[AOLSERVER] compilation of nspostgres4.1 fails
Good evening, I'm experiencing problems compiling nspostgres4.1 on openbsd 4.5 My command sequence is: gmake POSTGRES=/var/postgresql PGLIB=/usr/local/lib/postgresql/ PGINC=/usr/local/include/postgresql/ INST=/usr/local/aolserver/bin/nsd NSHOME=/usr/local/aolserver AOLSERVER=/usr/local/aolserver And then gmake POSTGRES=/var/postgresql PGLIB=/usr/local/lib/postgresql/ PGINC=/usr/local/include/postgresql/ INST=/usr/local/aolserver/bin/nsd NSHOME=/usr/local/aolserver AOLSERVER=/usr/local/aolserver install And the result of the last command is: /usr/local/aolserver/bin/nsd -d /usr/local/aolserver/bin -e nspostgres.so /usr/local/aolserver/bin/nsd: can't load library 'libnsd.so' gmake: *** [install-mod] Error 4 If I look in my /usr/local/aolserver/bin directory, I see, ini2tcl.tcl install-sh nscgi.so nsd nsinstall-man.sh nslog.so nsopenssl.so nsremove.tcl nssock.so nsthreadtest init.tcl nscache.so nscp.so nsdb.so nsinstall.tcl nsmakeall.tcl nsperm.so nssha1.so nstclsh tcl2ini.tcl What do I have wrong? -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] TLS 1.6 and Aolserver
If Diffie Helmann is the only real issue here, maybe this should also be considered and DH removed by default configure. https://sourceforge.net/tracker/?func=detailaid=1811445group_id=13248atid=313248 Jeff On 06/05/2009 6:45 PM, Sep Ng wrote: Hi Jeff, I'm going to review options on how to progress with this problem with Jade. I've traced and stepped into TlsInit, and CtxInit functions and as far as I can see, the mutex functions we wrote seems to be working. I wonder if there is some influence by aolserver or what not. I don't know. It also seems that allow_customize in CRYPTO_set_mem_functions is getting set to zero for some reason. I'm not totally sure why that is happening. At this moment, I don't know what to do. On May 7, 7:14 am, Jack Schmidt thejackschm...@gmail.com wrote: Hi, Sep here. I just tried by disabling nsopenssl and it crashes at the same point. I suppose this is definitely more related to using aolserver with tls. I've included a backtrace and it shows the same point of failure. We use aolserver 4.0.10, though I'm not sure how relevant it is to the discussion. I'll try to check the startup routine of aolserver and see if I can find anything. 2009/5/7 Jeff Hobbs je...@activestate.com Is it possible that both nsopenssl and tls are in use, and that they both might be initializing openssl in the same process? I'm not sure if this would be a support case if so. On 05/05/2009 6:16 PM, Sep Ng wrote: Hi Jeff, I took a closer look at the patch you posted. It seems that the CRYPTO_set_mem_functions is not succeeding. The default memory functions that CRYPTO uses are malloc, realloc, and free but from the back trace, it looks like ns_malloc, ns_realloc and ns_free are the ones being used for some reason. I think I'm running out of ideas here. It's unclear why CRYPTO_set_mem_function would return 0 instead of 1, unless it's some bug in my OpenSSL package in Ubuntu. On May 6, 8:42 am, Jack Schmidt thejackschm...@gmail.com wrote: I've just yanked the debug. This includes the backtrace and memory frame info and the local info for most of the frames up until #11 CTX_Init. As before, the crash happens when DH_free is called. 2009/5/6 Jeff Hobbs je...@activestate.com Of the presented patches, I didn't find one that seemed to actually work, so I wrote one based on those presented. It is attached. Please test it in your environments. I have tested that it passes the basic tls test suite against a threaded Tcl 8.5.7 core build on Linux-x64 (and verified that OPENSSL_THREADS was true for this install). This patch is against tls 1.6 head. Jeff On 05/05/2009 3:42 PM, Sep Ng wrote: I'll try it. I didn't give it much thought at first but looking at it again, I think it might prevent the long string of ns_free and other calls to free memory after DH_free. On May 6, 3:43 am, Jeff Hobbs je...@activestate.com wrote: Just starting to look at this, but from the nsopenssl.c I saw another interesting function not used by TLS: if (CRYPTO_set_mem_functions(ns_malloc, ns_realloc, ns_free) == 0) ... We could do the same and point to Tcl_Alloc, Tcl_Realloc and Tcl_Free. I'm not sure they are necessary, and CRYPTO_set_mem_debug_functions isn't used, but it might help debug. -- AOLserver -http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- A scrum a day keeps the pigs at bay -- AOLserver -http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. bt-without-nsopenssl 17KViewDownload -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] TLS 1.6 and Aolserver
