[Pkg-nagios-devel] Bug#822955: monitoring-plugins (2.1.1-1) Disable SSLv3

Anoop Seburuth anoop at hackers.mu
Fri Apr 29 09:57:59 UTC 2016

Package: monitoring-plugins
Version: 2.1.1

As Described the problem: https://www.rfc-editor.org/rfc/rfc7568.txt
According to rfc7568, sslv3 is no longer considered secure. This patch
disables sslv3 if the system's openssl is compiled without it. (Jessie)

Below is a transcript:

--- monitoring-plugins-2.1.1.orig/plugins/sslutils.c
+++ monitoring-plugins-2.1.1/plugins/sslutils.c
@@ -66,7 +66,12 @@ int np_net_ssl_init_with_hostname_versio
         case 3: /* SSLv3 protocol */
+#if defined(OPENSSL_NO_SSL3)
+                printf(("%s\n", _("CRITICAL - SSL protocol version 3 is
not supported by your SSL library.")));
+                return STATE_CRITICAL;
                 method = SSLv3_client_method();
         default: /* Unsupported */
                 printf("%s\n", _("CRITICAL - Unsupported SSL protocol

I am using Debian GNU/Linux 8 (Jessie) , Kernel 3.16.7-ckt25-1 and GLIBC


Anoop Seburuth

More information about the Pkg-nagios-devel mailing list