Module: monitoring-plugins
Branch: master
Commit: 613cb60c96e21eaafb82b80a6b6d84b1b1f9729f
Author: Lorenz Kästle <[email protected]>
Committer: GitHub <[email protected]>
Date: Wed Apr 8 17:21:44 2026 +0200
URL:
https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=613cb60c
check_curl: Clean up (#2252)
* check_curl: remove unused variables
* check_curl: run formatter on related files
* check_curl_helpers: make code a bit more understandable
* check_curl helpers: general api cleanup and code style
---
plugins/check_curl.c | 88 ++++---
plugins/check_curl.d/check_curl_helpers.c | 374 ++++++++++++++++++------------
plugins/check_curl.d/check_curl_helpers.h | 30 ++-
plugins/t/check_curl.t | 44 ++--
plugins/tests/check_curl.t | 4 +-
5 files changed, 324 insertions(+), 216 deletions(-)
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index f63cdea2..b168cbcd 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -247,8 +247,9 @@ mp_subcheck check_http(const check_curl_config config,
check_curl_working_state
printf("**** REQUEST CONTENT ****\n%s\n",
workingState.http_post_data);
}
- // curl_state is updated after curl_easy_perform, and with updated
curl_state certificate checks can be done
- // Check_http tries to check certs as early as possible, and exits
with certificate check result by default. Behave similarly.
+ // curl_state is updated after curl_easy_perform, and with updated
curl_state certificate checks
+ // can be done Check_http tries to check certs as early as possible,
and exits with certificate
+ // check result by default. Behave similarly.
#ifdef LIBCURL_FEATURE_SSL
if (workingState.use_ssl && config.check_cert) {
if (verbose > 1) {
@@ -1546,8 +1547,8 @@ void print_help(void) {
printf(" %s\n", "-I, --IP-address=ADDRESS");
printf(" %s\n",
"IP address or name (use numeric address if possible to
bypass DNS lookup).");
- printf(" %s\n",
- "This overwrites the network address of the target while
leaving everything else (HTTP headers) as they are");
+ printf(" %s\n", "This overwrites the network address of the target
while leaving everything "
+ "else (HTTP headers) as they are");
printf(" %s\n", "-p, --port=INTEGER");
printf(" %s", _("Port number (default: "));
printf("%d)\n", HTTP_PORT);
@@ -1611,7 +1612,8 @@ void print_help(void) {
printf(" %s\n", _("String to expect in the content"));
printf(" %s\n", "-u, --url=PATH");
printf(" %s\n", _("URL to GET or POST (default: /)"));
- printf(" %s\n", _("This is the part after the address in a URL, so
for \"https://example.com/index.html\"; it would be '-u /index.html'"));
+ printf(" %s\n", _("This is the part after the address in a URL, so
for "
+
"\"https://example.com/index.html\"; it would be '-u /index.html'"));
printf(" %s\n", "-P, --post=STRING");
printf(" %s\n", _("URL decoded http POST data"));
printf(" %s\n",
@@ -1643,11 +1645,12 @@ void print_help(void) {
printf(" %s\n", _("If port is not specified, libcurl defaults to
1080"));
printf(" %s\n", _("This value will be set as CURLOPT_PROXY"));
printf(" %s\n", "--noproxy=COMMA_SEPARATED_LIST");
- printf(" %s\n", _("Specify hostnames, addresses and subnets where
proxy should not be used"));
+ printf(" %s\n",
+ _("Specify hostnames, addresses and subnets where proxy
should not be used"));
printf(" %s\n", _("Example usage:
\"example.com,::1,1.1.1.1,localhost,192.168.0.0/16\""));
printf(" %s\n", _("Do not use brackets when specifying IPv6
addresses"));
printf(" %s\n", _("Special case when an item is '*' : matches all
hosts/addresses "
- "and effectively disables proxy."));
+ "and effectively disables
proxy."));
printf(" %s\n", _("This value will be set as CURLOPT_NOPROXY"));
printf(" %s\n", "-a, --authorization=AUTH_PAIR");
printf(" %s\n", _("Username:password on sites with basic
authentication"));
@@ -1757,38 +1760,59 @@ void print_help(void) {
#endif
printf("\n %s\n", "CHECK WEBSERVER CONTENT VIA PROXY:");
- printf(" %s\n", _("Proxies are specified or disabled for certain
hosts/addresses using environment variables"
- " or -x/--proxy and --noproxy arguments:"));
- printf(" %s\n", _("Checked environment variables: all_proxy,
http_proxy, https_proxy, no_proxy"));
- printf(" %s\n", _("Environment variables can also be given in
uppercase, but the lowercase ones will "
- "take predence if both are
defined."));
- printf(" %s\n", _("The environment variables are overwritten by
-x/--proxy and --noproxy arguments:"));
+ printf(" %s\n", _("Proxies are specified or disabled for certain
hosts/addresses using "
+ "environment variables"
+ " or -x/--proxy and --noproxy
arguments:"));
+ printf(" %s\n",
+ _("Checked environment variables: all_proxy, http_proxy,
https_proxy, no_proxy"));
+ printf(" %s\n",
+ _("Environment variables can also be given in uppercase, but
the lowercase ones will "
+ "take predence if both are defined."));
+ printf(" %s\n",
+ _("The environment variables are overwritten by -x/--proxy
and --noproxy arguments:"));
printf(" %s\n", _("all_proxy/ALL_PROXY environment variables are read
first, but protocol "
- "specific environment variables
override them."));
- printf(" %s\n", _("If SSL is enabled and used, https_proxy/HTTPS_PROXY
will be checked and overwrite "
- "http_proxy/HTTPS_PROXY."));
- printf(" %s\n", _("Curl accepts proxies using http, https, socks4,
socks4a, socks5 and socks5h schemes."));
- printf(" %s\n", _("http_proxy=http://192.168.100.35:3128 ./check_curl
-H www.monitoring-plugins.org"));
- printf(" %s\n", _("http_proxy=http://used.proxy.com
HTTP_PROXY=http://ignored.proxy.com ./check_curl -H
www.monitoring-plugins.org"));
+ "specific environment variables
override them."));
+ printf(" %s\n",
+ _("If SSL is enabled and used, https_proxy/HTTPS_PROXY will
be checked and overwrite "
+ "http_proxy/HTTPS_PROXY."));
+ printf(
+ " %s\n",
+ _("Curl accepts proxies using http, https, socks4, socks4a,
socks5 and socks5h schemes."));
+ printf(" %s\n",
+ _("http_proxy=http://192.168.100.35:3128 ./check_curl -H
www.monitoring-plugins.org"));
+ printf(" %s\n", _("http_proxy=http://used.proxy.com
