Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
regarding -D and TLS
|
|
|
|
|
|
Otherwise -s/--ssl would overwrite a port given with -p if it comes
after it, e. g.
check_smtp -H mailhost.example.com -p 4465 --ssl
Found-By: Lorenz Kästle
|
|
This is an alias for -s/--ssl.
|
|
|
|
The port can still be set with -p.
|
|
This is commonly used on smtps (465) port.
PROXY protocol is not implemented with TLS in check_smtp.c, yet.
Backported from nagios-plugins:
https://github.com/nagios-plugins/nagios-plugins/commit/0a8cf08ebb0740aa55d6c60d3b79fcab282604fb
|
|
|
|
Add support for SSL/TLS hostname extension support (SNI) for check_smtp
plugin.
Backported from nagios-plugins:
https://github.com/nagios-plugins/nagios-plugins/commit/9f1628f4b5525335ce1d6e48e8ac8b07d0757f82
|
|
|
|
|
|
This enables checks of SMTP servers that expect the haproxy
PROXY protocol: -o smtpd_upstream_proxy_protocol=haproxy.
Backported from nagios-plugins:
https://github.com/nagios-plugins/nagios-plugins/commit/3246efe923b5482c5024c40e593ce942e628a3cb
|
|
|
|
|
|
|
|
When SSL is enabled, n is assigned the size of the server's second EHLO
response (I think in bytes), which will usually be significantly higher
than the command passed. As such, no commands are executed and no responses
are checked, which - silently - defeats the desired checks and results in a
success value.
|
|
|
|
check_smtp: extended support for expect option
|
|
* monitoring-plugins/pr/1443:
add openssl 1.1 support
|
|
The radcli library no longer offers the rc_get_ipaddr(),
rc_good_ipaddr(), and rc_own_ipaddress() functions.
|
|
changes:
- CRYPTO_lock detection replaced in configure.ac. We don't use that
function anywhere, so just replace it with the suggested one from
https://wiki.openssl.org/index.php/Library_Initialization#Autoconf
- OPENSSL_NO_SSL2 is no longer defined while ssl2 is not included.
Set it ourself using the suggested openssl 1.1 version check from
https://wiki.openssl.org/index.php/1.1_API_Changes#Backward_compatibility
- openssl 1.1 sends a sigpipe if the connection is still open when
calling SSL_shutdown(), so move the close before the shutdown.
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
expect option (-e) supported only first response, so checking for
any other response like 250-xxx would never match. This fix stores
return of relevant buffer
closes #1381
|
|
- currently STARTTLS check does not work with -e if there's text
like '220 hostname ESMTP*'. This is caused by SMTP answer from
host. Postfix answer: 220 2.0.0 Ready to start TLS, Exchange
2010: 220 2.0.0 SMTP server ready. This fix checks against 220
closes #1093
|
|
|
|
Don't forget to issue an SMTP QUIT command when the -D/--certificate
option is specified. This avoids undesired MTA log messages.
|
|
Signed-off-by: Sven Nierlein <sven@nierlein.de>
|
|
|
|
.c file changes for misleading timeout messages in help functions. Solution to pull request #1209 tracker by awiddersheim.
Files: plugins/check_apt.c, plugins/check_by_ssh.c, plugins/check_dbi.c, plugins/check_dig.c, plugins/check_disk.c, plugins/check_dns.c, plugins/check_game.c, plugins/check_http.c, plugins/check_ldap.c, plugins/check_ntp.c, plugins/check_ntp_peer.c, plugins/check_ntp_time.c, plugins/check_nwstat.c, plugins/check_overcr.c, plugins/check_pgsql.c, plugins/check_ping.c, plugins/check_procs.c, plugins/check_radius.c, plugins/check_real.c, plugins/check_smtp.c, plugins/check_snmp.c, plugins/check_ssh.c, plugins/check_tcp.c, plugins/check_time.c, plugins/check_ups.c, plugins/negate.c
|
|
|
|
This is an initial take at renaming the project to Monitoring Plugins.
It's not expected to be fully complete, and it is expected to break
things (The perl module for instance). More testing will be required
before this goes mainline.
|
|
Thanks to Roman Fiedler for reporting the issue and providing a fix
|
|
threshold data
|
|
A recent update removed the declarations for a couple variables in
check_smtp.c that are still being used, which caused a failure
in the compilation of check_smtp.c. This commit restores those variable
declarations so the check_smtp.c will again compile.
|
|
Earlier versions of check_smtp generated an (invalid) "MAIL FROM"
command without arguments by default. These days, a "MAIL FROM" command
is only sent if the --from option is specified.
This commit removes a comment which explains the old behaviour, and it
updates a variable name accordingly.
|
|
|
|
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
|
Fixes many instances of
warning: ignoring return value of 'asprintf', declared with attribute warn_unused_result [-Wunused-result]
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
|
Apparently some people used -f '<nagios@example.com>' to work around
the bug I just fixed in the MAIL FROM: command generation. Although
the resulting command wasn't RFC-compliant, it was working with some
MTAs, so let's continue to support this syntax now that we generate
RFC-compliant commands.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
|
Every version of the SMTP standard (from RFC 821 to the current RFC
5321) requires the address following MAIL FROM: to follow the colon
immediately (with no space) and to be surrounded by angle brackets.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
|
expiration checks of check_tcp, check_http, check_smtp
|
|
certificate errors (Opsview team)
|
|
Duncan Ferguson)
|
|
Abort immediately if we don't receive a server greeting or if the
greeting doesn't contain the "--expect"ed string (by default: "220")
instead of blindly sending the EHLO/HELO line.
Spotted by Daniel Piddock, see Debian bug report #611914.
|
|
|
|
|
|
|
|
Bug #2832884 reported problem with translations outputting pot file
headers. This is caused by "" matching the header of the translation
files.
This patch moves gettext macros inside utils macros and update some
french translations.
|
|
Check_smtp's help showed the -n/--nocommand options to not send an
SMTP command. This usage is covered by check_tcp and is thus not needed
in check_smtp.
|