#!perl # # Copyright (C) 2020--2021 Tom Ryder # # This file is part of nagios-check-ftp. # # nagios-check-ftp is free software: you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the Free # Software Foundation, either version 3 of the License, or (at your option) any # later version. # # nagios-check-ftp is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or # FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for # more details. # # You should have received a copy of the GNU General Public License along with # nagios-check-ftp. If not, see . # # # Check that we can connect to an FTP server, with opportunistic TLS; the # check_ftp plugin that comes with Monitoring::Plugin doesn't do this. # package main; # Force me to write this properly use strict; use warnings; use utf8; # Require at least this Perl version use 5.010_001; # Import required modules use English qw(-no_match_vars); use Exception::Class qw(TLSException); use Monitoring::Plugin; use Net::FTP; use Try::Tiny; # Decree package version our $VERSION = '1.01'; # Add description and license package variables our $DESCRIPTION = <<'EOF'; This plugin makes an FTP connection to a nominated server, optionally including a STARTTLS upgrade for FTPS. It does not support implicit FTPS. EOF our $LICENSE = <<'EOF'; GNU General Public License, Version 3 or newer EOF # Custom plugin options our @OPTS = ( { spec => 'hostname|H=s', help => 'FTP server hostname or address', label => 'HOSTNAME', default => 'localhost', }, { spec => 'starttls|S:s', help => 'Try STARTTLS with optional specified hostname', label => 'HOSTNAME', }, ); # Build Monitoring::Plugin object my $mp = Monitoring::Plugin->new( usage => 'Usage: %s [--hostname|h HOSTNAME] [--starttls|S [SERVERNAME]]', version => $VERSION, blurb => $DESCRIPTION, license => $LICENSE, ); # Anything that dies in here raises ->plugin_die try { # Add and read custom options for my $opt (@OPTS) { $mp->add_arg( %{$opt} ); } $mp->getopts; # Start counting down to timeout alarm $mp->opts->timeout; # Attempt FTP connection my %opts; if ( length $mp->opts->starttls ) { $opts{SSL_verifycn_name} = $mp->opts->starttls; } defined( my $ftp = Net::FTP->new( $mp->opts->hostname, %opts ) ) or $mp->plugin_exit( CRITICAL => 'Failed connect' ); # If we connected and the server reports that it supports TLS, try it if ( defined $mp->opts->starttls ) { my $ssl = $ftp->can_ssl or TLSException->throw('Client can\'t TLS'); $ftp->feature('AUTH TLS') or $mp->add_message( WARNING => 'AUTH TLS not listed in features' ); $ftp->starttls or $mp->add_message( WARNING => $ssl->errstr || 'STARTTLS error' ); } $mp->plugin_exit( $mp->check_messages ); } catch { $mp->plugin_die($_); }; 1;