5 files changed, 45 insertions, 45 deletions
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index b168cbcd..fe7e61d6 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -62,7 +62,7 @@ const char *email = "devel@monitoring-plugins.org";
 #include <arpa/inet.h>
 #include <netinet/in.h>
-#if defined(HAVE_SSL) && defined(USE_OPENSSL)
+#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
 #       include <openssl/opensslv.h>
 #endif
@@ -81,9 +81,9 @@ extern char errbuf[MAX_INPUT_BUFFER];
 extern bool is_openssl_callback;
 extern bool add_sslctx_verify_fun;
-#if defined(HAVE_SSL) && defined(USE_OPENSSL)
+#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
 static X509 *cert = NULL;
-#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */
+#endif /* defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) */
 typedef struct {
        int errorcode;
@@ -114,10 +114,10 @@ static void print_curl_version(void);
 // check_curl_evaluation_wrapper check_curl_evaluate(check_curl_config config,
 //                                                                                                mp_check overall[static 1]) {}
-#if defined(HAVE_SSL) && defined(USE_OPENSSL)
+#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
 mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
                                                                                   int days_till_exp_crit);
-#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */
+#endif /* defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) */
 int main(int argc, char **argv) {
 #ifdef __OpenBSD__
@@ -167,7 +167,7 @@ int main(int argc, char **argv) {
 }
 #ifdef HAVE_SSL
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
 int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) {
        (void)preverify_ok;
        /* TODO: we get all certificates of the chain, so which ones
@@ -190,11 +190,11 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) {
        }
        return 1;
 }
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 #endif     /* HAVE_SSL */
 #ifdef HAVE_SSL
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
 CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) {
        (void)curl; // ignore unused parameter
        (void)parm; // ignore unused parameter
@@ -211,7 +211,7 @@ CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) {
        return CURLE_OK;
 }
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 #endif     /* HAVE_SSL */
 mp_subcheck check_http(const check_curl_config config, check_curl_working_state workingState,
@@ -1867,7 +1867,7 @@ void print_usage(void) {
 void print_curl_version(void) { printf("%s\n", curl_version()); }
 #ifdef LIBCURL_FEATURE_SSL
-#       ifndef USE_OPENSSL
+#       ifndef MOPL_USE_OPENSSL
 time_t parse_cert_date(const char *s) {
        if (!s) {
                return -1;
@@ -1884,11 +1884,11 @@ time_t parse_cert_date(const char *s) {
        return date;
 }
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 #endif     /* LIBCURL_FEATURE_SSL */
 #ifdef LIBCURL_FEATURE_SSL
-#       ifndef USE_OPENSSL
+#       ifndef MOPL_USE_OPENSSL
 /* TODO: this needs cleanup in the sslutils.c, maybe we the #else case to
 * OpenSSL could be this function
 */
@@ -2025,5 +2025,5 @@ int net_noopenssl_check_certificate(cert_ptr_union *cert_ptr, int days_till_exp_
        }
        return status;
 }
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 #endif     /* LIBCURL_FEATURE_SSL */
diff --git a/plugins/check_curl.d/check_curl_helpers.c b/plugins/check_curl.d/check_curl_helpers.c
index f23dbdb7..80d6f4f6 100644
--- a/plugins/check_curl.d/check_curl_helpers.c
+++ b/plugins/check_curl.d/check_curl_helpers.c
@@ -439,11 +439,11 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
                case CURLHELP_SSL_LIBRARY_LIBRESSL:
                        /* set callback to extract certificate with OpenSSL context function (works with
                         * OpenSSL-style libraries only!) */
-#               ifdef USE_OPENSSL
+#               ifdef MOPL_USE_OPENSSL
                        /* libcurl and monitoring plugins built with OpenSSL, good */
