[Nagiosplug-checkins] SF.net SVN: nagiosplug:[2197] nagiosplug/trunk
dermoth at users.sourceforge.net
dermoth at users.sourceforge.net
Wed May 20 07:52:15 CEST 2009
Revision: 2197
http://nagiosplug.svn.sourceforge.net/nagiosplug/?rev=2197&view=rev
Author: dermoth
Date: 2009-05-20 05:52:14 +0000 (Wed, 20 May 2009)
Log Message:
-----------
check_http: Add SSL/TLS hostname extension support (SNI) - (#1939022 - Joe Presbrey)
From: Thomas Guyot-Sionnest <dermoth at aei.ca>
Modified Paths:
--------------
nagiosplug/trunk/NEWS
nagiosplug/trunk/THANKS.in
nagiosplug/trunk/plugins/check_http.c
nagiosplug/trunk/plugins/netutils.h
nagiosplug/trunk/plugins/sslutils.c
Modified: nagiosplug/trunk/NEWS
===================================================================
--- nagiosplug/trunk/NEWS 2009-05-20 04:44:12 UTC (rev 2196)
+++ nagiosplug/trunk/NEWS 2009-05-20 05:52:14 UTC (rev 2197)
@@ -34,6 +34,7 @@
Fixed typos for check_disk (Chris Pepper)
Fixed check_mysql* not using password set in my.cnf (#2531905 - Ben Timby) - Specify an empty password explicitly if you need to override it.
Fixed awk subst.in/subst script path error (#2722832 - Martin Foster)
+ check_http: Add SSL/TLS hostname extension support (SNI) - (#1939022 - Joe Presbrey)
1.4.13 25th Sept 2008
Fix Debian bug #460097: check_http --max-age broken (Hilko Bengen)
Modified: nagiosplug/trunk/THANKS.in
===================================================================
--- nagiosplug/trunk/THANKS.in 2009-05-20 04:44:12 UTC (rev 2196)
+++ nagiosplug/trunk/THANKS.in 2009-05-20 05:52:14 UTC (rev 2197)
@@ -252,3 +252,4 @@
Chris Pepper
Ben Timby
Martin Foster
+Joe Presbrey
Modified: nagiosplug/trunk/plugins/check_http.c
===================================================================
--- nagiosplug/trunk/plugins/check_http.c 2009-05-20 04:44:12 UTC (rev 2196)
+++ nagiosplug/trunk/plugins/check_http.c 2009-05-20 05:52:14 UTC (rev 2197)
@@ -790,7 +790,7 @@
die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
#ifdef HAVE_SSL
if (use_ssl == TRUE) {
- np_net_ssl_init(sd);
+ np_net_ssl_init_with_hostname(sd, host_name);
if (check_cert == TRUE) {
result = np_net_ssl_check_cert(days_till_exp);
np_net_ssl_cleanup();
Modified: nagiosplug/trunk/plugins/netutils.h
===================================================================
--- nagiosplug/trunk/plugins/netutils.h 2009-05-20 04:44:12 UTC (rev 2196)
+++ nagiosplug/trunk/plugins/netutils.h 2009-05-20 05:52:14 UTC (rev 2197)
@@ -99,6 +99,7 @@
#ifdef HAVE_SSL
/* maybe this could be merged with the above np_net_connect, via some flags */
int np_net_ssl_init(int sd);
+int np_net_ssl_init_with_hostname(int sd, char *host_name);
void np_net_ssl_cleanup();
int np_net_ssl_write(const void *buf, int num);
int np_net_ssl_read(void *buf, int num);
Modified: nagiosplug/trunk/plugins/sslutils.c
===================================================================
--- nagiosplug/trunk/plugins/sslutils.c 2009-05-20 04:44:12 UTC (rev 2196)
+++ nagiosplug/trunk/plugins/sslutils.c 2009-05-20 05:52:14 UTC (rev 2197)
@@ -35,7 +35,11 @@
static SSL *s=NULL;
static int initialized=0;
-int np_net_ssl_init (int sd){
+int np_net_ssl_init (int sd) {
+ return np_net_ssl_init_with_hostname(sd, NULL);
+}
+
+int np_net_ssl_init_with_hostname (int sd, char *host_name) {
if (!initialized) {
/* Initialize SSL context */
SSLeay_add_ssl_algorithms ();
@@ -48,6 +52,10 @@
return STATE_CRITICAL;
}
if ((s = SSL_new (c)) != NULL){
+#ifdef SSL_set_tlsext_host_name
+ if (host_name != NULL)
+ SSL_set_tlsext_host_name(s, host_name);
+#endif
SSL_set_fd (s, sd);
if (SSL_connect(s) == 1){
return OK;
@@ -65,6 +73,9 @@
void np_net_ssl_cleanup (){
if(s){
+#ifdef SSL_set_tlsext_host_name
+ SSL_set_tlsext_host_name(s, NULL);
+#endif
SSL_shutdown (s);
SSL_free (s);
if(c) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
More information about the Commits
mailing list