summaryrefslogtreecommitdiffstats
path: root/plugins/sslutils.c
diff options
context:
space:
mode:
authorHolger Weiss <holger@zedat.fu-berlin.de>2013-08-18 23:10:31 +0200
committerHolger Weiss <holger@zedat.fu-berlin.de>2013-08-18 23:10:31 +0200
commit8e444095e88428137594d6bd2f04af8daed0a1fb (patch)
treeea55fe38cf54324dffb8fe6179d7245878cd954e /plugins/sslutils.c
parent3ccf66613fc01d345d98952b4127b1a8eb3d12f5 (diff)
parent2f92d0dab77a3f3b1005dae3401ea1316d6789b2 (diff)
downloadmonitoring-plugins-8e444095e88428137594d6bd2f04af8daed0a1fb.tar.gz
Merge branch 'master' of https://github.com/cern-mig/nagios-plugins
* 'master' of https://github.com/cern-mig/nagios-plugins: added support for client authentication via SSL Conflicts: plugins/check_http.c
Diffstat (limited to 'plugins/sslutils.c')
-rw-r--r--plugins/sslutils.c12
1 files changed, 12 insertions, 0 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index a1ce560d..4927e361 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -45,6 +45,10 @@ int np_net_ssl_init_with_hostname(int sd, char *host_name) {
45} 45}
46 46
47int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int version) { 47int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int version) {
48 return np_net_ssl_init_with_hostname_version_and_certificate(sd, host_name, version, NULL, NULL);
49}
50
51int np_net_ssl_init_with_hostname_version_and_certificate(int sd, char *host_name, int version, char *cert, char *privkey) {
48 const SSL_METHOD *method = NULL; 52 const SSL_METHOD *method = NULL;
49 53
50 switch (version) { 54 switch (version) {
@@ -80,6 +84,14 @@ int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int versi
80 printf("%s\n", _("CRITICAL - Cannot create SSL context.")); 84 printf("%s\n", _("CRITICAL - Cannot create SSL context."));
81 return STATE_CRITICAL; 85 return STATE_CRITICAL;
82 } 86 }
87 if (cert && privkey) {
88 SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM);
89 SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM);
90 if (!SSL_CTX_check_private_key(c)) {
91 printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n"));
92 return STATE_CRITICAL;
93 }
94 }
83#ifdef SSL_OP_NO_TICKET 95#ifdef SSL_OP_NO_TICKET
84 SSL_CTX_set_options(c, SSL_OP_NO_TICKET); 96 SSL_CTX_set_options(c, SSL_OP_NO_TICKET);
85#endif 97#endif