Re: Ok, Client Test Suite established
On Thu, Mar 25, 1999, John Hamlik wrote: Is this a standard config?? static or module?? All static and compiled with debugging symbols for easier debugging in case of a code dump. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Ok, Client Test Suite established
On Thu, Mar 25, 1999, John Hamlik wrote: I haven't been able to duplicate the server error on IE4.0+ on your test server. (PR#136). ARgh! Could you share with us the details of the installation of en4.engelschall.com so we may compare to find the differences and to test the same configuration in our own environment. This would be most helpfull. The server install I've done within 15 minutes and was straight foreward: 1. I've extracted all three packages: drwxr-xr-x 10 root wheel 512 Mar 25 16:20 apache drwxr-xr-x 8 root staff 512 Mar 25 16:12 apache_1.3.6 -rw-r--r-- 1 root wheel 1372280 Mar 25 15:30 apache_1.3.6.tar.gz drwxr-xr-x 10 rse wheel 512 Mar 25 15:55 mod_ssl-2.2.6-1.3.6 -rw-r--r-- 1 root wheel 585546 Mar 25 15:31 mod_ssl-2.2.6-1.3.6.tar.gz drwxr-xr-x 23 root wheel 1024 Mar 25 15:38 openssl-0.9.2b -rw-r--r-- 1 root wheel 1471369 Mar 25 15:30 openssl-0.9.2b.tar.gz (the apache/ dir is the installation dir) 2. I've compiled OpenSSL with $ perl Configure "FreeBSD-elf:cc:-g -ggdb3 -O2:::" but a simple $ ./config should do the same (I just wanted debugging stuff) 3. I've went to mod_ssl-2.2.6-1.3.6 and run $ ./configure --with-apache=../apache_1.3.6 4. I then went do apache_1.3.6 and run (I give you the config.status): CC="cc" \ OPTIM="-g -ggdb3 -O2" \ TARGET="apache" \ SSL_BASE="/e/trail/openssl-0.9.2b" \ ./configure \ "--with-layout=GNU" \ "--target=apache" \ "--prefix=/e/trail/apache" \ "--enable-module=most" 5. I've created a certificate with "make certificate" and finally installed the stuff with "make install". I then only enabled "SSLLogLevel trace" in the apache.conf file. That's all. Nothing special. Even the box is a PII/333 where I've done a standard FreeBSD 3.1 installation a few weeks ago. Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Ok, Client Test Suite established
On Fri, Mar 26, 1999, Toru Takinaka wrote: Ok, because of the problem reports with various client/platforms and the fact that I cannot reproduce the problems, I've now established a little test suite for us. Under http://en4.engelschall.com/ https://en4.engelschall.com/ an Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.2b test server is running under FreeBSD 3.1. It has three test CGI scripts installed, debugging enabled and and a little mechanism to look at the last 16KB of the Apache logfiles. MSIE3.02(Japanese) can't access https://en4.engelschall.com/ Why? What happens? An I/O error? Or is just because the server certificate is a dummy one which uses the SnakeOil CA your MSIE3.02 doesn't know? Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Ok, Client Test Suite established
Ralf S. Engelschall wrote: On Thu, Mar 25, 1999, Magnus Stenman wrote: http://en4.engelschall.com/ https://en4.engelschall.com/ Dang. NS 4.08 Linux and NS 4.5 Mac work fine on all tests... Unfortunately I cannot give you access to my box, because it's on a non-public net.. But I can enable "debug" level in the logs.. Ahh... fine. I was already made-insecure and though I become totally crazy. So we can now conclude that at least for your situation it's seems a local platform problem. At least it seems it's not a general mod_ssl protocol problem. I've expected this, because I already went over the protocol stuff more than once and finally were convinced that in 2.2.5 and 2.2.6 it's now finally correct. Hmmm.. but nevertheless you've still the nasty problems on your platform and the question remains: What cause it. Using the debugging loglevel can give some hints, yes. It's not exactly the software versions I used, right? I think the problem is inside OpenSSL, because in Apache the protocol stuff I start to suspect that too... I use 0.9.1c (could not find newer RPMs) but I'll upgrade to 0.9.2b and we'll see if the problem goes away. It seems that at least some of the error reports come from people using 0.9.1c wasn't changed for a long time. Have you already tried a _fresh_ (built from scratch!) Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.2b (sorry when I ask again, but too much people already described their situation the last days and I already intermix them)? Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.1c I included the "debug" level log snippet below /magnus ssllog.gz
Re: Ok, Client Test Suite established
