Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
sshutils prints the expiry time of certificates in US format
this patch uses the strftime %c, I don't know how portable that is
Thanks to Neil Prockter.
Closes #1188
Closes #1161
Closes #977
Closes #976
Closes #975
Closes #840
Closes #382
|
|
GnuTLS doesn't provide a SSL_CTX_check_private_key() function.
Closes #1254.
|
|
This is an initial take at renaming the project to Monitoring Plugins.
It's not expected to be fully complete, and it is expected to break
things (The perl module for instance). More testing will be required
before this goes mainline.
|
|
The SSL_CTX_new(3) function expects a non-"const" SSL_METHOD value.
|
|
Simplify things by moving the definition of global variables into .c
files, where they belong.
|
|
We use OpenSSL (or GnuTLS) with blocking semantics, and we don't want
SSL_read(3) or SSL_write(3) calls to return SSL_ERROR_WANT_READ or
SSL_ERROR_WANT_WRITE (see #3614716).
|
|
Make a very long function name at least a little bit shorter.
|
|
|
|
fixed typo in sslutils
|
|
expiration checks of check_tcp, check_http, check_smtp
|
|
Fix indentation and whitespace issues, and correct some capitalization
errors in error messages. The behaviour is unchanged.
|
|
GnuTLS doesn't support SSL version 2.
|
|
Recent versions/builds seem to disable that feature.
|
|
The check_http -S/--ssl option now takes an optional argument which
specifies the desired SSL/TLS protocol version (#3285367 - Jason Lunn).
|
|
Some versions of OpenSSL fail to negotiate the SSL connection with at
least some versions of Tomcat if stateless SSL session resumption
support (see RFC4507) is enabled:
| CRITICAL - Cannot make SSL connection
| 140099330348712:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message:s3_pkt.c:1195:SSL alert number 10
The problem is reproducible with OpenSSL 1.0.0h, but not with OpenSSL
0.9.8o-4squeeze12 (as shipped with Debian 6.0.4). We work around it by
disabling the RFC4507 functionality when using OpenSSL versions which
support it.
Thanks to Dag Bakke for reporting the issue and for giving me access to
a server I could use to reproduce the problem.
|
|
This patch adds a check for the certificate cn (hostname) to normal
certificate checks. It returns CRITICAL if th cn is missing, otherwise it
prints it in the normal output.
Patch by Stéphane Urbanovski
|
|
|
|
Presbrey)
|
|
the expiration fix)
This reverts commit d41a33a434558189300113c28b26e2d3d681d390.
|
|
|
|
For contrib/, full tags have been imported from subversion
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@2091 f882894a-f735-0410-b71e-b25c423dba1c
|
|
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1918 f882894a-f735-0410-b71e-b25c423dba1c
|
|
SSL connection).
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1726 f882894a-f735-0410-b71e-b25c423dba1c
|
|
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1725 f882894a-f735-0410-b71e-b25c423dba1c
|
|
freeing them in np_net_ssl_cleanup(). This fixes a check_http segfault
if an SSL site redirects to a non-SSL one (reported by Aravind Gottipati
via IRC).
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1724 f882894a-f735-0410-b71e-b25c423dba1c
|
|
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1434 f882894a-f735-0410-b71e-b25c423dba1c
|
|
unused variables and explicit casting issues, but there were a
couple gotchas in there too.
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1267 f882894a-f735-0410-b71e-b25c423dba1c
|
|
- ssl-related cleanups in configure.in, and now openssl/gnutls options
automatically disable each other.
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1258 f882894a-f735-0410-b71e-b25c423dba1c
|