- initial attempt at consolidating ssl-related code into netutils.{c,h}

- added some #ifdefs to common.h and netutils.h to prevent multiple inclusions (as netlibs now includes common.h) - all ssl plugins (tcp/http/smtp) compile cleanly against gnutls, though certificate checking still needs to be done. - modified configure script so you can also explicitly say "without-gnutls" too (otherwise if you disable openssl you have no way of disabling gnutls too) git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1255 f882894a-f735-0410-b71e-b25c423dba1c
author: M. Sean Finney <seanius@users.sourceforge.net> 2005-10-19 12:59:55 (GMT)
committer: M. Sean Finney <seanius@users.sourceforge.net> 2005-10-19 12:59:55 (GMT)
commit: 65282c7685ca01c57d94d3df93c2f95d5b945e57 (patch)
tree: eb1d0c95752126bd526d939332d14bf40cf7d1f7 /plugins/check_http.c
parent: 8611341fb989382545c0c934c700e027d9bbab15 (diff)
download: monitoring-plugins-65282c7685ca01c57d94d3df93c2f95d5b945e57.tar.gz
1 files changed, 13 insertions, 4 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c
index 35b2cca..d47f5ce 100644
--- a/plugins/check_http.c
+++ b/plugins/check_http.c
@@ -65,7 +65,9 @@ SSL_CTX *ctx;
 SSL *ssl;
 X509 *server_cert;
 int connect_SSL (void);
+#  ifdef USE_OPENSSL
 int check_certificate (X509 **);
+#  endif
 #endif
 int no_body = FALSE;
 int maximum_age = -1;
@@ -166,7 +168,7 @@ main (int argc, char **argv)
        (void) alarm (socket_timeout);
        gettimeofday (&tv, NULL);
-#ifdef HAVE_SSL
+#ifdef USE_OPENSSL
        if (use_ssl && check_cert == TRUE) {
                if (connect_SSL () != OK)
                        die (STATE_CRITICAL, _("HTTP CRITICAL - Could not make SSL connection\n"));
@@ -305,7 +307,7 @@ process_arguments (int argc, char **argv)
                                server_port = HTTPS_PORT;
                        break;
                case 'C': /* Check SSL cert validity */
-#ifdef HAVE_SSL
+#ifdef USE_OPENSSL
                        if (!is_intnonneg (optarg))
                                usage2 (_("Invalid certificate expiration period"), optarg);
                        else {
@@ -799,10 +801,11 @@ check_http (void)
                if (connect_SSL () != OK) {
                        die (STATE_CRITICAL, _("Unable to open TCP socket\n"));
                }
+#ifdef USE_OPENSSL
                if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) {
                        X509_free (server_cert);
                }
+#endif
                else {
                        printf (_("CRITICAL - Cannot retrieve server certificate.\n"));
                        return STATE_CRITICAL;
@@ -857,7 +860,9 @@ check_http (void)
 #ifdef HAVE_SSL
        if (use_ssl == TRUE) {
                if (SSL_write (ssl, buf, (int)strlen(buf)) == -1) {
+#  ifdef USE_OPENSSL
                        ERR_print_errors_fp (stderr);
+#  endif
                        return STATE_CRITICAL;
                }
        }
@@ -1278,11 +1283,15 @@ int connect_SSL (void)
        if (my_tcp_connect (server_address, server_port, &sd) == STATE_OK) {
                /* Do the SSL handshake */
                if ((ssl = SSL_new (ctx)) != NULL) {
+#ifdef USE_OPENSSL
                        SSL_set_cipher_list(ssl, "ALL");
+#endif
                        SSL_set_fd (ssl, sd);
                        if (SSL_connect (ssl) != -1)
                                return OK;
+#ifdef USE_OPENSSL
                        ERR_print_errors_fp (stderr);
+#endif
                }
                else {
                        printf (_("CRITICAL - Cannot initiate SSL handshake.\n"));
@@ -1299,7 +1308,7 @@ int connect_SSL (void)
-#ifdef HAVE_SSL
+#ifdef USE_OPENSSL
 int
 check_certificate (X509 ** certificate)
 {
author	M. Sean Finney <seanius@users.sourceforge.net>	2005-10-19 12:59:55 (GMT)
committer	M. Sean Finney <seanius@users.sourceforge.net>	2005-10-19 12:59:55 (GMT)
commit	65282c7685ca01c57d94d3df93c2f95d5b945e57 (patch)
