From pgeenhuizen@carolina.rr.com Wed May 5 14:16:27 2004 Received: from ms-smtp-03-eri0.southeast.rr.com (ms-smtp-03-lbl.southeast.rr.com [24.25.9.102]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i45LGQb6029291 for ; Wed, 5 May 2004 14:16:26 -0700 (PDT) Received: from homeunix.net (cpe-069-134-048-056.carolina.rr.com [69.134.48.56]) by ms-smtp-03-eri0.southeast.rr.com (8.12.10/8.12.7) with ESMTP id i45LGOs1007736 for ; Wed, 5 May 2004 17:16:24 -0400 (EDT) Received: from gasbuggy.homeunix.net (gasbuggy [192.168.0.100]) by homeunix.net (8.12.10+Sun/8.12.10) with SMTP id i45LGN10022752 for ; Wed, 5 May 2004 17:16:23 -0400 (EDT) Received: from 192.168.0.2 (SquirrelMail authenticated user pete) by gasbuggy.homeunix.net with HTTP; Wed, 5 May 2004 17:16:23 -0400 (EDT) Message-ID: <1091.192.168.0.2.1083791783.squirrel@gasbuggy.homeunix.net> Date: Wed, 5 May 2004 17:16:23 -0400 (EDT) From: "Pete Geenhuizen" To: "conserver mailist" User-Agent: SquirrelMail/1.4.2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Virus-Scanned: Symantec AntiVirus Scan Engine X-Spam-Score: -4.2 () BAYES_00,PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Subject: Console windows binary X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 May 2004 21:16:28 -0000 Does anyone have a windows version of console to use with conserver? Thx Pete -- "Unencumbered by the thought process" --1992-2000 Click and Clack presidential campaign slogan From memory@blank.org Wed May 5 14:24:59 2004 Received: from blipvert.blank.org (bigtime.blank.org [68.161.227.160]) by underdog.stansell.org (8.12.11/8.12.11) with SMTP id i45LOvLW029651 for ; Wed, 5 May 2004 14:24:58 -0700 (PDT) Received: (qmail 21406 invoked by uid 500); 5 May 2004 21:24:57 -0000 Date: Wed, 5 May 2004 17:24:56 -0400 From: "Nathan J. Mehl" To: Pete Geenhuizen Message-ID: <20040505212444.GB2318@blank.org> References: <1091.192.168.0.2.1083791783.squirrel@gasbuggy.homeunix.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1091.192.168.0.2.1083791783.squirrel@gasbuggy.homeunix.net> User-Agent: Mutt/1.4.1i X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 X-Mailman-Approved-At: Wed, 05 May 2004 14:45:18 -0700 Cc: conserver mailist Subject: Re: Console windows binary X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 May 2004 21:25:00 -0000 In the immortal words of Pete Geenhuizen (pgeenhuizen@carolina.rr.com): > Does anyone have a windows version of console to use with conserver? > Try compiling it under cygwin? -n ------------------------------------------------------------ "Very funny, Space Moose." ---------------------------------------------------- From pgeenhuizen@carolina.rr.com Thu May 6 14:25:59 2004 Received: from ms-smtp-04-eri0.southeast.rr.com (ms-smtp-04-lbl.southeast.rr.com [24.25.9.103]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i46LPvXi029758 for ; Thu, 6 May 2004 14:25:58 -0700 (PDT) Received: from homeunix.net (cpe-069-134-048-056.carolina.rr.com [69.134.48.56]) by ms-smtp-04-eri0.southeast.rr.com (8.12.10/8.12.7) with ESMTP id i46LPsC8023662 for ; Thu, 6 May 2004 17:25:54 -0400 (EDT) Received: from gasbuggy.homeunix.net (gasbuggy [192.168.0.100]) by homeunix.net (8.12.10+Sun/8.12.10) with SMTP id i46LPr10005497 for ; Thu, 6 May 2004 17:25:53 -0400 (EDT) Received: from 192.168.0.2 (SquirrelMail authenticated user pete) by gasbuggy.homeunix.net with HTTP; Thu, 6 May 2004 17:25:53 -0400 (EDT) Message-ID: <1912.192.168.0.2.1083878753.squirrel@gasbuggy.homeunix.net> In-Reply-To: <1091.192.168.0.2.1083791783.squirrel@gasbuggy.homeunix.net> References: <1091.192.168.0.2.1083791783.squirrel@gasbuggy.homeunix.net> Date: Thu, 6 May 2004 17:25:53 -0400 (EDT) From: "Pete Geenhuizen" To: "conserver mailist" User-Agent: SquirrelMail/1.4.2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Virus-Scanned: Symantec AntiVirus Scan Engine X-Spam-Score: -4.2 () BAYES_00,PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Subject: SUMMARY: Console windows binary X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 May 2004 21:26:00 -0000 Thanks to those who responded, the consensus was to use cygwin. So I broke down and installed cygwin and compiled conserver. From there I copied console.exe and cygwin1.dll to another PC and from that PC I was able to connect to conserver. Now I can deploy console without having to resort to installing cygwin. Ultimately pretty simple and straight forward. Pete -- "Unencumbered by the thought process" --1992-2000 Click and Clack presidential campaign slogan Pete Geenhuizen said: > Does anyone have a windows version of console to use with conserver? > > Thx > Pete > -- > "Unencumbered by the thought process" > --1992-2000 Click and Clack presidential campaign slogan > > > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > From bryan@stansell.org Fri May 7 09:21:47 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i47GLkBR020234; Fri, 7 May 2004 09:21:46 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i47GLkXW020233; Fri, 7 May 2004 09:21:46 -0700 (PDT) Date: Fri, 7 May 2004 09:21:46 -0700 From: Bryan Stansell To: users@conserver.com, announce@conserver.com Message-ID: <20040507162146.GZ20883@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Cc: Subject: conserver-8.1.5 is available X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 May 2004 16:21:48 -0000 There are a couple of fun new things in this release. For all those interested in how the client and server actually communicate, you can check out the new PROTOCOLS file. It's a work-in-progress, but should answer most questions. There's also a new initdelay option for throttling the startup of consoles (for cases like term servers that don't like 48 silmultaneous ssh connections). For the other goodies, see the complete list below. The conserver.cf manpage has a bit more detail on these things, so check that out as well. Enjoy! version 8.1.5 (May 7, 2004): - changed remaining O_NDELAY flags to O_NONBLOCK - added PROTOCOLS file to describe the client/server protocol - added '#include' capability to conserver.cf file - added '@group' syntax to conserver.cf file to support use of system groups - added -U client option to allow client to ask for encryption but fall back to non-encrypted connections otherwise - suggested by Mike Hendon - fixed bug where socket not properly deleted on exit - reported by William P LePera - added 'initdelay' option for throttling startup of consoles - suggested by Jay McCanta Bryan Stansell From william.charles@db.com Wed May 12 22:12:07 2004 Received: from bmr1-e1.aus.deuba.com (bagheera.aus.deuba.com [203.0.62.7]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4D5C1tp008085 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Wed, 12 May 2004 22:12:04 -0700 (PDT) Received: from sdbo1011.db.com by bmr1-e1.aus.deuba.com id i4D5Bwug017193; Thu, 13 May 2004 15:11:59 +1000 (EST) To: users@conserver.com, bryan@conserver.com X-Mailer: Lotus Notes Release 5.0.8 June 18, 2001 Message-ID: From: "William Charles" Date: Thu, 13 May 2004 15:11:57 +1000 X-MIMETrack: Serialize by Router on sdbo1011/DBAustralia/DeuBaInt/DeuBa(Release 5.0.12 |February 13, 2003) at 13/05/2004 15:11:59 MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: Subject: Conserver 8.x on Solaris 8... X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2004 05:12:08 -0000 Folks, Before I spend too much time tracking this down, has anyone seen the following behaviour before? I'm using Conserver 8.1.5 on a Solaris 8 host connecting to several terminal servers via TCP. Every five minutes each Conserver daemon wakes up and reports the following for each console in its group... The same behaviour has been observed with older versions of Conserver 8... [Thu May 13 15:01:29 2004] conserver (5783): ERROR: [scholes] read failure [Thu May 13 15:01:29 2004] conserver (5783): [scholes] automatic reinitialization A quick truss of the daemon shows that poll() is indicating 'ready to read' on a file descriptor, but that the following read() returns zero bytes. And this is flagged as an error by Conserver? poll(0xFFBEF738, 17, 9000) = 1 fd=3 ev=POLLRDNORM rev=0 fd=6 ev=POLLRDNORM rev=0 fd=8 ev=POLLRDNORM rev=0 fd=10 ev=POLLRDNORM rev=0 fd=12 ev=POLLOUT rev=0 fd=14 ev=POLLRDNORM rev=POLLRDNORM fd=16 ev=POLLRDNORM rev=0 fd=18 ev=POLLRDNORM rev=0 fd=20 ev=POLLRDNORM rev=0 fd=22 ev=POLLRDNORM rev=0 fd=24 ev=POLLRDNORM rev=0 fd=26 ev=POLLRDNORM rev=0 fd=28 ev=POLLRDNORM rev=0 fd=30 ev=POLLRDNORM rev=0 fd=32 ev=POLLRDNORM rev=0 fd=34 ev=POLLRDNORM rev=0 fd=36 ev=POLLRDNORM rev=0 read(14, 0xFFBEF078, 1024) = 0 Thanks, Will. William Charles ______________________________________________________________ Global UNIX Engineering, Asia/Pacific [/] Deutsche Bank Sydney +61 2 9258 1916 -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. From bryan@stansell.org Thu May 13 05:39:04 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4DCd3kh029114 for ; Thu, 13 May 2004 05:39:04 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4DCd3tN029113 for users@conserver.com; Thu, 13 May 2004 05:39:03 -0700 (PDT) Date: Thu, 13 May 2004 05:39:03 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040513123903.GP11939@underdog.stansell.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: Conserver 8.x on Solaris 8... X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2004 12:39:05 -0000 On Thu, May 13, 2004 at 03:11:57PM +1000, William Charles wrote: > Folks, > > Before I spend too much time tracking this down, has anyone seen the following behaviour before? I'm using Conserver 8.1.5 on a Solaris 8 host connecting to several terminal servers via TCP. Every five minutes each Conserver daemon wakes up and reports the following for each console in its group... The same behaviour has been observed with older versions of Conserver 8... > > [Thu May 13 15:01:29 2004] conserver (5783): ERROR: [scholes] read failure > [Thu May 13 15:01:29 2004] conserver (5783): [scholes] automatic reinitialization > looks like the terminal server is timing out the console connections. i know some have default idle-timeouts that disconnect clients after a certain amount of inactivity. and, then again, others can be set that way. that's my guess...a 5 minute idle-timeout. Bryan From cfowler@outpostsentinel.com Thu May 13 05:47:20 2004 Received: from www.outpostsentinel.com (66-23-198-138.clients.speedfactory.net [66.23.198.138]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4DClIBK029447 for ; Thu, 13 May 2004 05:47:18 -0700 (PDT) Received: from [192.168.2.8] (skylab.outpostsentinel.com [127.0.0.1]) by www.outpostsentinel.com (8.11.6/8.11.6) with ESMTP id i4DCl6U06701 for ; Thu, 13 May 2004 08:47:06 -0400 From: Christopher Fowler To: users@conserver.com In-Reply-To: <20040513123903.GP11939@underdog.stansell.org> References: <20040513123903.GP11939@underdog.stansell.org> Content-Type: text/plain Organization: Message-Id: <1084452436.9377.22.camel@cfowler.outpostsentinel.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.2 (1.2.2-5) Date: 13 May 2004 08:47:16 -0400 Content-Transfer-Encoding: 7bit X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Subject: Re: Conserver 8.x on Solaris 8... X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list Reply-To: cfowler@outpostsentinel.com List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2004 12:47:21 -0000 What type of Terminal Server? On Thu, 2004-05-13 at 08:39, Bryan Stansell wrote: > On Thu, May 13, 2004 at 03:11:57PM +1000, William Charles wrote: > > Folks, > > > > Before I spend too much time tracking this down, has anyone seen the following behaviour before? I'm using Conserver 8.1.5 on a Solaris 8 host connecting to several terminal servers via TCP. Every five minutes each Conserver daemon wakes up and reports the following for each console in its group... The same behaviour has been observed with older versions of Conserver 8... > > > > [Thu May 13 15:01:29 2004] conserver (5783): ERROR: [scholes] read failure > > [Thu May 13 15:01:29 2004] conserver (5783): [scholes] automatic reinitialization > > > > looks like the terminal server is timing out the console connections. > i know some have default idle-timeouts that disconnect clients after a > certain amount of inactivity. and, then again, others can be set that > way. that's my guess...a 5 minute idle-timeout. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users From sommerfeld@east.sun.com Thu May 13 05:59:00 2004 Received: from nwkea-mail-2.sun.com (nwkea-mail-2.sun.com [192.18.42.14]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4DCww4B029852; Thu, 13 May 2004 05:58:58 -0700 (PDT) Received: from eastmail1bur.East.Sun.COM ([129.148.9.49]) by nwkea-mail-2.sun.com (8.12.10/8.12.9) with ESMTP id i4DCwvLr006993; Thu, 13 May 2004 05:58:57 -0700 (PDT) Received: from thunk.east.sun.com (thunk.East.Sun.COM [129.148.174.66]) by eastmail1bur.East.Sun.COM (8.12.10+Sun/8.12.10/ENSMAIL,v2.2) with ESMTP id i4DCwvcc009672; Thu, 13 May 2004 08:58:57 -0400 (EDT) Received: from thunk (localhost [127.0.0.1]) by thunk.east.sun.com (8.12.11+Sun/8.12.11) with ESMTP id i4DCwucx028840; Thu, 13 May 2004 08:58:57 -0400 (EDT) Message-Id: <200405131258.i4DCwucx028840@thunk.east.sun.com> From: Bill Sommerfeld To: "William Charles" In-Reply-To: Your message of "Thu, 13 May 2004 15:11:57 +1000." Date: Thu, 13 May 2004 08:58:56 -0400 Sender: sommerfeld@east.sun.com X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com, bryan@conserver.com Subject: Re: Conserver 8.x on Solaris 8... X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list Reply-To: sommerfeld@east.sun.com List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 May 2004 12:59:01 -0000 > A quick truss of the daemon shows that poll() is indicating 'ready > to read' on a file descriptor, but that the following read() returns > zero bytes. And this is flagged as an error by Conserver? "zero bytes read" is how unix reports EOF. run snoop/tcpdump/ethereal on the interface and I bet you'll see the TS closing the connections.. - Bill From william.charles@db.com Thu May 13 17:42:37 2004 Received: from bmr2-e1.aus.deuba.com (mowgli.aus.deuba.com [203.0.63.7]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4E0gVEV024835 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Thu, 13 May 2004 17:42:34 -0700 (PDT) Received: from sdbo1011.db.com by bmr2-e1.aus.deuba.com id i4E0gQr9010346; Fri, 14 May 2004 10:42:26 +1000 (EST) To: "bryan" X-Mailer: Lotus Notes Release 5.0.8 June 18, 2001 Message-ID: From: "William Charles" Date: Fri, 14 May 2004 10:42:23 +1000 X-MIMETrack: Serialize by Router on sdbo1011/DBAustralia/DeuBaInt/DeuBa(Release 5.0.12 |February 13, 2003) at 14/05/2004 10:42:26 MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com, users-bounces@conserver.com Subject: Re: Conserver 8.x on Solaris 8... X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2004 00:42:38 -0000 Many thanks to all those who responded. All were right in saying that the likely culprit was our Cisco terminal servers timing-out the connections after five minutes... I'm not yet sure whether our Network colleagues have changed anything, but I'm almost certain that Conserver 7.x was somewhat less sensitive to this? I certainly don't recall the logs being full of reconnection messages? Could be wrong... Thanks Again, Will. William Charles ______________________________________________________________ Global UNIX Engineering, Asia/Pacific [/] Deutsche Bank Sydney +61 2 9258 1916 bryan@conserver.c om To: users@conserver.com Sent by: cc: users-bounces@con Subject: Re: Conserver 8.x on Solaris 8... server.com 13/05/2004 22:39 On Thu, May 13, 2004 at 03:11:57PM +1000, William Charles wrote: > Folks, > > Before I spend too much time tracking this down, has anyone seen the following behaviour before? I'm using Conserver 8.1.5 on a Solaris 8 host connecting to several terminal servers via TCP. Every five minutes each Conserver daemon wakes up and reports the following for each console in its group... The same behaviour has been observed with older versions of Conserver 8... > > [Thu May 13 15:01:29 2004] conserver (5783): ERROR: [scholes] read failure > [Thu May 13 15:01:29 2004] conserver (5783): [scholes] automatic reinitialization > looks like the terminal server is timing out the console connections. i know some have default idle-timeouts that disconnect clients after a certain amount of inactivity. and, then again, others can be set that way. that's my guess...a 5 minute idle-timeout. Bryan _______________________________________________ users mailing list users@conserver.com https://www.conserver.com/mailman/listinfo/users -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. From cfowler@outpostsentinel.com Thu May 13 18:04:39 2004 Received: from linux.site (66-23-198-2.clients.speedfactory.net [66.23.198.2]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4E14Zcc025597; Thu, 13 May 2004 18:04:36 -0700 (PDT) Received: from [127.0.0.1] (localhost [127.0.0.1]) by linux.site (Postfix) with ESMTP id ABACA420FD; Thu, 13 May 2004 21:09:24 -0400 (EDT) From: Christopher Fowler To: William Charles In-Reply-To: References: Content-Type: text/plain Organization: OutPost Sentinel, LLC Message-Id: <1084496964.1982.16.camel@linux.site> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Thu, 13 May 2004 21:09:24 -0400 Content-Transfer-Encoding: 7bit X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users-bounces@conserver.com, users@conserver.com, bryan Subject: Re: Conserver 8.x on Solaris 8... X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list Reply-To: cfowler@outpostsentinel.com List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2004 01:04:41 -0000 I've had issues where a firewall/router will kill a connection if no data goes through after a length of time. On Thu, 2004-05-13 at 20:42, William Charles wrote: > Many thanks to all those who responded. All were right in saying that the likely culprit was our Cisco terminal servers timing-out the connections after five minutes... I'm not yet sure whether our Network colleagues have changed anything, but I'm almost certain that Conserver 7.x was somewhat less sensitive to this? I certainly don't recall the logs being full of reconnection messages? Could be wrong... > > Thanks Again, > Will. > > William Charles ______________________________________________________________ > Global UNIX Engineering, Asia/Pacific [/] Deutsche Bank Sydney +61 2 9258 1916 > > > > > bryan@conserver.c > om To: users@conserver.com > Sent by: cc: > users-bounces@con Subject: Re: Conserver 8.x on Solaris 8... > server.com > > > 13/05/2004 22:39 > > > > > > > On Thu, May 13, 2004 at 03:11:57PM +1000, William Charles wrote: > > Folks, > > > > Before I spend too much time tracking this down, has anyone seen the following behaviour before? I'm using Conserver 8.1.5 on a Solaris 8 host connecting to several terminal servers via TCP. Every five minutes each Conserver daemon wakes up and reports the following for each console in its group... The same behaviour has been observed with older versions of Conserver 8... > > > > [Thu May 13 15:01:29 2004] conserver (5783): ERROR: [scholes] read failure > > [Thu May 13 15:01:29 2004] conserver (5783): [scholes] automatic reinitialization > > > > looks like the terminal server is timing out the console connections. > i know some have default idle-timeouts that disconnect clients after a > certain amount of inactivity. and, then again, others can be set that > way. that's my guess...a 5 minute idle-timeout. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > > > > > > -- > > This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. > > > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users From cfowler@outpostsentinel.com Thu May 13 18:05:20 2004 Received: from linux.site (66-23-198-2.clients.speedfactory.net [66.23.198.2]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4E15HPD025676; Thu, 13 May 2004 18:05:17 -0700 (PDT) Received: from [127.0.0.1] (localhost [127.0.0.1]) by linux.site (Postfix) with ESMTP id D65BA420FD; Thu, 13 May 2004 21:10:06 -0400 (EDT) From: Christopher Fowler To: William Charles In-Reply-To: References: Content-Type: text/plain Organization: OutPost Sentinel, LLC Message-Id: <1084497006.1982.18.camel@linux.site> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Thu, 13 May 2004 21:10:06 -0400 Content-Transfer-Encoding: 7bit X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users-bounces@conserver.com, users@conserver.com, bryan Subject: Re: Conserver 8.x on Solaris 8... X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list Reply-To: cfowler@outpostsentinel.com List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2004 01:05:22 -0000 I think one temp solution may be to change the keepalive on the conserver server to something less than 5 minutes. That may keep it going. On Thu, 2004-05-13 at 20:42, William Charles wrote: > Many thanks to all those who responded. All were right in saying that the likely culprit was our Cisco terminal servers timing-out the connections after five minutes... I'm not yet sure whether our Network colleagues have changed anything, but I'm almost certain that Conserver 7.x was somewhat less sensitive to this? I certainly don't recall the logs being full of reconnection messages? Could be wrong... > > Thanks Again, > Will. > > William Charles ______________________________________________________________ > Global UNIX Engineering, Asia/Pacific [/] Deutsche Bank Sydney +61 2 9258 1916 > > > > > bryan@conserver.c > om To: users@conserver.com > Sent by: cc: > users-bounces@con Subject: Re: Conserver 8.x on Solaris 8... > server.com > > > 13/05/2004 22:39 > > > > > > > On Thu, May 13, 2004 at 03:11:57PM +1000, William Charles wrote: > > Folks, > > > > Before I spend too much time tracking this down, has anyone seen the following behaviour before? I'm using Conserver 8.1.5 on a Solaris 8 host connecting to several terminal servers via TCP. Every five minutes each Conserver daemon wakes up and reports the following for each console in its group... The same behaviour has been observed with older versions of Conserver 8... > > > > [Thu May 13 15:01:29 2004] conserver (5783): ERROR: [scholes] read failure > > [Thu May 13 15:01:29 2004] conserver (5783): [scholes] automatic reinitialization > > > > looks like the terminal server is timing out the console connections. > i know some have default idle-timeouts that disconnect clients after a > certain amount of inactivity. and, then again, others can be set that > way. that's my guess...a 5 minute idle-timeout. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > > > > > > -- > > This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. > > > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users From william.charles@db.com Thu May 13 18:32:39 2004 Received: from bmr1-e1.aus.deuba.com (bagheera.aus.deuba.com [203.0.62.7]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4E1WXZ6026606 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Thu, 13 May 2004 18:32:36 -0700 (PDT) Received: from sdbo1011.db.com by bmr1-e1.aus.deuba.com id i4E1WV3F001711; Fri, 14 May 2004 11:32:31 +1000 (EST) To: cfowler@outpostsentinel.com X-Mailer: Lotus Notes Release 5.0.8 June 18, 2001 Message-ID: From: "William Charles" Date: Fri, 14 May 2004 11:32:29 +1000 X-MIMETrack: Serialize by Router on sdbo1011/DBAustralia/DeuBaInt/DeuBa(Release 5.0.12 |February 13, 2003) at 14/05/2004 11:32:31 MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com, bryan@conserver.com Subject: Re: Conserver 8.x on Solaris 8... X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.4 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 May 2004 01:32:40 -0000 That's an idea. I can also confirm that the observed behaviour is indeed due to the terminal server having (recently) been configured to drop idle connections... Thanks, Will. William Charles ______________________________________________________________ Global UNIX Engineering, Asia/Pacific [/] Deutsche Bank Sydney +61 2 9258 1916 cfowler@outpostse ntinel.com To: William Charles/Sydney/DBAustralia/DeuBa@DBAustralia Sent by: cc: users-bounces@conserver.com, users@conserver.com, users-bounces@con bryan@conserver.com server.com Subject: Re: Conserver 8.x on Solaris 8... 14/05/2004 11:10 Please respond to cfowler I think one temp solution may be to change the keepalive on the conserver server to something less than 5 minutes. That may keep it going. On Thu, 2004-05-13 at 20:42, William Charles wrote: > Many thanks to all those who responded. All were right in saying that the likely culprit was our Cisco terminal servers timing-out the connections after five minutes... I'm not yet sure whether our Network colleagues have changed anything, but I'm almost certain that Conserver 7.x was somewhat less sensitive to this? I certainly don't recall the logs being full of reconnection messages? Could be wrong... > > Thanks Again, > Will. > > William Charles ______________________________________________________________ > Global UNIX Engineering, Asia/Pacific [/] Deutsche Bank Sydney +61 2 9258 1916 > > > > > bryan@conserver.c > om To: users@conserver.com > Sent by: cc: > users-bounces@con Subject: Re: Conserver 8.x on Solaris 8... > server.com > > > 13/05/2004 22:39 > > > > > > > On Thu, May 13, 2004 at 03:11:57PM +1000, William Charles wrote: > > Folks, > > > > Before I spend too much time tracking this down, has anyone seen the following behaviour before? I'm using Conserver 8.1.5 on a Solaris 8 host connecting to several terminal servers via TCP. Every five minutes each Conserver daemon wakes up and reports the following for each console in its group... The same behaviour has been observed with older versions of Conserver 8... > > > > [Thu May 13 15:01:29 2004] conserver (5783): ERROR: [scholes] read failure > > [Thu May 13 15:01:29 2004] conserver (5783): [scholes] automatic reinitialization > > > > looks like the terminal server is timing out the console connections. > i know some have default idle-timeouts that disconnect clients after a > certain amount of inactivity. and, then again, others can be set that > way. that's my guess...a 5 minute idle-timeout. