X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fsslutils.c;h=64f4d61c9179c9c5d93e5ff5e5bebe7a17ac7b98;hb=4b2265d20c8651046b5e8b65000d93bbbbb481f3;hp=afc24be1f1951c992de2976928eca8b4809547f0;hpb=d41a33a434558189300113c28b26e2d3d681d390;p=nagiosplug.git diff --git a/plugins/sslutils.c b/plugins/sslutils.c index afc24be..64f4d61 100644 --- a/plugins/sslutils.c +++ b/plugins/sslutils.c @@ -30,16 +30,16 @@ #include "common.h" #include "netutils.h" -/* Max length of timestamps, ex: "03/05/2009 00:13 GMT". Calculate up to 6 - * chars for the timezone (ex: "GMT-10") and one terminating \0 */ -#define TS_LENGTH 24 - #ifdef HAVE_SSL static SSL_CTX *c=NULL; static SSL *s=NULL; static int initialized=0; -int np_net_ssl_init (int sd){ +int np_net_ssl_init (int sd) { + return np_net_ssl_init_with_hostname(sd, NULL); +} + +int np_net_ssl_init_with_hostname (int sd, char *host_name) { if (!initialized) { /* Initialize SSL context */ SSLeay_add_ssl_algorithms (); @@ -52,6 +52,10 @@ int np_net_ssl_init (int sd){ return STATE_CRITICAL; } if ((s = SSL_new (c)) != NULL){ +#ifdef SSL_set_tlsext_host_name + if (host_name != NULL) + SSL_set_tlsext_host_name(s, host_name); +#endif SSL_set_fd (s, sd); if (SSL_connect(s) == 1){ return OK; @@ -69,6 +73,9 @@ int np_net_ssl_init (int sd){ void np_net_ssl_cleanup (){ if(s){ +#ifdef SSL_set_tlsext_host_name + SSL_set_tlsext_host_name(s, NULL); +#endif SSL_shutdown (s); SSL_free (s); if(c) { @@ -90,11 +97,12 @@ int np_net_ssl_read(void *buf, int num){ int np_net_ssl_check_cert(int days_till_exp){ # ifdef USE_OPENSSL X509 *certificate=NULL; - ASN1_STRING *tm; + ASN1_STRING *tm; int offset; struct tm stamp; + float time_left; int days_left; - char timestamp[TS_LENGTH] = ""; + char timestamp[17] = ""; certificate=SSL_get_peer_certificate(s); if(! certificate){ @@ -139,12 +147,12 @@ int np_net_ssl_check_cert(int days_till_exp){ stamp.tm_sec = 0; stamp.tm_isdst = -1; - float time_left = difftime(timegm(&stamp), time(NULL)); + time_left = difftime(timegm(&stamp), time(NULL)); days_left = time_left / 86400; snprintf - (timestamp, TS_LENGTH, "%02d/%02d/%04d %02d:%02d %s", + (timestamp, 17, "%02d/%02d/%04d %02d:%02d", stamp.tm_mon + 1, - stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min, stamp.tm_zone); + stamp.tm_mday, stamp.tm_year + 1900, stamp.tm_hour, stamp.tm_min); if (days_left > 0 && days_left <= days_till_exp) { printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp);