summaryrefslogtreecommitdiffstats
path: root/web/attachments/431216-check_http-dateformat-subjectname.diff
blob: 28592c162cbe9bfcc58e3d6fc495ec478c539e67 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
diff -u -p nagios-plugins-1.4.15/plugins/sslutils.c.v0 nagios-plugins-1.4.15/plugins/sslutils.c
--- nagios-plugins-1.4.15/plugins/sslutils.c.v0	2011-12-19 17:42:22.000000000 +0100
+++ nagios-plugins-1.4.15/plugins/sslutils.c	2011-12-19 17:57:14.000000000 +0100
@@ -103,6 +103,7 @@ int np_net_ssl_check_cert(int days_till_
 	float time_left;
 	int days_left;
 	char timestamp[17] = "";
+	char subject[256];
 
 	certificate=SSL_get_peer_certificate(s);
 	if(! certificate){
@@ -113,10 +114,14 @@ int np_net_ssl_check_cert(int days_till_
 	/* Retrieve timestamp of certificate */
 	tm = X509_get_notAfter (certificate);
 
+	/* Retrieve subject name in certificate. */
+	*subject = '\0';
+	X509_NAME_get_text_by_NID(X509_get_subject_name(certificate), NID_commonName, subject, 256);
+
 	/* Generate tm structure to process timestamp */
 	if (tm->type == V_ASN1_UTCTIME) {
 		if (tm->length < 10) {
-			printf ("%s\n", _("CRITICAL - Wrong time format in certificate."));
+			printf ("%s\n", _("CRITICAL - Wrong time format in certificate %s."), subject);
 			return STATE_CRITICAL;
 		} else {
 			stamp.tm_year = (tm->data[0] - '0') * 10 + (tm->data[1] - '0');
@@ -126,7 +131,7 @@ int np_net_ssl_check_cert(int days_till_
 		}
 	} else {
 		if (tm->length < 12) {
-			printf ("%s\n", _("CRITICAL - Wrong time format in certificate."));
+			printf ("%s\n", _("CRITICAL - Wrong time format in certificate %s."), subject);
 			return STATE_CRITICAL;
 		} else {
 			stamp.tm_year =
@@ -149,23 +154,30 @@ int np_net_ssl_check_cert(int days_till_
 
 	time_left = difftime(timegm(&stamp), time(NULL));
 	days_left = time_left / 86400;
+#ifdef AMERICAN_DATE_FORMAT
 	snprintf
 		(timestamp, 17, "%02d/%02d/%04d %02d:%02d",
 		 stamp.tm_mon + 1,
 		 stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min);
+#else
+	snprintf
+		(timestamp, 17, "%04d-%02d-%02d %02d:%02d",
+		 stamp.tm_year + 1900,
+		 stamp.tm_mon + 1, stamp.tm_mday, stamp.tm_hour, stamp.tm_min);
+#endif
 
 	if (days_left > 0 && days_left <= days_till_exp) {
-		printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp);
+		printf (_("WARNING - Certificate %s expires in %d day(s) (%s).\n"), subject, days_left, timestamp);
 		return STATE_WARNING;
 	} else if (time_left < 0) {
-		printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp);
+		printf (_("CRITICAL - Certificate %s expired on %s.\n"), subject, timestamp);
 		return STATE_CRITICAL;
 	} else if (days_left == 0) {
-		printf (_("WARNING - Certificate expires today (%s).\n"), timestamp);
+		printf (_("WARNING - Certificate %s expires today (%s).\n"), subject, timestamp);
 		return STATE_WARNING;
 	}
 
-	printf (_("OK - Certificate will expire on %s.\n"), timestamp);
+	printf (_("OK - Certificate %s will expire on %s.\n"), subject, timestamp);
 	X509_free (certificate);
 	return STATE_OK;
 #  else /* ifndef USE_OPENSSL */