<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi,<br>
<br>
<div class="moz-cite-prefix">Den 18-12-2015 kl. 19:03 skrev Galen
Johnson:<br>
</div>
<blockquote cite="mid:1450461727184.49766@sas.com" type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css" style="display:none"><!-- p { margin-top: 0px; margin-bottom: 0px; }--></style>
<p>Actually, it may not be as bad as all that. openssl already
supports this. Not 100% sure but I thought Xymon leveraged that
for the ssl connections. I'm looking at <a
moz-do-not-send="true"
href="https://www.madboa.com/geek/openssl/"><a class="moz-txt-link-freetext" href="https://www.madboa.com/geek/openssl/">https://www.madboa.com/geek/openssl/</a></a>.
The syntax is not exactly correct there but I'm currently
trying to amend it. Looking at <a moz-do-not-send="true"
href="https://www.openssl.org/docs/manmaster/apps/s_client.html">https://www.openssl.org/docs/manmaster/apps/s_client.html</a>,
the openssl s_client supports starttls for ftp (<em>Currently,
the only supported keywords are "smtp", "pop3", "imap", "ftp",
"xmpp", "xmpp-server", and "irc."</em>)<br>
</p>
<p><br>
</p>
</blockquote>
the various starttls methods in openssl are implemented in the
s_client application, not as part of the openssl library. So it
isn't something that can be pulled into Xymon easily.<br>
<br>
The xymonnet program really does not allow for the multiple
exchanges of commands/responses that are required for supporting
starttls-mechanisms (in ftp, it is actually an "AUTH TLS" command
that xymonnet must send after seeing the server banner). Xymonnet
really only supports sending one command and the listening for a
simple reponse.<br>
<br>
You can do it with the new net-code which is in the Xymon
source-tree right now. The protocols2.cfg stanza would look like
this:<br>
<br>
[ftps]<br>
port 21<br>
expect:220<br>
send:AUTH TLS\r\n<br>
expect:234<br>
starttls<br>
send:PBSZ 0\r\n<br>
expect:200<br>
send:PROT P\r\n<br>
expect:200<br>
close<br>
<br>
<br>
Regards,<br>
Henrik<br>
<br>
</body>
</html>