HTTP_PROXY=http://ignored.proxy.com "
+ "./check_curl -H
www.monitoring-plugins.org"));
printf(" %s\n", _(" Lowercase http_proxy takes predence over uppercase
HTTP_PROXY"));
printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x
http://192.168.100.35:3128";));
- printf(" %s\n", _("http_proxy=http://unused.proxy1.com
HTTP_PROXY=http://unused.proxy2.com ./check_curl "
- "-H www.monitoring-plugins.org --proxy
http://used.proxy";));
- printf(" %s\n", _(" Proxy specified by --proxy overrides any proxy
specified by environment variable."));
+ printf(" %s\n",
+ _("http_proxy=http://unused.proxy1.com
HTTP_PROXY=http://unused.proxy2.com ./check_curl "
+ "-H www.monitoring-plugins.org --proxy
http://used.proxy";));
+ printf(
+ " %s\n",
+ _(" Proxy specified by --proxy overrides any proxy specified
by environment variable."));
printf(" %s\n", _(" Curl uses port 1080 by default as port is not
specified"));
- printf(" %s\n", _("HTTPS_PROXY=http://192.168.100.35:3128 ./check_curl
-H www.monitoring-plugins.org --ssl"));
+ printf(" %s\n", _("HTTPS_PROXY=http://192.168.100.35:3128 ./check_curl
-H "
+ "www.monitoring-plugins.org --ssl"));
printf(" %s\n", _(" HTTPS_PROXY is read as --ssl is toggled"));
- printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org --proxy
socks5h://192.168.122.21"));
- printf(" %s\n", _("./check_curl -H www.monitoring-plugins.org -x
http://unused.proxy.com --noproxy '*'"));
+ printf(" %s\n",
+ _("./check_curl -H www.monitoring-plugins.org --proxy
socks5h://192.168.122.21"));
+ printf(
+ " %s\n",
+ _("./check_curl -H www.monitoring-plugins.org -x
http://unused.proxy.com --noproxy '*'"));
printf(" %s\n", _(" Disabled proxy for all hosts by using '*' in
no_proxy ."));
- printf(" %s\n", _("NO_PROXY=www.monitoring-plugins.org ./check_curl -H
www.monitoring-plugins.org -x http://unused.proxy.com";));
+ printf(" %s\n", _("NO_PROXY=www.monitoring-plugins.org ./check_curl -H "
+ "www.monitoring-plugins.org -x
http://unused.proxy.com";));
printf(" %s\n", _(" Exact matches with the hostname/address work."));
- printf(" %s\n", _("no_proxy=192.168.178.0/24 ./check_curl -I
192.168.178.10 -x http://proxy.acme.org";));
- printf(" %s\n", _("no_proxy=acme.org ./check_curl -H
nonpublic.internalwebapp.acme.org -x http://proxy.acme.org";));
- printf(" %s\n", _(" Do not use proxy when accessing internal
domains/addresses, but use a default proxy when accessing public web."));
- printf(" %s\n", _(" IMPORTANT: Check_curl can not always determine
whether itself or the proxy will "
- "resolve a hostname before sending a request and getting an
answer."
- "This can lead to DNS resolvation issues if hostname is only
resolvable over proxy."));
+ printf(" %s\n",
+ _("no_proxy=192.168.178.0/24 ./check_curl -I 192.168.178.10
-x http://proxy.acme.org";));
+ printf(" %s\n", _("no_proxy=acme.org ./check_curl -H
nonpublic.internalwebapp.acme.org -x "
+ "http://proxy.acme.org";));
+ printf(" %s\n", _(" Do not use proxy when accessing internal
domains/addresses, but use a "
+ "default proxy when accessing public
web."));
+ printf(" %s\n",
+ _(" IMPORTANT: Check_curl can not always determine whether
itself or the proxy will "
+ "resolve a hostname before sending a request and
getting an answer."
+ "This can lead to DNS resolvation issues if hostname
is only resolvable over proxy."));
printf(" %s\n", _("Legacy proxy requests in check_http style still
work:"));
printf(" %s\n", _("check_curl -I 192.168.100.35 -p 3128 -u
http://www.monitoring-plugins.org/ "
"-H www.monitoring-plugins.org"));
diff --git a/plugins/check_curl.d/check_curl_helpers.c
b/plugins/check_curl.d/check_curl_helpers.c
index 4372dc0b..f23dbdb7 100644
--- a/plugins/check_curl.d/check_curl_helpers.c
+++ b/plugins/check_curl.d/check_curl_helpers.c
@@ -60,8 +60,8 @@ check_curl_configure_curl(const check_curl_static_curl_config
config,
result.curl_state.curl_easy_initialized = true;
if (verbose >= 1) {
-
handle_curl_option_return_code(curl_easy_setopt(result.curl_state.curl,
CURLOPT_VERBOSE, 1L),
-
"CURLOPT_VERBOSE");
+ handle_curl_option_return_code(
+ curl_easy_setopt(result.curl_state.curl,
CURLOPT_VERBOSE, 1L), "CURLOPT_VERBOSE");
}
/* print everything on stdout like check_http would do */
@@ -120,21 +120,23 @@ check_curl_configure_curl(const
check_curl_static_curl_config config,
"CURLOPT_TIMEOUT");
/* set proxy */
- /* http(s) proxy can either be given from the command line, or taken
from environment variables */
+ /* http(s) proxy can either be given from the command line, or taken
from environment variables
+ */
/* socks4(a) / socks5(h) proxy should be given using the command line */
/* first source to check is the environment variables */
- /* lower case proxy environment variables are almost always accepted,
while some programs also checking
- uppercase ones. discover both, but take the lowercase one if both are
present */
+ /* lower case proxy environment variables are almost always accepted,
while some programs also
+ checking uppercase ones. discover both, but take the lowercase one if
both are present */
- /* extra information: libcurl does not discover the uppercase version
HTTP_PROXY due to security reasons */
+ /* extra information: libcurl does not discover the uppercase version
HTTP_PROXY due to security
+ * reasons */
/*
https://github.com/curl/curl/blob/d445f2d930ae701039518d695481ee53b8490521/lib/url.c#L1987
*/
- /* first environment variable to read is all_proxy. it can be
overridden by protocol specific environment variables */
- char *all_proxy_env, *all_proxy_uppercase_env;
- all_proxy_env = getenv("all_proxy");
- all_proxy_uppercase_env = getenv("ALL_PROXY");
- if (all_proxy_env != NULL && strlen(all_proxy_env)){
+ /* first environment variable to read is all_proxy. it can be
overridden by protocol specific
+ * environment variables */
+ char *all_proxy_env = getenv("all_proxy");
+ char *all_proxy_uppercase_env = getenv("ALL_PROXY");
+ if (all_proxy_env != NULL && strlen(all_proxy_env)) {
working_state.curlopt_proxy = strdup(all_proxy_env);
