Fatal error sending Operator Intervention email

[SCHEDULER-1764] Fatal error sending Operator Intervention email
Type	Bug
Priority	High
Severity	Major
Component	Dispatch Scheduler Engine
Fixed In Version	[8.3.1] 8.3.1
Versions Affected	[8.3] 8.3
Severity	Closed
Resolution	Complete

Reported By	Bob Denny
Resources	Bob Denny
Start Date	4/23/2020

Description

See this Comm Center thread by Tim Long and Steve Reilly. The scheduler is trying to send Operator Intervention email. In that process, as of 8.3, it tries to get the status of TLS (https)  on ACP's web server so it can include a link to the Scheduler Engine Log. it does this on all scheduler-generated emaild. However if the Operator Intervention came from a compromised ACP, then tyrying to get TLSSecurityActive from ACP will fail for RPC error etc. It's  uncaught in SendEmail so it causes the scheduler to fatally exit. Oops.

Comments

4/28/2020 11:34:37 AM

Bob Denny


 
  SVN Comment
 
 
  Author
  rbdenny
 
 
  Repository
  svn+ssh://rbdenny@a2_svn_dc3/home/rbdenny/svn/astro/scheduler
 
 
  SVN Revision
  832
 
 
  Affected files
  /trunk/Help/RelNotes.htm (Modified)

 
 
  Check-in comment
  Oops, forgot release notes
GEM:1764

4/23/2020 11:07:09 AM

Bob Denny


 
  SVN Comment
 
 
  Author
  rbdenny
 
 
  Repository
  svn+ssh://rbdenny@a2_svn_dc3/home/rbdenny/svn/astro/scheduler
 
 
  SVN Revision
  831
 
 
  Affected files
  /trunk/Scheduler/ACPSequencer.cs (Modified)
/trunk/Scheduler/AssemblyInfo.cs (Modified)

 
 
  Check-in comment
  Prevent fatal error sending email after ACP is compromised. 
GEM:1764

4/23/2020 11:05:00 AM

Bob Denny

PRIVATE BUILD for test attached to this forum thread.