On Mon, 3 May 2004 15:32:24 -0400, Scott Goodwin <[EMAIL PROTECTED]> wrote:
>It's not a threading issue. AOLserver 4.x opens the listen sockets for >all comm modules including nsopenssl, and the error message is coming >from the DriverThread function in nsd/driver.c when it attempts to >start listening on the port. The reason it says "nsopenssl" is, well, >because that's the name of the thread). I trust the error message >because it's coming from the OS; the driver code is very >straightforward. So my guess is that you really aren't root at start >time. I am most certainly root. >Post the OS make, model and version (my guess is you're using Solaris), Redhat 7.1 on x486 >the command line that you use to start the server #! /bin/sh export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/pgsql/lib:/usr/local/ssl/lib exec /usr/local/aolserver/bin/nsd -it /etc/aolserver/7-sisters.com.tcl -B /etc/aolserver/7-sisters.com.bnd -u nsadmin -g web where 7-sisters.com.bnd contains: 192.168.1.2:80 192.168.1.2:443 >and your nsd.tcl file >with any sensitive stuff removed. ns_log notice "nsd.tcl: starting to read config file..." set httpport 80 set httpsport 443 set hostname www.7-sisters.com set address 192.168.1.2 set homedir /usr/local/aolserver set bindir ${homedir}/bin set logdir /var/log/aolserver set rundir /var/run/aolserver if [file isdirectory "$homedir/servers/7-sisters.com"] { set server "7-sisters.com" set servername "${hostname} server" set pageroot /web/${server}/www } set directoryfile index.adp,index.tcl,index.php,index.html,index.htm set sslkeyfile ${homedir}/servers/${server}/modules/nsopenssl/www.7-sisters.com.key set sslcertfile ${homedir}/servers/${server}/modules/nsopenssl/www.7-sisters.com.crt ns_section "ns/parameters" ns_param User nsadmin ns_param Group nsadmin ns_param home $homedir ns_param pidfile $rundir/nsd.pid ns_param debug false ns_param MailHost mail.7-sisters.com ns_param ServerLog ${logdir}/${server}-error.log ns_param LogRoll on ns_param MaxBackup 9 ns_section "ns/threads" ns_param mutexmeter true ;# measure lock contention ns_param stacksize [expr 256*1024] ;# Per-thread stack size for hungry C modules. Increased to 256 for PHP. ns_section "ns/servers" ns_param $server $servername ns_section "ns/server/${server}" ns_param directoryfile $directoryfile ns_param pageroot $pageroot ns_param globalstats false ;# Enable built-in statistics ns_param urlstats false ;# Enable URL statistics ns_param maxurlstats 1000 ;# Max number of URL's to do stats on ns_param enabletclpages true ;# Parse tcl files in # pageroot (dangerous) ns_param maxthreads 5 ns_param minthreads 5 ns_section "ns/server/${server}/module/nssock" ns_param port $httpport ns_param hostname $hostname ns_param address $address ns_section ns/server/${server}/module/nsopenssl/sslcontexts ns_param ${server}_ctx "SSL context for regular user access" ns_param ${server}_client_ctx "SSL context for outgoing script socket connections" ns_section ns/server/${server}/module/nsopenssl/defaults ns_param server ${server}_ctx ns_param client ${server}_client_ctx ns_section ns/server/${server}/module/nsopenssl/sslcontext/${server}_ctx ns_param Role server ns_param CertFile ${sslcertfile} ns_param KeyFile ${sslkeyfile} ns_param CADir ca ns_param CAFile ca/freesslca.crt ns_param ModuleDir ${homedir}/servers/${server}/modules/nsopenssl/ ns_param Protocols "SSLv2, SSLv3, TLSv1" ns_param CipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" ns_param PeerVerify false ns_param PeerVerifyDepth 3 ns_param Trace false ns_param SessionCache true ns_param SessionCacheID 1 ns_param SessionCacheSize 512 ns_param SessionCacheTimeout 300 ns_section ns/server/${server}/module/nsopenssl/sslcontext/${server}_client_ctx ns_param Role client ns_param CertFile ${sslcertfile} ns_param KeyFile ${sslkeyfile} ns_param CADir ca ns_param CAFile ca/freesslca.crt ns_param ModuleDir ${homedir}/servers/${server}/modules/nsopenssl/ ns_param Protocols "SSLv2, SSLv3, TLSv1" ns_param CipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP" ns_param PeerVerify false ns_param PeerVerifyDepth 3 ns_param Trace false ns_param SessionCache true ns_param SessionCacheID 1 ns_param SessionCacheSize 512 ns_param SessionCacheTimeout 300 ns_section ns/server/${server}/module/nsopenssl/ssldrivers ns_param ${server}_drv "Driver for regular user access" ns_section ns/server/${server}/module/nsopenssl/ssldriver/${server}_drv ns_param Sslcontext ${server}_ctx ns_param Port 443 ns_section "ns/server/${server}/module/nslog" ns_param EnableHostnameLookup Off ns_param File ${logdir}/${server}-access.log ns_param LogCombined On ns_param RollLog On ns_param RollDay * ns_param RollHour 0 ns_param RollDir ${logdir}/access-report/ ns_param RollFmt %Y-%m-%d-%H:%M ns_param RollOnSignal On ns_param MaxBackup 7 ;# Max number to keep around when rolling ns_section "ns/server/${server}/modules" ns_param nssock ${bindir}/nssock.so ns_param nslog ${bindir}/nslog.so ns_param nsdb ${bindir}/nsdb.so ns_param nsperm ${bindir}/nsperm.so if { [file exists $sslcertfile] && [file exists $sslkeyfile] } { ns_param nsopenssl ${bindir}/nsopenssl.so } else { ns_log warning "nsd.tcl: nsopenssl not loaded because key/cert files do not exist." } ns_log notice "nsd.tcl: finished reading config file [info script]." -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.