Esempio n. 1
0
func (t *CertificateCheck) RunCheck(r *reporter.Reporter) error {
	u, err := url.Parse(t.URL)
	if err != nil {
		return err
	}
	port := "443"
	host := u.Host
	if strings.Contains(host, ":") {
		parts := strings.Split(u.Host, ":")
		host = parts[0]
		port = parts[1]
	}
	conn, err := tls.Dial("tcp", host+":"+port, nil)
	if err != nil {
		return err
	}

	if t.Days == 0 {
		t.Days = 15
	}
	res := r.Report("Certificate expires > %d days", t.Days)
	cert := conn.ConnectionState().PeerCertificates[0]
	conn.Close()
	exp := time.Since(cert.NotAfter) * -1
	days := uint64(math.Floor(exp.Hours() / 24))
	if days < t.Days {
		res.Fail("Certificate expires in %d days (< %d)", days, t.Days)
	} else {
		res.Pass("Certificate expires in %d days", days)
	}

	return nil
}
Esempio n. 2
0
func (core *Core) DoWarnings(r *reporter.Reporter, i *Informants) {

	warnings := r.CollectWarnings()
	if len(warnings) < 1 {
		return
	}

	body := strings.Join(warnings, "\n")
	hostname, _ := os.Hostname()
	body = body + hostname
	errId := r.ID

	params := map[string]string{
		"subject":  r.Name,
		"hostname": hostname,
		"body":     body,
		"id":       errId,
	}
	for _, method := range i.Methods {
		if len(method.Channel) > 0 {
			DoChannel(core, method.Channel, params)
		}
	}

}
Esempio n. 3
0
func (t *RedirectCheck) RunCheck(r *reporter.Reporter) error {
	res := r.Report("CHECK REDIRECT %s => %s", t.From, t.To)
	client := &http.Client{}
	finalAddress := ""
	client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
		if !t.AllowMultiple {
			if finalAddress != "" {
				res.Fail("Redirected to subsequent address %s", req.URL.String())
			}
		}
		finalAddress = req.URL.String()
		return nil
	}

	resp, err := client.Get(t.From)
	if finalAddress != t.To {
		res.Fail("Redirect to wrong address %s", finalAddress)
	}
	if err != nil {
		res.Fail("Redirect %s => %s failed:\n %s", t.From, t.To, err.Error())
		return nil
	}
	if finalAddress == "" {
		res.Fail("Redirect %s => %s did not redirect", t.From, t.To)
	}
	resp.Body.Close()
	return nil
}
Esempio n. 4
0
func (s *Server) RunChecks(r *reporter.Reporter) {
	if s.SSH.HostName == "" {
		s.SSH.HostName = s.Name
	}
	err := s.RunDiskCheck(r)
	if err != nil {
		r.AddError(err)
	}
}
Esempio n. 5
0
func (s *Server) RunDiskCheck(reporter *reporter.Reporter) (err error) {

	disks, err := s.GetDisks()
	if err != nil {
		return err
	}

	log.Println(disks)

checkDisks:
	for _, checkDisk := range s.Disks {
		for _, disk := range disks {
			if disk.Filesystem == checkDisk.Filesystem {

				if checkDisk.MinBytes != nil {
					res := reporter.Report("Check disk %s has > %d bytes free", disk.Filesystem, *checkDisk.MinBytes)
					if disk.Available < *checkDisk.MinBytes {
						res.Fail("%d bytes free", disk.Available)
					} else {
						res.Pass("%d bytes free", disk.Available)
					}

				}
				if checkDisk.MinPercent != nil {
					res := reporter.Report("Check disk %s has > %.2f%% free", disk.Filesystem, *checkDisk.MinPercent)
					fAvail := float64(disk.Available)
					fUsed := float64(disk.Used)
					fTotal := fUsed + fAvail
					availPercent := fAvail / fTotal * 100
					if availPercent < *checkDisk.MinPercent {

						res.Fail("%.2f%% free",
							availPercent)
					} else {
						res.Pass("%.2f%% free",
							availPercent)
					}

				}
				continue checkDisks
			}
		}
		res := reporter.Report("Check disk %s", checkDisk.Filesystem)
		res.Fail("Disk not found")
	}
	return

}
Esempio n. 6
0
func (t *LogCheck) RunCheck(r *reporter.Reporter) error {

	resp, err := t.Request.DoRequest()
	if err != nil {
		return err
	}
	defer resp.Body.Close()
	scanner := bufio.NewScanner(resp.Body)

	reTimePart, err := regexp.Compile(t.Regexp)
	if err != nil {
		return err
	}

	lastTime := time.Unix(0, 0)

	for scanner.Scan() {
		str := scanner.Text()
		timeString := reTimePart.FindString(str)
		t, _ := time.Parse(t.Format, timeString)
		if t.After(lastTime) {
			lastTime = t
		}
	}

	if len(t.QuietPeriod) > 0 {
		res := r.Report("LOG CHECK %s", t.GetName())
		duration, err := time.ParseDuration(t.QuietPeriod)
		if err != nil {
			return err
		}
		since := time.Since(lastTime)
		if since > duration {
			res.Fail("FAIL Last log was %s ago at %s", since, lastTime.Format(time.RFC1123))
		} else {
			res.Pass("Last log was %s ago", since)
		}
	}

