diff options
Diffstat (limited to 'web/attachments/388024-sslutils.patch')
-rw-r--r-- | web/attachments/388024-sslutils.patch | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/web/attachments/388024-sslutils.patch b/web/attachments/388024-sslutils.patch new file mode 100644 index 0000000..417c6be --- /dev/null +++ b/web/attachments/388024-sslutils.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | --- plugins/sslutils.c 2010-07-27 16:47:16.000000000 -0400 | ||
2 | +++ sslutils.c 2010-09-27 10:16:20.000000000 -0400 | ||
3 | @@ -51,24 +51,40 @@ | ||
4 | printf ("%s\n", _("CRITICAL - Cannot create SSL context.")); | ||
5 | return STATE_CRITICAL; | ||
6 | } | ||
7 | - if ((s = SSL_new (c)) != NULL){ | ||
8 | + if ((s = SSL_new (c)) == NULL){ | ||
9 | + printf ("%s\n", _("CRITICAL - Cannot initiate SSL handshake.")); | ||
10 | + return STATE_CRITICAL; | ||
11 | + } | ||
12 | #ifdef SSL_set_tlsext_host_name | ||
13 | - if (host_name != NULL) | ||
14 | - SSL_set_tlsext_host_name(s, host_name); | ||
15 | + if (host_name != NULL) | ||
16 | + SSL_set_tlsext_host_name(s, host_name); | ||
17 | #endif | ||
18 | - SSL_set_fd (s, sd); | ||
19 | - if (SSL_connect(s) == 1){ | ||
20 | - return OK; | ||
21 | - } else { | ||
22 | - printf ("%s\n", _("CRITICAL - Cannot make SSL connection ")); | ||
23 | -# ifdef USE_OPENSSL /* XXX look into ERR_error_string */ | ||
24 | - ERR_print_errors_fp (stdout); | ||
25 | -# endif /* USE_OPENSSL */ | ||
26 | - } | ||
27 | - } else { | ||
28 | - printf ("%s\n", _("CRITICAL - Cannot initiate SSL handshake.")); | ||
29 | - } | ||
30 | - return STATE_CRITICAL; | ||
31 | + SSL_set_fd (s, sd); | ||
32 | + if (SSL_connect(s) == 1) | ||
33 | + return OK; | ||
34 | + | ||
35 | + // Try TLS | ||
36 | + // Free old pointers | ||
37 | + SSL_CTX_free(c); | ||
38 | + SSL_free(s); | ||
39 | + | ||
40 | + if ((c = SSL_CTX_new(TLSv1_client_method())) == NULL) { | ||
41 | + printf("%s\n", _("CRITICAL - Cannot create SSL context.")); | ||
42 | + return STATE_CRITICAL; | ||
43 | + } | ||
44 | + if ((s = SSL_new(c)) == NULL) { | ||
45 | + printf("%s\n", _("CRITICAL - Cannot initiate SSL handshake.")); | ||
46 | + return STATE_CRITICAL; | ||
47 | + } | ||
48 | +#ifdef SSL_set_tlsext_host_name | ||
49 | + if (host_name != NULL) | ||
50 | + SSL_set_tlsext_host_name(s, host_name); | ||
51 | +#endif | ||
52 | + SSL_set_fd(s, sd); | ||
53 | + if (SSL_connect(s) == 1){ | ||
54 | + return OK; | ||
55 | + } | ||
56 | + return STATE_CRITICAL; | ||
57 | } | ||
58 | |||
59 | void np_net_ssl_cleanup (){ | ||