Fixes #448

matteocorti · Mar 16, 2023 · da339fc · da339fc
1 parent be99cd0
commit da339fc
Show file tree

Hide file tree

Showing 8 changed files with 34 additions and 7 deletions.
diff --git a/CITATION.cff b/CITATION.cff
@@ -248,8 +248,8 @@ authors:
   given-names: "Дилян"
   website: https://github.com/dilyanpalauzov
 title: "check_ssl_cert"
-version: 2.61.0
-date-released: 2023-03-09
+version: 2.62.0
+date-released: 2023-03-16
 url: "https://github.com/matteocorti/check_ssl_cert"
 repository-code: "https://github.com/matteocorti/check_ssl_cert"
 keywords:

diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,8 @@
+2023-03-16  Matteo Corti  <[email protected]>
+
+        * check_ssl_cert: unset TIMEOUT_REASON after the the context it should be used
+        * check_ssl_cert: added some more TIMEOUT_REASON messages
+
 2023-03-09  Matteo Corti  <[email protected]>
 
         * check_ssl_cert (main): Fixed the RSA algorithms

diff --git a/NEWS.md b/NEWS.md
@@ -1,5 +1,8 @@
 # News
 
+* 2023-03-16 Version 2.62.0
+  * Fixed the output in case of timeout
+  * Fixed the ciphers with ```--rsa```
 * 2023-03-09 Version 2.61.0
   * Fixed the algorithms used by ```--rsa```
 * 2023-02-15 Version 2.60.0

diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
@@ -1 +1,2 @@
-Fixed the algorithms used by ```--rsa```
+Fixed the output in case of timeout
+Fixed the ciphers with ```--rsa```
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-2.61.0
+2.62.0
diff --git a/check_ssl_cert b/check_ssl_cert
@@ -31,7 +31,7 @@
 ################################################################################
 # Constants
 
-VERSION=2.61.0
+VERSION=2.62.0
 SHORTNAME="SSL_CERT"
 
 VALID_ATTRIBUTES=",startdate,enddate,subject,issuer,modulus,serial,hash,email,ocsp_uri,fingerprint,"
@@ -106,6 +106,8 @@ fetch_http_headers() {
 
     if [ -z "${CACHED_HEADERS}" ]; then
 
+        TIMEOUT_REASON='Fetching HTTP headers'
+
         debuglog "Fetching headers"
 
         create_temporary_file
@@ -141,6 +143,8 @@ fetch_http_headers() {
             cp "${CACHED_HEADERS}" headers.txt
         fi
 
+        unset TIMEOUT_REASON
+
     fi
 
 }
@@ -1819,6 +1823,7 @@ check_crl() {
         else
             exec_with_timeout "${CURL_BIN} ${CURL_PROXY} ${CURL_PROXY_ARGUMENT} ${INETPROTO} --silent --location \\\"${CRL_URI}\\\" > ${CRL_TMP_DER}"
         fi
+        unset TIMEOUT_REASON
 
         # convert DER to
         debuglog "Converting ${CRL_TMP_DER} (DER) to ${CRL_TMP_PEM} (PEM)"
@@ -1937,6 +1942,7 @@ check_ocsp() {
                 else
                     exec_with_timeout "${CURL_BIN} ${CURL_PROXY} ${CURL_PROXY_ARGUMENT} ${INETPROTO} --silent --location \\\"${ELEMENT_ISSUER_URI}\\\" > ${ISSUER_CERT_TMP}"
                 fi
+                unset TIMEOUT_REASON
 
                 TYPE_TMP="$(${FILE_BIN} -L -b "${ISSUER_CERT_TMP}" | sed 's/.*://')"
                 debuglog "OCSP: issuer certificate type (1): ${TYPE_TMP}"
@@ -2615,6 +2621,8 @@ fetch_certificate() {
 
         fi
 
+        unset TIMEOUT_REASON
+
         debuglog "storing the certificate to ${CERT}"
         TYPE_TMP="$(${FILE_BIN} -L -b "${CERT}" | sed 's/.*://')"
         debuglog "certificate type (2): ${TYPE_TMP}"
@@ -4479,6 +4487,7 @@ main() {
             else
                 exec_with_timeout "${CURL_BIN} ${CURL_PROXY} ${CURL_PROXY_ARGUMENT} ${INETPROTO} --silent --location \\\"${FILE_URI}\\\" > ${FILE}"
             fi
+            unset TIMEOUT_REASON
 
             if [ ! -r "${FILE}" ]; then
                 critical "Cannot fetch ${FILE_URI}"
@@ -5425,6 +5434,7 @@ main() {
                 RET=$?
                 ;;
             esac
+            unset TIMEOUT_REASON
 
             if [ "${RET}" -eq 1 ]; then
 
@@ -6174,6 +6184,7 @@ INPUT
             # -Pn is needed even if we specify a port
             TIMEOUT_REASON="checking ciphers"
             exec_with_timeout "${NMAP_BIN} --unprivileged -Pn --script +ssl-enum-ciphers ${NMAP_INETPROTO} ${HOST_ADDR} -p ${PORT}" "${NMAP_OUT}" "${NMAP_ERR}"
+            unset TIMEOUT_REASON
 
             if [ "${DEBUG}" -ge 1 ]; then
                 debuglog 'nmap output:'
@@ -6266,6 +6277,8 @@ ${WARNING}"
     # Check SSL Labs
     if [ -n "${SSL_LAB_CRIT_ASSESSMENT}" ]; then
 
+        TIMEOUT_REASON='SSL Lab assesstment'
+
         create_temporary_file
         JSON=${TEMPFILE}
         debuglog "Storing the SSL Labs JSON output to ${JSON}"
@@ -6388,6 +6401,8 @@ ${WARNING}"
 
         done
 
+        unset TIMEOUT_REASON
+
     fi
 
     ################################################################################

diff --git a/check_ssl_cert.1 b/check_ssl_cert.1
@@ -1,7 +1,7 @@
 .\" Process this file with
 .\" groff -man -Tascii check_ssl_cert.1
 .\"
-.TH "check_ssl_cert" 1 "March, 2023" "2.61.0" "USER COMMANDS"
+.TH "check_ssl_cert" 1 "March, 2023" "2.62.0" "USER COMMANDS"
 .SH NAME
 check_ssl_cert \- checks the validity of X.509 certificates
 .SH SYNOPSIS

diff --git a/check_ssl_cert.spec b/check_ssl_cert.spec
@@ -1,4 +1,4 @@
-%global version          2.61.0
+%global version          2.62.0
 %global release          0
 %global sourcename       check_ssl_cert
 %global packagename      nagios-plugins-check_ssl_cert
@@ -54,6 +54,9 @@ rm -rf $RPM_BUILD_ROOT
 %endif
 
 %changelog
+* Thu Mar  16 2023 Matteo Corti <[email protected]> - 2.62.0-0
+- Updated to 2.62.0
+
 * Thu Mar   9 2023 Matteo Corti <[email protected]> - 2.61.0-0
 - Updated to 2.61.0