X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fcheck_smtp.c;h=3da724babdc32dc6313eed310db233a34213281b;hb=34445190148ac113da9d29cbf8b62f4ce8606304;hp=ee6d0cb795d99026e320b5a8db8dc2508aababa1;hpb=d8ecf6bfc264717c611a983fe8ccb0488669791a;p=nagiosplug.git
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index ee6d0cb..3da724b 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -1,48 +1,43 @@
-/******************************************************************************
-*
+/*****************************************************************************
+*
* Nagios check_smtp plugin
-*
+*
* License: GPL
-* Copyright (c) 1999-2006 nagios-plugins team
-*
-* Last Modified: $Date$
-*
+* Copyright (c) 2000-2007 Nagios Plugins Development Team
+*
* Description:
-*
+*
* This file contains the check_smtp plugin
-*
-* This plugin will attempt to open an SMTP connection with the host.
-*
-*
-* License Information:
-*
-* This program is free software; you can redistribute it and/or modify
+*
+* This plugin will attempt to open an SMTP connection with the host.
+*
+*
+* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
-* the Free Software Foundation; either version 2 of the License, or
+* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
-*
+*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
-*
+*
* You should have received a copy of the GNU General Public License
-* along with this program; if not, write to the Free Software
-* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*
-*
-* $Id$
+* along with this program. If not, see .
+*
*
-******************************************************************************/
+*****************************************************************************/
const char *progname = "check_smtp";
-const char *revision = "$Revision$";
-const char *copyright = "2000-2006";
+const char *copyright = "2000-2007";
const char *email = "nagiosplug-devel@lists.sourceforge.net";
#include "common.h"
#include "netutils.h"
#include "utils.h"
+#include "base64.h"
+
+#include
#ifdef HAVE_SSL
int check_cert = FALSE;
@@ -74,6 +69,9 @@ int process_arguments (int, char **);
int validate_arguments (void);
void print_help (void);
void print_usage (void);
+void smtp_quit(void);
+int recvline(char *, size_t);
+int recvlines(char *, size_t);
int my_close(void);
#include "regex.h"
@@ -115,49 +113,8 @@ char buffer[MAX_INPUT_BUFFER];
enum {
TCP_PROTOCOL = 1,
UDP_PROTOCOL = 2,
- MAXBUF = 1024
};
-/* written by lauri alanko */
-static char *
-base64 (const char *bin, size_t len)
-{
-
- char *buf = (char *) malloc ((len + 2) / 3 * 4 + 1);
- size_t i = 0, j = 0;
-
- char BASE64_END = '=';
- char base64_table[64];
- strncpy (base64_table, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/", 64);
-
- while (j < len - 2) {
- buf[i++] = base64_table[bin[j] >> 2];
- buf[i++] = base64_table[((bin[j] & 3) << 4) | (bin[j + 1] >> 4)];
- buf[i++] = base64_table[((bin[j + 1] & 15) << 2) | (bin[j + 2] >> 6)];
- buf[i++] = base64_table[bin[j + 2] & 63];
- j += 3;
- }
-
- switch (len - j) {
- case 1:
- buf[i++] = base64_table[bin[j] >> 2];
- buf[i++] = base64_table[(bin[j] & 3) << 4];
- buf[i++] = BASE64_END;
- buf[i++] = BASE64_END;
- break;
- case 2:
- buf[i++] = base64_table[bin[j] >> 2];
- buf[i++] = base64_table[((bin[j] & 3) << 4) | (bin[j + 1] >> 4)];
- buf[i++] = base64_table[(bin[j + 1] & 15) << 2];
- buf[i++] = BASE64_END;
- break;
- case 0:
- break;
- }
-
- buf[i] = '\0';
- return buf;
-}
int
main (int argc, char **argv)
@@ -169,18 +126,20 @@ main (int argc, char **argv)
