Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code
Issues
All Issues

Delta Between Two Patch Sets: check_ssl_cert.sh

Issue 29792596: #3298 - SSL monitoring script for icinga (Closed)
Left Patch Set: #3298 - SSL monitoring script for icinga Created June 5, 2018, 4:10 p.m.
Right Patch Set: #3298 - SSL monitoring script for icinga Created July 4, 2018, 2:33 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
Left: Side by side diff | Download
Right: Side by side diff | Download
« no previous file with change/comment | « no previous file | no next file » | no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
LEFTRIGHT
1 #!/bin/sh 1 #!/bin/sh
2 2
3 # Icinga plugin that checks how many days are left until SSL certificate expires 3 # Icinga plugin that checks how many days are left
4 # Usage: <PluginDir>/check_ssl_cert -H <HOSTNAME> -P <PORT> -c <CRITICAL> -w <WA RNING> 4 # until SSL certificate expires.
5 # Usage:
6 # $PLUGIN_DIR/check_ssl_cert.sh -H $HOST -P $PORT -c $CRITICAL -w $WARNING
5 7
6 PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" 8 get_ssl_expiry_date() {
9 openssl s_client -connect "$1:$2" </dev/null 2>/dev/null \
10 | openssl x509 -noout -enddate 2>/dev/null
11 }
7 12
8 CURRENT_DATE=`date +%y%m%d` 13 CURRENT_DATE=`date +%y%m%d`
9 HOST="$2" 14 HOST="$2"
10 PORT="$4" 15 PORT="$4"
11 CRITICAL="$6" 16 CRITICAL="$6"
12 WARNING="$8" 17 WARNING="$8"
13 STATE_OK=0 18 STATE_OK=0
14 STATE_WARNING=1 19 STATE_WARNING=1
15 STATE_CRITICAL=2 20 STATE_CRITICAL=2
16 STATE_UNKNOWN=3 21 STATE_UNKNOWN=3
22 OUTPUT=`get_ssl_expiry_date "$HOST" "$PORT"`
17 23
18 OUTPUT=`openssl s_client -connect "$HOST":"$PORT" </dev/null 2>/dev/null | opens sl x509 -noout -enddate 2>/dev/null` 24 if [ -z "$OUTPUT" ]
mathias 2018/06/05 16:24:19 Please place this in a function() and invoke it to
19
20 if [ ! "$OUTPUT" ]
21 then 25 then
22 echo "UNKNOWN - Could not connect to $HOST via port $PORT" 26 echo "UNKNOWN - Could not connect to $HOST via port $PORT"
23 exit "$STATE_UNKNOWN" 27 exit "$STATE_UNKNOWN"
24 fi 28 fi
25 29
26 DAY=`echo "$OUTPUT" | awk '{print $2}'` 30 DAY=`echo "$OUTPUT" | awk '{printf "02d", $2}'`
27 MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-` 31 MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-`
28 YEAR=`echo "$OUTPUT" | awk '{print $4}'` 32 YEAR=`echo "$OUTPUT" | awk '{print $4}'`
29 33
30 case "$MONTH" in 34 case "$MONTH" in
31 35
32 "Jan") 36 "Jan")
33 MONTH="01" 37 MONTH="01"
34 ;; 38 ;;
35 "Feb") 39 "Feb")
36 MONTH="02" 40 MONTH="02"
(...skipping 27 matching lines...) Expand all
64 ;; 68 ;;
65 "Dec") 69 "Dec")
66 MONTH="12" 70 MONTH="12"
67 ;; 71 ;;
68 "*") 72 "*")
69 echo "An error occured" 73 echo "An error occured"
70 exit 1 74 exit 1
71 ;; 75 ;;
72 esac 76 esac
73 77
74 EXPIRY_DATE_IN_SEC=`date -d "$YEAR""$MONTH""$DAY" +%s` 78 EXPIRY_DATE_IN_SEC=`date -d "${YEAR}${MONTH}${DAY}" +%s`
mathias 2018/06/05 16:24:19 You can use "$YEAR$MONTH$DAY" or, even better, "${
75 CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s` 79 CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s`
76 DIFF=`expr "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC"` 80 DIFFERENCE=`expr \( "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC" \) / 86400`
77 DIFF=`expr "$DIFF" / 86400`
78 81
79 if [ "$DIFF" -le "$CRITICAL" ] 82 if [ "$DIFFERENCE" -le "$CRITICAL" ]
80 then 83 then
81 echo "CRITICAL - $HOST: SSL certificate has been expired!" 84 echo "CRITICAL - $HOST: SSL certificate has been expired!"
82 exit "$STATE_CRITICAL" 85 exit "$STATE_CRITICAL"
83 elif [ "$DIFF" -le "$WARNING" ] 86 elif [ "$DIFFERENCE" -le "$WARNING" ]
84 then 87 then
85 echo "WARNING - $HOST: SSL certificate will be expired in $DIFF days!" 88 echo "WARNING - $HOST: SSL certificate will be expired in $DIFFERENCE days!"
86 exit "$STATE_WARNING" 89 exit "$STATE_WARNING"
87 elif [ "$DIFF" -gt "$WARNING" ] 90 elif [ "$DIFFERENCE" -gt "$WARNING" ]
88 then 91 then
89 echo "OK - $HOST: SSL certificate will be expired in $DIFF days" 92 echo "OK - $HOST: SSL certificate will be expired in $DIFFERENCE days"
90 exit "$STATE_OK" 93 exit "$STATE_OK"
91 else 94 else
92 echo "UNKNOWN - $HOST: Could not retrieve data" 95 echo "UNKNOWN - $HOST: Could not retrieve data"
93 exit "$STATE_UNKNOWN" 96 exit "$STATE_UNKNOWN"
94 fi 97 fi
LEFTRIGHT
« no previous file | no next file » | Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Toggle Comments ('s')

Powered by Google App Engine
This is Rietveld