diff options
Diffstat (limited to 'net-analyzer/nagios-plugins')
-rw-r--r-- | net-analyzer/nagios-plugins/Manifest | 3 | ||||
-rw-r--r-- | net-analyzer/nagios-plugins/files/check_smtp-implicit-tls.patch | 145 | ||||
-rw-r--r-- | net-analyzer/nagios-plugins/nagios-plugins-2.3.3-r2.ebuild (renamed from net-analyzer/nagios-plugins/nagios-plugins-2.3.3-r1.ebuild) | 5 |
3 files changed, 151 insertions, 2 deletions
diff --git a/net-analyzer/nagios-plugins/Manifest b/net-analyzer/nagios-plugins/Manifest index 4974750ebcff..6f4b3d91bc7f 100644 --- a/net-analyzer/nagios-plugins/Manifest +++ b/net-analyzer/nagios-plugins/Manifest @@ -1,6 +1,7 @@ +AUX check_smtp-implicit-tls.patch 4817 BLAKE2B 0a163150461b1c57892ae5802534ecc10cc94af93af846e07a4b66da445280a58e29841834002fcf86b2ed140ba26d420c550283edfef27c242710cf5673670e SHA512 27cb281b9e7fb4bec6250c1af41c74e39b171b05300587496e45d6f314d87557354b11837ec4348c91db92746b564e86f617ecf4f57ac002b4abd2918155f53c AUX define-own-mysql-port-constant.patch 3271 BLAKE2B a9776567af41b106616c10aac02042147d162a452e17480433a8fd8ffcf3ce506d6930215e8a8eaa219d7811adffbcc2b3ee6a004661ca2a1f8bdc3339bf3526 SHA512 18cb9be96b3e39a07eeb1cf6bccbbe26766ac355f4822c132253e25a6909c418071c2dc546fb60c055b78f620180035e57436a8ebb771ae1096b78d2e1c7c6ec DIST nagios-plugins-2.3.1.tar.gz 2833267 BLAKE2B f89eda7a29558dd33dedbf0de150b6a13ba66d213d74041d9eb8c680880b3825bcc9312d251d22f3b483a14c0de7c59d7801954e7563c16352bfc38236676863 SHA512 89208f211e51db4e0d56725a6ff6d2fcf4eb2207f877a2b8f130cda8480a70f318eceb94140eb4f2a17fe3dd967bb3615ccc366c1a531ebd4ff0a04b60c61b8a DIST nagios-plugins-2.3.3.tar.gz 2782610 BLAKE2B f02ded0ed6d5c649a82fe7fe06e393b404fc6e9a260365b128c114381d411d93c8980fee6da73c4d03ab73669d5b8754225ff5aa14ef4430ee0c91d8c56cb131 SHA512 2128601b1098eb82f4e7d720b96a5f92d6ad75dc181a94b25c38172767de8b72f9fece3eddb74933b1cd520928ae9416a7dc665e2f059bfe362dd74041d28cd7 EBUILD nagios-plugins-2.3.1-r2.ebuild 2988 BLAKE2B eed5cd61029d772a28a588f8ca59e5466e41fe4ea7ee5a8fc2defa106ddceead9eea43958e8c88ad5442aa063d8b1ca7369e76271ba4f57fe5591152366cf7a7 SHA512 edca196a5d78b9d37129175336df433576872d532188324d2efff4bb438477c0d65f09f7c183b5a1cfdabd3b8fe0eded18637376e9b20cae575c07c62be4f40d -EBUILD nagios-plugins-2.3.3-r1.ebuild 2993 BLAKE2B a585be573e75f10edae62c87e459050d25b947451f16f14d84c9aa2fe29e2cdbf0c4bea0bda66ff7a7bd5c558be679d76f17928e98c403c0091259f72323fd16 SHA512 76985327c20228c669bf1f574f4f447b3adc99e649f7069fb49c484cee4fa49205e88925df143db78e0c1234214511a55add49894cd7a4abfe545fda7d69a1e6 +EBUILD nagios-plugins-2.3.3-r2.ebuild 3039 BLAKE2B 2f2344d56139b20a291e272bdb381c45b99c7a952686e72f232e70b8d6fa5f637fbbda42d69add400d4d1b4d895b4608c7b853235eb5617b44879cdcfc2a5635 SHA512 06cbeb2ad6b950a8a3e3c142f55919c9f2e9a55608e6b0b35d9f0bd352267af77df155d687e2d6ad9fd02fb0aea8c9a24a873910b550994dd6f1d79b7fd137dd MISC metadata.xml 1430 BLAKE2B 63a889dc51085a41a5dec4b6c32e6262ff59fdb1413699736d6332a75406749551b1c82d62a2662f4d7935c46a4bc3b51e0ca7e3b070656163fb0b6fc69c742e SHA512 d6cbc6820de52e1ed471b97a6c592af72474db492204594314eebb656b8abe89a01667a7bbb621418fd393aeacb28e9a10c5749de7ace67dd15119f701019e72 diff --git a/net-analyzer/nagios-plugins/files/check_smtp-implicit-tls.patch b/net-analyzer/nagios-plugins/files/check_smtp-implicit-tls.patch new file mode 100644 index 000000000000..a0f30d2efdbf --- /dev/null +++ b/net-analyzer/nagios-plugins/files/check_smtp-implicit-tls.patch @@ -0,0 +1,145 @@ +From 0a8cf08ebb0740aa55d6c60d3b79fcab282604fb Mon Sep 17 00:00:00 2001 +From: Franz Schwartau <franz@electromail.org> +Date: Tue, 1 Sep 2020 12:48:51 +0200 +Subject: [PATCH 1/3] Add support for SMTP over TLS + +This is commonly used on smtps (465) port. + +PROXY protocol is not implemented with TLS in check_smtp.c, yet. +--- + plugins/check_smtp.c | 45 ++++++++++++++++++++++++++++++++++++-------- + 1 file changed, 37 insertions(+), 8 deletions(-) + +diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c +index 0b1c54d4..d5923a6a 100644 +--- a/plugins/check_smtp.c ++++ b/plugins/check_smtp.c +@@ -42,8 +42,8 @@ const char *email = "devel@nagios-plugins.org"; + #ifdef HAVE_SSL + int check_cert = FALSE; + int days_till_exp_warn, days_till_exp_crit; +-# define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) +-# define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) ++# define my_recv(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) ++# define my_send(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) + #else /* ifndef HAVE_SSL */ + # define my_recv(buf, len) read(sd, buf, len) + # define my_send(buf, len) send(sd, buf, len, 0) +@@ -107,6 +107,7 @@ double critical_time = 0; + int check_critical_time = FALSE; + int verbose = 0; + int use_ssl = FALSE; ++int use_starttls = FALSE; + int use_sni = FALSE; + short use_proxy_prefix = FALSE; + short use_ehlo = FALSE; +@@ -199,12 +200,25 @@ main (int argc, char **argv) + result = my_tcp_connect (server_address, server_port, &sd); + + if (result == STATE_OK) { /* we connected */ ++#ifdef HAVE_SSL ++ if (use_ssl) { ++ result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); ++ if (result != STATE_OK) { ++ printf (_("CRITICAL - Cannot create SSL context.\n")); ++ close(sd); ++ np_net_ssl_cleanup(); ++ return STATE_CRITICAL; ++ } else { ++ ssl_established = 1; ++ } ++ } ++#endif + + /* If requested, send PROXY header */ + if (use_proxy_prefix) { + if (verbose) + printf ("Sending header %s\n", PROXY_PREFIX); +- send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0); ++ my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); + } + + /* watch for the SMTP connection string and */ +@@ -230,7 +244,7 @@ main (int argc, char **argv) + } + + /* send the HELO/EHLO command */ +- send(sd, helocmd, strlen(helocmd), 0); ++ my_send(helocmd, strlen(helocmd)); + + /* allow for response to helo command to reach us */ + if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { +@@ -243,14 +257,14 @@ main (int argc, char **argv) + } + } + +- if(use_ssl && ! supports_tls){ ++ if(use_starttls && ! supports_tls){ + printf(_("WARNING - TLS not supported by server\n")); + smtp_quit(); + return STATE_WARNING; + } + + #ifdef HAVE_SSL +- if(use_ssl) { ++ if(use_starttls) { + /* send the STARTTLS command */ + send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); + +@@ -495,6 +509,7 @@ process_arguments (int argc, char **argv) + {"use-ipv6", no_argument, 0, '6'}, + {"help", no_argument, 0, 'h'}, + {"lmtp", no_argument, 0, 'L'}, ++ {"ssl", no_argument, 0, 's'}, + {"starttls",no_argument,0,'S'}, + {"sni", no_argument, 0, SNI_OPTION}, + {"certificate",required_argument,0,'D'}, +@@ -516,7 +531,7 @@ process_arguments (int argc, char **argv) + } + + while (1) { +- c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q", ++ c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q", + longopts, &option); + + if (c == -1 || c == EOF) +@@ -633,9 +648,13 @@ process_arguments (int argc, char **argv) + #else + usage (_("SSL support not available - install OpenSSL and recompile")); + #endif ++ case 's': ++ /* ssl */ ++ use_ssl = TRUE; ++ break; + case 'S': + /* starttls */ +- use_ssl = TRUE; ++ use_starttls = TRUE; + use_ehlo = TRUE; + break; + case SNI_OPTION: +@@ -694,6 +713,14 @@ process_arguments (int argc, char **argv) + if (from_arg==NULL) + from_arg = strdup(" "); + ++ if (use_starttls && use_ssl) { ++ usage4 (_("Set either -s/--ssl or -S/--starttls")); ++ } ++ ++ if (use_ssl && use_proxy_prefix) { ++ usage4 (_("PROXY protocol (-r/--proxy) is not implemented with SSL/TLS (-s/--ssl), yet.")); ++ } ++ + return validate_arguments (); + } + +@@ -851,6 +878,8 @@ print_help (void) + #ifdef HAVE_SSL + printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); + printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); ++ printf (" %s\n", "-s, --ssl"); ++ printf (" %s\n", _("Use SSL/TLS for the connection.")); + printf (" %s\n", "-S, --starttls"); + printf (" %s\n", _("Use STARTTLS for the connection.")); + printf (" %s\n", "--sni"); + diff --git a/net-analyzer/nagios-plugins/nagios-plugins-2.3.3-r1.ebuild b/net-analyzer/nagios-plugins/nagios-plugins-2.3.3-r2.ebuild index 419243e3b736..959874004cb5 100644 --- a/net-analyzer/nagios-plugins/nagios-plugins-2.3.3-r1.ebuild +++ b/net-analyzer/nagios-plugins/nagios-plugins-2.3.3-r2.ebuild @@ -62,7 +62,10 @@ DOCS=( THANKS ) -PATCHES=( "${FILESDIR}/define-own-mysql-port-constant.patch" ) +PATCHES=( + "${FILESDIR}/define-own-mysql-port-constant.patch" + "${FILESDIR}/check_smtp-implicit-tls.patch" +) src_prepare() { default |