Accepting request 1152323 from server:monitoring

- naming the renamed patches exactly, to make factory-auto happy: + monitoring-plugins-2.3.3-wrong_percent_in_check_swap.patch to monitoring-plugins-2.3.5-check_swap_wrong_percent.patch + monitoring-plugins-2.3.3-check_ssh.patch to monitoring-plugins-2.3.5-check_ssh.patch + monitoring-plugins-2.3.3-check_ssh.t_-_improve_testing.patch to monitoring-plugins-2.3.5-check_ssh.t_-_improve_testing.patch + monitoring-plugins-2.3.3-check_ntp_perf_absolute.patch to monitoring-plugins-2.3.5-check_ntp_perf_absolute.patch + monitoring-plugins-2.3.3-root-plugins-Makefile_-_no_chown.patch to monitoring-plugins-2.3.5-plugins-root-Makefile_-_no_chown.patch + monitoring-plugins-2.3.3-check_log_-_quoting.patch to monitoring-plugins-2.3.5-check_log_-_quoting.patch + monitoring-plugins-2.3.3-check_http-proxy.patch to monitoring-plugins-2.3.5-check_http-proxy.patch - Use %patch -P N instead of deprecated %patchN. - enable check_curl by BuildRequiring its dependencies - restore patches not yet applied upstream (and rename to 2.3.5): + monitoring-plugins-2.3.3-check_log_-_quoting.patch + monitoring-plugins-2.3.3-check_http-proxy.patch - drop upstreamed patches: + monitoring-plugins-2.3.3-check_by_ssh.patch (GitHub #1774) + monitoring-plugins-2.3.3-check_disk_on_btrfs.patch (GH #1388) - GitHub issues for patches upstreamed on 2023-12-05: + monitoring-plugins-2.3.3-check_snmp.arrayaddress.patch (GH #1870) + monitoring-plugins-2.3.3-mariadb_102_build_fix.patch (GH #1522) + monitoring-plugins-2.3.3-check_dhcp_-_detect_rogue_dhcp_servers.patch (GH #1906) + monitoring-plugins-2.3.3-check_icmp.patch (GH #1807) OBS-URL: https://build.opensuse.org/request/show/1152323 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/monitoring-plugins?expand=0&rev=31
2024-02-27 21:49:46 +00:00 · 2024-02-27 21:49:46 +00:00 · a71c504257
commit a71c504257
parent 614cb17823 b25473109b
11 changed files with 329 additions and 114 deletions
--- a/monitoring-plugins-2.3.3-check_by_ssh.patch
+++ b/monitoring-plugins-2.3.3-check_by_ssh.patch
@ -1,46 +0,0 @@
-Index: monitoring-plugins-2.3.3/plugins/check_by_ssh.c
-===================================================================
--- monitoring-plugins-2.3.3.orig/plugins/check_by_ssh.c
-+++ monitoring-plugins-2.3.3/plugins/check_by_ssh.c
-@@ -109,6 +109,13 @@ main (int argc, char **argv)
- 		return STATE_UNKNOWN;
- 	}
- 
-+	/* SSH returns 255 if connection attempt fails; include the first line of error output */
-+	if (result == 255 && unknown_timeout) {
-+		printf (_("SSH connection failed: %s\n"),
-+		        chld_err.lines > 0 ? chld_err.line[0] : "(no error output)");
-+		return STATE_UNKNOWN;
-+	}
-+
- 	if (verbose) {
- 		for(i = 0; i < chld_out.lines; i++)
- 			printf("stdout: %s\n", chld_out.line[i]);
-@@ -455,12 +462,12 @@ print_help (void)
-   printf ("    %s\n", _("Tell ssh to use this configfile [optional]"));
-   printf (" %s\n","-q, --quiet");
-   printf ("    %s\n", _("Tell ssh to suppress warning and diagnostic messages [optional]"));
-	printf (UT_WARN_CRIT);
-	printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
-	printf (" %s\n","-U, --unknown-timeout");
-	printf ("    %s\n", _("Make connection problems return UNKNOWN instead of CRITICAL"));
-	printf (UT_VERBOSE);
-	printf("\n");
-+  printf (UT_WARN_CRIT);
-+  printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
-+  printf (" %s\n","-U, --unknown-timeout");
-+  printf ("    %s\n", _("Make connection problems return UNKNOWN instead of CRITICAL"));
-+  printf (UT_VERBOSE);
