1 /******************************************************************************
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License as published by
5 the Free Software Foundation; either version 2 of the License, or
6 (at your option) any later version.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program; if not, write to the Free Software
15 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
17 $Id$
19 ******************************************************************************/
21 const char *progname = "check_smtp";
22 const char *revision = "$Revision$";
23 const char *copyright = "2000-2004";
24 const char *email = "nagiosplug-devel@lists.sourceforge.net";
26 #include "common.h"
27 #include "netutils.h"
28 #include "utils.h"
30 #ifdef HAVE_SSL
31 int check_cert = FALSE;
32 int days_till_exp;
33 # define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len))
34 # define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0))
35 #else /* ifndef HAVE_SSL */
36 # define my_recv(buf, len) read(sd, buf, len)
37 # define my_send(buf, len) send(sd, buf, len, 0)
38 #endif
40 enum {
41 SMTP_PORT = 25
42 };
43 #define SMTP_EXPECT "220"
44 #define SMTP_HELO "HELO "
45 #define SMTP_EHLO "EHLO "
46 #define SMTP_QUIT "QUIT\r\n"
47 #define SMTP_STARTTLS "STARTTLS\r\n"
48 #define SMTP_AUTH_LOGIN "AUTH LOGIN\r\n"
50 #ifndef HOST_MAX_BYTES
51 #define HOST_MAX_BYTES 255
52 #endif
54 #define EHLO_SUPPORTS_STARTTLS 1
56 int process_arguments (int, char **);
57 int validate_arguments (void);
58 void print_help (void);
59 void print_usage (void);
60 int my_close(void);
62 #ifdef HAVE_REGEX_H
63 #include <regex.h>
64 char regex_expect[MAX_INPUT_BUFFER] = "";
65 regex_t preg;
66 regmatch_t pmatch[10];
67 char timestamp[20] = "";
68 char errbuf[MAX_INPUT_BUFFER];
69 int cflags = REG_EXTENDED | REG_NOSUB | REG_NEWLINE;
70 int eflags = 0;
71 int errcode, excode;
72 #endif
74 int server_port = SMTP_PORT;
75 char *server_address = NULL;
76 char *server_expect = NULL;
77 int smtp_use_dummycmd = 0;
78 char *mail_command = NULL;
79 char *from_arg = NULL;
80 int ncommands=0;
81 int command_size=0;
82 int nresponses=0;
83 int response_size=0;
84 char **commands = NULL;
85 char **responses = NULL;
86 char *authtype = NULL;
87 char *authuser = NULL;
88 char *authpass = NULL;
89 int warning_time = 0;
90 int check_warning_time = FALSE;
91 int critical_time = 0;
92 int check_critical_time = FALSE;
93 int verbose = 0;
94 int use_ssl = FALSE;
95 short use_ehlo = FALSE;
96 short ssl_established = 0;
97 char *localhostname = NULL;
98 int sd;
99 char buffer[MAX_INPUT_BUFFER];
100 enum {
101 TCP_PROTOCOL = 1,
102 UDP_PROTOCOL = 2,
103 MAXBUF = 1024
104 };
106 /* written by lauri alanko */
107 static char *
108 base64 (const char *bin, size_t len)
109 {
111 char *buf = (char *) malloc ((len + 2) / 3 * 4 + 1);
112 size_t i = 0, j = 0;
114 char BASE64_END = '=';
115 char base64_table[64];
116 strncpy (base64_table, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", 64);
118 while (j < len - 2) {
119 buf[i++] = base64_table[bin[j] >> 2];
120 buf[i++] = base64_table[((bin[j] & 3) << 4) | (bin[j + 1] >> 4)];
121 buf[i++] = base64_table[((bin[j + 1] & 15) << 2) | (bin[j + 2] >> 6)];
122 buf[i++] = base64_table[bin[j + 2] & 63];
123 j += 3;
124 }
126 switch (len - j) {
