diff options
| -rw-r--r-- | plugins/check_tcp.c | 23 | ||||
| -rw-r--r-- | plugins/popen.c | 4 | ||||
| -rw-r--r-- | plugins/popen.h | 1 |
3 files changed, 23 insertions, 5 deletions
diff --git a/plugins/check_tcp.c b/plugins/check_tcp.c index 61333bd7..1365b9cb 100644 --- a/plugins/check_tcp.c +++ b/plugins/check_tcp.c @@ -86,6 +86,11 @@ static char buffer[MAXBUF]; static int expect_mismatch_state = STATE_WARNING; static int match_flags = NP_MATCH_EXACT; +#ifdef HAVE_SSL +static char *sni = NULL; +static int sni_specified = FALSE; +#endif + #define FLAG_SSL 0x01 #define FLAG_VERBOSE 0x02 #define FLAG_TIME_WARN 0x04 @@ -241,7 +246,7 @@ main (int argc, char **argv) #ifdef HAVE_SSL if (flags & FLAG_SSL){ - result = np_net_ssl_init(sd); + result = np_net_ssl_init_with_hostname(sd, (sni_specified ? sni : NULL)); if (result == STATE_OK && check_cert == TRUE) { result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); } @@ -401,6 +406,10 @@ process_arguments (int argc, char **argv) int escape = 0; char *temp; + enum { + SNI_OPTION = CHAR_MAX + 1 + }; + int option = 0; static struct option longopts[] = { {"hostname", required_argument, 0, 'H'}, @@ -427,6 +436,7 @@ process_arguments (int argc, char **argv) {"version", no_argument, 0, 'V'}, {"help", no_argument, 0, 'h'}, {"ssl", no_argument, 0, 'S'}, + {"sni", required_argument, 0, SNI_OPTION}, {"certificate", required_argument, 0, 'D'}, {0, 0, 0, 0} }; @@ -604,6 +614,15 @@ process_arguments (int argc, char **argv) die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); #endif break; + case SNI_OPTION: +#ifdef HAVE_SSL + flags |= FLAG_SSL; + sni_specified = TRUE; + sni = optarg; +#else + die (STATE_UNKNOWN, _("Invalid option - SSL is not available")); +#endif + break; case 'A': match_flags |= NP_MATCH_ALL; break; @@ -671,6 +690,8 @@ print_help (void) printf (" %s\n", _("1st is #days for warning, 2nd is critical (if not specified - 0).")); printf (" %s\n", "-S, --ssl"); printf (" %s\n", _("Use SSL for the connection.")); + printf (" %s\n", "--sni=STRING"); + printf (" %s\n", _("SSL server_name")); #endif printf (UT_WARN_CRIT); diff --git a/plugins/popen.c b/plugins/popen.c index 557fb44e..9eb49b62 100644 --- a/plugins/popen.c +++ b/plugins/popen.c @@ -39,9 +39,9 @@ *****************************************************************************/ #include "common.h" +#include "utils.h" /* extern so plugin has pid to kill exec'd process on timeouts */ -extern int timeout_interval; extern pid_t *childpid; extern int *child_stderr_array; extern FILE *child_process; @@ -76,8 +76,6 @@ RETSIGTYPE popen_timeout_alarm_handler (int); #define SIG_ERR ((Sigfunc *)-1) #endif -#define min(a,b) ((a) < (b) ? (a) : (b)) -#define max(a,b) ((a) > (b) ? (a) : (b)) char *pname = NULL; /* caller can set this from argv[0] */ diff --git a/plugins/popen.h b/plugins/popen.h index fc7e78e2..a5dd8fa7 100644 --- a/plugins/popen.h +++ b/plugins/popen.h @@ -7,7 +7,6 @@ FILE *spopen (const char *); int spclose (FILE *); RETSIGTYPE popen_timeout_alarm_handler (int); -extern unsigned int timeout_interval; pid_t *childpid=NULL; int *child_stderr_array=NULL; FILE *child_process=NULL; |