-+  printf("\n");
-   printf (" %s\n", _("The most common mode of use is to refer to a local identity file with"));
-   printf (" %s\n", _("the '-i' option. In this mode, the identity pair should have a null"));
-   printf (" %s\n", _("passphrase and the public key should be listed in the authorized_keys"));
-@@ -479,7 +486,7 @@ print_help (void)
-   printf (" %s\n", "[1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c2;0; up 2 days");
-   printf (" %s\n", "[1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c3;0; up 2 days");
- 
-	printf(UT_SUPPORT);
-+  printf(UT_SUPPORT);
- }
- 
- 
--- a/monitoring-plugins-2.3.3-check_disk_on_btrfs.patch
+++ b/monitoring-plugins-2.3.3-check_disk_on_btrfs.patch
@ -1,25 +0,0 @@
-commit a00fd77179dd6a6c2c96ff09350a9c213c18fd62
-Author: George Hansper <george@hansper.id.au>
-Date:   Tue Sep 22 19:06:57 2020 +1000
-
-    check_disk - fix false DISK CRITICAL alert for btrfs filesystems due to BSD Gnulib workaround
-
-Index: monitoring-plugins-2.3.3/plugins/check_disk.c
-===================================================================
--- monitoring-plugins-2.3.3.orig/plugins/check_disk.c
-+++ monitoring-plugins-2.3.3/plugins/check_disk.c
-@@ -1041,7 +1041,14 @@ get_stats (struct parameter_list *p, str
- 
- void
- get_path_stats (struct parameter_list *p, struct fs_usage *fsp) {
-+#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(OpenBSD )
-+   /* 2007-12-08 - Workaround for Gnulib reporting insanely high available
-+   * space on BSD (the actual value should be negative but fsp->fsu_bavail
-+   * is unsigned) */
-+   p->available = fsp->fsu_bavail > fsp->fsu_bfree ? 0 : fsp->fsu_bavail;
-+#else
-   p->available = fsp->fsu_bavail;
-+#endif
-   p->available_to_root = fsp->fsu_bfree;
-   p->used = fsp->fsu_blocks - fsp->fsu_bfree;
-   if (freespace_ignore_reserved) {
--- a/monitoring-plugins-2.3.5-check_http-proxy.patch
+++ b/monitoring-plugins-2.3.5-check_http-proxy.patch
@ -0,0 +1,169 @@
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 8dda046f..2ab6a7a3 100644
+--- a/plugins/check_http.c
+++ b/plugins/check_http.c
+@@ -126,6 +126,9 @@ int sd;
+ int min_page_len = 0;
+ int max_page_len = 0;
+ int redir_depth = 0;
+bool ssl_proxy = false;
+char *proxy_server_address;
+int proxy_server_port;
+ int max_depth = DEFAULT_MAX_REDIRS;
+ char *http_method;
+ char *http_method_proxy;
+@@ -139,6 +142,7 @@ char *client_privkey = NULL;
+ bool process_arguments (int, char **);
+ int check_http (void);
+ void redir (char *pos, char *status_line);
+const char *find_uri_path (const char *url);
+ bool server_type_check(const char *type);
+ int server_port_check(int ssl_flag);
+ char *perfd_time (double microsec);
+@@ -609,6 +613,17 @@ bool process_arguments (int argc, char **argv)
+   if (virtual_port == 0)
+     virtual_port = server_port;
+ 
+  /* if we are called with the -I option, the -j method is CONNECT and */
+  /* we received -S for SSL, then we tunnel the request through a proxy*/
+  /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto  */
+
+  ssl_proxy = server_address != NULL && strcmp(http_method, "CONNECT") == 0
+    && host_name != NULL && use_ssl == true;
+  if (ssl_proxy) {
+    proxy_server_address = strdup(server_address);
+    proxy_server_port = server_port;
+  }
+
+   return true;
+ }
+ 
+@@ -940,18 +955,18 @@ check_http (void)
+ 
+   /* try to connect to the host at the given port number */
+   gettimeofday (&tv_temp, NULL);
+-  if (my_tcp_connect (server_address, server_port, &sd) != STATE_OK)
+  result = ssl_proxy ?