                        add_sslctx_verify_fun = true;
                        is_openssl_callback = true;
-#               endif /* USE_OPENSSL */
+#               endif /* MOPL_USE_OPENSSL */
                        /* libcurl is built with OpenSSL, monitoring plugins, so falling
                         * back to manually extracting certificate information */
                        handle_curl_option_return_code(
@@ -1312,16 +1312,16 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_
 #ifdef LIBCURL_FEATURE_SSL
        if (is_openssl_callback) {
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
                /* check certificate with OpenSSL functions, curl has been built against OpenSSL
                 * and we actually have OpenSSL in the monitoring tools
                 */
                return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp);
-#       else  /* USE_OPENSSL */
+#       else  /* MOPL_USE_OPENSSL */
                xasprintf(&result.output, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL "
                                                                  "callback used and not linked against OpenSSL\n");
                mp_set_subcheck_state(result, STATE_CRITICAL);
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
        } else {
                struct curl_slist *slist;
@@ -1329,7 +1329,7 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_
                cert_ptr.to_info = NULL;
                CURLcode res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &cert_ptr.to_certinfo);
                if (!res && cert_ptr.to_info) {
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
                        /* We have no OpenSSL in libcurl, but we can use OpenSSL for X509 cert
                         * parsing We only check the first certificate and assume it's the one of
                         * the server
@@ -1375,13 +1375,13 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_
                        BIO_free(cert_BIO);
                        return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp);
-#       else  /* USE_OPENSSL */
+#       else  /* MOPL_USE_OPENSSL */
                        /* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our
                         * disposal, so we use the libcurl CURLINFO data
                         */
                        return net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn,
                                                                                                   days_till_exp_crit);
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
                } else {
                        xasprintf(&sc_cert_result.output,
                                          _("Cannot retrieve certificates - cURL returned %d - %s"), res,
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 24883fd8..19e2a58f 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -350,7 +350,7 @@ int main(int argc, char **argv) {
                }
        }
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
        if (ssl_established) {
                net_ssl_check_cert_result cert_check_result =
                        np_net_ssl_check_cert2(config.days_till_exp_warn, config.days_till_exp_crit);
@@ -389,7 +389,7 @@ int main(int argc, char **argv) {
                mp_add_subcheck_to_check(&overall, sc_cert_check);
        }
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 #endif
@@ -764,7 +764,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
                        break;
                case 'D': {
                        /* Check SSL cert validity */
-#ifdef USE_OPENSSL
+#ifdef MOPL_USE_OPENSSL
                        char *temp;
                        if ((temp = strchr(optarg, ',')) != NULL) {
                                *temp = '\0';
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c
index 49a8c4c1..cd8e04b0 100644
--- a/plugins/check_tcp.c
+++ b/plugins/check_tcp.c
@@ -683,7 +683,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
                        break;
                case 'D': /* Check SSL cert validity - days 'til certificate expiration */
