diff options
author | Thomas Guyot-Sionnest <dermoth@aei.ca> | 2009-03-17 03:39:12 -0400 |
---|---|---|
committer | Thomas Guyot-Sionnest <dermoth@aei.ca> | 2009-03-18 03:34:25 -0400 |
commit | d41a33a434558189300113c28b26e2d3d681d390 (patch) | |
tree | 2966359be8ecb1b7eb8da172e5655f5233d34f8d | |
parent | 9a05e9789017c03d192238c0337bc019838c52d4 (diff) | |
download | monitoring-plugins-d41a33a434558189300113c28b26e2d3d681d390.tar.gz |
Add timezone support and fix checks around cert expiration
-rw-r--r-- | plugins/sslutils.c | 15 | ||||
-rwxr-xr-x | plugins/tests/check_http.t | 6 |
2 files changed, 13 insertions, 8 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index f5035e23..afc24be1 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
@@ -30,6 +30,10 @@ | |||
30 | #include "common.h" | 30 | #include "common.h" |
31 | #include "netutils.h" | 31 | #include "netutils.h" |
32 | 32 | ||
33 | /* Max length of timestamps, ex: "03/05/2009 00:13 GMT". Calculate up to 6 | ||
34 | * chars for the timezone (ex: "GMT-10") and one terminating \0 */ | ||
35 | #define TS_LENGTH 24 | ||
36 | |||
33 | #ifdef HAVE_SSL | 37 | #ifdef HAVE_SSL |
34 | static SSL_CTX *c=NULL; | 38 | static SSL_CTX *c=NULL; |
35 | static SSL *s=NULL; | 39 | static SSL *s=NULL; |
@@ -90,7 +94,7 @@ int np_net_ssl_check_cert(int days_till_exp){ | |||
90 | int offset; | 94 | int offset; |
91 | struct tm stamp; | 95 | struct tm stamp; |
92 | int days_left; | 96 | int days_left; |
93 | char timestamp[17] = ""; | 97 | char timestamp[TS_LENGTH] = ""; |
94 | 98 | ||
95 | certificate=SSL_get_peer_certificate(s); | 99 | certificate=SSL_get_peer_certificate(s); |
96 | if(! certificate){ | 100 | if(! certificate){ |
@@ -135,16 +139,17 @@ int np_net_ssl_check_cert(int days_till_exp){ | |||
135 | stamp.tm_sec = 0; | 139 | stamp.tm_sec = 0; |
136 | stamp.tm_isdst = -1; | 140 | stamp.tm_isdst = -1; |
137 | 141 | ||
138 | days_left = (mktime (&stamp) - time (NULL)) / 86400; | 142 | float time_left = difftime(timegm(&stamp), time(NULL)); |
143 | days_left = time_left / 86400; | ||
139 | snprintf | 144 | snprintf |
140 | (timestamp, 17, "%02d/%02d/%04d %02d:%02d", | 145 | (timestamp, TS_LENGTH, "%02d/%02d/%04d %02d:%02d %s", |
141 | stamp.tm_mon + 1, | 146 | stamp.tm_mon + 1, |
142 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); | 147 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min, stamp.tm_zone); |
143 | 148 | ||
144 | if (days_left > 0 && days_left <= days_till_exp) { | 149 | if (days_left > 0 && days_left <= days_till_exp) { |
145 | printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp); | 150 | printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp); |
146 | return STATE_WARNING; | 151 | return STATE_WARNING; |
147 | } else if (days_left < 0) { | 152 | } else if (time_left < 0) { |
148 | printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp); | 153 | printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp); |
149 | return STATE_CRITICAL; | 154 | return STATE_CRITICAL; |
150 | } else if (days_left == 0) { | 155 | } else if (days_left == 0) { |
diff --git a/plugins/tests/check_http.t b/plugins/tests/check_http.t index d7f4148c..0a1b0bc8 100755 --- a/plugins/tests/check_http.t +++ b/plugins/tests/check_http.t | |||
@@ -163,18 +163,18 @@ SKIP: { | |||
163 | 163 | ||
164 | $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); | 164 | $result = NPTest->testCmd( "$command -p $port_https -S -C 14" ); |
165 | is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); | 165 | is( $result->return_code, 0, "$command -p $port_https -S -C 14" ); |
166 | is( $result->output, 'OK - Certificate will expire on 03/03/2019 21:41.', "output ok" ); | 166 | is( $result->output, 'OK - Certificate will expire on 03/03/2019 21:41 GMT.', "output ok" ); |
167 | 167 | ||
168 | $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); | 168 | $result = NPTest->testCmd( "$command -p $port_https -S -C 14000" ); |
169 | is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); | 169 | is( $result->return_code, 1, "$command -p $port_https -S -C 14000" ); |
170 | like( $result->output, '/WARNING - Certificate expires in \d+ day\(s\) \(03/03/2019 21:41\)./', "output ok" ); | 170 | like( $result->output, '/WARNING - Certificate expires in \d+ day\(s\) \(03/03/2019 21:41 GMT\)./', "output ok" ); |
171 | 171 | ||
172 | 172 | ||
173 | # Expired cert tests | 173 | # Expired cert tests |
174 | $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); | 174 | $result = NPTest->testCmd( "$command -p $port_https_expired -S -C 7" ); |
175 | is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); | 175 | is( $result->return_code, 2, "$command -p $port_https_expired -S -C 7" ); |
176 | is( $result->output, | 176 | is( $result->output, |
177 | 'CRITICAL - Certificate expired on 03/05/2009 00:13.', | 177 | 'CRITICAL - Certificate expired on 03/05/2009 00:13 GMT.', |
178 | "output ok" ); | 178 | "output ok" ); |
179 | 179 | ||
180 | } | 180 | } |