Re: [AOLSERVER] AOLserver and LDAP
So, a year later I reply to my own email ;) I've written the nsldap module I was looking for. It works for me, but I guess it still has bugs. If anyone there needs to access an LDAP database from within AOLServer and would like to try this out, it can be downloaded from http://www.galileo.edu/obonilla/software/nsldap I would be glad to give the module to the AOLServer folks so they can put it in their modules repository. Just send me email... Thanks -Oscar
[AOLSERVER] Comparing Password Hashes in LDAP
I got tired of having to kludge stuff for checking for the userPassword attribute stored in LDAP, so I wrote a little AOLServer module that can generate and compare passwords in all formats that OpenLDAP supports (yes, including SSHA). If you want it, get it at http://www.galileo.edu/obonilla/software/nspasswd Regards, -Oscar -- pgp fingerprint: BC64 2E7A CAEF 39E1 9544 80CA F7D5 784D FB46 16C1
Re: [AOLSERVER] [ANNOUNCE] Release of nssha1-0.1
Why don't you check the module nspasswd at http://www.galileo.edu/obonilla/software/nspasswd ? it has nssha functionality plus other hashes... regards, -Oscar On Monday, September 30, 2002, at 12:47 AM, Scott Goodwin wrote: > I've imported and created a File release of nssha1, version 0.1. I'll > promote it to version 1.0 when I or someone else can confirm that it > works properly with AOLserver. > > /s. > -- > Scott Goodwin > [EMAIL PROTECTED] > http://scottg.net > -- pgp fingerprint: BC64 2E7A CAEF 39E1 9544 80CA F7D5 784D FB46 16C1
Re: [AOLSERVER] ANNOUNCE: ns_chartdir charting module available
Is there a way to write the generated image directly to the AOLServer connection without having to write it to a file first? nsgd has this feature and it's very useful for dynamically generated images... Regards, -Oscar On Sunday, October 13, 2002, at 07:37 PM, Vlad Seryakov wrote: > Hello, > > Here it is my first public release of charting module, > it is pure interface to ChartDirector from www.advsofteng.com, > very sophisticated charting library for C++. > > No documentation is available yet, but i am implementing > all their demo scripts which are very informative. > > Download it from > ftp://ftp.crystalballinc.com/pub/vlad/nschartdir.tar.gz > -- pgp fingerprint: BC64 2E7A CAEF 39E1 9544 80CA F7D5 784D FB46 16C1
Re: [AOLSERVER] SSL handshake error
I'm seeing the exact same problem, however I have ServerSessionCache set to true. I'm
using
nsopenssl 2.1. What could the problem be?
This is the nsopenssl part of my aolserver config file:
-
ns_section "ns/server/${servername}/module/nsopenssl"
ns_param ServerPort ${httpsport}
ns_param ServerHostname ${hostname}
ns_param ServerAddress ${address}
ns_param ServerCertFile ${sslcertificate}
ns_param ServerKeyFile ${sslkey}
ns_param ServerProtocols All
ns_param ServerCipherSuite
"ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
ns_param ServerSessionCache true
ns_param ServerSessionCacheID1
ns_param ServerSessionCacheSize 512
ns_param ServerSessionCacheTimeout 300
ns_param ServerPeerVerifyfalse
ns_param ServerPeerVerifyDepth 3
ns_param ServerCADir ${sslcadir}
ns_param ServerCAFile${sslcafile}
ns_param ServerTrace false
ns_param SockServerCertFile ${sslcertificate}
ns_param SockServerKeyFile ${sslkey}
ns_param SockServerProtocols All
ns_param SockServerCipherSuite
"ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
ns_param SockServerSessionCache true
ns_param SockServerSessionCacheID2
ns_param SockServerSessionCacheSize 512
ns_param SockServerSessionCacheTimeout 300
ns_param SockServerPeerVerifytrue
ns_param SockServerPeerVerifyDepth 3
ns_param SockServerCADir ${sslinternalcadir}
ns_param SockServerCAFile${sslinternalcafile}
ns_param SockServerTrace false
ns_param SockClientCertFile ${sslclientcertificate}
ns_param SockClientKeyFile ${sslclientkey}
ns_param SockClientProtocols All
ns_param SockClientCipherSuite
"ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
ns_param SockClientSessionCache true
ns_param SockClientSessionCacheID3
ns_param SockClientSessionCacheSize 512
ns_param SockClientSessionCacheTimeout 300
ns_param SockClientPeerVerifytrue
ns_param SockClientPeerVerifyDepth 3
ns_param SockClientCADir ${sslservercadir}
ns_param SockClientCAFile${sslservercafile}
ns_param SockClientTrace false
ns_param RandomFile /dev/urandom
ns_param SeedBytes 1024
Thanks,
-Oscar
On Mon, Mar 10, 2003 at 11:42:36PM -0600, Scott Goodwin wrote:
> Turn it on, always, always, always have session caching on, or SSL to
> certain MSIE browser versions will fail in the way you're seeing. I've
> just updated the nsopenssl config examples at my site to reflect this.
>
> nsopenssl 3.0 will have session caching turned on by default, so that
> if you want it turned off you'll have to explicitly do so.
>
>
> /s.
>
>
>
> On Monday, March 10, 2003, at 11:32 PM, William Scott Jordan wrote:
>
> > ServerSessionCache is set to false.
> >
> > Scott
> >
> > At 11:12 PM 3/10/2003 -0600, you wrote:
> >> Do you have session caching turned on?
> >>
> >> /s.
