blackbox_exporter.git
2 years agoRemove outdated IRC and point to community website
Baptiste Mille-Mathias [Thu, 27 Jan 2022 14:25:25 +0000 (15:25 +0100)]
Remove outdated IRC and point to community website

Signed-off-by: Baptiste Mille-Mathias <baptiste.millemathias@gmail.com>
2 years agoMerge pull request #863 from prometheus/superq/fix_ip_hash
Ben Kochie [Wed, 26 Jan 2022 21:47:32 +0000 (22:47 +0100)]
Merge pull request #863 from prometheus/superq/fix_ip_hash

Fix IP hash

2 years agoMerge pull request #871 from prometheus/repo_sync
Ben Kochie [Wed, 26 Jan 2022 07:27:11 +0000 (08:27 +0100)]
Merge pull request #871 from prometheus/repo_sync

Synchronize common files from prometheus/prometheus

2 years agoUpdate common Prometheus files
prombot [Wed, 26 Jan 2022 00:01:49 +0000 (00:01 +0000)]
Update common Prometheus files

Signed-off-by: prombot <prometheus-team@googlegroups.com>
2 years agoMerge pull request #859 from dgl/dns-rd
Ben Kochie [Tue, 25 Jan 2022 12:45:03 +0000 (13:45 +0100)]
Merge pull request #859 from dgl/dns-rd

Add control of recursion desired flag for DNS probes

2 years agoMerge pull request #864 from prometheus/superq/bump_go
Ben Kochie [Tue, 25 Jan 2022 11:38:54 +0000 (12:38 +0100)]
Merge pull request #864 from prometheus/superq/bump_go

Update Go version

2 years agoFixup chooseProtocol test.
SuperQ [Sat, 22 Jan 2022 17:18:46 +0000 (18:18 +0100)]
Fixup chooseProtocol test.

Verified this works all the way back to Go 1.13.

Signed-off-by: SuperQ <superq@gmail.com>
2 years agoReview comments
David Leadbeater [Mon, 24 Jan 2022 21:04:26 +0000 (08:04 +1100)]
Review comments

- Drop "desired"
- Drop go 1.17 compat, will be switched entirely to go 1.17 elsewhere

Signed-off-by: David Leadbeater <dgl@dgl.cx>
2 years agoMerge pull request #557 from nikonhub/feature-change_default_http_user_agent
Ben Kochie [Sat, 22 Jan 2022 19:03:14 +0000 (20:03 +0100)]
Merge pull request #557 from nikonhub/feature-change_default_http_user_agent

Change default user agent

2 years agoFix up deprecated grpc.WithInsecure()
SuperQ [Sat, 22 Jan 2022 16:26:26 +0000 (17:26 +0100)]
Fix up deprecated grpc.WithInsecure()

Signed-off-by: SuperQ <superq@gmail.com>
2 years agoUpdate Go version
SuperQ [Sat, 22 Jan 2022 15:53:06 +0000 (16:53 +0100)]
Update Go version

* Update Go to 1.17.
* Update Go modules to current releases.

Signed-off-by: SuperQ <superq@gmail.com>
2 years agoFix IP hash
SuperQ [Sat, 22 Jan 2022 15:37:30 +0000 (16:37 +0100)]
Fix IP hash

Select the correct slice of bytes to hash based on IPv4 or IPv6 address
family.

Signed-off-by: SuperQ <superq@gmail.com>
2 years agoAdd control of recursion desired flag for DNS probes
David Leadbeater [Sun, 2 Jan 2022 05:02:57 +0000 (16:02 +1100)]
Add control of recursion desired flag for DNS probes

This defaults recursion desired to on to preserve existing behaviour,
but allows it to be configured.

