[pkg-nagios-changes] [Git][nagios-team/pkg-nagios-plugins-contrib][master] check_ssl_cert: Update to 1.85.0
Jan Wagner
gitlab at salsa.debian.org
Thu Jun 6 11:24:04 BST 2019
Jan Wagner pushed to branch master at Debian Nagios Maintainer Group / pkg-nagios-plugins-contrib
Commits:
20d535f8 by Jan Wagner at 2019-06-06T09:39:52Z
check_ssl_cert: Update to 1.85.0
- - - - -
23 changed files:
- − check_ssl_cert/check_ssl_cert-1.83.0/VERSION
- check_ssl_cert/check_ssl_cert-1.83.0/._COPYRIGHT → check_ssl_cert/check_ssl_cert-1.85.0/._COPYRIGHT
- check_ssl_cert/check_ssl_cert-1.83.0/._Makefile → check_ssl_cert/check_ssl_cert-1.85.0/._Makefile
- check_ssl_cert/check_ssl_cert-1.83.0/._NEWS → check_ssl_cert/check_ssl_cert-1.85.0/._NEWS
- check_ssl_cert/check_ssl_cert-1.83.0/._check_ssl_cert → check_ssl_cert/check_ssl_cert-1.85.0/._check_ssl_cert
- check_ssl_cert/check_ssl_cert-1.83.0/AUTHORS → check_ssl_cert/check_ssl_cert-1.85.0/AUTHORS
- check_ssl_cert/check_ssl_cert-1.83.0/COPYING → check_ssl_cert/check_ssl_cert-1.85.0/COPYING
- check_ssl_cert/check_ssl_cert-1.83.0/COPYRIGHT → check_ssl_cert/check_ssl_cert-1.85.0/COPYRIGHT
- check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog → check_ssl_cert/check_ssl_cert-1.85.0/ChangeLog
- check_ssl_cert/check_ssl_cert-1.83.0/INSTALL → check_ssl_cert/check_ssl_cert-1.85.0/INSTALL
- check_ssl_cert/check_ssl_cert-1.83.0/Makefile → check_ssl_cert/check_ssl_cert-1.85.0/Makefile
- check_ssl_cert/check_ssl_cert-1.83.0/NEWS → check_ssl_cert/check_ssl_cert-1.85.0/NEWS
- check_ssl_cert/check_ssl_cert-1.83.0/README.md → check_ssl_cert/check_ssl_cert-1.85.0/README.md
- check_ssl_cert/check_ssl_cert-1.83.0/TODO → check_ssl_cert/check_ssl_cert-1.85.0/TODO
- + check_ssl_cert/check_ssl_cert-1.85.0/VERSION
- check_ssl_cert/check_ssl_cert-1.83.0/check_ssl_cert → check_ssl_cert/check_ssl_cert-1.85.0/check_ssl_cert
- check_ssl_cert/check_ssl_cert-1.83.0/check_ssl_cert.1 → check_ssl_cert/check_ssl_cert-1.85.0/check_ssl_cert.1
- check_ssl_cert/check_ssl_cert-1.83.0/check_ssl_cert.spec → check_ssl_cert/check_ssl_cert-1.85.0/check_ssl_cert.spec
- check_ssl_cert/check_ssl_cert-1.83.0/test/cabundle.crt → check_ssl_cert/check_ssl_cert-1.85.0/test/cabundle.crt
- check_ssl_cert/check_ssl_cert-1.83.0/test/cacert.crt → check_ssl_cert/check_ssl_cert-1.85.0/test/cacert.crt
- check_ssl_cert/check_ssl_cert-1.83.0/test/unit_tests.sh → check_ssl_cert/check_ssl_cert-1.85.0/test/unit_tests.sh
- check_ssl_cert/control
- check_ssl_cert/src
Changes:
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/VERSION deleted
=====================================
@@ -1 +0,0 @@
-1.82.0
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/._COPYRIGHT → check_ssl_cert/check_ssl_cert-1.85.0/._COPYRIGHT
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/._Makefile → check_ssl_cert/check_ssl_cert-1.85.0/._Makefile
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/._NEWS → check_ssl_cert/check_ssl_cert-1.85.0/._NEWS
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/._check_ssl_cert → check_ssl_cert/check_ssl_cert-1.85.0/._check_ssl_cert
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/AUTHORS → check_ssl_cert/check_ssl_cert-1.85.0/AUTHORS
=====================================
@@ -79,4 +79,6 @@ Thanks:
* Many thanks to Jonas Meurer (https://github.com/mejo-) for the IMAP / IMAPS fix
* Many thanks to Mathieu Simon (https://github.com/matsimon) for the IMAPS and POP3S patch
* Many thanks to Nico (https://github.com/nicox) for the SSLlabs patch
-* Many thanks to barakAtSoluto (https://github.com/barakAtSoluto) for the SSLlabs warning patch
\ No newline at end of file
+* Many thanks to barakAtSoluto (https://github.com/barakAtSoluto) for the SSLlabs warning patch
+* Many thanks to Valentin Heidelberger (https://github.com/va1entin) for the cURL user agent patch
+* Many thanks to Tone (https://github.com/anthonyhaussman) for the warning message improvement patch
\ No newline at end of file
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/COPYING → check_ssl_cert/check_ssl_cert-1.85.0/COPYING
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/COPYRIGHT → check_ssl_cert/check_ssl_cert-1.85.0/COPYRIGHT
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/ChangeLog → check_ssl_cert/check_ssl_cert-1.85.0/ChangeLog
=====================================
@@ -1,3 +1,11 @@
+2019-06-02 Matteo Corti <corti at macmini.home>
+
+ * check_ssl_cert (critical): Return the filename when using --file by warnings
+
+2019-03-28 Matteo Corti <matteo at corti.li>
+
+ * check_ssl_cert: added an option to specify a user agent for cURL
