diff options
Diffstat (limited to 'web/attachments/431216-check_http-dateformat-subjectname.diff')
-rw-r--r-- | web/attachments/431216-check_http-dateformat-subjectname.diff | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/web/attachments/431216-check_http-dateformat-subjectname.diff b/web/attachments/431216-check_http-dateformat-subjectname.diff new file mode 100644 index 0000000..28592c1 --- /dev/null +++ b/web/attachments/431216-check_http-dateformat-subjectname.diff | |||
@@ -0,0 +1,71 @@ | |||
1 | diff -u -p nagios-plugins-1.4.15/plugins/sslutils.c.v0 nagios-plugins-1.4.15/plugins/sslutils.c | ||
2 | --- nagios-plugins-1.4.15/plugins/sslutils.c.v0 2011-12-19 17:42:22.000000000 +0100 | ||
3 | +++ nagios-plugins-1.4.15/plugins/sslutils.c 2011-12-19 17:57:14.000000000 +0100 | ||
4 | @@ -103,6 +103,7 @@ int np_net_ssl_check_cert(int days_till_ | ||
5 | float time_left; | ||
6 | int days_left; | ||
7 | char timestamp[17] = ""; | ||
8 | + char subject[256]; | ||
9 | |||
10 | certificate=SSL_get_peer_certificate(s); | ||
11 | if(! certificate){ | ||
12 | @@ -113,10 +114,14 @@ int np_net_ssl_check_cert(int days_till_ | ||
13 | /* Retrieve timestamp of certificate */ | ||
14 | tm = X509_get_notAfter (certificate); | ||
15 | |||
16 | + /* Retrieve subject name in certificate. */ | ||
17 | + *subject = '\0'; | ||
18 | + X509_NAME_get_text_by_NID(X509_get_subject_name(certificate), NID_commonName, subject, 256); | ||
19 | + | ||
20 | /* Generate tm structure to process timestamp */ | ||
21 | if (tm->type == V_ASN1_UTCTIME) { | ||
22 | if (tm->length < 10) { | ||
23 | - printf ("%s\n", _("CRITICAL - Wrong time format in certificate.")); | ||
24 | + printf ("%s\n", _("CRITICAL - Wrong time format in certificate %s."), subject); | ||
25 | return STATE_CRITICAL; | ||
26 | } else { | ||
27 | stamp.tm_year = (tm->data[0] - '0') * 10 + (tm->data[1] - '0'); | ||
28 | @@ -126,7 +131,7 @@ int np_net_ssl_check_cert(int days_till_ | ||
29 | } | ||
30 | } else { | ||
31 | if (tm->length < 12) { | ||
32 | - printf ("%s\n", _("CRITICAL - Wrong time format in certificate.")); | ||
33 | + printf ("%s\n", _("CRITICAL - Wrong time format in certificate %s."), subject); | ||
34 | return STATE_CRITICAL; | ||
35 | } else { | ||
36 | stamp.tm_year = | ||
37 | @@ -149,23 +154,30 @@ int np_net_ssl_check_cert(int days_till_ | ||
38 | |||
39 | time_left = difftime(timegm(&stamp), time(NULL)); | ||
40 | days_left = time_left / 86400; | ||
41 | +#ifdef AMERICAN_DATE_FORMAT | ||
42 | snprintf | ||
43 | (timestamp, 17, "%02d/%02d/%04d %02d:%02d", | ||
44 | stamp.tm_mon + 1, | ||
45 | stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); | ||
46 | +#else | ||
47 | + snprintf | ||
48 | + (timestamp, 17, "%04d-%02d-%02d %02d:%02d", | ||
49 | + stamp.tm_year + 1900, | ||
50 | + stamp.tm_mon + 1, stamp.tm_mday, stamp.tm_hour, stamp.tm_min); | ||
51 | +#endif | ||
52 | |||
53 | if (days_left > 0 && days_left <= days_till_exp) { | ||
54 | - printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp); | ||
55 | + printf (_("WARNING - Certificate %s expires in %d day(s) (%s).\n"), subject, days_left, timestamp); | ||
56 | return STATE_WARNING; | ||
57 | } else if (time_left < 0) { | ||
58 | - printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp); | ||
59 | + printf (_("CRITICAL - Certificate %s expired on %s.\n"), subject, timestamp); | ||
60 | return STATE_CRITICAL; | ||
61 | } else if (days_left == 0) { | ||
62 | - printf (_("WARNING - Certificate expires today (%s).\n"), timestamp); | ||
63 | + printf (_("WARNING - Certificate %s expires today (%s).\n"), subject, timestamp); | ||
64 | return STATE_WARNING; | ||
65 | } | ||
66 | |||
67 | - printf (_("OK - Certificate will expire on %s.\n"), timestamp); | ||
68 | + printf (_("OK - Certificate %s will expire on %s.\n"), subject, timestamp); | ||
69 | X509_free (certificate); | ||
70 | return STATE_OK; | ||
71 | # else /* ifndef USE_OPENSSL */ | ||