Merge pull request #1689 from monitoring-plugins/feature_check_curl

fixes check_curl: "CRITICAL - Cannot retrieve certificate subject."
author: Sven Nierlein <sven@nierlein.de> 2021-05-27 17:59:35 +0200
committer: GitHub <noreply@github.com> 2021-05-27 17:59:35 +0200
commit: b02bcd4870a81d0ba4d4070d3cfc32a1aac61aad (patch)
tree: c8594e22507e519a3572f1a46ab7c5cd4a6dd088
parent: 6946b546feb9635413932861c4256f0067846860 (diff)
parent: beb609ffcf8c24c133f59829e0d3d82102661b82 (diff)
download: monitoring-plugins-b02bcd4870a81d0ba4d4070d3cfc32a1aac61aad.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index 3e0a6f94..59e398b2 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -285,6 +285,18 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
   * TODO: is the last certificate always the server certificate?
   */
  cert = X509_STORE_CTX_get_current_cert(x509_ctx);
+  X509_up_ref(cert);
+  if (verbose>=2) {
+    puts("* SSL verify callback with certificate:");
+    X509_NAME *subject, *issuer;
+    printf("*   issuer:\n");
+    issuer = X509_get_issuer_name( cert );
+    X509_NAME_print_ex_fp(stdout, issuer, 5, XN_FLAG_MULTILINE);
+    printf("* curl verify_callback:\n*   subject:\n");
+    subject = X509_get_subject_name( cert );
+    X509_NAME_print_ex_fp(stdout, subject, 5, XN_FLAG_MULTILINE);
+    puts("");
+  }
  return 1;
 }
author	Sven Nierlein <sven@nierlein.de>	2021-05-27 17:59:35 +0200
committer	GitHub <noreply@github.com>	2021-05-27 17:59:35 +0200
commit	b02bcd4870a81d0ba4d4070d3cfc32a1aac61aad (patch)
tree	c8594e22507e519a3572f1a46ab7c5cd4a6dd088
parent	6946b546feb9635413932861c4256f0067846860 (diff)
parent	beb609ffcf8c24c133f59829e0d3d82102661b82 (diff)
download	monitoring-plugins-b02bcd4870a81d0ba4d4070d3cfc32a1aac61aad.tar.gz

diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 3e0a6f94..59e398b2 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c
@@ -285,6 +285,18 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx)
285	* TODO: is the last certificate always the server certificate?	285	* TODO: is the last certificate always the server certificate?
286	*/	286	*/
287	cert = X509_STORE_CTX_get_current_cert(x509_ctx);	287	cert = X509_STORE_CTX_get_current_cert(x509_ctx);
		288	X509_up_ref(cert);
		289	if (verbose>=2) {
		290	puts("* SSL verify callback with certificate:");
		291	X509_NAME subject, issuer;
		292	printf("* issuer:\n");
		293	issuer = X509_get_issuer_name( cert );
		294	X509_NAME_print_ex_fp(stdout, issuer, 5, XN_FLAG_MULTILINE);
		295	printf("* curl verify_callback:\n* subject:\n");
		296	subject = X509_get_subject_name( cert );
		297	X509_NAME_print_ex_fp(stdout, subject, 5, XN_FLAG_MULTILINE);
		298	puts("");
		299	}
288	return 1;	300	return 1;
289	}	301	}
290		302