int result = STATE_UNKNOWN;
char *cmd_str = NULL;
char *helocmd = NULL;
- char *error_msg = NULL;
+ char *error_msg = "";
struct timeval tv;
- struct hostent *hp;
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
textdomain (PACKAGE);
+ /* Parse extra opts if any */
+ argv=np_extra_opts (&argc, argv, progname);
+
if (process_arguments (argc, argv) == ERROR)
usage4 (_("Could not parse arguments"));
- /* initialize the HELO command with the localhostname */
+ /* If localhostname not set on command line, use gethostname to set */
if(! localhostname){
localhostname = malloc (HOST_MAX_BYTES);
if(!localhostname){
@@ -191,23 +150,21 @@ main (int argc, char **argv)
printf(_("gethostname() failed!\n"));
return STATE_CRITICAL;
}
- hp = gethostbyname(localhostname);
- if(!hp) helocmd = localhostname;
- else helocmd = hp->h_name;
- } else {
- helocmd = localhostname;
}
if(use_ehlo)
- asprintf (&helocmd, "%s%s%s", SMTP_EHLO, helocmd, "\r\n");
+ asprintf (&helocmd, "%s%s%s", SMTP_EHLO, localhostname, "\r\n");
else
- asprintf (&helocmd, "%s%s%s", SMTP_HELO, helocmd, "\r\n");
+ asprintf (&helocmd, "%s%s%s", SMTP_HELO, localhostname, "\r\n");
+
+ if (verbose)
+ printf("HELOCMD: %s", helocmd);
/* initialize the MAIL command with optional FROM command */
asprintf (&cmd_str, "%sFROM: %s%s", mail_command, from_arg, "\r\n");
if (verbose && smtp_use_dummycmd)
printf ("FROM CMD: %s", cmd_str);
-
+
/* initialize alarm signal handling */
(void) signal (SIGALRM, socket_timeout_alarm_handler);
@@ -224,7 +181,7 @@ main (int argc, char **argv)
/* watch for the SMTP connection string and */
/* return a WARNING status if we couldn't read any data */
- if (recv (sd, buffer, MAX_INPUT_BUFFER - 1, 0) == -1) {
+ if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
printf (_("recv() failed\n"));
result = STATE_WARNING;
}
@@ -236,10 +193,10 @@ main (int argc, char **argv)
/* make sure we find the response we are looking for */
if (!strstr (buffer, server_expect)) {
if (server_port == SMTP_PORT)
- printf (_("Invalid SMTP response received from host\n"));
+ printf (_("Invalid SMTP response received from host: %s\n"), buffer);
else
- printf (_("Invalid SMTP response received from host on port %d\n"),
- server_port);
+ printf (_("Invalid SMTP response received from host on port %d: %s\n"),
+ server_port, buffer);
result = STATE_WARNING;
}
}
@@ -248,11 +205,10 @@ main (int argc, char **argv)
send(sd, helocmd, strlen(helocmd), 0);
/* allow for response to helo command to reach us */
- if(read (sd, buffer, MAXBUF - 1) < 0){
+ if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
printf (_("recv() failed\n"));
return STATE_WARNING;
} else if(use_ehlo){
- buffer[MAXBUF-1]='\0';
if(strstr(buffer, "250 STARTTLS") != NULL ||
strstr(buffer, "250-STARTTLS") != NULL){
supports_tls=TRUE;
@@ -261,7 +217,7 @@ main (int argc, char **argv)
if(use_ssl && ! supports_tls){
printf(_("WARNING - TLS not supported by server\n"));
- send (sd, SMTP_QUIT, strlen (SMTP_QUIT), 0);
+ smtp_quit();
return STATE_WARNING;
}
@@ -270,10 +226,10 @@ main (int argc, char **argv)
/* send the STARTTLS command */
send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0);
- recv(sd,buffer, MAX_INPUT_BUFFER-1, 0); /* wait for it */
+ recvlines(buffer, MAX_INPUT_BUFFER); /* wait for it */
if (!strstr (buffer, server_expect)) {
printf (_("Server does not support STARTTLS\n"));
- send (sd, SMTP_QUIT, strlen (SMTP_QUIT), 0);
+ smtp_quit();
return STATE_UNKNOWN;
}
result = np_net_ssl_init(sd);
@@ -298,19 +254,18 @@ main (int argc, char **argv)
* we resent EHLO via TLS.
