upstream/monitoring-plugins
1
0
Fork 0
mirror of https://github.com/monitoring-plugins/monitoring-plugins.git synced 2026-02-20 00:10:09 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

check_http: Add SSL/TLS hostname extension support (SNI) - (#1939022 - Joe Presbrey)

Browse source
This commit is contained in:
Thomas Guyot-Sionnest 2009-05-20 01:05:35 -04:00
parent 56cf66c9b8
commit 0489df95fc
5 changed files with 16 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
NEWS
View file

@ -34,6 +34,7 @@ This file documents the major additions and syntax changes between releases.
Fixed typos for check_disk (Chris Pepper)
Fixed check_mysql* not using password set in my.cnf (#2531905 - Ben Timby) - Specify an empty password explicitly if you need to override it.
Fixed awk subst.in/subst script path error (#2722832 - Martin Foster)
check_http: Add SSL/TLS hostname extension support (SNI) - (#1939022 - Joe Presbrey)
1.4.13 25th Sept 2008
Fix Debian bug #460097: check_http --max-age broken (Hilko Bengen)

1
THANKS.in
View file

@ -252,3 +252,4 @@ Oskar Ahner
Chris Pepper
Ben Timby
Martin Foster
Joe Presbrey

2
plugins/check_http.c
View file

@ -790,7 +790,7 @@ check_http (void)
die (STATE_CRITICAL, _("HTTP CRITICAL - Unable to open TCP socket\n"));
#ifdef HAVE_SSL
if (use_ssl == TRUE) {
np_net_ssl_init(sd);
np_net_ssl_init_with_hostname(sd, host_name);
if (check_cert == TRUE) {
result = np_net_ssl_check_cert(days_till_exp);
np_net_ssl_cleanup();

1
plugins/netutils.h
View file

@ -99,6 +99,7 @@ extern int address_family;
#ifdef HAVE_SSL
/* maybe this could be merged with the above np_net_connect, via some flags */
int np_net_ssl_init(int sd);
int np_net_ssl_init_with_hostname(int sd, char *host_name);
void np_net_ssl_cleanup();
int np_net_ssl_write(const void *buf, int num);
int np_net_ssl_read(void *buf, int num);

13
plugins/sslutils.c
View file

@ -35,7 +35,11 @@ static SSL_CTX *c=NULL;
static SSL *s=NULL;
static int initialized=0;
int np_net_ssl_init (int sd){
int np_net_ssl_init (int sd) {
return np_net_ssl_init_with_hostname(sd, NULL);
}
int np_net_ssl_init_with_hostname (int sd, char *host_name) {
if (!initialized) {
/* Initialize SSL context */
SSLeay_add_ssl_algorithms ();
@ -48,6 +52,10 @@ int np_net_ssl_init (int sd){
return STATE_CRITICAL;
}
if ((s = SSL_new (c)) != NULL){
#ifdef SSL_set_tlsext_host_name
if (host_name != NULL)
SSL_set_tlsext_host_name(s, host_name);
#endif
SSL_set_fd (s, sd);
if (SSL_connect(s) == 1){
return OK;
@ -65,6 +73,9 @@ int np_net_ssl_init (int sd){
void np_net_ssl_cleanup (){
if(s){
#ifdef SSL_set_tlsext_host_name
SSL_set_tlsext_host_name(s, NULL);
#endif
SSL_shutdown (s);
SSL_free (s);
if(c) {