diff --git a/apps/protocols/ssh/mode/login.pm b/apps/protocols/ssh/mode/login.pm new file mode 100644 index 000000000..c5f73b194 --- /dev/null +++ b/apps/protocols/ssh/mode/login.pm @@ -0,0 +1,149 @@ +# +# Copyright 2017 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::protocols::ssh::mode::login; + +use base qw(centreon::plugins::templates::counter); + +use strict; +use warnings; + +my $instance_mode; + +sub custom_status_threshold_output { + my ($self, %options) = @_; + my $status = 'ok'; + my $message; + + eval { + local $SIG{__WARN__} = sub { $message = $_[0]; }; + local $SIG{__DIE__} = sub { $message = $_[0]; }; + + if (defined($instance_mode->{option_results}->{critical_status}) && $instance_mode->{option_results}->{critical_status} ne '' && + eval "$instance_mode->{option_results}->{critical_status}") { + $status = 'critical'; + } elsif (defined($instance_mode->{option_results}->{warning_status}) && $instance_mode->{option_results}->{warning_status} ne '' && + eval "$instance_mode->{option_results}->{warning_status}") { + $status = 'warning'; + } + }; + if (defined($message)) { + $self->{output}->output_add(long_msg => 'filter status issue: ' . $message); + } + + return $status; +} + +sub custom_status_output { + my ($self, %options) = @_; + + my $msg = sprintf("%s", $self->{result_values}->{message}); + return $msg; +} + +sub custom_status_calc { + my ($self, %options) = @_; + + $self->{result_values}->{message} = $options{new_datas}->{$self->{instance} . '_message'}; + $self->{result_values}->{status} = $options{new_datas}->{$self->{instance} . '_status'}; + return 0; +} + +sub set_counters { + my ($self, %options) = @_; + + $self->{maps_counters_type} = [ + { name => 'global', type => 0 }, + ]; + $self->{maps_counters}->{global} = [ + { label => 'status', threshold => 0, set => { + key_values => [ { name => 'status' }, { name => 'message' } ], + closure_custom_calc => $self->can('custom_status_calc'), + closure_custom_output => $self->can('custom_status_output'), + closure_custom_perfdata => sub { return 0; }, + closure_custom_threshold_check => $self->can('custom_status_threshold_output'), + } + }, + ]; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '1.0'; + $options{options}->add_options(arguments => + { + "warning-status:s" => { name => 'warning_status', default => '' }, + "critical-status:s" => { name => 'critical_status', default => '%{message} !~ /authentification succeeded/i' }, + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + $instance_mode = $self; + $self->change_macros(); +} + +sub change_macros { + my ($self, %options) = @_; + + foreach (('warning_status', 'critical_status')) { + if (defined($self->{option_results}->{$_})) { + $self->{option_results}->{$_} =~ s/%\{(.*?)\}/\$self->{result_values}->{$1}/g; + } + } +} + +sub manage_selection { + my ($self, %options) = @_; + + my $result = $options{custom}->login(); + $self->{global} = { %$result }; +} + +1; + +__END__ + +=head1 MODE + +Check SSH connection. + +=over 8 + +=item B<--warning-status> + +Set warning threshold for status. +Can used special variables like: %{status}, %{message} + +=item B<--critical-status> + +Set critical threshold for status (Default: '%{message} !~ /authentification succeeded/i' +Can used special variables like: %{status}, %{message} + +=back + +=cut diff --git a/apps/protocols/ssh/plugin.pm b/apps/protocols/ssh/plugin.pm new file mode 100644 index 000000000..1e299d451 --- /dev/null +++ b/apps/protocols/ssh/plugin.pm @@ -0,0 +1,52 @@ +# +# Copyright 2017 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package apps::protocols::ssh::plugin; + +use strict; +use warnings; +use base qw(centreon::plugins::script_custom); + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '0.1'; + %{$self->{modes}} = ( + 'login' => 'apps::protocols::ssh::mode::login', + ); + + $self->{custom_modes}{api} = 'centreon::common::protocols::ssh::custom::api'; + return $self; +} + +1; + +__END__ + +=head1 PLUGIN DESCRIPTION + +Check a SSH server. + +Need Libssh perl: +https://github.com/garnier-quentin/perl-libssh + +=cut diff --git a/centreon/common/protocols/ssh/custom/api.pm b/centreon/common/protocols/ssh/custom/api.pm new file mode 100644 index 000000000..6e323c3b9 --- /dev/null +++ b/centreon/common/protocols/ssh/custom/api.pm @@ -0,0 +1,201 @@ +# +# Copyright 2017 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package centreon::common::protocols::ssh::custom::api; + +use strict; +use warnings; +use Libssh::Session qw(:all); + +sub new { + my ($class, %options) = @_; + my $self = {}; + bless $self, $class; + + if (!defined($options{output})) { + print "Class Custom: Need to specify 'output' argument.