127 case 1:
128 buf[i++] = base64_table[bin[j] >> 2];
129 buf[i++] = base64_table[(bin[j] & 3) << 4];
130 buf[i++] = BASE64_END;
131 buf[i++] = BASE64_END;
132 break;
133 case 2:
134 buf[i++] = base64_table[bin[j] >> 2];
135 buf[i++] = base64_table[((bin[j] & 3) << 4) | (bin[j + 1] >> 4)];
136 buf[i++] = base64_table[(bin[j + 1] & 15) << 2];
137 buf[i++] = BASE64_END;
138 break;
139 case 0:
140 break;
141 }
143 buf[i] = '\0';
144 return buf;
145 }
147 int
148 main (int argc, char **argv)
149 {
150 short supports_tls=FALSE;
151 int n = 0;
152 double elapsed_time;
153 long microsec;
154 int result = STATE_UNKNOWN;
155 char *cmd_str = NULL;
156 char *helocmd = NULL;
157 char *error_msg = NULL;
158 struct timeval tv;
159 struct hostent *hp;
161 setlocale (LC_ALL, "");
162 bindtextdomain (PACKAGE, LOCALEDIR);
163 textdomain (PACKAGE);
165 if (process_arguments (argc, argv) == ERROR)
166 usage4 (_("Could not parse arguments"));
168 /* initialize the HELO command with the localhostname */
169 if(! localhostname){
170 localhostname = malloc (HOST_MAX_BYTES);
171 if(!localhostname){
172 printf(_("malloc() failed!\n"));
173 return STATE_CRITICAL;
174 }
175 if(gethostname(localhostname, HOST_MAX_BYTES)){
176 printf(_("gethostname() failed!\n"));
177 return STATE_CRITICAL;
178 }
179 hp = gethostbyname(localhostname);
180 if(!hp) helocmd = localhostname;
181 else helocmd = hp->h_name;
182 } else {
183 helocmd = localhostname;
184 }
185 if(use_ehlo)
186 asprintf (&helocmd, "%s%s%s", SMTP_EHLO, helocmd, "\r\n");
187 else
188 asprintf (&helocmd, "%s%s%s", SMTP_HELO, helocmd, "\r\n");
190 /* initialize the MAIL command with optional FROM command */
191 asprintf (&cmd_str, "%sFROM: %s%s", mail_command, from_arg, "\r\n");
193 if (verbose && smtp_use_dummycmd)
194 printf ("FROM CMD: %s", cmd_str);
196 /* initialize alarm signal handling */
197 (void) signal (SIGALRM, socket_timeout_alarm_handler);
199 /* set socket timeout */
200 (void) alarm (socket_timeout);
202 /* start timer */
203 gettimeofday (&tv, NULL);
205 /* try to connect to the host at the given port number */
206 result = my_tcp_connect (server_address, server_port, &sd);
208 if (result == STATE_OK) { /* we connected */
210 /* watch for the SMTP connection string and */
211 /* return a WARNING status if we couldn't read any data */
212 if (recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0) == -1) {
213 printf (_("recv() failed\n"));
214 result = STATE_WARNING;
215 }
216 else {
217 if (verbose)
218 printf ("%s", buffer);
219 /* strip the buffer of carriage returns */
220 strip (buffer);
221 /* make sure we find the response we are looking for */
222 if (!strstr (buffer, server_expect)) {
223 if (server_port == SMTP_PORT)
224 printf (_("Invalid SMTP response received from host\n"));
225 else
226 printf (_("Invalid SMTP response received from host on port %d\n"),
227 server_port);
228 result = STATE_WARNING;
229 }
230 }
232 /* send the HELO/EHLO command */
233 send(sd, helocmd, strlen(helocmd), 0);
235 /* allow for response to helo command to reach us */
236 if(read (sd, buffer, MAXBUF - 1) < 0){
237 printf (_("recv() failed\n"));
238 return STATE_WARNING;
239 } else if(use_ehlo){
240 buffer[MAXBUF-1]='\0';
241 if(strstr(buffer, "250 STARTTLS") != NULL ||
242 strstr(buffer, "250-STARTTLS") != NULL){
