[Pkg-nagios-changes] [pkg-nagios-plugins-contrib] 03/03: check_ssl_cert: Update to 1.17.1
Jan Wagner
waja at moszumanska.debian.org
Tue May 19 11:43:17 UTC 2015
This is an automated email from the git hooks/post-receive script.
waja pushed a commit to branch master
in repository pkg-nagios-plugins-contrib.
commit c750062a3dc78a55817f7912fdfbc1a61557dbd6
Author: Jan Wagner <waja at cyconet.org>
Date: Tue May 12 12:31:52 2015 +0200
check_ssl_cert: Update to 1.17.1
---
check_ssl_cert/check_ssl_cert-1.17.0/VERSION | 1 -
.../AUTHORS | 1 +
.../COPYING | 0
.../COPYRIGHT | 12 +++++++++-
.../ChangeLog | 5 +++++
.../INSTALL | 0
.../Makefile | 0
.../NEWS | 1 +
.../README | 0
.../TODO | 0
check_ssl_cert/check_ssl_cert-1.17.1/VERSION | 1 +
.../check_ssl_cert | 26 +++++++++++++---------
.../check_ssl_cert.1 | 6 ++---
.../check_ssl_cert.spec | 5 ++++-
.../test/cabundle.crt | 0
.../test/cacert.crt | 0
.../test/unit_tests.sh | 0
check_ssl_cert/control | 2 +-
check_ssl_cert/src | 2 +-
19 files changed, 43 insertions(+), 19 deletions(-)
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/VERSION b/check_ssl_cert/check_ssl_cert-1.17.0/VERSION
deleted file mode 100644
index 092afa1..0000000
--- a/check_ssl_cert/check_ssl_cert-1.17.0/VERSION
+++ /dev/null
@@ -1 +0,0 @@
-1.17.0
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/AUTHORS b/check_ssl_cert/check_ssl_cert-1.17.1/AUTHORS
similarity index 97%
rename from check_ssl_cert/check_ssl_cert-1.17.0/AUTHORS
rename to check_ssl_cert/check_ssl_cert-1.17.1/AUTHORS
index 5d17e28..e87280b 100644
--- a/check_ssl_cert/check_ssl_cert-1.17.0/AUTHORS
+++ b/check_ssl_cert/check_ssl_cert-1.17.1/AUTHORS
@@ -36,6 +36,7 @@ Thanks:
* Many thanks to Andreas Dijkman for the RPM dependencies patch
* Many thanks to Lawren Quigley-Jones for the common name patch
* Many thanks to Ryan Nowakowski for the OCSP patch
+* Many thanks to J�r�my Lecour for the review and corrections
# File version information:
# $Id: AUTHORS 1103 2009-12-07 07:49:19Z corti $
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/COPYING b/check_ssl_cert/check_ssl_cert-1.17.1/COPYING
similarity index 100%
rename from check_ssl_cert/check_ssl_cert-1.17.0/COPYING
rename to check_ssl_cert/check_ssl_cert-1.17.1/COPYING
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/COPYRIGHT b/check_ssl_cert/check_ssl_cert-1.17.1/COPYRIGHT
similarity index 80%
rename from check_ssl_cert/check_ssl_cert-1.17.0/COPYRIGHT
rename to check_ssl_cert/check_ssl_cert-1.17.1/COPYRIGHT
index e16f661..b063302 100644
--- a/check_ssl_cert/check_ssl_cert-1.17.0/COPYRIGHT
+++ b/check_ssl_cert/check_ssl_cert-1.17.1/COPYRIGHT
@@ -1,5 +1,6 @@
- Copyright (c) 2007-2012 ETH Zurich
+ Copyright (c) 2007-2013 ETH Zurich
+ Copyright (c) 2007-2015 Matteo Corti
with the following individuals added to the list of Contributing Authors
@@ -15,6 +16,15 @@ with the following individuals added to the list of Contributing Authors
Tuomas Haarala
Wolfgang Schricker
Yannick Gravel
+ Jim Hopp
+ Javier Gonel
+ Christian Ruppert
+ Robin H. Johnson
+ Max Winterstein
+ Colin Smith
+ Andreas Dijkman
+ Ryan Nowakowski
+ J�r�my Lecour
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/ChangeLog b/check_ssl_cert/check_ssl_cert-1.17.1/ChangeLog
similarity index 98%
rename from check_ssl_cert/check_ssl_cert-1.17.0/ChangeLog
rename to check_ssl_cert/check_ssl_cert-1.17.1/ChangeLog
index e3f7d92..a74df63 100644
--- a/check_ssl_cert/check_ssl_cert-1.17.0/ChangeLog
+++ b/check_ssl_cert/check_ssl_cert-1.17.1/ChangeLog
@@ -1,3 +1,8 @@
+2015-04-07 Matteo Corti <matteo at corti.li>
+
+ * check_ssl_cert: corrected some typos (thanks to J�r�my Lecour)
+ * check_ssl_cert: removed check on the openssl binary name
+
2014-10-21 Matteo Corti <matteo at corti.li>
* check_ssl_cert: added a patch to check revocation via OCSP (thanks
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/INSTALL b/check_ssl_cert/check_ssl_cert-1.17.1/INSTALL
similarity index 100%
rename from check_ssl_cert/check_ssl_cert-1.17.0/INSTALL
rename to check_ssl_cert/check_ssl_cert-1.17.1/INSTALL
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/Makefile b/check_ssl_cert/check_ssl_cert-1.17.1/Makefile
similarity index 100%
rename from check_ssl_cert/check_ssl_cert-1.17.0/Makefile