Signed-off-by: David Leadbeater <dgl@dgl.cx>
2 years agoAdd support for grpc health check (#835)
Alessandro Verzicco [Mon, 15 Nov 2021 08:41:34 +0000 (09:41 +0100)]
Add support for grpc health check (#835)

Signed-off-by: Alessandro Verzicco <8068317+averzicco@users.noreply.github.com>
2 years agoAdd hostname parameter (#823)
Evgeniy Y [Thu, 11 Nov 2021 00:35:41 +0000 (03:35 +0300)]
Add hostname parameter (#823)

* Add hostname parameter

Signed-off-by: anemyte <anemyte@gmail.com>
3 years agoUpdate common Prometheus files (#839)
PrometheusBot [Tue, 2 Nov 2021 22:41:17 +0000 (23:41 +0100)]
Update common Prometheus files (#839)

Signed-off-by: prombot <prometheus-team@googlegroups.com>
3 years agoUpdate dependencies (#822)
Marcelo Magallon [Sat, 23 Oct 2021 22:41:26 +0000 (16:41 -0600)]
Update dependencies (#822)

github.com/go-kit/kit/log has been replaced by github.com/go-kit/log.

Signed-off-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
3 years agoFix body_size_limit negative handling (#838)
Marcelo Magallon [Tue, 19 Oct 2021 22:37:07 +0000 (16:37 -0600)]
Fix body_size_limit negative handling (#838)

When body_size_limit is 0 (either explicitly or implicitly because it
wasn't specified) or less, we are setting it to math.MaxInt64. It turns
out that the implementation in http.MaxBytesReader tries to add 1 to the
specified value, and it wraps around. After that, it tries to use the
result to index an slice, causing it to panic.

Work around this by setting the limit to math.MaxInt64 - 1.

Also, if body_size_limit is exactly 0, leave it like that. That causes
the code to avoid setting up the limiter, saving some extra processing.

Signed-off-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
3 years agoAdd body_size_limit option to http module (#836)
Marcelo Magallon [Tue, 19 Oct 2021 16:50:47 +0000 (10:50 -0600)]
Add body_size_limit option to http module (#836)

This option limits the maximum body length that will be read from the
HTTP server. It's meant to prevent misconfigured servers from causing
the probe to use too many resources, even if temporarily. It's not an
additional check on the response, for that, use the resulting metrics
(probe_http_content_length, probe_http_uncompressed_body_length, etc).

Co-authored-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoMerge pull request #824 from prometheus/repo_sync
Ben Kochie [Sun, 12 Sep 2021 10:47:33 +0000 (12:47 +0200)]
Merge pull request #824 from prometheus/repo_sync

Synchronize common files from prometheus/prometheus

3 years agoUpdate common Prometheus files
prombot [Sun, 12 Sep 2021 00:02:50 +0000 (00:02 +0000)]
Update common Prometheus files

Signed-off-by: prombot <prometheus-team@googlegroups.com>
3 years agoMerge pull request #796 from roidelapluie/simple-one-call
Julien Pivotto [Fri, 23 Jul 2021 10:00:22 +0000 (12:00 +0200)]
Merge pull request #796 from roidelapluie/simple-one-call

Simplify prefered protocol DNS probe

3 years agoMerge pull request #807 from prometheus/repo_sync
Marcelo Magallon [Thu, 8 Jul 2021 20:39:36 +0000 (14:39 -0600)]
Merge pull request #807 from prometheus/repo_sync

Synchronize common files from prometheus/prometheus

3 years agoUpdate common Prometheus files
prombot [Tue, 29 Jun 2021 00:01:45 +0000 (00:01 +0000)]
Update common Prometheus files

Signed-off-by: prombot <prometheus-team@googlegroups.com>
3 years agoSimple implementation of single-resolver-call without fallback
Julien Pivotto [Fri, 28 May 2021 21:40:32 +0000 (23:40 +0200)]
Simple implementation of single-resolver-call without fallback

This approach ensures that we only call a single time the resolver in
the dns probes.

Otherwise, if we got an error in the first call, we would do a second
call.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoRevert "Use preferred protocol first when resolving hostname (#728)"
Julien Pivotto [Fri, 28 May 2021 21:23:21 +0000 (23:23 +0200)]
Revert "Use preferred protocol first when resolving hostname (#728)"

This reverts commit 847b668e93267b1b57a76db5876f123bff074315.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoMerge pull request #785 from roidelapluie/rel-019cl
Julien Pivotto [Tue, 11 May 2021 13:35:46 +0000 (15:35 +0200)]
Merge pull request #785 from roidelapluie/rel-019cl

Fixes in the 0.19 changelog

3 years agoWe do not use ReadRequest
Julien Pivotto [Tue, 11 May 2021 11:24:01 +0000 (13:24 +0200)]
We do not use ReadRequest