+    my_tcp_connect (proxy_server_address, proxy_server_port, &sd) :
+    my_tcp_connect (server_address, server_port, &sd);
+  if (result != STATE_OK)
+     die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
+   microsec_connect = deltime (tv_temp);
+ 
+-    /* if we are called with the -I option, the -j method is CONNECT and */
+-    /* we received -S for SSL, then we tunnel the request through a proxy*/
+-    /* @20100414, public[at]frank4dd.com, http://www.frank4dd.com/howto  */
+  /* handle connection via SSL proxy */
+  if (ssl_proxy) {
+ 
+-    if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
+-      && host_name != NULL && use_ssl == true) {
+-
+-    if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n", server_address, server_port, host_name, HTTPS_PORT);
+    if (verbose) printf ("Entering CONNECT tunnel mode with proxy %s:%d to dst %s:%d\n",
+      proxy_server_address, proxy_server_port, host_name, HTTPS_PORT);
+     asprintf (&buf, "%s %s:%d HTTP/1.1\r\n%s\r\n", http_method, host_name, HTTPS_PORT, user_agent);
+     if (strlen(proxy_auth)) {
+       base64_encode_alloc (proxy_auth, strlen (proxy_auth), &auth);
+@@ -986,7 +1001,7 @@ check_http (void)
+   if (use_ssl == true) {
+     gettimeofday (&tv_temp, NULL);
+     result = np_net_ssl_init_with_hostname_version_and_cert(sd, (use_sni ? host_name : NULL), ssl_version, client_cert, client_privkey);
+-    if (verbose) printf ("SSL initialized\n");
+    if (verbose) printf ("SSL initialization %s\n", result == STATE_OK ? "successful" : "failed");
+     if (result != STATE_OK)
+       die (STATE_CRITICAL, NULL);
+     microsec_ssl = deltime (tv_temp);
+@@ -1002,9 +1017,8 @@ check_http (void)
+   }
+ #endif /* HAVE_SSL */
+ 
+-  if ( server_address != NULL && strcmp(http_method, "CONNECT") == 0
+-       && host_name != NULL && use_ssl == true)
+-    asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+  if (ssl_proxy)
+    asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method_proxy, find_uri_path(server_url), host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+   else
+     asprintf (&buf, "%s %s %s\r\n%s\r\n", http_method, server_url, host_name ? "HTTP/1.1" : "HTTP/1.0", user_agent);
+ 
+@@ -1033,8 +1047,7 @@ check_http (void)
+        */
+       if ((use_ssl == false && virtual_port == HTTP_PORT) ||
+           (use_ssl == true && virtual_port == HTTPS_PORT) ||
+-          (server_address != NULL && strcmp(http_method, "CONNECT") == 0
+-         && host_name != NULL && use_ssl == true))
+          ssl_proxy)
+         xasprintf (&buf, "%sHost: %s\r\n", buf, host_name);
+       else
+         xasprintf (&buf, "%sHost: %s:%d\r\n", buf, host_name, virtual_port);
+@@ -1138,10 +1151,17 @@ check_http (void)
+   /* leave full_page untouched so we can free it later */
+   page = full_page;
+ 
+-  if (verbose)
+-    printf ("%s://%s:%d%s is %d characters\n",
+-      use_ssl ? "https" : "http", server_address,
+-      server_port, server_url, (int)pagesize);
+  if (verbose) {
+    if (ssl_proxy)  {
+      printf ("[via proxy %s://%s:%d] %s returned %d bytes\n",
+        use_ssl ? "https" : "http", proxy_server_address, proxy_server_port,
+        server_url, (int)pagesize);
+    } else {
+      printf ("%s://%s:%d%s returned %d bytes\n",
+        use_ssl ? "https" : "http", server_address,
+        server_port, server_url, (int)pagesize);
+    }
+  }
+ 
+   /* find status line and null-terminate it */
+   status_line = page;
