diff options
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/check_http.c | 2 | ||||
| -rw-r--r-- | plugins/netutils.h | 1 | ||||
| -rw-r--r-- | plugins/sslutils.c | 13 |
3 files changed, 14 insertions, 2 deletions
diff --git a/plugins/check_http.c b/plugins/check_http.c index 03102033..79f6adf3 100644 --- a/plugins/check_http.c +++ b/plugins/check_http.c | |||
| @@ -790,7 +790,7 @@ check_http (void) | |||
| 790 | die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); | 790 | die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n")); |
| 791 | #ifdef HAVE_SSL | 791 | #ifdef HAVE_SSL |
| 792 | if (use_ssl == TRUE) { | 792 | if (use_ssl == TRUE) { |
| 793 | np_net_ssl_init(sd); | 793 | np_net_ssl_init_with_hostname(sd, host_name); |
| 794 | if (check_cert == TRUE) { | 794 | if (check_cert == TRUE) { |
| 795 | result = np_net_ssl_check_cert(days_till_exp); | 795 | result = np_net_ssl_check_cert(days_till_exp); |
| 796 | np_net_ssl_cleanup(); | 796 | np_net_ssl_cleanup(); |
diff --git a/plugins/netutils.h b/plugins/netutils.h index b479b741..572a3ae2 100644 --- a/plugins/netutils.h +++ b/plugins/netutils.h | |||
| @@ -99,6 +99,7 @@ extern int address_family; | |||
| 99 | #ifdef HAVE_SSL | 99 | #ifdef HAVE_SSL |
| 100 | /* maybe this could be merged with the above np_net_connect, via some flags */ | 100 | /* maybe this could be merged with the above np_net_connect, via some flags */ |
| 101 | int np_net_ssl_init(int sd); | 101 | int np_net_ssl_init(int sd); |
| 102 | int np_net_ssl_init_with_hostname(int sd, char *host_name); | ||
| 102 | void np_net_ssl_cleanup(); | 103 | void np_net_ssl_cleanup(); |
| 103 | int np_net_ssl_write(const void *buf, int num); | 104 | int np_net_ssl_write(const void *buf, int num); |
| 104 | int np_net_ssl_read(void *buf, int num); | 105 | int np_net_ssl_read(void *buf, int num); |
diff --git a/plugins/sslutils.c b/plugins/sslutils.c index 1d4ef94a..aa571b6c 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c | |||
| @@ -35,7 +35,11 @@ static SSL_CTX *c=NULL; | |||
| 35 | static SSL *s=NULL; | 35 | static SSL *s=NULL; |
| 36 | static int initialized=0; | 36 | static int initialized=0; |
| 37 | 37 | ||
| 38 | int np_net_ssl_init (int sd){ | 38 | int np_net_ssl_init (int sd) { |
| 39 | return np_net_ssl_init_with_hostname(sd, NULL); | ||
| 40 | } | ||
| 41 | |||
| 42 | int np_net_ssl_init_with_hostname (int sd, char *host_name) { | ||
| 39 | if (!initialized) { | 43 | if (!initialized) { |
| 40 | /* Initialize SSL context */ | 44 | /* Initialize SSL context */ |
| 41 | SSLeay_add_ssl_algorithms (); | 45 | SSLeay_add_ssl_algorithms (); |
| @@ -48,6 +52,10 @@ int np_net_ssl_init (int sd){ | |||
| 48 | return STATE_CRITICAL; | 52 | return STATE_CRITICAL; |
| 49 | } | 53 | } |
| 50 | if ((s = SSL_new (c)) != NULL){ | 54 | if ((s = SSL_new (c)) != NULL){ |
| 55 | #ifdef SSL_set_tlsext_host_name | ||
| 56 | if (host_name != NULL) | ||
| 57 | SSL_set_tlsext_host_name(s, host_name); | ||
| 58 | #endif | ||
| 51 | SSL_set_fd (s, sd); | 59 | SSL_set_fd (s, sd); |
| 52 | if (SSL_connect(s) == 1){ | 60 | if (SSL_connect(s) == 1){ |
| 53 | return OK; | 61 | return OK; |
| @@ -65,6 +73,9 @@ int np_net_ssl_init (int sd){ | |||
| 65 | 73 | ||
| 66 | void np_net_ssl_cleanup (){ | 74 | void np_net_ssl_cleanup (){ |
| 67 | if(s){ | 75 | if(s){ |
| 76 | #ifdef SSL_set_tlsext_host_name | ||
| 77 | SSL_set_tlsext_host_name(s, NULL); | ||
| 78 | #endif | ||
| 68 | SSL_shutdown (s); | 79 | SSL_shutdown (s); |
| 69 | SSL_free (s); | 80 | SSL_free (s); |
| 70 | if(c) { | 81 | if(c) { |