From a1ec0fa3c70e9af6f5fa81b1d2129febda96b7cd Mon Sep 17 00:00:00 2001 From: janrot Date: Tue, 28 Jun 2016 18:25:42 +0200 Subject: [PATCH] added option -I (--insecure) to disable certificate validation --- README.md | 4 +++- check_http_json.py | 18 +++++++++++++----- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 63c06c5..abd4d6f 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ Executing `./check_http_json.py -h` will yield the following details: ``` usage: check_http_json.py [-h] [-d] [-s] -H HOST [-P PORT] [-p PATH] - [-t TIMEOUT] [-B AUTH] [-D DATA] [-A HEADERS] + [-t TIMEOUT] [-B AUTH] [-D DATA] [-A HEADERS] [-I] [-f SEPARATOR] [-w [KEY_THRESHOLD_WARNING [KEY_THRESHOLD_WARNING ...]]] [-c [KEY_THRESHOLD_CRITICAL [KEY_THRESHOLD_CRITICAL ...]]] @@ -44,6 +44,7 @@ optional arguments: -D DATA, --data DATA The http payload to send as a POST -A HEADERS, --headers HEADERS The http headers in JSON format. + -I, --insecure Do not validate certificates -f SEPARATOR, --field_separator SEPARATOR Json Field separator, defaults to "." ; Select element in an array with "(" ")" @@ -81,6 +82,7 @@ optional arguments: formats for this parameter are: (key[>alias]), (key[>alias],UnitOfMeasure), (key[>alias],UnitOfMeasure,WarnRange,CriticalRange). + ``` ## Examples diff --git a/check_http_json.py b/check_http_json.py index 76a3eb9..aed3726 100755 --- a/check_http_json.py +++ b/check_http_json.py @@ -7,9 +7,10 @@ Generic Nagios plugin which checks json values from a given endpoint against arg and determines the status and performance data for that service. """ -import httplib, urllib, urllib2, base64 +import urllib2, base64 import json import argparse +import ssl import sys from pprint import pprint from urllib2 import HTTPError @@ -276,6 +277,7 @@ def parseArgs(): parser.add_argument('-B', '--basic-auth', dest='auth', help='Basic auth string "username:password"') parser.add_argument('-D', '--data', dest='data', help='The http payload to send as a POST') parser.add_argument('-A', '--headers', dest='headers', help='The http headers in JSON format.') + parser.add_argument('-I', '--insecure', dest='insecure', help='Do not validate certificates', action='store_true') parser.add_argument('-f', '--field_separator', dest='separator', help='Json Field separator, defaults to "." ; Select element in an array with "(" ")"') parser.add_argument('-w', '--warning', dest='key_threshold_warning', nargs='*', @@ -405,6 +407,12 @@ if __name__ == "__main__": if args.path: url += "/%s" % args.path debugPrint(args.debug, "url:%s" % url) # Attempt to reach the endpoint + + ctx = ssl.create_default_context() + if args.insecure: + ctx.check_hostname = False + ctx.verify_mode = ssl.CERT_NONE + try: req = urllib2.Request(url) req.add_header("User-Agent", "nagios-http-json") @@ -417,13 +425,13 @@ if __name__ == "__main__": for header in headers: req.add_header(header, headers[header]) if args.timeout and args.data: - response = urllib2.urlopen(req, timeout=args.timeout, data=args.data) + response = urllib2.urlopen(req, timeout=args.timeout, data=args.data, context=ctx) elif args.timeout: - response = urllib2.urlopen(req, timeout=args.timeout) + response = urllib2.urlopen(req, timeout=args.timeout, context=ctx) elif args.data: - response = urllib2.urlopen(req, data=args.data) + response = urllib2.urlopen(req, data=args.data, context=ctx) else: - response = urllib2.urlopen(req) + response = urllib2.urlopen(req, context=ctx) except HTTPError as e: nagios.append_unknown("HTTPError[%s], url:%s" % (str(e.code), url)) except URLError as e: