diff options
Diffstat (limited to 'net-analyzer')
-rw-r--r-- | net-analyzer/Manifest.gz | bin | 45062 -> 45058 bytes | |||
-rw-r--r-- | net-analyzer/nagios-plugins/Manifest | 1 | ||||
-rw-r--r-- | net-analyzer/nagios-plugins/files/check_smtp-implicit-tls.patch | 145 |
3 files changed, 0 insertions, 146 deletions
diff --git a/net-analyzer/Manifest.gz b/net-analyzer/Manifest.gz Binary files differindex 6dc7b0216cc9..11f41bff3cab 100644 --- a/net-analyzer/Manifest.gz +++ b/net-analyzer/Manifest.gz diff --git a/net-analyzer/nagios-plugins/Manifest b/net-analyzer/nagios-plugins/Manifest index d8d897f8adb2..c35229a5fabe 100644 --- a/net-analyzer/nagios-plugins/Manifest +++ b/net-analyzer/nagios-plugins/Manifest @@ -1,4 +1,3 @@ -AUX check_smtp-implicit-tls.patch 4817 BLAKE2B 0a163150461b1c57892ae5802534ecc10cc94af93af846e07a4b66da445280a58e29841834002fcf86b2ed140ba26d420c550283edfef27c242710cf5673670e SHA512 27cb281b9e7fb4bec6250c1af41c74e39b171b05300587496e45d6f314d87557354b11837ec4348c91db92746b564e86f617ecf4f57ac002b4abd2918155f53c AUX define-own-mysql-port-constant.patch 3271 BLAKE2B a9776567af41b106616c10aac02042147d162a452e17480433a8fd8ffcf3ce506d6930215e8a8eaa219d7811adffbcc2b3ee6a004661ca2a1f8bdc3339bf3526 SHA512 18cb9be96b3e39a07eeb1cf6bccbbe26766ac355f4822c132253e25a6909c418071c2dc546fb60c055b78f620180035e57436a8ebb771ae1096b78d2e1c7c6ec DIST nagios-plugins-2.4.0.tar.gz 2738643 BLAKE2B 695c3804aec592dad0ae1f2f19222a5ae066944de4169beba08dd1e7beee51c5082679dfc1cf5adc052758e3142f33187ebde9636af19ae313f1448867764878 SHA512 f6f4cd604d28161f36c1429dbfa8f07e9fa468d8d8c21925d53d7049f0765504cb785e1f1189a0c93aa1f0cd1fe3985409c420b7724aa39790836af5c3f725ff EBUILD nagios-plugins-2.4.0-r1.ebuild 3225 BLAKE2B dda29986ebcc2340c6a1c45805ce47b2e0e3218fdcb562d03be4f06c20c26e54328ff07dc3c7e17e2467c699598e7d1b9a3e511af3b52f8ef7e88d94044aef82 SHA512 67d45f7e9cb6332a975694c3c9fd658c47667b439f7d064310e9c2d2a705d30a436ebe50efcb23c78bc1253463270d253085b97bb45cfce3426f00e5452f61b4 diff --git a/net-analyzer/nagios-plugins/files/check_smtp-implicit-tls.patch b/net-analyzer/nagios-plugins/files/check_smtp-implicit-tls.patch deleted file mode 100644 index a0f30d2efdbf..000000000000 --- a/net-analyzer/nagios-plugins/files/check_smtp-implicit-tls.patch +++ /dev/null @@ -1,145 +0,0 @@ -From 0a8cf08ebb0740aa55d6c60d3b79fcab282604fb Mon Sep 17 00:00:00 2001 -From: Franz Schwartau <franz@electromail.org> -Date: Tue, 1 Sep 2020 12:48:51 +0200 -Subject: [PATCH 1/3] Add support for SMTP over TLS - -This is commonly used on smtps (465) port. - -PROXY protocol is not implemented with TLS in check_smtp.c, yet. ---- - plugins/check_smtp.c | 45 ++++++++++++++++++++++++++++++++++++-------- - 1 file changed, 37 insertions(+), 8 deletions(-) - -diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c -index 0b1c54d4..d5923a6a 100644 ---- a/plugins/check_smtp.c -+++ b/plugins/check_smtp.c -@@ -42,8 +42,8 @@ const char *email = "devel@nagios-plugins.org"; - #ifdef HAVE_SSL - int check_cert = FALSE; - int days_till_exp_warn, days_till_exp_crit; --# define my_recv(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) --# define my_send(buf, len) ((use_ssl && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) -+# define my_recv(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_read(buf, len) : read(sd, buf, len)) -+# define my_send(buf, len) (((use_starttls || use_ssl) && ssl_established) ? np_net_ssl_write(buf, len) : send(sd, buf, len, 0)) - #else /* ifndef HAVE_SSL */ - # define my_recv(buf, len) read(sd, buf, len) - # define my_send(buf, len) send(sd, buf, len, 0) -@@ -107,6 +107,7 @@ double critical_time = 0; - int check_critical_time = FALSE; - int verbose = 0; - int use_ssl = FALSE; -+int use_starttls = FALSE; - int use_sni = FALSE; - short use_proxy_prefix = FALSE; - short use_ehlo = FALSE; -@@ -199,12 +200,25 @@ main (int argc, char **argv) - result = my_tcp_connect (server_address, server_port, &sd); - - if (result == STATE_OK) { /* we connected */ -+#ifdef HAVE_SSL -+ if (use_ssl) { -+ result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL)); -+ if (result != STATE_OK) { -+ printf (_("CRITICAL - Cannot create SSL context.\n")); -+ close(sd); -+ np_net_ssl_cleanup(); -+ return STATE_CRITICAL; -+ } else { -+ ssl_established = 1; -+ } -+ } -+#endif - - /* If requested, send PROXY header */ - if (use_proxy_prefix) { - if (verbose) - printf ("Sending header %s\n", PROXY_PREFIX); -- send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0); -+ my_send(PROXY_PREFIX, strlen(PROXY_PREFIX)); - } - - /* watch for the SMTP connection string and */ -@@ -230,7 +244,7 @@ main (int argc, char **argv) - } - - /* send the HELO/EHLO command */ -- send(sd, helocmd, strlen(helocmd), 0); -+ my_send(helocmd, strlen(helocmd)); - - /* allow for response to helo command to reach us */ - if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) { -@@ -243,14 +257,14 @@ main (int argc, char **argv) - } - } - -- if(use_ssl && ! supports_tls){ -+ if(use_starttls && ! supports_tls){ - printf(_("WARNING - TLS not supported by server\n")); - smtp_quit(); - return STATE_WARNING; - } - - #ifdef HAVE_SSL -- if(use_ssl) { -+ if(use_starttls) { - /* send the STARTTLS command */ - send(sd, SMTP_STARTTLS, strlen(SMTP_STARTTLS), 0); - -@@ -495,6 +509,7 @@ process_arguments (int argc, char **argv) - {"use-ipv6", no_argument, 0, '6'}, - {"help", no_argument, 0, 'h'}, - {"lmtp", no_argument, 0, 'L'}, -+ {"ssl", no_argument, 0, 's'}, - {"starttls",no_argument,0,'S'}, - {"sni", no_argument, 0, SNI_OPTION}, - {"certificate",required_argument,0,'D'}, -@@ -516,7 +531,7 @@ process_arguments (int argc, char **argv) - } - - while (1) { -- c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q", -+ c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:sSD:F:A:U:P:q", - longopts, &option); - - if (c == -1 || c == EOF) -@@ -633,9 +648,13 @@ process_arguments (int argc, char **argv) - #else - usage (_("SSL support not available - install OpenSSL and recompile")); - #endif -+ case 's': -+ /* ssl */ -+ use_ssl = TRUE; -+ break; - case 'S': - /* starttls */ -- use_ssl = TRUE; -+ use_starttls = TRUE; - use_ehlo = TRUE; - break; - case SNI_OPTION: -@@ -694,6 +713,14 @@ process_arguments (int argc, char **argv) - if (from_arg==NULL) - from_arg = strdup(" "); - -+ if (use_starttls && use_ssl) { -+ usage4 (_("Set either -s/--ssl or -S/--starttls")); -+ } -+ -+ if (use_ssl && use_proxy_prefix) { -+ usage4 (_("PROXY protocol (-r/--proxy) is not implemented with SSL/TLS (-s/--ssl), yet.")); -+ } -+ - return validate_arguments (); - } - -@@ -851,6 +878,8 @@ print_help (void) - #ifdef HAVE_SSL - printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]"); - printf (" %s\n", _("Minimum number of days a certificate has to be valid.")); -+ printf (" %s\n", "-s, --ssl"); -+ printf (" %s\n", _("Use SSL/TLS for the connection.")); - printf (" %s\n", "-S, --starttls"); - printf (" %s\n", _("Use STARTTLS for the connection.")); - printf (" %s\n", "--sni"); - |