if (all_proxy_uppercase_env != NULL && verbose >= 1) {
printf("* cURL ignoring environment variable
'ALL_PROXY' as 'all_proxy' is set\n");
@@ -143,15 +145,16 @@ check_curl_configure_curl(const
check_curl_static_curl_config config,
working_state.curlopt_proxy = strdup(all_proxy_uppercase_env);
}
- /* second environment variable to read is http_proxy. only set
curlopt_proxy if ssl is not toggled */
- char *http_proxy_env, *http_proxy_uppercase_env;
- http_proxy_env = getenv("http_proxy");
- http_proxy_uppercase_env = getenv("HTTP_PROXY");
- if (!working_state.use_ssl){
+ /* second environment variable to read is http_proxy. only set
curlopt_proxy if ssl is not
+ * toggled */
+ char *http_proxy_env = getenv("http_proxy");
+ char *http_proxy_uppercase_env = getenv("HTTP_PROXY");
+ if (!working_state.use_ssl) {
if (http_proxy_env != NULL && strlen(http_proxy_env) > 0) {
working_state.curlopt_proxy = strdup(http_proxy_env);
if (http_proxy_uppercase_env != NULL && verbose >= 1) {
- printf("* cURL ignoring environment variable
'HTTP_PROXY' as 'http_proxy' is set\n");
+ printf(
+ "* cURL ignoring environment variable
'HTTP_PROXY' as 'http_proxy' is set\n");
}
} else if (http_proxy_uppercase_env != NULL &&
strlen(http_proxy_uppercase_env) > 0) {
working_state.curlopt_proxy =
strdup(http_proxy_uppercase_env);
@@ -159,30 +162,31 @@ check_curl_configure_curl(const
check_curl_static_curl_config config,
}
#ifdef LIBCURL_FEATURE_SSL
/* optionally read https_proxy environment variable and set
curlopt_proxy if ssl is toggled */
- char *https_proxy_env, *https_proxy_uppercase_env;
- https_proxy_env = getenv("https_proxy");
- https_proxy_uppercase_env = getenv("HTTPS_PROXY");
+ char *https_proxy_env = getenv("https_proxy");
+ char *https_proxy_uppercase_env = getenv("HTTPS_PROXY");
if (working_state.use_ssl) {
if (https_proxy_env != NULL && strlen(https_proxy_env) > 0) {
working_state.curlopt_proxy = strdup(https_proxy_env);
if (https_proxy_uppercase_env != NULL && verbose >= 1) {
- printf("* cURL ignoring environment variable
'HTTPS_PROXY' as 'https_proxy' is set\n");
+ printf(
+ "* cURL ignoring environment variable
'HTTPS_PROXY' as 'https_proxy' is set\n");
}
- }
- else if (https_proxy_uppercase_env != NULL &&
strlen(https_proxy_uppercase_env) >= 0) {
+ } else if (https_proxy_uppercase_env != NULL) {
working_state.curlopt_proxy =
strdup(https_proxy_uppercase_env);
}
}
#endif /* LIBCURL_FEATURE_SSL */
- /* second source to check for proxies is command line argument,
overwriting the environment variables */
+ /* second source to check for proxies is command line argument,
overwriting the environment
+ * variables */
if (strlen(config.proxy) > 0) {
working_state.curlopt_proxy = strdup(config.proxy);
}
- if (working_state.curlopt_proxy != NULL &&
strlen(working_state.curlopt_proxy)){
+ if (working_state.curlopt_proxy != NULL &&
strlen(working_state.curlopt_proxy)) {
handle_curl_option_return_code(
- curl_easy_setopt(result.curl_state.curl, CURLOPT_PROXY,
working_state.curlopt_proxy), "CURLOPT_PROXY");
+ curl_easy_setopt(result.curl_state.curl, CURLOPT_PROXY,
working_state.curlopt_proxy),
+ "CURLOPT_PROXY");
if (verbose >= 1) {
printf("* curl CURLOPT_PROXY: %s\n",
working_state.curlopt_proxy);
}
@@ -190,34 +194,35 @@ check_curl_configure_curl(const
check_curl_static_curl_config config,
/* set no_proxy */
/* first source to check is environment variables */
- char *no_proxy_env, *no_proxy_uppercase_env;
- no_proxy_env = getenv("no_proxy");
- no_proxy_uppercase_env = getenv("NO_PROXY");
- if (no_proxy_env != NULL && strlen(no_proxy_env)){
+ char *no_proxy_env = getenv("no_proxy");
+ char *no_proxy_uppercase_env = getenv("NO_PROXY");
+ if (no_proxy_env != NULL && strlen(no_proxy_env)) {
working_state.curlopt_noproxy = strdup(no_proxy_env);
- if (no_proxy_uppercase_env != NULL && verbose >= 1){
+ if (no_proxy_uppercase_env != NULL && verbose >= 1) {
printf("* cURL ignoring environment variable 'NO_PROXY'
as 'no_proxy' is set\n");
}
- }else if (no_proxy_uppercase_env != NULL &&
strlen(no_proxy_uppercase_env) > 0){
+ } else if (no_proxy_uppercase_env != NULL &&
strlen(no_proxy_uppercase_env) > 0) {
working_state.curlopt_noproxy = strdup(no_proxy_uppercase_env);
}
- /* second source to check for no_proxy is command line argument,
overwriting the environment variables */
+ /* second source to check for no_proxy is command line argument,
overwriting the environment
+ * variables */
if (strlen(config.no_proxy) > 0) {
working_state.curlopt_noproxy = strdup(config.no_proxy);
}
- if ( working_state.curlopt_noproxy != NULL &&
strlen(working_state.curlopt_noproxy)){
- handle_curl_option_return_code(
- curl_easy_setopt(result.curl_state.curl,
CURLOPT_NOPROXY, working_state.curlopt_noproxy), "CURLOPT_NOPROXY");
+ if (working_state.curlopt_noproxy != NULL &&
strlen(working_state.curlopt_noproxy)) {
+
handle_curl_option_return_code(curl_easy_setopt(result.curl_state.curl,
CURLOPT_NOPROXY,
+
working_state.curlopt_noproxy),
+
"CURLOPT_NOPROXY");
if (verbose >= 1) {
printf("* curl CURLOPT_NOPROXY: %s\n",
working_state.curlopt_noproxy);
}
}
- int proxy_resolves_hostname =
determine_hostname_resolver(working_state, config);
+ bool have_local_resolution =
hostname_gets_resolved_locally(working_state);
if (verbose >= 1) {
- printf("* proxy_resolves_hostname: %d\n",
proxy_resolves_hostname);
+ printf("* have local name resolution: %s\n",
(have_local_resolution ? "true": "false"));
}
/* enable haproxy protocol */
@@ -231,7 +236,7 @@ check_curl_configure_curl(const
check_curl_static_curl_config config,
/* host_name, only required for ssl, because we use the host_name later
on to make SNI happy */
char dnscache[DEFAULT_BUFFER_SIZE];
char addrstr[DEFAULT_BUFFER_SIZE / 2];
- if (working_state.use_ssl && working_state.host_name != NULL &&
!proxy_resolves_hostname ) {
+ if (working_state.use_ssl && working_state.host_name != NULL &&
!have_local_resolution) {
char *tmp_mod_address;
/* lookup_host() requires an IPv6 address without the brackets.