243 supports_tls=TRUE;
244 }
245 }
247 if(use_ssl && ! supports_tls){
248 printf(_("WARNING - TLS not supported by server\n"));
249 send (sd, SMTP_QUIT, strlen (SMTP_QUIT), 0);
250 return STATE_WARNING;
251 }
253 #ifdef HAVE_SSL
254 if(use_ssl) {
255 /* send the STARTTLS command */
256 send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0);
258 recv(sd,buffer, MAX_INPUT_BUFFER-1, 0); /* wait for it */
259 if (!strstr (buffer, server_expect)) {
260 printf (_("Server does not support STARTTLS\n"));
261 send (sd, SMTP_QUIT, strlen (SMTP_QUIT), 0);
262 return STATE_UNKNOWN;
263 }
264 result = np_net_ssl_init(sd);
265 if(result != STATE_OK) {
266 printf (_("CRITICAL - Cannot create SSL context.\n"));
267 np_net_ssl_cleanup();
268 close(sd);
269 return STATE_CRITICAL;
270 } else {
271 ssl_established = 1;
272 }
273 # ifdef USE_OPENSSL
274 if ( check_cert ) {
275 result = np_net_ssl_check_cert(days_till_exp);
276 if(result != STATE_OK){
277 printf (_("CRITICAL - Cannot retrieve server certificate.\n"));
278 }
279 my_close();
280 return result;
281 }
282 # endif /* USE_OPENSSL */
283 }
284 #endif
286 /* sendmail will syslog a "NOQUEUE" error if session does not attempt
287 * to do something useful. This can be prevented by giving a command
288 * even if syntax is illegal (MAIL requires a FROM:<...> argument)
289 *
290 * According to rfc821 you can include a null reversepath in the from command
291 * - but a log message is generated on the smtp server.
292 *
293 * You can disable sending mail_command with '--nocommand'
294 * Use the -f option to provide a FROM address
295 */
296 if (smtp_use_dummycmd) {
297 my_send(cmd_str, strlen(cmd_str));
298 my_recv(buffer, MAX_INPUT_BUFFER-1);
299 if (verbose)
300 printf("%s", buffer);
301 }
303 while (n < ncommands) {
304 asprintf (&cmd_str, "%s%s", commands[n], "\r\n");
305 my_send(cmd_str, strlen(cmd_str));
306 my_recv(buffer, MAX_INPUT_BUFFER-1);
307 if (verbose)
308 printf("%s", buffer);
309 strip (buffer);
310 if (n < nresponses) {
311 #ifdef HAVE_REGEX_H
312 cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE;
313 errcode = regcomp (&preg, responses[n], cflags);
314 if (errcode != 0) {
315 regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER);
316 printf (_("Could Not Compile Regular Expression"));
317 return ERROR;
318 }
319 excode = regexec (&preg, buffer, 10, pmatch, eflags);
320 if (excode == 0) {
321 result = STATE_OK;
322 }
323 else if (excode == REG_NOMATCH) {
324 result = STATE_WARNING;
325 printf (_("SMTP %s - Invalid response '%s' to command '%s'\n"), state_text (result), buffer, commands[n]);
326 }
327 else {
328 regerror (excode, &preg, errbuf, MAX_INPUT_BUFFER);
329 printf (_("Execute Error: %s\n"), errbuf);
330 result = STATE_UNKNOWN;
331 }
332 #else
333 if (strstr(buffer, responses[n])!=buffer) {
334 result = STATE_WARNING;
335 printf (_("SMTP %s - Invalid response '%s' to command '%s'\n"), state_text (result), buffer, commands[n]);
336 }
337 #endif
338 }
339 n++;
340 }
342 if (authtype != NULL) {
343 if (strcmp (authtype, "LOGIN") == 0) {
344 char *abuf;
345 int ret;
346 do {
347 if (authuser == NULL) {
348 result = STATE_CRITICAL;
349 error_msg = _("no authuser specified, ");
350 break;
351 }
352 if (authpass == NULL) {
353 result = STATE_CRITICAL;
354 error_msg = _("no authpass specified, ");
