[monit-dev] [PATCH] bugfix when having clientpemfile with httpd and monit status not working

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[monit-dev] [PATCH] bugfix when having clientpemfile with httpd and monit status not working

Markus Linnala-3
With this config:

set httpd port 2812
     allow localhost
     SSL ENABLE
     PEMFILE /etc/certs/monit.pem
     CLIENTPEMFILE /etc/certs/monit-client.pem

I got:

# monit status
monit: cannot read status from the monit daemon

And at monit.log:

[EET Dec 28 15:01:56] error    : monit: The client did not supply a
required client certificate!
[EET Dec 28 15:01:56] error    : monit: cannot read status from the
monit daemon

I expect to get working status.

I have attached patch to fix this situation. Use clientpemfile for
status connection too it is set.

Patch adds clientpemfile to Ssl_T and then fill it when initializing
status socket. Same idea as at sendmail open_server. And then it
tries to free memory whenever we free certmd5.

Patch is lightly tested.

--
Markus Linnala, Chief Systems Architect
Cybercom Finland
Pakkahuoneenaukio 2 A; 33100 Tampere
Mobile +358 40 5919 735
[hidden email]

www.cybercom.fi | www.cybercom.com

_______________________________________________
monit-dev mailing list
[hidden email]
https://lists.nongnu.org/mailman/listinfo/monit-dev

monit-5.3.2-maage-clientcertssl.patch (3K) Download Attachment