--- a/lib/Nagios/Check/DNS/check_tlsa_record.pm Tue Jun 21 11:13:06 2016 +0200
+++ b/lib/Nagios/Check/DNS/check_tlsa_record.pm Tue Jun 21 14:10:20 2016 +0200
@@ -6,6 +6,7 @@
use if $ENV{DEBUG} => 'Smart::Comments';
use Carp;
use Data::Dumper;
+use if $ENV{DEBUG} => 'Smart::Comments';
#use if $^V >= v5.0.20 => (experimental => gw(smartmatch));
use experimental qw(smartmatch);
@@ -18,32 +19,16 @@
my $dane_pattern = '^(?<record>(?<tlsa_usage>\d+)\s+(?<tlsa_selector>\d+)\s+(?<tlsa_match_type>\d+)\s+(?<tlsa_hash>[0-9a-f ]+))$';
my $with_cname = '^(?<cname>[_a-z]+.*\n).*';
-
-#@TODO use only fd of tempfile instead of filename
-#my $tempfile = File::Temp->new(
-
-local $^F = 15;
-my $tempfile;
-my $handle;
-
-($handle, $tempfile) = tempfile(
+my ($handle, $tempfile) = tempfile(
TEMPLATE => 'XXXXXXXXXXXXXXXX',
DIR => '/tmp/',
SUFFIX => '.tmp',
);
-($handle, $tempfile) = do {
- open my $x, '+>', '/tmp/bla' or die $!;
- ($x, '/tmp/bla');
-};
-
-say $^F;
-say fileno $handle;
my $fd = "/dev/fd/" . fileno $handle;
-say $fd;
-
+my $flags = fcntl($handle, F_GETFD, 0);
sub main {
my $domain = shift;
@@ -90,24 +75,24 @@
sub get_cert {
my $domain = shift;
my $port = shift;
- my $query;
+ my $cmd;
my $cert;
+ #neede here because global doesn't work like expected
+ #but if set here filediscriptor is open for writing
+ $flags &= ~FD_CLOEXEC;
+ fcntl $handle, F_SETFD, $flags;
+
if ($port == 25) {
- $query = "openssl s_client -starttls smtp -connect $domain:$port";
+ $cmd = "openssl s_client -starttls smtp -connect $domain:$port";
}
else {
- $query = "openssl s_client -connect $domain:$port";
+ $cmd = "openssl s_client -connect $domain:$port";
}
my $same = "< /dev/null 2>/dev/null | openssl x509 -out $fd 2>&1";
- $query = "$query $same";
-
- $cert = qx($query);
+ $cmd .= $same;
- if ($cert =~ /.*unable.*/gi) {
- $cert = 'unable NO'; ## @TODO google.de returns unable to write..
- }
- return $cert;
+ return qx($cmd);
}
sub get_tlsa_from_cert {