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > > > > > > -- > > This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. > > > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users _______________________________________________ users mailing list users@conserver.com https://www.conserver.com/mailman/listinfo/users -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. From pgeenhuizen@carolina.rr.com Tue May 18 07:00:55 2004 Received: from ms-smtp-04-eri0.southeast.rr.com (ms-smtp-04-lbl.southeast.rr.com [24.25.9.103]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4IE0rGU006666 for ; Tue, 18 May 2004 07:00:54 -0700 (PDT) Received: from homeunix.net (cpe-069-134-048-056.carolina.rr.com [69.134.48.56]) by ms-smtp-04-eri0.southeast.rr.com (8.12.10/8.12.7) with ESMTP id i4IE0mVv016534 for ; Tue, 18 May 2004 10:00:49 -0400 (EDT) Received: from www.gasbuggy.homeunix.net (gasbuggy [192.168.0.100]) by homeunix.net (8.12.10+Sun/8.12.10) with SMTP id i4IE0mOf016930 for ; Tue, 18 May 2004 10:00:48 -0400 (EDT) Received: from 192.85.47.1 (SquirrelMail authenticated user pete) by www.gasbuggy.homeunix.net with HTTP; Tue, 18 May 2004 10:00:48 -0400 (EDT) Message-ID: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net> Date: Tue, 18 May 2004 10:00:48 -0400 (EDT) From: "Pete Geenhuizen" To: users@conserver.com User-Agent: SquirrelMail/1.4.2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Virus-Scanned: Symantec AntiVirus Scan Engine X-Spam-Score: -4.2 () BAYES_00,PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Subject: More break help needed X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 14:00:55 -0000 OK so call me stupid, but I sure am having problems with break sequences, I'm now 2 for 2. Perhaps if I understood the break sequence syntax I might be able to figure this out. I've poked around some but haven't found anything about the syntax, how do you figure out what to send? For example in the config file the sun-std sequence is "\z" what does that men in simple english? I guess it equates to send brk. I'm now working on the alternate break sequence, so what does "\r\d~\d^b" mean I surmise ~B, but what means what? When I send the alternate break sequence I get [halt sent] # ^B but the server continues to run. If I change the sequence back to default the standard break sequence works just fine. FWIW This is Solaris 8 on a 4500 using a Cisco 2600 32 port terminal server. As always any guidance/help will be greatly appreciated. -- "Unencumbered by the thought process" --1992-2000 Click and Clack presidential campaign slogan From nhruby@uga.edu Tue May 18 07:23:32 2004 Received: from askew.ucns.uga.edu (askew.ucns.uga.edu [128.192.6.44]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4IENS33007511 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 18 May 2004 07:23:29 -0700 (PDT) Received: from askew.ucns.uga.edu (localhost.localdomain [127.0.0.1]) by askew.ucns.uga.edu (8.12.11/8.12.10) with ESMTP id i4IENJD0021990; Tue, 18 May 2004 10:23:19 -0400 Received: from localhost (nathan@localhost) by askew.ucns.uga.edu (8.12.11/8.12.11/Submit) with ESMTP id i4IENJot021986; Tue, 18 May 2004 10:23:19 -0400 X-Authentication-Warning: askew.ucns.uga.edu: nathan owned process doing -bs Date: Tue, 18 May 2004 10:23:18 -0400 (EDT) From: "nathan r. hruby" X-X-Sender: nathan@askew.ucns.uga.edu To: Pete Geenhuizen In-Reply-To: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net> Message-ID: References: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com Subject: Re: More break help needed X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 14:23:32 -0000 On Tue, 18 May 2004, Pete Geenhuizen wrote: > OK so call me stupid, but I sure am having problems with break sequences, > I'm now 2 for 2. > > Perhaps if I understood the break sequence syntax I might be able to > figure this out. > > I've poked around some but haven't found anything about the syntax, how do > you figure out what to send? > > For example in the config file the sun-std sequence is "\z" what does that > men in simple english? I guess it equates to send brk. > I believe so. > I'm now working on the alternate break sequence, so what does "\r\d~\d^b" > mean I surmise ~B, but what means what? > newline, pause, ~, pause, ^B > When I send the alternate break sequence I get > [halt sent] > # ^B > but the server continues to run. If I change the sequence back to default > the standard break sequence works just fine. > Right, IIRC, this is the "Alternate Break Sequence" in solaris, defined so you can have something other than a break (which some term servers send on shutdown / disconnect) to halt the machine. I'm not super-solaris guy so, someone please correct whatever misinformation I have :) -n -- ------------------------------------------- nathan hruby uga enterprise information technology services production systems support metaphysically wrinkle-free ------------------------------------------- From tim@buttersideup.com Tue May 18 07:37:43 2004 Received: from semantico.com (relayout.semantico.com [212.74.15.68]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4IEbfgs008020 for ; Tue, 18 May 2004 07:37:41 -0700 (PDT) Received: from spampd.localdomain (localhost [127.0.0.1]) by localhost.semantico.com (Postfix) with ESMTP id B497332002C for ; Tue, 18 May 2004 15:37:40 +0100 (BST) Received: from buttersideup.com (poppy.rp.lan [192.168.1.55]) by semantico.com (Postfix) with ESMTP id 3236632002C for ; Tue, 18 May 2004 15:37:40 +0100 (BST) Message-ID: <40AA1FB4.8020704@buttersideup.com> Date: Tue, 18 May 2004 15:37:40 +0100 From: Tim Small User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007 X-Accept-Language: en-us, en MIME-Version: 1.0 To: users@conserver.com Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on paprika.rp.lan X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 X-Spam-Level: X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Subject: Break sequences acting up? X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 14:37:44 -0000 Hi all, I'm having some fun with version 8.1.1 on Debian (Sarge) on an HP Prolient, with a Rocketport 550 4x serial card. I have these entries in the config file: default full { rw *; } default * { logfile /var/log/conserver/&; timestamp ""; include full; } break 8 { delay 250; string "\d\z\ds\d\z\ds\d\z\ds"; } break 9 { delay 250; string "\d\z\ds\d\z\ds\d\z\ds"; } access * { allowed 127.0.0.1; } console willow { master localhost; type device; device /dev/ttyr3; baud 115200; parity none; } My keystrokes follow the ">>>" below: >>> ctrl-e c l 9 willow:~# [halt sent] SysRq : HELP : loglevel0-8 reBoot tErm kIll saK showMem Off showPc unRaw Sync showTasks Unmount 9SysRq : HELP : loglevel0-8 reBoot tErm kIll saK showMem Off showPc unRaw Sync showTasks Unmount 9SysRq : Emergency Sync Syncing device 68:01 ... OK Syncing device 68:03 ... OK Done. >>> ctrl-e c l 8 [halt sent] SysRq : HELP : loglevel0-8 reBoot tErm kIll saK showMem Off showPc unRaw Sync showTasks Unmount 8SysRq : HELP : loglevel0-8 reBoot tErm kIll saK showMem Off showPc unRaw Sync showTasks Unmount 8SysRq : Emergency Sync Syncing device 68:01 ... OK Syncing device 68:03 ... OK Done. >>> ctrl-e c l ? [halt list] 0 - 250ms, `\z' 1 - 250ms, `\z' 2 - 250ms, `\r~^b' 3 - 250ms, `#.' 4 - 600ms, `\r\d~\d^b' 8 - 250ms, `\d\z\ds\d\z\ds\d\z\ds' 9 - 250ms, `\d\z\ds\d\z\ds\d\z\ds' >>> carriage-return -bash: 9988: command not found This seem pretty bizarre to me - my interpretation of what the Linux console is seeing is this: I type ctrl-e c l 9 Instead of seeing: s s s It sees: "something or other" 9 "something or other" 9 s Any ideas? Tim. From bryan@stansell.org Tue May 18 12:05:27 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4IJ5RYJ020611 for ; Tue, 18 May 2004 12:05:27 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4IJ5RNO020610 for users@conserver.com; Tue, 18 May 2004 12:05:27 -0700 (PDT) Date: Tue, 18 May 2004 12:05:27 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040518190527.GI11939@underdog.stansell.org> References: <40AA1FB4.8020704@buttersideup.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40AA1FB4.8020704@buttersideup.com> User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: Break sequences acting up? X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 19:05:28 -0000 On Tue, May 18, 2004 at 03:37:40PM +0100, Tim Small wrote: > Instead of seeing: > > s s s > > It sees: > > "something or other" 9 "something or other" 9 s > > > Any ideas? yeah...it kinda makes sense. not in a "that's the way it's supposed to be", but in "a bug could make it behave that way" sorta way. would you be willing to do the same thing, but have conserver in debug mode (use -DD, for the level of detail that might be useful)? there might be a password in there you would want to strip out, but i'd love to see the rest of the output. it would help me determine where the bug actually is (gotta be a bug...just not sure how to reproduce it - can't so far). Bryan From bryan@stansell.org Tue May 18 12:11:03 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4IJB35H020824 for ; Tue, 18 May 2004 12:11:03 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4IJB3AO020823 for users@conserver.com; Tue, 18 May 2004 12:11:03 -0700 (PDT) Date: Tue, 18 May 2004 12:11:03 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040518191103.GJ11939@underdog.stansell.org> References: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net> User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: More break help needed X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 19:11:04 -0000 On Tue, May 18, 2004 at 10:00:48AM -0400, Pete Geenhuizen wrote: > Perhaps if I understood the break sequence syntax I might be able to > figure this out. it's all in the conserver.cf manpage (also webified off the conserver.com website - though the formatting isn't great). > I've poked around some but haven't found anything about the syntax, > how do you figure out what to send? knowing what to send depends on the console you're interacting with (how it's configured, as well). nathan's post explained it. and since you've got a method that works (the '\z' - serial break), it sounds like you're set. if the manpage doesn't explain things clearly enough, let me know. i'll supplement it with more info. Bryan From bryan@stansell.org Tue May 18 16:55:53 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4INtqYC000648 for ; Tue, 18 May 2004 16:55:52 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4INtqA3000647 for users@conserver.com; Tue, 18 May 2004 16:55:52 -0700 (PDT) Date: Tue, 18 May 2004 16:55:52 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040518235552.GL11939@underdog.stansell.org> References: <40AA1FB4.8020704@buttersideup.com> <20040518190527.GI11939@underdog.stansell.