Hi,
at all.
I solved now the Problem, so it works for me.
I tried to use the "old" db handles as in v1.0.2 in startAutoCA and it works.
Best regards
Claus
following the patch:
--- startAutoCA 2010-07-20 14:36:03.769000090 +0200
+++ startAutoCA_new 2010-07-20 14:36:13.345598590 +0200
@@ -18,11 +18,9 @@
## Parameters used by the issuing certificate process
- our ($query, $errno, $errval, $cryptoShell, $ca_token, $DEBUG);
+ our ($db, $query, $errno, $errval, $cryptoShell, $ca_token, $DEBUG);
our (%AUTOCONF);
- my $db = undef;
-
$DEBUG = 0;
$pidfile = $AUTOCONF{"var_prefix"}."/tmp/openca_autoca.pid";
@@ -68,16 +66,6 @@
# Load the parameters
$params = startAutoCA_loadParams();
- if( not ($db = newConnectDB())) {
- print STDERR "autoCA::ERROR::Can not connect to DB!\n"
- if ( $DEBUG );
- exit(1);
- } else {
- print STDERR "AutoCA::Start()->DB connection Ok.\n"
- if ( $DEBUG );
- }
- $params->{DB} = $db;
-
while( 1 ) {
my $retVal = 0;
@@ -98,7 +86,6 @@
}
$params->{CA_TOKEN} = $ca_token;
- $params->{DB} = $db;
$retVal = autoCAProcess( %{ $params } );
$db->commit();
@@ -131,7 +118,7 @@
my ($request, $operator_cert, $operator_serial, $signature,
$role_sig, $cert);
- our ($query, $errno, $errval, $cryptoShell, $ca_token, $DEBUG);
+ our ($db, $query, $errno, $errval, $cryptoShell, $ca_token, $DEBUG);
if( $DEBUG ) {
print STDERR "On-Line CA::autoCAProcess() started\n";
@@ -161,8 +148,6 @@
print STDERR "On-Line CA::autoCAProcess()::Start Request Listing\n"
};
- my $db = $params->{DB};
-
my @list = $db->searchItems( DATATYPE => $dataType,
ITEMS => $maxItems );
@@ -592,7 +577,7 @@
my $reason = shift;
my $statusfile = undef;
- our (%AUTOCONF);
+ our ($db, %AUTOCONF);
$statusfile = $AUTOCONF{"var_prefix"}."/tmp/openca_autoca_status.txt";
@@ -600,9 +585,9 @@
$reason = gettext ( "Process Stopped from CA Interface" );
}
- # if( $db ) {
- # $db->disconnect();
- #}
+ if( $db ) {
+ $db->disconnect();
+ }
# Unrecoverable Error
if( not open( FD, ">$statusfile")) {
Zitat von [email protected]:
> Hi Max,
>
> i have the same problem with auto certificate issuing.
> I get an scep request from an cisco-router and approve the request
> from the ra-interface with my RA Administrator Certificate.
> Everything seems ok, my request is approved and in the ca-interface i
> can issue that certificate.
>
> If i do that with autoca i can approve the request, but the next run
> of autoca process die error:
> 700: The compilation of the command cmdStartAutoCA failed. execute on
> disconnected handle at
> /opt/lib/openca/perl_modules/perl5/OpenCA/DBI.pm line 3188.<br>
> Compilation failed in require at /opt/etc/openca/openca_start line 65.
>
> Than i could start the auto certificate issuing from ca-interface and
> the approved request will be signed. After that the autoca process
> stays in his normal loop and everything seems ok.
>
> I have no more idea how i can further debug the problem, so after i
> read the thread with Samuel i hope you have any idea.
>
> You wrote "So far, tests are positive :D", but i don't know if you
> have fixed that in the newest version 1.1.0.
>
> I work with 1.1.0 and postgres
>
> Best Regards
>
> Claus
>
>
>
> Re: [Openca-Users] problem with autos
> From: Massimiliano Pala <p...@cs...> - 2010-02-23 04:41
>
> Attachments: smime.p7s
>
> Hi Samuel,
>
> I looked into the problem, and I think I have solved it. In the new version
> we actually use three different db handles for the three auto processes
> (CA, CRL, Email).
>
> So far, tests are positive :D
>
> Later,
> Max
>
>
> On 02/22/2010 09:55 AM, Samuel Rios Carvalho wrote:
>> Problems showed in my log file.
>>
>> DBI
>> connect('database=openca;host=belina;port=3306;mysql_ssl=0','openca',...)
>> failed:
>> Lost connection to MySQL server at 'reading authorization packet',
>> system error: 0 at
> [...]
>> at /opt/openca/lib/openca/perl_modules/perl5/OpenCA/DBI.pm line 3075.<br>
>> Compilation failed in require at /opt/openca/etc/openca/openca_start
>> line 65.
>>
>> Auto Certificate Issuing is disable but Auto CRL Issuing is enable.
>>
>> Samuel Rios Carvalho
>
> --
>
> Best Regards,
>
> Massimiliano Pala
>
> --o------------------------------------------------------------------------
> Massimiliano Pala [OpenCA Project Manager] [email protected]
> [email protected]
>
> Dartmouth Computer Science Dept Home Phone: +1 (603) 369-9332
> PKI/Trust Laboratory Work Phone: +1 (603) 646-8734
> --o------------------------------------------------------------------------
> People who think they know everything are a great annoyance to those of us
> who do.
> -- Isaac Asimov
>
>
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by Sprint
> What will you do first with EVO, the first 4G phone?
> Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
> _______________________________________________
> Openca-Users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/openca-users
>
>
------------------------------------------------------------------------------
This SF.net email is sponsored by Sprint
What will you do first with EVO, the first 4G phone?
Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