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoFix redirects options
Julien Pivotto [Tue, 11 May 2021 07:29:26 +0000 (09:29 +0200)]
Fix redirects options

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoFixes in the changelog
Julien Pivotto [Mon, 10 May 2021 16:30:21 +0000 (18:30 +0200)]
Fixes in the changelog

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoFix release date
Julien Pivotto [Mon, 10 May 2021 12:59:05 +0000 (14:59 +0200)]
Fix release date

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoMerge pull request #784 from roidelapluie/rel-019
Julien Pivotto [Mon, 10 May 2021 12:54:23 +0000 (14:54 +0200)]
Merge pull request #784 from roidelapluie/rel-019

Release 0.19.0

3 years agoMerge pull request #783 from Cytrian/master
Ben Kochie [Sat, 8 May 2021 17:19:22 +0000 (19:19 +0200)]
Merge pull request #783 from Cytrian/master

Fix example ssh_banner check: Send identification string

3 years agoUse upstream parameter follow_redirects
Julien Pivotto [Fri, 7 May 2021 15:03:00 +0000 (17:03 +0200)]
Use upstream parameter follow_redirects

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoRelease 0.19.0
Julien Pivotto [Fri, 7 May 2021 06:57:24 +0000 (08:57 +0200)]
Release 0.19.0

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoFix example ssh_banner check: Send identificaation string
Marcus Röder [Wed, 5 May 2021 12:59:18 +0000 (14:59 +0200)]
Fix example ssh_banner check: Send identificaation string

This is to reduce log spam:

"sshd[3750]: Did not receive identification string from ..:"

There will still be a "Connection closed by" message.

Signed-off-by: Marcus Röder <m.roeder@yieldlab.de>
3 years agoMerge pull request #764 from prometheus/handle_compressed_payload
Marcelo Magallon [Mon, 19 Apr 2021 22:23:26 +0000 (16:23 -0600)]
Merge pull request #764 from prometheus/handle_compressed_payload

Add support for decompression of HTTP responses

3 years agoAdd support for decompression of HTTP responses
Marcelo E. Magallon [Wed, 10 Mar 2021 14:05:14 +0000 (08:05 -0600)]
Add support for decompression of HTTP responses

If the module configuration specifies the "compression" option
blackbox_exporter will try to decompress the response using the
specified algorithm. If the response is not compressed using that
algorithm, the probe will fail.

It validates that the "Accept-Encoding" header is either absent, or that
it specifies the same algorithm as the "compression" option. If the
"Accept-Encoding" header is present but it specifies a different
algorithm, the probe will fail.

If the compression option is *not* used, probe_http_content_length and
probe_http_uncompressed_body_length will have the same value
corresponding to the original content length. If the compression option
is used and the content can be decompressed, probe_http_content_length
will report the original content length as it currently does, and
probe_http_uncompressed_body_length will report the length of the body
after decompression as expected.

Fixes #684

Signed-off-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
3 years agoMerge pull request #776 from prometheus/repo_sync
Marcelo Magallon [Fri, 16 Apr 2021 15:08:32 +0000 (09:08 -0600)]
Merge pull request #776 from prometheus/repo_sync

Synchronize common files from prometheus/prometheus

3 years agoUpdate common Prometheus files
prombot [Wed, 14 Apr 2021 00:02:28 +0000 (00:02 +0000)]
Update common Prometheus files

Signed-off-by: prombot <prometheus-team@googlegroups.com>
3 years agoMerge pull request #770 from prometheus/repo_sync
Marcelo Magallon [Wed, 31 Mar 2021 18:37:39 +0000 (12:37 -0600)]
Merge pull request #770 from prometheus/repo_sync

Synchronize common files from prometheus/prometheus

3 years agoUpdate common Prometheus files
prombot [Wed, 31 Mar 2021 00:02:11 +0000 (00:02 +0000)]
Update common Prometheus files

Signed-off-by: prombot <prometheus-team@googlegroups.com>
3 years agoMerge pull request #768 from prometheus/repo_sync
Ben Kochie [Mon, 22 Mar 2021 08:25:56 +0000 (09:25 +0100)]
Merge pull request #768 from prometheus/repo_sync

