From: Jan Willamowius <jan@willamowius.de>
Date: Tue, 13 Sep 2005 13:53:18 +0000 (+0000)
Subject: check_https by Gerald Combs <gerald@zing.org>
X-Git-Tag: spong-2_8_0-beta1~23
X-Git-Url: http://git.etc.gen.nz/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=439e79a70d78e42a370805cb009ed5d3ffc38069;p=spong.git

check_https by Gerald Combs <gerald@zing.org>
---

diff --git a/src/lib/Spong/Network/plugins/check_https b/src/lib/Spong/Network/plugins/check_https
new file mode 100755
index 0000000..39d6b84
--- /dev/null
+++ b/src/lib/Spong/Network/plugins/check_https
@@ -0,0 +1,63 @@
+# Register the routine with the plugins registry
+$PLUGINS{'https'} = \&check_https;
+
+# Http is a little special in that we also check the return code.  No
+# connection and 5xx codes are red, but 4xx return codes are just yellow.
+# Also we go through a list of documents that the have been provided and check
+# each one of them to make sure the web server is behaving correctly
+
+$https = 0;
+eval "require LWP::UserAgent;";
+if( ! $@ ) {
+  eval "require Crypt::SSLeay;";
+  if( ! $@ ) { $https = 1; }
+}
+
+sub check_https {
+   my( $host ) = @_;
+   my( @https_files ) = ( @{$HTTPDOCS{"ALL"}}, @{$HTTPDOCS{$host}} );
+   my( $https_port ) = $HTTPSPORT{$host} || $HTTPSPORT{"ALL"} || 443;
+   my( $file, $tmessage ) = ( "", "" );
+   my( $color, $summary ) = ( "green", "" );
+
+   if( ! $https ) {
+      $summary = "can't do HTTPS lookups, LWP::UserAgent and/or " .
+        "Crypt::SSLeay not installed";
+      &debug( "https - $host - $color, $summary" );
+      return ( "yellow", $summary,
+           "In order to do HTTPS queries you must install the LWP::UserAgent " .
+           "and Crypt::SSLeay Perl modules.\nYou can find the modules at " .
+           "your nearest CPAN archive or http://www.perl.com/CPAN/\n" );
+   }
+
+   foreach $file ( @https_files ) {
+     my $useragent = LWP::UserAgent->new;
+     my $request =
+       HTTP::Request->new(HEAD => "https://$host:$https_port$file");
+     my $result = $useragent->request($request);
+     if ($result->is_success) {
+         my $code = $result->code;
+
+	 if( $code >= 500 ) {
+	    $color = "red"; $summary = "error - $code - $file";
+	 } elsif( $code >= 400 && $code != 401 ) {
+	    if( $color ne "red" ) {
+	       $color = "yellow"; $summary = "warning - $code - $file"; }
+	 } else { 
+	    if( $color ne "red" && $color ne "yellow" ) {
+	       $color = "green"; $summary = "ok - $code"; }
+	 }
+      } elsif( $result->is_error ) { 
+	 $color = "red"; $summary = "no response from http server";
+      } else {
+	 if( $color ne "red" ) {
+	    $color = "yellow"; $summary = "can't determine status code";}
+      }
+      $tmessage = "->HEAD $file HTTP/1.0\n" . $result->as_string . "\n";
+   }
+   
+   &debug( "https - $host - $color, $summary" );
+   return( $color, $summary, $tmessage );
+}
+
+1;
diff --git a/www/html/https.html b/www/html/https.html
new file mode 100755
index 0000000..3546b32
--- /dev/null
+++ b/www/html/https.html
@@ -0,0 +1,20 @@
+<html>
+<head>
+   <title>Son of Pong - Help https</title>
+</head>
+
+<body>
+<h1>Help - https</h1>
+
+This is a network service that some systems provide.  It is what
+web servers and browsers use to communicate over a secure, encrypted
+connection.  If this service is running on a machine, it means that
+machine has a secure web server running.  This check is performed by
+requesting the "/robots.txt" document - this is a common file that
+"web spiders" look at to see if they have permission to scan through
+the server.<p>
+
+If this service is down, users will not be able to access secure web
+pages or programs from that host.<p>
+
+</body>