update

2019-02-10 21:13:10 -06:00
parent 3c0b2cce6c
commit 3db8a2df24
2 changed files with 60 additions and 101 deletions
--- a/nodemgmt-scripts.sh
+++ b/nodemgmt-scripts.sh
@@ -633,6 +633,7 @@ CHECK-CERTS(){
 	# /opt/idssys/nodemgmt/ssl-cert-check.sh -f /opt/idssys/nodemgmt/ssldomains -a
 	SERVERFILE=/opt/idssys/nodemgmt/ssldomains
 	
+	echo 'yes'
    print_heading
    echo 'WTF'
 	# IFS=$'\n'
--- a/ssl-check.sh
+++ b/ssl-check.sh
@@ -23,24 +23,8 @@ QUIET="FALSE"
 # Don't send E-mail by default (cmdline: -a)
 ALARM="FALSE"

-# Don't run as a Nagios plugin by default (cmdline: -n)
-NAGIOS="FALSE"
-
-# Don't summarize Nagios output by default (cmdline: -N)
-NAGIOSSUMMARY="FALSE"
-
-# NULL out the PKCSDBPASSWD variable for later use (cmdline: -k)
-PKCSDBPASSWD=""
-
-# Type of certificate (PEM, DER, NET) (cmdline: -t)
 CERTTYPE="pem"

-# Protocol version to use (cmdline: -v)
-VERSION=""
-
-# Enable debugging
-DEBUG=0
-
 # Location of system binaries
 AWK=$(which awk)
 DATE=$(which date)
@@ -81,8 +65,6 @@ else
    MAILMODE="cantfindit"
 fi

-# Return code used by nagios. Initialize to 0.
-RETCODE=0

 # Certificate counters and minimum difference. Initialize to 0.
 SUMMARY_VALID=0
@@ -270,19 +252,6 @@ print_summary(){
    fi
 }

-#############################################################
-# Purpose: Set returncode to value if current value is lower
-# Arguments:
-#   $1 -> New returncorde
-#############################################################
-set_returncode()
-{
-    if [ ${RETCODE} -lt ${1} ]
-    then
-        RETCODE=${1}
-    fi
-}
-
 ########################################################################
 # Purpose: Set certificate counters and informations for nagios summary
 # Arguments:
@@ -380,11 +349,6 @@ check_server_status() {
        TLSFLAG=""
    fi

-    if [ "${VERSION}" != "" ]
-    then
-        VER="-${VERSION}"
-    fi
-
    if [ "${TLSSERVERNAME}" = "TRUE" ]
    then
         TLSFLAG="${TLSFLAG} -servername $1"
@@ -395,32 +359,26 @@ check_server_status() {
    if ${GREP} -i "Connection refused" ${ERROR_TMP} > /dev/null
    then
        prints ${1} ${2} "Connection refused" "Unknown"
-        set_returncode 3

    elif ${GREP} -i "No route to host" ${ERROR_TMP} > /dev/null
    then
        prints ${1} ${2} "No route to host" "Unknown"
-        set_returncode 3

    elif ${GREP} -i "gethostbyname failure" ${ERROR_TMP} > /dev/null
    then
        prints ${1} ${2} "Cannot resolve domain" "Unknown"
-        set_returncode 3

    elif ${GREP} -i "Operation timed out" ${ERROR_TMP} > /dev/null
    then
        prints ${1} ${2} "Operation timed out" "Unknown"
-        set_returncode 3

    elif ${GREP} -i "ssl handshake failure" ${ERROR_TMP} > /dev/null
    then
        prints ${1} ${2} "SSL handshake failed" "Unknown"
-        set_returncode 3

    elif ${GREP} -i "connect: Connection timed out" ${ERROR_TMP} > /dev/null
    then
        prints ${1} ${2} "Connection timed out" "Unknown"
-        set_returncode 3

    else
        check_file_status ${CERT_TMP} $1 $2
@@ -445,7 +403,6 @@ check_file_status() {
    then
        echo "ERROR: The file named ${CERTFILE} is unreadable or doesn't exist"
        echo "ERROR: Please check to make sure the certificate for ${HOST}:${PORT} is valid"
-        set_returncode 3
        return
    fi

@@ -527,67 +484,69 @@ check_file_status() {
        RETCODE_LOCAL=0
    fi

-    set_returncode ${RETCODE_LOCAL}
    MIN_DATE=$(echo ${CERTDATE} | ${AWK} '{ print $1, $2, $4 }')
-    set_summary ${RETCODE_LOCAL} ${HOST} ${PORT} "${MIN_DATE}" ${CERTDIFF}
+    # set_summary ${RETCODE_LOCAL} ${HOST} ${PORT} "${MIN_DATE}" ${CERTDIFF}
+	
+	rm -f ${CERT_TMP} ${ERROR_TMP}
+	
 }


-### Check to make sure a openssl utility is available
-if [ ! -f ${OPENSSL} ]
-then
-    echo "ERROR: The openssl binary does not exist in ${OPENSSL}."
-    echo "FIX: Please modify the \${OPENSSL} variable in the program header."
-    exit 1
-fi
-
-### Check to make sure a date utility is available
-if [ ! -f ${DATE} ]
-then
-    echo "ERROR: The date binary does not exist in ${DATE} ."
-    echo "FIX: Please modify the \${DATE} variable in the program header."
-    exit 1
-fi
-
-### Check to make sure a grep and find utility is available
-if [ ! -f ${GREP} ] || [ ! -f ${FIND} ]
-then
-    echo "ERROR: Unable to locate the greb and find binary."
-    echo "FIX: Please modify the \${GREP} and \${FIND} variables in the program header."
-    exit 1
-fi
-
-### Check to make sure the mktemp and printf utilities are available
-if [ ! -f ${MKTEMP} ] || [ ! -f ${PRINTF} ]
-then
-    echo "ERROR: Unable to locate the mktemp or printf binary."
-    echo "FIX: Please modify the \${MKTEMP} and \${PRINTF} variables in the program header."
-    exit 1
-fi
-
-### Check to make sure the sed and awk binaries are available
-if [ ! -f ${SED} ] || [ ! -f ${AWK} ]
-then
-    echo "ERROR: Unable to locate the sed or awk binary."
-    echo "FIX: Please modify the \${SED} and \${AWK} variables in the program header."
-    exit 1
-fi
-
-### Check to make sure a mail client is available it automated notifications are requested
-if [ "${ALARM}" = "TRUE" ] && [ ! -f ${MAIL} ]
-then
-    echo "ERROR: You enabled automated alerts, but the mail binary could not be found."
-    echo "FIX: Please modify the ${MAIL} variable in the program header."
-    exit 1
-fi
-
-# Send along the servername when TLS is used
-if ${OPENSSL} s_client -help 2>&1 | grep '-servername' > /dev/null
-then
-    TLSSERVERNAME="TRUE"
-else
-    TLSSERVERNAME="FALSE"
-fi
+# ### Check to make sure a openssl utility is available
+# if [ ! -f ${OPENSSL} ]
+# then
+#     echo "ERROR: The openssl binary does not exist in ${OPENSSL}."
+#     echo "FIX: Please modify the \${OPENSSL} variable in the program header."
+#     exit 1
+# fi
+#
+# ### Check to make sure a date utility is available
+# if [ ! -f ${DATE} ]
+# then
+#     echo "ERROR: The date binary does not exist in ${DATE} ."
+#     echo "FIX: Please modify the \${DATE} variable in the program header."
+#     exit 1
+# fi
+#
+# ### Check to make sure a grep and find utility is available
+# if [ ! -f ${GREP} ] || [ ! -f ${FIND} ]
+# then
+#     echo "ERROR: Unable to locate the greb and find binary."
+#     echo "FIX: Please modify the \${GREP} and \${FIND} variables in the program header."
+#     exit 1
+# fi
+#
+# ### Check to make sure the mktemp and printf utilities are available
+# if [ ! -f ${MKTEMP} ] || [ ! -f ${PRINTF} ]
+# then
+#     echo "ERROR: Unable to locate the mktemp or printf binary."
+#     echo "FIX: Please modify the \${MKTEMP} and \${PRINTF} variables in the program header."
+#     exit 1
+# fi
+#
+# ### Check to make sure the sed and awk binaries are available
+# if [ ! -f ${SED} ] || [ ! -f ${AWK} ]
+# then
+#     echo "ERROR: Unable to locate the sed or awk binary."
+#     echo "FIX: Please modify the \${SED} and \${AWK} variables in the program header."
+#     exit 1
+# fi
+#
+# ### Check to make sure a mail client is available it automated notifications are requested
+# if [ "${ALARM}" = "TRUE" ] && [ ! -f ${MAIL} ]
+# then
+#     echo "ERROR: You enabled automated alerts, but the mail binary could not be found."
+#     echo "FIX: Please modify the ${MAIL} variable in the program header."
+#     exit 1
+# fi
+#
+# # Send along the servername when TLS is used
+# if ${OPENSSL} s_client -help 2>&1 | grep '-servername' > /dev/null
+# then
+#     TLSSERVERNAME="TRUE"
+# else
+#     TLSSERVERNAME="FALSE"
+# fi

 # Place to stash temporary files
 CERT_TMP=$($MKTEMP /var/tmp/cert.XXXXXX)
@@ -661,6 +620,5 @@ fi
 #     exit 1
 # fi

-rm -f ${CERT_TMP} ${ERROR_TMP}

 exit 0