summaryrefslogtreecommitdiffstats
path: root/plugins/check_update.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_update.cpp')
-rw-r--r--plugins/check_update.cpp248
1 files changed, 248 insertions, 0 deletions
diff --git a/plugins/check_update.cpp b/plugins/check_update.cpp
new file mode 100644
index 0000000..2711d93
--- /dev/null
+++ b/plugins/check_update.cpp
@@ -0,0 +1,248 @@
+/* Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ */
+
+#include "plugins/thresholds.hpp"
+#include <boost/program_options.hpp>
+#include <iostream>
+#include <windows.h>
+#include <shlwapi.h>
+#include <wuapi.h>
+#include <wuerror.h>
+
+#define VERSION 1.0
+
+#define CRITERIA L"(IsInstalled = 0 and CategoryIDs contains '0fa1201d-4330-4fa8-8ae9-b877473b6441') or (IsInstalled = 0 and CategoryIDs contains 'E6CF1350-C01B-414D-A61F-263D14D133B4')"
+
+namespace po = boost::program_options;
+
+struct printInfoStruct
+{
+ int warn{0};
+ int crit{0};
+ LONG numUpdates{0};
+ bool ignoreReboot{false};
+ int reboot{0};
+ bool careForCanRequest{false};
+};
+
+static bool l_Debug;
+
+static int parseArguments(int ac, WCHAR **av, po::variables_map& vm, printInfoStruct& printInfo)
+{
+ WCHAR namePath[MAX_PATH];
+ GetModuleFileName(NULL, namePath, MAX_PATH);
+ WCHAR *progName = PathFindFileName(namePath);
+
+ po::options_description desc;
+
+ desc.add_options()
+ ("help,h", "Print help message and exit")
+ ("version,V", "Print version and exit")
+ ("debug,d", "Verbose/Debug output")
+ ("warning,w", po::value<int>(), "Number of updates to trigger a warning.")
+ ("critical,c", po::value<int>(), "Number of updates to trigger a critical.")
+ ("possible-reboot", "Treat \"update may need reboot\" as \"update needs reboot\"")
+ ("no-reboot-critical", "Do not automatically return critical if an update requiring reboot is present.")
+ ;
+
+ po::wcommand_line_parser parser(ac, av);
+
+ try {
+ po::store(
+ parser
+ .options(desc)
+ .style(
+ po::command_line_style::unix_style |
+ po::command_line_style::allow_long_disguise)
+ .run(),
+ vm);
+ vm.notify();
+ } catch (const std::exception& e) {
+ std::cout << e.what() << '\n' << desc << '\n';
+ return 3;
+ }
+
+ if (vm.count("help")) {
+ std::wcout << progName << " Help\n\tVersion: " << VERSION << '\n';
+ wprintf(
+ L"%s is a simple program to check a machines required updates.\n"
+ L"You can use the following options to define its behaviour:\n\n", progName);
+ std::cout << desc;
+ wprintf(
+ L"\nAfter some time, it will then output a string like this one:\n\n"
+ L"\tUPDATE WARNING 8 | updates=8;1;1;0\n\n"
+ L"\"UPDATE\" being the type of the check, \"WARNING\" the returned status\n"
+ L"and \"8\" is the number of important updates.\n"
+ L"The performance data is found behind the \"|\", in order:\n"
+ L"returned value, warning threshold, critical threshold, minimal value and,\n"
+ L"if applicable, the maximal value.\n\n"
+ L"An update counts as important when it is part of the Security- or\n"
+ L"CriticalUpdates group.\n"
+ L"Consult the msdn on WSUS Classification GUIDs for more information.\n"
+ L"%s' exit codes denote the following:\n"
+ L" 0\tOK,\n\tNo Thresholds were broken or the programs check part was not executed\n"
+ L" 1\tWARNING,\n\tThe warning, but not the critical threshold was broken\n"
+ L" 2\tCRITICAL,\n\tThe critical threshold was broken or an update required reboot.\n"
+ L" 3\tUNKNOWN, \n\tThe program experienced an internal or input error\n\n"
+ L"If a warning threshold is set but not a critical threshold, the critical\n"
+ L"threshold will be set to one greater than the set warning threshold.\n\n"
+ L"The \"possible-reboot\" option is not recommended since this true for nearly\n"
+ L"every update."