*/
if (my_send(helocmd, strlen(helocmd)) <= 0) {
- printf(_("SMTP UNKNOWN - Cannot send EHLO command via TLS.\n"));
+ printf("%s\n", _("SMTP UNKNOWN - Cannot send EHLO command via TLS."));
my_close();
return STATE_UNKNOWN;
}
if (verbose)
printf(_("sent %s"), helocmd);
- if ((n = my_recv(buffer, MAX_INPUT_BUFFER - 1)) <= 0) {
- printf(_("SMTP UNKNOWN - Cannot read EHLO response via TLS.\n"));
+ if ((n = recvlines(buffer, MAX_INPUT_BUFFER)) <= 0) {
+ printf("%s\n", _("SMTP UNKNOWN - Cannot read EHLO response via TLS."));
my_close();
return STATE_UNKNOWN;
}
if (verbose) {
- buffer[n] = '\0';
printf("%s", buffer);
}
@@ -318,7 +273,7 @@ main (int argc, char **argv)
if ( check_cert ) {
result = np_net_ssl_check_cert(days_till_exp);
if(result != STATE_OK){
- printf (_("CRITICAL - Cannot retrieve server certificate.\n"));
+ printf ("%s\n", _("CRITICAL - Cannot retrieve server certificate."));
}
my_close();
return result;
@@ -326,7 +281,7 @@ main (int argc, char **argv)
# endif /* USE_OPENSSL */
}
#endif
-
+
/* sendmail will syslog a "NOQUEUE" error if session does not attempt
* to do something useful. This can be prevented by giving a command
* even if syntax is illegal (MAIL requires a FROM:<...> argument)
@@ -334,21 +289,18 @@ main (int argc, char **argv)
* According to rfc821 you can include a null reversepath in the from command
* - but a log message is generated on the smtp server.
*
- * You can disable sending mail_command with '--nocommand'
* Use the -f option to provide a FROM address
*/
if (smtp_use_dummycmd) {
my_send(cmd_str, strlen(cmd_str));
- my_recv(buffer, MAX_INPUT_BUFFER-1);
- if (verbose)
+ if (recvlines(buffer, MAX_INPUT_BUFFER) >= 1 && verbose)
printf("%s", buffer);
}
while (n < ncommands) {
asprintf (&cmd_str, "%s%s", commands[n], "\r\n");
my_send(cmd_str, strlen(cmd_str));
- my_recv(buffer, MAX_INPUT_BUFFER-1);
- if (verbose)
+ if (recvlines(buffer, MAX_INPUT_BUFFER) >= 1 && verbose)
printf("%s", buffer);
strip (buffer);
if (n < nresponses) {
@@ -383,12 +335,12 @@ main (int argc, char **argv)
do {
if (authuser == NULL) {
result = STATE_CRITICAL;
- error_msg = _("no authuser specified, ");
+ asprintf(&error_msg, _("no authuser specified, "));
break;
}
if (authpass == NULL) {
result = STATE_CRITICAL;
- error_msg = _("no authpass specified, ");
+ asprintf(&error_msg, _("no authpass specified, "));
break;
}
@@ -397,73 +349,72 @@ main (int argc, char **argv)
if (verbose)
printf (_("sent %s\n"), "AUTH LOGIN");
- if((ret = my_recv(buffer, MAXBUF - 1)) < 0){
- error_msg = _("recv() failed after AUTH LOGIN, \n");
+ if ((ret = recvlines(buffer, MAX_INPUT_BUFFER)) <= 0) {
+ asprintf(&error_msg, _("recv() failed after AUTH LOGIN, "));
result = STATE_WARNING;
break;
}
- buffer[ret] = 0;
if (verbose)
printf (_("received %s\n"), buffer);
if (strncmp (buffer, "334", 3) != 0) {
result = STATE_CRITICAL;
- error_msg = _("invalid response received after AUTH LOGIN, ");
+ asprintf(&error_msg, _("invalid response received after AUTH LOGIN, "));
break;
}
/* encode authuser with base64 */
- abuf = base64 (authuser, strlen(authuser));
