summaryrefslogtreecommitdiffstats
path: root/plugins/sslutils.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/sslutils.c')
-rw-r--r--plugins/sslutils.c15
1 files changed, 10 insertions, 5 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index f5035e23..afc24be1 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -30,6 +30,10 @@
30#include "common.h" 30#include "common.h"
31#include "netutils.h" 31#include "netutils.h"
32 32
33/* Max length of timestamps, ex: "03/05/2009 00:13 GMT". Calculate up to 6
34 * chars for the timezone (ex: "GMT-10") and one terminating \0 */
35#define TS_LENGTH 24
36
33#ifdef HAVE_SSL 37#ifdef HAVE_SSL
34static SSL_CTX *c=NULL; 38static SSL_CTX *c=NULL;
35static SSL *s=NULL; 39static SSL *s=NULL;
@@ -90,7 +94,7 @@ int np_net_ssl_check_cert(int days_till_exp){
90 int offset; 94 int offset;
91 struct tm stamp; 95 struct tm stamp;
92 int days_left; 96 int days_left;
93 char timestamp[17] = ""; 97 char timestamp[TS_LENGTH] = "";
94 98
95 certificate=SSL_get_peer_certificate(s); 99 certificate=SSL_get_peer_certificate(s);
96 if(! certificate){ 100 if(! certificate){
@@ -135,16 +139,17 @@ int np_net_ssl_check_cert(int days_till_exp){
135 stamp.tm_sec = 0; 139 stamp.tm_sec = 0;
136 stamp.tm_isdst = -1; 140 stamp.tm_isdst = -1;
137 141
138 days_left = (mktime (&stamp) - time (NULL)) / 86400; 142 float time_left = difftime(timegm(&stamp), time(NULL));
143 days_left = time_left / 86400;
139 snprintf 144 snprintf
140 (timestamp, 17, "%02d/%02d/%04d %02d:%02d", 145 (timestamp, TS_LENGTH, "%02d/%02d/%04d %02d:%02d %s",
141 stamp.tm_mon + 1, 146 stamp.tm_mon + 1,
142 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); 147 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min, stamp.tm_zone);
143 148
144 if (days_left > 0 && days_left <= days_till_exp) { 149 if (days_left > 0 && days_left <= days_till_exp) {
145 printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp); 150 printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp);
146 return STATE_WARNING; 151 return STATE_WARNING;
147 } else if (days_left < 0) { 152 } else if (time_left < 0) {
148 printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp); 153 printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp);
149 return STATE_CRITICAL; 154 return STATE_CRITICAL;
150 } else if (days_left == 0) { 155 } else if (days_left == 0) {