summaryrefslogtreecommitdiffstats
path: root/plugins/check_smtp.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_smtp.c')
-rw-r--r--plugins/check_smtp.c1159
1 files changed, 556 insertions, 603 deletions
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 986c3e18..44b735f9 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -1,437 +1,429 @@
1/***************************************************************************** 1/*****************************************************************************
2* 2 *
3* Monitoring check_smtp plugin 3 * Monitoring check_smtp plugin
4* 4 *
5* License: GPL 5 * License: GPL
6* Copyright (c) 2000-2023 Monitoring Plugins Development Team 6 * Copyright (c) 2000-2024 Monitoring Plugins Development Team
7* 7 *
8* Description: 8 * Description:
9* 9 *
10* This file contains the check_smtp plugin 10 * This file contains the check_smtp plugin
11* 11 *
12* This plugin will attempt to open an SMTP connection with the host. 12 * This plugin will attempt to open an SMTP connection with the host.
13* 13 *
14* 14 *
15* This program is free software: you can redistribute it and/or modify 15 * This program is free software: you can redistribute it and/or modify
16* it under the terms of the GNU General Public License as published by 16 * it under the terms of the GNU General Public License as published by
17* the Free Software Foundation, either version 3 of the License, or 17 * the Free Software Foundation, either version 3 of the License, or
18* (at your option) any later version. 18 * (at your option) any later version.
19* 19 *
20* This program is distributed in the hope that it will be useful, 20 * This program is distributed in the hope that it will be useful,
21* but WITHOUT ANY WARRANTY; without even the implied warranty of 21 * but WITHOUT ANY WARRANTY; without even the implied warranty of
22* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23* GNU General Public License for more details. 23 * GNU General Public License for more details.
24* 24 *
25* You should have received a copy of the GNU General Public License 25 * You should have received a copy of the GNU General Public License
26* along with this program. If not, see <http://www.gnu.org/licenses/>. 26 * along with this program. If not, see <http://www.gnu.org/licenses/>.
27* 27 *
28* 28 *
29*****************************************************************************/ 29 *****************************************************************************/
30 30
31const char *progname = "check_smtp"; 31const char *progname = "check_smtp";
32const char *copyright = "2000-2007"; 32const char *copyright = "2000-2024";
33const char *email = "devel@monitoring-plugins.org"; 33const char *email = "devel@monitoring-plugins.org";
34 34
35#include "common.h" 35#include "common.h"
36#include "netutils.h" 36#include "netutils.h"
37#include "utils.h" 37#include "utils.h"
38#include "base64.h" 38#include "base64.h"
39#include "regex.h"
39 40
40#include <ctype.h> 41#include <ctype.h>
42#include "check_smtp.d/config.h"
43#include "../lib/states.h"
44
45#define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n"
46#define SMTP_HELO "HELO "
47#define SMTP_EHLO "EHLO "
48#define SMTP_LHLO "LHLO "
49#define SMTP_QUIT "QUIT\r\n"
50#define SMTP_STARTTLS "STARTTLS\r\n"
51#define SMTP_AUTH_LOGIN "AUTH LOGIN\r\n"
41 52
53#define EHLO_SUPPORTS_STARTTLS 1
54
55typedef struct {
56 int errorcode;
57 check_smtp_config config;
58} check_smtp_config_wrapper;
59static check_smtp_config_wrapper process_arguments(int /*argc*/, char ** /*argv*/);
60
61int my_recv(check_smtp_config config, void *buf, int num, int socket_descriptor, bool ssl_established) {
42#ifdef HAVE_SSL 62#ifdef HAVE_SSL
43bool check_cert = false; 63 if ((config.use_starttls || config.use_ssl) && ssl_established) {
44int days_till_exp_warn, days_till_exp_crit; 64 return np_net_ssl_read(buf, num);
45# define my_recv(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) 65 }
46# define my_send(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) 66 return (int)read(socket_descriptor, buf, (size_t)num);
47#else /* ifndef HAVE_SSL */ 67#else /* ifndef HAVE_SSL */
48# define my_recv(buf, len) read(sd, buf, len) 68 return read(socket_descriptor, buf, len)
49# define my_send(buf, len) send(sd, buf, len, 0)
50#endif 69#endif
70}
51 71
52enum { 72int my_send(check_smtp_config config, void *buf, int num, int socket_descriptor, bool ssl_established) {
53 SMTP_PORT = 25, 73#ifdef HAVE_SSL
54 SMTPS_PORT = 465 74 if ((config.use_starttls || config.use_ssl) && ssl_established) {
55};
56#define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n"
57#define SMTP_EXPECT "220"
58#define SMTP_HELO "HELO "
59#define SMTP_EHLO "EHLO "
60#define SMTP_LHLO "LHLO "
61#define SMTP_QUIT "QUIT\r\n"
62#define SMTP_STARTTLS "STARTTLS\r\n"
63#define SMTP_AUTH_LOGIN "AUTH LOGIN\r\n"
64
65#define EHLO_SUPPORTS_STARTTLS 1
66 75
67int process_arguments (int, char **); 76 return np_net_ssl_write(buf, num);
68int validate_arguments (void); 77 }
69void print_help (void); 78 return (int)send(socket_descriptor, buf, (size_t)num, 0);
70void print_usage (void); 79#else /* ifndef HAVE_SSL */
71void smtp_quit(void); 80 return send(socket_descriptor, buf, len, 0);
72int recvline(char *, size_t); 81#endif
73int recvlines(char *, size_t); 82}
74int my_close(void);
75 83
76#include "regex.h" 84static void print_help(void);
77char regex_expect[MAX_INPUT_BUFFER] = ""; 85void print_usage(void);
78regex_t preg; 86static char *smtp_quit(check_smtp_config /*config*/, char /*buffer*/[MAX_INPUT_BUFFER], int /*socket_descriptor*/,
79regmatch_t pmatch[10]; 87 bool /*ssl_established*/);
80char timestamp[20] = ""; 88static int recvline(char * /*buf*/, size_t /*bufsize*/, check_smtp_config /*config*/, int /*socket_descriptor*/, bool /*ssl_established*/);
81char errbuf[MAX_INPUT_BUFFER]; 89static int recvlines(check_smtp_config /*config*/, char * /*buf*/, size_t /*bufsize*/, int /*socket_descriptor*/, bool /*ssl_established*/);
82int cflags = REG_EXTENDED | REG_NOSUB | REG_NEWLINE; 90static int my_close(int /*socket_descriptor*/);
83int eflags = 0;
84int errcode, excode;
85
86int server_port = SMTP_PORT;
87int server_port_option = 0;
88char *server_address = NULL;
89char *server_expect = NULL;
90char *mail_command = NULL;
91char *from_arg = NULL;
92int send_mail_from=0;
93int ncommands=0;
94int command_size=0;
95int nresponses=0;
96int response_size=0;
97char **commands = NULL;
98char **responses = NULL;
99char *authtype = NULL;
100char *authuser = NULL;
101char *authpass = NULL;
102double warning_time = 0;
103bool check_warning_time = false;
104double critical_time = 0;
105bool check_critical_time = false;
106int verbose = 0;
107bool use_ssl = false;
108bool use_starttls = false;
109bool use_sni = false;
110bool use_proxy_prefix = false;
111bool use_ehlo = false;
112bool use_lhlo = false;
113bool ssl_established = false;
114char *localhostname = NULL;
115int sd;
116char buffer[MAX_INPUT_BUFFER];
117enum {
118 TCP_PROTOCOL = 1,
119 UDP_PROTOCOL = 2,
120};
121bool ignore_send_quit_failure = false;
122
123
124int
125main (int argc, char **argv)
126{
127 bool supports_tls = false;
128 int n = 0;
129 double elapsed_time;
130 long microsec;
131 int result = STATE_UNKNOWN;
132 char *cmd_str = NULL;
133 char *helocmd = NULL;
134 char *error_msg = "";
135 char *server_response = NULL;
136 struct timeval tv;
137 91
138 /* Catch pipe errors in read/write - sometimes occurs when writing QUIT */ 92static int verbose = 0;
139 (void) signal (SIGPIPE, SIG_IGN);
140 93
141 setlocale (LC_ALL, ""); 94int main(int argc, char **argv) {
142 bindtextdomain (PACKAGE, LOCALEDIR); 95 setlocale(LC_ALL, "");
143 textdomain (PACKAGE); 96 bindtextdomain(PACKAGE, LOCALEDIR);
97 textdomain(PACKAGE);
144 98
145 /* Parse extra opts if any */ 99 /* Parse extra opts if any */
146 argv=np_extra_opts (&argc, argv, progname); 100 argv = np_extra_opts(&argc, argv, progname);
147 101
148 if (process_arguments (argc, argv) == ERROR) 102 check_smtp_config_wrapper tmp_config = process_arguments(argc, argv);
149 usage4 (_("Could not parse arguments")); 103
104 if (tmp_config.errorcode == ERROR) {
105 usage4(_("Could not parse arguments"));
106 }
107
108 const check_smtp_config config = tmp_config.config;
150 109
151 /* If localhostname not set on command line, use gethostname to set */ 110 /* If localhostname not set on command line, use gethostname to set */
152 if(! localhostname){ 111 char *localhostname = config.localhostname;
153 localhostname = malloc (HOST_MAX_BYTES); 112 if (!localhostname) {
154 if(!localhostname){ 113 localhostname = malloc(HOST_MAX_BYTES);
114 if (!localhostname) {
155 printf(_("malloc() failed!\n")); 115 printf(_("malloc() failed!\n"));
156 return STATE_CRITICAL; 116 exit(STATE_CRITICAL);
157 } 117 }
158 if(gethostname(localhostname, HOST_MAX_BYTES)){ 118 if (gethostname(localhostname, HOST_MAX_BYTES)) {
159 printf(_("gethostname() failed!\n")); 119 printf(_("gethostname() failed!\n"));
160 return STATE_CRITICAL; 120 exit(STATE_CRITICAL);
161 } 121 }
162 } 122 }
163 if(use_lhlo) 123
164 xasprintf (&helocmd, "%s%s%s", SMTP_LHLO, localhostname, "\r\n"); 124 char *helocmd = NULL;
165 else if(use_ehlo) 125 if (config.use_lhlo) {
166 xasprintf (&helocmd, "%s%s%s", SMTP_EHLO, localhostname, "\r\n"); 126 xasprintf(&helocmd, "%s%s%s", SMTP_LHLO, localhostname, "\r\n");
167 else 127 } else if (config.use_ehlo) {
168 xasprintf (&helocmd, "%s%s%s", SMTP_HELO, localhostname, "\r\n"); 128 xasprintf(&helocmd, "%s%s%s", SMTP_EHLO, localhostname, "\r\n");
169 129 } else {
170 if (verbose) 130 xasprintf(&helocmd, "%s%s%s", SMTP_HELO, localhostname, "\r\n");
131 }
132
133 if (verbose) {
171 printf("HELOCMD: %s", helocmd); 134 printf("HELOCMD: %s", helocmd);
135 }
172 136
137 char *mail_command = strdup("MAIL ");
138 char *cmd_str = NULL;
173 /* initialize the MAIL command with optional FROM command */ 139 /* initialize the MAIL command with optional FROM command */
174 xasprintf (&cmd_str, "%sFROM:<%s>%s", mail_command, from_arg, "\r\n"); 140 xasprintf(&cmd_str, "%sFROM:<%s>%s", mail_command, config.from_arg, "\r\n");
175 141
176 if (verbose && send_mail_from) 142 if (verbose && config.send_mail_from) {
177 printf ("FROM CMD: %s", cmd_str); 143 printf("FROM CMD: %s", cmd_str);
144 }
145
146 /* Catch pipe errors in read/write - sometimes occurs when writing QUIT */
147 (void)signal(SIGPIPE, SIG_IGN);
178 148
179 /* initialize alarm signal handling */ 149 /* initialize alarm signal handling */
180 (void) signal (SIGALRM, socket_timeout_alarm_handler); 150 (void)signal(SIGALRM, socket_timeout_alarm_handler);
181 151
182 /* set socket timeout */ 152 /* set socket timeout */
183 (void) alarm (socket_timeout); 153 (void)alarm(socket_timeout);
184 154
155 struct timeval start_time;
185 /* start timer */ 156 /* start timer */
186 gettimeofday (&tv, NULL); 157 gettimeofday(&start_time, NULL);
187 158
159 int socket_descriptor = 0;
188 /* try to connect to the host at the given port number */ 160 /* try to connect to the host at the given port number */
189 result = my_tcp_connect (server_address, server_port, &sd); 161 mp_state_enum result = my_tcp_connect(config.server_address, config.server_port, &socket_descriptor);
190 162
163 char *error_msg = "";
164 char buffer[MAX_INPUT_BUFFER];
165 bool ssl_established = false;
191 if (result == STATE_OK) { /* we connected */ 166 if (result == STATE_OK) { /* we connected */
192 /* If requested, send PROXY header */ 167 /* If requested, send PROXY header */
193 if (use_proxy_prefix) { 168 if (config.use_proxy_prefix) {
194 if (verbose) 169 if (verbose) {
195 printf ("Sending header %s\n", PROXY_PREFIX); 170 printf("Sending header %s\n", PROXY_PREFIX);
196 my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); 171 }
172 my_send(config, PROXY_PREFIX, strlen(PROXY_PREFIX), socket_descriptor, ssl_established);
197 } 173 }
198 174
199#ifdef HAVE_SSL 175#ifdef HAVE_SSL
200 if (use_ssl) { 176 if (config.use_ssl) {
201 result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); 177 result = np_net_ssl_init_with_hostname(socket_descriptor, (config.use_sni ? config.server_address : NULL));
202 if (result != STATE_OK) { 178 if (result != STATE_OK) {
203 printf (_("CRITICAL - Cannot create SSL context.\n")); 179 printf(_("CRITICAL - Cannot create SSL context.\n"));
204 close(sd); 180 close(socket_descriptor);
205 np_net_ssl_cleanup(); 181 np_net_ssl_cleanup();
206 return STATE_CRITICAL; 182 exit(STATE_CRITICAL);
207 } else {
208 ssl_established = 1;
209 } 183 }
184 ssl_established = true;
210 } 185 }
211#endif 186#endif
212 187
213 /* watch for the SMTP connection string and */ 188 /* watch for the SMTP connection string and */
214 /* return a WARNING status if we couldn't read any data */ 189 /* return a WARNING status if we couldn't read any data */
215 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { 190 if (recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established) <= 0) {
216 printf (_("recv() failed\n")); 191 printf(_("recv() failed\n"));
217 return STATE_WARNING; 192 exit(STATE_WARNING);
218 } 193 }
219 194
195 char *server_response = NULL;
220 /* save connect return (220 hostname ..) for later use */ 196 /* save connect return (220 hostname ..) for later use */
221 xasprintf(&server_response, "%s", buffer); 197 xasprintf(&server_response, "%s", buffer);
222 198
223 /* send the HELO/EHLO command */ 199 /* send the HELO/EHLO command */
224 my_send(helocmd, strlen(helocmd)); 200 my_send(config, helocmd, (int)strlen(helocmd), socket_descriptor, ssl_established);
225 201
226 /* allow for response to helo command to reach us */ 202 /* allow for response to helo command to reach us */
227 if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { 203 if (recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established) <= 0) {
228 printf (_("recv() failed\n")); 204 printf(_("recv() failed\n"));
229 return STATE_WARNING; 205 exit(STATE_WARNING);
230 } else if(use_ehlo || use_lhlo){ 206 }
231 if(strstr(buffer, "250 STARTTLS") != NULL || 207
232 strstr(buffer, "250-STARTTLS") != NULL){ 208 bool supports_tls = false;
233 supports_tls=true; 209 if (config.use_ehlo || config.use_lhlo) {
210 if (strstr(buffer, "250 STARTTLS") != NULL || strstr(buffer, "250-STARTTLS") != NULL) {
211 supports_tls = true;
234 } 212 }
235 } 213 }
236 214
237 if(use_starttls && ! supports_tls){ 215 if (config.use_starttls && !supports_tls) {
238 printf(_("WARNING - TLS not supported by server\n")); 216 printf(_("WARNING - TLS not supported by server\n"));
239 smtp_quit(); 217 smtp_quit(config, buffer, socket_descriptor, ssl_established);
240 return STATE_WARNING; 218 exit(STATE_WARNING);
241 } 219 }
242 220
243#ifdef HAVE_SSL 221#ifdef HAVE_SSL
244 if(use_starttls) { 222 if (config.use_starttls) {
245 /* send the STARTTLS command */ 223 /* send the STARTTLS command */
246 send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); 224 send(socket_descriptor, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0);
247 225
248 recvlines(buffer, MAX_INPUT_BUFFER); /* wait for it */ 226 recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established); /* wait for it */
249 if (!strstr (buffer, SMTP_EXPECT)) { 227 if (!strstr(buffer, SMTP_EXPECT)) {
250 printf (_("Server does not support STARTTLS\n")); 228 printf(_("Server does not support STARTTLS\n"));
251 smtp_quit(); 229 smtp_quit(config, buffer, socket_descriptor, ssl_established);
252 return STATE_UNKNOWN; 230 exit(STATE_UNKNOWN);
253 } 231 }
254 result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); 232
255 if(result != STATE_OK) { 233 result = np_net_ssl_init_with_hostname(socket_descriptor, (config.use_sni ? config.server_address : NULL));
256 printf (_("CRITICAL - Cannot create SSL context.\n")); 234 if (result != STATE_OK) {
257 close(sd); 235 printf(_("CRITICAL - Cannot create SSL context.\n"));
258 np_net_ssl_cleanup(); 236 close(socket_descriptor);
259 return STATE_CRITICAL; 237 np_net_ssl_cleanup();
260 } else { 238 exit(STATE_CRITICAL);
261 ssl_established = 1; 239 }
262 } 240
263 241 ssl_established = true;
264 /* 242
265 * Resend the EHLO command. 243 /*
266 * 244 * Resend the EHLO command.
