diff options
author | Ton Voon <tonvoon@users.sourceforge.net> | 2006-10-12 20:36:46 +0000 |
---|---|---|
committer | Ton Voon <tonvoon@users.sourceforge.net> | 2006-10-12 20:36:46 +0000 |
commit | d00a65f8172ea55b6b4938c65ae0568dbd03b9c0 (patch) | |
tree | 13075b59032525c5ffeb882fa115b82a565d44d9 /plugins/check_smtp.c | |
parent | caaf4be9b6812f6b99b9773e9016619caa41dff4 (diff) | |
download | monitoring-plugins-d00a65f8172ea55b6b4938c65ae0568dbd03b9c0.tar.gz |
Resend EHLO after TLS negotiation as per RFC3207 (Holger Weiss - 1482832)
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1493 f882894a-f735-0410-b71e-b25c423dba1c
Diffstat (limited to 'plugins/check_smtp.c')
-rw-r--r-- | plugins/check_smtp.c | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c index e7cf2ea2..e4da30ed 100644 --- a/plugins/check_smtp.c +++ b/plugins/check_smtp.c | |||
@@ -282,6 +282,35 @@ main (int argc, char **argv) | |||
282 | } else { | 282 | } else { |
283 | ssl_established = 1; | 283 | ssl_established = 1; |
284 | } | 284 | } |
285 | |||
286 | /* | ||
287 | * Resend the EHLO command. | ||
288 | * | ||
289 | * RFC 3207 (4.2) says: ``The client MUST discard any knowledge | ||
290 | * obtained from the server, such as the list of SMTP service | ||
291 | * extensions, which was not obtained from the TLS negotiation | ||
292 | * itself. The client SHOULD send an EHLO command as the first | ||
293 | * command after a successful TLS negotiation.'' For this | ||
294 | * reason, some MTAs will not allow an AUTH LOGIN command before | ||
295 | * we resent EHLO via TLS. | ||
296 | */ | ||
297 | if (my_send(helocmd, strlen(helocmd)) <= 0) { | ||
298 | printf(_("SMTP UNKNOWN - Cannot send EHLO command via TLS.\n")); | ||
299 | my_close(); | ||
300 | return STATE_UNKNOWN; | ||
301 | } | ||
302 | if (verbose) | ||
303 | printf(_("sent %s"), helocmd); | ||
304 | if ((n = my_recv(buffer, MAX_INPUT_BUFFER - 1)) <= 0) { | ||
305 | printf(_("SMTP UNKNOWN - Cannot read EHLO response via TLS.\n")); | ||
306 | my_close(); | ||
307 | return STATE_UNKNOWN; | ||
308 | } | ||
309 | if (verbose) { | ||
310 | buffer[n] = '\0'; | ||
311 | printf("%s", buffer); | ||
312 | } | ||
313 | |||
285 | # ifdef USE_OPENSSL | 314 | # ifdef USE_OPENSSL |
286 | if ( check_cert ) { | 315 | if ( check_cert ) { |
287 | result = np_net_ssl_check_cert(days_till_exp); | 316 | result = np_net_ssl_check_cert(days_till_exp); |
@@ -705,8 +734,8 @@ print_help (void) | |||
705 | printf (_(UT_IPv46)); | 734 | printf (_(UT_IPv46)); |
706 | 735 | ||
707 | printf (" %s\n", "-e, --expect=STRING"); | 736 | printf (" %s\n", "-e, --expect=STRING"); |
708 | printf (_("String to expect in first line of server response (default: '%s')"),SMTP_EXPECT); | 737 | printf (_(" String to expect in first line of server response (default: '%s')\n"), SMTP_EXPECT); |
709 | printf (" %s\n\n", "-n, nocommand\n"); | 738 | printf (" %s\n", "-n, nocommand"); |
710 | printf (" %s\n", _("Suppress SMTP command")); | 739 | printf (" %s\n", _("Suppress SMTP command")); |
711 | printf (" %s\n", "-C, --command=STRING"); | 740 | printf (" %s\n", "-C, --command=STRING"); |
712 | printf (" %s\n", _("SMTP command (may be used repeatedly)")); | 741 | printf (" %s\n", _("SMTP command (may be used repeatedly)")); |
@@ -734,6 +763,7 @@ print_help (void) | |||
734 | 763 | ||
735 | printf (_(UT_VERBOSE)); | 764 | printf (_(UT_VERBOSE)); |
736 | 765 | ||
766 | printf("\n"); | ||
737 | printf ("%s\n", _("Successul connects return STATE_OK, refusals and timeouts return")); | 767 | printf ("%s\n", _("Successul connects return STATE_OK, refusals and timeouts return")); |
738 | printf ("%s\n", _("STATE_CRITICAL, other errors return STATE_UNKNOWN. Successful")); | 768 | printf ("%s\n", _("STATE_CRITICAL, other errors return STATE_UNKNOWN. Successful")); |
739 | printf ("%s\n", _("connects, but incorrect reponse messages from the host result in")); | 769 | printf ("%s\n", _("connects, but incorrect reponse messages from the host result in")); |