From 3a6f9292f147de29b21dafa4cf9b7efce3e4cbfd Mon Sep 17 00:00:00 2001 From: Lorenz Kästle <12514511+RincewindsHat@users.noreply.github.com> Date: Wed, 8 Apr 2026 18:06:29 +0200 Subject: Rename USE_OPENSSL to MOPL_USE_OPENSSL (#2253) net-snmp uses the same pre processor name "USE_OPENSSL" as we do. To avoid the conflict, this commit renames it on our side to "MOPL_USE_OPENSSL". "MOPL" (better "MoPl"?) stands for Monitoring Plugins. --- configure.ac | 2 +- lib/utils_base.h | 2 +- plugins/check_curl.c | 26 ++++++++++----------- plugins/check_curl.d/check_curl_helpers.c | 16 ++++++------- plugins/check_smtp.c | 6 ++--- plugins/check_tcp.c | 4 ++-- plugins/sslutils.c | 38 +++++++++++++++---------------- 7 files changed, 47 insertions(+), 47 deletions(-) diff --git a/configure.ac b/configure.ac index ae7eb30b..e4351ad7 100644 --- a/configure.ac +++ b/configure.ac @@ -578,7 +578,7 @@ if test "$FOUNDOPENSSL" = "yes" || test "$FOUNDGNUTLS" = "yes"; then AC_SUBST(SSLLIBS) AC_DEFINE(HAVE_SSL,1,[Define if SSL libraries are found]) if test "$FOUNDOPENSSL" = "yes"; then - AC_DEFINE(USE_OPENSSL,1,[Define if using OpenSSL libraries]) + AC_DEFINE(MOPL_USE_OPENSSL,1,[Define if using OpenSSL libraries]) with_openssl="yes" with_gnutls="no" else diff --git a/lib/utils_base.h b/lib/utils_base.h index 27884bf0..1da96f78 100644 --- a/lib/utils_base.h +++ b/lib/utils_base.h @@ -9,7 +9,7 @@ #include "./thresholds.h" #include "states.h" -#ifndef USE_OPENSSL +#ifndef MOPL_USE_OPENSSL # include "sha256.h" #endif diff --git a/plugins/check_curl.c b/plugins/check_curl.c index b168cbcd..fe7e61d6 100644 --- a/plugins/check_curl.c +++ b/plugins/check_curl.c @@ -62,7 +62,7 @@ const char *email = "devel@monitoring-plugins.org"; #include #include -#if defined(HAVE_SSL) && defined(USE_OPENSSL) +#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) # include #endif @@ -81,9 +81,9 @@ extern char errbuf[MAX_INPUT_BUFFER]; extern bool is_openssl_callback; extern bool add_sslctx_verify_fun; -#if defined(HAVE_SSL) && defined(USE_OPENSSL) +#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) static X509 *cert = NULL; -#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */ +#endif /* defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) */ typedef struct { int errorcode; @@ -114,10 +114,10 @@ static void print_curl_version(void); // check_curl_evaluation_wrapper check_curl_evaluate(check_curl_config config, // mp_check overall[static 1]) {} -#if defined(HAVE_SSL) && defined(USE_OPENSSL) +#if defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, int days_till_exp_crit); -#endif /* defined(HAVE_SSL) && defined(USE_OPENSSL) */ +#endif /* defined(HAVE_SSL) && defined(MOPL_USE_OPENSSL) */ int main(int argc, char **argv) { #ifdef __OpenBSD__ @@ -167,7 +167,7 @@ int main(int argc, char **argv) { } #ifdef HAVE_SSL -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) { (void)preverify_ok; /* TODO: we get all certificates of the chain, so which ones @@ -190,11 +190,11 @@ int verify_callback(int preverify_ok, X509_STORE_CTX *x509_ctx) { } return 1; } -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ #endif /* HAVE_SSL */ #ifdef HAVE_SSL -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) { (void)curl; // ignore unused parameter (void)parm; // ignore unused parameter @@ -211,7 +211,7 @@ CURLcode sslctxfun(CURL *curl, SSL_CTX *sslctx, void *parm) { return CURLE_OK; } -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ #endif /* HAVE_SSL */ mp_subcheck check_http(const check_curl_config config, check_curl_working_state workingState, @@ -1867,7 +1867,7 @@ void print_usage(void) { void print_curl_version(void) { printf("%s\n", curl_version()); } #ifdef LIBCURL_FEATURE_SSL -# ifndef USE_OPENSSL +# ifndef MOPL_USE_OPENSSL time_t parse_cert_date(const char *s) { if (!s) { return -1; @@ -1884,11 +1884,11 @@ time_t parse_cert_date(const char *s) { return date; } -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ #endif /* LIBCURL_FEATURE_SSL */ #ifdef LIBCURL_FEATURE_SSL -# ifndef USE_OPENSSL +# ifndef MOPL_USE_OPENSSL /* TODO: this needs cleanup in the sslutils.c, maybe we the #else case to * OpenSSL could be this function */ @@ -2025,5 +2025,5 @@ int net_noopenssl_check_certificate(cert_ptr_union *cert_ptr, int days_till_exp_ } return status; } -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ #endif /* LIBCURL_FEATURE_SSL */ diff --git a/plugins/check_curl.d/check_curl_helpers.c b/plugins/check_curl.d/check_curl_helpers.c index f23dbdb7..80d6f4f6 100644 --- a/plugins/check_curl.d/check_curl_helpers.c +++ b/plugins/check_curl.d/check_curl_helpers.c @@ -439,11 +439,11 @@ check_curl_configure_curl(const check_curl_static_curl_config config, case CURLHELP_SSL_LIBRARY_LIBRESSL: /* set callback to extract certificate with OpenSSL context function (works with * OpenSSL-style libraries only!) */ -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL /* libcurl and monitoring plugins built with OpenSSL, good */ add_sslctx_verify_fun = true; is_openssl_callback = true; -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ /* libcurl is built with OpenSSL, monitoring plugins, so falling * back to manually extracting certificate information */ handle_curl_option_return_code( @@ -1312,16 +1312,16 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_ #ifdef LIBCURL_FEATURE_SSL if (is_openssl_callback) { -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL /* check certificate with OpenSSL functions, curl has been built against OpenSSL * and we actually have OpenSSL in the monitoring tools */ return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp); -# else /* USE_OPENSSL */ +# else /* MOPL_USE_OPENSSL */ xasprintf(&result.output, "HTTP CRITICAL - Cannot retrieve certificates - OpenSSL " "callback used and not linked against OpenSSL\n"); mp_set_subcheck_state(result, STATE_CRITICAL); -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ } else { struct curl_slist *slist; @@ -1329,7 +1329,7 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_ cert_ptr.to_info = NULL; CURLcode res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &cert_ptr.to_certinfo); if (!res && cert_ptr.to_info) { -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL /* We have no OpenSSL in libcurl, but we can use OpenSSL for X509 cert * parsing We only check the first certificate and assume it's the one of * the server @@ -1375,13 +1375,13 @@ mp_subcheck check_curl_certificate_checks(CURL *curl, X509 *cert, int warn_days_ BIO_free(cert_BIO); return mp_net_ssl_check_certificate(cert, warn_days_till_exp, crit_days_till_exp); -# else /* USE_OPENSSL */ +# else /* MOPL_USE_OPENSSL */ /* We assume we don't have OpenSSL and np_net_ssl_check_certificate at our * disposal, so we use the libcurl CURLINFO data */ return net_noopenssl_check_certificate(&cert_ptr, days_till_exp_warn, days_till_exp_crit); -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ } else { xasprintf(&sc_cert_result.output, _("Cannot retrieve certificates - cURL returned %d - %s"), res, diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 24883fd8..19e2a58f 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c @@ -350,7 +350,7 @@ int main(int argc, char **argv) { } } -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL if (ssl_established) { net_ssl_check_cert_result cert_check_result = np_net_ssl_check_cert2(config.days_till_exp_warn, config.days_till_exp_crit); @@ -389,7 +389,7 @@ int main(int argc, char **argv) { mp_add_subcheck_to_check(&overall, sc_cert_check); } -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ #endif @@ -764,7 +764,7 @@ check_smtp_config_wrapper process_arguments(int argc, char **argv) { break; case 'D': { /* Check SSL cert validity */ -#ifdef USE_OPENSSL +#ifdef MOPL_USE_OPENSSL char *temp; if ((temp = strchr(optarg, ',')) != NULL) { *temp = '\0'; diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 49a8c4c1..cd8e04b0 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -683,7 +683,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t break; case 'D': /* Check SSL cert validity - days 'til certificate expiration */ #ifdef HAVE_SSL -# ifdef USE_OPENSSL /* XXX */ +# ifdef MOPL_USE_OPENSSL /* XXX */ { char *temp; if ((temp = strchr(optarg, ',')) != NULL) { @@ -708,7 +708,7 @@ static check_tcp_config_wrapper process_arguments(int argc, char **argv, check_t config.check_cert = true; config.use_tls = true; } break; -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ #endif /* fallthrough if we don't have ssl */ case 'S': diff --git a/plugins/sslutils.c b/plugins/sslutils.c index c58a35ab..c4ab6a05 