diff options
| author |  William Leibzon <william@leibzon.org>
| 2012-05-21 18:46:45 -0700 |
|---|---|---|
| committer |  Sven Nierlein <sven@nierlein.de>
| 2012-06-25 12:05:16 +0200 |
| commit | fa3d2a4074e1bd8526e37ba5e1a214ae4a1774cf (patch) | |
| tree | 1d0c780a61db8e719502aed2a7bd9311afd23ac4 /plugins/check_tcp.c | |
| parent | 88fdf3a8a8e17f9212e10befe1f24ff3fa1aa8e6 (diff) | |
| download | monitoring-plugins-fa3d2a4074e1bd8526e37ba5e1a214ae4a1774cf.tar.gz | |
applied patch that adds both critical and warning thresholds to certificate expiration checks of check_tcp, check_http, check_smtp
Diffstat (limited to 'plugins/check_tcp.c')
| -rw-r--r-- | plugins/check_tcp.c | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index d3c92a49..7b0f7f8a 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -39,7 +39,7 @@ const char *email = "nagiosplug-devel@lists.sourceforge.net"; #ifdef HAVE_SSL static int check_cert = FALSE; -static int days_till_exp; +static int days_till_exp_warn, days_till_exp_crit; # define my_recv(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) # define my_send(buf, len) ((flags & FLAG_SSL) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) #else @@ -235,7 +235,7 @@ main (int argc, char **argv) if (flags & FLAG_SSL){ result = np_net_ssl_init(sd); if (result == STATE_OK && check_cert == TRUE) { - result = np_net_ssl_check_cert(days_till_exp); + result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); } } if(result != STATE_OK || check_cert == TRUE){ @@ -380,6 +380,7 @@ process_arguments (int argc, char **argv) { int c; int escape = 0; + char *temp; int option = 0; static struct option longopts[] = { @@ -552,9 +553,22 @@ process_arguments (int argc, char **argv) case 'D': /* Check SSL cert validity - days 'til certificate expiration */ #ifdef HAVE_SSL # ifdef USE_OPENSSL /* XXX */ - if (!is_intnonneg (optarg)) + if ((temp=strchr(optarg,','))!=NULL) { + *temp='\0'; + if (!is_intnonneg (temp)) + usage2 (_("Invalid certificate expiration period"), optarg); days_till_exp_warn = atoi(optarg); + *temp=','; + temp++; + if (!is_intnonneg (temp)) + usage2 (_("Invalid certificate expiration period"), temp); + days_till_exp_crit = atoi (temp); + } + else { + days_till_exp_crit=0; + if (!is_intnonneg (optarg)) usage2 (_("Invalid certificate expiration period"), optarg); - days_till_exp = atoi (optarg); + days_till_exp_warn = atoi (optarg); + } check_cert = TRUE; flags |= FLAG_SSL; break; @@ -626,8 +640,9 @@ print_help (void) printf (" %s\n", _("Seconds to wait between sending string and polling for response")); #ifdef HAVE_SSL - printf (" %s\n", "-D, --certificate=INTEGER"); + printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); + printf (" %s\n", _("1st is #days for warning, 2nd is critical (if not specified - 0).")); printf (" %s\n", "-S, --ssl"); printf (" %s\n", _("Use SSL for the connection.")); #endif @@ -649,6 +664,6 @@ print_usage (void) printf ("%s -H host -p port [-w <warning time>] [-c <critical time>] [-s <send string>]\n",progname); printf ("[-e <expect string>] [-q <quit string>][-m <maximum bytes>] [-d <delay>]\n"); printf ("[-t <timeout seconds>] [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6] [-j]\n"); - printf ("[-D <days to cert expiry>] [-S <use SSL>] [-E]\n"); + printf ("[-D <warn days cert expire>[,<crit days cert expire>]] [-S <use SSL>] [-E]\n"); } |