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="zaRBsRFn0XYhEU69" Content-Disposition: inline In-Reply-To: <20040518190527.GI11939@underdog.stansell.org> User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: Break sequences acting up? X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 23:55:53 -0000 --zaRBsRFn0XYhEU69 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, May 18, 2004 at 12:05:27PM -0700, Bryan Stansell wrote: > to see the rest of the output. it would help me determine where the > bug actually is (gotta be a bug...just not sure how to reproduce it - > can't so far). no need for the debug output...i was able to reproduce it. it didn't *look* like there was a problem when under solaris (where i first tried it...though closer examination of debug output did show the problem) but it was loud and clear under linux. i've attached a patch for 8.1.5, but it works with 8.1.1 (and all versions in between) as well (and possibly earlier, but i haven't checked). depending on the break sequences you use, you may or may not see the problem. if you have \d or \z sequences with non-\d/\z characters, you could very well hit the problem (but it depends on how things are ordered). a simple series of \z and \d (one or more) won't trigger the bug. Bryan --zaRBsRFn0XYhEU69 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="break.patch" *** group.c.old Fri May 7 08:39:51 2004 --- group.c Tue May 18 16:52:41 2004 *************** *** 3933,3943 **** --- 3933,3952 ---- } if (pCEServing->wbuf->used > 1) { + char *iac = StringChar(pCEServing->wbuf, 0, (char)IAC); + CONDDEBUG((1, "Kiddie(): hunting for new IAC for [%s]", + pCEServing->server)); + if (iac == (char *)0) + pCEServing->wbufIAC = 0; + else + pCEServing->wbufIAC = + (iac - pCEServing->wbuf->string) + 2; CONDDEBUG((1, "Kiddie(): watching writability for fd %d 'cause we have buffered data", FileFDNum(pCEServing->cofile))); FD_SET(FileFDNum(pCEServing->cofile), &winit); } else { + pCEServing->wbufIAC = 0; if (FileBufEmpty(pCEServing->cofile)) { CONDDEBUG((1, "Kiddie(): removing writability for fd %d 'cause we don't have buffered data", --zaRBsRFn0XYhEU69-- From tim@buttersideup.com Wed May 19 02:29:39 2004 Received: from semantico.com (relayout.semantico.com [212.74.15.68]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4J9TbWg024139 for ; Wed, 19 May 2004 02:29:37 -0700 (PDT) Received: from spampd.localdomain (localhost [127.0.0.1]) by localhost.semantico.com (Postfix) with ESMTP id EA4FD320062 for ; Wed, 19 May 2004 10:29:35 +0100 (BST) Received: from buttersideup.com (poppy.rp.lan [192.168.1.55]) by semantico.com (Postfix) with ESMTP id C9214320062 for ; Wed, 19 May 2004 10:29:34 +0100 (BST) Message-ID: <40AB28FE.1060409@buttersideup.com> Date: Wed, 19 May 2004 10:29:34 +0100 From: Tim Small User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007 X-Accept-Language: en-us, en MIME-Version: 1.0 To: users@conserver.com References: <40AA1FB4.8020704@buttersideup.com> <20040518190527.GI11939@underdog.stansell.org> <20040518235552.GL11939@underdog.stansell.org> In-Reply-To: <20040518235552.GL11939@underdog.stansell.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on paprika.rp.lan X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.63 X-Spam-Level: X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Subject: Re: Break sequences acting up? X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 May 2004 09:29:40 -0000 Bryan Stansell wrote: >On Tue, May 18, 2004 at 12:05:27PM -0700, Bryan Stansell wrote: > > >>to see the rest of the output. it would help me determine where the >>bug actually is (gotta be a bug...just not sure how to reproduce it - >>can't so far). >> >> > >no need for the debug output...i was able to reproduce it. it didn't >*look* like there was a problem when under solaris (where i first >tried it...though closer examination of debug output did show the >problem) but it was loud and clear under linux. > > Excellent - that's what I call service! Got the two messages together this morning (GMT+1) - have applied the patch, and the behaviour is now sane... Cheers, Tim. From pgeenhuizen@carolina.rr.com Wed May 19 12:32:23 2004 Received: from ms-smtp-03-eri0.southeast.rr.com (ms-smtp-03-lbl.southeast.rr.com [24.25.9.102]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4JJWJXC016488; Wed, 19 May 2004 12:32:22 -0700 (PDT) Received: from homeunix.net (cpe-069-134-048-056.carolina.rr.com [69.134.48.56]) by ms-smtp-03-eri0.southeast.rr.com (8.12.10/8.12.7) with ESMTP id i4JJWELq017894; Wed, 19 May 2004 15:32:14 -0400 (EDT) Received: from gasbuggy.homeunix.net (gasbuggy [192.168.0.100]) by homeunix.net (8.12.10+Sun/8.12.10) with SMTP id i4JJWDOf016319; Wed, 19 May 2004 15:32:13 -0400 (EDT) Received: from 192.168.0.2 (SquirrelMail authenticated user pete) by gasbuggy.homeunix.net with HTTP; Wed, 19 May 2004 15:32:13 -0400 (EDT) Message-ID: <3146.192.168.0.2.1084995133.squirrel@gasbuggy.homeunix.net> In-Reply-To: <20040518191103.GJ11939@underdog.stansell.org> References: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net> <20040518191103.GJ11939@underdog.stansell.org> Date: Wed, 19 May 2004 15:32:13 -0400 (EDT) From: "Pete Geenhuizen" To: "Bryan Stansell" User-Agent: SquirrelMail/1.4.2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Virus-Scanned: Symantec AntiVirus Scan Engine X-Spam-Score: -4.2 () BAYES_00,PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com Subject: Re: More break help needed X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 May 2004 19:32:24 -0000 Bryan, Of course I overlooked the obvious and didn't thouroughly check the man pages for an explanation of the break sequence characters. As for the break sequence eventhough the standard break sequence works we use the alternate ~ ^B but when I send it all I get is ^B and no break. Any suggestions? Pete -- "Unencumbered by the thought process" --1992-2000 Click and Clack presidential campaign slogan Bryan Stansell said: > On Tue, May 18, 2004 at 10:00:48AM -0400, Pete Geenhuizen wrote: >> Perhaps if I understood the break sequence syntax I might be able to >> figure this out. > > it's all in the conserver.cf manpage (also webified off the > conserver.com website - though the formatting isn't great). > >> I've poked around some but haven't found anything about the syntax, >> how do you figure out what to send? > > knowing what to send depends on the console you're interacting with > (how it's configured, as well). nathan's post explained it. and since > you've got a method that works (the '\z' - serial break), it sounds like > you're set. > > if the manpage doesn't explain things clearly enough, let me know. > i'll supplement it with more info. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > From bryan@stansell.org Wed May 19 13:17:16 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4JKHGLg018156 for ; Wed, 19 May 2004 13:17:16 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4JKHGqd018155 for users@conserver.com; Wed, 19 May 2004 13:17:16 -0700 (PDT) Date: Wed, 19 May 2004 13:17:16 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040519201716.GR11939@underdog.stansell.org> References: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net> <20040518191103.GJ11939@underdog.stansell.org> <3146.192.168.0.2.1084995133.squirrel@gasbuggy.homeunix.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3146.192.168.0.2.1084995133.squirrel@gasbuggy.homeunix.net> User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: More break help needed X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 May 2004 20:17:17 -0000 On Wed, May 19, 2004 at 03:32:13PM -0400, Pete Geenhuizen wrote: > As for the break sequence eventhough the standard break sequence works we > use the alternate ~ ^B but when I send it all I get is ^B and no > break. Any suggestions? two possibilities, mainly 'cause i'm still not clear on your setup. first off, if you haven't told your suns to recognize the alternate break sequence, you'll need to enable it with modifying /etc/default/kbd or using the 'kbd' command. that'll disable the standard serial break and enable the alt-break recognition. second, you'll more than likely need to insert delays into the break sequence. so, something like break 2 { string "\r\d~\d^b"; delay 600; } should work. if you use this, make sure you apply the patch i posted yesterday regarding break sequences...as this tickles the existing bug. so, hopefully, with those two things done, it should start properly sending the break sequence and the host should start recognizing it. Bryan From pgeenhuizen@carolina.rr.com Wed May 19 13:53:42 2004 Received: from ms-smtp-01-eri0.southeast.rr.com (ms-smtp-01-lbl.southeast.rr.com [24.25.9.100]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4JKrfHJ019406; Wed, 19 May 2004 13:53:41 -0700 (PDT) Received: from homeunix.net (cpe-069-134-048-056.carolina.rr.com [69.134.48.56]) by ms-smtp-01-eri0.southeast.rr.com (8.12.10/8.12.7) with ESMTP id i4JKrbfO014419; Wed, 19 May 2004 16:53:38 -0400 (EDT) Received: from gasbuggy.homeunix.net (gasbuggy [192.168.0.100]) by homeunix.net (8.12.10+Sun/8.12.10) with SMTP id i4JKrVOf020262; Wed, 19 May 2004 16:53:32 -0400 (EDT) Received: from 192.168.0.2 (SquirrelMail authenticated user pete) by gasbuggy.homeunix.net with HTTP; Wed, 19 May 2004 16:53:32 -0400 (EDT) Message-ID: <3275.192.168.0.2.1085000012.squirrel@gasbuggy.homeunix.net> In-Reply-To: <20040519201716.GR11939@underdog.stansell.org> References: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net><20040518191103.GJ11939@underdog.stansell.org><3146.192.168.0.2.1084995133.squirrel@gasbuggy.homeunix.net> <20040519201716.GR11939@underdog.stansell.org> Date: Wed, 19 May 2004 16:53:32 -0400 (EDT) From: "Pete Geenhuizen" To: "Bryan Stansell" User-Agent: SquirrelMail/1.4.2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Virus-Scanned: Symantec AntiVirus Scan Engine X-Spam-Score: -4.2 () BAYES_00,PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com Subject: Re: More break help needed X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 May 2004 20:53:44 -0000 Bryan, I'm all set with the alternate break sequence, been using it pretty much since it came out. I'm using the suggested break 2 sequence, but not the patch, so I'll run that in and see if that solves the problem. Thx Pete -- "Unencumbered by the thought process" --1992-2000 Click and Clack presidential campaign slogan Bryan Stansell said: > On Wed, May 19, 2004 at 03:32:13PM -0400, Pete Geenhuizen wrote: >> As for the break sequence eventhough the standard break sequence works >> we >> use the alternate ~ ^B but when I send it all I get is ^B and no >> break. Any suggestions? > > two possibilities, mainly 'cause i'm still not clear on your setup. > > first off, if you haven't told your suns to recognize the alternate > break sequence, you'll need to enable it with modifying /etc/default/kbd > or using the 'kbd' command. that'll disable the standard serial break > and enable the alt-break recognition. > > second, you'll more than likely need to insert delays into the break > sequence. so, something like > > break 2 { string "\r\d~\d^b"; delay 600; } > > should work. if you use this, make sure you apply the patch i posted > yesterday regarding break sequences...as this tickles the existing bug. > > so, hopefully, with those two things done, it should start properly > sending the break sequence and the host should start recognizing it. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > From pgeenhuizen@carolina.rr.com Wed May 19 15:06:12 2004 Received: from ms-smtp-01-eri0.southeast.rr.com (ms-smtp-01-lbl.southeast.rr.com [24.25.9.100]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4JM6BEK021954; Wed, 19 May 2004 15:06:11 -0700 (PDT) Received: from homeunix.net (cpe-069-134-048-056.carolina.rr.com [69.134.48.56]) by ms-smtp-01-eri0.southeast.rr.com (8.12.10/8.12.7) with ESMTP id i4JM68fO002722; Wed, 19 May 2004 18:06:08 -0400 (EDT) Received: from gasbuggy.homeunix.net (gasbuggy [192.168.0.100]) by homeunix.net (8.12.10+Sun/8.12.10) with SMTP id i4JM61Of023795; Wed, 19 May 2004 18:06:01 -0400 (EDT) Received: from 192.168.0.2 (SquirrelMail authenticated user pete) by gasbuggy.homeunix.net with HTTP; Wed, 19 May 2004 18:06:01 -0400 (EDT) Message-ID: <3385.192.168.0.2.1085004361.squirrel@gasbuggy.homeunix.net> In-Reply-To: <20040519201716.GR11939@underdog.stansell.org> References: <14597.192.85.47.1.1084888848.squirrel@www.gasbuggy.homeunix.net><20040518191103.GJ11939@underdog.stansell.org><3146.192.168.0.2.1084995133.squirrel@gasbuggy.homeunix.net> <20040519201716.GR11939@underdog.stansell.org> Date: Wed, 19 May 2004 18:06:01 -0400 (EDT) From: "Pete Geenhuizen" To: "Bryan Stansell" User-Agent: SquirrelMail/1.4.2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Virus-Scanned: Symantec AntiVirus Scan Engine X-Spam-Score: -4.2 () BAYES_00,PRIORITY_NO_NAME X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com Subject: Re: More break help needed X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 May 2004 22:06:14 -0000 Bryan, Well the patch fixed it, the output is a little odd and dirty, but it does work, this is what I got host:root> [halt sent] host:root> ~Type 'go' to resume {1} ok go ^B ksh: ~^B: not found host:root> Pete -- "Unencumbered by the thought process" --1992-2000 Click and Clack presidential campaign slogan Bryan Stansell said: > On Wed, May 19, 2004 at 03:32:13PM -0400, Pete Geenhuizen wrote: >> As for the break sequence eventhough the standard break sequence works >> we >> use the alternate ~ ^B but when I send it all I get is ^B and no >> break. Any suggestions? > > two possibilities, mainly 'cause i'm still not clear on your setup. > > first off, if you haven't told your suns to recognize the alternate > break sequence, you'll need to enable it with modifying /etc/default/kbd > or using the 'kbd' command. that'll disable the standard serial break > and enable the alt-break