Synchronize common files from prometheus/prometheus

3 years agoUpdate common Prometheus files
prombot [Mon, 22 Mar 2021 00:01:40 +0000 (00:01 +0000)]
Update common Prometheus files

Signed-off-by: prombot <prometheus-team@googlegroups.com>
3 years agoMerge pull request #758 from kgersen/master
Marcelo Magallon [Thu, 18 Mar 2021 01:24:43 +0000 (19:24 -0600)]
Merge pull request #758 from kgersen/master

http probe - fix how the tls phase is calculated

3 years agoMerge pull request #767 from prometheus/repo_sync
Marcelo Magallon [Thu, 18 Mar 2021 01:23:16 +0000 (19:23 -0600)]
Merge pull request #767 from prometheus/repo_sync

Synchronize common files from prometheus/prometheus

3 years agoUpdate common Prometheus files
prombot [Thu, 18 Mar 2021 00:01:34 +0000 (00:01 +0000)]
Update common Prometheus files

Signed-off-by: prombot <prometheus-team@googlegroups.com>
3 years agoMerge pull request #752 from Jimdo/add-health-endpoint
Marcelo Magallon [Tue, 16 Mar 2021 15:40:16 +0000 (09:40 -0600)]
Merge pull request #752 from Jimdo/add-health-endpoint

Add health endpoint

3 years agoMerge pull request #745 from prometheus/fix_738
Marcelo Magallon [Tue, 16 Mar 2021 15:34:25 +0000 (09:34 -0600)]
Merge pull request #745 from prometheus/fix_738

Update golangci-lint to 1.36.0

3 years ago- revert 'connect' phase duration
kgersen [Tue, 16 Mar 2021 12:23:12 +0000 (13:23 +0100)]
- revert 'connect' phase duration

Signed-off-by: kgersen <kgersen@hotmail.com>
3 years ago- fix how tls phase is computed
kgersen [Sun, 14 Mar 2021 17:38:43 +0000 (18:38 +0100)]
- fix how tls phase is computed

Signed-off-by: kgersen <kgersen@hotmail.com>
3 years agoAdd health endpoint
Mitja Adebahr [Thu, 25 Feb 2021 10:51:14 +0000 (11:51 +0100)]
Add health endpoint

The root endpoint exposes too much data. So it cannot be used as public
health check endpoint.

Signed-off-by: Mitja Adebahr <extern.mitja.adebahr@jimdo.com>
3 years agomakefile: update Makefile.common with newer version
Marcelo E. Magallon [Wed, 3 Feb 2021 20:43:07 +0000 (14:43 -0600)]
makefile: update Makefile.common with newer version

This updates golangci-lint from version 1.18.0 to 1.36.0. Newer versions
flag a possible nil pointer dereference, so rework some of the logic to
make sure that's not the case.

Add a test that covers the case of the changed code.

Closes #738

Signed-off-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
3 years agoMerge pull request #755 from prometheus/superq/vendor
Ben Kochie [Tue, 9 Mar 2021 12:50:19 +0000 (13:50 +0100)]
Merge pull request #755 from prometheus/superq/vendor

Update build

3 years agoUpdate build
Ben Kochie [Tue, 9 Mar 2021 11:26:17 +0000 (12:26 +0100)]
Update build

* Drop /vendor.
* Update go deps.
* Update to Go 1.16.

Signed-off-by: Ben Kochie <superq@gmail.com>
3 years agoMerge pull request #744 from prometheus/beorn7/maintainers
Björn Rabenstein [Tue, 2 Feb 2021 15:23:12 +0000 (16:23 +0100)]
Merge pull request #744 from prometheus/beorn7/maintainers

Change maintainer from @brian-brazil to @roidelapluie, @mem, @electron0zero

3 years agoChange maintainer from @brian-brazil to @roidelapluie, @mem, @electron0zero
beorn7 [Fri, 29 Jan 2021 19:34:38 +0000 (20:34 +0100)]
Change maintainer from @brian-brazil to @roidelapluie, @mem, @electron0zero

Signed-off-by: beorn7 <beorn@grafana.com>
3 years agoMerge pull request #737 from roidelapluie/security-dot-md
Julien Pivotto [Fri, 15 Jan 2021 14:42:31 +0000 (15:42 +0100)]
Merge pull request #737 from roidelapluie/security-dot-md

Add SECURITY.md

3 years agoAdd SECURITY.md
Julien Pivotto [Fri, 15 Jan 2021 00:01:11 +0000 (01:01 +0100)]
Add SECURITY.md

This commit adds a security policy to this repository. SECURITY.md files
are handled in a special way by GitHub, helping users to know how to
best submit security issues for the projects.