267 * RFC 3207 (4.2) says: ``The client MUST discard any knowledge 245 *
268 * obtained from the server, such as the list of SMTP service 246 * RFC 3207 (4.2) says: ``The client MUST discard any knowledge
269 * extensions, which was not obtained from the TLS negotiation 247 * obtained from the server, such as the list of SMTP service
270 * itself. The client SHOULD send an EHLO command as the first 248 * extensions, which was not obtained from the TLS negotiation
271 * command after a successful TLS negotiation.'' For this 249 * itself. The client SHOULD send an EHLO command as the first
272 * reason, some MTAs will not allow an AUTH LOGIN command before 250 * command after a successful TLS negotiation.'' For this
273 * we resent EHLO via TLS. 251 * reason, some MTAs will not allow an AUTH LOGIN command before
274 */ 252 * we resent EHLO via TLS.
275 if (my_send(helocmd, strlen(helocmd)) <= 0) { 253 */
276 printf("%s\n", _("SMTP UNKNOWN - Cannot send EHLO command via TLS.")); 254 if (my_send(config, helocmd, strlen(helocmd), socket_descriptor, ssl_established) <= 0) {
277 my_close(); 255 printf("%s\n", _("SMTP UNKNOWN - Cannot send EHLO command via TLS."));
278 return STATE_UNKNOWN; 256 my_close(socket_descriptor);
279 } 257 exit(STATE_UNKNOWN);
280 if (verbose) 258 }
281 printf(_("sent %s"), helocmd); 259
282 if ((n = recvlines(buffer, MAX_INPUT_BUFFER)) <= 0) { 260 if (verbose) {
283 printf("%s\n", _("SMTP UNKNOWN - Cannot read EHLO response via TLS.")); 261 printf(_("sent %s"), helocmd);
284 my_close(); 262 }
285 return STATE_UNKNOWN;
286 }
287 if (verbose) {
288 printf("%s", buffer);
289 }
290 263
291# ifdef USE_OPENSSL 264 if (recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established) <= 0) {
292 if ( check_cert ) { 265 printf("%s\n", _("SMTP UNKNOWN - Cannot read EHLO response via TLS."));
293 result = np_net_ssl_check_cert(days_till_exp_warn, days_till_exp_crit); 266 my_close(socket_descriptor);
294 smtp_quit(); 267 exit(STATE_UNKNOWN);
295 my_close(); 268 }
296 return result; 269
297 } 270 if (verbose) {
298# endif /* USE_OPENSSL */ 271 printf("%s", buffer);
272 }
273
274# ifdef USE_OPENSSL
275 if (config.check_cert) {
276 result = np_net_ssl_check_cert(config.days_till_exp_warn, config.days_till_exp_crit);
277 smtp_quit(config, buffer, socket_descriptor, ssl_established);
278 my_close(socket_descriptor);
279 exit(result);
280 }
281# endif /* USE_OPENSSL */
299 } 282 }
300#endif 283#endif
301 284
302 if (verbose) 285 if (verbose) {
303 printf ("%s", buffer); 286 printf("%s", buffer);
287 }
304 288
305 /* save buffer for later use */ 289 /* save buffer for later use */
306 xasprintf(&server_response, "%s%s", server_response, buffer); 290 xasprintf(&server_response, "%s%s", server_response, buffer);
307 /* strip the buffer of carriage returns */ 291 /* strip the buffer of carriage returns */
308 strip (server_response); 292 strip(server_response);
309 293
310 /* make sure we find the droids we are looking for */ 294 /* make sure we find the droids we are looking for */
311 if (!strstr (server_response, server_expect)) { 295 if (!strstr(server_response, config.server_expect)) {
312 if (server_port == SMTP_PORT) 296 if (config.server_port == SMTP_PORT) {
313 printf (_("Invalid SMTP response received from host: %s\n"), server_response); 297 printf(_("Invalid SMTP response received from host: %s\n"), server_response);
314 else 298 } else {
315 printf (_("Invalid SMTP response received from host on port %d: %s\n"), 299 printf(_("Invalid SMTP response received from host on port %d: %s\n"), config.server_port, server_response);
316 server_port, server_response); 300 }
317 return STATE_WARNING; 301 exit(STATE_WARNING);
318 } 302 }
319 303
320 if (send_mail_from) { 304 if (config.send_mail_from) {
321 my_send(cmd_str, strlen(cmd_str)); 305 my_send(config, cmd_str, (int)strlen(cmd_str), socket_descriptor, ssl_established);
322 if (recvlines(buffer, MAX_INPUT_BUFFER) >= 1 && verbose) 306 if (recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established) >= 1 && verbose) {
323 printf("%s", buffer); 307 printf("%s", buffer);
308 }
324 } 309 }
325 310
326 n = 0; 311 int counter = 0;
327 while (n < ncommands) { 312 while (counter < config.ncommands) {
328 xasprintf (&cmd_str, "%s%s", commands[n], "\r\n"); 313 xasprintf(&cmd_str, "%s%s", config.commands[counter], "\r\n");
329 my_send(cmd_str, strlen(cmd_str)); 314 my_send(config, cmd_str, (int)strlen(cmd_str), socket_descriptor, ssl_established);
330 if (recvlines(buffer, MAX_INPUT_BUFFER) >= 1 && verbose) 315 if (recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established) >= 1 && verbose) {
331 printf("%s", buffer); 316 printf("%s", buffer);
332 strip (buffer); 317 }
333 if (n < nresponses) { 318 strip(buffer);
334 cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE; 319 if (counter < config.nresponses) {
335 errcode = regcomp (&preg, responses[n], cflags); 320 int cflags = REG_EXTENDED | REG_NOSUB | REG_NEWLINE;
321 regex_t preg;
322 int errcode = regcomp(&preg, config.responses[counter], cflags);
323 char errbuf[MAX_INPUT_BUFFER];
336 if (errcode != 0) { 324 if (errcode != 0) {
337 regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); 325 regerror(errcode, &preg, errbuf, MAX_INPUT_BUFFER);
338 printf (_("Could Not Compile Regular Expression")); 326 printf(_("Could Not Compile Regular Expression"));
339 return ERROR; 327 exit(STATE_UNKNOWN);
340 } 328 }
341 excode = regexec (&preg, buffer, 10, pmatch, eflags); 329
330 regmatch_t pmatch[10];
331 int eflags = 0;
332 int excode = regexec(&preg, buffer, 10, pmatch, eflags);
342 if (excode == 0) { 333 if (excode == 0) {
343 result = STATE_OK; 334 result = STATE_OK;
344 } 335 } else if (excode == REG_NOMATCH) {
345 else if (excode == REG_NOMATCH) {
346 result = STATE_WARNING; 336 result = STATE_WARNING;
347 printf (_("SMTP %s - Invalid response '%s' to command '%s'\n"), state_text (result), buffer, commands[n]); 337 printf(_("SMTP %s - Invalid response '%s' to command '%s'\n"), state_text(result), buffer, config.commands[counter]);
348 } 338 } else {
349 else { 339 regerror(excode, &preg, errbuf, MAX_INPUT_BUFFER);
350 regerror (excode, &preg, errbuf, MAX_INPUT_BUFFER); 340 printf(_("Execute Error: %s\n"), errbuf);
351 printf (_("Execute Error: %s\n"), errbuf);
352 result = STATE_UNKNOWN; 341 result = STATE_UNKNOWN;
353 } 342 }
354 } 343 }
355 n++; 344 counter++;
356 } 345 }
357 346
358 if (authtype != NULL) { 347 if (config.authtype != NULL) {
359 if (strcmp (authtype, "LOGIN") == 0) { 348 if (strcmp(config.authtype, "LOGIN") == 0) {
360 char *abuf; 349 char *abuf;
361 int ret; 350 int ret;
362 do { 351 do {
363 if (authuser == NULL) { 352 if (config.authuser == NULL) {
364 result = STATE_CRITICAL; 353 result = STATE_CRITICAL;
365 xasprintf(&error_msg, _("no authuser specified, ")); 354 xasprintf(&error_msg, _("no authuser specified, "));
366 break; 355 break;
367 } 356 }
368 if (authpass == NULL) { 357 if (config.authpass == NULL) {
369 result = STATE_CRITICAL; 358 result = STATE_CRITICAL;
370 xasprintf(&error_msg, _("no authpass specified, ")); 359 xasprintf(&error_msg, _("no authpass specified, "));
371 break; 360 break;
372 } 361 }
373 362
374 /* send AUTH LOGIN */ 363 /* send AUTH LOGIN */
375 my_send(SMTP_AUTH_LOGIN, strlen(SMTP_AUTH_LOGIN)); 364 my_send(config, SMTP_AUTH_LOGIN, strlen(SMTP_AUTH_LOGIN), socket_descriptor, ssl_established);
376 if (verbose) 365 if (verbose) {
377 printf (_("sent %s\n"), "AUTH LOGIN"); 366 printf(_("sent %s\n"), "AUTH LOGIN");
367 }
378 368
379 if ((ret = recvlines(buffer, MAX_INPUT_BUFFER)) <= 0) { 369 if ((ret = recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established)) <= 0) {
380 xasprintf(&error_msg, _("recv() failed after AUTH LOGIN, ")); 370 xasprintf(&error_msg, _("recv() failed after AUTH LOGIN, "));
381 result = STATE_WARNING; 371 result = STATE_WARNING;
382 break; 372 break;
383 } 373 }
384 if (verbose) 374 if (verbose) {
385 printf (_("received %s\n"), buffer); 375 printf(_("received %s\n"), buffer);
376 }
386 377
387 if (strncmp (buffer, "334", 3) != 0) { 378 if (strncmp(buffer, "334", 3) != 0) {
388 result = STATE_CRITICAL; 379 result = STATE_CRITICAL;
389 xasprintf(&error_msg, _("invalid response received after AUTH LOGIN, ")); 380 xasprintf(&error_msg, _("invalid response received after AUTH LOGIN, "));
390 break; 381 break;
391 } 382 }
392 383
393 /* encode authuser with base64 */ 384 /* encode authuser with base64 */
394 base64_encode_alloc (authuser, strlen(authuser), &abuf); 385 base64_encode_alloc(config.authuser, strlen(config.authuser), &abuf);
395 xasprintf(&abuf, "%s\r\n", abuf); 386 xasprintf(&abuf, "%s\r\n", abuf);
396 my_send(abuf, strlen(abuf)); 387 my_send(config, abuf, (int)strlen(abuf), socket_descriptor, ssl_established);
397 if (verbose) 388 if (verbose) {
398 printf (_("sent %s\n"), abuf); 389 printf(_("sent %s\n"), abuf);
390 }
399 391
400 if ((ret = recvlines(buffer, MAX_INPUT_BUFFER)) <= 0) { 392 if ((ret = recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established)) <= 0) {
401 result = STATE_CRITICAL; 393 result = STATE_CRITICAL;
402 xasprintf(&error_msg, _("recv() failed after sending authuser, ")); 394 xasprintf(&error_msg, _("recv() failed after sending authuser, "));
403 break; 395 break;
404 } 396 }
405 if (verbose) { 397 if (verbose) {
406 printf (_("received %s\n"), buffer); 398 printf(_("received %s\n"), buffer);
407 } 399 }
408 if (strncmp (buffer, "334", 3) != 0) { 400 if (strncmp(buffer, "334", 3) != 0) {
409 result = STATE_CRITICAL; 401 result = STATE_CRITICAL;
410 xasprintf(&error_msg, _("invalid response received after authuser, ")); 402 xasprintf(&error_msg, _("invalid response received after authuser, "));
411 break; 403 break;
412 } 404 }
413 /* encode authpass with base64 */ 405 /* encode authpass with base64 */
414 base64_encode_alloc (authpass, strlen(authpass), &abuf); 406 base64_encode_alloc(config.authpass, strlen(config.authpass), &abuf);
415 xasprintf(&abuf, "%s\r\n", abuf); 407 xasprintf(&abuf, "%s\r\n", abuf);
416 my_send(abuf, strlen(abuf)); 408 my_send(config, abuf, (int)strlen(abuf), socket_descriptor, ssl_established);
417 if (verbose) { 409 if (verbose) {
418 printf (_("sent %s\n"), abuf); 410 printf(_("sent %s\n"), abuf);
419 } 411 }
420 if ((ret = recvlines(buffer, MAX_INPUT_BUFFER)) <= 0) { 412 if ((ret = recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established)) <= 0) {
421 result = STATE_CRITICAL; 413 result = STATE_CRITICAL;
422 xasprintf(&error_msg, _("recv() failed after sending authpass, ")); 414 xasprintf(&error_msg, _("recv() failed after sending authpass, "));
423 break; 415 break;
424 } 416 }
425 if (verbose) { 417 if (verbose) {
426 printf (_("received %s\n"), buffer); 418 printf(_("received %s\n"), buffer);
427 } 419 }
428 if (strncmp (buffer, "235", 3) != 0) { 420 if (strncmp(buffer, "235", 3) != 0) {
429 result = STATE_CRITICAL; 421 result = STATE_CRITICAL;
430 xasprintf(&error_msg, _("invalid response received after authpass, ")); 422 xasprintf(&error_msg, _("invalid response received after authpass, "));
431 break; 423 break;
432 } 424 }
433 break; 425 break;
434 } while (0); 426 } while (false);
435 } else { 427 } else {
436 result = STATE_CRITICAL; 428 result = STATE_CRITICAL;
437 xasprintf(&error_msg, _("only authtype LOGIN is supported, ")); 429 xasprintf(&error_msg, _("only authtype LOGIN is supported, "));
@@ -439,243 +431,243 @@ main (int argc, char **argv)
439 } 431 }
440 432
441 /* tell the server we're done */ 433 /* tell the server we're done */
442 smtp_quit(); 434 smtp_quit(config, buffer, socket_descriptor, ssl_established);
443 435
444 /* finally close the connection */ 436 /* finally close the connection */
445 close (sd); 437 close(socket_descriptor);
446 } 438 }
447 439
448 /* reset the alarm */ 440 /* reset the alarm */
449 alarm (0); 441 alarm(0);
450 442
451 microsec = deltime (tv); 443 long microsec = deltime(start_time);
452 elapsed_time = (double)microsec / 1.0e6; 444 double elapsed_time = (double)microsec / 1.0e6;
453 445
454 if (result == STATE_OK) { 446 if (result == STATE_OK) {
455 if (check_critical_time && elapsed_time > critical_time) 447 if (config.check_critical_time && elapsed_time > config.critical_time) {
456 result = STATE_CRITICAL; 448 result = STATE_CRITICAL;
457 else if (check_warning_time && elapsed_time > warning_time) 449 } else if (config.check_warning_time && elapsed_time > config.warning_time) {
458 result = STATE_WARNING; 450 result = STATE_WARNING;
451 }
459 } 452 }
460 453
461 printf (_("SMTP %s - %s%.3f sec. response time%s%s|%s\n"), 454 printf(_("SMTP %s - %s%.3f sec. response time%s%s|%s\n"), state_text(result), error_msg, elapsed_time, verbose ? ", " : "",
462 state_text (result), 455 verbose ? buffer : "",
463 error_msg, 456 fperfdata("time", elapsed_time, "s", config.check_warning_time, config.warning_time, config.check_critical_time,
464 elapsed_time, 457 config.critical_time, true, 0, false, 0));
465 verbose?", ":"", verbose?buffer:"",
466 fperfdata ("time", elapsed_time, "s",
467 (int)check_warning_time, warning_time,
468 (int)check_critical_time, critical_time,
469 true, 0, false, 0));
470 458
471 return result; 459 exit(result);
472} 460}
473 461
474
475
476/* process command-line arguments */ 462/* process command-line arguments */
477int 463check_smtp_config_wrapper process_arguments(int argc, char **argv) {
478process_arguments (int argc, char **argv)
479{
480 int c;
481 char* temp;
482
483 bool implicit_tls = false;
484
485 enum { 464 enum {
486 SNI_OPTION 465 SNI_OPTION = CHAR_MAX + 1
487 }; 466 };
488 467
489 int option = 0; 468 int option = 0;
490 static struct option longopts[] = { 469 static struct option longopts[] = {{"hostname", required_argument, 0, 'H'},
491 {"hostname", required_argument, 0, 'H'}, 470 {"expect", required_argument, 0, 'e'},
492 {"expect", required_argument, 0, 'e'}, 471 {"critical", required_argument, 0, 'c'},
493 {"critical", required_argument, 0, 'c'}, 472 {"warning", required_argument, 0, 'w'},
494 {"warning", required_argument, 0, 'w'}, 473 {"timeout", required_argument, 0, 't'},
495 {"timeout", required_argument, 0, 't'}, 474 {"port", required_argument, 0, 'p'},
496 {"port", required_argument, 0, 'p'}, 475 {"from", required_argument, 0, 'f'},
497 {"from", required_argument, 0, 'f'}, 476 {"fqdn", required_argument, 0, 'F'},
498 {"fqdn", required_argument, 0, 'F'}, 477 {"authtype", required_argument, 0, 'A'},
499 {"authtype", required_argument, 0, 'A'}, 478 {"authuser", required_argument, 0, 'U'},
500 {"authuser", required_argument, 0, 'U'}, 479 {"authpass", required_argument, 0, 'P'},
501 {"authpass", required_argument, 0, 'P'}, 480 {"command", required_argument, 0, 'C'},
502 {"command", required_argument, 0, 'C'}, 481 {"response", required_argument, 0, 'R'},
503 {"response", required_argument, 0, 'R'}, 482 {"verbose", no_argument, 0, 'v'},
504 {"verbose", no_argument, 0, 'v'}, 483 {"version", no_argument, 0, 'V'},
505 {"version", no_argument, 0, 'V'}, 484 {"use-ipv4", no_argument, 0, '4'},
506 {"use-ipv4", no_argument, 0, '4'}, 485 {"use-ipv6", no_argument, 0, '6'},
507 {"use-ipv6", no_argument, 0, '6'}, 486 {"help", no_argument, 0, 'h'},
508 {"help", no_argument, 0, 'h'}, 487 {"lmtp", no_argument, 0, 'L'},
509 {"lmtp", no_argument, 0, 'L'}, 488 {"ssl", no_argument, 0, 's'},
510 {"ssl", no_argument, 0, 's'}, 489 {"tls", no_argument, 0, 's'},
511 {"tls", no_argument, 0, 's'}, 490 {"starttls", no_argument, 0, 'S'},
512 {"starttls",no_argument,0,'S'}, 491 {"sni", no_argument, 0, SNI_OPTION},
513 {"sni", no_argument, 0, SNI_OPTION}, 492 {"certificate", required_argument, 0, 'D'},
514 {"certificate",required_argument,0,'D'}, 493 {"ignore-quit-failure", no_argument, 0, 'q'},
515 {"ignore-quit-failure",no_argument,0,'q'}, 494 {"proxy", no_argument, 0, 'r'},
516 {"proxy",no_argument,0,'r'}, 495 {0, 0, 0, 0}};
517 {0, 0, 0, 0} 496
497 check_smtp_config_wrapper result = {
498 .config = check_smtp_config_init(),
499 .errorcode = OK,
518 }; 500 };
519 501
520 if (argc < 2) 502 if (argc < 2) {
521 return ERROR; 503 result.errorcode = ERROR;
504 return result;
505 }
522 506
523 for (c = 1; c < argc; c++) { 507 for (int index = 1; index < argc; index++) {
524 if (strcmp ("-to", argv[c]) == 0) 508 if (strcmp("-to", argv[index]) == 0) {
525 strcpy (argv[c], "-t"); 509 strcpy(argv[index], "-t");
526 else if (strcmp ("-wt", argv[c]) == 0) 510 } else if (strcmp("-wt", argv[index]) == 0) {
527 strcpy (argv[c], "-w"); 511 strcpy(argv[index], "-w");
528 else if (strcmp ("-ct", argv[c]) == 0) 512 } else if (strcmp("-ct", argv[index]) == 0) {
529 strcpy (argv[c], "-c"); 513 strcpy(argv[index], "-c");
514 }
530 } 515 }
531 516
532 while (1) { 517 int command_size = 0;
533 c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q", 518 int response_size = 0;
534 longopts, &option); 519 bool implicit_tls = false;
520 int server_port_option = 0;
521 while (true) {
522 int opt_index = getopt_long(argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q", longopts, &option);
535 523
536 if (c == -1 || c == EOF) 524 if (opt_index == -1 || opt_index == EOF) {
537 break; 525 break;
526 }
538 527
539 switch (c) { 528 switch (opt_index) {
540 case 'H': /* hostname */ 529 case 'H': /* hostname */
541 if (is_host (optarg)) { 530 if (is_host(optarg)) {
542 server_address = optarg; 531 result.config.server_address = optarg;
543 } 532 } else {
544 else { 533 usage2(_("Invalid hostname/address"), optarg);
545 usage2 (_("Invalid hostname/address"), optarg);
546 } 534 }
547 break; 535 break;
548 case 'p': /* port */ 536 case 'p': /* port */
549 if (is_intpos (optarg)) 537 if (is_intpos(optarg)) {
550 server_port_option = atoi (optarg); 538 server_port_option = atoi(optarg);
551 else 539 } else {
552 usage4 (_("Port must be a positive integer")); 540 usage4(_("Port must be a positive integer"));
541 }
553 break; 542 break;
554 case 'F': 543 case 'F':
555 /* localhostname */ 544 /* localhostname */
556 localhostname = strdup(optarg); 545 result.config.localhostname = strdup(optarg);
557 break; 546 break;
558 case 'f': /* from argument */ 547 case 'f': /* from argument */
559 from_arg = optarg + strspn(optarg, "<"); 548 result.config.from_arg = optarg + strspn(optarg, "<");
560 from_arg = strndup(from_arg, strcspn(from_arg, ">")); 549 result.config.from_arg = strndup(result.config.from_arg, strcspn(result.config.from_arg, ">"));
561 send_mail_from = 1; 550 result.config.send_mail_from = true;
562 break; 551 break;
563 case 'A': 552 case 'A':
564 authtype = optarg; 553 result.config.authtype = optarg;
565 use_ehlo = true; 554 result.config.use_ehlo = true;
566 break; 555 break;
567 case 'U': 556 case 'U':
568 authuser = optarg; 557 result.config.authuser = optarg;
569 break; 558 break;
570 case 'P': 559 case 'P':
571 authpass = optarg; 560 result.config.authpass = optarg;
572 break; 561 break;
573 case 'e': /* server expect string on 220 */ 562 case 'e': /* server expect string on 220 */
574 server_expect = optarg; 563 result.config.server_expect = optarg;
575 break; 564 break;
576 case 'C': /* commands */ 565 case 'C': /* commands */
577 if (ncommands >= command_size) { 566 if (result.config.ncommands >= command_size) {
578 command_size+=8; 567 command_size += 8;
579 commands = realloc (commands, sizeof(char *) * command_size); 568 result.config.commands = realloc(result.config.commands, sizeof(char *) * command_size);
580 if (commands == NULL) 569 if (result.config.commands == NULL) {
581 die (STATE_UNKNOWN, 570 die(STATE_UNKNOWN, _("Could not realloc() units [%d]\n"), result.config.ncommands);
582 _("Could not realloc() units [%d]\n"), ncommands); 571 }
583 } 572 }
584 commands[ncommands] = (char *) malloc (sizeof(char) * 255); 573 result.config.commands[result.config.ncommands] = (char *)malloc(sizeof(char) * 255);
585 strncpy (commands[ncommands], optarg, 255); 574 strncpy(result.config.commands[result.config.ncommands], optarg, 255);
586 ncommands++; 575 result.config.ncommands++;
587 break; 576 break;
588 case 'R': /* server responses */ 577 case 'R': /* server responses */
589 if (nresponses >= response_size) { 578 if (result.config.nresponses >= response_size) {
590 response_size += 8; 579 response_size += 8;
591 responses = realloc (responses, sizeof(char *) * response_size); 580 result.config.responses = realloc(result.config.responses, sizeof(char *) * response_size);
592 if (responses == NULL) 581 if (result.config.responses == NULL) {
593 die (STATE_UNKNOWN, 582 die(STATE_UNKNOWN, _("Could not realloc() units [%d]\n"), result.config.nresponses);
594 _("Could not realloc() units [%d]\n"), nresponses); 583 }
595 } 584 }
596 responses[nresponses] = (char *) malloc (sizeof(char) * 255); 585 result.config.responses[result.config.nresponses] = (char *)malloc(sizeof(char) * 255);
597 strncpy (responses[nresponses], optarg, 255); 586 strncpy(result.config.responses[result.config.nresponses], optarg, 255);
598 nresponses++; 587 result.config.nresponses++;
599 break; 588 break;
600 case 'c': /* critical time threshold */ 589 case 'c': /* critical time threshold */
601 if (!is_nonnegative (optarg)) 590 if (!is_nonnegative(optarg)) {
602 usage4 (_("Critical time must be a positive")); 591 usage4(_("Critical time must be a positive"));
603 else { 592 } else {
604 critical_time = strtod (optarg, NULL); 593 result.config.critical_time = strtod(optarg, NULL);
605 check_critical_time = true; 594 result.config.check_critical_time = true;
606 } 595 }
607 break; 596 break;
608 case 'w': /* warning time threshold */ 597 case 'w': /* warning time threshold */
609 if (!is_nonnegative (optarg)) 598 if (!is_nonnegative(optarg)) {
610 usage4 (_("Warning time must be a positive")); 599 usage4(_("Warning time must be a positive"));
611 else { 600 } else {
612 warning_time = strtod (optarg, NULL); 601 result.config.warning_time = strtod(optarg, NULL);
613 check_warning_time = true; 602 result.config.check_warning_time = true;
614 } 603 }
615 break; 604 break;
616 case 'v': /* verbose */ 605 case 'v': /* verbose */
617 verbose++; 606 verbose++;
618 break; 607 break;
619 case 'q': 608 case 'q':
620 ignore_send_quit_failure = true; /* ignore problem sending QUIT */ 609 result.config.ignore_send_quit_failure = true; /* ignore problem sending QUIT */
621 break; 610 break;
622 case 't': /* timeout */ 611 case 't': /* timeout */
623 if (is_intnonneg (optarg)) { 612 if (is_intnonneg(optarg)) {
624 socket_timeout = atoi (optarg); 613 socket_timeout = atoi(optarg);
625 } 614 } else {
626 else { 615 usage4(_("Timeout interval must be a positive integer"));
627 usage4 (_("Timeout interval must be a positive integer"));
628 } 616 }
629 break; 617 break;
630 case 'D': 618 case 'D': {
631 /* Check SSL cert validity */ 619 /* Check SSL cert validity */
632#ifdef USE_OPENSSL 620#ifdef USE_OPENSSL
633 if ((temp=strchr(optarg,','))!=NULL) { 621 char *temp;
634 *temp='\0'; 622 if ((temp = strchr(optarg, ',')) != NULL) {
635 if (!is_intnonneg (optarg)) 623 *temp = '\0';
636 usage2 ("Invalid certificate expiration period", optarg); 624 if (!is_intnonneg(optarg)) {
637 days_till_exp_warn = atoi(optarg); 625 usage2("Invalid certificate expiration period", optarg);
638 *temp=','; 626 }
639 temp++; 627 result.config.days_till_exp_warn = atoi(optarg);
640 if (!is_intnonneg (temp)) 628 *temp = ',';
641 usage2 (_("Invalid certificate expiration period"), temp); 629 temp++;
642 days_till_exp_crit = atoi (temp); 630 if (!is_intnonneg(temp)) {
643 } 631 usage2(_("Invalid certificate expiration period"), temp);
644 else { 632 }
645 days_till_exp_crit=0; 633 result.config.days_till_exp_crit = atoi(temp);
646 if (!is_intnonneg (optarg)) 634 } else {
647 usage2 ("Invalid certificate expiration period", optarg); 635 result.config.days_till_exp_crit = 0;
648 days_till_exp_warn = atoi (optarg); 636 if (!is_intnonneg(optarg)) {
649 } 637 usage2("Invalid certificate expiration period", optarg);
650 check_cert = true; 638 }
651 ignore_send_quit_failure = true; 639 result.config.days_till_exp_warn = atoi(optarg);
640 }
641 result.config.check_cert = true;
642 result.config.ignore_send_quit_failure = true;
652#else 643#else
653 usage (_("SSL support not available - install OpenSSL and recompile")); 644 usage(_("SSL support not available - install OpenSSL and recompile"));
654#endif 645#endif
655 implicit_tls = true; 646 implicit_tls = true;
656 // fallthrough 647 // fallthrough
657 case 's': 648 case 's':
658 /* ssl */ 649 /* ssl */
659 use_ssl = true; 650 result.config.use_ssl = true;
660 server_port = SMTPS_PORT; 651 result.config.server_port = SMTPS_PORT;
661 break; 652 break;
662 case 'S': 653 case 'S':
663 /* starttls */ 654 /* starttls */
664 use_starttls = true; 655 result.config.use_starttls = true;
665 use_ehlo = true; 656 result.config.use_ehlo = true;
666 break; 657 break;
658 }
667 case SNI_OPTION: 659 case SNI_OPTION:
668#ifdef HAVE_SSL 660#ifdef HAVE_SSL
669 use_sni = true; 661 result.config.use_sni = true;
670#else 662#else
671 usage (_("SSL support not available - install OpenSSL and recompile")); 663 usage(_("SSL support not available - install OpenSSL and recompile"));
672#endif 664#endif
673 break; 665 break;
674 case 'r': 666 case 'r':
