14-Jul-99 17:55 you wrote:
> On Tue, Jul 06, 1999, [EMAIL PROTECTED] wrote:
>> We're running Debian Linux (kernel 2.2.7, glibc 2.1), apache 1.3.6 & mod_ssl
>> 2.3.5.
>>
>> Unless we manually chown the ssl_scache.dir and ssl_scache.pag files, we
>> get:
>>
>> Can't open SSLSessionCache DBM file for writing (store): system error
>> follows
>> w/ a system error of Permission denied.
>>
>> The system acts a little flaky, but I haven't been able to track down
>> consitent negative behavior.
>>
>> I added some debugging statements to ssl_engine_scache.c (in the
>> ssl_scache_dbm_init() function). It turns out that somehow,
>> SSL_DBM_FILE_SUFFIX_DIR and SSL_DBM_FILE_SUFFIX_PAG are both defined as
>> ".db" instead of ".pag" and ".dir", respectively. I don't know why they're
>> getting defined this way in mod_ssl.h (and I'm not sure how to debug
>> preproccessor stuff). This of course causes chown() to fail.
>>
>> Check those return values!!!
>>
>> Anyway, manually chowning the files fixes this, and as I said, I'm not sure
>> this caused any actual problems (besides presumably adding connection
>> overhead by forcing renegotiated sesssions).
>>
>> Thought you'd want to know, though. Let me know if you need more info.
> Because there is no really correct way to determine the file suffixes, mod_ssl
> 2.3.6 now does the chown() the hard way: 1. xx, 2. xx.<guessed-suffix>, 3.
> xx.db, 4. xx.{dir,pag}. Additionally it now allows you to configure via
> CFLAGS="-DSSL_DBM_FILE_SUFFIX_DIR=foo -DSSL_DBM_FILE_SUFFIX=PAG=bar" in case
> you have to make it running on even more esoteric platforms. I really hate
> this NDBM stuff. Seems like my next abstraction library will by a DBM
> library..... :-(
Hmm. I STILL can not understood how Dave was able to get .dir & .pag files out
of GLibC 2.1 based system :-(( GLibC 2.1 includes BOTH Berkeley DB 1.x AND
Berkeley DB 2.x and in BOTH cases .db file is used, not pair of .dir/.pag
files !
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