recognition. > > second, you'll more than likely need to insert delays into the break > sequence. so, something like > > break 2 { string "\r\d~\d^b"; delay 600; } > > should work. if you use this, make sure you apply the patch i posted > yesterday regarding break sequences...as this tickles the existing bug. > > so, hopefully, with those two things done, it should start properly > sending the break sequence and the host should start recognizing it. > > Bryan > _______________________________________________ > users mailing list > users@conserver.com > https://www.conserver.com/mailman/listinfo/users > From Nikolaos.Papavassiliou@reuters.com Mon May 24 18:24:37 2004 Received: from ritig9.rit.reuters.com (ritig9.rit.reuters.com [199.171.195.8]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4P1OZUR013106 for ; Mon, 24 May 2004 18:24:35 -0700 (PDT) Date: Mon, 24 May 2004 21:21:05 -0400 From: Nikolaos Papavassiliou To: users@conserver.com Message-id: <40B29F81.1030705@reuters.com> Organization: Reuters America MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: el, en-us User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Subject: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Nikolaos.Papavassiliou@reuters.com List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2004 01:24:38 -0000 I apologize if the answer to the the following is too obvious, but this is the first time I am adding SSL to the mix and I can't seem to be able to make the server work. I am using a Ultra1 running Solaris 9, and I have compiled with the following options ========== # ./conserver -V conserver: conserver.com version 8.1.5 conserver: default access type `r' conserver: default escape sequence `^Ec' conserver: default configuration in `/opt/conserver/etc/conserver.cf' conserver: default password in `/opt/conserver/etc/conserver.passwd' conserver: default logfile is `/var/log/conserver' conserver: default pidfile is `/var/run/conserver.pid' conserver: default limit is 16 members per group conserver: default primary port referenced as `conserver' conserver: default secondary base port referenced as `0' conserver: options: libwrap, openssl, pam, trustrevdns conserver: openssl version: OpenSSL 0.9.7d 17 Mar 2004 conserver: built with `./configure --prefix=/opt/conserver --with-pam --with-openssl=/opt/local/ssl --with-libwrap=/usr/sfw --with-trustrevdns' =============== An attempt to start the server fails with the following message: # ./conserver -d [Mon May 24 19:45:13 2004] conserver (7111): conserver.com version 8.1.5 [Mon May 24 19:45:13 2004] conserver (7111): started as `root' by `niko' [Mon May 24 19:45:13 2004] conserver (7111): ERROR: SetupSSL(): could not load SSL certificate from `/opt/conserver/ssl-cred' The manual page for conserver says that if encryption is built into the code then encrypted connections (without certificate exchanges) happen by default. What am I missing here? Do I really have to create those certificates? Has anyone made this work without certificates? I alos tried to start the server with the -E option, but it did not help Any help will be appreciated Regards Niko ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com Get closer to the financial markets with Reuters Messaging - for more information and to register, visit http://www.reuters.com/messaging Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. From bryan@stansell.org Mon May 24 18:46:47 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4P1klXj013902 for ; Mon, 24 May 2004 18:46:47 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4P1klpH013901 for users@conserver.com; Mon, 24 May 2004 18:46:47 -0700 (PDT) Date: Mon, 24 May 2004 18:46:47 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040525014647.GL11939@underdog.stansell.org> References: <40B29F81.1030705@reuters.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40B29F81.1030705@reuters.com> User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2004 01:46:48 -0000 On Mon, May 24, 2004 at 09:21:05PM -0400, Nikolaos Papavassiliou wrote: > # ./conserver -d > [Mon May 24 19:45:13 2004] conserver (7111): conserver.com version 8.1.5 > [Mon May 24 19:45:13 2004] conserver (7111): started as `root' by `niko' > [Mon May 24 19:45:13 2004] conserver (7111): ERROR: SetupSSL(): could > not load SSL certificate from `/opt/conserver/ssl-cred' > > The manual page for conserver says that if encryption is built into the > code then encrypted connections > (without certificate exchanges) happen by default. What am I missing here? > Do I really have to create those certificates? Has anyone made this work > without certificates? does your conserver.cf have an 'sslcredentials' entry pointing to /opt/conserver/ssl-cred? almost has to, based on what it's showing. if you include that option, the file needs to exist, be valid, etc. if you comment that line out, then, yes, ssl should encrypt the connections without certs. hopefully that explains things. Bryan From nhruby@uga.edu Tue May 25 05:44:02 2004 Received: from askew.ucns.uga.edu (askew.ucns.uga.edu [128.192.6.44]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4PChwm4012269 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 25 May 2004 05:44:00 -0700 (PDT) Received: from askew.ucns.uga.edu (localhost.localdomain [127.0.0.1]) by askew.ucns.uga.edu (8.12.11/8.12.10) with ESMTP id i4PChuwf025910; Tue, 25 May 2004 08:43:56 -0400 Received: from localhost (nathan@localhost) by askew.ucns.uga.edu (8.12.11/8.12.11/Submit) with ESMTP id i4PChtH9025906; Tue, 25 May 2004 08:43:55 -0400 X-Authentication-Warning: askew.ucns.uga.edu: nathan owned process doing -bs Date: Tue, 25 May 2004 08:43:55 -0400 (EDT) From: "nathan r. hruby" X-X-Sender: nathan@askew.ucns.uga.edu To: Nikolaos Papavassiliou In-Reply-To: <40B29F81.1030705@reuters.com> Message-ID: References: <40B29F81.1030705@reuters.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com Subject: Re: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2004 12:44:02 -0000 On Mon, 24 May 2004, Nikolaos Papavassiliou wrote: > Do I really have to create those certificates? Has anyone made this work > without certificates? > I can confirm now that it works fine with SSL and no certs. OTOH, I did discover that if you run ./configure --with-openssl and ./configure can't seem to make openssl work, it will happily continue to build, removing the openssl option and issue no errors :( Is there any way we can have ./configure either emit a loud warning or simply die if --with-openssl is specified but the configure tests don't pass? FWIW, if you're building on Red Hat Enterprise Linux, you'll need to pass: CFLAGS=-I/usr/kerberos/include to configure in order to make it build with openssl (as well as have the krb5-devel package installed). For the people who really care, this is already bugzilla'ed: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=119500 -n -- ------------------------------------------- nathan hruby uga enterprise information technology services production systems support metaphysically wrinkle-free ------------------------------------------- From bryan@stansell.org Tue May 25 09:23:48 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4PGNmqV003136 for ; Tue, 25 May 2004 09:23:48 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4PGNlbt003135 for users@conserver.com; Tue, 25 May 2004 09:23:47 -0700 (PDT) Date: Tue, 25 May 2004 09:23:47 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040525162347.GN11939@underdog.stansell.org> References: <40B29F81.1030705@reuters.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2004 16:23:49 -0000 On Tue, May 25, 2004 at 08:43:55AM -0400, nathan r. hruby wrote: > OTOH, I did discover that if you run ./configure --with-openssl and > ./configure can't seem to make openssl work, it will happily continue to > build, removing the openssl option and issue no errors :( Is there any > way we can have ./configure either emit a loud warning or simply die if > --with-openssl is specified but the configure tests don't pass? personally, i'm a fan of having it continue if it can't find the necessary files (and my experience with other configure-based apps says that's the "normal" way of behaving, though i have seen some abort. the whole idea for using configure is to auto-detect what it can and just live with the results). but, i do believe it would be nice to see what happened in a nice, concise way. so, how about a summary at the end of the configure run: config.status: creating contrib/chat/Makefile config.status: creating conserver/conserver.rc config.status: creating config.h config.status: config.h is unchanged ============================================================== Feature Summary Unix domain sockets (--with-uds) : YES TCP wrappers (--with-libwrap): NO OpenSSL (--with-openssl): NO dmalloc (--with-dmalloc): NO PAM support (--with-pam) : YES ============================================================== Bryan From nhruby@uga.edu Tue May 25 09:29:04 2004 Received: from askew.ucns.uga.edu (askew.ucns.uga.edu [128.192.6.44]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4PGT0Sq003342 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 25 May 2004 09:29:02 -0700 (PDT) Received: from askew.ucns.uga.edu (localhost.localdomain [127.0.0.1]) by askew.ucns.uga.edu (8.12.11/8.12.10) with ESMTP id i4PGT0b2029355; Tue, 25 May 2004 12:29:00 -0400 Received: from localhost (nathan@localhost) by askew.ucns.uga.edu (8.12.11/8.12.11/Submit) with ESMTP id i4PGT0D6029351; Tue, 25 May 2004 12:29:00 -0400 X-Authentication-Warning: askew.ucns.uga.edu: nathan owned process doing -bs Date: Tue, 25 May 2004 12:29:00 -0400 (EDT) From: "nathan r. hruby" X-X-Sender: nathan@askew.ucns.uga.edu To: Bryan Stansell In-Reply-To: <20040525162347.GN11939@underdog.stansell.org> Message-ID: References: <40B29F81.1030705@reuters.com> <20040525162347.GN11939@underdog.stansell.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com Subject: Re: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2004 16:29:05 -0000 On Tue, 25 May 2004, Bryan Stansell wrote: > On Tue, May 25, 2004 at 08:43:55AM -0400, nathan r. hruby wrote: > > OTOH, I did discover that if you run ./configure --with-openssl and > > ./configure can't seem to make openssl work, it will happily continue to > > build, removing the openssl option and issue no errors :( Is there any > > way we can have ./configure either emit a loud warning or simply die if > > --with-openssl is specified but the configure tests don't pass? > > personally, i'm a fan of having it continue if it can't find the > necessary files (and my experience with other configure-based apps says > that's the "normal" way of behaving, though i have seen some abort. the > whole idea for using configure is to auto-detect what it can and just > live with the results). but, i do believe it would be nice to see what > happened in a nice, concise way. so, how about a summary at the end of > the configure run: > [snip] Looks great, works for me! -n -- ------------------------------------------- nathan hruby uga enterprise information technology services production systems support metaphysically wrinkle-free ------------------------------------------- From Nikolaos.Papavassiliou@reuters.com Tue May 25 12:14:34 2004 Received: from ritig9.rit.reuters.com (ritig9.rit.reuters.com [199.171.195.8]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4PJEV2L009011; Tue, 25 May 2004 12:14:31 -0700 (PDT) Date: Tue, 25 May 2004 15:12:45 -0400 From: Nikolaos Papavassiliou In-reply-to: To: Bryan Stansell Message-id: <40B39AAD.9070008@reuters.com> Organization: Reuters America MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: el, en-us User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) References: <40B29F81.1030705@reuters.com> X-Spam-Score: -4.901 () BAYES_00 X-Scanned-By: MIMEDefang 2.39 Cc: users@conserver.com Subject: Re: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Nikolaos.Papavassiliou@reuters.com List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2004 19:14:35 -0000 Bryan Stansell wrote: >does your conserver.cf have an 'sslcredentials' entry pointing to >/opt/conserver/ssl-cred? almost has to, based on what it's showing. if >you include that option, the file needs to exist, be valid, etc. if you >comment that line out, then, yes, ssl should encrypt the connections >without certs. > >hopefully that explains things. > >Bryan > > Many thanks Bryan. You were quite correct about it. I had this defined in the conserver.cf file, not realizing that it will complain if they are not there. After I removed it it seemed to start the server withno errors. However, I fell into another problem... Now the client (console) refuses to connect to a console and fails with SSL connection negotiation errors. ======= % console nycilab12 console: SSL negotiation failed % ======= Looking at the debug info from the serverlog I see the following: ======= DEBUG: [cutil.c:2019] FileSSLAccept(): about to SSL_accept() for fd 6 DEBUG: [main.c:301] TmpDHCallback(): asked for a DH key length 1024 ERROR: FileSSLAccept(): SSL error on fd 6 ======= Any clues on this? Thanks!!! Niko >_______________________________________________ >users mailing list >users@conserver.com >https://www.conserver.com/mailman/listinfo/users > > > > ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com Get closer to the financial markets with Reuters Messaging - for more information and to register, visit http://www.reuters.com/messaging Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. From bryan@stansell.org Tue May 25 13:23:30 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4PKNUcA011549 for ; Tue, 25 May 2004 13:23:30 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4PKNUQY011548 for users@conserver.com; Tue, 25 May 2004 13:23:30 -0700 (PDT) Date: Tue, 25 May 2004 13:23:30 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040525202330.GO11939@underdog.stansell.org> References: <40B29F81.1030705@reuters.com> <40B39AAD.9070008@reuters.