 #ifdef HAVE_SSL
-#       ifdef USE_OPENSSL /* XXX */
+#       ifdef MOPL_USE_OPENSSL /* XXX */
                {
                        char *temp;
                        if ((temp = strchr(optarg, ',')) != NULL) {
@@ -708,7 +708,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
                        config.check_cert = true;
                        config.use_tls = true;
                } break;
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 #endif
                        /* fallthrough if we don't have ssl */
                case 'S':
diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index c58a35ab..c4ab6a05 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -127,7 +127,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
        }
        if (cert && privkey) {
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
                if (!SSL_CTX_use_certificate_chain_file(ctx, cert)) {
 #       elif USE_GNUTLS
                if (!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) {
@@ -138,7 +138,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
                        return STATE_CRITICAL;
                }
                SSL_CTX_use_PrivateKey_file(ctx, privkey, SSL_FILETYPE_PEM);
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
                if (!SSL_CTX_check_private_key(ctx)) {
                        printf("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n"));
                        return STATE_CRITICAL;
@@ -161,9 +161,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
                        return OK;
                } else {
                        printf("%s\n", _("CRITICAL - Cannot make SSL connection."));
-#       ifdef USE_OPENSSL /* XXX look into ERR_error_string */
+#       ifdef MOPL_USE_OPENSSL /* XXX look into ERR_error_string */
                        ERR_print_errors_fp(stdout);
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
                }
        } else {
                printf("%s\n", _("CRITICAL - Cannot initiate SSL handshake."));
@@ -192,7 +192,7 @@ int np_net_ssl_read(void *buf, int num) { return SSL_read(s, buf, num); }
 mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
                                                                                   int days_till_exp_crit) {
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
        if (!certificate) {
                printf("%s\n", _("CRITICAL - No server certificate present to inspect."));
                return STATE_CRITICAL;
@@ -306,14 +306,14 @@ mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_
        }
        X509_free(certificate);
        return status;
-#       else  /* ifndef USE_OPENSSL */
+#       else  /* ifndef MOPL_USE_OPENSSL */
        printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
        return STATE_WARNING;
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 }
 retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate) {
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
        retrieve_expiration_time_result result = {
                .errors = ALL_OK,
                .remaining_seconds = 0,
@@ -404,14 +404,14 @@ retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate
        X509_free(certificate);
        return result;
-#       else  /* ifndef USE_OPENSSL */
+#       else  /* ifndef MOPL_USE_OPENSSL */
        printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
        return STATE_WARNING;
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 }
 net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int days_till_exp_crit) {
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
        X509 *certificate = NULL;
        certificate = SSL_get_peer_certificate(s);
@@ -438,27 +438,27 @@ net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int day
        return result;
-#       else  /* ifndef USE_OPENSSL */
+#       else  /* ifndef MOPL_USE_OPENSSL */
        printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
        return STATE_WARNING;
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 }
