diff options
| author | Arkadiusz MiĆkiewicz <arekm@maven.pl> | 2019-08-30 09:30:10 (GMT) |
|---|---|---|
| committer | Franz Schwartau <franz@electromail.org> | 2023-06-12 21:18:20 (GMT) |
| commit | 252272344ea63a164eabc1631e9b77450d2b1c4b (patch) | |
| tree | 19865bd241843f1c6b62363601425190861d7ce7 /plugins/check_smtp.c | |
| parent | e77315386e8b95b4fba879a6411101e5281fc320 (diff) | |
| download | monitoring-plugins-252272344ea63a164eabc1631e9b77450d2b1c4b.tar.gz | |
Add support for SNI in check_smtp.
Add support for SSL/TLS hostname extension support (SNI) for check_smtp
plugin.
Backported from nagios-plugins:
https://github.com/nagios-plugins/nagios-plugins/commit/9f1628f4b5525335ce1d6e48e8ac8b07d0757f82
Diffstat (limited to 'plugins/check_smtp.c')
| -rw-r--r-- | plugins/check_smtp.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index 70191ad..c0ab838 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c | |||
| @@ -103,6 +103,7 @@ double critical_time = 0; | |||
| 103 | int check_critical_time = FALSE; | 103 | int check_critical_time = FALSE; |
| 104 | int verbose = 0; | 104 | int verbose = 0; |
| 105 | int use_ssl = FALSE; | 105 | int use_ssl = FALSE; |
| 106 | int use_sni = FALSE; | ||
| 106 | short use_proxy_prefix = FALSE; | 107 | short use_proxy_prefix = FALSE; |
| 107 | short use_ehlo = FALSE; | 108 | short use_ehlo = FALSE; |
| 108 | short use_lhlo = FALSE; | 109 | short use_lhlo = FALSE; |
| @@ -234,7 +235,7 @@ main (int argc, char **argv) | |||
| 234 | smtp_quit(); | 235 | smtp_quit(); |
| 235 | return STATE_UNKNOWN; | 236 | return STATE_UNKNOWN; |
| 236 | } | 237 | } |
| 237 | result = np_net_ssl_init(sd); | 238 | result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); |
| 238 | if(result != STATE_OK) { | 239 | if(result != STATE_OK) { |
| 239 | printf (_("CRITICAL - Cannot create SSL context.\n")); | 240 | printf (_("CRITICAL - Cannot create SSL context.\n")); |
| 240 | close(sd); | 241 | close(sd); |
| @@ -463,6 +464,10 @@ process_arguments (int argc, char **argv) | |||
| 463 | int c; | 464 | int c; |
| 464 | char* temp; | 465 | char* temp; |
| 465 | 466 | ||
| 467 | enum { | ||
| 468 | SNI_OPTION | ||
| 469 | }; | ||
| 470 | |||
| 466 | int option = 0; | 471 | int option = 0; |
| 467 | static struct option longopts[] = { | 472 | static struct option longopts[] = { |
| 468 | {"hostname", required_argument, 0, 'H'}, | 473 | {"hostname", required_argument, 0, 'H'}, |
| @@ -485,6 +490,7 @@ process_arguments (int argc, char **argv) | |||
| 485 | {"help", no_argument, 0, 'h'}, | 490 | {"help", no_argument, 0, 'h'}, |
| 486 | {"lmtp", no_argument, 0, 'L'}, | 491 | {"lmtp", no_argument, 0, 'L'}, |
| 487 | {"starttls",no_argument,0,'S'}, | 492 | {"starttls",no_argument,0,'S'}, |
| 493 | {"sni", no_argument, 0, SNI_OPTION}, | ||
| 488 | {"certificate",required_argument,0,'D'}, | 494 | {"certificate",required_argument,0,'D'}, |
| 489 | {"ignore-quit-failure",no_argument,0,'q'}, | 495 | {"ignore-quit-failure",no_argument,0,'q'}, |
| 490 | {"proxy",no_argument,0,'r'}, | 496 | {"proxy",no_argument,0,'r'}, |
| @@ -631,6 +637,13 @@ process_arguments (int argc, char **argv) | |||
| 631 | use_ssl = TRUE; | 637 | use_ssl = TRUE; |
| 632 | use_ehlo = TRUE; | 638 | use_ehlo = TRUE; |
| 633 | break; | 639 | break; |
| 640 | case SNI_OPTION: | ||
| 641 | #ifdef HAVE_SSL | ||
| 642 | use_sni = TRUE; | ||
| 643 | #else | ||
| 644 | usage (_("SSL support not available - install OpenSSL and recompile")); | ||
| 645 | #endif | ||
| 646 | break; | ||
| 634 | case 'r': | 647 | case 'r': |
| 635 | use_proxy_prefix = TRUE; | 648 | use_proxy_prefix = TRUE; |
| 636 | break; | 649 | break; |
| @@ -839,6 +852,8 @@ print_help (void) | |||
| 839 | printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); | 852 | printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); |
| 840 | printf (" %s\n", "-S, --starttls"); | 853 | printf (" %s\n", "-S, --starttls"); |
| 841 | printf (" %s\n", _("Use STARTTLS for the connection.")); | 854 | printf (" %s\n", _("Use STARTTLS for the connection.")); |
| 855 | printf (" %s\n", "--sni"); | ||
| 856 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); | ||
| 842 | #endif | 857 | #endif |
| 843 | 858 | ||
| 844 | printf (" %s\n", "-A, --authtype=STRING"); | 859 | printf (" %s\n", "-A, --authtype=STRING"); |
| @@ -875,6 +890,6 @@ print_usage (void) | |||
| 875 | printf ("%s\n", _("Usage:")); | 890 | printf ("%s\n", _("Usage:")); |
| 876 | printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname); | 891 | printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname); |
| 877 | printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n"); | 892 | printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n"); |
| 878 | printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [-v] \n"); | 893 | printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [--sni] [-v] \n"); |
| 879 | } | 894 | } |
| 880 | 895 | ||