From 358757f3b08427e95fd6459e7fdef0114eb9e89c Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Thu, 13 Dec 2018 18:24:53 +0100
Subject: [PATCH] check_smtp: Add option to prefix PROXY header

This enables checks of SMTP servers that expect the haproxy
PROXY protocol:  -o smtpd_upstream_proxy_protocol=haproxy.

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
---
 NEWS                 |  1 +
 plugins/check_smtp.c | 17 ++++++++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index d3b62cd4..fa5333c0 100644
--- a/NEWS
+++ b/NEWS
@@ -20,6 +20,7 @@ This file documents the major additions and syntax changes between releases.
 	check_radius: Add calling-station-id (cejkar)
 	check_swap: Add --no-swap flag (Mario Trangoni)
 	ssl_utils: Added certificate expiry data in OK status (check_http, check_smtp, check_tcp) (Matt Capra)
+	check_smtp: Add --proxy flag for PROXY protocol (Patrick Uiterwijk)
 
 
 2.2.2 xxxx-xx-xx
diff --git a/plugins/check_smtp.c b/plugins/check_smtp.c
index 33d11803..a293c66e 100644
--- a/plugins/check_smtp.c
+++ b/plugins/check_smtp.c
@@ -52,6 +52,7 @@ int days_till_exp_warn, days_till_exp_crit;
 enum {
 	SMTP_PORT	= 25
 };
+#define PROXY_PREFIX "PROXY TCP4 0.0.0.0 0.0.0.0 25 25\r\n"
 #define SMTP_EXPECT "220"
 #define SMTP_HELO "HELO "
 #define SMTP_EHLO "EHLO "
@@ -106,6 +107,7 @@ double critical_time = 0;
 int check_critical_time = FALSE;
 int verbose = 0;
 int use_ssl = FALSE;
+short use_proxy_prefix = FALSE;
 short use_ehlo = FALSE;
 short use_lhlo = FALSE;
 short ssl_established = 0;
@@ -197,6 +199,13 @@ main (int argc, char **argv)
 
 	if (result == STATE_OK) { /* we connected */
 
+		/* If requested, send PROXY header */
+		if (use_proxy_prefix) {
+			if (verbose)
+				printf ("Sending header %s\n", PROXY_PREFIX);
+			send(sd, PROXY_PREFIX, strlen(PROXY_PREFIX), 0);
+		}
+
 		/* watch for the SMTP connection string and */
 		/* return a WARNING status if we couldn't read any data */
 		if (recvlines(buffer, MAX_INPUT_BUFFER) <= 0) {
@@ -484,6 +493,7 @@ process_arguments (int argc, char **argv)
 		{"starttls",no_argument,0,'S'},
 		{"certificate",required_argument,0,'D'},
 		{"ignore-quit-failure",no_argument,0,'q'},
+		{"proxy",no_argument,0,'r'},
 		{0, 0, 0, 0}
 	};
 
@@ -500,7 +510,7 @@ process_arguments (int argc, char **argv)
 	}
 
 	while (1) {
-		c = getopt_long (argc, argv, "+hVv46Lt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q",
+		c = getopt_long (argc, argv, "+hVv46Lrt:p:f:e:c:w:H:C:R:SD:F:A:U:P:q",
 		                 longopts, &option);
 
 		if (c == -1 || c == EOF)
@@ -622,6 +632,9 @@ process_arguments (int argc, char **argv)
 			use_ssl = TRUE;
 			use_ehlo = TRUE;
 			break;
+		case 'r':
+			use_proxy_prefix = TRUE;
+			break;
 		case 'L':
 			use_lhlo = TRUE;
 			break;
@@ -820,6 +833,8 @@ print_help (void)
   printf ("    %s\n", _("FROM-address to include in MAIL command, required by Exchange 2000")),
   printf (" %s\n", "-F, --fqdn=STRING");
   printf ("    %s\n", _("FQDN used for HELO"));
+  printf (" %s\n", "-r, --proxy-prefix");
+  printf ("    %s\n", _("Use PROXY protocol prefix for the connection."));
 #ifdef HAVE_SSL
   printf (" %s\n", "-D, --certificate=INTEGER[,INTEGER]");
   printf ("    %s\n", _("Minimum number of days a certificate has to be valid."));