Hi Jeff, Thank you for the link to the bug tracker ticket. Perhaps I can suggest to Jade to go with disabling DH. Thank you so much for your time. On May 8, 6:25 am, Jeff Hobbs je...@activestate.com wrote: If Diffie Helmann is the only real issue here, maybe this should also be considered and DH removed by default configure. https://sourceforge.net/tracker/?func=detailaid=1811445group_id=132... Jeff On 06/05/2009 6:45 PM, Sep Ng wrote: Hi Jeff, I'm going to review options on how to progress with this problem with Jade. I've traced and stepped into TlsInit, and CtxInit functions and as far as I can see, the mutex functions we wrote seems to be working. I wonder if there is some influence by aolserver or what not. I don't know. It also seems that allow_customize in CRYPTO_set_mem_functions is getting set to zero for some reason. I'm not totally sure why that is happening. At this moment, I don't know what to do. On May 7, 7:14 am, Jack Schmidt thejackschm...@gmail.com wrote: Hi, Sep here. I just tried by disabling nsopenssl and it crashes at the same point. I suppose this is definitely more related to using aolserver with tls. I've included a backtrace and it shows the same point of failure. We use aolserver 4.0.10, though I'm not sure how relevant it is to the discussion. I'll try to check the startup routine of aolserver and see if I can find anything. 2009/5/7 Jeff Hobbs je...@activestate.com Is it possible that both nsopenssl and tls are in use, and that they both might be initializing openssl in the same process? I'm not sure if this would be a support case if so. On 05/05/2009 6:16 PM, Sep Ng wrote: Hi Jeff, I took a closer look at the patch you posted. It seems that the CRYPTO_set_mem_functions is not succeeding. The default memory functions that CRYPTO uses are malloc, realloc, and free but from the back trace, it looks like ns_malloc, ns_realloc and ns_free are the ones being used for some reason. I think I'm running out of ideas here. It's unclear why CRYPTO_set_mem_function would return 0 instead of 1, unless it's some bug in my OpenSSL package in Ubuntu. On May 6, 8:42 am, Jack Schmidt thejackschm...@gmail.com wrote: I've just yanked the debug. This includes the backtrace and memory frame info and the local info for most of the frames up until #11 CTX_Init. As before, the crash happens when DH_free is called. 2009/5/6 Jeff Hobbs je...@activestate.com Of the presented patches, I didn't find one that seemed to actually work, so I wrote one based on those presented. It is attached. Please test it in your environments. I have tested that it passes the basic tls test suite against a threaded Tcl 8.5.7 core build on Linux-x64 (and verified that OPENSSL_THREADS was true for this install). This patch is against tls 1.6 head. Jeff On 05/05/2009 3:42 PM, Sep Ng wrote: I'll try it. I didn't give it much thought at first but looking at it again, I think it might prevent the long string of ns_free and other calls to free memory after DH_free. On May 6, 3:43 am, Jeff Hobbs je...@activestate.com wrote: Just starting to look at this, but from the nsopenssl.c I saw another interesting function not used by TLS: if (CRYPTO_set_mem_functions(ns_malloc, ns_realloc, ns_free) == 0) ... We could do the same and point to Tcl_Alloc, Tcl_Realloc and Tcl_Free. I'm not sure they are necessary, and CRYPTO_set_mem_debug_functions isn't used, but it might help debug. -- AOLserver -http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- A scrum a day keeps the pigs at bay -- AOLserver -http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. bt-without-nsopenssl 17KViewDownload -- AOLserver -http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver -http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank.
