summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArkadiusz Miƛkiewicz <arekm@maven.pl>2019-08-30 11:30:10 +0200
committerFranz Schwartau <franz@electromail.org>2023-06-12 23:18:20 +0200
commit252272344ea63a164eabc1631e9b77450d2b1c4b (patch)
tree19865bd241843f1c6b62363601425190861d7ce7
parente77315386e8b95b4fba879a6411101e5281fc320 (diff)
downloadmonitoring-plugins-2522723.tar.gz
Add support for SNI in check_smtp.
Add support for SSL/TLS hostname extension support (SNI) for check_smtp plugin. Backported from nagios-plugins: https://github.com/nagios-plugins/nagios-plugins/commit/9f1628f4b5525335ce1d6e48e8ac8b07d0757f82
-rw-r--r--plugins/check_smtp.c19
1 files changed, 17 insertions, 2 deletions
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 70191ad9..c0ab838a 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -103,6 +103,7 @@ double critical_time = 0;
103int check_critical_time = FALSE; 103int check_critical_time = FALSE;
104int verbose = 0; 104int verbose = 0;
105int use_ssl = FALSE; 105int use_ssl = FALSE;
106int use_sni = FALSE;
106short use_proxy_prefix = FALSE; 107short use_proxy_prefix = FALSE;
107short use_ehlo = FALSE; 108short use_ehlo = FALSE;
108short use_lhlo = FALSE; 109short use_lhlo = FALSE;
@@ -234,7 +235,7 @@ main (int argc, char **argv)
234 smtp_quit(); 235 smtp_quit();
235 return STATE_UNKNOWN; 236 return STATE_UNKNOWN;
236 } 237 }
237 result = np_net_ssl_init(sd); 238 result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL));
238 if(result != STATE_OK) { 239 if(result != STATE_OK) {
239 printf (_("CRITICAL - Cannot create SSL context.\n")); 240 printf (_("CRITICAL - Cannot create SSL context.\n"));
240 close(sd); 241 close(sd);
@@ -463,6 +464,10 @@ process_arguments (int argc, char **argv)
463 int c; 464 int c;
464 char* temp; 465 char* temp;
465 466
467 enum {
468 SNI_OPTION
469 };
470
466 int option = 0; 471 int option = 0;
467 static struct option longopts[] = { 472 static struct option longopts[] = {
468 {"hostname", required_argument, 0, 'H'}, 473 {"hostname", required_argument, 0, 'H'},
@@ -485,6 +490,7 @@ process_arguments (int argc, char **argv)
485 {"help", no_argument, 0, 'h'}, 490 {"help", no_argument, 0, 'h'},
486 {"lmtp", no_argument, 0, 'L'}, 491 {"lmtp", no_argument, 0, 'L'},
487 {"starttls",no_argument,0,'S'}, 492 {"starttls",no_argument,0,'S'},
493 {"sni", no_argument, 0, SNI_OPTION},
488 {"certificate",required_argument,0,'D'}, 494 {"certificate",required_argument,0,'D'},
489 {"ignore-quit-failure",no_argument,0,'q'}, 495 {"ignore-quit-failure",no_argument,0,'q'},
490 {"proxy",no_argument,0,'r'}, 496 {"proxy",no_argument,0,'r'},
@@ -631,6 +637,13 @@ process_arguments (int argc, char **argv)
631 use_ssl = TRUE; 637 use_ssl = TRUE;
632 use_ehlo = TRUE; 638 use_ehlo = TRUE;
633 break; 639 break;
640 case SNI_OPTION:
641#ifdef HAVE_SSL
642 use_sni = TRUE;
643#else
644 usage (_("SSL support not available - install OpenSSL and recompile"));
645#endif
646 break;
634 case 'r': 647 case 'r':
635 use_proxy_prefix = TRUE; 648 use_proxy_prefix = TRUE;
636 break; 649 break;
@@ -839,6 +852,8 @@ print_help (void)
839 printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); 852 printf (" %s\n", _("Minimum number of days a certificate has to be valid."));
840 printf (" %s\n", "-S, --starttls"); 853 printf (" %s\n", "-S, --starttls");
841 printf (" %s\n", _("Use STARTTLS for the connection.")); 854 printf (" %s\n", _("Use STARTTLS for the connection."));
855 printf (" %s\n", "--sni");
856 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
842#endif 857#endif
843 858
844 printf (" %s\n", "-A, --authtype=STRING"); 859 printf (" %s\n", "-A, --authtype=STRING");
@@ -875,6 +890,6 @@ print_usage (void)
875 printf ("%s\n", _("Usage:")); 890 printf ("%s\n", _("Usage:"));
876 printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname); 891 printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname);
877 printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n"); 892 printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n");
878 printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [-v] \n"); 893 printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [--sni] [-v] \n");
879} 894}
880 895