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40B39AAD.9070008@reuters.com> User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2004 20:23:31 -0000 On Tue, May 25, 2004 at 03:12:45PM -0400, Nikolaos Papavassiliou wrote: > removed it it seemed to start the server withno errors. However, I fell > into another > problem... Now the client (console) refuses to connect to a console and > fails > with SSL connection negotiation errors. > > ======= > % console nycilab12 > console: SSL negotiation failed > % > ======= are there any other things produced after the "SSL negotiation failed" message? there's a call to ERR_print_errors_fp() right after that in the code that should dump the SSL layer error stack (though i can't verify that). if it's not printing anything, then i guess there are no errors to report (which is weird...since it failed to connect properly). > > Looking at the debug info from the serverlog I see the following: > > ======= > DEBUG: [cutil.c:2019] FileSSLAccept(): about to SSL_accept() for fd 6 > DEBUG: [main.c:301] TmpDHCallback(): asked for a DH key length 1024 > ERROR: FileSSLAccept(): SSL error on fd 6 > ======= > > Any clues on this? except for the last line, all looks normal. all the real magic happens inside the openssl package. makes me wonder if your openssl library is configured properly or if the host is missing something (like entropy). but, it could be conserver as well. i'm lacking on clues, however. if things fail with 'ERROR: FileSSLAccept(): SSL error on...' every time, i suggest adding a 'ERR_print_errors_fp(stderr);' to conserver/cutil.c - right between lines 2032 and 2033 (which means, right after the line of code that produces the error above). that should dump more openssl clues to stderr (or the logfile if it's been redirected to a file). *maybe* it'll tell us something useful. i'm on a sun (ultra 2) running solaris 9 with openssl 0.9.7d, so, in theory, we're pretty much the same. it "just works" for me. i'm using gcc 3.3.3 compiling 32-bit binaries. you doing the same? if there's no basic openssl setup problem, maybe it's a compilation thing. those are my current thoughts...if anyone else has ideas, please yell! Bryan From bryan@stansell.org Tue May 25 17:57:22 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4Q0vLD7009345; Tue, 25 May 2004 17:57:22 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4Q0vLFe009344; Tue, 25 May 2004 17:57:21 -0700 (PDT) Date: Tue, 25 May 2004 17:57:21 -0700 From: Bryan Stansell To: users@conserver.com, announce@conserver.com Message-ID: <20040526005721.GQ11939@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Cc: Subject: conserver-8.1.6 is available X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2004 00:57:23 -0000 This version has a couple of bug fixes for the server and an addition of (optional) config files for the client. The console manpage talks all about it. For those who don't see the webpage, I've also added a note about making donations to the project. The greatest donation would be a job. ;-) version 8.1.6 (May 25, 2004): - added ability to configure client via sytem-wide console.cf file and per-user .consolerc - suggested by Erik Sjolund - fixed bug where break strings were not properly sent - reported by Tim Small - fixed bug in config file 'protocol' value handling - reported by Kees Cook - conserver no longer uses the local domain name in the default access list (the default list is only created if no access list is specified in the configuration file) - inspired by William P LePera - added a 'terminal' console configuration block for printing strings when attaching and detaching from consoles - suggested by Richard Threadgill Bryan Stansell From Nikolaos.Papavassiliou@reuters.com Wed May 26 16:26:05 2004 Received: from ritig9.rit.reuters.com (ritig9.rit.reuters.com [199.171.195.8]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4QNQ2Fo002315; Wed, 26 May 2004 16:26:02 -0700 (PDT) Date: Wed, 26 May 2004 19:23:55 -0400 From: Nikolaos Papavassiliou In-reply-to: To: Bryan Stansell , users@conserver.com Message-id: <40B5270B.1070104@reuters.com> Organization: Reuters America MIME-version: 1.0 Content-type: multipart/alternative; boundary="------------080505050202010808010906" X-Accept-Language: el, en-us User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) References: <40B29F81.1030705@reuters.com> <40B39AAD.9070008@reuters.com> X-Spam-Score: -4.601 () BAYES_00,HTML_MESSAGE,HTML_TITLE_EMPTY X-Scanned-By: MIMEDefang 2.39 Cc: Subject: Re: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Nikolaos.Papavassiliou@reuters.com List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2004 23:26:07 -0000 This is a multi-part message in MIME format... --------------080505050202010808010906 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Hi Bryan, Thanks for all the pointers and help. I was finally able to make this work by recompiling the ssl package, and then recompiling conserver. I have no idea what went wrong with the first ssl installation, but it seems to be much better now. In the process, I also discovered an error in the makefile for conserver (again, Solaris 9 on an Ultra1, and gcc-2.95.3). This error was reproduced on both 8.1.5 qnd 8.1.6 versions of conserver. If I am doing something wrong please let me know. Here is the situation: If I configure conserver to include tcpwrappers with libwrap, the linking of "convert" breaks. It appears that the inclusion of -lwrap on the LIBS line in the Makefile in the conserver directory, does not agree with convert and, as you can see from the output that follows it breaks during linking. To fix this I assumed that -lwrap is not needed for convert and edited the makefile to include a second LIBS line (LIBS2) without the -lwrap, and fixed the convert line to include LIBS2 intead of LIBS. I am cutting and pasting below: ========================= Configure proceeds correctly ============================== ./configure --prefix=/opt/conserver --with-pam --with-openssl=/opt/local/ssl --with-libwrap=/usr/sfw --with-trustrevdns ========================= Make causes an Error =================================== % make all for n in conserver console conserver.cf; do \ ( cd $n && make all ) || exit 1; \ done gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o access.o access.c gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o client.o client.c gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o consent.o consent.c gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o group.o group.c gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o main.o main.c gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o master.o master.c gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o readcfg.o readcfg.c gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o fallback.o fallback.c gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o cutil.o cutil.c gcc -O -L/opt/local/ssl/lib -L/usr/sfw/lib -o conserver access.o client.o consent.o group.o main.o master.o readcfg.o fallback.o cutil.o -lbsm -lnsl -lsocket -lssl -lcrypto -lwrap -lpam gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\" -I/opt/local/ssl/include -I/usr/sfw/include -c -o convert.o convert.c gcc -O -L/opt/local/ssl/lib -L/usr/sfw/lib -o convert convert.o cutil.o -lbsm -lnsl -lsocket -lssl -lcrypto -lwrap -lpam Undefined first referenced symbol in file deny_severity /usr/sfw/lib/libwrap.so allow_severity /usr/sfw/lib/libwrap.so ld: fatal: Symbol referencing errors. No output written to convert collect2: ld returned 1 exit status *** Error code 1 make: Fatal error: Command failed for target `convert' Current working directory /home/niko/Software/Downloads/Solaris/t_ser/conserver-8.1.6/conserver *** Error code 1 make: Fatal error: Command failed for target `all' =========================== Make Fix ======================================================== ..... LIBS = -lbsm -lnsl -lsocket -lssl -lcrypto -lwrap -lpam LIBS2 = -lbsm -lnsl -lsocket -lssl -lcrypto -lpam .... convert: convert.o cutil.o $(CC) $(CFLAGS) $(LDFLAGS) -o convert convert.o cutil.o $(LIBS2) ========================== End ============================================================ I have been using conserver since version 6.1.7 which I stumbled upon when looking for something like this on the web, about 4 years ago. I think it is a great package and I appreciate all the effort you are putting into this. Thanks again. Niko Bryan Stansell wrote: >On Tue, May 25, 2004 at 03:12:45PM -0400, Nikolaos Papavassiliou wrote: > > >>removed it it seemed to start the server withno errors. However, I fell >>into another >>problem... Now the client (console) refuses to connect to a console and >>fails >>with SSL connection negotiation errors. >> >>======= >>% console nycilab12 >>console: SSL negotiation failed >>% >>======= >> >> > >are there any other things produced after the "SSL negotiation failed" >message? there's a call to ERR_print_errors_fp() right after that in >the code that should dump the SSL layer error stack (though i can't >verify that). if it's not printing anything, then i guess there are no >errors to report (which is weird...since it failed to connect properly). > > > >>Looking at the debug info from the serverlog I see the following: >> >>======= >>DEBUG: [cutil.c:2019] FileSSLAccept(): about to SSL_accept() for fd 6 >>DEBUG: [main.c:301] TmpDHCallback(): asked for a DH key length 1024 >>ERROR: FileSSLAccept(): SSL error on fd 6 >>======= >> >>Any clues on this? >> >> > >except for the last line, all looks normal. all the real magic happens >inside the openssl package. makes me wonder if your openssl library is >configured properly or if the host is missing something (like entropy). >but, it could be conserver as well. i'm lacking on clues, however. > >if things fail with 'ERROR: FileSSLAccept(): SSL error on...' every >time, i suggest adding a 'ERR_print_errors_fp(stderr);' to >conserver/cutil.c - right between lines 2032 and 2033 (which means, >right after the line of code that produces the error above). that >should dump more openssl clues to stderr (or the logfile if it's been >redirected to a file). *maybe* it'll tell us something useful. > >i'm on a sun (ultra 2) running solaris 9 with openssl 0.9.7d, so, in >theory, we're pretty much the same. it "just works" for me. i'm using >gcc 3.3.3 compiling 32-bit binaries. you doing the same? if there's no >basic openssl setup problem, maybe it's a compilation thing. > >those are my current thoughts...if anyone else has ideas, please yell! > >Bryan >_______________________________________________ >users mailing list >users@conserver.com >https://www.conserver.com/mailman/listinfo/users > > >----------------------------------------------------------------- > Visit our Internet site at http://www.reuters.com > >Get closer to the financial markets with Reuters Messaging - for more >information and to register, visit http://www.reuters.com/messaging > >Any views expressed in this message are those of the individual >sender, except where the sender specifically states them to be >the views of Reuters Ltd. > > ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com Get closer to the financial markets with Reuters Messaging - for more information and to register, visit http://www.reuters.com/messaging Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. --------------080505050202010808010906 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Content-Disposition: inline
Hi Bryan,

