[Xymon] Patch for xymonnet: Fails to detect closed ports on SSL-enabled services

Henrik Størner henrik at hswn.dk
Fri Dec 11 12:05:59 CET 2015


Hi,

I ran into a weird issue this morning.

When testing an SSL-enabled service (amqps), the status showed up as 
green even though there was no service listening on the port.

It may be related to the fairly old OpenSSL version installed (0.9.8j + 
SUSE patches), because I have never seen it before - and it sounds like 
the kind of bug that ought to pop up fairly quickly.

Debug shows:
38969 2015-12-11 12:02:01.466947 TCP tests completed normally
Address=10.0.0.1:5671, open=1, res=0, err=5, connecttime=0.001542, 
totaltime=0.001542,
38969 2015-12-11 12:02:01.467163 Sending results for service amqps
38969 2015-12-11 12:02:01.467205 Adding to combo msg: status+30 
foo,example,com.amqps green <!-- [flags:OrdastLe] --> Fri Dec 11 
12:02:01 2015 amqps ok

The "open=1" is what triggers the green status, but it doesn't match 
the "err=5" which means the openssl-functions returned an error.

This patch should fix it - against 4.3.24.


Regards,
Henrik
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ssl-connrefused-4_3_24.diff
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20151211/56c7e71e/attachment.ksh>


More information about the Xymon mailing list