[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: SSL, certs, and conserver (fix included)

Chris Ross cross+conserver@distal.com
Wed, 19 Oct 2005 12:18:35 -0700 (PDT)


  Ah-ha.  Okay, I'm still curious what was wrong.
But, I was a bit more careful about what include
files I used, and what libraries I used.  I think
I had previously tried with both 0.9.7d, and 0.9.7h.
But, it appears I didn't try 0.9.7h *right*.  I
made sure to *not* use the installed (0.9.7d)
include files, and use the 0.9.7h include files,
and static libraries.  Now I get a binary that
works correctly.  The same compilation process,
with 0.9.7d and the installed headers, yields
the same error...

# /usr/local/sbin/conserver -C /tmp/conserver-8.1.12/test/test1.cf -V
conserver: conserver.com version 8.1.12
conserver: default access type `r'
conserver: default escape sequence `^Ec'
conserver: default configuration in `/etc/conserver/conserver.cf'
conserver: default password in `/etc/conserver/conserver.passwd'
conserver: default logfile is `/var/log/conserver'
conserver: default pidfile is `/var/run/conserver.pid'
conserver: default limit is 16 members per group
conserver: default primary port referenced as `782'
conserver: default secondary base port referenced as `0'
conserver: options: libwrap, openssl, pam
conserver: openssl version: OpenSSL 0.9.7h 11 Oct 2005
conserver: built with `./configure --sysconfdir=/etc/conserver --prefix=/usr/local --with-openssl=/tmp/conserver-8.1.12/openssl --with-pam --with-libwrap --with-port=782 --with-master=sesirm-console'
#


% /usr/local/bin/console -M 127.0.0.1 -x
console: SSL negotiation failed
%

% /usr/local/bin/console -M 127.0.0.1 -x shell2 on /dev/pts/2 at Local shell on /dev/pts/3 at Local %


Tho, it now occurs to me, maybe it's the installed header files. Could the installed header files be messed up such that something fails, even if the library itself isn't messed up? Hmm, let me test that...

  Hmm, no, even making sure to compile against the
headers that ship with openssl-0.9.7d, it still
fails in the same way.

  So, I have a workaround now, but would like to
know if you knew that it required something above
0.9.7d?  Thanks...

- Chris