[pkg-nagios-changes] [Git][nagios-team/monitoring-plugins][master] 3 commits: Adding d/p/36_check_smtp_adding_proxy_header from upstream
Jan Wagner (@waja)
gitlab at salsa.debian.org
Mon Jun 19 08:35:48 BST 2023
Jan Wagner pushed to branch master at Debian Nagios Maintainer Group / monitoring-plugins
Commits:
a20810f7 by Jan Wagner at 2023-06-19T09:27:33+02:00
Adding d/p/36_check_smtp_adding_proxy_header from upstream
- - - - -
0250eb93 by Jan Wagner at 2023-06-19T09:30:04+02:00
Adding d/p/37_check_smtp_Adding_SNI from upstream
- - - - -
1381a203 by Jan Wagner at 2023-06-19T09:30:10+02:00
Remove left over d/p/31_checl_mailq_separate_submission_queue
- - - - -
4 changed files:
- − debian/patches/31_checl_mailq_separate_submission_queue
- + debian/patches/36_check_smtp_adding_proxy_header
- + debian/patches/37_check_smtp_Adding_SNI
- debian/patches/series
Changes:
=====================================
debian/patches/31_checl_mailq_separate_submission_queue deleted
=====================================
@@ -1,77 +0,0 @@
-From 12ae1fb6627bfef419fb4571a7189909107f5e6e Mon Sep 17 00:00:00 2001
-From: Jan Wagner <waja at cyconet.org>
-Date: Tue, 1 Oct 2013 15:06:51 +0200
-Subject: [PATCH] check_mailq.pl: separate submission queue
-
-check_mailq.pl ignores the separate submission queue used in (modern?) sendmail
-implementations.
-
-For the queue output below with one message in the submission queue and no
-messages in the transport queue, check_mailq.pl reports zero messages in the
-queue because the request count from the last queue always overwrites previous
-queues. If the sendmail MTA isn't running or has become wedged, messages will
-sit in the submission queue forever.
-
-The attached patch fixes this in a backwards compatible way (i.e., it shouldn't
-break any of the currently supported formats).
---
-Just turning attached patch of github issue #972 into a push request.
-(Closes #972)
----
-
-diff --git a/plugins-scripts/check_mailq.pl b/plugins-scripts/check_mailq.pl
-index 27073d3cc..f02c90fbc 100755
---- a/plugins-scripts/check_mailq.pl
-+++ b/plugins-scripts/check_mailq.pl
-@@ -149,7 +149,26 @@
- ##/var/spool/mqueue/qF/df is empty
- ## Total Requests: 1
-
--
-+# separate submission/transport queues, empty
-+## MSP Queue status...
-+## /var/spool/mqueue-client is empty
-+## Total requests: 0
-+## MTA Queue status...
-+## /var/spool/mqueue is empty
-+## Total requests: 0
-+# separate submission/transport queues: 1
-+## MSP Queue status...
-+## /var/spool/mqueue-client (1 request)
-+## -----Q-ID----- --Size-- -----Q-Time----- ------------Sender/Recipient-----------
-+## oAJEfhdW014123 5 Fri Nov 19 14:41 jwm
-+## (Deferred: Connection refused by [127.0.0.1])
-+## root
-+## Total requests: 1
-+## MTA Queue status...
-+## /var/spool/mqueue is empty
-+## Total requests: 0
-+
-+ my $this_msg_q = 0;
- while (<MAILQ>) {
-
- # match email addr on queue listing
-@@ -189,13 +208,18 @@
- #
- # single queue: first line
- # multi queue: one for each queue. overwrite on multi queue below
-- $msg_q = $1 ;
-+ $this_msg_q = $1 ;
-+ $msg_q += $1 ;
- }
- } elsif (/^\s+Total\sRequests:\s(\d+)$/i) {
-- print "$utils::PATH_TO_MAILQ = $_ \n" if $verbose ;
-- #
-- # multi queue: last line
-- $msg_q = $1 ;
-+ if ($this_msg_q) {
-+ $this_msg_q = 0 ;
-+ } else {
-+ print "$utils::PATH_TO_MAILQ = $_ \n" if $verbose ;
-+ #
-+ # multi queue: last line
-+ $msg_q += $1 ;
-+ }
- }
-
- }
=====================================
debian/patches/36_check_smtp_adding_proxy_header
=====================================
@@ -0,0 +1,129 @@
+From ce85affd208cd8c873dd88c17b8d3d0540c8872e Mon Sep 17 00:00:00 2001
+From: Patrick Uiterwijk <patrick at puiterwijk.org>
+Date: Thu, 13 Dec 2018 18:24:53 +0100
+Subject: [PATCH 1/5] check_smtp: Add option to prefix PROXY header
+
+This enables checks of SMTP servers that expect the haproxy
+PROXY protocol: -o smtpd_upstream_proxy_protocol=haproxy.
+
+Backported from nagios-plugins:
+https://github.com/nagios-plugins/nagios-plugins/commit/3246efe923b5482c5024c40e593ce942e628a3cb
+---
+ plugins/check_smtp.c | 17 ++++++++++++++++-
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
+index eaa7eebab..addabfc66 100644
+--- a/plugins/check_smtp.c
++++ b/plugins/check_smtp.c
+@@ -52,6 +52,7 @@ int days_till_exp_warn, days_till_exp_crit;
+ enum {
+ SMTP_PORT = 25
+ };
++#define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n"
+ #define SMTP_EXPECT "220"
+ #define SMTP_HELO "HELO "
+ #define SMTP_EHLO "EHLO "
+@@ -102,6 +103,7 @@ double critical_time = 0;
+ int check_critical_time = FALSE;
+ int verbose = 0;
+ int use_ssl = FALSE;
++short use_proxy_prefix = FALSE;
+ short use_ehlo = FALSE;
+ short use_lhlo = FALSE;
+ short ssl_established = 0;
+@@ -184,6 +186,13 @@ main (int argc, char **argv)
+
+ if (result == STATE_OK) { /* we connected */
+
++ /* If requested, send PROXY header */
++ if (use_proxy_prefix) {
++ if (verbose)
++ printf ("Sending header %s\n", PROXY_PREFIX);
++ send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0);
++ }
++
+ /* watch for the SMTP connection string and */
+ /* return a WARNING status if we couldn't read any data */
+ if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
+@@ -478,6 +487,7 @@ process_arguments (int argc, char **argv)
+ {"starttls",no_argument,0,'S'},
+ {"certificate",required_argument,0,'D'},
+ {"ignore-quit-failure",no_argument,0,'q'},
++ {"proxy",no_argument,0,'r'},
+ {0, 0, 0, 0}
+ };
+
+@@ -494,7 +504,7 @@ process_arguments (int argc, char **argv)
+ }
+
+ while (1) {
+- c = getopt_long (argc, argv, "+hVv46Lt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q",
++ c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q",
+ longopts, &option);
+
+ if (c == -1 || c == EOF)
+@@ -621,6 +631,9 @@ process_arguments (int argc, char **argv)
+ use_ssl = TRUE;
+ use_ehlo = TRUE;
+ break;
++ case 'r':
++ use_proxy_prefix = TRUE;
++ break;
+ case 'L':
+ use_lhlo = TRUE;
+ break;
+@@ -819,6 +832,8 @@ print_help (void)
+ printf (" %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")),
+ printf (" %s\n", "-F, --fqdn=STRING");
+ printf (" %s\n", _("FQDN used for HELO"));
++ printf (" %s\n", "-r, --proxy");
++ printf (" %s\n", _("Use PROXY protocol prefix for the connection."));
+ #ifdef HAVE_SSL
+ printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]");
+ printf (" %s\n", _("Minimum number of days a certificate has to be valid."));
+
+From 6d5e81fcbadbef557cf3f61ce7fd6ef73e25683e Mon Sep 17 00:00:00 2001
+From: Franz Schwartau <franz at electromail.org>
+Date: Mon, 12 Jun 2023 15:55:32 +0200
+Subject: [PATCH 2/5] check_smtp: add missing -r option in usage
+
+---
+ plugins/check_smtp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
+index addabfc66..a1debd25f 100644
+--- a/plugins/check_smtp.c
++++ b/plugins/check_smtp.c
+@@ -875,6 +875,6 @@ print_usage (void)
+ printf ("%s\n", _("Usage:"));
+ printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname);
+ printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n");
+- printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-v] \n");
++ printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [-v] \n");
+ }
+
+
+From d762fb137401491270c898febe07e34ba200e388 Mon Sep 17 00:00:00 2001
+From: Franz Schwartau <franz at electromail.org>
+Date: Mon, 12 Jun 2023 22:09:54 +0200
+Subject: [PATCH 5/5] check_smtp: update year in copyright header
+
+---
+ plugins/check_smtp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
+index a1debd25f..70191ad92 100644
+--- a/plugins/check_smtp.c
++++ b/plugins/check_smtp.c
+@@ -3,7 +3,7 @@
+ * Monitoring check_smtp plugin
+ *
+ * License: GPL
+-* Copyright (c) 2000-2007 Monitoring Plugins Development Team
++* Copyright (c) 2000-2023 Monitoring Plugins Development Team
+ *
+ * Description:
+ *
=====================================
debian/patches/37_check_smtp_Adding_SNI
=====================================
@@ -0,0 +1,86 @@
+From 252272344ea63a164eabc1631e9b77450d2b1c4b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= <arekm at maven.pl>
+Date: Fri, 30 Aug 2019 11:30:10 +0200
+Subject: [PATCH 1/2] Add support for SNI in check_smtp.
+
+Add support for SSL/TLS hostname extension support (SNI) for check_smtp
+plugin.
+
+Backported from nagios-plugins:
+https://github.com/nagios-plugins/nagios-plugins/commit/9f1628f4b5525335ce1d6e48e8ac8b07d0757f82
+---
+ plugins/check_smtp.c | 19 +++++++++++++++++--
+ 1 file changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
+index 70191ad92..c0ab838ac 100644
+--- a/plugins/check_smtp.c
++++ b/plugins/check_smtp.c
+@@ -103,6 +103,7 @@ double critical_time = 0;
+ int check_critical_time = FALSE;
+ int verbose = 0;
+ int use_ssl = FALSE;
++int use_sni = FALSE;
+ short use_proxy_prefix = FALSE;
+ short use_ehlo = FALSE;
+ short use_lhlo = FALSE;
+@@ -234,7 +235,7 @@ main (int argc, char **argv)
+ smtp_quit();
+ return STATE_UNKNOWN;
+ }
+- result = np_net_ssl_init(sd);
++ result = np_net_ssl_init_with_hostname(sd, (use_sni ? server_address : NULL));
+ if(result != STATE_OK) {
+ printf (_("CRITICAL - Cannot create SSL context.\n"));
+ close(sd);
+@@ -463,6 +464,10 @@ process_arguments (int argc, char **argv)
+ int c;
+ char* temp;
+
++ enum {
++ SNI_OPTION
++ };
++
+ int option = 0;
+ static struct option longopts[] = {
+ {"hostname", required_argument, 0, 'H'},
+@@ -485,6 +490,7 @@ process_arguments (int argc, char **argv)
+ {"help", no_argument, 0, 'h'},
+ {"lmtp", no_argument, 0, 'L'},
+ {"starttls",no_argument,0,'S'},
++ {"sni", no_argument, 0, SNI_OPTION},
+ {"certificate",required_argument,0,'D'},
+ {"ignore-quit-failure",no_argument,0,'q'},
+ {"proxy",no_argument,0,'r'},
+@@ -631,6 +637,13 @@ process_arguments (int argc, char **argv)
+ use_ssl = TRUE;
+ use_ehlo = TRUE;
+ break;
++ case SNI_OPTION:
++#ifdef HAVE_SSL
++ use_sni = TRUE;
++#else
++ usage (_("SSL support not available - install OpenSSL and recompile"));
++#endif
++ break;
+ case 'r':
+ use_proxy_prefix = TRUE;
+ break;
+@@ -839,6 +852,8 @@ print_help (void)
+ printf (" %s\n", _("Minimum number of days a certificate has to be valid."));
+ printf (" %s\n", "-S, --starttls");
+ printf (" %s\n", _("Use STARTTLS for the connection."));
++ printf (" %s\n", "--sni");
++ printf (" %s\n", _("Enable SSL/TLS hostname extension support (SNI)"));
+ #endif
+
+ printf (" %s\n", "-A, --authtype=STRING");
+@@ -875,6 +890,6 @@ print_usage (void)
+ printf ("%s\n", _("Usage:"));
+ printf ("%s -H host [-p port] [-4|-6] [-e expect] [-C command] [-R response] [-f from addr]\n", progname);
+ printf ("[-A authtype -U authuser -P authpass] [-w warn] [-c crit] [-t timeout] [-q]\n");
+- printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [-v] \n");
++ printf ("[-F fqdn] [-S] [-L] [-D warn days cert expire[,crit days cert expire]] [-r] [--sni] [-v] \n");
+ }
+
+
=====================================
debian/patches/series
=====================================
@@ -22,3 +22,5 @@
32_check_disk_add_ignore_missing
33_check_procs_exclude-process
34_check_curl_fix_compare_warning
+36_check_smtp_adding_proxy_header
+37_check_smtp_Adding_SNI
View it on GitLab: https://salsa.debian.org/nagios-team/monitoring-plugins/-/compare/aebd2cce940445038979575bcc0dd6e737bf3372...1381a2037b663ce612c7b86295b323cbaedebb1a
--
View it on GitLab: https://salsa.debian.org/nagios-team/monitoring-plugins/-/compare/aebd2cce940445038979575bcc0dd6e737bf3372...1381a2037b663ce612c7b86295b323cbaedebb1a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-nagios-changes/attachments/20230619/0c60e5d0/attachment-0001.htm>
More information about the pkg-nagios-changes
mailing list