*/
@@ -682,7 +687,7 @@ char *get_header_value(const struct phr_header *headers,
const size_t nof_header
return NULL;
}
-check_curl_working_state check_curl_working_state_init() {
+check_curl_working_state check_curl_working_state_init(void) {
check_curl_working_state result = {
.server_address = NULL,
.server_url = DEFAULT_SERVER_URL,
@@ -699,7 +704,7 @@ check_curl_working_state check_curl_working_state_init() {
return result;
}
-check_curl_config check_curl_config_init() {
+check_curl_config check_curl_config_init(void) {
check_curl_config tmp = {
.initial_config = check_curl_working_state_init(),
@@ -1404,10 +1409,10 @@ char *fmt_url(check_curl_working_state workingState) {
return url;
}
-int determine_hostname_resolver(const check_curl_working_state working_state,
const check_curl_static_curl_config config){
+bool hostname_gets_resolved_locally(const check_curl_working_state
working_state) {
char *host_name_display = "NULL";
unsigned long host_name_len = 0;
- if( working_state.host_name){
+ if (working_state.host_name) {
host_name_len = strlen(working_state.host_name);
host_name_display = working_state.host_name;
}
@@ -1415,8 +1420,11 @@ int determine_hostname_resolver(const
check_curl_working_state working_state, co
/* IPv4 or IPv6 version of the address */
char *server_address_clean = strdup(working_state.server_address);
/* server address might be a full length ipv6 address encapsulated in
square brackets */
- if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) &&
(working_state.server_address[0] == '[') &&
(working_state.server_address[strlen(working_state.server_address)-1] == ']') )
{
- server_address_clean = strndup( working_state.server_address +
1, strlen(working_state.server_address) - 2);
+ if ((strnlen(working_state.server_address, MAX_IPV4_HOSTLENGTH) > 2) &&
+ (working_state.server_address[0] == '[') &&
+
(working_state.server_address[strlen(working_state.server_address) - 1] ==
']')) {
+ server_address_clean =
+ strndup(working_state.server_address + 1,
strlen(working_state.server_address) - 2);
}
/* check curlopt_noproxy option first */
@@ -1427,79 +1435,90 @@ int determine_hostname_resolver(const
check_curl_working_state working_state, co
IPv4 or IPv6 CIDR regions e.g 10.241.0.0/16 , abcd:ef01:2345::/48 ,
direct hostnames e.g example.com, google.de */
- if (working_state.curlopt_noproxy != NULL){
- char* curlopt_noproxy_copy = strdup(
working_state.curlopt_noproxy);
- char* noproxy_item = strtok(curlopt_noproxy_copy, ",");
- while(noproxy_item != NULL){
+ if (working_state.curlopt_noproxy != NULL) {
+ char *curlopt_noproxy_copy =
strdup(working_state.curlopt_noproxy);
+ char *noproxy_item = strtok(curlopt_noproxy_copy, ",");
+ while (noproxy_item != NULL) {
unsigned long noproxy_item_len = strlen(noproxy_item);
/* According to the CURLOPT_NOPROXY documentation: */
/* https://curl.se/libcurl/c/CURLOPT_NOPROXY.html */
- /* The only wildcard available is a single * character,
which matches all hosts, and effectively disables the proxy. */
- if ( strlen(noproxy_item) == 1 && noproxy_item[0] ==
'*'){
- if (verbose >= 1){
- printf("* noproxy includes '*' which
disables proxy for all host name incl. : %s / server address incl. : %s\n",
host_name_display , server_address_clean);
+ /* The only wildcard available is a single * character,
which matches all hosts, and
+ * effectively disables the proxy. */
+ if (strlen(noproxy_item) == 1 && noproxy_item[0] ==
'*') {
+ if (verbose >= 1) {
+ printf("* noproxy includes '*' which
disables proxy for all host name incl. : "
+ "%s / server address incl. :
%s\n",
+ host_name_display,
server_address_clean);
}
free(curlopt_noproxy_copy);
free(server_address_clean);
- return 0;
+ return true;
}
/* direct comparison with the server_address */
- if( server_address_clean != NULL &&
strlen(server_address_clean) == strlen(noproxy_item) &&
strcmp(server_address_clean, noproxy_item) == 0){
- if (verbose >= 1){
+ if (server_address_clean != NULL &&
+ strlen(server_address_clean) ==
strlen(noproxy_item) &&
+ strcmp(server_address_clean, noproxy_item) ==
0) {
+ if (verbose >= 1) {
printf("* server_address is in the
no_proxy list: %s\n", noproxy_item);
}
free(curlopt_noproxy_copy);
free(server_address_clean);
- return 0;
+ return true;
}
/* direct comparison with the host_name */
- if( working_state.host_name != NULL && host_name_len ==
noproxy_item_len && strcmp(working_state.host_name, noproxy_item) == 0){
- if (verbose >= 1){
+ if (working_state.host_name != NULL && host_name_len ==
noproxy_item_len &&
+ strcmp(working_state.host_name, noproxy_item)
== 0) {
+ if (verbose >= 1) {
printf("* host_name is in the no_proxy
list: %s\n", noproxy_item);
}
free(curlopt_noproxy_copy);
free(server_address_clean);
- return 0;
+ return true;
}
- /* check if hostname is a subdomain of the item, e.g
www.example.com when token is example.com */
- /* subdomain1.acme.com will not will use a proxy if you
only specify 'acme' in the noproxy */
+ /* check if hostname is a subdomain of the item, e.g
www.example.com when token is
+ * example.com */
+ /* subdomain1.acme.com will not will use a proxy if you
only specify 'acme' in the
+ * noproxy */
/* check if noproxy_item is a suffix */
/* check if the character just before the suffix is '.'