+@@ -1301,7 +1321,12 @@ check_http (void)
+         bcopy("...", &output_string_search[sizeof(output_string_search) - 4],
+               4);
+       }
+-      xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search, use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
+      if (ssl_proxy) {
+        xasprintf (&msg, _("%sstring '%s' not found on '%s', "), msg, output_string_search, server_url);
+      } else {
+        xasprintf (&msg, _("%sstring '%s' not found on '%s://%s:%d%s', "), msg, output_string_search,
+          use_ssl ? "https" : "http", host_name ? host_name : server_address, server_port, server_url);
+      }
+       result = STATE_CRITICAL;
+     }
+   }
+@@ -1642,6 +1667,25 @@ redir (char *pos, char *status_line)
+   check_http ();
+ }
+ 
+// Locate the URI path inside a complete URL. If we fail, just return the original URL.
+const char *
+find_uri_path (const char *url)
+{
+  const char *s = url;
+
+  if (strncmp(s, "http://", 7) == 0)
+    s += 7;
+  else if (strncmp(s, "https://", 8) == 0)
+    s += 8;
+  else
+    return url;
+  while (*s != '\0') {
+    if (strchr("/?#", *s) != NULL)
+      return s;
+    s++;
+  }
+  return url;
+}
+ 
+ bool
+ server_type_check (const char *type)
+@@ -1861,7 +1905,7 @@ print_help (void)
+   printf (" %s\n", _("a STATE_OK is returned. When the certificate is still valid, but for less than"));
+   printf (" %s\n", _("30 days, but more than 14 days, a STATE_WARNING is returned."));
+   printf (" %s\n", _("A STATE_CRITICAL will be returned when certificate expires in less than 14 days"));
+-
+  printf ("\n");
+   printf (" %s\n\n", "CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT: ");
+   printf (" %s\n", _("check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT -H www.verisign.com "));
+   printf (" %s\n", _("all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl) -j CONNECT -H <webserver>"));
--- a/monitoring-plugins-2.3.5-check_log_-_quoting.patch
+++ b/monitoring-plugins-2.3.5-check_log_-_quoting.patch
@ -0,0 +1,33 @@
+Index: monitoring-plugins-2.3.3/plugins-scripts/check_log.sh
+===================================================================
+--- monitoring-plugins-2.3.3.orig/plugins-scripts/check_log.sh
+++ monitoring-plugins-2.3.3/plugins-scripts/check_log.sh
+@@ -112,23 +112,23 @@ while test -n "$1"; do
+             exit "$STATE_UNKNOWN"
+             ;;
+         -F | --filename)
+-            logfile=$2
+            logfile="$2"
+             shift 2
+             ;;
+         -O | --oldlog)
+-            oldlog=$2
+            oldlog="$2"
+             shift 2
+             ;;
+         -q | --query)
+-            query=$2
+            query="$2"
+             shift 2
+             ;;
+         --exclude)
+-            exclude=$2
+            exclude="$2"
+             shift 2
+             ;;
+         -x | --exitstatus)
+-            exitstatus=$2
+            exitstatus="$2"
+             shift 2
+             ;;
+         -e | --extended-regex)
--- a/monitoring-plugins-2.3.5-check_ntp_perf_absolute.patch
+++ b/monitoring-plugins-2.3.5-check_ntp_perf_absolute.patch
--- a/monitoring-plugins-2.3.5-check_ssh.patch
+++ b/monitoring-plugins-2.3.5-check_ssh.patch
--- a/monitoring-plugins-2.3.5-check_ssh.t_-_improve_testing.patch
+++ b/monitoring-plugins-2.3.5-check_ssh.t_-_improve_testing.patch
--- a/monitoring-plugins-2.3.3-wrong_percent_in_check_swap.patch
+++ b/monitoring-plugins-2.3.3-wrong_percent_in_check_swap.patch
