[Xymon] Patch for xymonnet: Fails to detect closed ports on SSL-enabled services
Henrik Størner
henrik at hswn.dk
Fri Dec 11 12:05:59 CET 2015
Hi,
I ran into a weird issue this morning.
When testing an SSL-enabled service (amqps), the status showed up as
green even though there was no service listening on the port.
It may be related to the fairly old OpenSSL version installed (0.9.8j +
SUSE patches), because I have never seen it before - and it sounds like
the kind of bug that ought to pop up fairly quickly.
Debug shows:
38969 2015-12-11 12:02:01.466947 TCP tests completed normally
Address=10.0.0.1:5671, open=1, res=0, err=5, connecttime=0.001542,
totaltime=0.001542,
38969 2015-12-11 12:02:01.467163 Sending results for service amqps
38969 2015-12-11 12:02:01.467205 Adding to combo msg: status+30
foo,example,com.amqps green <!-- [flags:OrdastLe] --> Fri Dec 11
12:02:01 2015 amqps ok
The "open=1" is what triggers the green status, but it doesn't match
the "err=5" which means the openssl-functions returned an error.
This patch should fix it - against 4.3.24.
Regards,
Henrik
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ssl-connrefused-4_3_24.diff
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20151211/56c7e71e/attachment.ksh>
More information about the Xymon
mailing list