*/
- if( working_state.host_name != NULL && host_name_len >
noproxy_item_len){
+ if (working_state.host_name != NULL && host_name_len >
noproxy_item_len) {
unsigned long suffix_start_idx = host_name_len
- noproxy_item_len;
- if (strcmp(working_state.host_name +
suffix_start_idx, noproxy_item ) == 0 &&
working_state.host_name[suffix_start_idx-1] == '.' ){
- if (verbose >= 1){
- printf("* host_name: %s is a
subdomain of the no_proxy list item: %s\n", working_state.host_name ,
noproxy_item);
+ if (strcmp(working_state.host_name +
suffix_start_idx, noproxy_item) == 0 &&
+
working_state.host_name[suffix_start_idx - 1] == '.') {
+ if (verbose >= 1) {
+ printf("* host_name: %s is a
subdomain of the no_proxy list item: %s\n",
+
working_state.host_name, noproxy_item);
}
free(curlopt_noproxy_copy);
free(server_address_clean);
- return 0;
+ return true;
}
}
// noproxy_item could be a CIDR IP range
- if( server_address_clean != NULL &&
strlen(server_address_clean)){
-
- int ip_addr_inside_cidr_ret =
ip_addr_inside_cidr(noproxy_item, server_address_clean);
-
- switch(ip_addr_inside_cidr_ret){
- case 1:
- return 0;
- break;
- case 0:
- if(verbose >= 1){
- printf("server address: %s is
not inside IP cidr: %s\n", server_address_clean, noproxy_item);
+ if (server_address_clean != NULL &&
strlen(server_address_clean)) {
+ ip_addr_inside ip_addr_inside_cidr_ret =
+ ip_addr_inside_cidr(noproxy_item,
server_address_clean);
+
+ if (ip_addr_inside_cidr_ret.error == NO_ERROR) {
+ if (ip_addr_inside_cidr_ret.inside) {
+ return true;
+ } else {
+ if (verbose >= 1) {
+ printf("server address:
%s is not inside IP cidr: %s\n",
+
server_address_clean, noproxy_item);
+ }
}
- break;
- case -1:
- if(verbose >= 1){
- printf("could not fully
determine if server address: %s is inside the IP cidr: %s\n",
server_address_clean, noproxy_item);
+ } else {
+ if (verbose >= 1) {
+ printf("could not fully
determine if server address: %s is inside the IP "
+ "cidr: %s\n",
+
server_address_clean, noproxy_item);
}
- break;
}
}
@@ -1509,82 +1528,97 @@ int determine_hostname_resolver(const
check_curl_working_state working_state, co
free(curlopt_noproxy_copy);
}
- if (working_state.curlopt_proxy != NULL){
+ if (working_state.curlopt_proxy != NULL) {
// Libcurl documentation
- // Setting the proxy string to "" (an empty string) explicitly
disables the use of a proxy, even if there is an environment variable set for
it.
- if ( strlen(working_state.curlopt_proxy) == 0){
- return 0;
+ // Setting the proxy string to "" (an empty string) explicitly
disables the use of a proxy,
+ // even if there is an environment variable set for it.
+ if (strlen(working_state.curlopt_proxy) == 0) {
+ return true;
}
- if ( strncmp( working_state.curlopt_proxy, "http://";, 7) == 0){
- if (verbose >= 1){
- printf("* proxy scheme is http, proxy: %s
resolves host: %s or server_address: %s\n", working_state.curlopt_proxy,
host_name_display, server_address_clean);
+ if (strncmp(working_state.curlopt_proxy, "http://";, 7) == 0) {
+ if (verbose >= 1) {
+ printf(
+ "* proxy scheme is http, proxy: %s
resolves host: %s or server_address: %s\n",
+ working_state.curlopt_proxy,
host_name_display, server_address_clean);
}
free(server_address_clean);
- return 1;
+ return false;
}
- if ( strncmp( working_state.curlopt_proxy, "https://";, 8) == 0){
- if (verbose >= 1){
- printf("* proxy scheme is https, proxy: %s
resolves host: %s or server_address: %s\n", working_state.curlopt_proxy,
host_name_display, server_address_clean);
+ if (strncmp(working_state.curlopt_proxy, "https://";, 8) == 0) {
+ if (verbose >= 1) {
+ printf(
+ "* proxy scheme is https, proxy: %s
resolves host: %s or server_address: %s\n",
+ working_state.curlopt_proxy,
host_name_display, server_address_clean);
}
free(server_address_clean);
- return 1;
+ return false;
}
- if ( strncmp( working_state.curlopt_proxy, "socks4://", 9) ==
0){
- if (verbose >= 1){
- printf("* proxy scheme is socks, proxy: %s does
not resolve host: %s or server_address: %s\n", working_state.curlopt_proxy,
host_name_display, server_address_clean);
+ if (strncmp(working_state.curlopt_proxy, "socks4://", 9) == 0) {
+ if (verbose >= 1) {
+ printf("* proxy scheme is socks, proxy: %s does
not resolve host: %s or "
+ "server_address: %s\n",
+ working_state.curlopt_proxy,
host_name_display, server_address_clean);
}
free(server_address_clean);
- return 0;
+ return true;
}
- if ( strncmp( working_state.curlopt_proxy, "socks4a://", 10) ==
0){
- if (verbose >= 1){
- printf("* proxy scheme is socks4a, proxy: %s
resolves host: %s or server_address: %s\n", working_state.curlopt_proxy,
host_name_display, server_address_clean);
+ if (strncmp(working_state.curlopt_proxy, "socks4a://", 10) ==
0) {
+ if (verbose >= 1) {
+ printf("* proxy scheme is socks4a, proxy: %s
resolves host: %s or server_address: "
+ "%s\n",
+ working_state.curlopt_proxy,
host_name_display, server_address_clean);
}
free(server_address_clean);
- return 1;
+ return false;
}
- if ( strncmp( working_state.curlopt_proxy, "socks5://", 9) ==
0){
- if (verbose >= 1){
- printf("* proxy scheme is socks5, proxy: %s
does not resolve host: %s or server_address: %s\n",
working_state.curlopt_proxy, host_name_display, server_address_clean);
+ if (strncmp(working_state.curlopt_proxy, "socks5://", 9) == 0) {
+ if (verbose >= 1) {
+ printf("* proxy scheme is socks5, proxy: %s
does not resolve host: %s or "
+ "server_address: %s\n",
+ working_state.curlopt_proxy,
host_name_display, server_address_clean);
}
free(server_address_clean);
- return 0;
+ return true;
}
- if ( strncmp( working_state.curlopt_proxy, "socks5h://", 10) ==
0){
- if (verbose >= 1){
- printf("* proxy scheme is socks5h, proxy: %s
resolves host: %s or server_address: %s\n", working_state.curlopt_proxy,
host_name_display, server_address_clean);
+ if (strncmp(working_state.curlopt_proxy, "socks5h://", 10) ==
0) {
+ if (verbose >= 1) {
+ printf("* proxy scheme is socks5h, proxy: %s
resolves host: %s or server_address: "
+ "%s\n",
+ working_state.curlopt_proxy,
host_name_display, server_address_clean);
}
free(server_address_clean);
- return 1;
+ return false;
}
// Libcurl documentation:
- // Without a scheme prefix, CURLOPT_PROXYTYPE can be used to
specify which kind of proxy the string identifies.