rename to check_ssl_cert/check_ssl_cert-1.17.1/Makefile
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/NEWS b/check_ssl_cert/check_ssl_cert-1.17.1/NEWS
similarity index 98%
rename from check_ssl_cert/check_ssl_cert-1.17.0/NEWS
rename to check_ssl_cert/check_ssl_cert-1.17.1/NEWS
index 799d587..23d8118 100644
--- a/check_ssl_cert/check_ssl_cert-1.17.0/NEWS
+++ b/check_ssl_cert/check_ssl_cert-1.17.1/NEWS
@@ -1,3 +1,4 @@
+2015-04-07 Version 1.17.1 Fixed the check on the openssl binary
2014-10-21 Version 1.17.0 Added an option to check revocation via OCSP
2014-06-06 Version 1.16.2 Fixed a problem with -servername when -n was not specified
2014-02-28 Version 1.16.1 Added a Make target for the RPM package
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/README b/check_ssl_cert/check_ssl_cert-1.17.1/README
similarity index 100%
rename from check_ssl_cert/check_ssl_cert-1.17.0/README
rename to check_ssl_cert/check_ssl_cert-1.17.1/README
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/TODO b/check_ssl_cert/check_ssl_cert-1.17.1/TODO
similarity index 100%
rename from check_ssl_cert/check_ssl_cert-1.17.0/TODO
rename to check_ssl_cert/check_ssl_cert-1.17.1/TODO
diff --git a/check_ssl_cert/check_ssl_cert-1.17.1/VERSION b/check_ssl_cert/check_ssl_cert-1.17.1/VERSION
new file mode 100644
index 0000000..511a76e
--- /dev/null
+++ b/check_ssl_cert/check_ssl_cert-1.17.1/VERSION
@@ -0,0 +1 @@
+1.17.1
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert b/check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert
similarity index 97%
rename from check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert
rename to check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert
index 2ff0135..b0e0623 100755
--- a/check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert
+++ b/check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert
@@ -19,15 +19,15 @@
# enable substitution with:
# $ svn propset svn:keywords "Id Revision HeadURL Source Date"
#
-# $Id: check_ssl_cert 1384 2014-11-29 15:08:58Z corti $
-# $Revision: 1384 $
+# $Id: check_ssl_cert 1442 2015-04-07 14:06:03Z corti $
+# $Revision: 1442 $
# $HeadURL: https://svn.id.ethz.ch/nagios_plugins/check_ssl_cert/check_ssl_cert $
-# $Date: 2014-11-29 16:08:58 +0100 (Sat, 29 Nov 2014) $
+# $Date: 2015-04-07 16:06:03 +0200 (Tue, 07 Apr 2015) $
################################################################################
# Constants
-VERSION=1.17.0
+VERSION=1.17.1
SHORTNAME="SSL_CERT"
VALID_ATTRIBUTES=",startdate,enddate,subject,issuer,modulus,serial,hash,email,ocsp_uri,fingerprint,"
@@ -85,7 +85,7 @@ usage() {
echo " -s,--selfsigned allows self-signed certificates"
echo " -S,--ssl version force SSL version (2,3)"
echo " -r,--rootcert path root certificate or directory to be used for"
- echo " certficate validation"
+ echo " certificate validation"
echo " -t,--timeout seconds timeout after the specified time"
echo " (defaults to 15 seconds)"
echo " --temp dir directory where to store the temporary files"
@@ -490,7 +490,7 @@ main() {
if [ ! -x "${OPENSSL}" ] ; then
unknown "${OPENSSL} ist not an executable"
fi
- if [ "${OPENSSL##*/}" != 'openssl' ] ; then
+ if ! "${OPENSSL}" list-standard-commands | grep -q s_client ; then
unknown "${OPENSSL} ist not an openssl executable"
fi
fi
@@ -820,11 +820,15 @@ EOF
if file "${ISSUER_CERT}" | grep -q ': data' ; then
openssl x509 -inform DER -outform PEM -in "${ISSUER_CERT}" -out "${ISSUER_CERT}"
fi
-
- if "$OPENSSL" ocsp -no_nonce -issuer "${ISSUER_CERT}" -cert "${CERT}" -url "${OCSP_URI}" 2>&1 | grep -qi "revoked" ; then
- critical "certificate is revoked"
+ OCSP_HOST=$(echo ${OCSP_URI} | sed -e "s?.*//\([^/]\+\)/.*?\1?g")
+ OCSP_RESP=$($OPENSSL ocsp -no_nonce -issuer "${ISSUER_CERT}" -cert "${CERT}" -url "${OCSP_URI}" -header "HOST" "${OCSP_HOST}" 2>&1 | grep -i "ssl_cert")
+ if echo "${OCSP_RESP}" | grep -qi "revoked" ; then
+ critical "certifiicate is revoked"
+ elif ! $(echo "${OCSP_RESP}" | grep -qi "good") ; then
+ echo "### ${OCSP_RESP}"
+ warning "${OCSP_RESP}"
fi
-
+
fi
################################################################################
@@ -852,7 +856,7 @@ EOF
fi
if [ -z "${EMAIL}" ] ; then
