From 72eb1cb416a2744f038b286a81a21abc903b78e5 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Thu, 14 Jun 2012 12:17:35 +0200 Subject: [PATCH] Suppression du script cert_expire --- .../zabbix_agentd.conf/90UserParameters_certExpire | 13 -- root/var/lib/zabbix/bin/cert_expire.pl | 142 --------------------- 2 files changed, 155 deletions(-) delete mode 100644 root/etc/e-smith/templates/etc/zabbix/zabbix_agentd.conf/90UserParameters_certExpire delete mode 100644 root/var/lib/zabbix/bin/cert_expire.pl diff --git a/root/etc/e-smith/templates/etc/zabbix/zabbix_agentd.conf/90UserParameters_certExpire b/root/etc/e-smith/templates/etc/zabbix/zabbix_agentd.conf/90UserParameters_certExpire deleted file mode 100644 index 1d3aee1..0000000 --- a/root/etc/e-smith/templates/etc/zabbix/zabbix_agentd.conf/90UserParameters_certExpire +++ /dev/null @@ -1,13 +0,0 @@ -# Certificate expiration - -# Description: Remaining days -# Type: Agent or Agent (active) -# Key: crt.expire[] -# Type of information: Numeric (integer 64bit) -# Units: days -# Use multiplier: No -# Update interval: 86400 -# Store Value: As is -# Show Value: As is - -UserParameter=crt.expire[*],/var/lib/zabbix/bin/cert_expire.pl -p $1 diff --git a/root/var/lib/zabbix/bin/cert_expire.pl b/root/var/lib/zabbix/bin/cert_expire.pl deleted file mode 100644 index 2a65a64..0000000 --- a/root/var/lib/zabbix/bin/cert_expire.pl +++ /dev/null @@ -1,142 +0,0 @@ -#!/usr/bin/perl -w -# Check peer certificate validity for Zabbix -# Require perl module : IO::Socket, Net::SSLeay, Date::Parse -# Require unix programs : openssl, echo, sendmail -# -# Based on sslexpire from Emmanuel Lacour -# -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by the -# Free Software Foundation; either version 2, or (at your option) any -# later version. -# -# This file is distributed in the hope that it will be -# useful, but WITHOUT ANY WARRANTY; without even the implied warranty -# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this file; see the file COPYING. If not, write to the Free -# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -# 02110-1301, USA. -# - - -use strict; -use IO::Socket; -use Net::SSLeay; -use Getopt::Long; -use Date::Parse; - -Net::SSLeay::SSLeay_add_ssl_algorithms(); -Net::SSLeay::randomize(); - -# Default values -my $opensslpath = "/usr/bin/openssl"; - -my $host = '127.0.0.1'; -my $port = '443'; - -my %opts; -GetOptions (\%opts, - 'host|h=s', - 'port|p=s', - 'help', -); - -if ($opts{'host'}) { - $host = $opts{'host'}; -} -if ($opts{'port'}){ - $port = $opts{'port'}; -} - -if ($opts{'help'}) { - &usage; -} - -# Print program usage -sub usage { - print "Usage: sslexpire [OPTION]... --h, --host=HOST check this host --p, --port=TCPPORT check this port on the previous host - --help print this help, then exit -"; - exit; -} - - -# This will return the expiration date -sub getExpire { - - my ($l_host,$l_port) = @_; - my ($l_expdate,$l_comment); - - # Connect to $l_host:$l_port - my $socket = IO::Socket::INET->new( - Proto => "tcp", - PeerAddr => $l_host, - PeerPort => $l_port - ); - # If we connected successfully - if ($socket) { - # Intiate ssl - my $l_ctx = Net::SSLeay::CTX_new(); - my $l_ssl = Net::SSLeay::new($l_ctx); - - Net::SSLeay::set_fd($l_ssl, fileno($socket)); - my $res = Net::SSLeay::connect($l_ssl); - - # Get peer certificate - my $l_x509 = Net::SSLeay::get_peer_certificate($l_ssl); - if ($l_x509) { - my $l_string = Net::SSLeay::PEM_get_string_X509($l_x509); - # Get the expiration date, using openssl - $l_expdate = `echo "$l_string" | $opensslpath x509 -enddate -noout 2>&1`; - $l_expdate =~ s/.*=//; - chomp($l_expdate); - } - else { - $l_expdate = 1; - } - - # Close and cleanup - Net::SSLeay::free($l_ssl); - Net::SSLeay::CTX_free($l_ctx); - close $socket; - } - else { - $l_expdate = 1; - } - return $l_expdate; -} - - -# Print remaining days before expiration -sub report { - # Convert date into epoch using date command - my ($l_expdate) = @_; - - if ($l_expdate ne "1") { - # The current date - my $l_today = time; - my $l_epochdate = str2time($l_expdate); - - # Calculate diff between expiration date and today - my $l_diff = ($l_epochdate - $l_today)/(3600*24); - - # Report if needed - printf "%.0f\n", $l_diff; - } - else { - print "Unable to read certificate!\n"; - exit (1); - } -} - -# Get expiration date -my $expdate = getExpire($host,$port); - -# Report -report("$expdate"); -