--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/.perltidyrc	Tue Dec 14 14:51:46 2010 +0100
@@ -0,0 +1,4 @@
+--paren-tightness=2
+--square-bracket-tightness=2
+
+

--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/check_generic.pl	Tue Dec 14 14:51:46 2010 +0100
@@ -0,0 +1,206 @@
+#!/usr/bin/perl -w
+
+use strict;
+use File::Basename;
+use Getopt::Long;
+use LWP::Simple;
+use HTTP::Status;
+use GnuPG qw( :algo );
+
+use lib "/usr/lib/nagios/plugins";
+use utils qw (%ERRORS &print_revision &support);
+
+my $ME      = basename $0;
+my $VERSION = "0.1";
+my $USAGE   = <<EOF;
+Usage: $ME -f <url> -s <url>
+       $ME [ -h | --help ]
+       $ME [ -V | --version ]
+EOF
+
+sub print_help();
+sub print_usage();
+
+sub download();
+sub verify($$);
+sub cleanup($$);
+sub execute($);
+
+my $opt_dl_file           = "";
+my $opt_dl_signature_file = "";
+
+my $dlpath = "/var/tmp/nagios";
+my ($file, $signature);
+
+MAIN: {
+    Getopt::Long::Configure('bundling');
+    GetOptions(
+        "f|file=s"      => \$opt_dl_file,
+        "s|signature=s" => \$opt_dl_signature_file,
+        "h|help"        => sub { print_help(); exit $ERRORS{OK}; },
+        "V|version" => sub { print_revision($ME, $VERSION); exit $ERRORS{OK}; }
+    );
+
+    unless ($opt_dl_file) {
+        print $USAGE;
+        exit $ERRORS{"CRITICAL"};
+    }
+
+    unless ($opt_dl_signature_file) {
+        print $USAGE;
+        exit $ERRORS{"CRITICAL"};
+    }
+
+    download();
+}
+
+sub execute($) {
+    my $file = shift;
+    chmod 0755, $file or print print "GENERIC WARNING: can't chmod $file\n";
+    my @cmd = ("$file");
+
+    open(OUTPUT, "-|") or do {
+        open(STDERR, ">&STDOUT");
+        system(@cmd);
+    };
+
+    my $result = <OUTPUT>;
+
+    close(OUTPUT);
+
+    if ($? == -1) {
+        print "GENERIC CRITICAL: failed to execute: $!\n";
+        cleanup($file, $signature), exit $ERRORS{"CRITICAL"};
+    }
+    elsif ($? & 127) {
+        printf "GENERIC CRITICAL: child died with signal %d, %s coredump\n",
+          ($? & 127), ($? & 128) ? 'with' : 'without';
+        cleanup($file, $signature), exit $ERRORS{"CRITICAL"};
+    }
+    else {
+        my $rc = $? >> 8;
+        if ($rc == $ERRORS{"OK"}) {
+            print "GENERIC OK: $result";
+            cleanup($file, $signature), exit $ERRORS{"OK"};
+        }
+        elsif ($rc == $ERRORS{"WARNING"}) {
+            print "GENERIC WARNING: $result";
+            cleanup($file, $signature), exit $ERRORS{"WARNING"};
+        }
+        elsif ($rc == $ERRORS{"CRITICAL"}) {
+            print "GENERIC CRITICAL: $result";
+            cleanup($file, $signature), exit $ERRORS{"CRITICAL"};
+        }
+        elsif ($rc == $ERRORS{"UNKNOWN"}) {
+            print "GENERIC UNKNOWN: $result";
+            cleanup($file, $signature), exit $ERRORS{"UNKNOWN"};
+        }
+        elsif ($rc == $ERRORS{"DEPENDENT"}) {
+            print "GENERIC DEPENDENT: $result";
+            cleanup($file, $signature), exit $ERRORS{"DEPENDENT"};
+        }
+    }
+}
+
+sub cleanup($$) {
+    my $file      = shift;
+    my $signature = shift;
+    if (-f $file) {
+        unlink $file or do {
+            print "GENERIC WARNING: can't remove $file\n";
+            exit $ERRORS{"WARNING"};
+          }
+    }
+    if (-f $signature) {
+        unlink $signature or do {
+            print "GENERIC CRITICAL: can't remove $signature\n";
+            exit $ERRORS{"WARNING"};
+          }
+    }
+}
+
+sub download() {
+    my $dl_file           = basename $opt_dl_file;
+    my $dl_signature_file = basename $opt_dl_signature_file;
+
+    unless (-d $dlpath) {
+        mkdir $dlpath or do {
+            print "GENERIC CRITICAL: can't create directory $dlpath\n";
+            exit $ERRORS{"CRITICAL"};
+          }
+    }
+
+    $file      = "$dlpath/$dl_file";
+    $signature = "$dlpath/$dl_signature_file";
+
+    # get script file
+    my $rc = getstore($opt_dl_file, "$file");
+    if (is_error($rc)) {
+        if ($rc == "404") {
+            print "GENERIC OK: $opt_dl_file ", status_message($rc), "\n";
+            cleanup($file, $signature), exit $ERRORS{"OK"};
+        }
+        else {
+            print "GENERIC CRITICAL: SCRIPT $opt_dl_file ", status_message($rc),
+              "\n";
+            cleanup($file, $signature), exit $ERRORS{"CRITICAL"};
+        }
+    }
+
+    # get script signature file
+    $rc = getstore($opt_dl_signature_file, "$signature");
+    if (is_error($rc)) {
+        if ($rc == "404") {
+            print "GENERIC OK: $opt_dl_signature_file ", status_message($rc),
+              "\n";
+            cleanup($file, $signature), exit $ERRORS{"OK"};
+        }
+        else {
+            print "GENERIC CRITICAL: SIGNATURE $opt_dl_signature_file ",
+              status_message($rc), "\n";
+            cleanup($file, $signature), exit $ERRORS{"CRITICAL"};
+        }
+    }
+
+    verify($file, $signature);
+    execute($file);
+}
+
+sub verify($$) {
+    my $file      = shift;
+    my $signature = shift;
+
+    my $gpg = new GnuPG();
+    eval { $gpg->verify(signature => $signature, file => $file); };
+
+    # formating error output
+    if ($@) {
+        $@ =~ /^(.*)\sfrom\s+at.*/;
+        print "GENERIC CRITICAL: $1\n";
+        cleanup($file, $signature), exit $ERRORS{"CRITICAL"};
+    }
+}
+
+sub print_usage() { print $USAGE }
+
+sub print_help() {
+    print_revision($ME, $VERSION);
+    print <<EOF;
+Copyright (c) 2010 Christian Arnold
+
+This plugin loads a program file via http or https from a
+server and verifies its validity based on a gpg key.
+
+$USAGE
+	-f, --file
+		download url for generic script
+	-s, --signature
+		download url for generic script signature file
+	-h, --help
+		print detailed help screen
+	-V, --version
+		print version information
+
+EOF
+    support();
+}