summaryrefslogtreecommitdiffstats
path: root/plugins/check_http.c
diff options
context:
space:
mode:
authorM. Sean Finney <seanius@users.sourceforge.net>2005-10-19 12:59:55 +0000
committerM. Sean Finney <seanius@users.sourceforge.net>2005-10-19 12:59:55 +0000
commit65282c7685ca01c57d94d3df93c2f95d5b945e57 (patch)
treeeb1d0c95752126bd526d939332d14bf40cf7d1f7 /plugins/check_http.c
parent8611341fb989382545c0c934c700e027d9bbab15 (diff)
downloadmonitoring-plugins-65282c7685ca01c57d94d3df93c2f95d5b945e57.tar.gz
- initial attempt at consolidating ssl-related code into netutils.{c,h}
- added some #ifdefs to common.h and netutils.h to prevent multiple inclusions (as netlibs now includes common.h) - all ssl plugins (tcp/http/smtp) compile cleanly against gnutls, though certificate checking still needs to be done. - modified configure script so you can also explicitly say "without-gnutls" too (otherwise if you disable openssl you have no way of disabling gnutls too) git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1255 f882894a-f735-0410-b71e-b25c423dba1c
Diffstat (limited to 'plugins/check_http.c')
-rw-r--r--plugins/check_http.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 35b2cca3..d47f5ce6 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -65,7 +65,9 @@ SSL_CTX *ctx;
65SSL *ssl; 65SSL *ssl;
66X509 *server_cert; 66X509 *server_cert;
67int connect_SSL (void); 67int connect_SSL (void);
68# ifdef USE_OPENSSL
68int check_certificate (X509 **); 69int check_certificate (X509 **);
70# endif
69#endif 71#endif
70int no_body = FALSE; 72int no_body = FALSE;
71int maximum_age = -1; 73int maximum_age = -1;
@@ -166,7 +168,7 @@ main (int argc, char **argv)
166 (void) alarm (socket_timeout); 168 (void) alarm (socket_timeout);
167 gettimeofday (&tv, NULL); 169 gettimeofday (&tv, NULL);
168 170
169#ifdef HAVE_SSL 171#ifdef USE_OPENSSL
170 if (use_ssl && check_cert == TRUE) { 172 if (use_ssl && check_cert == TRUE) {
171 if (connect_SSL () != OK) 173 if (connect_SSL () != OK)
172 die (STATE_CRITICAL, _("HTTP CRITICAL - Could not make SSL connection\n")); 174 die (STATE_CRITICAL, _("HTTP CRITICAL - Could not make SSL connection\n"));
@@ -305,7 +307,7 @@ process_arguments (int argc, char **argv)
305 server_port = HTTPS_PORT; 307 server_port = HTTPS_PORT;
306 break; 308 break;
307 case 'C': /* Check SSL cert validity */ 309 case 'C': /* Check SSL cert validity */
308#ifdef HAVE_SSL 310#ifdef USE_OPENSSL
309 if (!is_intnonneg (optarg)) 311 if (!is_intnonneg (optarg))
310 usage2 (_("Invalid certificate expiration period"), optarg); 312 usage2 (_("Invalid certificate expiration period"), optarg);
311 else { 313 else {
@@ -799,10 +801,11 @@ check_http (void)
799 if (connect_SSL () != OK) { 801 if (connect_SSL () != OK) {
800 die (STATE_CRITICAL, _("Unable to open TCP socket\n")); 802 die (STATE_CRITICAL, _("Unable to open TCP socket\n"));
801 } 803 }
802 804#ifdef USE_OPENSSL
803 if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) { 805 if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) {
804 X509_free (server_cert); 806 X509_free (server_cert);
805 } 807 }
808#endif
806 else { 809 else {
807 printf (_("CRITICAL - Cannot retrieve server certificate.\n")); 810 printf (_("CRITICAL - Cannot retrieve server certificate.\n"));
808 return STATE_CRITICAL; 811 return STATE_CRITICAL;
@@ -857,7 +860,9 @@ check_http (void)
857#ifdef HAVE_SSL 860#ifdef HAVE_SSL
858 if (use_ssl == TRUE) { 861 if (use_ssl == TRUE) {
859 if (SSL_write (ssl, buf, (int)strlen(buf)) == -1) { 862 if (SSL_write (ssl, buf, (int)strlen(buf)) == -1) {
863# ifdef USE_OPENSSL
860 ERR_print_errors_fp (stderr); 864 ERR_print_errors_fp (stderr);
865# endif
861 return STATE_CRITICAL; 866 return STATE_CRITICAL;
862 } 867 }
863 } 868 }
@@ -1278,11 +1283,15 @@ int connect_SSL (void)
1278 if (my_tcp_connect (server_address, server_port, &sd) == STATE_OK) { 1283 if (my_tcp_connect (server_address, server_port, &sd) == STATE_OK) {
1279 /* Do the SSL handshake */ 1284 /* Do the SSL handshake */
1280 if ((ssl = SSL_new (ctx)) != NULL) { 1285 if ((ssl = SSL_new (ctx)) != NULL) {
1286#ifdef USE_OPENSSL
1281 SSL_set_cipher_list(ssl, "ALL"); 1287 SSL_set_cipher_list(ssl, "ALL");
1288#endif
1282 SSL_set_fd (ssl, sd); 1289 SSL_set_fd (ssl, sd);
1283 if (SSL_connect (ssl) != -1) 1290 if (SSL_connect (ssl) != -1)
1284 return OK; 1291 return OK;
1292#ifdef USE_OPENSSL
1285 ERR_print_errors_fp (stderr); 1293 ERR_print_errors_fp (stderr);
1294#endif
1286 } 1295 }
1287 else { 1296 else {
1288 printf (_("CRITICAL - Cannot initiate SSL handshake.\n")); 1297 printf (_("CRITICAL - Cannot initiate SSL handshake.\n"));
@@ -1299,7 +1308,7 @@ int connect_SSL (void)
1299 1308
1300 1309
1301 1310
1302#ifdef HAVE_SSL 1311#ifdef USE_OPENSSL
1303int 1312int
1304check_certificate (X509 ** certificate) 1313check_certificate (X509 ** certificate)
1305{ 1314{