diff options
| author | William Leibzon <william@leibzon.org> | 2012-05-21 18:46:45 -0700 |
|---|---|---|
| committer | Sven Nierlein <sven@nierlein.de> | 2012-06-25 12:05:16 +0200 |
| commit | fa3d2a4074e1bd8526e37ba5e1a214ae4a1774cf (patch) | |
| tree | 1d0c780a61db8e719502aed2a7bd9311afd23ac4 /plugins/sslutils.c | |
| parent | 88fdf3a8a8e17f9212e10befe1f24ff3fa1aa8e6 (diff) | |
| download | monitoring-plugins-fa3d2a4074e1bd8526e37ba5e1a214ae4a1774cf.tar.gz | |
applied patch that adds both critical and warning thresholds to certificate expiration checks of check_tcp, check_http, check_smtp
Diffstat (limited to 'plugins/sslutils.c')
| -rw-r--r-- | plugins/sslutils.c | 18 |
1 files changed, 12 insertions, 6 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 5425bb2c..fe31b562 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
| @@ -126,7 +126,7 @@ int np_net_ssl_read(void *buf, int num) { | |||
| 126 | return SSL_read(s, buf, num); | 126 | return SSL_read(s, buf, num); |
| 127 | } | 127 | } |
| 128 | 128 | ||
| 129 | int np_net_ssl_check_cert(int days_till_exp) { | 129 | int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ |
| 130 | # ifdef USE_OPENSSL | 130 | # ifdef USE_OPENSSL |
| 131 | X509 *certificate=NULL; | 131 | X509 *certificate=NULL; |
| 132 | X509_NAME *subj=NULL; | 132 | X509_NAME *subj=NULL; |
| @@ -202,15 +202,21 @@ int np_net_ssl_check_cert(int days_till_exp) { | |||
| 202 | stamp.tm_mon + 1, | 202 | stamp.tm_mon + 1, |
| 203 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); | 203 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); |
| 204 | 204 | ||
| 205 | if (days_left > 0 && days_left <= days_till_exp) { | 205 | if (days_left > 0 && days_left <= days_till_exp_warn) { |
| 206 | printf(_("WARNING - Certificate '%s' expires in %d day(s) (%s).\n"), cn, days_left, timestamp); | 206 | printf (_("%s - Certificate '%s' expires in %d day(s) (%s).\n"), (days_left>days_till_exp_crit)?"CRITICAL":"WARNING", cn, days_left, timestamp); |
| 207 | status=STATE_WARNING; | 207 | if (days_left > days_till_exp_crit) |
| 208 | return STATE_WARNING; | ||
| 209 | else | ||
| 210 | return STATE_CRITICAL; | ||
| 208 | } else if (time_left < 0) { | 211 | } else if (time_left < 0) { |
| 209 | printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); | 212 | printf(_("CRITICAL - Certificate '%s' expired on %s.\n"), cn, timestamp); |
| 210 | status=STATE_CRITICAL; | 213 | status=STATE_CRITICAL; |
| 211 | } else if (days_left == 0) { | 214 | } else if (days_left == 0) { |
| 212 | printf(_("WARNING - Certificate '%s' expires today (%s).\n"), cn, timestamp); | 215 | printf (_("%s - Certificate '%s' expires today (%s).\n"), (days_left>days_till_exp_crit)?"CRITICAL":"WARNING", cn, timestamp); |
| 213 | status=STATE_WARNING; | 216 | if (days_left > days_till_exp_crit) |
| 217 | return STATE_WARNING; | ||
| 218 | else | ||
| 219 | return STATE_CRITICAL; | ||
| 214 | } else { | 220 | } else { |
| 215 | printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); | 221 | printf(_("OK - Certificate '%s' will expire on %s.\n"), cn, timestamp); |
| 216 | status=STATE_OK; | 222 | status=STATE_OK; |