|
[-]
[+]
|
Changed |
check_ssl_cert.changes
|
|
|
|
[-]
[+]
|
Changed |
check_ssl_cert.spec
^
|
|
|
|
[-]
[+]
|
Changed |
check_ssl_cert-1.14.6.tar.bz2/AUTHORS
^
|
| @@ -29,6 +29,8 @@
certain versions of OpenSSL and TLS extensions
* Many thanks to Jim Hopp for the "No certificate returned" enhancement patch
* Many thanks to Javier Gonel for the TLS servername patch
+* Many thanks to Christian Ruppert for the XMPP patch
+* Many thanks to Robin H. Johnson for the 'timeout' patch
# File version information:
# $Id: AUTHORS 1103 2009-12-07 07:49:19Z corti $
|
|
[-]
[+]
|
Changed |
check_ssl_cert-1.14.6.tar.bz2/NEWS
^
|
| @@ -1,3 +1,5 @@
+2013-05-12 Version 1.14.6 Added XMPP and timeout support (thanks to Christian
+ Ruppert and Robin H. Johnson)
2013-03-02 Version 1.14.5 Fixed a bug occuring with TLS and multiple names in
the certificate
2012-12-07 Version 1.14.4 Fixed a bug causing -N to always compare the CN
|
|
[-]
[+]
|
Changed |
check_ssl_cert-1.14.6.tar.bz2/VERSION
^
|
| @@ -1 +1 @@
-1.14.5
+1.14.6
|
|
[-]
[+]
|
Changed |
check_ssl_cert-1.14.6.tar.bz2/check_ssl_cert
^
|
| @@ -19,15 +19,15 @@
# enable substitution with:
# $ svn propset svn:keywords "Id Revision HeadURL Source Date"
#
-# $Id: check_ssl_cert 1322 2012-12-07 08:02:11Z corti $
-# $Revision: 1322 $
+# $Id: check_ssl_cert 1336 2013-05-12 09:50:03Z corti $
+# $Revision: 1336 $
# $HeadURL: https://svn.id.ethz.ch/nagios_plugins/check_ssl_cert/check_ssl_cert $
-# $Date: 2012-12-07 09:02:11 +0100 (Fri, 07 Dec 2012) $
+# $Date: 2013-05-12 11:50:03 +0200 (Sun, 12 May 2013) $
################################################################################
# Constants
-VERSION=1.14.5
+VERSION=1.14.6
SHORTNAME="SSL_CERT"
VALID_ATTRIBUTES=",startdate,enddate,subject,issuer,modulus,serial,hash,email,ocsp_uri,fingerprint,"
@@ -78,7 +78,7 @@
echo " -o,--org org pattern to match the organization of the certificate"
echo " --openssl path path of the openssl binary to be used"
echo " -p,--port port TCP port"
- echo " -P,--protocol protocol use the specific protocol {http|smtp|pop3|imap|ftp}"
+ echo " -P,--protocol protocol use the specific protocol {http|smtp|pop3|imap|ftp|xmpp}"
echo " http: default"
echo " smtp,pop3,imap,ftp: switch to TLS"
echo " -s,--selfsigned allows self-signed certificates"
@@ -145,7 +145,7 @@
# $1 timeout in seconds
# $2 command
# Returns 1 if timed out 0 otherwise
-timeout() {
+exec_with_timeout() {
time=$1
@@ -153,7 +153,12 @@
# (spawn accepts one command)
command="/bin/sh -c \"$2\""
- if [ -n "${EXPECT}" ] ; then
+ if [ -n "${TIMEOUT_BIN}" ] ; then
+
+ eval "${TIMEOUT_BIN} $time $command"
+
+ elif [ -n "${EXPECT}" ] ; then
+
expect -c "set echo \"-noecho\"; set timeout $time; spawn -noecho $command; expect timeout { exit 1 } eof { exit 0 }"
if [ $? = 1 ] ; then
@@ -195,9 +200,9 @@
case "${PROTOCOL}" in
- smtp|pop3|imap|ftp)
+ smtp|pop3|imap|ftp|xmpp)
-timeout $TIMEOUT "echo 'Q' | $OPENSSL s_client ${CLIENT} ${CLIENTPASS} -starttls ${PROTOCOL} -connect $HOST:$PORT ${SERVERNAME} -verify 6 ${ROOT_CA} 2> ${ERROR} 1> ${CERT}"
