diff options
author | Thomas Guyot-Sionnest <dermoth@aei.ca> | 2009-03-17 07:39:12 (GMT) |
---|---|---|
committer | Thomas Guyot-Sionnest <dermoth@aei.ca> | 2009-03-18 07:34:25 (GMT) |
commit | d41a33a434558189300113c28b26e2d3d681d390 (patch) | |
tree | 2966359be8ecb1b7eb8da172e5655f5233d34f8d /plugins/sslutils.c | |
parent | 9a05e9789017c03d192238c0337bc019838c52d4 (diff) | |
download | monitoring-plugins-d41a33a434558189300113c28b26e2d3d681d390.tar.gz |
Add timezone support and fix checks around cert expiration
Diffstat (limited to 'plugins/sslutils.c')
-rw-r--r-- | plugins/sslutils.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index f5035e2..afc24be 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
@@ -30,6 +30,10 @@ | |||
30 | #include "common.h" | 30 | #include "common.h" |
31 | #include "netutils.h" | 31 | #include "netutils.h" |
32 | 32 | ||
33 | /* Max length of timestamps, ex: "03/05/2009 00:13 GMT". Calculate up to 6 | ||
34 | * chars for the timezone (ex: "GMT-10") and one terminating \0 */ | ||
35 | #define TS_LENGTH 24 | ||
36 | |||
33 | #ifdef HAVE_SSL | 37 | #ifdef HAVE_SSL |
34 | static SSL_CTX *c=NULL; | 38 | static SSL_CTX *c=NULL; |
35 | static SSL *s=NULL; | 39 | static SSL *s=NULL; |
@@ -90,7 +94,7 @@ int np_net_ssl_check_cert(int days_till_exp){ | |||
90 | int offset; | 94 | int offset; |
91 | struct tm stamp; | 95 | struct tm stamp; |
92 | int days_left; | 96 | int days_left; |
93 | char timestamp[17] = ""; | 97 | char timestamp[TS_LENGTH] = ""; |
94 | 98 | ||
95 | certificate=SSL_get_peer_certificate(s); | 99 | certificate=SSL_get_peer_certificate(s); |
96 | if(! certificate){ | 100 | if(! certificate){ |
@@ -135,16 +139,17 @@ int np_net_ssl_check_cert(int days_till_exp){ | |||
135 | stamp.tm_sec = 0; | 139 | stamp.tm_sec = 0; |
136 | stamp.tm_isdst = -1; | 140 | stamp.tm_isdst = -1; |
137 | 141 | ||
138 | days_left = (mktime (&stamp) - time (NULL)) / 86400; | 142 | float time_left = difftime(timegm(&stamp), time(NULL)); |
143 | days_left = time_left / 86400; | ||
139 | snprintf | 144 | snprintf |
140 | (timestamp, 17, "%02d/%02d/%04d %02d:%02d", | 145 | (timestamp, TS_LENGTH, "%02d/%02d/%04d %02d:%02d %s", |
141 | stamp.tm_mon + 1, | 146 | stamp.tm_mon + 1, |
142 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); | 147 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min, stamp.tm_zone); |
143 | 148 | ||
144 | if (days_left > 0 && days_left <= days_till_exp) { | 149 | if (days_left > 0 && days_left <= days_till_exp) { |
145 | printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp); | 150 | printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp); |
146 | return STATE_WARNING; | 151 | return STATE_WARNING; |
147 | } else if (days_left < 0) { | 152 | } else if (time_left < 0) { |
148 | printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp); | 153 | printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp); |
149 | return STATE_CRITICAL; | 154 | return STATE_CRITICAL; |
150 | } else if (days_left == 0) { | 155 | } else if (days_left == 0) { |