Re: [AOLSERVER] TLS 1.6 and Aolserver
That makes sense to me. It does basically the same thing as what Sep suggested earlier to disable DH. I'm not sure if there are any problems with doing so, but looking at that bug report, it looks like it might be a good idea. J Jade Rubick Director of Development TRUiST 120 Wall Street, 4th Floor New York, NY 10005 USA jrub...@truist.com +1 503 285 4963 +1 707 671 1333 fax www.truist.com The information contained in this email/document is confidential and may be legally privileged. Access to this email/document by anyone other than the intended recipient(s) is unauthorized. If you are not an intended recipient, any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance to it, is prohibited. On May 7, 2009, at 3:25 PM, Jeff Hobbs wrote: If Diffie Helmann is the only real issue here, maybe this should also be considered and DH removed by default configure. https://sourceforge.net/tracker/?func=detailaid=1811445group_id=13248atid=313248 Jeff On 06/05/2009 6:45 PM, Sep Ng wrote: Hi Jeff, I'm going to review options on how to progress with this problem with Jade. I've traced and stepped into TlsInit, and CtxInit functions and as far as I can see, the mutex functions we wrote seems to be working. I wonder if there is some influence by aolserver or what not. I don't know. It also seems that allow_customize in CRYPTO_set_mem_functions is getting set to zero for some reason. I'm not totally sure why that is happening. At this moment, I don't know what to do. On May 7, 7:14 am, Jack Schmidt thejackschm...@gmail.com wrote: Hi, Sep here. I just tried by disabling nsopenssl and it crashes at the same point. I suppose this is definitely more related to using aolserver with tls. I've included a backtrace and it shows the same point of failure. We use aolserver 4.0.10, though I'm not sure how relevant it is to the discussion. I'll try to check the startup routine of aolserver and see if I can find anything. 2009/5/7 Jeff Hobbs je...@activestate.com Is it possible that both nsopenssl and tls are in use, and that they both might be initializing openssl in the same process? I'm not sure if this would be a support case if so. On 05/05/2009 6:16 PM, Sep Ng wrote: Hi Jeff, I took a closer look at the patch you posted. It seems that the CRYPTO_set_mem_functions is not succeeding. The default memory functions that CRYPTO uses are malloc, realloc, and free but from the back trace, it looks like ns_malloc, ns_realloc and ns_free are the ones being used for some reason. I think I'm running out of ideas here. It's unclear why CRYPTO_set_mem_function would return 0 instead of 1, unless it's some bug in my OpenSSL package in Ubuntu. On May 6, 8:42 am, Jack Schmidt thejackschm...@gmail.com wrote: I've just yanked the debug. This includes the backtrace and memory frame info and the local info for most of the frames up until #11 CTX_Init. As before, the crash happens when DH_free is called. 2009/5/6 Jeff Hobbs je...@activestate.com Of the presented patches, I didn't find one that seemed to actually work, so I wrote one based on those presented. It is attached. Please test it in your environments. I have tested that it passes the basic tls test suite against a threaded Tcl 8.5.7 core build on Linux-x64 (and verified that OPENSSL_THREADS was true for this install). This patch is against tls 1.6 head. Jeff On 05/05/2009 3:42 PM, Sep Ng wrote: I'll try it. I didn't give it much thought at first but looking at it again, I think it might prevent the long string of ns_free and other calls to free memory after DH_free. On May 6, 3:43 am, Jeff Hobbs je...@activestate.com wrote: Just starting to look at this, but from the nsopenssl.c I saw another interesting function not used by TLS: if (CRYPTO_set_mem_functions(ns_malloc, ns_realloc, ns_free) == 0) ... We could do the same and point to Tcl_Alloc, Tcl_Realloc and Tcl_Free. I'm not sure they are necessary, and CRYPTO_set_mem_debug_functions isn't used, but it might help debug. -- AOLserver -http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- A scrum a day keeps the pigs at bay -- AOLserver -http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. bt-without-nsopenssl 17KViewDownload -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to lists...@listserv.aol.com with the body of SIGNOFF AOLSERVER in the email message. You can leave the Subject: field of your email blank. -- AOLserver - http://www.aolserver.com/ To Remove yourself from this