In this case, we simply point to our existing documentation on
prometheus.io.

The content of this file will be synced automatically with the
prometheus/prometheus repository, as our security policy covers all the
repositories. This sync is automated with prombot, like other files
(LICENSE, Makefile.common).

https://docs.github.com/en/free-pro-team@latest/github/managing-security-vulnerabilities/adding-a-security-policy-to-your-repository
Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoMerge pull request #735 from roidelapluie/toolkit-update
Julien Pivotto [Wed, 13 Jan 2021 21:38:48 +0000 (22:38 +0100)]
Merge pull request #735 from roidelapluie/toolkit-update

Update exporter-toolkit to 0.5.0

3 years agoUpdate exporter-toolkit to 0.5.0
Julien Pivotto [Wed, 13 Jan 2021 20:53:54 +0000 (21:53 +0100)]
Update exporter-toolkit to 0.5.0

The exporter-toolkit has a new release that renames the https package to
web to make it more meaningful.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoImprove the test code. (#733)
Yuchen Ying [Thu, 7 Jan 2021 19:39:06 +0000 (11:39 -0800)]
Improve the test code. (#733)

Signed-off-by: Yuchen Ying <github.com@yegle.net>
3 years agoEnable TLS and basic authentication (#730)
Julien Pivotto [Wed, 6 Jan 2021 19:34:11 +0000 (20:34 +0100)]
Enable TLS and basic authentication (#730)

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoSolve #717 Validating config should try to compile regexes (#729)
Suzuki Shota [Wed, 6 Jan 2021 13:52:00 +0000 (22:52 +0900)]
Solve #717 Validating config should try to compile regexes (#729)

* Solve issue: #717:Validating config includes trying to compile regexes

Signed-off-by: sshota0809 <8736380+sshota0809@users.noreply.github.com>
3 years agoUse preferred protocol first when resolving hostname (#728)
Yuchen Ying [Tue, 5 Jan 2021 10:02:02 +0000 (02:02 -0800)]
Use preferred protocol first when resolving hostname (#728)

* Use preferred protocol first when resolving hostname

Prior to this change, LookupIPAddr() is used to do the DNS query,
which sends two DNS queries for A/AAAA records, even if the config has
preferred protocol set to ip4 and does not allow fallback protocol.

This change will change to use LookupIP() with the preferred protocol,
and only try fallback protocol if it's set to true. In most cases doing
this will save one RTT of DNS query.

Signed-off-by: Yuchen Ying <github.com@yegle.net>
3 years agohttp prober: Fix error checking (#723)
Julien Pivotto [Mon, 14 Dec 2020 23:14:43 +0000 (00:14 +0100)]
http prober: Fix error checking (#723)

Not sure if that can be triggered in real scenarios.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoMerge pull request #722 from prometheus/superq/update_build
Ben Kochie [Tue, 8 Dec 2020 15:06:44 +0000 (16:06 +0100)]
Merge pull request #722 from prometheus/superq/update_build

Update build

3 years agoUpdate build
Ben Kochie [Fri, 4 Dec 2020 10:36:48 +0000 (11:36 +0100)]
Update build

* Move make test from Travis to CircleCI.
* Drop Travis testing.
* Bump prometheus orb to latest.
* Update Makefile.common.
* Use default build target list.
* Switch CI prober tests env var to generic "CI" variable.