- // We do not set this value
- // Without a scheme, it is treated as an http proxy
+ // Without a scheme prefix, CURLOPT_PROXYTYPE can be used to
specify which kind of proxy the
+ // string identifies. We do not set this value Without a
scheme, it is treated as an http
+ // proxy
- return 1;
+ return false;
}
- if (verbose >= 1){
- printf("* proxy scheme is unknown/unavailable, no proxy is
assumed for host: %s or server_address: %s\n", host_name_display,
server_address_clean);
+ if (verbose >= 1) {
+ printf("* proxy scheme is unknown/unavailable, no proxy is
assumed for host: %s or "
+ "server_address: %s\n",
+ host_name_display, server_address_clean);
}
free(server_address_clean);
return 0;
}
-int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char*
target_ip){
+ip_addr_inside ip_addr_inside_cidr(const char *cidr_region_or_ip_addr, const
char *target_ip) {
unsigned int slash_count = 0;
unsigned int last_slash_idx = 0;
- for(size_t i = 0; i < strlen(cidr_region_or_ip_addr); i++){
- if(cidr_region_or_ip_addr[i] == '/'){
+ for (size_t i = 0; i < strlen(cidr_region_or_ip_addr); i++) {
+ if (cidr_region_or_ip_addr[i] == '/') {
slash_count++;
last_slash_idx = (unsigned int)i;
}
@@ -1592,48 +1626,67 @@ int ip_addr_inside_cidr(const char*
cidr_region_or_ip_addr, const char* target_i
char *cidr_ip_part = NULL;
int prefix_length = 0;
+ ip_addr_inside result = {
+ .inside = false,
+ .error = NO_ERROR,
+ };
if (slash_count == 0) {
cidr_ip_part = strdup(cidr_region_or_ip_addr);
- if (!cidr_ip_part) return -1;
+ if (!cidr_ip_part) {
+ result.error = FAILED_STRDUP;
+ return result;
+ }
} else if (slash_count == 1) {
cidr_ip_part = strndup(cidr_region_or_ip_addr, last_slash_idx);
- if (!cidr_ip_part) return -1;
+ if (!cidr_ip_part) {
+ result.error = FAILED_STRDUP;
+ return result;
+ }
errno = 0;
long long tmp = strtoll(cidr_region_or_ip_addr + last_slash_idx
+ 1, NULL, 10);
if (errno == ERANGE) {
if (verbose >= 1) {
- printf("cidr_region_or_ip: %s , could not parse
subnet length\n", cidr_region_or_ip_addr);
+ printf("cidr_region_or_ip: %s , could not parse
subnet length\n",
+ cidr_region_or_ip_addr);
}
free(cidr_ip_part);
- return -1;
+ result.error = COULD_NOT_PARSE_SUBNET_LENGTH;
+ return result;
}
prefix_length = (int)tmp;
} else {
- printf("cidr_region_or_ip: %s , has %d number of '/'
characters, is not a valid cidr_region or IP\n", cidr_region_or_ip_addr,
slash_count);
- return -1;
+ if (verbose >= 1) {
+ printf("cidr_region_or_ip: %s , has %d number of '/'
characters, is not a valid "
+ "cidr_region or IP\n",
+ cidr_region_or_ip_addr, slash_count);
+ }
+ result.error = CIDR_REGION_INVALID;
+ return result;
}
int cidr_addr_family, target_addr_family;
- if (strchr(cidr_ip_part, ':')){
+ if (strchr(cidr_ip_part, ':')) {
cidr_addr_family = AF_INET6;
} else {
cidr_addr_family = AF_INET;
}
- if (strchr(target_ip, ':')){
+ if (strchr(target_ip, ':')) {
target_addr_family = AF_INET6;
} else {
target_addr_family = AF_INET;
}
- if (cidr_addr_family != target_addr_family){
- if (verbose >= 1){
- printf("cidr address: %s and target ip address: %s have
different address families\n", cidr_ip_part, target_ip);
+ if (cidr_addr_family != target_addr_family) {
+ if (verbose >= 1) {
+ printf("cidr address: %s and target ip address: %s have
different address families\n",
+ cidr_ip_part, target_ip);
}
free(cidr_ip_part);
- return 0;
+ result.inside = false;
+ return result;
}
// If no prefix is given, treat the cidr as a single address
(full-length prefix)
@@ -1644,14 +1697,17 @@ int ip_addr_inside_cidr(const char*
cidr_region_or_ip_addr, const char* target_i
int max_bits = (cidr_addr_family == AF_INET) ? 32u : 128u;
if (prefix_length < 0 || prefix_length > max_bits) {
if (verbose >= 1) {
- printf("cidr_region_or_ip: %s has invalid prefix
length: %u\n", cidr_region_or_ip_addr, prefix_length);
+ printf("cidr_region_or_ip: %s has invalid prefix
length: %u\n", cidr_region_or_ip_addr,
+ prefix_length);
}
free(cidr_ip_part);
- return -1;
+ result.error = CIDR_REGION_INVALID_PREFIX;
+ return result;
}
- if (verbose >= 1){
- printf("cidr_region_or_ip: %s , has prefix length: %u\n",
cidr_region_or_ip_addr, prefix_length);
+ if (verbose >= 1) {
+ printf("cidr_region_or_ip: %s , has prefix length: %u\n",
cidr_region_or_ip_addr,
+ prefix_length);
}
int inet_pton_rc;
@@ -1659,7 +1715,6 @@ int ip_addr_inside_cidr(const char*
cidr_region_or_ip_addr, const char* target_i
uint8_t *target_bytes = NULL;
uint8_t cidr_buf[16];
uint8_t target_buf[16];
- size_t total_bytes = 0;
if (cidr_addr_family == AF_INET) {
struct in_addr cidr_ipv4;
@@ -1667,49 +1722,55 @@ int ip_addr_inside_cidr(const char*
cidr_region_or_ip_addr, const char* target_i
inet_pton_rc = inet_pton(AF_INET, cidr_ip_part, &cidr_ipv4);
if (inet_pton_rc != 1) {
if (verbose >= 1) {
- printf("ip string: %s contains characters not
valid for its address family: IPv4\n", cidr_ip_part);
+ printf("ip string: %s contains characters not
valid for its address family: IPv4\n",
+ cidr_ip_part);
}
