[Pkg-nagios-devel] Bug#822955: monitoring-plugins (2.1.1-1) Disable SSLv3
Anoop Seburuth
anoop at hackers.mu
Fri Apr 29 09:57:59 UTC 2016
Package: monitoring-plugins
Version: 2.1.1
As Described the problem: https://www.rfc-editor.org/rfc/rfc7568.txt
According to rfc7568, sslv3 is no longer considered secure. This patch
disables sslv3 if the system's openssl is compiled without it. (Jessie)
Below is a transcript:
--- monitoring-plugins-2.1.1.orig/plugins/sslutils.c
+++ monitoring-plugins-2.1.1/plugins/sslutils.c
@@ -66,7 +66,12 @@ int np_net_ssl_init_with_hostname_versio
#endif
break;
case 3: /* SSLv3 protocol */
+#if defined(OPENSSL_NO_SSL3)
+ printf(("%s\n", _("CRITICAL - SSL protocol version 3 is
not supported by your SSL library.")));
+ return STATE_CRITICAL;
+#else
method = SSLv3_client_method();
+#endif
break;
default: /* Unsupported */
printf("%s\n", _("CRITICAL - Unsupported SSL protocol
version."));
I am using Debian GNU/Linux 8 (Jessie) , Kernel 3.16.7-ckt25-1 and GLIBC
2.19-18+deb8u4
Regard,
Anoop Seburuth
More information about the Pkg-nagios-devel
mailing list