diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 11:19:16 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-07-24 09:53:24 +0000 |
commit | b5f8ee61a7f7e9bd291dd26b0585d03eb686c941 (patch) | |
tree | d4d31289c39fc00da064a825df13a0b98ce95b10 /src/go/collectors/go.d.plugin/modules/x509check/collect.go | |
parent | Adding upstream version 1.44.3. (diff) | |
download | netdata-upstream.tar.xz netdata-upstream.zip |
Adding upstream version 1.46.3.upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | src/go/collectors/go.d.plugin/modules/x509check/collect.go | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/src/go/collectors/go.d.plugin/modules/x509check/collect.go b/src/go/collectors/go.d.plugin/modules/x509check/collect.go new file mode 100644 index 000000000..3b5eebdb2 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/x509check/collect.go @@ -0,0 +1,54 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +package x509check + +import ( + "crypto/x509" + "fmt" + "time" + + "github.com/cloudflare/cfssl/revoke" +) + +func (x *X509Check) collect() (map[string]int64, error) { + certs, err := x.prov.certificates() + if err != nil { + return nil, err + } + + if len(certs) == 0 { + return nil, fmt.Errorf("no certificate was provided by '%s'", x.Config.Source) + } + + mx := make(map[string]int64) + + x.collectExpiration(mx, certs) + if x.CheckRevocation { + x.collectRevocation(mx, certs) + } + + return mx, nil +} + +func (x *X509Check) collectExpiration(mx map[string]int64, certs []*x509.Certificate) { + expiry := time.Until(certs[0].NotAfter).Seconds() + mx["expiry"] = int64(expiry) + mx["days_until_expiration_warning"] = x.DaysUntilWarn + mx["days_until_expiration_critical"] = x.DaysUntilCritical + +} + +func (x *X509Check) collectRevocation(mx map[string]int64, certs []*x509.Certificate) { + rev, ok, err := revoke.VerifyCertificateError(certs[0]) + if err != nil { + x.Debug(err) + } + if !ok { + return + } + if rev { + mx["revoked"] = 1 + } else { + mx["revoked"] = 0 + } +} |