diff options
author | waja <waja@users.noreply.github.com> | 2023-06-28 16:39:27 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-06-28 16:39:27 +0200 |
commit | 265a7c0ed8ccde7868bb7e77c44aecc403743c21 (patch) | |
tree | 3a02f6ce03e8f781dcfca22ee1f17817225a0ff9 /plugins/check_smtp.c | |
parent | b96a8424f0ec6206238b650c2c63b4bd006ab43a (diff) | |
parent | b24eb7f46ac8667324efd818c01d68d5a1376c89 (diff) | |
download | monitoring-plugins-265a7c0ed8ccde7868bb7e77c44aecc403743c21.tar.gz |
Merge branch 'master' into compiler_warning_part_2
Diffstat (limited to 'plugins/check_smtp.c')
-rw-r--r-- | plugins/check_smtp.c | 38 |
1 files changed, 34 insertions, 4 deletions
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index b035aab5..996bd875 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c | |||
@@ -3,7 +3,7 @@ | |||
3 | * Monitoring check_smtp plugin | 3 | * Monitoring check_smtp plugin |
4 | * | 4 | * |
5 | * License: GPL | 5 | * License: GPL |
6 | * Copyright (c) 2000-2007 Monitoring Plugins Development Team | 6 | * Copyright (c) 2000-2023 Monitoring Plugins Development Team |
7 | * | 7 | * |
8 | * Description: | 8 | * Description: |
9 | * | 9 | * |
@@ -52,6 +52,7 @@ int days_till_exp_warn, days_till_exp_crit; | |||
52 | enum { | 52 | enum { |
53 | SMTP_PORT = 25 | 53 | SMTP_PORT = 25 |
54 | }; | 54 | }; |
55 | #define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n" | ||
55 | #define SMTP_EXPECT "220" | 56 | #define SMTP_EXPECT "220" |
56 | #define SMTP_HELO "HELO " | 57 | #define SMTP_HELO "HELO " |
57 | #define SMTP_EHLO "EHLO " | 58 | #define SMTP_EHLO "EHLO " |
@@ -102,6 +103,8 @@ double critical_time = 0; | |||
102 | int check_critical_time = FALSE; | 103 | int check_critical_time = FALSE; |
103 | int verbose = 0; | 104 | int verbose = 0; |
104 | int use_ssl = FALSE; | 105 | int use_ssl = FALSE; |
106 | int use_sni = FALSE; | ||
107 | short use_proxy_prefix = FALSE; | ||
105 | short use_ehlo = FALSE; | 108 | short use_ehlo = FALSE; |
106 | short use_lhlo = FALSE; | 109 | short use_lhlo = FALSE; |
107 | short ssl_established = 0; | 110 | short ssl_established = 0; |
@@ -184,6 +187,13 @@ main (int argc, char **argv) | |||
184 | 187 | ||
185 | if (result == STATE_OK) { /* we connected */ | 188 | if (result == STATE_OK) { /* we connected */ |
186 | 189 | ||
190 | /* If requested, send PROXY header */ | ||
191 | if (use_proxy_prefix) { | ||
192 | if (verbose) | ||
193 | printf ("Sending header %s\n", PROXY_PREFIX); | ||
194 | send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0); | ||
195 | } | ||
196 | |||
187 | /* watch for the SMTP connection string and */ | 197 | /* watch for the SMTP connection string and */ |
188 | /* return a WARNING status if we couldn't read any data */ | 198 | /* return a WARNING status if we couldn't read any data */ |
189 | if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { | 199 | if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { |
@@ -225,7 +235,7 @@ main (int argc, char **argv) | |||
225 | smtp_quit(); | 235 | smtp_quit(); |
226 | return STATE_UNKNOWN; | 236 | return STATE_UNKNOWN; |
227 | } | 237 | } |
228 | result = np_net_ssl_init(sd); | 238 | result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); |
229 | if(result != STATE_OK) { | 239 | if(result != STATE_OK) { |
230 | printf (_("CRITICAL - Cannot create SSL context.\n")); | 240 | printf (_("CRITICAL - Cannot create SSL context.\n")); |
231 | close(sd); | 241 | close(sd); |
@@ -454,6 +464,10 @@ process_arguments (int argc, char **argv) | |||
454 | int c; | 464 | int c; |
455 | char* temp; | 465 | char* temp; |
456 | 466 | ||
467 | enum { | ||
468 | SNI_OPTION | ||
469 | }; | ||
470 | |||
457 | int option = 0; | 471 | int option = 0; |
458 | static struct option longopts[] = { | 472 | static struct option longopts[] = { |
