summaryrefslogtreecommitdiffstats
path: root/plugins/sslutils.c
diff options
context:
space:
mode:
authorWilliam Leibzon <william@leibzon.org>2012-05-21 18:46:45 -0700
committerSven Nierlein <sven@nierlein.de>2012-06-25 12:05:16 +0200
commitfa3d2a4074e1bd8526e37ba5e1a214ae4a1774cf (patch)
tree1d0c780a61db8e719502aed2a7bd9311afd23ac4 /plugins/sslutils.c
parent88fdf3a8a8e17f9212e10befe1f24ff3fa1aa8e6 (diff)
downloadmonitoring-plugins-fa3d2a4074e1bd8526e37ba5e1a214ae4a1774cf.tar.gz
applied patch that adds both critical and warning thresholds to certificate expiration checks of check_tcp, check_http, check_smtp
Diffstat (limited to 'plugins/sslutils.c')
-rw-r--r--plugins/sslutils.c18
1 files changed, 12 insertions, 6 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index 5425bb2c..fe31b562 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -126,7 +126,7 @@ int np_net_ssl_read(void *buf, int num) {
126 return SSL_read(s, buf, num); 126 return SSL_read(s, buf, num);
127} 127}
128 128
129int np_net_ssl_check_cert(int days_till_exp) { 129int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
130# ifdef USE_OPENSSL 130# ifdef USE_OPENSSL
131 X509 *certificate=NULL; 131 X509 *certificate=NULL;
132 X509_NAME *subj=NULL; 132 X509_NAME *subj=NULL;
@@ -202,15 +202,21 @@ int np_net_ssl_check_cert(int days_till_exp) {
202 stamp.tm_mon + 1, 202 stamp.tm_mon + 1,
203 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); 203 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min);
204 204
205 if (days_left > 0 && days_left <= days_till_exp) { 205 if (days_left > 0 && days_left <= days_till_exp_warn) {
206 printf(_("WARNING - Certificate '%s' expires in %d day(s) (%s).\n"), cn, days_left, timestamp); 206 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"CRITICAL":"WARNING", cn, days_left, timestamp);
207 status=STATE_WARNING; 207 if (days_left > days_till_exp_crit)
208 return STATE_WARNING;
209 else
210 return STATE_CRITICAL;
208 } else if (time_left < 0) { 211 } else if (time_left < 0) {
209 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); 212 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp);
210 status=STATE_CRITICAL; 213 status=STATE_CRITICAL;
211 } else if (days_left == 0) { 214 } else if (days_left == 0) {
212 printf(_("WARNING - Certificate '%s' expires today (%s).\n"), cn, timestamp); 215 printf (_("%s - Certificate '%s' expires today (%s).\n"), (days_left>days_till_exp_crit)?"CRITICAL":"WARNING", cn, timestamp);
213 status=STATE_WARNING; 216 if (days_left > days_till_exp_crit)
217 return STATE_WARNING;
218 else
219 return STATE_CRITICAL;
214 } else { 220 } else {
215 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); 221 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp);
216 status=STATE_OK; 222 status=STATE_OK;