[packages/nagios-plugins] - rel 9; add support for SNI in check_smtp
arekm
arekm at pld-linux.org
Fri Aug 30 11:34:29 CEST 2019
commit 3f27e9ebf9fd2cab9d62df69a6787d686ceb9a91
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Fri Aug 30 11:34:22 2019 +0200
- rel 9; add support for SNI in check_smtp
nagios-plugins.spec | 4 +++-
sni.patch | 69 +++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 72 insertions(+), 1 deletion(-)
---
diff --git a/nagios-plugins.spec b/nagios-plugins.spec
index 3a3a909..304f57c 100644
--- a/nagios-plugins.spec
+++ b/nagios-plugins.spec
@@ -17,7 +17,7 @@ Summary: Host/service/network monitoring program plugins for Nagios
Summary(pl.UTF-8): Wtyczki do monitorowania hostów/usług/sieci dla Nagiosa
Name: nagios-plugins
Version: 2.2.1
-Release: 8
+Release: 9
License: GPL v3
Group: Networking
Source0: http://www.nagios-plugins.org/download/%{name}-%{version}.tar.gz
@@ -39,6 +39,7 @@ Patch9: %{name}-paths.patch
Patch10: %{name}-ping.patch
Patch11: dns-config.patch
Patch12: %{name}-check_http-nocache.patch
+Patch13: sni.patch
URL: http://www.nagiosplugins.org/
BuildRequires: autoconf
BuildRequires: automake
@@ -536,6 +537,7 @@ mv nagios-plugins-config-*/* .
%patch10 -p1
%patch11 -p1
%patch12 -p1
+%patch13 -p1
# remove libtool m4 macro copies, breaks when system libtool is older
%{__rm} gl/m4/libtool.m4 gl/m4/lt*.m4
diff --git a/sni.patch b/sni.patch
new file mode 100644
index 0000000..99c76fd
--- /dev/null
+++ b/sni.patch
@@ -0,0 +1,69 @@
+--- nagios-plugins-2.2.1/plugins/check_smtp.org 2019-08-30 11:23:27.030644413 +0200
++++ nagios-plugins-2.2.1/plugins/check_smtp.c 2019-08-30 11:23:46.804575703 +0200
+@@ -106,6 +106,7 @@ double critical_time = 0;
+ int check_critical_time = FALSE;
+ int verbose = 0;
+ int use_ssl = FALSE;
++int use_sni = FALSE;
+ short use_ehlo = FALSE;
+ short use_lhlo = FALSE;
+ short ssl_established = 0;
+@@ -250,7 +251,7 @@ main (int argc, char **argv)
+ smtp_quit();
+ return STATE_UNKNOWN;
+ }
+- result = np_net_ssl_init(sd);
++ result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL));
+ if(result != STATE_OK) {
+ printf (_("CRITICAL - Cannot create SSL context.\n"));
+ close(sd);
+@@ -460,6 +461,10 @@ process_arguments (int argc, char **argv
+ int c;
+ char* temp;
+
++ enum {
++ SNI_OPTION
++ };
++
+ int option = 0;
+ static struct option longopts[] = {
+ {"hostname", required_argument, 0, 'H'},
+@@ -482,6 +487,7 @@ process_arguments (int argc, char **argv
+ {"help", no_argument, 0, 'h'},
+ {"lmtp", no_argument, 0, 'L'},
+ {"starttls",no_argument,0,'S'},
++ {"sni", no_argument, 0, SNI_OPTION},
+ {"certificate",required_argument,0,'D'},
+ {"ignore-quit-failure",no_argument,0,'q'},
+ {0, 0, 0, 0}
+@@ -622,6 +628,13 @@ process_arguments (int argc, char **argv
+ use_ssl = TRUE;
+ use_ehlo = TRUE;
+ break;
++ case SNI_OPTION:
++#ifdef HAVE_SSL
++ use_sni = TRUE;
++#else
++ usage (_("SSL support not available - install OpenSSL and recompile"));
++#endif
++ break;
+ case 'L':
+ use_lhlo = TRUE;
+ break;
+@@ -825,6 +838,8 @@ print_help (void)
+ printf (" %s\n", _("Minimum number of days a certificate has to be valid."));
+ printf (" %s\n", "-S, --starttls");
+ printf (" %s\n", _("Use STARTTLS for the connection."));
++ printf (" %s\n", "--sni");
++ printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
+ #endif
+
+ printf (" %s\n", "-A, --authtype=STRING");
+@@ -861,6 +876,6 @@ print_usage (void)
+ printf ("%s\n", _("Usage:"));
+ printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname);
+ printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n");
+- printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-v] \n");
++ printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [--sni] [-v] \n");
+ }
+
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/nagios-plugins.git/commitdiff/3f27e9ebf9fd2cab9d62df69a6787d686ceb9a91
More information about the pld-cvs-commit
mailing list