free(cidr_ip_part);
- return -1;
+ result.error = IP_CONTAINS_INVALID_CHARACTERS;
+ return result;
}
inet_pton_rc = inet_pton(AF_INET, target_ip, &target_ipv4);
if (inet_pton_rc != 1) {
if (verbose >= 1) {
- printf("ip string: %s contains characters not
valid for its address family: IPv4\n", target_ip);
+ printf("ip string: %s contains characters not
valid for its address family: IPv4\n",
+ target_ip);
}
free(cidr_ip_part);
- return -1;
+ result.error = IP_CONTAINS_INVALID_CHARACTERS;
+ return result;
}
// copy the addresses in network byte order to a buffer for
comparison
memcpy(cidr_buf, &cidr_ipv4.s_addr, 4);
memcpy(target_buf, &target_ipv4.s_addr, 4);
cidr_bytes = cidr_buf;
target_bytes = target_buf;
- total_bytes = 4;
} else {
struct in6_addr cidr_ipv6;
struct in6_addr target_ipv6;
inet_pton_rc = inet_pton(AF_INET6, cidr_ip_part, &cidr_ipv6);
if (inet_pton_rc != 1) {
if (verbose >= 1) {
- printf("ip string: %s contains characters not
valid for its address family: IPv6\n", cidr_ip_part);
+ printf("ip string: %s contains characters not
valid for its address family: IPv6\n",
+ cidr_ip_part);
}
free(cidr_ip_part);
- return -1;
+ result.error = IP_CONTAINS_INVALID_CHARACTERS;
+ return result;
}
inet_pton_rc = inet_pton(AF_INET6, target_ip, &target_ipv6);
if (inet_pton_rc != 1) {
if (verbose >= 1) {
- printf("ip string: %s contains characters not
valid for its address family: IPv6\n", target_ip);
+ printf("ip string: %s contains characters not
valid for its address family: IPv6\n",
+ target_ip);
}
free(cidr_ip_part);
- return -1;
+ result.error = IP_CONTAINS_INVALID_CHARACTERS;
+ return result;
}
memcpy(cidr_buf, &cidr_ipv6, 16);
memcpy(target_buf, &target_ipv6, 16);
cidr_bytes = cidr_buf;
target_bytes = target_buf;
- total_bytes = 16;
}
int prefix_bytes = prefix_length / 8;
@@ -1718,10 +1779,13 @@ int ip_addr_inside_cidr(const char*
cidr_region_or_ip_addr, const char* target_i
if (prefix_bytes > 0) {
if (memcmp(cidr_bytes, target_bytes, (size_t)prefix_bytes) !=
0) {
if (verbose >= 1) {
- printf("the first %d bytes of the
cidr_region_or_ip: %s and target_ip: %s are different\n", prefix_bytes,
cidr_ip_part, target_ip);
+ printf("the first %d bytes of the
cidr_region_or_ip: %s and target_ip: %s are "
+ "different\n",
+ prefix_bytes, cidr_ip_part,
target_ip);
}
free(cidr_ip_part);
- return 0;
+ result.inside = false;
+ return result;
}
}
@@ -1732,13 +1796,19 @@ int ip_addr_inside_cidr(const char*
cidr_region_or_ip_addr, const char* target_i
uint8_t mask = (uint8_t)(0xFFu << (8 - prefix_bits));
if ((cidr_oct & mask) != (target_oct & mask)) {
if (verbose >= 1) {
- printf("looking at the last %d bits of the
prefix, cidr_region_or_ip(%s) byte is: %u and target_ip byte(%s) is: %u,
applying bitmask: %02X returns different results\n", prefix_bits, cidr_ip_part,
(unsigned)cidr_oct, target_ip, (unsigned)target_oct, mask);
+ printf("looking at the last %d bits of the
prefix, cidr_region_or_ip(%s) byte is: "
+ "%u and target_ip byte(%s) is: %u,
applying bitmask: %02X returns different "
+ "results\n",
+ prefix_bits, cidr_ip_part,
(unsigned)cidr_oct, target_ip,
+ (unsigned)target_oct, mask);
}
free(cidr_ip_part);
- return 0;
+ result.inside = false;
+ return result;
}
}
free(cidr_ip_part);
- return 1;
+ result.inside = true;
+ return result;
}
diff --git a/plugins/check_curl.d/check_curl_helpers.h
b/plugins/check_curl.d/check_curl_helpers.h
index cc47bf9d..55df9bc1 100644
--- a/plugins/check_curl.d/check_curl_helpers.h
+++ b/plugins/check_curl.d/check_curl_helpers.h
@@ -127,11 +127,25 @@ mp_subcheck check_curl_certificate_checks(CURL *curl,
X509 *cert, int warn_days_
int crit_days_till_exp);
char *fmt_url(check_curl_working_state workingState);
-
-/* function that will determine if the host or the proxy resolves the target
hostname
-returns 0 if requester resolves the hostname locally, 1 if proxy resolves the
hostname */
-int determine_hostname_resolver(const check_curl_working_state working_state,
const check_curl_static_curl_config config);
-
-/* Checks if an IP is inside given CIDR region. Using /protocol_size or not
specifying the prefix length performs an equality check. Supports both IPv4 and
IPv6
-returns 1 if the target_ip address is inside the given cidr_region_or_ip_addr,
0 if its out. return codes < 0 mean an error has occurred. */
-int ip_addr_inside_cidr(const char* cidr_region_or_ip_addr, const char*
target_ip);
+/* determine_hostname_resolver determines if the host or the proxy resolves
the target hostname
+returns RESOLVE_LOCALLY if requester resolves the hostname locally,
RESOLVE_REMOTELY if proxy
+resolves the hostname */
+bool hostname_gets_resolved_locally(const check_curl_working_state
working_state);
+
+/* Checks if an IP is inside given CIDR region. Using /protocol_size or not
specifying the prefix
+length performs an equality check. Supports both IPv4 and IPv6 returns 1 if
the target_ip address is
+inside the given cidr_region_or_ip_addr, 0 if its out. return codes < 0 mean
an error has occurred.