@ -33,12 +33,12 @@ Index: monitoring-plugins-2.3.3/plugins/check_swap.c
 ===================================================================
 --- monitoring-plugins-2.3.3.orig/plugins/check_swap.c
 +++ monitoring-plugins-2.3.3/plugins/check_swap.c
-@@ -137,7 +137,7 @@ main (int argc, char **argv)
+@@ -134,7 +134,7 @@ main (int argc, char **argv)
 			free_swap_mb += dskfree_mb;
 			if (allswaps) {
 				if (dsktotal_mb == 0)
 -					percent=100.0;
-+					percent= 0.0;
+					percent = 0.0;
 				else
 					percent = 100 * (((double) dskused_mb) / ((double) dsktotal_mb));
 				result = max_state (result, check_swap (dskfree_mb, dsktotal_mb));
--- a/monitoring-plugins-2.3.5-plugins-root-Makefile_-_no_chown.patch
+++ b/monitoring-plugins-2.3.5-plugins-root-Makefile_-_no_chown.patch
@ -1,19 +1,18 @@
-Index: monitoring-plugins-2.3.3/plugins-root/Makefile.am
-===================================================================
--- monitoring-plugins-2.3.3.orig/plugins-root/Makefile.am
-+++ monitoring-plugins-2.3.3/plugins-root/Makefile.am
-@@ -49,7 +49,6 @@ INSTALL_SUID = \
+--- monitoring-plugins-2.3.5/plugins-root/Makefile.in.orig	2023-11-28 17:23:06.400019507 -0600
+++ monitoring-plugins-2.3.5/plugins-root/Makefile.in	2023-11-28 17:49:03.832492223 -0600
+@@ -1960,8 +1960,6 @@
 	p=$$f; \
 	echo " $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/$$p"; \
 	$(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/$$p; \
 -	echo " chown root $(DESTDIR)$(libexecdir)/$$p"; \
- 	chown root $(DESTDIR)$(libexecdir)/$$p; \
+-	chown root $(DESTDIR)$(libexecdir)/$$p; \
 	echo " chmod $(setuid_root_mode) $(DESTDIR)$(libexecdir)/$$p"; \
 	chmod $(setuid_root_mode) $(DESTDIR)$(libexecdir)/$$p; \
-@@ -64,7 +63,7 @@ install-exec-local: $(noinst_PROGRAMS)
+ 	done
+@@ -2484,7 +2482,7 @@
+ 	@TMPFILE=$(DESTDIR)$(libexecdir)/.setuid-$$$$; \
+ 	rm -f $$TMPFILE; \
 	echo > $$TMPFILE; \
- 	## See if we can create a setuid root executable in $(libexecdir).
- 	## If not, then don't even try to install setuid plugins.
 -	can_create_suid_root_executable=no; \
 +	can_create_suid_root_executable=yes; \
 	chown root $$TMPFILE > /dev/null 2>&1 \
--- a/monitoring-plugins.changes
+++ b/monitoring-plugins.changes
@ -1,3 +1,58 @@
+-------------------------------------------------------------------
+Tue Feb 27 15:19:55 UTC 2024 - Lars Vogdt <lars@linux-schulserver.de>
+
+- naming the renamed patches exactly, to make factory-auto happy:
+  + monitoring-plugins-2.3.3-wrong_percent_in_check_swap.patch to
+    monitoring-plugins-2.3.5-check_swap_wrong_percent.patch
+  + monitoring-plugins-2.3.3-check_ssh.patch to
+    monitoring-plugins-2.3.5-check_ssh.patch
+  + monitoring-plugins-2.3.3-check_ssh.t_-_improve_testing.patch to
+    monitoring-plugins-2.3.5-check_ssh.t_-_improve_testing.patch
+  + monitoring-plugins-2.3.3-check_ntp_perf_absolute.patch to
+    monitoring-plugins-2.3.5-check_ntp_perf_absolute.patch
+  + monitoring-plugins-2.3.3-root-plugins-Makefile_-_no_chown.patch to
+    monitoring-plugins-2.3.5-plugins-root-Makefile_-_no_chown.patch
+  + monitoring-plugins-2.3.3-check_log_-_quoting.patch to
+    monitoring-plugins-2.3.5-check_log_-_quoting.patch
+  + monitoring-plugins-2.3.3-check_http-proxy.patch to
+    monitoring-plugins-2.3.5-check_http-proxy.patch
+
+-------------------------------------------------------------------
+Fri Feb 23 08:48:34 UTC 2024 - pgajdos@suse.com
+
+- Use %patch -P N instead of deprecated %patchN.