+
2019-02-27 Matteo Corti <matteo at corti.li>
* test/unit_tests.sh (testMultipleAltNamesFailTwo): removed outdated tests
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/INSTALL → check_ssl_cert/check_ssl_cert-1.85.0/INSTALL
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/Makefile → check_ssl_cert/check_ssl_cert-1.85.0/Makefile
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/NEWS → check_ssl_cert/check_ssl_cert-1.85.0/NEWS
=====================================
@@ -1,3 +1,6 @@
+2019-06-02 Version 1.85.0: Improved the warnings when using the --file option
+2019-03-28 Version 1.84.0: Added an option to specify the cURL user agent
+2019-03-01 Version 1.83.0: Spelling corrections
2019-02-08 Version 1.82.0: Added a check on the readability of the certificate file
2019-02-01 Version 1.81.0: Added an option to specify a warning level with SSL Labs
2019-01-16 Version 1.80.1: Fixed a problem on systems not supporting echo -e
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/README.md → check_ssl_cert/check_ssl_cert-1.85.0/README.md
=====================================
@@ -29,6 +29,7 @@ Options:
-c,--critical days minimum number of days a certificate has to be valid
to issue a critical status
--curl-bin path path of the curl binary to be used
+ --curl-user-agent string user agent that curl shall use to obtain the issuer cert
-d,--debug produces debugging output
--ecdsa cipher selection: force ECDSA authentication
-e,--email address pattern to match the email address contained in the
@@ -119,7 +120,7 @@ See: http://en.wikipedia.org/wiki/Expect
## Virtual servers
-check_ssl_client supports the servername TLS extension in ClientHello
+check_ssl_cert supports the servername TLS extension in ClientHello
if the installed openssl version provides it. This is needed if you
are checking a machine with virtual hosts.
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/TODO → check_ssl_cert/check_ssl_cert-1.85.0/TODO
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.85.0/VERSION
=====================================
@@ -0,0 +1 @@
+1.85.0
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/check_ssl_cert → check_ssl_cert/check_ssl_cert-1.85.0/check_ssl_cert
=====================================
@@ -19,7 +19,7 @@
################################################################################
# Constants
-VERSION=1.82.0
+VERSION=1.85.0
SHORTNAME="SSL_CERT"
VALID_ATTRIBUTES=",startdate,enddate,subject,issuer,serial,modulus,serial,hash,email,ocsp_uri,fingerprint,"
@@ -60,6 +60,7 @@ usage() {
echo " -c,--critical days minimum number of days a certificate has to be valid"
echo " to issue a critical status"
echo " --curl-bin path path of the curl binary to be used"
+ echo " --curl-user-agent string user agent that curl shall use to obtain the issuer cert"
echo " -d,--debug produces debugging output"
echo " --ecdsa cipher selection: force ECDSA authentication"
echo " -e,--email address pattern to match the email address contained in the"
@@ -211,6 +212,8 @@ critical() {
if [ -n "${HOST}" ] ; then
if [ -n "${SNI}" ] ; then
tmp=" ${SNI}"
+ elif [ -n "${FILE}" ] ; then
+ tmp=" ${FILE}"
else
tmp=" ${HOST}"
fi
@@ -228,6 +231,8 @@ warning() {
if [ -n "${HOST}" ] ; then
if [ -n "${SNI}" ] ; then
tmp=" ${SNI}"
+ elif [ -n "${FILE}" ] ; then
+ tmp=" ${FILE}"
else
tmp=" ${HOST}"
fi
@@ -245,6 +250,8 @@ unknown() {
if [ -n "${HOST}" ] ; then
if [ -n "${SNI}" ] ; then
tmp=" ${SNI}"
+ elif [ -n "${FILE}" ] ; then
+ tmp=" ${FILE}"
else
tmp=" ${HOST}"
fi
@@ -542,6 +549,7 @@ main() {
OPENSSL=""
FILE_BIN=""
CURL_BIN=""
+ CURL_USER_AGENT=""
IGNORE_SSL_LABS_CACHE=""
PORT="443"
XMPPPORT="5222"
@@ -701,6 +709,14 @@ main() {
unknown "--curl-bin requires an argument"
fi
;;
+ --curl-user-agent)
+ if [ $# -gt 1 ]; then
+ CURL_USER_AGENT="$2"
+ shift 2
+ else
+ unknown "--curl-user-agent requires an argument"
+ fi
+ ;;
# Deprecated option: used to be as --warning
--days)
if [ $# -gt 1 ]; then
@@ -2157,7 +2173,11 @@ EOF
echo "[DBG] OCSP: fetching issuer certificate ${ISSUER_URI} to ${ISSUER_CERT_TMP}"
fi
- exec_with_timeout "$TIMEOUT" "${CURL_BIN} --silent --location ${ISSUER_URI} > ${ISSUER_CERT_TMP}"
+ if [ -n "${CURL_USER_AGENT}" ] ; then
+ exec_with_timeout "$TIMEOUT" "${CURL_BIN} --silent --user-agent '${CURL_USER_AGENT}' --location ${ISSUER_URI} > ${ISSUER_CERT_TMP}"
+ else
+ exec_with_timeout "$TIMEOUT" "${CURL_BIN} --silent --location ${ISSUER_URI} > ${ISSUER_CERT_TMP}"
+ fi
if [ -n "${DEBUG}" ] ; then
@@ -2180,7 +2200,7 @@ EOF
else
- unknown "Unable to fetch a valid certificate issuer intermediate certificate."
