mirror of https://github.com/getdnsapi/getdns.git
Modify getdns_server_mon to use GnuTLS or OpenSSL.
Untested.
This commit is contained in:
parent
72d9b91a2e
commit
46c49cbcfe
|
@ -36,9 +36,13 @@
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
|
|
||||||
|
#ifdef USE_GNUTLS
|
||||||
|
#include <gnutls/x509.h>
|
||||||
|
#else
|
||||||
#include <openssl/x509.h>
|
#include <openssl/x509.h>
|
||||||
#include <openssl/x509v3.h>
|
#include <openssl/x509v3.h>
|
||||||
#include <openssl/bio.h>
|
#include <openssl/bio.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
#include <getdns/getdns.h>
|
#include <getdns/getdns.h>
|
||||||
#include <getdns/getdns_extra.h>
|
#include <getdns/getdns_extra.h>
|
||||||
|
@ -181,7 +185,7 @@ static const char *rcode_text(int rcode)
|
||||||
return getdns_intval_text(rcode, "rcode", "GETDNS_RCODE_");
|
return getdns_intval_text(rcode, "rcode", "GETDNS_RCODE_");
|
||||||
}
|
}
|
||||||
|
|
||||||
#if OPENSSL_VERSION_NUMBER < 0x10002000 || defined(LIBRESSL_VERSION_NUMBER)
|
#if !defined(USE_GNUTLS) && (OPENSSL_VERSION_NUMBER < 0x10002000 || defined(LIBRESSL_VERSION_NUMBER))
|
||||||
/*
|
/*
|
||||||
* Convert date to Julian day.
|
* Convert date to Julian day.
|
||||||
* See https://en.wikipedia.org/wiki/Julian_day
|
* See https://en.wikipedia.org/wiki/Julian_day
|
||||||
|
@ -212,6 +216,27 @@ static long secs_in_day(const struct tm *tm)
|
||||||
*/
|
*/
|
||||||
static bool extract_cert_expiry(const unsigned char *data, size_t len, time_t *t)
|
static bool extract_cert_expiry(const unsigned char *data, size_t len, time_t *t)
|
||||||
{
|
{
|
||||||
|
#ifdef USE_GNUTLS
|
||||||
|
gnutls_x509_crt_t cert;
|
||||||
|
gnutls_datum_t datum;
|
||||||
|
bool res = false;
|
||||||
|
|
||||||
|
datum.data = (unsigned char*) data;
|
||||||
|
datum.size = len;
|
||||||
|
|
||||||
|
if (gnutls_x509_crt_init(&cert) != GNUTLS_E_SUCCESS)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
if (gnutls_x509_crt_import(cert, &datum, GNUTLS_X509_FMT_DER) == GNUTLS_E_SUCCESS) {
|
||||||
|
time_t expiry = gnutls_x509_crt_get_expiration_time(cert);
|
||||||
|
if (expiry != GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION) {
|
||||||
|
res = true;
|
||||||
|
*t = expiry;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
gnutls_x509_crt_deinit(cert);
|
||||||
|
return res;
|
||||||
|
#else
|
||||||
X509 *cert = d2i_X509(NULL, &data, len);
|
X509 *cert = d2i_X509(NULL, &data, len);
|
||||||
if (!cert)
|
if (!cert)
|
||||||
return false;
|
return false;
|
||||||
|
@ -299,6 +324,7 @@ static bool extract_cert_expiry(const unsigned char *data, size_t len, time_t *t
|
||||||
X509_free(cert);
|
X509_free(cert);
|
||||||
#endif
|
#endif
|
||||||
*t += day_diff * SECS_IN_DAY + sec_diff;
|
*t += day_diff * SECS_IN_DAY + sec_diff;
|
||||||
|
#endif /* USE_GNUTLS */
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue