dani
/
pfsense-zabbix
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added revocation check to certificate monitoring

This commit is contained in:
tst 2023-01-03 11:54:04 +01:00
parent 7bd0396c55
commit 58069dc19c
1 changed files with 29 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
pfsense_zbx.php
View File

@ -1113,24 +1113,36 @@ function pfz_get_smart_status(){
function pfz_get_cert_date($valuekey){ function pfz_get_cert_date($valuekey){
global $config; global $config;
// Contains a list of refs that were revoked and should not be considered
$revoked_cert_refs;
foreach ($config["crl"] as $crl) {
foreach ($crl["cert"] as $revoked_cert) {
$revoked_cert_refs[] = $revoked_cert["refid"];
}
}
$value = 0; $value = 0;
foreach (array("cert", "ca") as $cert_type) { foreach (array("cert", "ca") as $cert_type) {
switch ($valuekey){ switch ($valuekey){
case "validFrom.max": case "validFrom.max":
foreach ($config[$cert_type] as $cert) { foreach ($config[$cert_type] as $cert) {
$certinfo = openssl_x509_parse(base64_decode($cert[crt])); if ( ! in_array($cert['refid'], $revoked_cert_refs) ) {
if ($value == 0 or $value < $certinfo['validFrom_time_t']) $value = $certinfo['validFrom_time_t']; $certinfo = openssl_x509_parse(base64_decode($cert[crt]));
} if ($value == 0 or $value < $certinfo['validFrom_time_t']) $value = $certinfo['validFrom_time_t'];
break; }
case "validTo.min": }
foreach ($config[$cert_type] as $cert) { break;
$certinfo = openssl_x509_parse(base64_decode($cert[crt])); case "validTo.min":
if ($value == 0 or $value > $certinfo['validTo_time_t']) $value = $certinfo['validTo_time_t']; foreach ($config[$cert_type] as $cert) {
} if ( ! in_array($cert['refid'], $revoked_cert_refs) ) {
break; $certinfo = openssl_x509_parse(base64_decode($cert[crt]));
} if ($value == 0 or $value > $certinfo['validTo_time_t']) $value = $certinfo['validTo_time_t'];
} }
echo $value; }
break;
}
}
echo $value;
} }
// File is present // File is present