summaryrefslogtreecommitdiffstats
path: root/plugins/sslutils.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/sslutils.c')
-rw-r--r--plugins/sslutils.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index 2732125..d0ae474 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -86,10 +86,12 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
86 if (cert && privkey) { 86 if (cert && privkey) {
87 SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); 87 SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM);
88 SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); 88 SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM);
89#ifdef USE_OPENSSL
89 if (!SSL_CTX_check_private_key(c)) { 90 if (!SSL_CTX_check_private_key(c)) {
90 printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); 91 printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n"));
91 return STATE_CRITICAL; 92 return STATE_CRITICAL;
92 } 93 }
94#endif
93 } 95 }
94#ifdef SSL_OP_NO_TICKET 96#ifdef SSL_OP_NO_TICKET
95 SSL_CTX_set_options(c, SSL_OP_NO_TICKET); 97 SSL_CTX_set_options(c, SSL_OP_NO_TICKET);
@@ -151,7 +153,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
151 struct tm stamp; 153 struct tm stamp;
152 float time_left; 154 float time_left;
153 int days_left; 155 int days_left;
154 char timestamp[17] = ""; 156 char timestamp[50] = "";
157 time_t tm_t;
155 158
156 certificate=SSL_get_peer_certificate(s); 159 certificate=SSL_get_peer_certificate(s);
157 if (!certificate) { 160 if (!certificate) {
@@ -209,10 +212,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){
209 212
210 time_left = difftime(timegm(&stamp), time(NULL)); 213 time_left = difftime(timegm(&stamp), time(NULL));
211 days_left = time_left / 86400; 214 days_left = time_left / 86400;
212 snprintf 215 tm_t = mktime (&stamp);
213 (timestamp, 17, "%02d/%02d/%04d %02d:%02d", 216 strftime(timestamp, 50, "%c", localtime(&tm_t));
214 stamp.tm_mon + 1,
215 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min);
216 217
217 if (days_left > 0 && days_left <= days_till_exp_warn) { 218 if (days_left > 0 && days_left <= days_till_exp_warn) {
218 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); 219 printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp);