Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-13351

Strange log messages when OpenSSL connection times out

XMLWordPrintable

    • Sprint 27, Sprint 28, Sprint 29
    • 0.5

      Seeing surprising messages in the log file when Zabbix server cannot communicate with passive proxy using TLS (PSK) due to timeouts:

       10012:20180117:055518.812 cannot send data to proxy "<proxy name>": SSL_write() timed out
 10012:20180117:055518.812 SSL_shutdown() with <proxy IP> returned error code 5:

      According to OpenSSL documentation SSL_shutdown() can only return 1, 0 or negative values. Looking into this piece of code

      if (0 > (res = SSL_shutdown(s->tls_ctx->ctx)))
{
	int	error_code;
	char	*error = NULL;
	size_t	error_alloc = 0, error_offset = 0;

	error_code = SSL_get_error(s->tls_ctx->ctx, res);
	zbx_tls_error_msg(&error, &error_alloc, &error_offset);
	zabbix_log(LOG_LEVEL_WARNING, "SSL_shutdown() with %s returned error code %d: %s",
			s->peer, error_code, info_buf);
	zbx_free(error);
}

      revealed that "5" is not coming from SSL_shutdown() at all. Moreover, for some reason error is composed just to be thrown away.

            viktors.tjarve Viktors Tjarve
            glebs.ivanovskis Glebs Ivanovskis (Inactive)
            Team A
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: