Module: monitoring-plugins
Branch: master
Commit: 252272344ea63a164eabc1631e9b77450d2b1c4b
Author: Arkadiusz MiĆkiewicz <ar...@maven.pl>
Committer: Franz Schwartau <fr...@electromail.org>
Date: Fri Aug 30 11:30:10 2019 +0200
URL:
https://www.monitoring-plugins.org/repositories/monitoring-plugins/commit/?id=2522723
Add support for SNI in check_smtp.
Add support for SSL/TLS hostname extension support (SNI) for check_smtp
plugin.
Backported from nagios-plugins:
https://github.com/nagios-plugins/nagios-plugins/commit/9f1628f4b5525335ce1d6e48e8ac8b07d0757f82
---
plugins/check_smtp.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 70191ad..c0ab838 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -103,6 +103,7 @@ double critical_time = 0;
int check_critical_time = FALSE;
int verbose = 0;
int use_ssl = FALSE;
+int use_sni = FALSE;
short use_proxy_prefix = FALSE;
short use_ehlo = FALSE;
short use_lhlo = FALSE;
@@ -234,7 +235,7 @@ main (int argc, char **argv)
smtp_quit();
return STATE_UNKNOWN;
}
- result = np_net_ssl_init(sd);
+ result = np_net_ssl_init_with_hostname(sd, (use_sni ?
server_address : NULL));
if(result != STATE_OK) {
printf (_("CRITICAL - Cannot create SSL context.\n"));
close(sd);
@@ -463,6 +464,10 @@ process_arguments (int argc, char **argv)
int c;
char* temp;
+ enum {
+ SNI_OPTION
+ };
+
int option = 0;
static struct option longopts[] = {
{"hostname", required_argument, 0, 'H'},
@@ -485,6 +490,7 @@ process_arguments (int argc, char **argv)
{"help", no_argument, 0, 'h'},
{"lmtp", no_argument, 0, 'L'},
{"starttls",no_argument,0,'S'},
+ {"sni", no_argument, 0, SNI_OPTION},
{"certificate",required_argument,0,'D'},
{"ignore-quit-failure",no_argument,0,'q'},
{"proxy",no_argument,0,'r'},
@@ -631,6 +637,13 @@ process_arguments (int argc, char **argv)
use_ssl = TRUE;
use_ehlo = TRUE;
break;
+ case SNI_OPTION:
+#ifdef HAVE_SSL
+ use_sni = TRUE;
+#else
+ usage (_("SSL support not available - install OpenSSL
and recompile"));
+#endif
+ break;
case 'r':
use_proxy_prefix = TRUE;
break;
@@ -839,6 +852,8 @@ print_help (void)
printf (" %s\n", _("Minimum number of days a certificate has to be
valid."));
printf (" %s\n", "-S, --starttls");
printf (" %s\n", _("Use STARTTLS for the connection."));
+ printf (" %s\n", "--sni");
+ printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
#endif
printf (" %s\n", "-A, --authtype=STRING");
@@ -875,6 +890,6 @@ print_usage (void)
printf ("%s\n", _("Usage:"));
printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response]
[-f from addr]\n", progname);
printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t
timeout] [-q]\n");
- printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert
expire]] [-r] [-v] \n");
+ printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert
expire]] [-r] [--sni] [-v] \n");
}