- critical "the certficate does not contain an email address"
+ critical "the certificate does not contain an email address"
fi
if ! echo "$EMAIL" | grep -q "^$ADDR" ; then
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert.1 b/check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert.1
similarity index 94%
rename from check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert.1
rename to check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert.1
index 01b997b..6ba34e4 100644
--- a/check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert.1
+++ b/check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert.1
@@ -1,7 +1,7 @@
.\" Process this file with
.\" groff -man -Tascii foo.1
.\"
-.TH "check_ssl_cert" 1 "October, 2014" "1.17.0" "USER COMMANDS"
+.TH "check_ssl_cert" 1 "April, 2015" "1.17.1" "USER COMMANDS"
.SH NAME
check_ssl_cert \- checks the validity of X.509 certificates
.SH SYNOPSIS
@@ -106,9 +106,9 @@ x509(1), openssl(1), expect(1), timeout(1)
.SH "EXIT STATUS"
check_ssl_cert returns a zero exist status if it finds no errors, 1 for warnings, 2 for a critical errors and 3 for unknown problems
.SH BUGS
-Please report bugs to: Matteo Corti (matteo.corti (at) id.ethz.ch)
+Please report bugs to: Matteo Corti (matteo (at) corti.li )
.SH AUTHOR
-Matteo Corti (matteo.corti (at) id.ethz.ch)
+Matteo Corti (matteo (at) corti.li )
See the AUTHORS file for the complete list of contributors
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert.spec b/check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert.spec
similarity index 98%
rename from check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert.spec
rename to check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert.spec
index bed6bcd..422c048 100644
--- a/check_ssl_cert/check_ssl_cert-1.17.0/check_ssl_cert.spec
+++ b/check_ssl_cert/check_ssl_cert-1.17.1/check_ssl_cert.spec
@@ -6,7 +6,7 @@
# $Date: 2010-02-16 21:06:11 +0100 (Tue, 16 Feb 2010) $
################################################################################
-%define version 1.17.0
+%define version 1.17.1
%define release 0
%define sourcename check_ssl_cert
%define packagename nagios-plugins-check_ssl_cert
@@ -53,6 +53,9 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/%{sourcename}.1*
%changelog
+* Tue Apr 7 2015 Matteo Corti <matteo at corti.li> - 1.17.1-0
+- Updated to 1.17.1
+
* Tue Oct 21 2014 Matteo Corti <matteo at corti.li> - 1.17.0-0
- Updated to 1.17.0
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/test/cabundle.crt b/check_ssl_cert/check_ssl_cert-1.17.1/test/cabundle.crt
similarity index 100%
rename from check_ssl_cert/check_ssl_cert-1.17.0/test/cabundle.crt
rename to check_ssl_cert/check_ssl_cert-1.17.1/test/cabundle.crt
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/test/cacert.crt b/check_ssl_cert/check_ssl_cert-1.17.1/test/cacert.crt
similarity index 100%
rename from check_ssl_cert/check_ssl_cert-1.17.0/test/cacert.crt
rename to check_ssl_cert/check_ssl_cert-1.17.1/test/cacert.crt
diff --git a/check_ssl_cert/check_ssl_cert-1.17.0/test/unit_tests.sh b/check_ssl_cert/check_ssl_cert-1.17.1/test/unit_tests.sh
similarity index 100%
rename from check_ssl_cert/check_ssl_cert-1.17.0/test/unit_tests.sh
rename to check_ssl_cert/check_ssl_cert-1.17.1/test/unit_tests.sh
diff --git a/check_ssl_cert/control b/check_ssl_cert/control
index a6bf34d..71fc9c1 100644
--- a/check_ssl_cert/control
+++ b/check_ssl_cert/control
@@ -1,7 +1,7 @@
Uploaders: Jan Wagner <waja at cyconet.org>
Recommends: openssl
Suggests: expect
-Version: 1.17.0
+Version: 1.17.1
Homepage: https://trac.id.ethz.ch/projects/nagios_plugins/wiki/check_ssl_cert
Watch: https://trac.id.ethz.ch/projects/nagios_plugins/wiki/check_ssl_cert check_ssl_cert-([0-9.]+)\.tar\.gz
Description: plugin to check the CA and validity of an
diff --git a/check_ssl_cert/src b/check_ssl_cert/src
index 8a17da8..9d81076 120000
--- a/check_ssl_cert/src
+++ b/check_ssl_cert/src
@@ -1 +1 @@
-check_ssl_cert-1.17.0/
\ No newline at end of file
+check_ssl_cert-1.17.1
\ No newline at end of file
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-nagios/pkg-nagios-plugins-contrib.git
More information about the Pkg-nagios-changes
mailing list