks(
- curl_state.curl, cert, config.days_till_exp_warn,
config.days_till_exp_crit);
-
- mp_add_subcheck_to_subcheck(&sc_result, sc_certificate);
- if (!config.continue_after_check_cert) {
- return sc_result;
- }
- }
-#endif
-
/* we got the data and we executed the request in a given time, so we
can append
* performance data to the answer always
*/