355 break;
356 }
358 /* send AUTH LOGIN */
359 my_send(SMTP_AUTH_LOGIN, strlen(SMTP_AUTH_LOGIN));
360 if (verbose)
361 printf (_("sent %s\n"), "AUTH LOGIN");
363 if((ret = my_recv(buffer, MAXBUF - 1)) < 0){
364 error_msg = _("recv() failed after AUTH LOGIN, \n");
365 result = STATE_WARNING;
366 break;
367 }
368 buffer[ret] = 0;
369 if (verbose)
370 printf (_("received %s\n"), buffer);
372 if (strncmp (buffer, "334", 3) != 0) {
373 result = STATE_CRITICAL;
374 error_msg = _("invalid response received after AUTH LOGIN, ");
375 break;
376 }
378 /* encode authuser with base64 */
379 abuf = base64 (authuser, strlen(authuser));
380 strcat (abuf, "\r\n");
381 my_send(abuf, strlen(abuf));
382 if (verbose)
383 printf (_("sent %s\n"), abuf);
385 if ((ret = my_recv(buffer, MAX_INPUT_BUFFER-1)) == -1) {
386 result = STATE_CRITICAL;
387 error_msg = _("recv() failed after sending authuser, ");
388 break;
389 }
390 buffer[ret] = 0;
391 if (verbose) {
392 printf (_("received %s\n"), buffer);
393 }
394 if (strncmp (buffer, "334", 3) != 0) {
395 result = STATE_CRITICAL;
396 error_msg = _("invalid response received after authuser, ");
397 break;
398 }
399 /* encode authpass with base64 */
400 abuf = base64 (authpass, strlen(authpass));
401 strcat (abuf, "\r\n");
402 my_send(abuf, strlen(abuf));
403 if (verbose) {
404 printf (_("sent %s\n"), abuf);
405 }
406 if ((ret = my_recv(buffer, MAX_INPUT_BUFFER-1)) == -1) {
407 result = STATE_CRITICAL;
408 error_msg = _("recv() failed after sending authpass, ");
409 break;
410 }
411 buffer[ret] = 0;
412 if (verbose) {
413 printf (_("received %s\n"), buffer);
414 }
415 if (strncmp (buffer, "235", 3) != 0) {
416 result = STATE_CRITICAL;
417 error_msg = _("invalid response received after authpass, ");
418 break;
419 }
420 break;
421 } while (0);
422 } else {
423 result = STATE_CRITICAL;
424 error_msg = _("only authtype LOGIN is supported, ");
425 }
426 }
428 /* tell the server we're done */
429 my_send (SMTP_QUIT, strlen (SMTP_QUIT));
431 /* finally close the connection */
432 close (sd);
433 }
435 /* reset the alarm */
436 alarm (0);
438 microsec = deltime (tv);
439 elapsed_time = (double)microsec / 1.0e6;
441 if (result == STATE_OK) {
442 if (check_critical_time && elapsed_time > (double) critical_time)
443 result = STATE_CRITICAL;
444 else if (check_warning_time && elapsed_time > (double) warning_time)
445 result = STATE_WARNING;
446 }
448 printf (_("SMTP %s - %s%.3f sec. response time%s%s|%s\n"),
449 state_text (result),
450 (error_msg == NULL ? "" : error_msg),
451 elapsed_time,
452 verbose?", ":"", verbose?buffer:"",
453 fperfdata ("time", elapsed_time, "s",
454 (int)check_warning_time, warning_time,
455 (int)check_critical_time, critical_time,
456 TRUE, 0, FALSE, 0));
458 return result;
459 }
463 /* process command-line arguments */
464 int
465 process_arguments (int argc, char **argv)
466 {
467 int c;
469 int option = 0;
470 static struct option longopts[] = {
471 {"hostname", required_argument, 0, 'H'},
472 {"expect", required_argument, 0, 'e'},
473 {"critical", required_argument, 0, 'c'},
474 {"warning", required_argument, 0, 'w'},
475 {"timeout", required_argument, 0, 't'},
476 {"port", required_argument, 0, 'p'},
477 {"from", required_argument, 0, 'f'},
478 {"fqdn", required_argument, 0, 'F'},
