From 1d8d5e2c09259bec138b9fc42ed5cb4f24f83698 Mon Sep 17 00:00:00 2001 From: Matteo Corti Date: Sun, 17 Mar 2024 22:57:34 +0100 Subject: [PATCH] Fix #504 --- README.md | 1 + check_ssl_cert | 18 ++++++++++++++---- check_ssl_cert.1 | 3 +++ check_ssl_cert_icinga2.conf | 5 +++++ utils/help.txt | 1 + 5 files changed, 24 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 4b8cbf9..d29313c 100644 --- a/README.md +++ b/README.md @@ -171,6 +171,7 @@ Options: must not exceed 'days' (default 397) This check is automatic for HTTPS --nmap-bin path Path of the nmap binary to be used + --nmap-with-proxy Allow nmap to be used with a proxy --no-perf Do not show performance data --no-proxy Ignore the http_proxy and https_proxy environment variables diff --git a/check_ssl_cert b/check_ssl_cert index 16a7759..084315a 100755 --- a/check_ssl_cert +++ b/check_ssl_cert @@ -433,6 +433,7 @@ usage() { echo " This check is automatic for HTTPS" # Delimiter at 78 chars ############################################################ echo " --nmap-bin path Path of the nmap binary to be used" + echo " --nmap-with-proxy Allow nmap to be used with a proxy" echo " --no-perf Do not show performance data" echo " --no-proxy Ignore the http_proxy and https_proxy" echo " environment variables" @@ -3272,6 +3273,10 @@ parse_command_line_options() { fi shift ;; + --nmap-with-proxy) + NMAP_WITH_PROXY=1 + shift + ;; --no-perf) NO_PERF=1 shift @@ -4522,10 +4527,15 @@ main() { [ -n "${HTTPS_PROXY}" ] || [ -n "${SCLIENT_PROXY}" ] || [ -n "${CURL_PROXY}" ]; then - DISABLE_NMAP=1 - USING_A_PROXY=1 - debuglog "A proxy is specified: nmap disabled" - verboselog "A proxy is specified: nmap checks disabled" + if [ -z "${NMAP_WITH_PROXY}" ] ; then + DISABLE_NMAP=1 + USING_A_PROXY=1 + debuglog "A proxy is specified: nmap disabled" + verboselog "A proxy is specified: nmap checks disabled" + else + debuglog "A proxy is specified: nmap enabled because of --nmap-with-proxy" + verboselog "A proxy is specified: nmap enabled because of --nmap-with-proxy" + fi fi diff --git a/check_ssl_cert.1 b/check_ssl_cert.1 index f35ca6b..9ceb8ff 100644 --- a/check_ssl_cert.1 +++ b/check_ssl_cert.1 @@ -281,6 +281,9 @@ The maximum validity of the certificate must not exceed 'days' (default 397). Th .BR " --nmap-bin" " path" Path of the nmap binary to be used .TP +.BR " --nmap-with-proxy" +Allow nmap to be used with a proxy +.TP .BR " --no-perf" Do not show performance data .TP diff --git a/check_ssl_cert_icinga2.conf b/check_ssl_cert_icinga2.conf index 4c95faa..8bc1a67 100644 --- a/check_ssl_cert_icinga2.conf +++ b/check_ssl_cert_icinga2.conf @@ -394,6 +394,11 @@ object CheckCommand "ssl_cert_extended" { description = "Path of the nmap binary to be used" } + "--nmap-with-proxy" = { + value = "$ssl_cert_extended_nmap_with_proxy" + description = "Allow nmap to be used with a proxy" + } + "--no-perf" = { set_if = "$ssl_cert_extended_no_perf$" description = "Do not show performance data" diff --git a/utils/help.txt b/utils/help.txt index 64fdb6b..2bd3cd6 100644 --- a/utils/help.txt +++ b/utils/help.txt @@ -110,6 +110,7 @@ --maximum-validity [days];This check is automatic for HTTPS --maximum-validity [days];must not exceed 'days' (default 397) --nmap-bin path;Path of the nmap binary to be used +--nmap-with-proxy;Allow nmap to be used with a proxy --no-perf;Do not show performance data --no-proxy-curl;Ignore the http_proxy and https_proxy --no-proxy-curl;environment variables