Module: monitoring-plugins
Branch: feature_check_curl
Commit: beb609ffcf8c24c133f59829e0d3d82102661b82
Author: Andreas Baumann <m...@andreasbaumann.cc>
Date: Thu May 27 15:32:08 2021 +0200
URL:
https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=beb609f
check_curl:
- added verbose output in verify_callback
- pin refcounting for certs (avoid subject extraction error when checking
certs in is_openssl_callback mode)
---
plugins/check_curl.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/plugins/check_curl.c b/plugins/check_curl.c
index 3e0a6f9..59e398b 100644
--- a/plugins/check_curl.c
+++ b/plugins/check_curl.c
@@ -285,6 +285,18 @@ int verify_callback(int preverify_ok, X509_STORE_CTX
*x509_ctx)
* TODO: is the last certificate always the server certificate?
*/
cert = X509_STORE_CTX_get_current_cert(x509_ctx);
+ X509_up_ref(cert);
+ if (verbose>=2) {
+ puts("* SSL verify callback with certificate:");
+ X509_NAME *subject, *issuer;
+ printf("* issuer:\n");
+ issuer = X509_get_issuer_name( cert );
+ X509_NAME_print_ex_fp(stdout, issuer, 5, XN_FLAG_MULTILINE);
+ printf("* curl verify_callback:\n* subject:\n");
+ subject = X509_get_subject_name( cert );
+ X509_NAME_print_ex_fp(stdout, subject, 5, XN_FLAG_MULTILINE);
+ puts("");
+ }
return 1;
}