+
+-------------------------------------------------------------------
+Mon Feb  5 22:34:58 UTC 2024 - Andrew Daugherity <adaugherity@tamu.edu>
+
+- enable check_curl by BuildRequiring its dependencies 
+- restore patches not yet applied upstream (and rename to 2.3.5):
+  + monitoring-plugins-2.3.3-check_log_-_quoting.patch
+  + monitoring-plugins-2.3.3-check_http-proxy.patch
+- drop upstreamed patches:
+  + monitoring-plugins-2.3.3-check_by_ssh.patch (GitHub #1774)
+  + monitoring-plugins-2.3.3-check_disk_on_btrfs.patch (GH #1388)
+  - GitHub issues for patches upstreamed on 2023-12-05:
+    + monitoring-plugins-2.3.3-check_snmp.arrayaddress.patch (GH #1870)
+    + monitoring-plugins-2.3.3-mariadb_102_build_fix.patch (GH #1522)
+    + monitoring-plugins-2.3.3-check_dhcp_-_detect_rogue_dhcp_servers.patch (GH #1906)
+    + monitoring-plugins-2.3.3-check_icmp.patch (GH #1807)
+    + systemd-not-utmp.patch (GH #1888)
+- Repair the "no chown" patch to actually avoid calling chown; avoid
+  automake build deps by patching Makefile.in rather than Makefile.am.
+  + After upstream updated the gl subdir, it complains that the automake
+    in SLE 12 SP5 is too old.
+- Fix build on SLE 12 SP5 (link failure due to mixing OpenSSL 1.0 & 1.1)
+  by using only OpenSSL 1.1, and excluding curl subpackage (needs uriparser).
+- Rename patch files to match version number.
+- sync check_mssql package description with plugin's help output
+  + Note that not all distros contain perl-DBD-Sybase and/or freetds
+- remove obsolete configure options
+  + --with-ntp{q,dc,date}-command dropped upstream in 1.4.4 (e667553)
+  + --with-proc-loadavg dropped in 1.4.6 (fe856aa)
+- remove unnecessary chmod commands during build
+- disable gettextize as upstream has (temporarily?) removed translations (GH #1947)
+
 -------------------------------------------------------------------
 Mon Jan 29 15:11:15 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>

--- a/monitoring-plugins.spec
+++ b/monitoring-plugins.spec
@ -62,18 +62,19 @@ Source57:       nrpe-check_users
 Source58:       nrpe-check_zombie_procs
 Source59:       nrpe-check_mysql
 Source60:       nrpe-check_ups
+# PATCH-FIX-UPSTREAM Quote the options comming in from users (path names might contain whitespaces)
+Patch1:         %{name}-2.3.5-check_log_-_quoting.patch
 # PATH-FIX-openSUSE - do not use/run chown in Makefile: we use RPM for this
-Patch6:         %{name}-2.3.3-root-plugins-Makefile_-_no_chown.patch
+Patch6:         %{name}-2.3.5-plugins-root-Makefile_-_no_chown.patch
 # PATCH-FIX-UPSTREAM see https://bugzilla.redhat.com/512559
-Patch121:       %{name}-2.3.3-wrong_percent_in_check_swap.patch
+Patch121:       %{name}-2.3.5-check_swap_wrong_percent.patch
 # PATCH-FIX-UPSTREAM - return ntp offset absolute (as positive value) in performance data since warn and crit are also positive values 
-Patch122:       %{name}-2.3.3-check_ntp_perf_absolute.patch
