summaryrefslogtreecommitdiffstats
path: root/plugins/check_smtp.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_smtp.c')
-rw-r--r--plugins/check_smtp.c38
1 files changed, 34 insertions, 4 deletions
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index eaa7eeba..c0ab838a 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -3,7 +3,7 @@
3* Monitoring check_smtp plugin 3* Monitoring check_smtp plugin
4* 4*
5* License: GPL 5* License: GPL
6* Copyright (c) 2000-2007 Monitoring Plugins Development Team 6* Copyright (c) 2000-2023 Monitoring Plugins Development Team
7* 7*
8* Description: 8* Description:
9* 9*
@@ -52,6 +52,7 @@ int days_till_exp_warn, days_till_exp_crit;
52enum { 52enum {
53 SMTP_PORT = 25 53 SMTP_PORT = 25
54}; 54};
55#define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n"
55#define SMTP_EXPECT "220" 56#define SMTP_EXPECT "220"
56#define SMTP_HELO "HELO " 57#define SMTP_HELO "HELO "
57#define SMTP_EHLO "EHLO " 58#define SMTP_EHLO "EHLO "
@@ -102,6 +103,8 @@ double critical_time = 0;
102int check_critical_time = FALSE; 103int check_critical_time = FALSE;
103int verbose = 0; 104int verbose = 0;
104int use_ssl = FALSE; 105int use_ssl = FALSE;
106int use_sni = FALSE;
107short use_proxy_prefix = FALSE;
105short use_ehlo = FALSE; 108short use_ehlo = FALSE;
106short use_lhlo = FALSE; 109short use_lhlo = FALSE;
107short ssl_established = 0; 110short ssl_established = 0;
@@ -184,6 +187,13 @@ main (int argc, char **argv)
184 187
185 if (result == STATE_OK) { /* we connected */ 188 if (result == STATE_OK) { /* we connected */
186 189
190 /* If requested, send PROXY header */
191 if (use_proxy_prefix) {
192 if (verbose)
193 printf ("Sending header %s\n", PROXY_PREFIX);
194 send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0);
195 }
196
187 /* watch for the SMTP connection string and */ 197 /* watch for the SMTP connection string and */
188 /* return a WARNING status if we couldn't read any data */ 198 /* return a WARNING status if we couldn't read any data */
189 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { 199 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
@@ -225,7 +235,7 @@ main (int argc, char **argv)
225 smtp_quit(); 235 smtp_quit();
226 return STATE_UNKNOWN; 236 return STATE_UNKNOWN;
227 } 237 }
228 result = np_net_ssl_init(sd); 238 result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL));
229 if(result != STATE_OK) { 239 if(result != STATE_OK) {
230 printf (_("CRITICAL - Cannot create SSL context.\n")); 240 printf (_("CRITICAL - Cannot create SSL context.\n"));
231 close(sd); 241 close(sd);
@@ -454,6 +464,10 @@ process_arguments (int argc, char **argv)
454 int c; 464 int c;
455 char* temp; 465 char* temp;
456 466
467 enum {
468 SNI_OPTION
469 };
470
457 int option = 0; 471 int option = 0;
458 static struct option longopts[] = { 472 static struct option longopts[] = {
459 {"hostname", required_argument, 0, 'H'}, 473 {"hostname", required_argument, 0, 'H'},
@@ -476,8 +490,10 @@ process_arguments (int argc, char **argv)
476 {"help", no_argument, 0, 'h'}, 490 {"help", no_argument, 0, 'h'},
477 {"lmtp", no_argument, 0, 'L'}, 491 {"lmtp", no_argument, 0, 'L'},
478 {"starttls",no_argument,0,'S'}, 492 {"starttls",no_argument,0,'S'},
493 {"sni", no_argument, 0, SNI_OPTION},
479 {"certificate",required_argument,0,'D'}, 494 {"certificate",required_argument,0,'D'},
480 {"ignore-quit-failure",no_argument,0,'q'}, 495 {"ignore-quit-failure",no_argument,0,'q'},
496 {"proxy",no_argument,0,'r'},
481 {0, 0, 0, 0} 497 {0, 0, 0, 0}
482 }; 498 };
483 499
@@ -494,7 +510,7 @@ process_arguments (int argc, char **argv)
494 } 510 }
495 511
496 while (1) { 512 while (1) {
497 c = getopt_long (argc, argv, "+hVv46Lt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q", 513 c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q",
498 longopts, &option); 514 longopts, &option);
499 515
500 if (c == -1 || c == EOF) 516 if (c == -1 || c == EOF)
@@ -621,6 +637,16 @@ process_arguments (int argc, char **argv)
621 use_ssl = TRUE; 637 use_ssl = TRUE;
622 use_ehlo = TRUE; 638 use_ehlo = TRUE;
623 break; 639 break;
640 case SNI_OPTION:
641#ifdef HAVE_SSL
642 use_sni = TRUE;
643#else
644 usage (_("SSL support not available - install OpenSSL and recompile"));
645#endif
646 break;
647 case 'r':
648 use_proxy_prefix = TRUE;
649 break;
624 case 'L': 650 case 'L':
625 use_lhlo = TRUE; 651 use_lhlo = TRUE;
626 break; 652 break;
@@ -819,11 +845,15 @@ print_help (void)
819 printf (" %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")), 845 printf (" %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")),
820 printf (" %s\n", "-F, --fqdn=STRING"); 846 printf (" %s\n", "-F, --fqdn=STRING");
821 printf (" %s\n", _("FQDN used for HELO")); 847 printf (" %s\n", _("FQDN used for HELO"));
848 printf (" %s\n", "-r, --proxy");
849 printf (" %s\n", _("Use PROXY protocol prefix for the connection."));
822#ifdef HAVE_SSL 850#ifdef HAVE_SSL
823 printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); 851 printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]");
824 printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); 852 printf (" %s\n", _("Minimum number of days a certificate has to be valid."));
825 printf (" %s\n", "-S, --starttls"); 853 printf (" %s\n", "-S, --starttls");
826 printf (" %s\n", _("Use STARTTLS for the connection.")); 854 printf (" %s\n", _("Use STARTTLS for the connection."));
855 printf (" %s\n", "--sni");
856 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
827#endif 857#endif
828 858
829 printf (" %s\n", "-A, --authtype=STRING"); 859 printf (" %s\n", "-A, --authtype=STRING");
@@ -860,6 +890,6 @@ print_usage (void)
860 printf ("%s\n", _("Usage:")); 890 printf ("%s\n", _("Usage:"));
861 printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname); 891 printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname);
862 printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n"); 892 printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n");
863 printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-v] \n"); 893 printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [--sni] [-v] \n");
864} 894}
865 895