Check curl detect ipv6 (#1809)

* If server_address is an IPv6 address surround it with brackets * If the message is too short, we should not have an underflow * Add simple conditional test case available if IPv6 is
2026-05-28 04:35:40 -04:00 · 2022-11-07 17:48:28 +01:00 · 2022-11-07 17:48:28 +01:00 · 4a5ddd2011
commit 4a5ddd2011
parent 8708fd21a6
3 changed files with 47 additions and 16 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@ -40,7 +40,7 @@ jobs:
              ${{ matrix.distro }} \
              /bin/sh -c '${{ matrix.prepare }} && \
                tools/setup && \
-                ./configure --enable-libtap --with-ipv6=no && \
+                ./configure --enable-libtap  --with-ipv6=no && \
                make && \
                make test'
          docker container prune -f
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@ -476,6 +476,18 @@ check_http (void)
        printf ("* curl CURLOPT_RESOLVE: %s\n", dnscache);
  }

+  // If server_address is an IPv6 address it must be surround by square brackets
+  struct in6_addr tmp_in_addr;
+  if (inet_pton(AF_INET6, server_address, &tmp_in_addr) == 1) {
+    char *new_server_address = malloc(strlen(server_address) + 3);
+    if (new_server_address == NULL) {
+      die(STATE_UNKNOWN, "HTTP UNKNOWN - Unable to allocate memory\n");
+    }
+    snprintf(new_server_address, strlen(server_address)+3, "[%s]", server_address);
+    free(server_address);
+    server_address = new_server_address;
+  }
+
  /* compose URL: use the address we want to connect to, set Host: header later */
  snprintf (url, DEFAULT_BUFFER_SIZE, "%s://%s:%d%s",
      use_ssl ? "https" : "http",
@ -999,10 +1011,12 @@ GOT_FIRST_CERT:
  result = max_state_alt(get_status(total_time, thlds), result);

  /* Cut-off trailing characters */
-  if(msg[strlen(msg)-2] == ',')
-    msg[strlen(msg)-2] = '\0';
-  else
-    msg[strlen(msg)-3] = '\0';
+  if (strlen(msg) >= 2) {
+      if(msg[strlen(msg)-2] == ',')
+        msg[strlen(msg)-2] = '\0';
+      else
+        msg[strlen(msg)-3] = '\0';
+    }

  /* TODO: separate _() msg and status code: die (result, "HTTP %s: %s\n", state_text(result), msg); */
  die (result, "HTTP %s: %s %d %s%s%s - %d bytes in %.3f second response time %s|%s\n%s%s",
--- a/plugins/t/check_curl.t
+++ b/plugins/t/check_curl.t
@ -1,15 +1,22 @@
 #! /usr/bin/perl -w -I ..
 #
-# HyperText Transfer Protocol (HTTP) Test via check_http
+# HyperText Transfer Protocol (HTTP) Test via check_curl
 #
 #

 use strict;
 use Test::More;
 use POSIX qw/mktime strftime/;
-use NPTest;

-plan tests => 57;
+use vars qw($tests $has_ipv6);
+
+BEGIN {
+    use NPTest;
+    $has_ipv6 = NPTest::has_ipv6();
+    $tests = $has_ipv6 ? 59 : 57;
+    plan tests => $tests;
+}
+

 my $successOutput = '/OK.*HTTP.*second/';

@ -18,6 +25,7 @@ my $plugin = 'check_http';
 $plugin    = 'check_curl' if $0 =~ m/check_curl/mx;

 my $host_tcp_http      = getTestParameter("NP_HOST_TCP_HTTP", "A host providing the HTTP Service (a web server)", "localhost");
+my $host_tcp_http_ipv6      = getTestParameter("NP_HOST_TCP_HTTP_IPV6", "An IPv6 address providing a HTTP Service (a web server)", "::1");
 my $host_tls_http      = getTestParameter("NP_HOST_TLS_HTTP", "A host providing the HTTPS Service (a tls web server)", "localhost");
 my $host_tls_cert      = getTestParameter("NP_HOST_TLS_CERT", "the common name of the certificate.", "localhost");
 my $host_nonresponsive = getTestParameter("NP_HOST_NONRESPONSIVE", "The hostname of system not responsive to network requests", "10.0.0.1");
@ -31,26 +39,35 @@ my $faketime = -x '/usr/bin/faketime' ? 1 : 0;


 $res = NPTest->testCmd(
-	"./$plugin $host_tcp_http -wt 300 -ct 600"
-	);
+    "./$plugin $host_tcp_http -wt 300 -ct 600"
+    );
 cmp_ok( $res->return_code, '==', 0, "Webserver $host_tcp_http responded" );
 like( $res->output, $successOutput, "Output OK" );

+if ($has_ipv6) {
+    # Test for IPv6 formatting
+    $res = NPTest->testCmd(
+        "./$plugin -I $host_tcp_http_ipv6 -wt 300 -ct 600"
+        );
+    cmp_ok( $res->return_code, '==', 0, "IPv6 URL formatting is working" );
+    like( $res->output, $successOutput, "Output OK" );
+}
+
 $res = NPTest->testCmd(
-	"./$plugin $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'"
-	);
+    "./$plugin $host_tcp_http -wt 300 -ct 600 -v -v -v -k 'bob:there' -k 'carl:frown'"
+    );
 like( $res->output, '/bob:there\r\ncarl:frown\r\n/', "Got headers with multiple -k options" );

 $res = NPTest->testCmd(
-	"./$plugin $host_nonresponsive -wt 1 -ct 2 -t 3"
-	);
+    "./$plugin $host_nonresponsive -wt 1 -ct 2 -t 3"
+    );
 cmp_ok( $res->return_code, '==', 2, "Webserver $host_nonresponsive not responding" );
 # was CRITICAL only, but both check_curl and check_http print HTTP CRITICAL (puzzle?!)
 like( $res->output, "/HTTP CRITICAL - Invalid HTTP response received from host on port 80: cURL returned 28 - Connection timed out after/", "Output OK");

 $res = NPTest->testCmd(
-	"./$plugin $hostname_invalid -wt 1 -ct 2"
-	);
+    "./$plugin $hostname_invalid -wt 1 -ct 2"
+    );
 cmp_ok( $res->return_code, '==', 2, "Webserver $hostname_invalid not valid" );
 # The first part of the message comes from the OS catalogue, so cannot check this.
 # On Debian, it is Name or service not known, on Darwin, it is No address associated with nodename