Werk #12128: Fix random encrypted livestatus connection issues without Livestatus proxy
Component | User interface |
Title | Fix random encrypted livestatus connection issues without Livestatus proxy |
Date | Feb 12, 2021 |
Checkmk Edition | Checkmk Raw (CRE) |
Checkmk Version | 2.0.0b7 2.1.0b1 |
Level | Trivial Change |
Class | Bug Fix |
Compatibility | Compatible - no manual interaction needed |
When using encrypted livestatus connections for accessing remote sites while not using the livestatus proxy daemon, this could result in errors like "attempt to connect already-connected SSLsocket" or some handshake related errors like "The handshake operation timed out".
This was caused by the livestatus.py client which tries to optimize the connect timeouts by first starting with a very small timeout and then retrying with a larger timeout value. This worked as expected for not encrypted connections, but not for encrypted connections which were able to perform the connect but not the TLS handshake in time. The second try was then failing because of the already connected socket from the first try. This already connected socket is now handled correctly and will retry the handshake with a longer timeout.