0

I've about 300+ servers to check if a particular port is open.

OpenSSL is taking over 5 minutes to respond with the whole output. But I don't need the whole output. I just want to see the CONNECTED message which pops up instantly if valid.

So, I'm terminating OpenSSL after few seconds using the below code.

Sample output: [345534@localhost tmp]$ echo "x" | openssl s_client -connect 192.168.18.10:500 CONNECTED(00000003) ^C

For that, I'm using:

echo "x" | openssl s_client -connect 192.168.18.10:500 & sleep 4 echo "Teriminating openssl for cleanup." pkill -f openssl echo "done"

Question: Is there a way to capture the OpenSSL command (running in the background) output without waiting for 5 minutes to determine if the port connection is established or not?

I've tried the below procedure, no go:

echo "x" | openssl s_client -connect 192.168.18.10:500 > /tmp/_out &

sleep 4

a=$(</tmp/_out)

echo $a

pkill -f openssl

Jacky
  • 11
  • 5

2 Answers2

0

Why not use timeout instead of having to background your openssl command?

# save the exit code on the same line to prevent future bugs if
# someone inserts any code between the openssl call and the if block
timeout 4 openssl s_client -connect 192.168.18.10:500 >/tmp/_out 2>/tmp/_error; ec=$?
if ((ec == 124)); then
  # openssl timed out
elif ((ec != 0)); then
  # openssl failed
  cat /tmp/_error
else
  # openssl succeeded
  cat /tmp/_out
fi
codeforester
  • 39,467
  • 16
  • 112
  • 140
  • Thanks for the answer! but ec value is always getting to 124-timed out. any clue why would that happen? – Jacky Apr 11 '18 at 22:44
  • Looks like openssl is timing out each time. Increase your timeout value. When it times out, it may not produce any output. In any case, I have updated the answer to send stderr to a different file. – codeforester Apr 11 '18 at 23:30
  • I've just tried with timeout value 100 and 200. ec value doesn't change from 124. Couldn't get the output saved in /tmp/_out or /tmp/_error. – Jacky Apr 11 '18 at 23:51
  • What happens if you call `openssl` without the timeout? Does it finish within a reasonable amount of time? – codeforester Apr 12 '18 at 06:02
  • That is the original problem. `OpenSSL` is taking over 4 to 5 minutes to respond with the whole output. But I don't need the whole output. I just want to see the `CONNECTED` message which pops up instantly if valid. – Jacky Apr 12 '18 at 07:04
  • That is a very different requirement. Please update your question accordingly and I would be glad to update the answer to address your problem. – codeforester Apr 12 '18 at 15:01
  • Sure. Updated the question. I just want to reduce the time while I run OpenSSL commands. Any suggestions on that would be great. Thanks! – Jacky Apr 12 '18 at 16:30
0

You can find the PID of your most recently executed background (asynchronous) command in $!. You might operate with that.

cat server_list | while read s; do
  echo "x" | openssl s_client -connect 192.168.18.10:500 > /tmp/_out_$s &
  export opensslPid=$!
  # open a new shell, and send in background immediately
  (sleep $timeOut; echo "Killed with timeout" >> /tmp/_out_$s; kill $opensslPid)&
done

What you have left is monitor the files in /tmp/out*.

If you don't want all 300 process to run in parallel, you might try something like https://unix.stackexchange.com/questions/272545/is-there-a-limit-to-processes-i-can-run-in-the-background or Bash: limit the number of concurrent jobs?

torbatamas
  • 1,236
  • 1
  • 11
  • 21
  • Sorry if I missed giving the complete picture. I'm using puppet/rundeck to push the script to the servers and it can wait can fetch the output. `echo "x"` terminates the OpenSSL process once done. I was really checking for a way to do it faster without waiting for the whole output. But it looks like it isn't easy. – Jacky Apr 12 '18 at 13:33