479 {"authtype", required_argument, 0, 'A'},
480 {"authuser", required_argument, 0, 'U'},
481 {"authpass", required_argument, 0, 'P'},
482 {"command", required_argument, 0, 'C'},
483 {"response", required_argument, 0, 'R'},
484 {"nocommand", required_argument, 0, 'n'},
485 {"verbose", no_argument, 0, 'v'},
486 {"version", no_argument, 0, 'V'},
487 {"use-ipv4", no_argument, 0, '4'},
488 {"use-ipv6", no_argument, 0, '6'},
489 {"help", no_argument, 0, 'h'},
490 {"starttls",no_argument,0,'S'},
491 {"certificate",required_argument,0,'D'},
492 {0, 0, 0, 0}
493 };
495 if (argc < 2)
496 return ERROR;
498 for (c = 1; c < argc; c++) {
499 if (strcmp ("-to", argv[c]) == 0)
500 strcpy (argv[c], "-t");
501 else if (strcmp ("-wt", argv[c]) == 0)
502 strcpy (argv[c], "-w");
503 else if (strcmp ("-ct", argv[c]) == 0)
504 strcpy (argv[c], "-c");
505 }
507 while (1) {
508 c = getopt_long (argc, argv, "+hVv46t:p:f:e:c:w:H:C:R:SD:F:A:U:P:",
509 longopts, &option);
511 if (c == -1 || c == EOF)
512 break;
514 switch (c) {
515 case 'H': /* hostname */
516 if (is_host (optarg)) {
517 server_address = optarg;
518 }
519 else {
520 usage2 (_("Invalid hostname/address"), optarg);
521 }
522 break;
523 case 'p': /* port */
524 if (is_intpos (optarg))
525 server_port = atoi (optarg);
526 else
527 usage4 (_("Port must be a positive integer"));
528 break;
529 case 'F':
530 /* localhostname */
531 localhostname = strdup(optarg);
532 break;
533 case 'f': /* from argument */
534 from_arg = optarg;
535 smtp_use_dummycmd = 1;
536 break;
537 case 'A':
538 authtype = optarg;
539 break;
540 case 'U':
541 authuser = optarg;
542 break;
543 case 'P':
544 authpass = optarg;
545 break;
546 case 'e': /* server expect string on 220 */
547 server_expect = optarg;
548 break;
549 case 'C': /* commands */
550 if (ncommands >= command_size) {
551 commands = realloc (commands, command_size+8);
552 if (commands == NULL)
553 die (STATE_UNKNOWN,
554 _("Could not realloc() units [%d]\n"), ncommands);
555 }
556 commands[ncommands] = optarg;
557 ncommands++;
558 break;
559 case 'R': /* server responses */
560 if (nresponses >= response_size) {
561 responses = realloc (responses, response_size+8);
562 if (responses == NULL)
563 die (STATE_UNKNOWN,
564 _("Could not realloc() units [%d]\n"), nresponses);
565 }
566 responses[nresponses] = optarg;
567 nresponses++;
568 break;
569 case 'c': /* critical time threshold */
570 if (is_intnonneg (optarg)) {
571 critical_time = atoi (optarg);
572 check_critical_time = TRUE;
573 }
574 else {
575 usage4 (_("Critical time must be a positive integer"));
576 }
577 break;
578 case 'w': /* warning time threshold */
579 if (is_intnonneg (optarg)) {
580 warning_time = atoi (optarg);
581 check_warning_time = TRUE;
582 }
583 else {
584 usage4 (_("Warning time must be a positive integer"));
585 }
586 break;
587 case 'v': /* verbose */
588 verbose++;
589 break;
590 case 't': /* timeout */
591 if (is_intnonneg (optarg)) {
592 socket_timeout = atoi (optarg);
593 }
594 else {
595 usage4 (_("Timeout interval must be a positive integer"));
596 }
597 break;
598 case 'S':
599 /* starttls */
600 use_ssl = TRUE;
601 use_ehlo = TRUE;
602 break;
603 case 'D':
604 /* Check SSL cert validity */
605 #ifdef USE_OPENSSL
606 if (!is_intnonneg (optarg))
607 usage2 ("Invalid certificate expiration period",optarg);
