self.crit = crit
self.warn = warn
- def check(self, proto, host, port):
+ def check(self, proto, host, port, name):
context = SSLContext(PROTOCOL_TLSv1_2)
context.verify_mode = CERT_REQUIRED
context.load_verify_locations(self.cafile)
if hasattr(self, 'remote_check_%s' % proto):
- getattr(self, 'remote_check_%s' % proto)(context, host, port)
+ getattr(self, 'remote_check_%s' % proto)(context, host, port, name)
def remote_check_smtp(self, context, host, port):
smtp = SMTP(host, port)
return 2
cert = smtp.sock.getpeercert()
- return self.check_cert(cert, host, port)
+ return self.check_cert(cert, host, port, name)
- def remote_check_ssl(self, context, host, port):
+ def remote_check_ssl(self, context, host, port, name):
connection = context.wrap_socket(socket(AF_INET6),
- server_hostname=host)
+ server_hostname=name)
try:
connection.connect((host, port))
except SSLError:
return 2
cert = connection.getpeercert()
- return self.check_cert(cert, host, port)
+ return self.check_cert(cert, host, port, name)
- def check_cert(self, data, host, port):
+ def check_cert(self, data, host, port, name):
expiretimestamp = cert_time_to_seconds(data['notAfter'])
delta = datetime.utcfromtimestamp(expiretimestamp) - datetime.utcnow()
if delta < self.crit:
- print("CRIT (expires in %s) %s:%d" % (delta, host, port))
+ print("CRIT (expires in %s) %s:%d" % (delta, name, port))
return 2
elif delta < self.warn:
- print("WARN (expires in %s) %s:%d" % (delta, host, port))
+ print("WARN (expires in %s) %s:%d" % (delta, name, port))
return 1
def main():
timedelta(configuration['crit_days'] if 'crit_days' in configuration else 5))
try:
- hosts = [ (i[0], i[1], int(i[2])) for i in [ j.split(':', 2) for j in configuration['names'] ] ]
+ hosts = [ (i[0], i[1], int(i[2]), i[3] if len(i) == 4 else i[1]) for i in [ j.split(':', 3) for j in configuration['names'] ] ]
except (ValueError, IndexError):
parser.error("names need to be in PROTO:DNSNAME:PORT format")
- for proto, host, port in hosts:
- verifier.check(proto, host, port)
+ for proto, host, port, name in hosts:
+ verifier.check(proto, host, port, name)
if __name__ == "__main__":
main()