From fb5619c7f3ce48fab471135a0653e56d57b3685f Mon Sep 17 00:00:00 2001 From: garnier-quentin Date: Thu, 16 Jul 2015 14:26:32 +0200 Subject: [PATCH] + Enhance http ssl context --- apps/protocols/http/mode/expectedcontent.pm | 2 +- apps/protocols/http/mode/jsoncontent.pm | 2 +- centreon/plugins/httplib.pm | 29 ++++++++++----------- 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/apps/protocols/http/mode/expectedcontent.pm b/apps/protocols/http/mode/expectedcontent.pm index 15796e2f6..f59c817ad 100644 --- a/apps/protocols/http/mode/expectedcontent.pm +++ b/apps/protocols/http/mode/expectedcontent.pm @@ -62,7 +62,7 @@ sub new { "proxyurl:s" => { name => 'proxyurl' }, "expected-string:s" => { name => 'expected_string' }, "timeout:s" => { name => 'timeout', default => '3' }, - "ssl:s" => { name => 'ssl', }, + "ssl:s" => { name => 'ssl', }, "cert-file:s" => { name => 'cert_file' }, "key-file:s" => { name => 'key_file' }, "cacert-file:s" => { name => 'cacert_file' }, diff --git a/apps/protocols/http/mode/jsoncontent.pm b/apps/protocols/http/mode/jsoncontent.pm index e4e73d2ee..348b2a423 100644 --- a/apps/protocols/http/mode/jsoncontent.pm +++ b/apps/protocols/http/mode/jsoncontent.pm @@ -68,7 +68,7 @@ sub new { "header:s@" => { name => 'header' }, "get-param:s@" => { name => 'get_param' }, "timeout:s" => { name => 'timeout', default => 10 }, - "ssl:s" => { name => 'ssl', }, + "ssl:s" => { name => 'ssl', }, "cert-file:s" => { name => 'cert_file' }, "key-file:s" => { name => 'key_file' }, "cacert-file:s" => { name => 'cacert_file' }, diff --git a/centreon/plugins/httplib.pm b/centreon/plugins/httplib.pm index 0e7c420da..bc5a547af 100644 --- a/centreon/plugins/httplib.pm +++ b/centreon/plugins/httplib.pm @@ -42,6 +42,7 @@ use warnings; use LWP::UserAgent; use HTTP::Cookies; use URI; +use IO::Socket::SSL; sub get_port { my ($self, %options) = @_; @@ -118,28 +119,26 @@ sub connect { $ua->proxy(['http', 'https'], $self->{option_results}->{proxyurl}); } - if (defined($self->{option_results}->{ssl}) && $self->{option_results}->{ssl} ne '') { - use IO::Socket::SSL; - my $context = new IO::Socket::SSL::SSL_Context( - SSL_version => $self->{option_results}->{ssl}, - ); - IO::Socket::SSL::set_default_context($context); - } - if (defined($self->{option_results}->{cert_pkcs12}) && $self->{option_results}->{cert_file} ne '' && $self->{option_results}->{cert_pwd} ne '') { eval "use Net::SSL"; die $@ if $@; $ENV{HTTPS_PKCS12_FILE} = $self->{option_results}->{cert_file}; $ENV{HTTPS_PKCS12_PASSWORD} = $self->{option_results}->{cert_pwd}; } + my $ssl_context; + if (defined($self->{option_results}->{ssl}) && $self->{option_results}->{ssl} ne '') { + $ssl_context = { SSL_version => $self->{option_results}->{ssl} }; + } if (defined($self->{option_results}->{cert_file}) && !defined($self->{option_results}->{cert_pkcs12})) { - use IO::Socket::SSL; - my $context = new IO::Socket::SSL::SSL_Context( - SSL_use_cert => 1, - SSL_cert_file => $self->{option_results}->{cert_file}, - $self->{option_results}->{key_file} ? ( SSL_key_file => $self->{option_results}->{key_file} ):(), - $self->{option_results}->{cacert_file} ? ( SSL_ca_file => $self->{option_results}->{cacert_file} ):(), - ); + $ssl_context = {} if (!defined($ssl_context)); + $ssl_context->{SSL_use_cert} = 1; + $ssl_context->{SSL_cert_file} = $self->{option_results}->{cert_file}; + $ssl_context->{SSL_key_file} = $self->{option_results}->{key_file} if (defined($self->{option_results}->{key_file})); + $ssl_context->{SSL_ca_file} = $self->{option_results}->{cacert_file} if (defined($self->{option_results}->{cacert_file})); + } + + if (defined($ssl_context)) { + my $context = new IO::Socket::SSL::SSL_Context(%{$ssl_context}); IO::Socket::SSL::set_default_context($context); }