 mp_state_enum np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit) {
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
        X509 *certificate = NULL;
        certificate = SSL_get_peer_certificate(s);
        return (np_net_ssl_check_certificate(certificate, days_till_exp_warn, days_till_exp_crit));
-#       else  /* ifndef USE_OPENSSL */
+#       else  /* ifndef MOPL_USE_OPENSSL */
        printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
        return STATE_WARNING;
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 }
 mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
                                                                                 int days_till_exp_crit) {
        mp_subcheck sc_cert = mp_subcheck_init();
-#       ifdef USE_OPENSSL
+#       ifdef MOPL_USE_OPENSSL
        if (!certificate) {
                xasprintf(&sc_cert.output, _("No server certificate present to inspect"));
                sc_cert = mp_set_subcheck_state(sc_cert, STATE_CRITICAL);
@@ -581,10 +581,10 @@ mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_wa
        }
        X509_free(certificate);
        return sc_cert;
-#       else  /* ifndef USE_OPENSSL */
+#       else  /* ifndef MOPL_USE_OPENSSL */
        xasprintf(&sc_cert.output, _("Plugin does not support checking certificates"));
        sc_cert = mp_set_subcheck_state(sc_cert, STATE_WARNING);
        return sc_cert;
-#       endif /* USE_OPENSSL */
+#       endif /* MOPL_USE_OPENSSL */
 }
 #endif /* HAVE_SSL */

diff --git a/plugins/check_curl.c b/plugins/check_curl.c index b168cbcd..fe7e61d6 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c
@@ -62,7 +62,7 @@ const char *email = "devel@monitoring-plugins.org";
62	#include <arpa/inet.h>	62	#include <arpa/inet.h>
63	#include <netinet/in.h>	63	#include <netinet/in.h>
64		64
65	#if defined(HAVE_SSL) && defined(USE_OPENSSL)	65	#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
66	# include <openssl/opensslv.h>	66	# include <openssl/opensslv.h>
67	#endif	67	#endif
68		68
@@ -81,9 +81,9 @@ extern char errbuf[MAX_INPUT_BUFFER];
81	extern bool is_openssl_callback;	81	extern bool is_openssl_callback;
82	extern bool add_sslctx_verify_fun;	82	extern bool add_sslctx_verify_fun;
83		83
84	#if defined(HAVE_SSL) && defined(USE_OPENSSL)	84	#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
85	static X509 *cert = NULL;	85	static X509 *cert = NULL;
86	#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */	86	#endif /* defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) */
87		87
88	typedef struct {	88	typedef struct {
89	int errorcode;	89	int errorcode;
@@ -114,10 +114,10 @@ static void print_curl_version(void);
114	// check_curl_evaluation_wrapper check_curl_evaluate(check_curl_config config,	114	// check_curl_evaluation_wrapper check_curl_evaluate(check_curl_config config,
115	// mp_check overall[static 1]) {}	115	// mp_check overall[static 1]) {}
116		116
117	#if defined(HAVE_SSL) && defined(USE_OPENSSL)	117	#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL)
118	mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,	118	mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
119	int days_till_exp_crit);	119	int days_till_exp_crit);
120	#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */	120	#endif /* defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) */
121		121
122	int main(int argc, char **argv) {	122	int main(int argc, char **argv) {
123	#ifdef __OpenBSD__	123	#ifdef __OpenBSD__
@@ -167,7 +167,7 @@ int main(int argc, char **argv) {
167	}	167	}
168		168
169	#ifdef HAVE_SSL	169	#ifdef HAVE_SSL
170	# ifdef USE_OPENSSL	170	# ifdef MOPL_USE_OPENSSL
171	int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) {	171	int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) {
172	(void)preverify_ok;	172	(void)preverify_ok;
173	/* TODO: we get all certificates of the chain, so which ones	173	/* TODO: we get all certificates of the chain, so which ones
@@ -190,11 +190,11 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) {
190	}	190	}
191	return 1;	191	return 1;
192	}	192	}
193	# endif /* USE_OPENSSL */	193	# endif /* MOPL_USE_OPENSSL */