+Patch122:       %{name}-2.3.5-check_ntp_perf_absolute.patch
 # PATCH-FIX-UPSTREAM - see https://github.com/monitoring-plugins/monitoring-plugins/pull/1322
-Patch125:       monitoring-plugins-2.3.3-check_ssh.patch
-Patch126:       monitoring-plugins-2.3.3-check_ssh.t_-_improve_testing.patch
-Patch128:       monitoring-plugins-2.3.3-check_disk_on_btrfs.patch
-# PATCH-FIX-UPSTREAM - see https://github.com/monitoring-plugins/monitoring-plugins/pull/1774
-Patch129:       monitoring-plugins-2.3.3-check_by_ssh.patch
+Patch125:       %{name}-2.3.5-check_ssh.patch
+Patch126:       %{name}-2.3.5-check_ssh.t_-_improve_testing.patch
+# PATCH-FIX-UPSTREAM - see https://github.com/monitoring-plugins/monitoring-plugins/pull/1862
+Patch130:       %{name}-2.3.5-check_http-proxy.patch
 BuildRequires:  bind-utils
 BuildRequires:  dhcp-devel
 BuildRequires:  fping
@ -81,8 +82,6 @@ BuildRequires:  fping
 PreReq:         permissions
 %endif
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-BuildRequires:  autoconf
-BuildRequires:  automake
 %if 0%{?suse_version} > 1599
 BuildRequires:  coreutils-systemd
 %endif
@ -95,7 +94,13 @@ BuildRequires:  nagios-rpm-macros
 BuildRequires:  net-snmp-devel
 BuildRequires:  openldap2-devel
 BuildRequires:  openssh
+%if 0%{?suse_version} == 1315
+# force OpenSSL 1.1 on SLE 12, and avoid old pgsql which wants 1.0
+BuildRequires:  libopenssl-1_1-devel
+BuildConflicts: postgresql10-devel
+%else
 BuildRequires:  openssl-devel
+%endif
 %if 0%{?fedora_version} ||  0%{?rhel_version} || 0%{?centos_version}
 BuildRequires:  net-snmp-perl
 BuildRequires:  net-snmp-utils
@ -125,6 +130,10 @@ BuildRequires:  heimdal-devel
 %else
 BuildRequires:  krb5-devel
 %endif
+%if 0%{?suse_version} > 1315
+BuildRequires:  libcurl-devel
+BuildRequires:  uriparser-devel
+%endif
 # recommend the old, included checks to allow an easy update - but
 # also allow users to deselect some of the new sub-packages
 %if 0%{?suse_version}
@ -230,6 +239,7 @@ Recommends:     %{name}-clamav
 Recommends:     %{name}-cluster
 Recommends:     %{name}-contentage
 Recommends:     %{name}-cups
+Recommends:     %{name}-curl
 Recommends:     %{name}-dbi-mysql
 Recommends:     %{name}-dbi-pgsql
 Recommends:     %{name}-dbi-sqlite3
@ -380,6 +390,23 @@ Obsoletes:      nagios-plugins-common <= 1.5
 This package includes the libraries (scripts) that are included by many
 of the standard checks.

+%if 0%{?suse_version} > 1315
+%package curl
+Summary:        Test the HTTP service on the specified host, via libcurl
+Group:          System/Monitoring
+Provides:       nagios-plugins-curl = %{version}
+Obsoletes:      nagios-plugins-curl <= 1.5
+
+%description curl
+This plugin tests the HTTP service on the specified host. It can test
+normal (http) and secure (https) servers, follow redirects, search for
+strings and regular expressions, check connection times, and report on
+certificate expiration times.