Thanks for all the pointers and help. I was finally able to make this work by recompiling
the ssl package, and then recompiling conserver. I have no idea what went wrong with the
first ssl installation, but it seems to be much better now.

In the process, I also discovered an error in the makefile for conserver (again, Solaris 9
on an Ultra1, and gcc-2.95.3). This error was reproduced on both 8.1.5 qnd 8.1.6 versions
of conserver. If I am doing something wrong please let me know. Here is the situation:

If I configure conserver to include tcpwrappers with libwrap, the linking of "convert" breaks.
It appears that the inclusion of  -lwrap on  the LIBS line in the  Makefile in the conserver
directory, does not agree with convert and, as you can see from the output that follows
it breaks during linking. To fix this I assumed that  -lwrap  is not needed for convert and
edited the makefile to include a second LIBS line (LIBS2) without the -lwrap, and fixed the
convert line to include LIBS2 intead of LIBS.  I am cutting and pasting below:

=========================  Configure proceeds correctly ==============================

./configure --prefix=/opt/conserver --with-pam --with-openssl=/opt/local/ssl --with-libwrap=/usr/sfw --with-trustrevdns

========================= Make causes an Error ===================================
% make all
for n in conserver console conserver.cf; do \
        ( cd $n && make all  ) || exit 1; \
done
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o access.o access.c
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o client.o client.c
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o consent.o consent.c
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o group.o group.c
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o main.o main.c
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o master.o master.c
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o readcfg.o readcfg.c
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o fallback.o fallback.c
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o cutil.o cutil.c
gcc -O -L/opt/local/ssl/lib  -L/usr/sfw/lib -o conserver access.o client.o consent.o group.o main.o master.o  readcfg.o fallback.o cutil.o -lbsm -lnsl -lsocket  -lssl -lcrypto  -lwrap -lpam
gcc -O -I.. -I.. -I. -DHAVE_CONFIG_H -DSYSCONFDIR=\"/opt/conserver/etc\"  -I/opt/local/ssl/include  -I/usr/sfw/include -c -o convert.o convert.c
gcc -O -L/opt/local/ssl/lib  -L/usr/sfw/lib -o convert convert.o cutil.o -lbsm -lnsl -lsocket  -lssl -lcrypto  -lwrap -lpam
Undefined                       first referenced
 symbol                             in file
deny_severity                       /usr/sfw/lib/libwrap.so
allow_severity                      /usr/sfw/lib/libwrap.so
ld: fatal: Symbol referencing errors. No output written to convert
collect2: ld returned 1 exit status
*** Error code 1
make: Fatal error: Command failed for target `convert'
Current working directory /home/niko/Software/Downloads/Solaris/t_ser/conserver-8.1.6/conserver
*** Error code 1
make: Fatal error: Command failed for target `all'


