aboutsummaryrefslogtreecommitdiff
path: root/libexec/check_ftp
blob: 3ec2899d8c8c619600187d2dc2de2f6181b0a8c7 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#!perl
#
# Check that we can connect to an FTP server, with opportunistic TLS; the
# check_ftp plugin that comes with Monitoring::Plugin doesn't do this.
#
# Author: Tom Ryder <tom@sanctum.geek.nz>
# License: MIT
#
package main;

# Force me to write this properly
use strict;
use warnings;
use utf8;

# Require at least this Perl version
use 5.010_001;

# Import required modules
use English qw(-no_match_vars);
use Exception::Class ( PluginException => { alias => 'throw' } );
use Monitoring::Plugin;
use Net::FTP;
use Try::Tiny;

# Decree package version
our $VERSION = '1.01';

# Add description and license package variables
our $DESCRIPTION = <<'EOF';
This plugin makes an FTP connection to a nominated server, optionally including
a STARTTLS upgrade for FTPS.  It does not support implicit FTPS.
EOF
our $LICENSE = <<'EOF';
MIT License <https://opensource.org/licenses/MIT>
EOF

# Custom plugin options
our @OPTS = (
    {
        spec    => 'hostname|H=s',
        help    => 'FTP server hostname or address',
        label   => 'HOSTNAME',
        default => 'localhost',
    },
    {
        spec  => 'starttls|S:s',
        help  => 'Try STARTTLS with optional specified hostname',
        label => 'HOSTNAME',
    },
);

# Build Monitoring::Plugin object
my $mp = Monitoring::Plugin->new(
    usage   => 'Usage: %s [--hostname|h HOSTNAME] [--starttls|S [SERVERNAME]]',
    version => $VERSION,
    blurb   => $DESCRIPTION,
    license => $LICENSE,
);

# Anything that dies in here raises ->plugin_die
try {

    # Add and read custom options
    for my $opt (@OPTS) {
        $mp->add_arg( %{$opt} );
    }
    $mp->getopts;

    # Start counting down to timeout
    alarm $mp->opts->timeout;

    # Attempt FTP connection
    my %opts;
    if ( length $mp->opts->starttls ) {
        $opts{SSL_verifycn_name} = $mp->opts->starttls;
    }
    defined( my $ftp = Net::FTP->new( $mp->opts->hostname, %opts ) )
      or $mp->plugin_exit( CRITICAL => 'Failed connect' );

    # If we connected and the server reports that it supports TLS, try it
    if ( defined $mp->opts->starttls ) {
        my $ssl = $ftp->can_ssl
          or throw 'Client can\'t TLS';
        $ftp->feature('AUTH TLS')
          or $mp->add_message( WARNING => 'AUTH TLS not listed in features' );
        $ftp->starttls
          or $mp->add_message( WARNING => $ssl->errstr || 'STARTTLS error' );
    }
    $mp->plugin_exit( $mp->check_messages );
}
catch {
    $mp->plugin_die($_);
};

1;