+ unknown "Unable to fetch a valid certificate issuer certificate."
fi
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/check_ssl_cert.1 → check_ssl_cert/check_ssl_cert-1.85.0/check_ssl_cert.1
=====================================
@@ -1,7 +1,7 @@
.\" Process this file with
.\" groff -man -Tascii foo.1
.\"
-.TH "check_ssl_cert" 1 "February, 2019" "1.82.0" "USER COMMANDS"
+.TH "check_ssl_cert" 1 "June, 2019" "1.85.0" "USER COMMANDS"
.SH NAME
check_ssl_cert \- checks the validity of X.509 certificates
.SH SYNOPSIS
@@ -34,7 +34,10 @@ set passphrase for client certificate.
minimum number of days a certificate has to be valid to issue a critical status
.TP
.BR " --curl-bin" " path"
-path of the curl binary to be used"
+path of the curl binary to be used
+.TP
+.BR " --curl-user-agent" "string"
+user agent that curl shall use to obtain the issuer cert
.TP
.BR "-d,--debug"
produces debugging output
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/check_ssl_cert.spec → check_ssl_cert/check_ssl_cert-1.85.0/check_ssl_cert.spec
=====================================
@@ -1,4 +1,4 @@
-%define version 1.82.0
+%define version 1.85.0
%define release 0
%define sourcename check_ssl_cert
%define packagename nagios-plugins-check_ssl_cert
@@ -45,6 +45,15 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man1/%{sourcename}.1*
%changelog
+* Sun Jun 2 2019 Matteo Corti <matteo at corti.li> - 1.85.0-0
+- Updated to 1.85.0
+
+* Thu Mar 28 2019 Matteo Corti <matteo at corti.li> - 1.84.0-0
+- Updated to 1.84.0
+
+* Fri Mar 1 2019 Matteo Corti <matteo at corti.li> - 1.83.0-0
+- Updated to 1.83.0
+
* Fri Feb 8 2019 Matteo Corti <matteo at corti.li> - 1.82.0-0
- Updated to 1.82.0
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/test/cabundle.crt → check_ssl_cert/check_ssl_cert-1.85.0/test/cabundle.crt
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/test/cacert.crt → check_ssl_cert/check_ssl_cert-1.85.0/test/cacert.crt
=====================================
=====================================
check_ssl_cert/check_ssl_cert-1.83.0/test/unit_tests.sh → check_ssl_cert/check_ssl_cert-1.85.0/test/unit_tests.sh
=====================================
=====================================
check_ssl_cert/control
=====================================
@@ -1,7 +1,7 @@
Uploaders: Jan Wagner <waja at cyconet.org>
Recommends: curl, file, openssl
Suggests: expect
-Version: 1.83.0
+Version: 1.85.0
Homepage: https://github.com/matteocorti/check_ssl_cert
Watch: https://github.com/matteocorti/check_ssl_cert/releases check_ssl_cert-([0-9.]+)\.tar\.gz
Description: plugin to check the CA and validity of an
=====================================
check_ssl_cert/src
=====================================
@@ -1 +1 @@
-check_ssl_cert-1.83.0/
\ No newline at end of file
+check_ssl_cert-1.85.0/
\ No newline at end of file
View it on GitLab: https://salsa.debian.org/nagios-team/pkg-nagios-plugins-contrib/commit/20d535f8950abd0e34c869196bd0028c50b0c9cf
--
View it on GitLab: https://salsa.debian.org/nagios-team/pkg-nagios-plugins-contrib/commit/20d535f8950abd0e34c869196bd0028c50b0c9cf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-nagios-changes/attachments/20190606/bd9f145a/attachment-0001.html>
More information about the pkg-nagios-changes
mailing list