675 use_proxy_prefix = true; 667 result.config.use_proxy_prefix = true;
676 break; 668 break;
677 case 'L': 669 case 'L':
678 use_lhlo = true; 670 result.config.use_lhlo = true;
679 break; 671 break;
680 case '4': 672 case '4':
681 address_family = AF_INET; 673 address_family = AF_INET;
@@ -684,102 +676,79 @@ process_arguments (int argc, char **argv)
684#ifdef USE_IPV6 676#ifdef USE_IPV6
685 address_family = AF_INET6; 677 address_family = AF_INET6;
686#else 678#else
687 usage4 (_("IPv6 support not available")); 679 usage4(_("IPv6 support not available"));
688#endif 680#endif
689 break; 681 break;
690 case 'V': /* version */ 682 case 'V': /* version */
691 print_revision (progname, NP_VERSION); 683 print_revision(progname, NP_VERSION);
692 exit (STATE_UNKNOWN); 684 exit(STATE_UNKNOWN);
693 case 'h': /* help */ 685 case 'h': /* help */
694 print_help (); 686 print_help();
695 exit (STATE_UNKNOWN); 687 exit(STATE_UNKNOWN);
696 case '?': /* help */ 688 case '?': /* help */
697 usage5 (); 689 usage5();
698 } 690 }
699 } 691 }
700 692
701 c = optind; 693 int c = optind;
702 if (server_address == NULL) { 694 if (result.config.server_address == NULL) {
703 if (argv[c]) { 695 if (argv[c]) {
704 if (is_host (argv[c])) 696 if (is_host(argv[c])) {
705 server_address = argv[c]; 697 result.config.server_address = argv[c];
706 else 698 } else {
707 usage2 (_("Invalid hostname/address"), argv[c]); 699 usage2(_("Invalid hostname/address"), argv[c]);
708 } 700 }
709 else { 701 } else {
710 xasprintf (&server_address, "127.0.0.1"); 702 result.config.server_address = strdup("localhost");
711 } 703 }
712 } 704 }
713 705
714 if (server_expect == NULL) 706 if (result.config.use_starttls && result.config.use_ssl) {
715 server_expect = strdup (SMTP_EXPECT);
716
717 if (mail_command == NULL)
718 mail_command = strdup("MAIL ");
719
720 if (from_arg==NULL)
721 from_arg = strdup(" ");
722
723 if (use_starttls && use_ssl) {
724 if (implicit_tls) { 707 if (implicit_tls) {
725 use_ssl = false; 708 result.config.use_ssl = false;
726 server_port = SMTP_PORT;
727 } else { 709 } else {
728 usage4 (_("Set either -s/--ssl/--tls or -S/--starttls")); 710 usage4(_("Set either -s/--ssl/--tls or -S/--starttls"));
729 } 711 }
730 } 712 }
731 713
732 if (server_port_option != 0) { 714 if (server_port_option != 0) {
733 server_port = server_port_option; 715 result.config.server_port = server_port_option;
734 } 716 }
735 717
736 return validate_arguments (); 718 return result;
737}
738
739
740
741int
742validate_arguments (void)
743{
744 return OK;
745} 719}
746 720
747 721char *smtp_quit(check_smtp_config config, char buffer[MAX_INPUT_BUFFER], int socket_descriptor, bool ssl_established) {
748void 722 int sent_bytes = my_send(config, SMTP_QUIT, strlen(SMTP_QUIT), socket_descriptor, ssl_established);
749smtp_quit(void) 723 if (sent_bytes < 0) {
750{ 724 if (config.ignore_send_quit_failure) {
751 int bytes; 725 if (verbose) {
752 int n;
753
754 n = my_send(SMTP_QUIT, strlen(SMTP_QUIT));
755 if(n < 0) {
756 if(ignore_send_quit_failure) {
757 if(verbose) {
758 printf(_("Connection closed by server before sending QUIT command\n")); 726 printf(_("Connection closed by server before sending QUIT command\n"));
759 } 727 }
760 return; 728 return buffer;
761 } 729 }
762 die (STATE_UNKNOWN, 730 die(STATE_UNKNOWN, _("Connection closed by server before sending QUIT command\n"));
763 _("Connection closed by server before sending QUIT command\n"));
764 } 731 }
765 732
766 if (verbose) 733 if (verbose) {
767 printf(_("sent %s\n"), "QUIT"); 734 printf(_("sent %s\n"), "QUIT");
735 }
768 736
769 /* read the response but don't care about problems */ 737 /* read the response but don't care about problems */
770 bytes = recvlines(buffer, MAX_INPUT_BUFFER); 738 int bytes = recvlines(config, buffer, MAX_INPUT_BUFFER, socket_descriptor, ssl_established);
771 if (verbose) { 739 if (verbose) {
772 if (bytes < 0) 740 if (bytes < 0) {
773 printf(_("recv() failed after QUIT.")); 741 printf(_("recv() failed after QUIT."));
774 else if (bytes == 0) 742 } else if (bytes == 0) {
775 printf(_("Connection reset by peer.")); 743 printf(_("Connection reset by peer."));
776 else { 744 } else {
777 buffer[bytes] = '\0'; 745 buffer[bytes] = '\0';
778 printf(_("received %s\n"), buffer); 746 printf(_("received %s\n"), buffer);
779 } 747 }
780 } 748 }
781}
782 749
750 return buffer;
751}
783 752
784/* 753/*
785 * Receive one line, copy it into buf and nul-terminate it. Returns the 754 * Receive one line, copy it into buf and nul-terminate it. Returns the
@@ -790,24 +759,22 @@ smtp_quit(void)
790 * function which buffers the data, move that to netutils.c and change 759 * function which buffers the data, move that to netutils.c and change
791 * check_smtp and other plugins to use that. Also, remove (\r)\n. 760 * check_smtp and other plugins to use that. Also, remove (\r)\n.
792 */ 761 */
793int 762int recvline(char *buf, size_t bufsize, check_smtp_config config, int socket_descriptor, bool ssl_established) {
794recvline(char *buf, size_t bufsize)
795{
796 int result; 763 int result;
797 unsigned i; 764 int counter;
798 765
799 for (i = result = 0; i < bufsize - 1; i++) { 766 for (counter = result = 0; counter < bufsize - 1; counter++) {
800 if ((result = my_recv(&buf[i], 1)) != 1) 767 if ((result = my_recv(config, &buf[counter], 1, socket_descriptor, ssl_established)) != 1) {
801 break; 768 break;
802 if (buf[i] == '\n') { 769 }
803 buf[++i] = '\0'; 770 if (buf[counter] == '\n') {
804 return i; 771 buf[++counter] = '\0';
772 return counter;
805 } 773 }
806 } 774 }
807 return (result == 1 || i == 0) ? -2 : result; /* -2 if out of space */ 775 return (result == 1 || counter == 0) ? -2 : result; /* -2 if out of space */
808} 776}
809 777
810
811/* 778/*
812 * Receive one or more lines, copy them into buf and nul-terminate it. Returns 779 * Receive one or more lines, copy them into buf and nul-terminate it. Returns
813 * the number of bytes written to buf (excluding the '\0') or 0 on EOF or <0 on 780 * the number of bytes written to buf (excluding the '\0') or 0 on EOF or <0 on
@@ -822,117 +789,103 @@ recvline(char *buf, size_t bufsize)
822 * 789 *
823 * TODO: Move this to netutils.c. Also, remove \r and possibly the final \n. 790 * TODO: Move this to netutils.c. Also, remove \r and possibly the final \n.