+ , progName);
+ std::cout << '\n';
+ return 0;
+ } if (vm.count("version")) {
+ std::cout << "Version: " << VERSION << '\n';
+ return 0;
+ }
+ if(vm.count("warning"))
+ printInfo.warn = vm["warning"].as<int>();
+ if (vm.count("critical"))
+ printInfo.crit = vm["critical"].as<int>();
+ else if (vm.count("warning"))
+ printInfo.crit = printInfo.warn + 1;
+ printInfo.careForCanRequest = vm.count("possible-reboot") > 0;
+ printInfo.ignoreReboot = vm.count("no-reboot-critical") > 0;
+
+ l_Debug = vm.count("debug") > 0;
+
+ return -1;
+}
+
+static int printOutput(const printInfoStruct& printInfo)
+{
+ if (l_Debug)
+ std::wcout << L"Constructing output string" << '\n';
+
+ state state = OK;
+ std::wstring output = L"UPDATE ";
+
+ if (printInfo.numUpdates >= printInfo.warn && printInfo.warn)
+ state = WARNING;
+
+ if ((printInfo.reboot && !printInfo.ignoreReboot) || (printInfo.numUpdates >= printInfo.crit && printInfo.crit))
+ state = CRITICAL;
+
+ switch (state) {
+ case OK:
+ output.append(L"OK ");
+ break;
+ case WARNING:
+ output.append(L"WARNING ");
+ break;
+ case CRITICAL:
+ output.append(L"CRITICAL ");
+ break;
+ }
+ output.append(std::to_wstring(printInfo.numUpdates));
+ if (printInfo.reboot) {
+ output.append(L"; ");
+ output.append(std::to_wstring(printInfo.reboot));
+ output.append(L" NEED REBOOT ");
+ }
+ std::wcout << output << L" | 'update'=" << printInfo.numUpdates << L";"
+ << printInfo.warn << L";" << printInfo.crit << L";0;" << '\n';
+
+ return state;
+}
+
+static int check_update(printInfoStruct& printInfo)
+{
+ if (l_Debug)
+ std::wcout << "Initializing COM library" << '\n';
+ CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
+ ISearchResult *pResult;
+ IUpdateSession *pSession;
+ IUpdateSearcher *pSearcher;
+ BSTR criteria = NULL;
+
+ HRESULT err;
+ if (l_Debug)
+ std::wcout << "Creating UpdateSession and UpdateSearcher" << '\n';
+ CoCreateInstance(CLSID_UpdateSession, NULL, CLSCTX_INPROC_SERVER, IID_IUpdateSession, (void **)&pSession);
+ pSession->CreateUpdateSearcher(&pSearcher);
+
+ /*
+ * IsInstalled = 0: All updates, including languagepacks and features
+ * BrowseOnly = 0: No features or languagepacks, security and unnamed
+ * BrowseOnly = 1: Nothing, broken
+ * RebootRequired = 1: Reboot required
+ */
+
+ criteria = SysAllocString(CRITERIA);
+ // https://msdn.microsoft.com/en-us/library/windows/desktop/aa386526%28v=vs.85%29.aspx
+ // https://msdn.microsoft.com/en-us/library/ff357803%28v=vs.85%29.aspx
+
+ if (l_Debug)
+ std::wcout << L"Querying updates from server" << '\n';
+
+ err = pSearcher->Search(criteria, &pResult);
+ if (!SUCCEEDED(err))
+ goto die;
+ SysFreeString(criteria);
+
+ IUpdateCollection *pCollection;
+ IUpdate *pUpdate;
+
+ LONG updateSize;
+ pResult->get_Updates(&pCollection);
+ pCollection->get_Count(&updateSize);
+
+ if (updateSize == 0)
+ return -1;
+
+ printInfo.numUpdates = updateSize;
+ // printInfo.important = printInfo.warn;
+
+ IInstallationBehavior *pIbehav;
+ InstallationRebootBehavior updateReboot;
+
+ for (LONG i = 0; i < updateSize; i++) {
+ pCollection->get_Item(i, &pUpdate);
+ if (l_Debug) {
+ std::wcout << L"Checking reboot behaviour of update number " << i << '\n';
+ }
+ pUpdate->get_InstallationBehavior(&pIbehav);
+ pIbehav->get_RebootBehavior(&updateReboot);
+ if (updateReboot == irbAlwaysRequiresReboot) {
+ printInfo.reboot++;
+ if (l_Debug)
+ std::wcout << L"It requires reboot" << '\n';
+ continue;
+ }
+ if (printInfo.careForCanRequest && updateReboot == irbCanRequestReboot) {
+ if (l_Debug)
+ std::wcout << L"It requires reboot" << '\n';
+ printInfo.reboot++;
+ }
+ }
+
+ if (l_Debug)
+ std::wcout << L"Cleaning up and returning" << '\n';
+
+ SysFreeString(criteria);
+ CoUninitialize();
+ return -1;
+
+die:
+ printErrorInfo(err);
+ CoUninitialize();
+ if (criteria)
+ SysFreeString(criteria);
+ return 3;
+}
+
+int wmain(int argc, WCHAR **argv)
+{
+ printInfoStruct printInfo;
+ po::variables_map vm;
+
+ int ret = parseArguments(argc, argv, vm, printInfo);
+ if (ret != -1)
+ return ret;
+
+ ret = check_update(printInfo);
+ if (ret != -1)
+ return ret;
+
+ return printOutput(printInfo);
+}