tree	eb1d0c95752126bd526d939332d14bf40cf7d1f7 /plugins/check_http.c
parent	8611341fb989382545c0c934c700e027d9bbab15 (diff)
download	monitoring-plugins-65282c7685ca01c57d94d3df93c2f95d5b945e57.tar.gz

diff --git a/plugins/check_http.c b/plugins/check_http.c index 35b2cca..d47f5ce 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c
@@ -65,7 +65,9 @@ SSL_CTX *ctx;
65	SSL *ssl;	65	SSL *ssl;
66	X509 *server_cert;	66	X509 *server_cert;
67	int connect_SSL (void);	67	int connect_SSL (void);
		68	# ifdef USE_OPENSSL
68	int check_certificate (X509 **);	69	int check_certificate (X509 **);
		70	# endif
69	#endif	71	#endif
70	int no_body = FALSE;	72	int no_body = FALSE;
71	int maximum_age = -1;	73	int maximum_age = -1;
@@ -166,7 +168,7 @@ main (int argc, char **argv)
166	(void) alarm (socket_timeout);	168	(void) alarm (socket_timeout);
167	gettimeofday (&tv, NULL);	169	gettimeofday (&tv, NULL);
168		170
169	#ifdef HAVE_SSL	171	#ifdef USE_OPENSSL
170	if (use_ssl && check_cert == TRUE) {	172	if (use_ssl && check_cert == TRUE) {
171	if (connect_SSL () != OK)	173	if (connect_SSL () != OK)
172	die (STATE_CRITICAL, _("HTTP CRITICAL - Could not make SSL connection\n"));	174	die (STATE_CRITICAL, _("HTTP CRITICAL - Could not make SSL connection\n"));
@@ -305,7 +307,7 @@ process_arguments (int argc, char **argv)
305	server_port = HTTPS_PORT;	307	server_port = HTTPS_PORT;
306	break;	308	break;
307	case 'C': /* Check SSL cert validity */	309	case 'C': /* Check SSL cert validity */
308	#ifdef HAVE_SSL	310	#ifdef USE_OPENSSL
309	if (!is_intnonneg (optarg))	311	if (!is_intnonneg (optarg))
310	usage2 (_("Invalid certificate expiration period"), optarg);	312	usage2 (_("Invalid certificate expiration period"), optarg);
311	else {	313	else {
@@ -799,10 +801,11 @@ check_http (void)
799	if (connect_SSL () != OK) {	801	if (connect_SSL () != OK) {
800	die (STATE_CRITICAL, _("Unable to open TCP socket\n"));	802	die (STATE_CRITICAL, _("Unable to open TCP socket\n"));
801	}	803	}
802		804	#ifdef USE_OPENSSL
803	if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) {	805	if ((server_cert = SSL_get_peer_certificate (ssl)) != NULL) {
804	X509_free (server_cert);	806	X509_free (server_cert);
805	}	807	}
		808	#endif
806	else {	809	else {
807	printf (_("CRITICAL - Cannot retrieve server certificate.\n"));	810	printf (_("CRITICAL - Cannot retrieve server certificate.\n"));
808	return STATE_CRITICAL;	811	return STATE_CRITICAL;
@@ -857,7 +860,9 @@ check_http (void)
857	#ifdef HAVE_SSL	860	#ifdef HAVE_SSL
858	if (use_ssl == TRUE) {	861	if (use_ssl == TRUE) {
859	if (SSL_write (ssl, buf, (int)strlen(buf)) == -1) {	862	if (SSL_write (ssl, buf, (int)strlen(buf)) == -1) {
		863	# ifdef USE_OPENSSL
860	ERR_print_errors_fp (stderr);	864	ERR_print_errors_fp (stderr);
		865	# endif
861	return STATE_CRITICAL;	866	return STATE_CRITICAL;
862	}	867	}
863	}	868	}
@@ -1278,11 +1283,15 @@ int connect_SSL (void)
1278	if (my_tcp_connect (server_address, server_port, &sd) == STATE_OK) {	1283	if (my_tcp_connect (server_address, server_port, &sd) == STATE_OK) {
1279	/* Do the SSL handshake */	1284	/* Do the SSL handshake */
1280	if ((ssl = SSL_new (ctx)) != NULL) {	1285	if ((ssl = SSL_new (ctx)) != NULL) {
		1286	#ifdef USE_OPENSSL
1281	SSL_set_cipher_list(ssl, "ALL");	1287	SSL_set_cipher_list(ssl, "ALL");
		1288	#endif
1282	SSL_set_fd (ssl, sd);	1289	SSL_set_fd (ssl, sd);
1283	if (SSL_connect (ssl) != -1)	1290	if (SSL_connect (ssl) != -1)
1284	return OK;	1291	return OK;
		1292	#ifdef USE_OPENSSL
1285	ERR_print_errors_fp (stderr);	1293	ERR_print_errors_fp (stderr);
		1294	#endif
1286	}	1295	}
1287	else {	1296	else {
1288	printf (_("CRITICAL - Cannot initiate SSL handshake.\n"));	1297	printf (_("CRITICAL - Cannot initiate SSL handshake.\n"));
@@ -1299,7 +1308,7 @@ int connect_SSL (void)
1299		1308
1300		1309
1301		1310
1302	#ifdef HAVE_SSL	1311	#ifdef USE_OPENSSL
1303	int	1312	int
1304	check_certificate (X509 ** certificate)	1313	check_certificate (X509 ** certificate)
1305	{	1314	{