check_curl crashes when a (broken) http server returns invalid http header with
leading spaces or double colons. This PR adds a fix and a test case for this.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
the certificate used to test expired http checks is to old to be used
with recent ssl libraries and results in:
> SSL routines:SSL_CTX_use_certificate:ee key too small
unfortunatly the error is only visible when setting $IO::Socket::SSL::DEBUG in
the check_http.t file.
There are different declarations for timeout_interval:
lib/utils_base.c has the definition:
unsigned int timeout_interval = DEFAULT_SOCKET_TIMEOUT;
lib/utils_base.h has the appropiate declaration:
extern unsigned int timeout_interval;
plugins/popen.h has an extra declaration:
extern unsigned int timeout_interval;
This doesn't hurt, but it's a dupe. The one in utils_base.h
should be enough, so remove this one.
plugins/popen.c has a WRONG one:
extern int timeout_interval;
Remove it!
Use #include "utils.h" to get the right one.
This makes the local defines for max/min unnecassary, so
remove them also.
If _SC_OPEN_MAX is available then maxfd was zero initialized and never set to the value from sysconf.
This leads to segfaults with free(): invalid size introduced by commit 7cafb0e845.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
The help text says that -H accepts a "unix socket (must be an absolute
path)". Now that actually corresponds to reality.
Signed-off-by: Robin Sonefors <robin.sonefors@op5.com>
When check_by_ssh runs into a timeout it simply exits keeping all child processes running.
Simply adopting the kill loop from runcmd_timeout_alarm_handler() fixes this.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
The check_snmp rate tests depend on the exact amount of time spend between the
plugin runs and will fail on busy machines, ex. the ci servers. Using faketime
mitigates this issue and also removes all the sleeps.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
When SSL is enabled, n is assigned the size of the server's second EHLO
response (I think in bytes), which will usually be significantly higher
than the command passed. As such, no commands are executed and no responses
are checked, which - silently - defeats the desired checks and results in a
success value.
