summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndreas Baumann <mail@andreasbaumann.cc>2021-05-27 13:32:08 (GMT)
committerAndreas Baumann <mail@andreasbaumann.cc>2021-05-27 13:32:08 (GMT)
commitbeb609ffcf8c24c133f59829e0d3d82102661b82 (patch)
treec8594e22507e519a3572f1a46ab7c5cd4a6dd088
parent6946b546feb9635413932861c4256f0067846860 (diff)
downloadmonitoring-plugins-beb609ffcf8c24c133f59829e0d3d82102661b82.tar.gz
- added verbose output in verify_callback - pin refcounting for certs (avoid subject extraction error when checking certs in is_openssl_callback mode)
-rw-r--r--plugins/check_curl.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index 3e0a6f9..59e398b 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -285,6 +285,18 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
285 * TODO: is the last certificate always the server certificate? 285 * TODO: is the last certificate always the server certificate?
286 */ 286 */
287 cert = X509_STORE_CTX_get_current_cert(x509_ctx); 287 cert = X509_STORE_CTX_get_current_cert(x509_ctx);
288 X509_up_ref(cert);
289 if (verbose>=2) {
290 puts("* SSL verify callback with certificate:");
291 X509_NAME *subject, *issuer;
292 printf("* issuer:\n");
293 issuer = X509_get_issuer_name( cert );
294 X509_NAME_print_ex_fp(stdout, issuer, 5, XN_FLAG_MULTILINE);
295 printf("* curl verify_callback:\n* subject:\n");
296 subject = X509_get_subject_name( cert );
297 X509_NAME_print_ex_fp(stdout, subject, 5, XN_FLAG_MULTILINE);
298 puts("");
299 }
288 return 1; 300 return 1;
289} 301}
290 302