+ base64_encode_alloc (authuser, strlen(authuser), &abuf);
+ /* FIXME: abuf shouldn't have enough space to strcat a '\r\n' into it. */
strcat (abuf, "\r\n");
my_send(abuf, strlen(abuf));
if (verbose)
printf (_("sent %s\n"), abuf);
- if ((ret = my_recv(buffer, MAX_INPUT_BUFFER-1)) == -1) {
+ if ((ret = recvlines(buffer, MAX_INPUT_BUFFER)) <= 0) {
result = STATE_CRITICAL;
- error_msg = _("recv() failed after sending authuser, ");
+ asprintf(&error_msg, _("recv() failed after sending authuser, "));
break;
}
- buffer[ret] = 0;
if (verbose) {
printf (_("received %s\n"), buffer);
}
if (strncmp (buffer, "334", 3) != 0) {
result = STATE_CRITICAL;
- error_msg = _("invalid response received after authuser, ");
+ asprintf(&error_msg, _("invalid response received after authuser, "));
break;
}
/* encode authpass with base64 */
- abuf = base64 (authpass, strlen(authpass));
+ base64_encode_alloc (authpass, strlen(authpass), &abuf);
+ /* FIXME: abuf shouldn't have enough space to strcat a '\r\n' into it. */
strcat (abuf, "\r\n");
my_send(abuf, strlen(abuf));
if (verbose) {
printf (_("sent %s\n"), abuf);
}
- if ((ret = my_recv(buffer, MAX_INPUT_BUFFER-1)) == -1) {
+ if ((ret = recvlines(buffer, MAX_INPUT_BUFFER)) <= 0) {
result = STATE_CRITICAL;
- error_msg = _("recv() failed after sending authpass, ");
+ asprintf(&error_msg, _("recv() failed after sending authpass, "));
break;
}
- buffer[ret] = 0;
if (verbose) {
printf (_("received %s\n"), buffer);
}
if (strncmp (buffer, "235", 3) != 0) {
result = STATE_CRITICAL;
- error_msg = _("invalid response received after authpass, ");
+ asprintf(&error_msg, _("invalid response received after authpass, "));
break;
}
break;
} while (0);
} else {
result = STATE_CRITICAL;
- error_msg = _("only authtype LOGIN is supported, ");
+ asprintf(&error_msg, _("only authtype LOGIN is supported, "));
}
}
/* tell the server we're done */
- my_send (SMTP_QUIT, strlen (SMTP_QUIT));
+ smtp_quit();
/* finally close the connection */
close (sd);
@@ -484,7 +435,7 @@ main (int argc, char **argv)
printf (_("SMTP %s - %s%.3f sec. response time%s%s|%s\n"),
state_text (result),
- (error_msg == NULL ? "" : error_msg),
+ error_msg,
elapsed_time,
verbose?", ":"", verbose?buffer:"",
fperfdata ("time", elapsed_time, "s",
@@ -518,7 +469,6 @@ process_arguments (int argc, char **argv)
{"authpass", required_argument, 0, 'P'},
{"command", required_argument, 0, 'C'},
{"response", required_argument, 0, 'R'},
- {"nocommand", required_argument, 0, 'n'},
{"verbose", no_argument, 0, 'v'},
{"version", no_argument, 0, 'V'},
{"use-ipv4", no_argument, 0, '4'},
@@ -573,6 +523,7 @@ process_arguments (int argc, char **argv)
break;
case 'A':
authtype = optarg;
+ use_ehlo = TRUE;
break;
case 'U':
authuser = optarg;
@@ -585,22 +536,26 @@ process_arguments (int argc, char **argv)
break;
case 'C': /* commands */
if (ncommands >= command_size) {
- commands = realloc (commands, command_size+8);
+ command_size+=8;
+ commands = realloc (commands, sizeof(char *) * command_size);
if (commands == NULL)
die (STATE_UNKNOWN,