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c @@ -127,7 +127,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int } if (cert && privkey) { -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL if (!SSL_CTX_use_certificate_chain_file(ctx, cert)) { # elif USE_GNUTLS if (!SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)) { @@ -138,7 +138,7 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int return STATE_CRITICAL; } SSL_CTX_use_PrivateKey_file(ctx, privkey, SSL_FILETYPE_PEM); -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL if (!SSL_CTX_check_private_key(ctx)) { printf("%s\n", _("CRITICAL - Private key does not seem to match certificate!\n")); return STATE_CRITICAL; @@ -161,9 +161,9 @@ int np_net_ssl_init_with_hostname_version_and_cert(int sd, char *host_name, int return OK; } else { printf("%s\n", _("CRITICAL - Cannot make SSL connection.")); -# ifdef USE_OPENSSL /* XXX look into ERR_error_string */ +# ifdef MOPL_USE_OPENSSL /* XXX look into ERR_error_string */ ERR_print_errors_fp(stdout); -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ } } else { printf("%s\n", _("CRITICAL - Cannot initiate SSL handshake.")); @@ -192,7 +192,7 @@ int np_net_ssl_read(void *buf, int num) { return SSL_read(s, buf, num); } mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, int days_till_exp_crit) { -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL if (!certificate) { printf("%s\n", _("CRITICAL - No server certificate present to inspect.")); return STATE_CRITICAL; @@ -306,14 +306,14 @@ mp_state_enum np_net_ssl_check_certificate(X509 *certificate, int days_till_exp_ } X509_free(certificate); return status; -# else /* ifndef USE_OPENSSL */ +# else /* ifndef MOPL_USE_OPENSSL */ printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); return STATE_WARNING; -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ } retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate) { -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL retrieve_expiration_time_result result = { .errors = ALL_OK, .remaining_seconds = 0, @@ -404,14 +404,14 @@ retrieve_expiration_time_result np_net_ssl_get_cert_expiration(X509 *certificate X509_free(certificate); return result; -# else /* ifndef USE_OPENSSL */ +# else /* ifndef MOPL_USE_OPENSSL */ printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); return STATE_WARNING; -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ } net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int days_till_exp_crit) { -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL X509 *certificate = NULL; certificate = SSL_get_peer_certificate(s); @@ -438,27 +438,27 @@ net_ssl_check_cert_result np_net_ssl_check_cert2(int days_till_exp_warn, int day return result; -# else /* ifndef USE_OPENSSL */ +# else /* ifndef MOPL_USE_OPENSSL */ printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); return STATE_WARNING; -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ } mp_state_enum np_net_ssl_check_cert(int days_till_exp_warn, int days_till_exp_crit) { -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL X509 *certificate = NULL; certificate = SSL_get_peer_certificate(s); return (np_net_ssl_check_certificate(certificate, days_till_exp_warn, days_till_exp_crit)); -# else /* ifndef USE_OPENSSL */ +# else /* ifndef MOPL_USE_OPENSSL */ printf("%s\n", _("WARNING - Plugin does not support checking certificates.")); return STATE_WARNING; -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ } mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_warn, int days_till_exp_crit) { mp_subcheck sc_cert = mp_subcheck_init(); -# ifdef USE_OPENSSL +# ifdef MOPL_USE_OPENSSL if (!certificate) { xasprintf(&sc_cert.output, _("No server certificate present to inspect")); sc_cert = mp_set_subcheck_state(sc_cert, STATE_CRITICAL); @@ -581,10 +581,10 @@ mp_subcheck mp_net_ssl_check_certificate(X509 *certificate, int days_till_exp_wa } X509_free(certificate); return sc_cert; -# else /* ifndef USE_OPENSSL */ +# else /* ifndef MOPL_USE_OPENSSL */ xasprintf(&sc_cert.output, _("Plugin does not support checking certificates")); sc_cert = mp_set_subcheck_state(sc_cert, STATE_WARNING); return sc_cert; -# endif /* USE_OPENSSL */ +# endif /* MOPL_USE_OPENSSL */ } #endif /* HAVE_SSL */ -- cgit v1.2.3-74-g34f1