459 | {"hostname", required_argument, 0, 'H'}, | 473 | {"hostname", required_argument, 0, 'H'}, |
@@ -476,8 +490,10 @@ process_arguments (int argc, char **argv) | |||
476 | {"help", no_argument, 0, 'h'}, | 490 | {"help", no_argument, 0, 'h'}, |
477 | {"lmtp", no_argument, 0, 'L'}, | 491 | {"lmtp", no_argument, 0, 'L'}, |
478 | {"starttls",no_argument,0,'S'}, | 492 | {"starttls",no_argument,0,'S'}, |
493 | {"sni", no_argument, 0, SNI_OPTION}, | ||
479 | {"certificate",required_argument,0,'D'}, | 494 | {"certificate",required_argument,0,'D'}, |
480 | {"ignore-quit-failure",no_argument,0,'q'}, | 495 | {"ignore-quit-failure",no_argument,0,'q'}, |
496 | {"proxy",no_argument,0,'r'}, | ||
481 | {0, 0, 0, 0} | 497 | {0, 0, 0, 0} |
482 | }; | 498 | }; |
483 | 499 | ||
@@ -494,7 +510,7 @@ process_arguments (int argc, char **argv) | |||
494 | } | 510 | } |
495 | 511 | ||
496 | while (1) { | 512 | while (1) { |
497 | c = getopt_long (argc, argv, "+hVv46Lt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q", | 513 | c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q", |
498 | longopts, &option); | 514 | longopts, &option); |
499 | 515 | ||
500 | if (c == -1 || c == EOF) | 516 | if (c == -1 || c == EOF) |
@@ -622,6 +638,16 @@ process_arguments (int argc, char **argv) | |||
622 | use_ssl = TRUE; | 638 | use_ssl = TRUE; |
623 | use_ehlo = TRUE; | 639 | use_ehlo = TRUE; |
624 | break; | 640 | break; |
641 | case SNI_OPTION: | ||
642 | #ifdef HAVE_SSL | ||
643 | use_sni = TRUE; | ||
644 | #else | ||
645 | usage (_("SSL support not available - install OpenSSL and recompile")); | ||
646 | #endif | ||
647 | break; | ||
648 | case 'r': | ||
649 | use_proxy_prefix = TRUE; | ||
650 | break; | ||
625 | case 'L': | 651 | case 'L': |
626 | use_lhlo = TRUE; | 652 | use_lhlo = TRUE; |
627 | break; | 653 | break; |
@@ -820,11 +846,15 @@ print_help (void) | |||
820 | printf (" %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")), | 846 | printf (" %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")), |
821 | printf (" %s\n", "-F, --fqdn=STRING"); | 847 | printf (" %s\n", "-F, --fqdn=STRING"); |
822 | printf (" %s\n", _("FQDN used for HELO")); | 848 | printf (" %s\n", _("FQDN used for HELO")); |
849 | printf (" %s\n", "-r, --proxy"); | ||
850 | printf (" %s\n", _("Use PROXY protocol prefix for the connection.")); | ||
823 | #ifdef HAVE_SSL | 851 | #ifdef HAVE_SSL |
824 | printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); | 852 | printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); |
825 | printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); | 853 | printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); |
826 | printf (" %s\n", "-S, --starttls"); | 854 | printf (" %s\n", "-S, --starttls"); |
827 | printf (" %s\n", _("Use STARTTLS for the connection.")); | 855 | printf (" %s\n", _("Use STARTTLS for the connection.")); |
856 | printf (" %s\n", "--sni"); | ||
857 | printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); | ||
828 | #endif | 858 | #endif |
829 | 859 | ||
830 | printf (" %s\n", "-A, --authtype=STRING"); | 860 | printf (" %s\n", "-A, --authtype=STRING"); |
@@ -861,6 +891,6 @@ print_usage (void) | |||
861 | printf ("%s\n", _("Usage:")); | 891 | printf ("%s\n", _("Usage:")); |
862 | printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname); | 892 | printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname); |
863 | printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n"); | 893 | printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n"); |
864 | printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-v] \n"); | 894 | printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [--sni] [-v] \n"); |
865 | } | 895 | } |
866 | 896 | ||