blob: d40329a6b4283e2944ff48291c1a388b8a445c84 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
Index: check_smtp.c
===================================================================
RCS file: /cvsroot/nagiosplug/nagiosplug/plugins/check_smtp.c,v
retrieving revision 1.50
diff -u -r1.50 check_smtp.c
--- check_smtp.c 2 Nov 2005 08:47:26 -0000 1.50
+++ check_smtp.c 6 May 2006 01:41:30 -0000
@@ -270,6 +270,35 @@
} else {
ssl_established = 1;
}
+
+ /*
+ * Resend the EHLO command.
+ *
+ * RFC 3207 (4.2) says: ``The client MUST discard any knowledge
+ * obtained from the server, such as the list of SMTP service
+ * extensions, which was not obtained from the TLS negotiation
+ * itself. The client SHOULD send an EHLO command as the first
+ * command after a successful TLS negotiation.'' For this
+ * reason, some MTAs will not allow an AUTH LOGIN command before
+ * we resent EHLO via TLS.
+ */
+ if (my_send(helocmd, strlen(helocmd)) <= 0) {
+ printf(_("SMTP UNKNOWN - Cannot send EHLO command via TLS.\n"));
+ my_close();
+ return STATE_UNKNOWN;
+ }
+ if (verbose)
+ printf(_("sent %s"), helocmd);
+ if ((n = my_recv(buffer, MAX_INPUT_BUFFER - 1)) <= 0) {
+ printf(_("SMTP UNKNOWN - Cannot read EHLO response via TLS.\n"));
+ my_close();
+ return STATE_UNKNOWN;
+ }
+ if (verbose) {
+ buffer[n] = '\0';
+ printf("%s", buffer);
+ }
+
# ifdef USE_OPENSSL
if ( check_cert ) {
result = np_net_ssl_check_cert(days_till_exp);
|
