Re: difficulties replacing bad libssl.so.3 with newly build libssl.so.3

2003-10-09 Thread Toni Schmidbauer 
On Wed, Oct 08, 2003 at 04:31:21PM -0700, John Fox wrote:
 One of my aims was to replace libssl.so.3 with a fixed version, so (after
 making a backup copy of the current /usr/lib/libssl.so.3) I placed
 /usr/obj/usr/local/world_src/secure/lib/libssl/libssl.so.3 into /usr/lib
 and then attempted an https connection to the server. (Apache's mod_ssl
 was dynamically linked against libssl.so.3).  I found that my connection
 did not really work properly, creating errors such as these in the httpd
 error log:
 
   [Wed Oct  8 16:01:04 2003] [error] [client W.X.Y.Z] Invalid method in request 
 \x80C\x01\x03
   [Wed Oct  8 16:02:48 2003] [error] [client W.X.Y.Z] Invalid method in request 
 \x16\x03
   [Wed Oct  8 16:02:48 2003] [error] [client W.X.Y.Z] Invalid method in request 
 \x16\x03

just to be sure, have you restartet your apache (apachectl stop +
startssl?)

hth,
toni
-- 
Kann man etwas nicht verstehen, dann urteile man | toni at stderror dot at 
lieber gar nicht, als dass man verurteile.   | Toni Schmidbauer
-- Rudolf Steiner| 


pgp0.pgp
Description: PGP signature

Re: difficulties replacing bad libssl.so.3 with newly build libssl.so.3

2003-10-09 Thread Mike Tancsa 
At 03:19 PM 09/10/2003, Toni Schmidbauer wrote:
On Wed, Oct 08, 2003 at 04:31:21PM -0700, John Fox wrote:
 One of my aims was to replace libssl.so.3 with a fixed version, so (after
 making a backup copy of the current /usr/lib/libssl.so.3) I placed
 /usr/obj/usr/local/world_src/secure/lib/libssl/libssl.so.3 into /usr/lib
 and then attempted an https connection to the server. (Apache's mod_ssl
 was dynamically linked against libssl.so.3).  I found that my connection
 did not really work properly, creating errors such as these in the httpd
 error log:

   [Wed Oct  8 16:01:04 2003] [error] [client W.X.Y.Z] Invalid method in 
request \x80C\x01\x03
   [Wed Oct  8 16:02:48 2003] [error] [client W.X.Y.Z] Invalid method in 
request \x16\x03
   [Wed Oct  8 16:02:48 2003] [error] [client W.X.Y.Z] Invalid method in 
request \x16\x03

just to be sure, have you restartet your apache (apachectl stop +
startssl?)
Did you rebuild apache_modssl ? There are some statically linked bits 
normally that need rebuilding.

---Mike


hth,
toni
--
Kann man etwas nicht verstehen, dann urteile man | toni at stderror dot at
lieber gar nicht, als dass man verurteile.   | Toni Schmidbauer
-- Rudolf Steiner|
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

difficulties replacing bad libssl.so.3 with newly build libssl.so.3

2003-10-08 Thread John Fox 
Hello, all.

I've got a machine running FreeBSD 4.8-RELEASE, and I need to upgrade it
to fix the SSL, procfs issues that have come up lately.  The machine's
root partition lacks the space to accomodate world source and object
files, so I have two symlinks for /usr/src and /usr/obj:

/usr/src -- /usr/local/world_src
/usr/obj -- /usr/local/world_obj

I cvsupped RELENG_4_8 and it was all placed under /usr/local/world_src
as I'd expected, and cd'ing into '/usr/src' I can see the same stuff
as if I'd cd'd into /usr/local/world_src.  No surprises there.
(In the supfile, I have *default prefix=/usr.  Dunno if that applies
to this discussion.)

I cd'd to /usr/src and issued the buildworld command.  The build ran
for a while and then finished.  I took a look at the contents of
'/usr/obj' (aka /usr/local/world_obj) and saw a directory hierarchy
that matched my '/usr/local/world_src' path:

   [vmail:/usr/local/etc]$ ls -lR /usr/obj/|head -n 14
   total 4
   drwxr-xr-x  3 root  wheel  512 Oct  8 13:38 usr/
   
   /usr/obj/usr:
   total 4
   drwxr-xr-x  3 root  wheel  512 Oct  8 13:38 local/
   
   /usr/obj/usr/local:
   total 4
   drwxr-xr-x  16 root  wheel  512 Oct  8 13:42 world_src/
   
   /usr/obj/usr/local/world_src:
   total 64
   drwxr-xr-x   32 root  wheel   512 Oct  8 13:41 bin/

This struck me as wierd, but I figure it's the way it ought to be,
so I moved on.

One of my aims was to replace libssl.so.3 with a fixed version, so (after
making a backup copy of the current /usr/lib/libssl.so.3) I placed
/usr/obj/usr/local/world_src/secure/lib/libssl/libssl.so.3 into /usr/lib
and then attempted an https connection to the server. (Apache's mod_ssl
was dynamically linked against libssl.so.3).  I found that my connection
did not really work properly, creating errors such as these in the httpd
error log:

  [Wed Oct  8 16:01:04 2003] [error] [client W.X.Y.Z] Invalid method in request 
\x80C\x01\x03
  [Wed Oct  8 16:02:48 2003] [error] [client W.X.Y.Z] Invalid method in request 
\x16\x03
  [Wed Oct  8 16:02:48 2003] [error] [client W.X.Y.Z] Invalid method in request 
\x16\x03

Clearly, I did something wrong, for when I replaced the prior libssl.so.3, my errors 
went
away.  I'm trying to understand now if the root problem is:

1) My '/usr/src' and '/usr/obj' symlinks.  I can't see them being the problem, but I 
want
leave no stone unturned.

2) Incorrect technique used to replace the libssl.so.3 library.  (I am leery of running
'installworld' on this machine, as it is a production system, and I've never built
the world on a production machine.)

3) Something else entirely.

Any clues or pointers as to the cause of the problem would be greatly appreciated.

With thanks,


John
--
+---+
| John Fox [EMAIL PROTECTED] |System Administrator   | InfoStructure   |
+---+
|Gideon: I thought you said don't hold a grudge.|
| Galen: I don't. I have no surviving enemies...at all. |
| -- Crusdade, _Racing the Night_ |
+---+
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]