	return nil

}
Esempio n. 7
0
func (jfc *JSONFieldCheck) DoChecks(ctx *JSONContext, r *reporter.Reporter) {
	res := r.Report("Elem: %s", jfc.GetName())
	je := &JSONElem{
		ctx:         ctx,
		Fails:       []string{},
		JSONElemDef: jfc.GetElemDef(),
	}
	err := jfc.JSONFieldCheckDef.Check(je)
	if err != nil {
		res.Fail(err.Error())
		return
	}
	if len(je.Fails) > 0 {
		for _, f := range je.Fails {
			res.Fail(f)
		}
	} else {
		res.Pass(je.GetString())
	}
}
Esempio n. 8
0
func (t *TextCheck) RunCheck(r *reporter.Reporter) error {

	reader, err := t.GetReader()
	if err != nil {
		return err
	}
	defer reader.Close()

	bodyBytes, err := ioutil.ReadAll(reader)
	bodyString := string(bodyBytes)

	for _, ss := range t.Contains {
		res := r.Report("SEARCH %s for %s", t.URL, ss)
		if !strings.Contains(bodyString, ss) {
			res.Fail("Did not contain '%s'\n\n%s", ss, bodyString)
			return nil
		} else {
			res.Pass("Found")
		}
	}
	return nil
}
Esempio n. 9
0
func (t *JSONCheck) RunCheck(r *reporter.Reporter) error {
	rChild := r.Spawn("JSON Check %s", t.GetName())

	reader, err := t.Request.GetReader()
	if err != nil {
		return err
	}
	defer reader.Close()
	dec := json.NewDecoder(reader)
	data := map[string]interface{}{}
	dec.Decode(&data)
	ctx := &JSONContext{
		Data:     data,
		Reporter: rChild,
	}

	for _, test := range t.CheckFields {
		test.DoChecks(ctx, rChild)
	}

	return nil
}
Esempio n. 10
0
func (t *CommandCheck) RunCheck(reporter *reporter.Reporter) error {
	res := reporter.Report("Run command %s", t.Command)
	c := exec.Command(t.Command, t.Args...)
	c.Dir = t.WorkingDirectory
	for _, envVar := range t.Environment {
		c.Env = append(c.Env, fmt.Sprintf("%s=%s", envVar.Name, envVar.Value))
	}

	output, err := c.CombinedOutput()
	if err != nil {
		res.Fail("Error running %s: %s Dump: \n%s\n", t.Command, err.Error(), string(output))
	}
	return nil
}
Esempio n. 11
0
func Crosscheck(cfg *CXConfig, configHash string, r *reporter.Reporter) bool {

	if cfg.MaxTries == 0 {
		cfg.MaxTries = 3
	}

	b := make([]byte, 21, 21)
	rand.Read(b)
	myID := base64.URLEncoding.EncodeToString(b)
	log.Printf("My ID: %s\n", myID)

	waitForOthers := &sync.WaitGroup{}
	waitForOthers.Add(len(cfg.Remotes))

	mux := http.NewServeMux()
	// Serve and dial
	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
		id := r.URL.Query().Get("id")
		log.Printf("Was pinged by %s\n", id)
		waitForOthers.Done()
		fmt.Fprintf(w, "%s\n%s", myID, configHash)
	})

	closeListener := make(chan struct{})

	go func() {
		var listener net.Listener
		defer func() {
			<-closeListener
			if listener != nil {
				listener.Close()
			}
		}()
		listener, err := net.Listen("tcp", cfg.Bind)
		if err != nil {
			log.Printf("Can't listen for CX: %s\n", err.Error())
			return
		}
		go func() {
			err = http.Serve(listener, mux)
			if err != nil {
				log.Printf("Can't serve for CX: %s\n", err.Error())
			}
		}()
	}()

	isLowest := true
	allSuccess := true
remotes:
	for _, remote := range cfg.Remotes {
		reportRes := r.Report("CX %s", remote)
		success := false
		for try := 0; try < cfg.MaxTries; try += 1 {
			time.Sleep(time.Second * time.Duration(1+(5*try)))
			res, err := http.Get(fmt.Sprintf("%s?id=%s", remote, myID))
			if err != nil {
				log.Printf("Checking %s fail %d/%d\n%s", remote, try+1, cfg.MaxTries, err.Error())
				continue
			}
			bodyBytes, _ := ioutil.ReadAll(res.Body)
			parts := strings.Split(string(bodyBytes), "\n")
			if len(parts) != 2 {
				log.Println(string(bodyBytes))
				reportRes.Fail("Didn't understand response")
				allSuccess = false
				continue remotes

			}
			remoteID := parts[0]
			remoteConfig := parts[1]
			reportRes.Pass("Got ID %s", remoteID)
			if remoteConfig != configHash {
				reportRes.Fail("Config mismach")
				allSuccess = false
				continue remotes
			}
			success = true
			if remoteID == myID {
				log.Printf("Remote %s is me (%s)\n", remote, remoteID)
				break
			}
			log.Printf("Remote %s answered (%s)\n", remote, remoteID)
			if remoteID < myID {
				isLowest = false
			}
			break
		}
		if !success {
			reportRes.Fail("No connection established")
			allSuccess = false
		}
	}
	if !allSuccess {
		log.Printf("At least one host failed, running checks locally")
		return true
	}

	log.Println("Waiting for other servers")
	waitForOthers.Wait()
	log.Println("Wait complete, Stop Server")
	closeListener <- struct{}{}
	log.Println("Stopped Server")

	if isLowest {
		log.Printf("I am the lowest: %s\n", myID)
		return true
	}
	log.Println("Not elected, I'm done")
	return false
}