Signed-off-by: Ben Kochie <superq@gmail.com>
3 years agoFix version flag in github template (#718)
Julien Pivotto [Wed, 2 Dec 2020 09:48:03 +0000 (10:48 +0100)]
Fix version flag in github template (#718)

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
3 years agoResolve #715 Metric for unknown probe (#716)
gavk34 [Fri, 27 Nov 2020 20:55:49 +0000 (20:55 +0000)]
Resolve #715 Metric for unknown probe (#716)

Co-authored-by: Gavin Kelly <gkelly@newsweaver.com>
4 years agomake smtp examples compliant to spec (#706)
Björn Fischer [Thu, 29 Oct 2020 11:38:48 +0000 (12:38 +0100)]
make smtp examples compliant to spec (#706)

Signed-off-by: Björn Fischer <bjoern.fischer@inovex.de>
4 years agoCorrect formatting of build_context log message at startup (#700)
Brian Candler [Mon, 12 Oct 2020 12:55:25 +0000 (13:55 +0100)]
Correct formatting of build_context log message at startup (#700)

Fixes #699

Signed-off-by: Brian Candler <b.candler@pobox.com>
4 years agoRelease 0.18.0
Brian Brazil [Mon, 12 Oct 2020 09:45:17 +0000 (10:45 +0100)]
Release 0.18.0

Signed-off-by: Brian Brazil <brian.brazil@robustperception.io>
4 years agoAdd probe_icmp_reply_hop_limit (#694)
Luiz Angelo Daros de Luca [Thu, 8 Oct 2020 10:50:21 +0000 (07:50 -0300)]
Add probe_icmp_reply_hop_limit (#694)

IPv6 hop limit (IPv4 TTL) tells how many remaining hops the reply
datagram has. When the target uses a well known initial hop limit,
it can be used to count the number of hops from the target to the
prober and detect routing problems.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
4 years agoLog http version string we compare with, rather than float we put in metric. (#659)
Brian Brazil [Wed, 2 Sep 2020 16:14:20 +0000 (17:14 +0100)]
Log http version string we compare with, rather than float we put in metric. (#659)

See #658

Signed-off-by: Brian Brazil <brian.brazil@robustperception.io>
4 years agoFix issue #673: incorrect content length reporting (#674)
Marcelo Magallon [Sat, 29 Aug 2020 08:18:35 +0000 (02:18 -0600)]
Fix issue #673: incorrect content length reporting (#674)

Without regexp validations, the current code reads the response from the
server in order to figure out the number of bytes we received. With
regular expression validations, it's necessary to read the whole
response in order verify it if matches or not. In this case, since the
response is completely consumed, the current code is reporting a length
of 0.

Modify the code so that we can keep track of the content length in
either case: wrap the io.ReadCloser that corresponds to the response
body with another io.ReadCloser that keeps track of the number of bytes
read. After completely consuming the reponse, the wrapper is able to
report the total number of bytes read.

Add TestContentLength that checks the content lenght is reported
correctly.

Rework existing TestFailIfBodyMatchesRegexp to reduce repetiiton; add
expectations to avoid regressing issue 673.

Fixes #673

Signed-off-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
4 years agoFix panic when running ICMPv4 probe with DontFragment (#686)
Marcelo Magallon [Sat, 29 Aug 2020 08:16:22 +0000 (02:16 -0600)]
Fix panic when running ICMPv4 probe with DontFragment (#686)

A recent change modified the way an IPv4 raw socket is created and BBE
is panicing when ICMPv4 is used with DontFragment set.

golang.org/x/net doesn't seem to have a way to create the necessary
socket, so fall back to the previous method for that case in particular
(ICMP, IPv4, DontFragment=true).

Fixes #685

Signed-off-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
4 years agoprober/tls: fix probe_ssl_last_chain_expiry_timestamp_seconds (#681)
Rob Best [Thu, 20 Aug 2020 12:40:14 +0000 (13:40 +0100)]
prober/tls: fix probe_ssl_last_chain_expiry_timestamp_seconds (#681)

* prober/tls: fix probe_ssl_last_chain_expiry_timestamp_seconds

This metric should report the earliest expiry of the chain that expires
the latest out of all the verified chains. Presently, it reports the
earliest expiry of the chain that expires first.

The current test for this metric was using an expired root certificate which
is omitted from the verified chain, so the test was passing despite this
bug. I've changed it to use a root that is still valid but expires before a
root held by the client.

* prober/tls: improve verified cert test

Include the older root certificate in the chain presented by the server
as well as in the client root CAs. This ensures that the peer
certificate metric identifies the older root CA as the earliest expiry
while it is ignored by the verified metric in favour of the longer-lived
chain.

