diff options
author | Greg Cox <gcox@fibbsbozza.local> | 2014-07-29 18:52:12 -0400 |
---|---|---|
committer | Greg Cox <gcox@fibbsbozza.local> | 2014-07-29 18:52:12 -0400 |
commit | 4273dd06ff3e52094d6b267d00e8c51dd74de364 (patch) | |
tree | 425d127da5dbec7013999ed01b469fc3f72992d9 /plugins/sslutils.c | |
parent | f05e7016320f4671fbf86cc5abc277efea20f79e (diff) | |
parent | 6f3d5825b203b75aef8d68bf0d117e7a1a4c0616 (diff) | |
download | monitoring-plugins-4273dd06ff3e52094d6b267d00e8c51dd74de364.tar.gz |
Merge remote-tracking branch 'upstream/master'
Conflicts:
plugins/netutils.c
Diffstat (limited to 'plugins/sslutils.c')
-rw-r--r-- | plugins/sslutils.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 2732125d..d0ae4741 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
@@ -86,10 +86,12 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int | |||
86 | if (cert && privkey) { | 86 | if (cert && privkey) { |
87 | SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); | 87 | SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); |
88 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); | 88 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); |
89 | #ifdef USE_OPENSSL | ||
89 | if (!SSL_CTX_check_private_key(c)) { | 90 | if (!SSL_CTX_check_private_key(c)) { |
90 | printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); | 91 | printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); |
91 | return STATE_CRITICAL; | 92 | return STATE_CRITICAL; |
92 | } | 93 | } |
94 | #endif | ||
93 | } | 95 | } |
94 | #ifdef SSL_OP_NO_TICKET | 96 | #ifdef SSL_OP_NO_TICKET |
95 | SSL_CTX_set_options(c, SSL_OP_NO_TICKET); | 97 | SSL_CTX_set_options(c, SSL_OP_NO_TICKET); |
@@ -151,7 +153,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | |||
151 | struct tm stamp; | 153 | struct tm stamp; |
152 | float time_left; | 154 | float time_left; |
153 | int days_left; | 155 | int days_left; |
154 | char timestamp[17] = ""; | 156 | char timestamp[50] = ""; |
157 | time_t tm_t; | ||
155 | 158 | ||
156 | certificate=SSL_get_peer_certificate(s); | 159 | certificate=SSL_get_peer_certificate(s); |
157 | if (!certificate) { | 160 | if (!certificate) { |
@@ -209,10 +212,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | |||
209 | 212 | ||
210 | time_left = difftime(timegm(&stamp), time(NULL)); | 213 | time_left = difftime(timegm(&stamp), time(NULL)); |
211 | days_left = time_left / 86400; | 214 | days_left = time_left / 86400; |
212 | snprintf | 215 | tm_t = mktime (&stamp); |
213 | (timestamp, 17, "%02d/%02d/%04d %02d:%02d", | 216 | strftime(timestamp, 50, "%c", localtime(&tm_t)); |
214 | stamp.tm_mon + 1, | ||
215 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); | ||
216 | 217 | ||
217 | if (days_left > 0 && days_left <= days_till_exp_warn) { | 218 | if (days_left > 0 && days_left <= days_till_exp_warn) { |
218 | printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); | 219 | printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); |