=========================== Make Fix ========================================================

.....
LIBS    = -lbsm -lnsl -lsocket  -lssl -lcrypto  -lwrap -lpam
LIBS2   = -lbsm -lnsl -lsocket  -lssl -lcrypto  -lpam
....
convert: convert.o cutil.o
        $(CC) $(CFLAGS) $(LDFLAGS) -o convert convert.o cutil.o $(LIBS2)

========================== End ============================================================


I have been using conserver since version 6.1.7 which I stumbled upon when looking for something
like this on the web, about 4 years ago. I think it is a great package and I appreciate all the effort you
are putting into this.

Thanks again.

Niko



Bryan Stansell wrote:
On Tue, May 25, 2004 at 03:12:45PM -0400, Nikolaos Papavassiliou wrote:
  
removed it it seemed to start the server withno errors. However, I fell 
into another
problem... Now the client (console)  refuses to connect to a console and 
fails
with SSL connection negotiation errors.

=======
% console nycilab12
console: SSL negotiation failed
%
=======
    

are there any other things produced after the "SSL negotiation failed"
message?  there's a call to ERR_print_errors_fp() right after that in
the code that should dump the SSL layer error stack (though i can't
verify that).  if it's not printing anything, then i guess there are no
errors to report (which is weird...since it failed to connect properly).

  
Looking at the debug info from the serverlog I see the following:

=======
DEBUG: [cutil.c:2019] FileSSLAccept(): about to SSL_accept() for fd 6
DEBUG: [main.c:301] TmpDHCallback(): asked for a DH key length 1024
ERROR: FileSSLAccept(): SSL error on fd 6
=======

Any clues on this?
    

except for the last line, all looks normal.  all the real magic happens
inside the openssl package.  makes me wonder if your openssl library is
configured properly or if the host is missing something (like entropy).
but, it could be conserver as well.  i'm lacking on clues, however.

if things fail with 'ERROR: FileSSLAccept(): SSL error on...' every
time, i suggest adding a 'ERR_print_errors_fp(stderr);' to
conserver/cutil.c - right between lines 2032 and 2033 (which means,
right after the line of code that produces the error above).  that
should dump more openssl clues to stderr (or the logfile if it's been
redirected to a file).  *maybe* it'll tell us something useful.

i'm on a sun (ultra 2) running solaris 9 with openssl 0.9.7d, so, in
theory, we're pretty much the same.  it "just works" for me.  i'm using
gcc 3.3.3 compiling 32-bit binaries.  you doing the same?  if there's no
basic openssl setup problem, maybe it's a compilation thing.

those are my current thoughts...if anyone else has ideas, please yell!

Bryan
_______________________________________________
users mailing list
users@conserver.com
https://www.conserver.com/mailman/listinfo/users


-----------------------------------------------------------------
        Visit our Internet site at http://www.reuters.com

Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging

Any views expressed in this message are those of  the  individual
sender,  except  where  the sender specifically states them to be
the views of Reuters Ltd.
  


-----------------------------------------------------------------
Visit our Internet site at http://www.reuters.com

Get closer to the financial markets with Reuters Messaging - for more
information and to register, visit http://www.reuters.com/messaging

Any views expressed in this message are those of the individual
sender, except where the sender specifically states them to be
the views of Reuters Ltd.
--------------080505050202010808010906-- From bryan@stansell.org Wed May 26 16:49:41 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4QNnerj003145 for ; Wed, 26 May 2004 16:49:41 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4QNnews003144 for users@conserver.com; Wed, 26 May 2004 16:49:40 -0700 (PDT) Date: Wed, 26 May 2004 16:49:40 -0700 From: Bryan Stansell To: users@conserver.com Message-ID: <20040526234940.GJ11939@underdog.stansell.org> References: <40B29F81.1030705@reuters.com> <40B39AAD.9070008@reuters.com> <40B5270B.1070104@reuters.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40B5270B.1070104@reuters.com> User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Subject: Re: SSL config info X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2004 23:49:42 -0000 On Wed, May 26, 2004 at 07:23:55PM -0400, Nikolaos Papavassiliou wrote: > the ssl package, and then recompiling conserver. I have no idea what > went wrong with the > first ssl installation, but it seems to be much better now. that's pretty wild. glad you got it to work, though! > In the process, I also discovered an error in the makefile for conserver > (again, Solaris 9 > on an Ultra1, and gcc-2.95.3). This error was reproduced on both 8.1.5 > qnd 8.1.6 versions > of conserver. If I am doing something wrong please let me know. Here is > the situation: yep...that's a bug. thanks for catching it and providing all the details (sure helps, since i don't use that). i'll make sure the fix is in 8.1.7. > I have been using conserver since version 6.1.7 which I stumbled upon > when looking for something > like this on the web, about 4 years ago. I think it is a great package wow! so you've definitely suffered through some of the good, the bad, and the ugly versions. i hope you find 8.1.6 nice and stable now that the kinks have been worked out. Bryan From bryan@stansell.org Fri May 28 11:08:55 2004 Received: from underdog.stansell.org (localhost [127.0.0.1]) by underdog.stansell.org (8.12.11/8.12.11) with ESMTP id i4SI8snT014446; Fri, 28 May 2004 11:08:55 -0700 (PDT) Received: (from bryan@localhost) by underdog.stansell.org (8.12.11/8.12.11/Submit) id i4SI8sZH014445; Fri, 28 May 2004 11:08:54 -0700 (PDT) Date: Fri, 28 May 2004 11:08:54 -0700 From: Bryan Stansell To: announce@conserver.com, users@conserver.com Message-ID: <20040528180854.GL8683@underdog.stansell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-Scanned-By: MIMEDefang 2.39 Cc: Subject: conserver-8.1.7 is available X-BeenThere: users@conserver.com X-Mailman-Version: 2.1.5 Precedence: list List-Id: Conserver Users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2004 18:08:55 -0000 Yes, this is pretty soon after 8.1.6, but there are changes to the '@group' syntax that really need to get out to everyone, and I figured that not everyone jumps on upgrades immediately, so hopefully when you do upgrade, you'll have 8.1.7. For those already at 8.1.6, there's not much different besides '@group' handling, so pace it appropriately. Enjoy! version 8.1.7 (May 28, 2004): - cleaned up the manpages a bit to make things clearer and more standard - reported by Dave Stuit - added an east coast mirror! http://conserver.syr.edu/ - thanks to Christopher T. Beers - primary group of users not included in '@group' syntax - reported by Phil Dibowitz - changed '@group' behavior such that groups are checked when needed, instead of cached at startup, which is more logical - missing variables when building convert with tcp_wrappers - reported by Nikolaos Papavassiliou - added --with-rpath option - suggested by Phil Dibowitz Bryan Stansell