Signed-off-by: Rob Best <robertbest89@gmail.com>
4 years agoprober/tls: adding metric to expose certificate fingerprint info (#678)
Felix Ehrenpfort [Tue, 18 Aug 2020 22:55:48 +0000 (00:55 +0200)]
prober/tls: adding metric to expose certificate fingerprint info (#678)

this change adds a new metric `probe_ssl_fingerprint_info` to both tcp
and http probes. the metric always returns 1 similar to the tls version
metric and contains the leaf certificates sha256 fingerprint (hex) as a
label value.

this change allows users to validate in prometheus if a particular
certificate is being served.

Signed-off-by: xinau <felix.ehrenpfort@protonmail.com>
4 years agoUpdate to go 1.15 (#677)
Julien Pivotto [Fri, 14 Aug 2020 17:09:37 +0000 (19:09 +0200)]
Update to go 1.15 (#677)

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
4 years agoUpdate default timeout in README (#668)
Pedro Araújo [Wed, 29 Jul 2020 16:07:30 +0000 (17:07 +0100)]
Update default timeout in README (#668)

Since #509 (4bf18924d4645453ec3e240d01842b7f15db537c) the default
timeout was changed to 2m. This change updates the README to reflect it.

Signed-off-by: Pedro Araujo <phcrva@gmail.com>
4 years agoExpose probe_dns_duration_seconds metric (#662)
Marcelo Magallon [Mon, 13 Jul 2020 10:30:52 +0000 (04:30 -0600)]
Expose probe_dns_duration_seconds metric (#662)

* Expose probe_dns_duration_seconds metric

This follows the same pattern as probe_http_duration_seconds and
probe_icmp_duration_seconds: it captures the time it takes to perform
the actual request, excluding the time it takes to set up things.
probe_duration_seconds includes the time to perform the request as well
as all the time it takes to set it up. probe_dns_lookup_time_seconds
refers to the time it takes to resolve the target's address, so it
doesn't capture the time it takes to make one request for that target.

Follow probe_http_duration_seconds and add a "phase" label to
probe_dns_duration_seconds, which splits the time it takes to complete
the check into "resolve" (time to resolve the target name), "connect"
(time to connect to the DNS server) and "request" (time to send the
query and retrieve the response).

Signed-off-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
4 years agoChange DoT default port to 853 (#655)
Kakashi Liu [Fri, 26 Jun 2020 16:41:23 +0000 (00:41 +0800)]
Change DoT default port to 853 (#655)

Signed-off-by: Kakashi Liu <kakashi1000@gmail.com>
4 years agoUpdate common Prometheus files (#648)
PrometheusBot [Tue, 23 Jun 2020 10:11:15 +0000 (13:11 +0300)]
Update common Prometheus files (#648)

Signed-off-by: prombot <prometheus-team@googlegroups.com>
4 years agoDeal with URLs with literal IPv6 addresses (#645)
André Cruz [Fri, 19 Jun 2020 15:42:01 +0000 (16:42 +0100)]
Deal with URLs with literal IPv6 addresses (#645)

Recent versions of Go have started enforcing the usage of
brackets in URLs with literal IPv6 addresses. This change
prevents the attempt to resolve an address in the form
[address]. URL.Hostname() takes care of striping the brackets.

Signed-off-by: André Cruz <acruz@cloudflare.com>
4 years agoRelease 0.17.0
Brian Brazil [Fri, 19 Jun 2020 11:30:27 +0000 (12:30 +0100)]
Release 0.17.0

Signed-off-by: Brian Brazil <brian.brazil@robustperception.io>
4 years agoAdd option to disable TLS certificate check in DoT (#644)
André Cruz [Thu, 18 Jun 2020 08:54:54 +0000 (09:54 +0100)]
Add option to disable TLS certificate check in DoT (#644)

Signed-off-by: André Cruz <acruz@cloudflare.com>
4 years agoAdd support for DoT to DNS probes (#643)
André Cruz [Wed, 17 Jun 2020 13:59:50 +0000 (14:59 +0100)]
Add support for DoT to DNS probes (#643)

Signed-off-by: André Cruz <acruz@cloudflare.com>
4 years agoAdd support for "rootless" ping (#642)
David Leadbeater [Tue, 16 Jun 2020 14:38:05 +0000 (15:38 +0100)]
Add support for "rootless" ping (#642)

This works for Linux and Darwin.

