diff options
| author | Lorenz <12514511+RincewindsHat@users.noreply.github.com> | 2023-03-10 11:33:25 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-03-10 11:33:25 +0100 |
| commit | 5077120a251980b4fafed61b4aa8fa5730a85443 (patch) | |
| tree | 8500b8f5dbe774b399cfdc79f5665ba88ef7f255 /plugins/sslutils.c | |
| parent | a3de84594104ac87a91e200d569fb57edacca928 (diff) | |
| parent | 269718094177fb8a7e3d3005d1310495009fe8c4 (diff) | |
| download | monitoring-plugins-5077120a251980b4fafed61b4aa8fa5730a85443.tar.gz | |
Merge branch 'master' into master
Diffstat (limited to 'plugins/sslutils.c')
| -rw-r--r-- | plugins/sslutils.c | 34 |
1 files changed, 22 insertions, 12 deletions
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 14f6579d..666a0120 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
| @@ -134,7 +134,16 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int | |||
| 134 | return STATE_CRITICAL; | 134 | return STATE_CRITICAL; |
| 135 | } | 135 | } |
| 136 | if (cert && privkey) { | 136 | if (cert && privkey) { |
| 137 | SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM); | 137 | #ifdef USE_OPENSSL |
| 138 | if (!SSL_CTX_use_certificate_chain_file(c, cert)) { | ||
| 139 | #elif USE_GNUTLS | ||
| 140 | if (!SSL_CTX_use_certificate_file(c, cert, SSL_FILETYPE_PEM)) { | ||
| 141 | #else | ||
| 142 | #error Unported for unknown SSL library | ||
| 143 | #endif | ||
| 144 | printf ("%s\n", _("CRITICAL - Unable to open certificate chain file!\n")); | ||
| 145 | return STATE_CRITICAL; | ||
| 146 | } | ||
| 138 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); | 147 | SSL_CTX_use_PrivateKey_file(c, privkey, SSL_FILETYPE_PEM); |
| 139 | #ifdef USE_OPENSSL | 148 | #ifdef USE_OPENSSL |
| 140 | if (!SSL_CTX_check_private_key(c)) { | 149 | if (!SSL_CTX_check_private_key(c)) { |
| @@ -191,17 +200,6 @@ int np_net_ssl_read(void *buf, int num) { | |||
| 191 | return SSL_read(s, buf, num); | 200 | return SSL_read(s, buf, num); |
| 192 | } | 201 | } |
| 193 | 202 | ||
| 194 | int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | ||
| 195 | # ifdef USE_OPENSSL | ||
| 196 | X509 *certificate = NULL; | ||
| 197 | certificate=SSL_get_peer_certificate(s); | ||
| 198 | return(np_net_ssl_check_certificate(certificate, days_till_exp_warn, days_till_exp_crit)); | ||
| 199 | # else /* ifndef USE_OPENSSL */ | ||
| 200 | printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); | ||
| 201 | return STATE_WARNING; | ||
| 202 | # endif /* USE_OPENSSL */ | ||
| 203 | } | ||
| 204 | |||
| 205 | int np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, int days_till_exp_crit){ | 203 | int np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, int days_till_exp_crit){ |
| 206 | # ifdef USE_OPENSSL | 204 | # ifdef USE_OPENSSL |
| 207 | X509_NAME *subj=NULL; | 205 | X509_NAME *subj=NULL; |
| @@ -328,4 +326,16 @@ int np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, int | |||
| 328 | # endif /* USE_OPENSSL */ | 326 | # endif /* USE_OPENSSL */ |
| 329 | } | 327 | } |
| 330 | 328 | ||
| 329 | int np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit){ | ||
| 330 | # ifdef USE_OPENSSL | ||
| 331 | X509 *certificate = NULL; | ||
| 332 | certificate=SSL_get_peer_certificate(s); | ||
| 333 | return(np_net_ssl_check_certificate(certificate, days_till_exp_warn, days_till_exp_crit)); | ||
| 334 | # else /* ifndef USE_OPENSSL */ | ||
| 335 | printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); | ||
| 336 | return STATE_WARNING; | ||
| 337 | # endif /* USE_OPENSSL */ | ||
| 338 | } | ||
| 339 | |||
| 340 | |||
| 331 | #endif /* HAVE_SSL */ | 341 | #endif /* HAVE_SSL */ |