X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fsslutils.c;h=64f4d61c9179c9c5d93e5ff5e5bebe7a17ac7b98;hb=b48c2bdd59783197c93cde531e6e8b9747c0a88f;hp=f5035e231e2c8ede5e410d111520696f74d392a4;hpb=6fbd14fea5c111a23d9074d25499991cbfa58f79;p=nagiosplug.git

diff --git a/plugins/sslutils.c b/plugins/sslutils.c
index f5035e2..64f4d61 100644
--- a/plugins/sslutils.c
+++ b/plugins/sslutils.c
@@ -35,7 +35,11 @@ static SSL_CTX *c=NULL;
 static SSL *s=NULL;
 static int initialized=0;
 
-int np_net_ssl_init (int sd){
+int np_net_ssl_init (int sd) {
+		return np_net_ssl_init_with_hostname(sd, NULL);
+}
+
+int np_net_ssl_init_with_hostname (int sd, char *host_name) {
 		if (!initialized) {
 			/* Initialize SSL context */
 			SSLeay_add_ssl_algorithms ();
@@ -48,6 +52,10 @@ int np_net_ssl_init (int sd){
 				return STATE_CRITICAL;
 		}
 		if ((s = SSL_new (c)) != NULL){
+#ifdef SSL_set_tlsext_host_name
+				if (host_name != NULL)
+					SSL_set_tlsext_host_name(s, host_name);
+#endif
 				SSL_set_fd (s, sd);
 				if (SSL_connect(s) == 1){
 						return OK;
@@ -65,6 +73,9 @@ int np_net_ssl_init (int sd){
 
 void np_net_ssl_cleanup (){
 		if(s){
+#ifdef SSL_set_tlsext_host_name
+				SSL_set_tlsext_host_name(s, NULL);
+#endif
 				SSL_shutdown (s);
 				SSL_free (s);
 				if(c) {
@@ -86,9 +97,10 @@ int np_net_ssl_read(void *buf, int num){
 int np_net_ssl_check_cert(int days_till_exp){
 #  ifdef USE_OPENSSL
 	X509 *certificate=NULL;
-        ASN1_STRING *tm;
+	ASN1_STRING *tm;
 	int offset;
 	struct tm stamp;
+	float time_left;
 	int days_left;
 	char timestamp[17] = "";
 
@@ -135,7 +147,8 @@ int np_net_ssl_check_cert(int days_till_exp){
 	stamp.tm_sec = 0;
 	stamp.tm_isdst = -1;
 
-	days_left = (mktime (&stamp) - time (NULL)) / 86400;
+	time_left = difftime(timegm(&stamp), time(NULL));
+	days_left = time_left / 86400;
 	snprintf
 		(timestamp, 17, "%02d/%02d/%04d %02d:%02d",
 		 stamp.tm_mon + 1,
@@ -144,7 +157,7 @@ int np_net_ssl_check_cert(int days_till_exp){
 	if (days_left > 0 && days_left <= days_till_exp) {
 		printf (_("WARNING - Certificate expires in %d day(s) (%s).\n"), days_left, timestamp);
 		return STATE_WARNING;
-	} else if (days_left < 0) {
+	} else if (time_left < 0) {
 		printf (_("CRITICAL - Certificate expired on %s.\n"), timestamp);
 		return STATE_CRITICAL;
 	} else if (days_left == 0) {