194	#endif /* HAVE_SSL */	194	#endif /* HAVE_SSL */
195		195
196	#ifdef HAVE_SSL	196	#ifdef HAVE_SSL
197	# ifdef USE_OPENSSL	197	# ifdef MOPL_USE_OPENSSL
198	CURLcode sslctxfun(CURL curl, SSL_CTX sslctx, void *parm) {	198	CURLcode sslctxfun(CURL curl, SSL_CTX sslctx, void *parm) {
199	(void)curl; // ignore unused parameter	199	(void)curl; // ignore unused parameter
200	(void)parm; // ignore unused parameter	200	(void)parm; // ignore unused parameter
@@ -211,7 +211,7 @@ CURLcode sslctxfun(CURL curl, SSL_CTX sslctx, void *parm) {
211		211
212	return CURLE_OK;	212	return CURLE_OK;
213	}	213	}
214	# endif /* USE_OPENSSL */	214	# endif /* MOPL_USE_OPENSSL */
215	#endif /* HAVE_SSL */	215	#endif /* HAVE_SSL */
216		216
217	mp_subcheck check_http(const check_curl_config config, check_curl_working_state workingState,	217	mp_subcheck check_http(const check_curl_config config, check_curl_working_state workingState,
@@ -1867,7 +1867,7 @@ void print_usage(void) {
1867	void print_curl_version(void) { printf("%s\n", curl_version()); }	1867	void print_curl_version(void) { printf("%s\n", curl_version()); }
1868		1868
1869	#ifdef LIBCURL_FEATURE_SSL	1869	#ifdef LIBCURL_FEATURE_SSL
1870	# ifndef USE_OPENSSL	1870	# ifndef MOPL_USE_OPENSSL
1871	time_t parse_cert_date(const char *s) {	1871	time_t parse_cert_date(const char *s) {
1872	if (!s) {	1872	if (!s) {
1873	return -1;	1873	return -1;
@@ -1884,11 +1884,11 @@ time_t parse_cert_date(const char *s) {
1884		1884
1885	return date;	1885	return date;
1886	}	1886	}
1887	# endif /* USE_OPENSSL */	1887	# endif /* MOPL_USE_OPENSSL */
1888	#endif /* LIBCURL_FEATURE_SSL */	1888	#endif /* LIBCURL_FEATURE_SSL */
1889		1889
1890	#ifdef LIBCURL_FEATURE_SSL	1890	#ifdef LIBCURL_FEATURE_SSL
1891	# ifndef USE_OPENSSL	1891	# ifndef MOPL_USE_OPENSSL
1892	/* TODO: this needs cleanup in the sslutils.c, maybe we the #else case to	1892	/* TODO: this needs cleanup in the sslutils.c, maybe we the #else case to
1893	* OpenSSL could be this function	1893	* OpenSSL could be this function
1894	*/	1894	*/
@@ -2025,5 +2025,5 @@ int net_noopenssl_check_certificate(cert_ptr_union *cert_ptr, int days_till_exp_
2025	}	2025	}
2026	return status;	2026	return status;
2027	}	2027	}
2028	# endif /* USE_OPENSSL */	2028	# endif /* MOPL_USE_OPENSSL */
2029	#endif /* LIBCURL_FEATURE_SSL */	2029	#endif /* LIBCURL_FEATURE_SSL */


diff --git a/plugins/check_curl.d/check_curl_helpers.c b/plugins/check_curl.d/check_curl_helpers.c index f23dbdb7..80d6f4f6 100644 --- a/plugins/check_curl.d/check_curl_helpers.c +++ b/plugins/check_curl.d/check_curl_helpers.c
@@ -439,11 +439,11 @@ check_curl_configure_curl(const check_curl_static_curl_config config,
439	case CURLHELP_SSL_LIBRARY_LIBRESSL:	439	case CURLHELP_SSL_LIBRARY_LIBRESSL:
440	/* set callback to extract certificate with OpenSSL context function (works with	440	/* set callback to extract certificate with OpenSSL context function (works with
441	* OpenSSL-style libraries only!) */	441	* OpenSSL-style libraries only!) */
442	# ifdef USE_OPENSSL	442	# ifdef MOPL_USE_OPENSSL
443	/* libcurl and monitoring plugins built with OpenSSL, good */	443	/* libcurl and monitoring plugins built with OpenSSL, good */
444	add_sslctx_verify_fun = true;	444	add_sslctx_verify_fun = true;
445	is_openssl_callback = true;	445	is_openssl_callback = true;
446	# endif /* USE_OPENSSL */	446	# endif /* MOPL_USE_OPENSSL */
447	/* libcurl is built with OpenSSL, monitoring plugins, so falling	447	/* libcurl is built with OpenSSL, monitoring plugins, so falling
448	* back to manually extracting certificate information */	448	* back to manually extracting certificate information */
449	handle_curl_option_return_code(	449	handle_curl_option_return_code(
@@ -1312,16 +1312,16 @@ mp_subcheck check_curl_certificate_checks(CURL curl, X509 cert, int warn_days_
1312		1312
1313	#ifdef LIBCURL_FEATURE_SSL	1313	#ifdef LIBCURL_FEATURE_SSL
1314	if (is_openssl_callback) {	1314	if (is_openssl_callback) {
1315	# ifdef USE_OPENSSL	1315	# ifdef MOPL_USE_OPENSSL
1316	/* check certificate with OpenSSL functions, curl has been built against OpenSSL	1316	/* check certificate with OpenSSL functions, curl has been built against OpenSSL
1317	* and we actually have OpenSSL in the monitoring tools	1317	* and we actually have OpenSSL in the monitoring tools
1318	*/	1318	*/
1319	return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp);	1319	return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp);
1320	# else /* USE_OPENSSL */	1320	# else /* MOPL_USE_OPENSSL */
1321	xasprintf(&result.output, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL "	1321	xasprintf(&result.output, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL "
1322	"callback used and not linked against OpenSSL\n");	1322	"callback used and not linked against OpenSSL\n");
1323	mp_set_subcheck_state(result, STATE_CRITICAL);	1323	mp_set_subcheck_state(result, STATE_CRITICAL);
1324	# endif /* USE_OPENSSL */	1324	# endif /* MOPL_USE_OPENSSL */
1325	} else {	1325	} else {
1326	struct curl_slist *slist;	1326	struct curl_slist *slist;
1327		1327
@@ -1329,7 +1329,7 @@ mp_subcheck check_curl_certificate_checks(CURL curl, X509 cert, int warn_days_
1329	cert_ptr.to_info = NULL;	1329	cert_ptr.to_info = NULL;
1330	CURLcode res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &cert_ptr.to_certinfo);	1330	CURLcode res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &cert_ptr.to_certinfo);
1331	if (!res && cert_ptr.to_info) {	1331	if (!res && cert_ptr.to_info) {
1332	# ifdef USE_OPENSSL	1332	# ifdef MOPL_USE_OPENSSL
1333	/* We have no OpenSSL in libcurl, but we can use OpenSSL for X509 cert	1333	/* We have no OpenSSL in libcurl, but we can use OpenSSL for X509 cert
1334	* parsing We only check the first certificate and assume it's the one of	1334	* parsing We only check the first certificate and assume it's the one of
1335	* the server	1335	* the server
@@ -1375,13 +1375,13 @@ mp_subcheck check_curl_certificate_checks(CURL curl, X509 cert, int warn_days_
1375		1375
1376	BIO_free(cert_BIO);	1376	BIO_free(cert_BIO);
1377	return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp);	1377	return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp);
1378	# else /* USE_OPENSSL */	1378	# else /* MOPL_USE_OPENSSL */
1379	/* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our	1379	/* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our
1380	* disposal, so we use the libcurl CURLINFO data	1380	* disposal, so we use the libcurl CURLINFO data
1381	*/	1381	*/
1382	return net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn,	1382	return net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn,
1383	days_till_exp_crit);	1383	days_till_exp_crit);
1384	# endif /* USE_OPENSSL */	1384	# endif /* MOPL_USE_OPENSSL */
1385	} else {	1385	} else {
1386	xasprintf(&sc_cert_result.output,	1386	xasprintf(&sc_cert_result.output,
1387	_("Cannot retrieve certificates - cURL returned %d - %s"), res,	1387	_("Cannot retrieve certificates - cURL returned %d - %s"), res,


diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 24883fd8..19e2a58f 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c
@@ -350,7 +350,7 @@ int main(int argc, char **argv) {
350	}	350	}
351	}	351	}
352		352
353	# ifdef USE_OPENSSL	353	# ifdef MOPL_USE_OPENSSL
354	if (ssl_established) {	354	if (ssl_established) {
355	net_ssl_check_cert_result cert_check_result =	355	net_ssl_check_cert_result cert_check_result =
356	np_net_ssl_check_cert2(config.days_till_exp_warn, config.days_till_exp_crit);	356	np_net_ssl_check_cert2(config.days_till_exp_warn, config.days_till_exp_crit);
@@ -389,7 +389,7 @@ int main(int argc, char **argv) {
389		389
390	mp_add_subcheck_to_check(&overall, sc_cert_check);	390	mp_add_subcheck_to_check(&overall, sc_cert_check);
391	}	391	}
392	# endif /* USE_OPENSSL */	392	# endif /* MOPL_USE_OPENSSL */
393		393
394	#endif	394	#endif
395		395
@@ -764,7 +764,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) {
764	break;	764	break;
765	case 'D': {	765	case 'D': {
766	/* Check SSL cert validity */	766	/* Check SSL cert validity */
767	#ifdef USE_OPENSSL	767	#ifdef MOPL_USE_OPENSSL
768	char *temp;	768	char *temp;
769	if ((temp = strchr(optarg, ',')) != NULL) {	769	if ((temp = strchr(optarg, ',')) != NULL) {