\n"; + exit 3; + } + if (!defined($options{options})) { + $options{output}->add_option_msg(short_msg => "Class Custom: Need to specify 'options' argument."); + $options{output}->option_exit(); + } + + if (!defined($options{noptions})) { + $options{options}->add_options(arguments => + { + "hostname:s@" => { name => 'hostname' }, + "port:s@" => { name => 'port' }, + "timeout:s@" => { name => 'timeout' }, + "ssh-username:s@" => { name => 'ssh_username' }, + "ssh-password:s@" => { name => 'ssh_password' }, + "ssh-dir:s@" => { name => 'ssh_dir' }, + "ssh-identity:s@" => { name => 'ssh_identity' }, + "ssh-skip-serverkey-issue" => { name => 'ssh_skip_serverkey_issue' }, + }); + } + $options{options}->add_help(package => __PACKAGE__, sections => 'SSH OPTIONS', once => 1); + + $self->{output} = $options{output}; + $self->{mode} = $options{mode}; + + $self->{ssh} = undef; + return $self; +} + +sub set_options { + my ($self, %options) = @_; + + $self->{option_results} = $options{option_results}; +} + +sub set_defaults { + my ($self, %options) = @_; + + foreach (keys %{$options{default}}) { + if ($_ eq $self->{mode}) { + for (my $i = 0; $i < scalar(@{$options{default}->{$_}}); $i++) { + foreach my $opt (keys %{$options{default}->{$_}[$i]}) { + if (!defined($self->{option_results}->{$opt}[$i])) { + $self->{option_results}->{$opt}[$i] = $options{default}->{$_}[$i]->{$opt}; + } + } + } + } + } +} + +sub check_options { + my ($self, %options) = @_; + + $self->{hostname} = (defined($self->{option_results}->{hostname})) ? shift(@{$self->{option_results}->{hostname}}) : undef; + $self->{port} = (defined($self->{option_results}->{port})) ? shift(@{$self->{option_results}->{port}}) : 22; + $self->{timeout} = (defined($self->{option_results}->{timeout})) ? shift(@{$self->{option_results}->{timeout}}) : 10; + $self->{ssh_username} = (defined($self->{option_results}->{ssh_username})) ? shift(@{$self->{option_results}->{ssh_username}}) : undef; + $self->{ssh_password} = (defined($self->{option_results}->{ssh_password})) ? shift(@{$self->{option_results}->{ssh_password}}) : undef; + $self->{ssh_dir} = (defined($self->{option_results}->{ssh_dir})) ? shift(@{$self->{option_results}->{ssh_dir}}) : undef; + $self->{ssh_identity} = (defined($self->{option_results}->{ssh_identity})) ? shift(@{$self->{option_results}->{ssh_identity}}) : undef; + $self->{ssh_skip_serverkey_issue} = defined($self->{option_results}->{ssh_skip_serverkey_issue}) ? 1 : 0; + + if (!defined($self->{hostname}) || $self->{hostname} eq '') { + $self->{output}->add_option_msg(short_msg => "Please set option --hostname."); + $self->{output}->option_exit(); + } + + if (!defined($self->{hostname}) || + scalar(@{$self->{option_results}->{hostname}}) == 0) { + return 0; + } + return 1; +} + +sub login { + my ($self, %options) = @_; + + my $result = { status => 0, message => 'authentification succeeded' }; + $self->{ssh} = Libssh::Session->new(); + + foreach (['hostname', 'host'], ['port', 'port'], ['timeout', 'timeout'], ['ssh_username', 'user'], + ['ssh_dir', 'sshdir'], ['ssh_identity', 'identity']) { + next if (!defined($self->{$_->[0]}) || $self->{$_->[0]} eq ''); + + if ($self->{ssh}->options($_->[1] => $self->{$_->[0]}) != SSH_OK) { + $result->{message} = $self->{ssh}->error(); + $result->{status} = 1; + return $result; + } + } + + if ($self->{ssh}->connect(SkipKeyProblem => $self->{ssh_skip_serverkey_issue}) != SSH_OK) { + $result->{message} = $self->{ssh}->error(); + $result->{status} = 1; + return $result; + } + + if ($self->{ssh}->auth_publickey_auto() != SSH_AUTH_SUCCESS) { + if (defined($self->{ssh_username}) && $self->{ssh_username} ne '' && + defined($self->{ssh_password}) && $self->{ssh_password} ne '' && + $self->{ssh}->auth_password(password => $self->{ssh_password}) == SSH_AUTH_SUCCESS) { + return $result; + } + + my $msg_error = $self->{ssh}->error(GetErrorSession => 1); + $result->{message} = sprintf("auth issue: %s", defined($msg_error) && $msg_error ne '' ? $msg_error : 'pubkey issue'); + $result->{status} = 1; + } + + return $result; +} + +1; + +__END__ + +=head1 NAME + +SSH connector library + +=head1 SYNOPSIS + +my ssh connector + +=head1 SSH OPTIONS + +=over 8 + +=item B<--hostname> + +SSH server hostname (required). + +=item B<--port> + +SSH port. + +=item B<--timeout> + +Timeout in seconds for connection (Defaults: 10 seconds) + +=item B<--ssh-username> + +SSH username. + +=item B<--ssh-password> + +SSH password. + +=item B<--ssh-dir> + +Set the ssh directory. + +=item B<--ssh-identity> + +Set the identity file name (default: id_dsa and id_rsa are checked). + +=item B<--ssh-skip-serverkey-issue> + +Connection will be OK even if there is a problem (server known changed or server found other) with the ssh server. + +=back + +=head1 DESCRIPTION + +B. + +=cut