summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--plugins/sslutils.c37
1 files changed, 23 insertions, 14 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index 69d12f2..76e4507 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -144,7 +144,9 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
144# ifdef USE_OPENSSL 144# ifdef USE_OPENSSL
145 X509 *certificate=NULL; 145 X509 *certificate=NULL;
146 X509_NAME *subj=NULL; 146 X509_NAME *subj=NULL;
147 char timestamp[50] = "";
147 char cn[MAX_CN_LENGTH]= ""; 148 char cn[MAX_CN_LENGTH]= "";
149
148 int cnlen =-1; 150 int cnlen =-1;
149 int status=STATE_UNKNOWN; 151 int status=STATE_UNKNOWN;
150 152
@@ -153,7 +155,7 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
153 struct tm stamp; 155 struct tm stamp;
154 float time_left; 156 float time_left;
155 int days_left; 157 int days_left;
156 char timestamp[50] = ""; 158 int time_remaining;
157 time_t tm_t; 159 time_t tm_t;
158 160
159 certificate=SSL_get_peer_certificate(s); 161 certificate=SSL_get_peer_certificate(s);
@@ -218,28 +220,35 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
218 if (days_left > 0 && days_left <= days_till_exp_warn) { 220 if (days_left > 0 && days_left <= days_till_exp_warn) {
219 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); 221 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp);
220 if (days_left > days_till_exp_crit) 222 if (days_left > days_till_exp_crit)
221 return STATE_WARNING; 223 status = STATE_WARNING;
222 else 224 else
223 return STATE_CRITICAL; 225 status = STATE_CRITICAL;
224 } else if (days_left == 0 && time_left > 0) { 226 } else if (days_left == 0 && time_left > 0) {
225 int hours_left = (int) time_left/3600; 227 if (time_left >= 3600)
226 printf (_("%s - Certificate '%s' expires in %u %s (%s)\n"), (days_left>days_till_exp_crit) ? "WARNING" : "CRITICAL", cn, hours_left, hours_left > 0 ? "hours" : "minutes", timestamp); 228 time_remaining = (int) time_left / 3600;
227 if ( days_left > days_till_exp_crit) 229 else
228 return STATE_WARNING; 230 time_remaining = (int) time_left / 60;
229 else 231
230 return STATE_CRITICAL; 232 printf (_("%s - Certificate '%s' expires in %u %s (%s)\n"),
233 (days_left>days_till_exp_crit) ? "WARNING" : "CRITICAL", cn, time_remaining,
234 time_left > 3600 ? "hours" : "minutes", timestamp);
235
236 if ( days_left > days_till_exp_crit)
237 status = STATE_WARNING;
238 else
239 status = STATE_CRITICAL;
231 } else if (time_left < 0) { 240 } else if (time_left < 0) {
232 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); 241 printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp);
233 status=STATE_CRITICAL; 242 status=STATE_CRITICAL;
234 } else if (days_left == 0) { 243 } else if (days_left == 0) {
235 printf (_("%s - Certificate '%s' expires today (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp); 244 printf (_("%s - Certificate '%s' just expired (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, timestamp);
236 if (days_left > days_till_exp_crit) 245 if (days_left > days_till_exp_crit)
237 return STATE_WARNING; 246 status = STATE_WARNING;
238 else 247 else
239 return STATE_CRITICAL; 248 status = STATE_CRITICAL;
240 } else { 249 } else {
241 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); 250 printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp);
242 status=STATE_OK; 251 status = STATE_OK;
243 } 252 }
244 X509_free(certificate); 253 X509_free(certificate);
245 return status; 254 return status;