+
+It makes use of libcurl to do so. It tries to be as compatible to check_http
+as possible.
+%endif
+
 %package dbi
 Summary:        Check databases using DBI
 Group:          System/Monitoring
@ -758,10 +785,13 @@ Requires:       perl(FindBin)
 Requires:       perl

 %description mssql
-This plugin runs a query against a MS-SQL server or Sybase server and returns
-the first row. It returns an error if no responses are running. Row is passed
-to perfdata	in semicolon delimited format.
-A simple sql statement like \"select getdate()\" verifies server responsiveness.
+Runs a query against a Microsoft SQL or Sybase server and returns the first
+row; returns an error if no responses are found.  The row is passed to perfdata
+in semicolon-delimited format.
+A simple sql statement like "select getdate()" verifies server responsiveness.
+
+This plugin is written in Perl and requires DBD::Sybase, which in turn needs
+freetds.  Those may require additional repositories.
 %endif

 %package mysql
@ -1144,23 +1174,21 @@ with the libdbi driver for $extension.
 EOF
 done

-%patch6 -p1
+%patch -P 1 -p1
+%patch -P 6 -p1
 # Debian patches
-%patch121 -p1
-%patch122 -p1
+%patch -P 121 -p1
+%patch -P 122 -p1
 # Github patches
-%patch125 -p1
-%patch126 -p1
-%patch128 -p1
-%patch129 -p1
-find -type f -exec chmod 644 {} +
+%patch -P 125 -p1
+%patch -P 126 -p1
+%patch -P 130 -p1

 %build
 export CFLAGS="%{optflags} -fno-strict-aliasing -DLDAP_DEPRECATED"
-gettextize -f --no-changelog
-autoreconf -fi
-chmod a+x NP-VERSION-GEN
-chmod +x configure # needed as configure script is not executable in 1.5..
+# Translations were (temporarily?) removed upstream:
+#   https://github.com/monitoring-plugins/monitoring-plugins/pull/1947
+#gettextize -f --no-changelog
 %configure \
 	--enable-static=no \
 	--enable-extra-opts \
@ -1169,16 +1197,12 @@ chmod +x configure # needed as configure script is not executable in 1.5..
 	--with-apt-get-command=%{apt_get_command} \
 	--with-cgiurl=/nagios/cgi-bin \
 	--with-fping-command=%{_sbindir}/fping \
-    --with-fping6-command=%{_sbindir}/fping6 \
+	--with-fping6-command=%{_sbindir}/fping6 \
 	--with-ipv6 \
-	--with-ntpq-command=%{_sbindir}/ntpq \
-	--with-ntpdc-command=%{_sbindir}/ntpdc \
-	--with-ntpdate-command=%{_sbindir}/ntpdate \
 	--with-openssl=%{_prefix} \
 	--with-perl=%{_bindir}/perl \
 	--with-pgsql=%{_prefix} \
 	--with-ping6-command='/bin/ping6 -n -U -w %d -c %d %s' \
-	--with-proc-loadavg=/proc/loadavg \
 	--with-ps-command="/bin/ps axwo 'stat uid pid ppid vsz rss pcpu etime comm args'" \
 	--with-ps-format='%s %d %d %d %d %d %f %s %s %n' \
 	--with-ps-cols=10 \
@ -1380,6 +1404,13 @@ fi
 %{nagios_plugindir}/utils.sh
 %attr(0644,root,root) %{nagios_plugindir}/utils.pm

+%if 0%{?suse_version} > 1315
+%files curl
+%defattr(0755,root,root)
+%dir %{nagios_plugindir}
+%{nagios_plugindir}/check_curl
+%endif
+
 %files dbi
 %defattr(-,root,root)
 %dir %{nagios_plugindir}
@ -1534,7 +1565,6 @@ fi
 %dir %{nagios_plugindir}
 %{nagios_plugindir}/check_mrtgtraf

-
 %if %{with mssql}
 %files mssql
 %defattr(0755,root,root)