_("Could not realloc() units [%d]\n"), ncommands);
}
- commands[ncommands] = optarg;
+ commands[ncommands] = (char *) malloc (sizeof(char) * 255);
+ strncpy (commands[ncommands], optarg, 255);
ncommands++;
break;
case 'R': /* server responses */
if (nresponses >= response_size) {
- responses = realloc (responses, response_size+8);
+ response_size += 8;
+ responses = realloc (responses, sizeof(char *) * response_size);
if (responses == NULL)
die (STATE_UNKNOWN,
_("Could not realloc() units [%d]\n"), nresponses);
}
- responses[nresponses] = optarg;
+ responses[nresponses] = (char *) malloc (sizeof(char) * 255);
+ strncpy (responses[nresponses], optarg, 255);
nresponses++;
break;
case 'c': /* critical time threshold */
@@ -659,13 +614,13 @@ process_arguments (int argc, char **argv)
#endif
break;
case 'V': /* version */
- print_revision (progname, revision);
+ print_revision (progname, NP_VERSION);
exit (STATE_OK);
case 'h': /* help */
print_help ();
exit (STATE_OK);
case '?': /* help */
- usage2 (_("Unknown argument"), optarg);
+ usage5 ();
}
}
@@ -703,7 +658,89 @@ validate_arguments (void)
}
-int
+void
+smtp_quit(void)
+{
+ int bytes;
+
+ my_send(SMTP_QUIT, strlen(SMTP_QUIT));
+ if (verbose)
+ printf(_("sent %s\n"), "QUIT");
+
+ /* read the response but don't care about problems */
+ bytes = recvlines(buffer, MAX_INPUT_BUFFER);
+ if (verbose) {
+ if (bytes < 0)
+ printf(_("recv() failed after QUIT."));
+ else if (bytes == 0)
+ printf(_("Connection reset by peer."));
+ else {
+ buffer[bytes] = '\0';
+ printf(_("received %s\n"), buffer);
+ }
+ }
+}
+
+
+/*
+ * Receive one line, copy it into buf and nul-terminate it. Returns the
+ * number of bytes written to buf (excluding the '\0') or 0 on EOF or <0 on
+ * error.
+ *
+ * TODO: Reading one byte at a time is very inefficient. Replace this by a
+ * function which buffers the data, move that to netutils.c and change
+ * check_smtp and other plugins to use that. Also, remove (\r)\n.
+ */
+int
+recvline(char *buf, size_t bufsize)
+{
+ int result;
+ unsigned i;
+
+ for (i = result = 0; i < bufsize - 1; i++) {
+ if ((result = my_recv(&buf[i], 1)) != 1)
+ break;
+ if (buf[i] == '\n') {
+ buf[++i] = '\0';
+ return i;
+ }
+ }
+ return (result == 1 || i == 0) ? -2 : result; /* -2 if out of space */
+}
+
+
+/*
+ * Receive one or more lines, copy them into buf and nul-terminate it. Returns
+ * the number of bytes written to buf (excluding the '\0') or 0 on EOF or <0 on
+ * error. Works for all protocols which format multiline replies as follows:
+ *
+ * ``The format for multiline replies requires that every line, except the last,
+ * begin with the reply code, followed immediately by a hyphen, `-' (also known
+ * as minus), followed by text. The last line will begin with the reply code,
+ * followed immediately by , optionally some text, and . As noted
+ * above, servers SHOULD send the if subsequent text is not sent, but
+ * clients MUST be prepared for it to be omitted.'' (RFC 2821, 4.2.1)
+ *
+ * TODO: Move this to netutils.c. Also, remove \r and possibly the final \n.
