diff options
Diffstat (limited to 'plugins/utils.c')
0 files changed, 0 insertions, 0 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index a1ce560..818f799 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
@@ -45,6 +45,10 @@ int np_net_ssl_init_with_hostname(int sd, char *host_name) { | |||
45 | } | 45 | } |
46 | 46 | ||
47 | int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int version) { | 47 | int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int version) { |
48 | return np_net_ssl_init_with_hostname_version_and_cert(sd, host_name, version, NULL, NULL); | ||
49 | } | ||
50 | |||
51 | int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int version, char *cert, char *privkey) { | ||
48 | const SSL_METHOD *method = NULL; | 52 | const SSL_METHOD *method = NULL; |
49 | 53 | ||
50 | switch (version) { | 54 | switch (version) { |
@@ -80,9 +84,18 @@ int np_net_ssl_init_with_hostname_and_version(int sd, char *host_name, int versi | |||
80 | printf("%s\n", _("CRITICAL - Cannot create SSL context.")); | 84 | printf("%s\n", _("CRITICAL - Cannot create SSL context.")); |
81 | return STATE_CRITICAL; | 85 | return STATE_CRITICAL; |
82 | } | 86 | } |
87 | if (cert && privkey) { | ||
88 | SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); | ||
89 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); | ||
90 | if (!SSL_CTX_check_private_key(c)) { | ||
91 | printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); | ||
92 | return STATE_CRITICAL; | ||
93 | } | ||
94 | } | ||
83 | #ifdef SSL_OP_NO_TICKET | 95 | #ifdef SSL_OP_NO_TICKET |
84 | SSL_CTX_set_options(c, SSL_OP_NO_TICKET); | 96 | SSL_CTX_set_options(c, SSL_OP_NO_TICKET); |
85 | #endif | 97 | #endif |
98 | SSL_CTX_set_mode(c, SSL_MODE_AUTO_RETRY); | ||
86 | if ((s = SSL_new(c)) != NULL) { | 99 | if ((s = SSL_new(c)) != NULL) { |
87 | #ifdef SSL_set_tlsext_host_name | 100 | #ifdef SSL_set_tlsext_host_name |
88 | if (host_name != NULL) | 101 | if (host_name != NULL) |