On Linux the user running the exporter needs to be a member of a group
with an ID in the range specified in the sysctl
net.ipv4.ping_group_range.

Signed-off-by: David Leadbeater <dgl@dgl.cx>
4 years agoUpdate deps (#639)
Brian Brazil [Mon, 15 Jun 2020 15:42:51 +0000 (16:42 +0100)]
Update deps (#639)

Signed-off-by: Brian Brazil <brian.brazil@robustperception.io>
4 years agoSeed RNG to ensure different ICMP ids. (#638)
Brian Brazil [Mon, 15 Jun 2020 13:14:32 +0000 (14:14 +0100)]
Seed RNG to ensure different ICMP ids. (#638)

Fixes #632

Signed-off-by: Brian Brazil <brian.brazil@robustperception.io>
4 years ago[dns] Allow to specify query Class (#635)
Baptiste Courtois [Sun, 14 Jun 2020 10:35:33 +0000 (12:35 +0200)]
[dns] Allow to specify query Class (#635)

* [dns] validate query_class and query_type config values
This allows to catch simple config errors earlier.

Signed-off-by: Baptiste Courtois <b.courtois@criteo.com>
4 years agoUpdate prometheus/common to v0.10.0 (#622)
Julien Pivotto [Wed, 10 Jun 2020 08:21:34 +0000 (10:21 +0200)]
Update prometheus/common to v0.10.0 (#622)

Enable HTTP/2.
Fixes #617

Add support for "0" duration.

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
4 years agoAdd new probe_ssl_last_chain_expiry_timestamp_seconds metric (#636)
Takuya Kosugiyama [Wed, 10 Jun 2020 08:20:54 +0000 (17:20 +0900)]
Add new probe_ssl_last_chain_expiry_timestamp_seconds metric (#636)

* Add new probe_ssl_latest_verified_chain_expiry metric

Resolves https://github.com/prometheus/blackbox_exporter/issues/340

Based on the discussion in the issue above, this metric will help determine
when the SSL/TLS certificate expiration error actually happens on clients
like a browser that attempts to verify certificates by building one or
more chains from peer certificates.

Signed-off-by: Takuya Kosugiyama <re@itkq.jp>
4 years agofix the example.yml file: HTTP/2 is shown as HTTP/2.0 in the golang http client ...
Simon THOBY [Fri, 5 Jun 2020 16:38:55 +0000 (18:38 +0200)]
fix the example.yml file: HTTP/2 is shown as HTTP/2.0 in the golang http client (#633)

Signed-off-by: Simon Thoby <simon.thoby@bleemeo.com>
4 years agomakefile: update Makefile.common with newer version (#627)
PrometheusBot [Tue, 19 May 2020 08:23:22 +0000 (11:23 +0300)]
makefile: update Makefile.common with newer version (#627)

Signed-off-by: prombot <prometheus-team@googlegroups.com>
4 years agoBump go version to 1.14 (#611)
Julien Pivotto [Fri, 1 May 2020 16:06:00 +0000 (18:06 +0200)]
Bump go version to 1.14 (#611)

Signed-off-by: Julien Pivotto <roidelapluie@inuits.eu>
4 years agoAdd password file field to document (#605)
tottoto [Wed, 22 Apr 2020 12:20:32 +0000 (21:20 +0900)]
Add password file field to document (#605)

Signed-off-by: tottoto <tottotodev@gmail.com>
4 years agoBumping DNS dependency to 1.1.25 (#597)
David Collom [Tue, 14 Apr 2020 12:51:49 +0000 (13:51 +0100)]
Bumping DNS dependency to 1.1.25 (#597)

Bump other deps too.

Signed-off-by: David Collom <david.collom@creditkarma.com>
4 years agoMerge pull request #587 from carlosedp/ppc64le
Ben Kochie [Sun, 29 Mar 2020 14:13:47 +0000 (16:13 +0200)]
Merge pull request #587 from carlosedp/ppc64le

Add image build for ppc64le architecture