[Nagiosplug-devel] [ nagiosplug-Bugs-2916307 ] check_http -S fails with some servers

SourceForge.net noreply at sourceforge.net
Fri Dec 18 09:56:33 CET 2009


Bugs item #2916307, was opened at 2009-12-17 16:30
Message generated for change (Comment added) made by patricia_jung
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2916307&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: release-1.4.15
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Patricia Jung (patricia_jung)
Assigned to: Thomas Guyot-Sionnest (dermoth)
Summary: check_http -S fails with some servers

Initial Comment:
Hello Ton and all,

while updating from v 1.4.13 to v. 1.4.14 I observe check_http behaving rather strangely when performing HTTPS checks. Same platform (openSUSE 11.2), both plugin versions were compiled without any deviating configure options:

nagios-plugins-1.4.13> ./plugins/check_http -S -H <host>  -p 8443 
HTTP OK HTTP/1.1 200 OK - 2328 bytes in 0.205 seconds |time=0.205096s;;;0.000000 size=2328B;;;0

nagios-plugins-1.4.14> /plugins/check_http -S -H <host>  -p 8443 
CRITICAL - Cannot make SSL connection 
HTTP CRITICAL - Error on receive

With other servers, however, the same test (same port) succeeds even with version 1.4.14. Any advice on how to proceed?

Best

     Patricia



----------------------------------------------------------------------

Comment By: Patricia Jung (patricia_jung)
Date: 2009-12-18 09:56

Message:
Hello Thomas,

thanks for taking this up quickly! Yes, both plugin versions I compiled
freshly from scratch yesterday. Unfortunately the host in question is only
accessible via VPN, but I'm happy to help out with tests.

> openssl version
OpenSSL 0.9.8k 25 Mar 2009
(64-Bit-version from openssl-0.9.8k-3.5.3.x86_64/OpenSuse 11.2)
> pkg-config --modversion openssl
0.9.8k

> libexec/check_http_1.4.14 -vvv -S -H <host>  -p 8443 
CRITICAL - Cannot make SSL connection 
GET / HTTP/1.1
User-Agent: check_http/v1.4.14 (nagios-plugins 1.4.14)
Connection: close
Host: <host>:8443


HTTP CRITICAL - Error on receive
> libexec/check_http_1.4.13 -vvv -S -H <host>  -p 8443 
GET / HTTP/1.0
User-Agent: check_http/v2053 (nagios-plugins 1.4.13)
Connection: close
Host: <host>:8443


https://<host>:8443/ is 2328 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Server: Apache-Coyote/1.1
ETag: W/"2103-1258744786000"
Last-Modified: Fri, 20 Nov 2009 19:19:46 GMT
Content-Type: text/html
Content-Length: 2103
Date: Fri, 18 Dec 2009 08:09:54 GMT
Connection: close
**** CONTENT ****
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

  <head>
    <title>censhare WebClient</title>
    <!-- <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"/> -->
    <link rel="stylesheet" type="text/css" href="corpus.css"/>
    <link rel="shortcut icon" href="favicon.ico"/>
    <meta http-equiv="Content-Type" content="application/xhtml+xml;
charset=utf-8"/>
  </head>
  <body>
    <script type="text/javascript"
src="webclient/webclient.nocache.js"></script>
    <script type="text/javascript">
// localization messages for the login page

var loginMessages;

function initDictionary(lang) {
    if (lang == null) {
        lang = navigator.language; // browser language, case Firefox,
Safari,...
        if (lang == null)
            lang = navigator.userLanguage; // case IE
    }

    loginMessages = dictionaries[lang];
    if (loginMessages == null)
        loginMessages = dictionaries["en"];
}

var dictionaries = new Array();

/* Login dialog messages */
dictionaries["de"] = {
    password: "Passwort:",
    server: "Server:",
    loginName: "Benutzername:",
    censhareLogin: "Anmeldung",
    login: "Anmelden",
    nameNotEmpty: "Der Benutzername darf nicht leer sein"
};
dictionaries["en"] = {
    password: "Password:",
    server: "Server:",
    loginName: "Login Name:",
    censhareLogin: "Login",
    login: "Login",
    nameNotEmpty: "The login name must not be empty"
};
/* Further languages can be defined here */

    </script>

    <div class="loadingMessage" id="loadingMessage2">Configuring...</div>
    <div class="loadingMessage" id="loadingMessage1">Loading
Application...</div>

    <div class="head">
      <div class="imageHead"><span>Bild</span></div>
    </div>
    <div class="topMenu"></div>
    <div id="loginPanel"></div>

      <noscript>
              <h3>Diese Seiten benötigen Javascript.</h3>
              Bitte aktivieren sie Javascript in ihrem Browser
      </noscript>
  </body>
</html>

HTTP OK HTTP/1.1 200 OK - 2328 bytes in 0.473 seconds
|time=0.473123s;;;0.000000 size=2328B;;;0

Best

       Patricia

----------------------------------------------------------------------

Comment By: Thomas Guyot-Sionnest (dermoth)
Date: 2009-12-18 04:55

Message:
Thanks for your report. I've seen this bug previously (in debian trackers,
I don't remember if there's a NP trackers counterpart).... So far it seemed
to be a compatibility problem with OpenSSL, and last time I checked I could
not find a single change in nagios-pugins that could explain this.

So the most important question is did you freshly compile both plugins
version at the same time (i.e. with the same OS patches/underlying
libraries)?. Ideally I would like that you start from fresh tarballs in an
empty directory, extract them, configure, compile and test both versions.
If you can still reproduce this regression from fresh builds I will further
investigate.

It would be nice if you could include the full verbose output (-vvv) of
the plugins, the exact version of OpenSSL you're using (i.e. installed OS
packages) and the output of "pkg-config --modversion openssl".

It would be even better if you can also provide an externally accessible
URL I could test with (using private mail if you wish).

Thank you

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2916307&group_id=29880




More information about the Devel mailing list