[Xymon] ftps tests

Henrik Størner henrik at hswn.dk
Sat Dec 19 11:57:46 CET 2015


Hi,

Den 18-12-2015 kl. 19:03 skrev Galen Johnson:
>
> Actually, it may not be as bad as all that.  openssl already supports 
> this.  Not 100% sure but I thought Xymon leveraged that for the ssl 
> connections.  I'm looking at https://www.madboa.com/geek/openssl/. 
>  The syntax is not exactly correct there but I'm currently trying to 
> amend it.  Looking at 
> https://www.openssl.org/docs/manmaster/apps/s_client.html, the openssl 
> s_client supports starttls for ftp (/Currently, the only supported 
> keywords are "smtp", "pop3", "imap", "ftp", "xmpp", "xmpp-server", and 
> "irc."/)
>
>
the various starttls methods in openssl are implemented in the s_client 
application, not as part of the openssl library. So it isn't something 
that can be pulled into Xymon easily.

The xymonnet program really does not allow for the multiple exchanges of 
commands/responses that are required for supporting starttls-mechanisms 
(in ftp, it is actually an "AUTH TLS" command that xymonnet must send 
after seeing the server banner). Xymonnet really only supports sending 
one command and the listening for a simple reponse.

You can do it with the new net-code which is in the Xymon source-tree 
right now. The protocols2.cfg stanza would look like this:

[ftps]
    port 21
    expect:220
    send:AUTH TLS\r\n
    expect:234
    starttls
    send:PBSZ 0\r\n
    expect:200
    send:PROT P\r\n
    expect:200
    close


Regards,
Henrik

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20151219/332fc846/attachment.html>


More information about the Xymon mailing list