+ */
+int
+recvlines(char *buf, size_t bufsize)
+{
+ int result, i;
+
+ for (i = 0; /* forever */; i += result)
+ if (!((result = recvline(buf + i, bufsize - i)) > 3 &&
+ isdigit((int)buf[i]) &&
+ isdigit((int)buf[i + 1]) &&
+ isdigit((int)buf[i + 2]) &&
+ buf[i + 3] == '-'))
+ break;
+
+ return (result <= 0) ? result : result + i;
+}
+
+
+int
my_close (void)
{
#ifdef HAVE_SSL
@@ -719,7 +756,7 @@ print_help (void)
char *myport;
asprintf (&myport, "%d", SMTP_PORT);
- print_revision (progname, revision);
+ print_revision (progname, NP_VERSION);
printf ("Copyright (c) 1999-2001 Ethan Galstad \n");
printf (COPYRIGHT, copyright, email);
@@ -730,22 +767,23 @@ print_help (void)
print_usage ();
- printf (_(UT_HELP_VRSN));
+ printf (UT_HELP_VRSN);
+ printf (UT_EXTRA_OPTS);
- printf (_(UT_HOST_PORT), 'p', myport);
+ printf (UT_HOST_PORT, 'p', myport);
- printf (_(UT_IPv46));
+ printf (UT_IPv46);
printf (" %s\n", "-e, --expect=STRING");
printf (_(" String to expect in first line of server response (default: '%s')\n"), SMTP_EXPECT);
- printf (" %s\n", "-n, nocommand");
- printf (" %s\n", _("Suppress SMTP command"));
printf (" %s\n", "-C, --command=STRING");
printf (" %s\n", _("SMTP command (may be used repeatedly)"));
printf (" %s\n", "-R, --command=STRING");
printf (" %s\n", _("Expected response to command (may be used repeatedly)"));
printf (" %s\n", "-f, --from=STRING");
printf (" %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")),
+ printf (" %s\n", "-F, --fqdn=STRING");
+ printf (" %s\n", _("FQDN used for HELO"));
#ifdef HAVE_SSL
printf (" %s\n", "-D, --certificate=INTEGER");
printf (" %s\n", _("Minimum number of days a certificate has to be valid."));
@@ -760,11 +798,11 @@ print_help (void)
printf (" %s\n", "-P, --authpass=STRING");
printf (" %s\n", _("SMTP AUTH password"));
- printf (_(UT_WARN_CRIT));
+ printf (UT_WARN_CRIT);
- printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT);
+ printf (UT_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
- printf (_(UT_VERBOSE));
+ printf (UT_VERBOSE);
printf("\n");
printf ("%s\n", _("Successul connects return STATE_OK, refusals and timeouts return"));
@@ -772,7 +810,7 @@ print_help (void)
printf ("%s\n", _("connects, but incorrect reponse messages from the host result in"));
printf ("%s\n", _("STATE_WARNING return values."));
- printf (_(UT_SUPPORT));
+ printf (UT_SUPPORT);
}
@@ -780,9 +818,9 @@ print_help (void)
void
print_usage (void)
{
- printf (_("Usage:"));
- printf ("%s -H host [-p port] [-e expect] [-C command] [-f from addr]", progname);
+ printf ("%s\n", _("Usage:"));
+ printf ("%s -H host [-p port] [-e expect] [-C command] [-f from addr]", progname);
printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout]\n");
- printf ("[-S] [-D days] [-n] [-v] [-4|-6]\n");
+ printf ("[-F fqdn] [-S] [-D days] [-v] [-4|-6]\n");
}