Ralf S. Engelschall wrote: Dang. NS 4.08 Linux and NS 4.5 Mac work fine on all tests... Unfortunately I cannot give you access to my box, because it's on a non-public net.. But I can enable "debug" level in the logs.. /magnus Ok, because of the problem reports with various client/platforms and the fact that I cannot reproduce the problems, I've now established a little test suite for us. Under http://en4.engelschall.com/ https://en4.engelschall.com/ an Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.2b test server is running under FreeBSD 3.1. It has three test CGI scripts installed, debugging enabled and and a little mechanism to look at the last 16KB of the Apache logfiles. I've now connected with the following Netscape browsers running under X11 on my development FreeBSD 3.1 box here at home: Netscape 2.02 Netscape 3.04 Netscape 4.08 Netscape 4.51 and all four versions connected fine and passed the three CGI scripts successfully without any hangs, any I/O errors or other unusual things. In other words, as I said: Under my development platform I cannot reproduce your problems. So, it's now your turn. Connect from your favorite client platform with your esoteric clients and hopefully let us find out something... Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Ok, Client Test Suite established
On Thu, 25 Mar 1999, Ralf S. Engelschall wrote: http://en4.engelschall.com/ https://en4.engelschall.com/ ... Netscape 2.02 Netscape 3.04 Netscape 4.08 Netscape 4.51 And these clients also works fine on all tests: Netscape 4.5 (Linux/glibc) + Fortify Lynx-SSL Wanderlei Antonio Cavassin Conectiva __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Ok, Client Test Suite established
Is this a standard config?? static or module?? -Original Message- From: Ralf S. Engelschall [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 25, 1999 8:49 AM To: [EMAIL PROTECTED] Subject: Ok, Client Test Suite established Ok, because of the problem reports with various client/platforms and the fact that I cannot reproduce the problems, I've now established a little test suite for us. Under http://en4.engelschall.com/ https://en4.engelschall.com/ an Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.2b test server is running under FreeBSD 3.1. It has three test CGI scripts installed, debugging enabled and and a little mechanism to look at the last 16KB of the Apache logfiles. I've now connected with the following Netscape browsers running under X11 on my development FreeBSD 3.1 box here at home: Netscape 2.02 Netscape 3.04 Netscape 4.08 Netscape 4.51 and all four versions connected fine and passed the three CGI scripts successfully without any hangs, any I/O errors or other unusual things. In other words, as I said: Under my development platform I cannot reproduce your problems. So, it's now your turn. Connect from your favorite client platform with your esoteric clients and hopefully let us find out something... Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Ok, Client Test Suite established
Ok, because of the problem reports with various client/platforms and the fact that I cannot reproduce the problems, I've now established a little test suite for us. Under http://en4.engelschall.com/ https://en4.engelschall.com/ an Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.2b test server is running under FreeBSD 3.1. It has three test CGI scripts installed, debugging enabled and and a little mechanism to look at the last 16KB of the Apache logfiles. MSIE3.02(Japanese) can't access https://en4.engelschall.com/ MSIE5.0(Japanese) is OK. MSIE3.02(Japanese) can access Apache/1.3.4+mod_ssl/2.2.3+OpenSSL/0.9.1c. __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Ok, Client Test Suite established
I haven't been able to duplicate the server error on IE4.0+ on your test server. (PR#136). ARgh! Could you share with us the details of the installation of en4.engelschall.com so we may compare to find the differences and to test the same configuration in our own environment. This would be most helpfull. John -Original Message- From: Ralf S. Engelschall [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 25, 1999 8:49 AM To: [EMAIL PROTECTED] Subject: Ok, Client Test Suite established Ok, because of the problem reports with various client/platforms and the fact that I cannot reproduce the problems, I've now established a little test suite for us. Under http://en4.engelschall.com/ https://en4.engelschall.com/ an Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.2b test server is running under FreeBSD 3.1. It has three test CGI scripts installed, debugging enabled and and a little mechanism to look at the last 16KB of the Apache logfiles. I've now connected with the following Netscape browsers running under X11 on my development FreeBSD 3.1 box here at home: Netscape 2.02 Netscape 3.04 Netscape 4.08 Netscape 4.51 and all four versions connected fine and passed the three CGI scripts successfully without any hangs, any I/O errors or other unusual things. In other words, as I said: Under my development platform I cannot reproduce your problems. So, it's now your turn. Connect from your favorite client platform with your esoteric clients and hopefully let us find out something... Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/ Official Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]