770	*temp = '\0';	770	*temp = '\0';


diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 49a8c4c1..cd8e04b0 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c
@@ -683,7 +683,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
683	break;	683	break;
684	case 'D': /* Check SSL cert validity - days 'til certificate expiration */	684	case 'D': /* Check SSL cert validity - days 'til certificate expiration */
685	#ifdef HAVE_SSL	685	#ifdef HAVE_SSL
686	# ifdef USE_OPENSSL /* XXX */	686	# ifdef MOPL_USE_OPENSSL /* XXX */
687	{	687	{
688	char *temp;	688	char *temp;
689	if ((temp = strchr(optarg, ',')) != NULL) {	689	if ((temp = strchr(optarg, ',')) != NULL) {
@@ -708,7 +708,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t
708	config.check_cert = true;	708	config.check_cert = true;
709	config.use_tls = true;	709	config.use_tls = true;
710	} break;	710	} break;
711	# endif /* USE_OPENSSL */	711	# endif /* MOPL_USE_OPENSSL */
712	#endif	712	#endif
713	/* fallthrough if we don't have ssl */	713	/* fallthrough if we don't have ssl */
714	case 'S':	714	case 'S':


diff --git a/plugins/sslutils.c b/plugins/sslutils.c index c58a35ab..c4ab6a05 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c
@@ -127,7 +127,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
127	}	127	}
128		128
129	if (cert && privkey) {	129	if (cert && privkey) {
130	# ifdef USE_OPENSSL	130	# ifdef MOPL_USE_OPENSSL
131	if (!SSL_CTX_use_certificate_chain_file(ctx, cert)) {	131	if (!SSL_CTX_use_certificate_chain_file(ctx, cert)) {
132	# elif USE_GNUTLS	132	# elif USE_GNUTLS
133	if (!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) {	133	if (!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) {
@@ -138,7 +138,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
138	return STATE_CRITICAL;	138	return STATE_CRITICAL;
139	}	139	}
140	SSL_CTX_use_PrivateKey_file(ctx, privkey, SSL_FILETYPE_PEM);	140	SSL_CTX_use_PrivateKey_file(ctx, privkey, SSL_FILETYPE_PEM);
141	# ifdef USE_OPENSSL	141	# ifdef MOPL_USE_OPENSSL
142	if (!SSL_CTX_check_private_key(ctx)) {	142	if (!SSL_CTX_check_private_key(ctx)) {
143	printf("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n"));	143	printf("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n"));
144	return STATE_CRITICAL;	144	return STATE_CRITICAL;
@@ -161,9 +161,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int
161	return OK;	161	return OK;
162	} else {	162	} else {
163	printf("%s\n", _("CRITICAL - Cannot make SSL connection."));	163	printf("%s\n", _("CRITICAL - Cannot make SSL connection."));
164	# ifdef USE_OPENSSL /* XXX look into ERR_error_string */	164	# ifdef MOPL_USE_OPENSSL /* XXX look into ERR_error_string */
165	ERR_print_errors_fp(stdout);	165	ERR_print_errors_fp(stdout);
166	# endif /* USE_OPENSSL */	166	# endif /* MOPL_USE_OPENSSL */
167	}	167	}
168	} else {	168	} else {
169	printf("%s\n", _("CRITICAL - Cannot initiate SSL handshake."));	169	printf("%s\n", _("CRITICAL - Cannot initiate SSL handshake."));
@@ -192,7 +192,7 @@ int np_net_ssl_read(void *buf, int num) { return SSL_read(s, buf, num); }
192		192
193	mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,	193	mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
194	int days_till_exp_crit) {	194	int days_till_exp_crit) {
195	# ifdef USE_OPENSSL	195	# ifdef MOPL_USE_OPENSSL
196	if (!certificate) {	196	if (!certificate) {
197	printf("%s\n", _("CRITICAL - No server certificate present to inspect."));	197	printf("%s\n", _("CRITICAL - No server certificate present to inspect."));
198	return STATE_CRITICAL;	198	return STATE_CRITICAL;
@@ -306,14 +306,14 @@ mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_
306	}	306	}
307	X509_free(certificate);	307	X509_free(certificate);
308	return status;	308	return status;
309	# else /* ifndef USE_OPENSSL */	309	# else /* ifndef MOPL_USE_OPENSSL */
310	printf("%s\n", _("WARNING - Plugin does not support checking certificates."));	310	printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
311	return STATE_WARNING;	311	return STATE_WARNING;
312	# endif /* USE_OPENSSL */	312	# endif /* MOPL_USE_OPENSSL */
313	}	313	}
