diff options
author | Andreas Baumann <mail@andreasbaumann.cc> | 2021-05-27 15:32:08 +0200 |
---|---|---|
committer | Andreas Baumann <mail@andreasbaumann.cc> | 2021-05-27 15:32:08 +0200 |
commit | beb609ffcf8c24c133f59829e0d3d82102661b82 (patch) | |
tree | c8594e22507e519a3572f1a46ab7c5cd4a6dd088 /plugins | |
parent | 6946b546feb9635413932861c4256f0067846860 (diff) | |
download | monitoring-plugins-beb609ffcf8c24c133f59829e0d3d82102661b82.tar.gz |
check_curl:
- added verbose output in verify_callback
- pin refcounting for certs (avoid subject extraction error when checking
certs in is_openssl_callback mode)
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/check_curl.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c index 3e0a6f94..59e398b2 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c | |||
@@ -285,6 +285,18 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) | |||
285 | * TODO: is the last certificate always the server certificate? | 285 | * TODO: is the last certificate always the server certificate? |
286 | */ | 286 | */ |
287 | cert = X509_STORE_CTX_get_current_cert(x509_ctx); | 287 | cert = X509_STORE_CTX_get_current_cert(x509_ctx); |
288 | X509_up_ref(cert); | ||
289 | if (verbose>=2) { | ||
290 | puts("* SSL verify callback with certificate:"); | ||
291 | X509_NAME *subject, *issuer; | ||
292 | printf("* issuer:\n"); | ||
293 | issuer = X509_get_issuer_name( cert ); | ||
294 | X509_NAME_print_ex_fp(stdout, issuer, 5, XN_FLAG_MULTILINE); | ||
295 | printf("* curl verify_callback:\n* subject:\n"); | ||
296 | subject = X509_get_subject_name( cert ); | ||
297 | X509_NAME_print_ex_fp(stdout, subject, 5, XN_FLAG_MULTILINE); | ||
298 | puts(""); | ||
299 | } | ||
288 | return 1; | 300 | return 1; |
289 | } | 301 | } |
290 | 302 | ||