824 */ 791 */
825int 792int recvlines(check_smtp_config config, char *buf, size_t bufsize, int socket_descriptor, bool ssl_established) {
826recvlines(char *buf, size_t bufsize) 793 int result;
827{ 794 int counter;
828 int result, i; 795
829 796 for (counter = 0; /* forever */; counter += result) {
830 for (i = 0; /* forever */; i += result) 797 if (!((result = recvline(buf + counter, bufsize - counter, config, socket_descriptor, ssl_established)) > 3 &&
831 if (!((result = recvline(buf + i, bufsize - i)) > 3 && 798 isdigit((int)buf[counter]) && isdigit((int)buf[counter + 1]) && isdigit((int)buf[counter + 2]) && buf[counter + 3] == '-')) {
832 isdigit((int)buf[i]) &&
833 isdigit((int)buf[i + 1]) &&
834 isdigit((int)buf[i + 2]) &&
835 buf[i + 3] == '-'))
836 break; 799 break;
800 }
801 }
837 802
838 return (result <= 0) ? result : result + i; 803 return (result <= 0) ? result : result + counter;
839} 804}
840 805
841 806int my_close(int socket_descriptor) {
842int
843my_close (void)
844{
845 int result; 807 int result;
846 result = close(sd); 808 result = close(socket_descriptor);
847#ifdef HAVE_SSL 809#ifdef HAVE_SSL
848 np_net_ssl_cleanup(); 810 np_net_ssl_cleanup();
849#endif 811#endif
850 return result; 812 return result;
851} 813}
852 814
853 815void print_help(void) {
854void
855print_help (void)
856{
857 char *myport; 816 char *myport;
858 xasprintf (&myport, "%d", SMTP_PORT); 817 xasprintf(&myport, "%d", SMTP_PORT);
859 818
860 print_revision (progname, NP_VERSION); 819 print_revision(progname, NP_VERSION);
861 820
862 printf ("Copyright (c) 1999-2001 Ethan Galstad <nagios@nagios.org>\n"); 821 printf("Copyright (c) 1999-2001 Ethan Galstad <nagios@nagios.org>\n");
863 printf (COPYRIGHT, copyright, email); 822 printf(COPYRIGHT, copyright, email);
864 823
865 printf("%s\n", _("This plugin will attempt to open an SMTP connection with the host.")); 824 printf("%s\n", _("This plugin will attempt to open an SMTP connection with the host."));
866 825
867 printf ("\n\n"); 826 printf("\n\n");
868 827
869 print_usage (); 828 print_usage();
870 829
871 printf (UT_HELP_VRSN); 830 printf(UT_HELP_VRSN);
872 printf (UT_EXTRA_OPTS); 831 printf(UT_EXTRA_OPTS);
873 832
874 printf (UT_HOST_PORT, 'p', myport); 833 printf(UT_HOST_PORT, 'p', myport);
875 834
876 printf (UT_IPv46); 835 printf(UT_IPv46);
877 836
878 printf (" %s\n", "-e, --expect=STRING"); 837 printf(" %s\n", "-e, --expect=STRING");
879 printf (_(" String to expect in first line of server response (default: '%s')\n"), SMTP_EXPECT); 838 printf(_(" String to expect in first line of server response (default: '%s')\n"), SMTP_EXPECT);
880 printf (" %s\n", "-C, --command=STRING"); 839 printf(" %s\n", "-C, --command=STRING");
881 printf (" %s\n", _("SMTP command (may be used repeatedly)")); 840 printf(" %s\n", _("SMTP command (may be used repeatedly)"));
882 printf (" %s\n", "-R, --response=STRING"); 841 printf(" %s\n", "-R, --response=STRING");
883 printf (" %s\n", _("Expected response to command (may be used repeatedly)")); 842 printf(" %s\n", _("Expected response to command (may be used repeatedly)"));
884 printf (" %s\n", "-f, --from=STRING"); 843 printf(" %s\n", "-f, --from=STRING");
885 printf (" %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")), 844 printf(" %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")), printf(" %s\n", "-F, --fqdn=STRING");
886 printf (" %s\n", "-F, --fqdn=STRING"); 845 printf(" %s\n", _("FQDN used for HELO"));
887 printf (" %s\n", _("FQDN used for HELO")); 846 printf(" %s\n", "-r, --proxy");
888 printf (" %s\n", "-r, --proxy"); 847 printf(" %s\n", _("Use PROXY protocol prefix for the connection."));
889 printf (" %s\n", _("Use PROXY protocol prefix for the connection."));
890#ifdef HAVE_SSL 848#ifdef HAVE_SSL
891 printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); 849 printf(" %s\n", "-D, --certificate=INTEGER[,INTEGER]");
892 printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); 850 printf(" %s\n", _("Minimum number of days a certificate has to be valid."));
893 printf (" %s\n", "-s, --ssl, --tls"); 851 printf(" %s\n", "-s, --ssl, --tls");
894 printf (" %s\n", _("Use SSL/TLS for the connection.")); 852 printf(" %s\n", _("Use SSL/TLS for the connection."));
895 printf (_(" Sets default port to %d.\n"), SMTPS_PORT); 853 printf(_(" Sets default port to %d.\n"), SMTPS_PORT);
896 printf (" %s\n", "-S, --starttls"); 854 printf(" %s\n", "-S, --starttls");
897 printf (" %s\n", _("Use STARTTLS for the connection.")); 855 printf(" %s\n", _("Use STARTTLS for the connection."));
898 printf (" %s\n", "--sni"); 856 printf(" %s\n", "--sni");
899 printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)")); 857 printf(" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
900#endif 858#endif
901 859
902 printf (" %s\n", "-A, --authtype=STRING"); 860 printf(" %s\n", "-A, --authtype=STRING");
903 printf (" %s\n", _("SMTP AUTH type to check (default none, only LOGIN supported)")); 861 printf(" %s\n", _("SMTP AUTH type to check (default none, only LOGIN supported)"));
904 printf (" %s\n", "-U, --authuser=STRING"); 862 printf(" %s\n", "-U, --authuser=STRING");
905 printf (" %s\n", _("SMTP AUTH username")); 863 printf(" %s\n", _("SMTP AUTH username"));
906 printf (" %s\n", "-P, --authpass=STRING"); 864 printf(" %s\n", "-P, --authpass=STRING");
907 printf (" %s\n", _("SMTP AUTH password")); 865 printf(" %s\n", _("SMTP AUTH password"));
908 printf (" %s\n", "-L, --lmtp"); 866 printf(" %s\n", "-L, --lmtp");
909 printf (" %s\n", _("Send LHLO instead of HELO/EHLO")); 867 printf(" %s\n", _("Send LHLO instead of HELO/EHLO"));
910 printf (" %s\n", "-q, --ignore-quit-failure"); 868 printf(" %s\n", "-q, --ignore-quit-failure");
911 printf (" %s\n", _("Ignore failure when sending QUIT command to server")); 869 printf(" %s\n", _("Ignore failure when sending QUIT command to server"));
912
913 printf (UT_WARN_CRIT);
914 870
915 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 871 printf(UT_WARN_CRIT);
916 872
917 printf (UT_VERBOSE); 873 printf(UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
874
875 printf(UT_VERBOSE);
918 876
919 printf("\n"); 877 printf("\n");
920 printf ("%s\n", _("Successful connects return STATE_OK, refusals and timeouts return")); 878 printf("%s\n", _("Successful connects return STATE_OK, refusals and timeouts return"));
921 printf ("%s\n", _("STATE_CRITICAL, other errors return STATE_UNKNOWN. Successful")); 879 printf("%s\n", _("STATE_CRITICAL, other errors return STATE_UNKNOWN. Successful"));
922 printf ("%s\n", _("connects, but incorrect response messages from the host result in")); 880 printf("%s\n", _("connects, but incorrect response messages from the host result in"));
923 printf ("%s\n", _("STATE_WARNING return values.")); 881 printf("%s\n", _("STATE_WARNING return values."));
924 882
925 printf (UT_SUPPORT); 883 printf(UT_SUPPORT);
926} 884}
927 885
928 886void print_usage(void) {
929 887 printf("%s\n", _("Usage:"));
930void 888 printf("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname);
931print_usage (void) 889 printf("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n");
932{ 890 printf("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [--sni] [-v] \n");
933 printf ("%s\n", _("Usage:"));
934 printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname);
935 printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n");
936 printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [--sni] [-v] \n");
937} 891}
938