314		314
315	retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate) {	315	retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate) {
316	# ifdef USE_OPENSSL	316	# ifdef MOPL_USE_OPENSSL
317	retrieve_expiration_time_result result = {	317	retrieve_expiration_time_result result = {
318	.errors = ALL_OK,	318	.errors = ALL_OK,
319	.remaining_seconds = 0,	319	.remaining_seconds = 0,
@@ -404,14 +404,14 @@ retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate
404	X509_free(certificate);	404	X509_free(certificate);
405		405
406	return result;	406	return result;
407	# else /* ifndef USE_OPENSSL */	407	# else /* ifndef MOPL_USE_OPENSSL */
408	printf("%s\n", _("WARNING - Plugin does not support checking certificates."));	408	printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
409	return STATE_WARNING;	409	return STATE_WARNING;
410	# endif /* USE_OPENSSL */	410	# endif /* MOPL_USE_OPENSSL */
411	}	411	}
412		412
413	net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int days_till_exp_crit) {	413	net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int days_till_exp_crit) {
414	# ifdef USE_OPENSSL	414	# ifdef MOPL_USE_OPENSSL
415	X509 *certificate = NULL;	415	X509 *certificate = NULL;
416	certificate = SSL_get_peer_certificate(s);	416	certificate = SSL_get_peer_certificate(s);
417		417
@@ -438,27 +438,27 @@ net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int day
438		438
439	return result;	439	return result;
440		440
441	# else /* ifndef USE_OPENSSL */	441	# else /* ifndef MOPL_USE_OPENSSL */
442	printf("%s\n", _("WARNING - Plugin does not support checking certificates."));	442	printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
443	return STATE_WARNING;	443	return STATE_WARNING;
444	# endif /* USE_OPENSSL */	444	# endif /* MOPL_USE_OPENSSL */
445	}	445	}
446		446
447	mp_state_enum np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit) {	447	mp_state_enum np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit) {
448	# ifdef USE_OPENSSL	448	# ifdef MOPL_USE_OPENSSL
449	X509 *certificate = NULL;	449	X509 *certificate = NULL;
450	certificate = SSL_get_peer_certificate(s);	450	certificate = SSL_get_peer_certificate(s);
451	return (np_net_ssl_check_certificate(certificate, days_till_exp_warn, days_till_exp_crit));	451	return (np_net_ssl_check_certificate(certificate, days_till_exp_warn, days_till_exp_crit));
452	# else /* ifndef USE_OPENSSL */	452	# else /* ifndef MOPL_USE_OPENSSL */
453	printf("%s\n", _("WARNING - Plugin does not support checking certificates."));	453	printf("%s\n", _("WARNING - Plugin does not support checking certificates."));
454	return STATE_WARNING;	454	return STATE_WARNING;
455	# endif /* USE_OPENSSL */	455	# endif /* MOPL_USE_OPENSSL */
456	}	456	}
457		457
458	mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,	458	mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn,
459	int days_till_exp_crit) {	459	int days_till_exp_crit) {
460	mp_subcheck sc_cert = mp_subcheck_init();	460	mp_subcheck sc_cert = mp_subcheck_init();
461	# ifdef USE_OPENSSL	461	# ifdef MOPL_USE_OPENSSL
462	if (!certificate) {	462	if (!certificate) {
463	xasprintf(&sc_cert.output, _("No server certificate present to inspect"));	463	xasprintf(&sc_cert.output, _("No server certificate present to inspect"));
464	sc_cert = mp_set_subcheck_state(sc_cert, STATE_CRITICAL);	464	sc_cert = mp_set_subcheck_state(sc_cert, STATE_CRITICAL);
@@ -581,10 +581,10 @@ mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_wa
581	}	581	}
582	X509_free(certificate);	582	X509_free(certificate);
583	return sc_cert;	583	return sc_cert;
584	# else /* ifndef USE_OPENSSL */	584	# else /* ifndef MOPL_USE_OPENSSL */
585	xasprintf(&sc_cert.output, _("Plugin does not support checking certificates"));	585	xasprintf(&sc_cert.output, _("Plugin does not support checking certificates"));
586	sc_cert = mp_set_subcheck_state(sc_cert, STATE_WARNING);	586	sc_cert = mp_set_subcheck_state(sc_cert, STATE_WARNING);
587	return sc_cert;	587	return sc_cert;
588	# endif /* USE_OPENSSL */	588	# endif /* MOPL_USE_OPENSSL */
589	}	589	}
590	#endif /* HAVE_SSL */	590	#endif /* HAVE_SSL */