+*/
+typedef enum {
+ NO_ERROR,
+ FAILED_STRDUP,
+ COULD_NOT_PARSE_SUBNET_LENGTH,
+ CIDR_REGION_INVALID,
+ CIDR_REGION_INVALID_PREFIX,
+ IP_CONTAINS_INVALID_CHARACTERS,
+} ip_addr_inside_error_code;
+typedef struct {
+ bool inside;
+ ip_addr_inside_error_code error;
+} ip_addr_inside;
+ip_addr_inside ip_addr_inside_cidr(const char *cidr_region_or_ip_addr, const
char *target_ip);
diff --git a/plugins/t/check_curl.t b/plugins/t/check_curl.t
index a8326f12..0f4d0de7 100644
--- a/plugins/t/check_curl.t
+++ b/plugins/t/check_curl.t
@@ -238,100 +238,100 @@ SKIP: {
# Test if proxy works
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy
http://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used,
there are no preventative measures ");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used, there are no preventative measures ");
is( $res->return_code, 0, "Using proxy
http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy
http://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used,
there are no preventative measures ");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used, there are no preventative measures ");
is( $res->return_code, 0, "Using proxy
http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv4 works"
);
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy
http://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used,
there are no preventative measures ");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used, there are no preventative measures ");
is( $res->return_code, 0, "Using proxy
http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_ipv6 works"
);
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http2 --proxy
http://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used,
there are no preventative measures ");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used, there are no preventative measures ");
is( $res->return_code, 0, "Using proxy
http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http2 works" );
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy
http://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used,
there are no preventative measures ");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used, there are no preventative measures ");
is( $res->return_code, 0, "Using proxy
http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http_subdomain
works" );
$res = NPTest->testCmd( "./$plugin -H $host_tls_http --proxy
http://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used,
there are no preventative measures ");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used, there are no preventative measures ");
is( $res->return_code, 0, "Using proxy
http://$host_tcp_proxy:$port_tcp_proxy to connect to $host_tls_http works" );
# Noproxy '*' should prevent using proxy in any setting, even if its
specified
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since noproxy has \"\*\" ");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since noproxy has \"\*\" ");
is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or
without proxy." );
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since noproxy has \"\*\" ");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since noproxy has \"\*\" ");
is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or
without proxy." );
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy \"\*\" -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since noproxy has \"\*\" ");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since noproxy has \"\*\" ");
is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or
without proxy." );
# Noproxy domain should prevent using proxy for subdomains of that domain
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http_subdomain --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since subdomain: $host_tcp_http_subdomain is under a noproxy domain:
$host_tcp_http");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since subdomain: $host_tcp_http_subdomain is under a noproxy domain:
$host_tcp_http");
is( $res->return_code, 0, "Should reach $host_tcp_http_subdomain with or
without proxy." );
# Noproxy should prevent using IP matches if an IP is found directly
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4 -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since IP address: $host_tcp_http_ipv4 is added into noproxy:
$host_tcp_http_ipv4");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since IP address: $host_tcp_http_ipv4 is added into noproxy:
$host_tcp_http_ipv4");
is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or
without proxy." );
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6 -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since IP address: $host_tcp_http_ipv6 is added into noproxy:
$host_tcp_http_ipv6");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since IP address: $host_tcp_http_ipv6 is added into noproxy:
$host_tcp_http_ipv6");
is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or
without proxy." );
# Noproxy should prevent using IP matches if a CIDR region that contains
that Ip is used directly.
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_1 -v"
);
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since IP address: $host_tcp_http_ipv4 is inside CIDR range:
$host_tcp_http_ipv4_cidr_1");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since IP address: $host_tcp_http_ipv4 is inside CIDR range:
$host_tcp_http_ipv4_cidr_1");
is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or
without proxy." );
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv4 --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv4_cidr_2 -v"
);
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since IP address: $host_tcp_http_ipv4 is inside CIDR range:
$host_tcp_http_ipv4_cidr_2");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since IP address: $host_tcp_http_ipv4 is inside CIDR range:
$host_tcp_http_ipv4_cidr_2");
is( $res->return_code, 0, "Should reach $host_tcp_http_ipv4 with or
without proxy." );
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_1 -v
" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since IP address: $host_tcp_http_ipv6 is inside CIDR range:
$host_tcp_http_ipv6_cidr_1");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since IP address: $host_tcp_http_ipv6 is inside CIDR range:
$host_tcp_http_ipv6_cidr_1");
is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or
without proxy." );
$res = NPTest->testCmd( "./$plugin -I $host_tcp_http_ipv6 --proxy
http://$host_tcp_proxy:$port_tcp_proxy --noproxy $host_tcp_http_ipv6_cidr_2 -v"
);
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
since IP address: $host_tcp_http_ipv6 is inside CIDR range:
$host_tcp_http_ipv6_cidr_2");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used since IP address: $host_tcp_http_ipv6 is inside CIDR range:
$host_tcp_http_ipv6_cidr_2");
is( $res->return_code, 0, "Should reach $host_tcp_http_ipv6 with or
without proxy." );
# Noproxy should discern over different types of proxy schemes
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy
http://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for
resolving hostname, and is using scheme http ");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used for resolving hostname, and is using scheme http ");
is( $res->return_code, 0, "Using proxy
http:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy
https://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for
resolving hostname, and is using scheme https");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used for resolving hostname, and is using scheme https");
# Squid is not configured for https
# is( $res->return_code, 0, "Using proxy
https:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy
socks4://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
for resolving hostname, and is using scheme socks4");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used for resolving hostname, and is using scheme socks4");
# Squid is not configured for socks4
# is( $res->return_code, 0, "Using proxy
socks4:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy
socks4a://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for
resolving hostname, and is using scheme socks4a");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used for resolving hostname, and is using scheme socks4a");
# Squid is not configured for socks4a
# is( $res->return_code, 0, "Using proxy
socks4a:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy
socks5://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 0/m, "proxy is not used
for resolving hostname, and is using scheme socks5");
+ like($res->output, qr/^\* have local name resolution: true/m, "proxy is
not used for resolving hostname, and is using scheme socks5");
# Squid is not configured for socks5
# is( $res->return_code, 0, "Using proxy
socks5:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
$res = NPTest->testCmd( "./$plugin -H $host_tcp_http --proxy
socks5h://$host_tcp_proxy:$port_tcp_proxy -v" );
- like($res->output, qr/^\* proxy_resolves_hostname: 1/m, "proxy is used for
resolving hostname, and is using scheme socks5h");
+ like($res->output, qr/^\* have local name resolution: false/m, "proxy is
used for resolving hostname, and is using scheme socks5h");
# Squid is not configured for socks5h
# is( $res->return_code, 0, "Using proxy
socks5h:$host_tcp_proxy:$port_tcp_proxy to connect to $host_tcp_http works" );
}
diff --git a/plugins/tests/check_curl.t b/plugins/tests/check_curl.t
index e027b6f4..d0a866cb 100755
--- a/plugins/tests/check_curl.t
+++ b/plugins/tests/check_curl.t
@@ -833,12 +833,12 @@ sub run_common_tests {
$cmd = "$command -u /statuscode/200 --proxy
http://proxy.example.com:8080 --noproxy '*' -v";
$result = NPTest->testCmd( $cmd );
is( $result->return_code, 0, $cmd);
- like( $result->output, '/.*proxy_resolves_hostname: 0.*/',
"Proxy will not be used due to '*' in noproxy: ".$result->output );
+ like( $result->output, '/.*have local name resolution:
true.*/', "Proxy will not be used due to '*' in noproxy: ".$result->output );
$cmd = "$command -u /statuscode/200 --proxy
http://proxy.example.com:8080 --noproxy '127.0.0.1' -v";
$result = NPTest->testCmd( $cmd );
is( $result->return_code, 0, $cmd);
- like( $result->output, '/.*proxy_resolves_hostname: 0.*/',
"Proxy will not be used due to '127.0.0.1' in noproxy: ".$result->output );
+ like( $result->output, '/.*have local name resolution:
true.*/', "Proxy will not be used due to '127.0.0.1' in noproxy:
".$result->output );
}
}
