diff options
Diffstat (limited to 'plugins/utils.c')
0 files changed, 0 insertions, 0 deletions
diff --git a/plugins/netutils.c b/plugins/netutils.c index 7ae9722..705aaf0 100644 --- a/plugins/netutils.c +++ b/plugins/netutils.c | |||
@@ -171,11 +171,12 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) | |||
171 | char port_str[6], host[MAX_HOST_ADDRESS_LENGTH]; | 171 | char port_str[6], host[MAX_HOST_ADDRESS_LENGTH]; |
172 | size_t len; | 172 | size_t len; |
173 | int socktype, result; | 173 | int socktype, result; |
174 | short is_socket = (host_name[0] == '/'); | ||
174 | 175 | ||
175 | socktype = (proto == IPPROTO_UDP) ? SOCK_DGRAM : SOCK_STREAM; | 176 | socktype = (proto == IPPROTO_UDP) ? SOCK_DGRAM : SOCK_STREAM; |
176 | 177 | ||
177 | /* as long as it doesn't start with a '/', it's assumed a host or ip */ | 178 | /* as long as it doesn't start with a '/', it's assumed a host or ip */ |
178 | if(host_name[0] != '/'){ | 179 | if (!is_socket){ |
179 | memset (&hints, 0, sizeof (hints)); | 180 | memset (&hints, 0, sizeof (hints)); |
180 | hints.ai_family = address_family; | 181 | hints.ai_family = address_family; |
181 | hints.ai_protocol = proto; | 182 | hints.ai_protocol = proto; |
@@ -255,7 +256,11 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) | |||
255 | case STATE_OK: | 256 | case STATE_OK: |
256 | case STATE_WARNING: /* user wants WARN or OK on refusal, or... */ | 257 | case STATE_WARNING: /* user wants WARN or OK on refusal, or... */ |
257 | case STATE_CRITICAL: /* user did not set econn_refuse_state, or wanted critical */ | 258 | case STATE_CRITICAL: /* user did not set econn_refuse_state, or wanted critical */ |
258 | printf ("%s\n", strerror(errno)); | 259 | if (is_socket) |
260 | printf("connect to file socket %s: %s\n", host_name, strerror(errno)); | ||
261 | else | ||
262 | printf("connect to address %s and port %d: %s\n", | ||
263 | host_name, port, strerror(errno)); | ||
259 | return STATE_CRITICAL; | 264 | return STATE_CRITICAL; |
260 | break; | 265 | break; |
261 | default: /* it's a logic error if we do not end up in STATE_(OK|WARNING|CRITICAL) */ | 266 | default: /* it's a logic error if we do not end up in STATE_(OK|WARNING|CRITICAL) */ |
@@ -264,7 +269,11 @@ np_net_connect (const char *host_name, int port, int *sd, int proto) | |||
264 | } | 269 | } |
265 | } | 270 | } |
266 | else { | 271 | else { |
267 | printf ("%s\n", strerror(errno)); | 272 | if (is_socket) |
273 | printf("connect to file socket %s: %s\n", host_name, strerror(errno)); | ||
274 | else | ||
275 | printf("connect to address %s and port %d: %s\n", | ||
276 | host_name, port, strerror(errno)); | ||
268 | return STATE_CRITICAL; | 277 | return STATE_CRITICAL; |
269 | } | 278 | } |
270 | } | 279 | } |
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 2732125..d0ae474 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
@@ -86,10 +86,12 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int | |||
86 | if (cert && privkey) { | 86 | if (cert && privkey) { |
87 | SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); | 87 | SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); |
88 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); | 88 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); |
89 | #ifdef USE_OPENSSL | ||
89 | if (!SSL_CTX_check_private_key(c)) { | 90 | if (!SSL_CTX_check_private_key(c)) { |
90 | printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); | 91 | printf ("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); |
91 | return STATE_CRITICAL; | 92 | return STATE_CRITICAL; |
92 | } | 93 | } |
94 | #endif | ||
93 | } | 95 | } |
94 | #ifdef SSL_OP_NO_TICKET | 96 | #ifdef SSL_OP_NO_TICKET |
95 | SSL_CTX_set_options(c, SSL_OP_NO_TICKET); | 97 | SSL_CTX_set_options(c, SSL_OP_NO_TICKET); |
@@ -151,7 +153,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | |||
151 | struct tm stamp; | 153 | struct tm stamp; |
152 | float time_left; | 154 | float time_left; |
153 | int days_left; | 155 | int days_left; |
154 | char timestamp[17] = ""; | 156 | char timestamp[50] = ""; |
157 | time_t tm_t; | ||
155 | 158 | ||
156 | certificate=SSL_get_peer_certificate(s); | 159 | certificate=SSL_get_peer_certificate(s); |
157 | if (!certificate) { | 160 | if (!certificate) { |
@@ -209,10 +212,8 @@ int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | |||
209 | 212 | ||
210 | time_left = difftime(timegm(&stamp), time(NULL)); | 213 | time_left = difftime(timegm(&stamp), time(NULL)); |
211 | days_left = time_left / 86400; | 214 | days_left = time_left / 86400; |
212 | snprintf | 215 | tm_t = mktime (&stamp); |
213 | (timestamp, 17, "%02d/%02d/%04d %02d:%02d", | 216 | strftime(timestamp, 50, "%c", localtime(&tm_t)); |
214 | stamp.tm_mon + 1, | ||
215 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); | ||
216 | 217 | ||
217 | if (days_left > 0 && days_left <= days_till_exp_warn) { | 218 | if (days_left > 0 && days_left <= days_till_exp_warn) { |
218 | printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); | 219 | printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"WARNING":"CRITICAL", cn, days_left, timestamp); |