608 days_till_exp = atoi (optarg);
609 check_cert = TRUE;
610 #else
611 usage (_("SSL support not available - install OpenSSL and recompile"));
612 #endif
613 break;
614 case '4':
615 address_family = AF_INET;
616 break;
617 case '6':
618 #ifdef USE_IPV6
619 address_family = AF_INET6;
620 #else
621 usage4 (_("IPv6 support not available"));
622 #endif
623 break;
624 case 'V': /* version */
625 print_revision (progname, revision);
626 exit (STATE_OK);
627 case 'h': /* help */
628 print_help ();
629 exit (STATE_OK);
630 case '?': /* help */
631 usage2 (_("Unknown argument"), optarg);
632 }
633 }
635 c = optind;
636 if (server_address == NULL) {
637 if (argv[c]) {
638 if (is_host (argv[c]))
639 server_address = argv[c];
640 else
641 usage2 (_("Invalid hostname/address"), argv[c]);
642 }
643 else {
644 asprintf (&server_address, "127.0.0.1");
645 }
646 }
648 if (server_expect == NULL)
649 server_expect = strdup (SMTP_EXPECT);
651 if (mail_command == NULL)
652 mail_command = strdup("MAIL ");
654 if (from_arg==NULL)
655 from_arg = strdup(" ");
657 return validate_arguments ();
658 }
662 int
663 validate_arguments (void)
664 {
665 return OK;
666 }
670 void
671 print_help (void)
672 {
673 char *myport;
674 asprintf (&myport, "%d", SMTP_PORT);
676 print_revision (progname, revision);
678 printf ("Copyright (c) 1999-2001 Ethan Galstad <nagios@nagios.org>\n");
679 printf (COPYRIGHT, copyright, email);
681 printf(_("This plugin will attempt to open an SMTP connection with the host.\n\n"));
683 print_usage ();
685 printf (_(UT_HELP_VRSN));
687 printf (_(UT_HOST_PORT), 'p', myport);
689 printf (_(UT_IPv46));
691 printf (_("\
692 -e, --expect=STRING\n\
693 String to expect in first line of server response (default: '%s')\n\
694 -n, nocommand\n\
695 Suppress SMTP command\n\
696 -C, --command=STRING\n\
697 SMTP command (may be used repeatedly)\n\
698 -R, --command=STRING\n\
699 Expected response to command (may be used repeatedly)\n\
700 -f, --from=STRING\n\
701 FROM-address to include in MAIL command, required by Exchange 2000\n"),
702 SMTP_EXPECT);
703 #ifdef HAVE_SSL
704 printf (_("\
705 -D, --certificate=INTEGER\n\
706 Minimum number of days a certificate has to be valid.\n\
707 -S, --starttls\n\
708 Use STARTTLS for the connection.\n"));
709 #endif
711 printf("\
712 -A, --authtype=STRING\n\
713 SMTP AUTH type to check (default none, only LOGIN supported)\n\
714 -U, --authuser=STRING\n\
715 SMTP AUTH username\n\
716 -P, --authpass=STRING\n\
717 SMTP AUTH password\n\
718 ");
720 printf (_(UT_WARN_CRIT));
722 printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT);
724 printf (_(UT_VERBOSE));
726 printf(_("\n\
727 Successul connects return STATE_OK, refusals and timeouts return\n\
728 STATE_CRITICAL, other errors return STATE_UNKNOWN. Successful\n\
729 connects, but incorrect reponse messages from the host result in\n\
730 STATE_WARNING return values.\n"));
732 printf (_(UT_SUPPORT));
733 }
737 void
738 print_usage (void)
739 {
740 printf ("\
741 Usage: %s -H host [-p port] [-e expect] [-C command] [-f from addr]\n\
742 [-A authtype -U authuser -P authpass]\n\
743 [-w warn] [-c crit] [-t timeout] [-S] [-D days] [-n] [-v] [-4|-6]\n", progname);
744 }
746 int
747 my_close (void)
748 {
749 #ifdef HAVE_SSL
750 np_net_ssl_cleanup();
751 #endif
752 return close(sd);
753 }