1 files changed, 85 insertions, 0 deletions

diff --git a/web/attachments/273929-nagiosplug-sni-trunk.patch b/web/attachments/273929-nagiosplug-sni-trunk.patch
new file mode 100644
index 0000000..c6d2c3e
--- /dev/null
+++ b/web/attachments/273929-nagiosplug-sni-trunk.patch
@@ -0,0 +1,85 @@
+Index: plugins/netutils.h
+===================================================================
+--- plugins/netutils.h  (revision 1977)
++++ plugins/netutils.h  (working copy)
+@@ -99,6 +99,7 @@
+ int np_net_ssl_write(const void *buf, int num);
+ int np_net_ssl_read(void *buf, int num);
+ int np_net_ssl_check_cert(int days_till_exp);
++void np_net_ssl_set_host_name(const char *buf);
+ #endif /* HAVE_SSL */
+ 
+ #endif /* _NETUTILS_H_ */
+Index: plugins/sslutils.c
+===================================================================
+--- plugins/sslutils.c  (revision 1977)
++++ plugins/sslutils.c  (working copy)
+@@ -37,6 +37,7 @@
+ static SSL_CTX *c=NULL;
+ static SSL *s=NULL;
+ static int initialized=0;
++const char *host_name=NULL;
+ 
+ int np_net_ssl_init (int sd){
+                if (!initialized) {
+@@ -51,6 +52,10 @@
+                                return STATE_CRITICAL;
+                }
+                if ((s = SSL_new (c)) != NULL){
++#ifdef SSL_set_tlsext_host_name
++                               if (host_name != NULL)
++                                       SSL_set_tlsext_host_name(s, host_name);
++#endif
+                                SSL_set_fd (s, sd);
+                                if (SSL_connect(s) == 1){
+                                                return OK;
+@@ -68,6 +73,9 @@
+ 
+ void np_net_ssl_cleanup (){
+                if(s){
++#ifdef SSL_set_tlsext_host_name
++                               SSL_set_tlsext_host_name(s, NULL);
++#endif
+                                SSL_shutdown (s);
+                                SSL_free (s);
+                                if(c) {
+@@ -93,7 +101,7 @@
+        int offset;
+        struct tm stamp;
+        int days_left;
+-       char timestamp[17] = "";
++       char timestamp[21] = "";
+ 
+        certificate=SSL_get_peer_certificate(s);
+        if(! certificate){
+@@ -138,16 +146,17 @@
+        stamp.tm_sec = 0;
+        stamp.tm_isdst = -1;
+ 
+-       days_left = (mktime (&stamp) - time (NULL)) / 86400;
++       float time_left = difftime(timegm(&stamp), time(NULL));
++       days_left = time_left / 86400;
+        snprintf
+-               (timestamp, 17, "%02d/%02d/%04d %02d:%02d",
++               (timestamp, 21, "%02d/%02d/%04d %02d:%02d %s",
+                 stamp.tm_mon + 1,
+-                stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min);
++                stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min, stamp.tm_zone);
+ 
+        if (days_left > 0 && days_left <= days_till_exp) {
+                printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp);
+                return STATE_WARNING;
+-       } else if (days_left < 0) {
++       } else if (time_left < 0) {
+                printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp);
+                return STATE_CRITICAL;
+        } else if (days_left == 0) {
+@@ -164,4 +173,8 @@
+ #  endif /* USE_OPENSSL */
+ }
+ 
++void np_net_ssl_set_host_name (const char *buf){
++       host_name = buf;
++}
++
+ #endif /* HAVE_SSL */