[Nagiosplug-devel] [ nagiosplug-Bugs-2916307 ] check_http -S fails with some servers
SourceForge.net
noreply at sourceforge.net
Tue Apr 13 13:54:30 CEST 2010
Bugs item #2916307, was opened at 2009-12-17 10:30
Message generated for change (Settings changed) made by dermoth
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2916307&group_id=29880
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: General plugin execution
Group: release-1.4.15
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Patricia Jung (patricia_jung)
Assigned to: Thomas Guyot-Sionnest (dermoth)
Summary: check_http -S fails with some servers
Initial Comment:
Hello Ton and all,
while updating from v 1.4.13 to v. 1.4.14 I observe check_http behaving rather strangely when performing HTTPS checks. Same platform (openSUSE 11.2), both plugin versions were compiled without any deviating configure options:
nagios-plugins-1.4.13> ./plugins/check_http -S -H <host> -p 8443
HTTP OK HTTP/1.1 200 OK - 2328 bytes in 0.205 seconds |time=0.205096s;;;0.000000 size=2328B;;;0
nagios-plugins-1.4.14> /plugins/check_http -S -H <host> -p 8443
CRITICAL - Cannot make SSL connection
HTTP CRITICAL - Error on receive
With other servers, however, the same test (same port) succeeds even with version 1.4.14. Any advice on how to proceed?
Best
Patricia
----------------------------------------------------------------------
>Comment By: Thomas Guyot-Sionnest (dermoth)
Date: 2010-04-13 07:54
Message:
I believe this is fixed in the Git master branch - please speak out if
not.
You can try the latest snapshots to test:
http://nagiosplug.sourceforge.net/snapshot/nagios-plugins-master.tar.gz
Thanks
----------------------------------------------------------------------
Comment By: Patricia Jung (patricia_jung)
Date: 2009-12-18 03:56
Message:
Hello Thomas,
thanks for taking this up quickly! Yes, both plugin versions I compiled
freshly from scratch yesterday. Unfortunately the host in question is only
accessible via VPN, but I'm happy to help out with tests.
> openssl version
OpenSSL 0.9.8k 25 Mar 2009
(64-Bit-version from openssl-0.9.8k-3.5.3.x86_64/OpenSuse 11.2)
> pkg-config --modversion openssl
0.9.8k
> libexec/check_http_1.4.14 -vvv -S -H <host> -p 8443
CRITICAL - Cannot make SSL connection
GET / HTTP/1.1
User-Agent: check_http/v1.4.14 (nagios-plugins 1.4.14)
Connection: close
Host: <host>:8443
HTTP CRITICAL - Error on receive
> libexec/check_http_1.4.13 -vvv -S -H <host> -p 8443
GET / HTTP/1.0
User-Agent: check_http/v2053 (nagios-plugins 1.4.13)
Connection: close
Host: <host>:8443
https://<host>:8443/ is 2328 characters
STATUS: HTTP/1.1 200 OK
**** HEADER ****
Server: Apache-Coyote/1.1
ETag: W/"2103-1258744786000"
Last-Modified: Fri, 20 Nov 2009 19:19:46 GMT
Content-Type: text/html
Content-Length: 2103
Date: Fri, 18 Dec 2009 08:09:54 GMT
Connection: close
**** CONTENT ****
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>censhare WebClient</title>
<!-- <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7"/> -->
<link rel="stylesheet" type="text/css" href="corpus.css"/>
<link rel="shortcut icon" href="favicon.ico"/>
<meta http-equiv="Content-Type" content="application/xhtml+xml;
charset=utf-8"/>
</head>
<body>
<script type="text/javascript"
src="webclient/webclient.nocache.js"></script>
<script type="text/javascript">
// localization messages for the login page
var loginMessages;
function initDictionary(lang) {
if (lang == null) {
lang = navigator.language; // browser language, case Firefox,
Safari,...
if (lang == null)
lang = navigator.userLanguage; // case IE
}
loginMessages = dictionaries[lang];
if (loginMessages == null)
loginMessages = dictionaries["en"];
}
var dictionaries = new Array();
/* Login dialog messages */
dictionaries["de"] = {
password: "Passwort:",
server: "Server:",
loginName: "Benutzername:",
censhareLogin: "Anmeldung",
login: "Anmelden",
nameNotEmpty: "Der Benutzername darf nicht leer sein"
};
dictionaries["en"] = {
password: "Password:",
server: "Server:",
loginName: "Login Name:",
censhareLogin: "Login",
login: "Login",
nameNotEmpty: "The login name must not be empty"
};
/* Further languages can be defined here */
</script>
<div class="loadingMessage" id="loadingMessage2">Configuring...</div>
<div class="loadingMessage" id="loadingMessage1">Loading
Application...</div>
<div class="head">
<div class="imageHead"><span>Bild</span></div>
</div>
<div class="topMenu"></div>
<div id="loginPanel"></div>
<noscript>
<h3>Diese Seiten benötigen Javascript.</h3>
Bitte aktivieren sie Javascript in ihrem Browser
</noscript>
</body>
</html>
HTTP OK HTTP/1.1 200 OK - 2328 bytes in 0.473 seconds
|time=0.473123s;;;0.000000 size=2328B;;;0
Best
Patricia
----------------------------------------------------------------------
Comment By: Thomas Guyot-Sionnest (dermoth)
Date: 2009-12-17 22:55
Message:
Thanks for your report. I've seen this bug previously (in debian trackers,
I don't remember if there's a NP trackers counterpart).... So far it seemed
to be a compatibility problem with OpenSSL, and last time I checked I could
not find a single change in nagios-pugins that could explain this.
So the most important question is did you freshly compile both plugins
version at the same time (i.e. with the same OS patches/underlying
libraries)?. Ideally I would like that you start from fresh tarballs in an
empty directory, extract them, configure, compile and test both versions.
If you can still reproduce this regression from fresh builds I will further
investigate.
It would be nice if you could include the full verbose output (-vvv) of
the plugins, the exact version of OpenSSL you're using (i.e. installed OS
packages) and the output of "pkg-config --modversion openssl".
It would be even better if you can also provide an externally accessible
URL I could test with (using private mail if you wish).
Thank you
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=2916307&group_id=29880
More information about the Devel
mailing list