+exec_with_timeout $TIMEOUT "echo 'Q' | $OPENSSL s_client ${CLIENT} ${CLIENTPASS} -starttls ${PROTOCOL} -connect $HOST:$PORT ${SERVERNAME} -verify 6 ${ROOT_CA} 2> ${ERROR} 1> ${CERT}"
;;
*)
@@ -210,7 +215,7 @@
if [ "${HOST}" = "localhost" ] ; then
- timeout $TIMEOUT "/bin/cat '${FILE}' 2> ${ERROR} 1> ${CERT}"
+ exec_with_timeout $TIMEOUT "/bin/cat '${FILE}' 2> ${ERROR} 1> ${CERT}"
else
@@ -220,7 +225,7 @@
else
-timeout $TIMEOUT "echo 'Q' | $OPENSSL s_client ${CLIENT} ${CLIENTPASS} -connect $HOST:$PORT ${SERVERNAME} -verify 6 ${ROOT_CA} 2> ${ERROR} 1> ${CERT}"
+exec_with_timeout $TIMEOUT "echo 'Q' | $OPENSSL s_client ${CLIENT} ${CLIENTPASS} -connect $HOST:$PORT ${SERVERNAME} -verify 6 ${ROOT_CA} 2> ${ERROR} 1> ${CERT}"
fi
@@ -485,8 +490,27 @@
# Expect (optional)
EXPECT=$(which expect 2> /dev/null)
test -x "${EXPECT}" || EXPECT=""
- if [ -z "${EXPECT}" ] && [ -n "${VERBOSE}" ] ; then
- echo "Expect not found: disabling timeouts"
+ if [ -n "${VERBOSE}" ] ; then
+ if [ -z "${EXPECT}" ] ; then
+ echo "expect not available"
+ else
+ echo "expect available (${EXPECT})"
+ fi
+ fi
+
+ # Timeout (optional)
+ TIMEOUT_BIN=$(which timeout 2> /dev/null)
+ test -x "${TIMEOUT_BIN}" || TIMEOUT_BIN=""
+ if [ -n "${VERBOSE}" ] ; then
+ if [ -z "${TIMEOUT_BIN}" ] ; then
+ echo "timeout not available"
+ else
+ echo "timeout available (${TIMEOUT_BIN})"
+ fi
+ fi
+
+ if [ -z "${TIMEOUT_BIN}" ] && [ -z "${EXPECT}" ] && [ -n "${VERBOSE}" ] ; then
+ echo "disabling timeouts"
fi
# Perl with Date::Parse (optional)
|
|
[-]
[+]
|
Changed |
check_ssl_cert-1.14.6.tar.bz2/check_ssl_cert.1
^
|
| @@ -1,7 +1,7 @@
.\" Process this file with
.\" groff -man -Tascii foo.1
.\"
-.TH "check_ssl_cert" 1 "July, 2012" "1.14.5" "USER COMMANDS"
+.TH "check_ssl_cert" 1 "May, 2013" "1.14.6" "USER COMMANDS"
.SH NAME
check_ssl_cert \- checks the validity of X.509 certificates
.SH SYNOPSIS
@@ -93,7 +93,7 @@
minimum number of days a certificate has to be valid (see --critical and --warning)
.SH "SEE ALSO"
-x509(1), openssl(1), expect(1)
+x509(1), openssl(1), expect(1), timeout(1)
.SH "EXIT STATUS"
check_ssl_cert returns a zero exist status if it finds no errors, 1 for warnings, 2 for a critical errors and 3 for unknown problems
.SH BUGS
|
|
[-]
[+]
|
Changed |
check_ssl_cert-1.14.6.tar.bz2/check_ssl_cert.spec
^
|
| @@ -6,7 +6,7 @@
# $Date: 2010-02-16 21:06:11 +0100 (Tue, 16 Feb 2010) $
################################################################################
-%define version 1.14.5
+%define version 1.14.6
%define release 0
%define sourcename check_ssl_cert
%define packagename nagios-plugins-check_ssl_cert
@@ -53,6 +53,9 @@
%{_mandir}/man1/%{sourcename}.1*
%changelog
+* Sun May 12 2013 Matteo Corti <matteo.corti@id.ethz.ch> - 1.14.6-0
+- Updated to 1.16.6 (timeout and XMPP support)
+
* Sat Mar 2 2013 Matteo Corti <matteo.corti@id.ethz.ch> - 1.14.5-0
- Updated to 1.14.5 (TLS and multiple names fix)
|