> >>
> >> On Monday, March 10, 2003, at 11:00 PM, William Scott Jordan wrote:
> >>
> >>> I'm running AOLServer 3.4 with OpenSSL 0.9.6 and nsopenssl 2.2b4 on
> >>> Redhat
> >>> 7.0 and I'm getting this error quite a bit:
> >>>
> >>>
> >>> Error: nsopenssl: EOF during SSL handshake
> >>>
> >>>
> >>> I have no idea what's causing it and I can't recreate it. When it
> >>> happens,
> >>> it gives the end user a "Server Error" message. Reloading the same
> >>> page
> >>> never causes the problem a second time. I really don't even know
> >>> whether
> >>> it's a problem with AOLServer, a configuration issue, or a problem
> >>> with
> >>> OpenSSL.
> >>>
> >>> Has anybody seen this before or have any idea of how to correct it?
> >>> Any
> >>> advice would be appreciated.
> >>>
> >>> Scott
> >>>
> >>>
> >>>
> >>> I. To remove yourself from this list:
> >>>
> >>> Send a message to "[EMAIL PROTECTED]" with the following
> >>> text
> >>> in
> >>> the BODY of your message:
> >>>
> >>> signoff aolserver
> >>>
> >>> II. For a complete list of listserv options please visit:
> >>>
> >>> http://listserv.aol.com/
> >>>
> >>> III. For more AOLserver information please visit:
> >>>
> >>> http://www.aolserver.com/
> >>
> >>
> >>
> >> I. To remove yourself from this list:
> >>
> >> Send a message to "[EMAIL PROTECTED]" with the following
> >> text in
> >> the BODY of your message:
> >>
> >> signoff aolserver
> >>
> >> II. For a complete list of listserv options please visit:
> >>
> >> http://listserv.aol.com/
> >>
> >> III. For more AOLserver information please visit:
> >>
> >> http://www.aolserver.com/
> >
> >
> >
> > I. To remove y
Re: [AOLSERVER] SSL handshake error
Ok, so maybe I was not seeing the *exact* same problem ;) I was just
seeing the error messages in the log. I had seen the "server error"
message on the browsers some time ago, but I expected the error
messages to also go away. I guess it must be the OpenSSL exploit
then... any way to check and make sure?
Regards,
-Oscar
On Tue, Mar 11, 2003 at 09:08:58AM -0600, Scott Goodwin wrote:
> I need to know the browser type, version and strength (e.g. MSIE 5.5
> 128-bit, Netscape 4.7 40-bit...).
>
> Oscar, when you say you're seeing the exact same problem, do you mean
> you're seeing both the error message and the browser is failing on the
> first connect?
>
> /s.
>
>
> On Tuesday, March 11, 2003, at 08:42 AM, Oscar Bonilla wrote:
>
> > I'm seeing the exact same problem, however I have ServerSessionCache
> > set to true. I'm using
> > nsopenssl 2.1. What could the problem be?
> >
> >
> > This is the nsopenssl part of my aolserver config file:
> >
> > -
> > ns_section "ns/server/${servername}/module/nsopenssl"
> > ns_param ServerPort ${httpsport}
> > ns_param ServerHostname ${hostname}
> > ns_param ServerAddress ${address}
> > ns_param ServerCertFile ${sslcertificate}
> > ns_param ServerKeyFile ${sslkey}
> > ns_param ServerProtocols All
> > ns_param ServerCipherSuite
> > "ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
> > ns_param ServerSessionCache true
> > ns_param ServerSessionCacheID1
> > ns_param ServerSessionCacheSize 512
> > ns_param ServerSessionCacheTimeout 300
> > ns_param ServerPeerVerifyfalse
> > ns_param ServerPeerVerifyDepth 3
> > ns_param ServerCADir ${sslcadir}
> > ns_param ServerCAFile${sslcafile}
> > ns_param ServerTrace false
> >
> > ns_param SockServerCertFile ${sslcertificate}
> > ns_param SockServerKeyFile ${sslkey}
> > ns_param SockServerProtocols All
> > ns_param SockServerCipherSuite
> > "ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
> > ns_param SockServerSessionCache true
> > ns_param SockServerSessionCacheID2
> > ns_param SockServerSessionCacheSize 512
> > ns_param SockServerSessionCacheTimeout 300
> > ns_param SockServerPeerVerifytrue
> > ns_param SockServerPeerVerifyDepth 3
> > ns_param SockServerCADir ${sslinternalcadir}
> > ns_param SockServerCAFile${sslinternalcafile}
> > ns_param SockServerTrace false
> >
> > ns_param SockClientCertFile ${sslclientcertificate}
> > ns_param SockClientKeyFile ${sslclientkey}
> > ns_param SockClientProtocols All
> > ns_param SockClientCipherSuite
> > "ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL"
> > ns_param SockClientSessionCache true
> > ns_param SockClientSessionCacheID3
> > ns_param SockClientSessionCacheSize 512
> > ns_param SockClientSessionCacheTimeout 300
> > ns_param SockClientPeerVerifytrue
> > ns_param SockClientPeerVerifyDepth 3
> > ns_param SockClientCADir ${sslservercadir}
> > ns_param SockClientCAFile${sslservercafile}
> > ns_param SockClientTrace false
> >
> > ns_param RandomFile /dev/urandom
> > ns_param SeedBytes 1024
> >
> >
> > Thanks,
> >
> > -Oscar
> >
> > On Mon, Mar 10, 2003 at 11:42:36PM -0600, Scott Goodwin wrote:
> >> Turn it on, always, always, always have session caching on, or SSL to
> >> certain MSIE browser versions will fail in the way you're seeing. I've
> >> just updated the nsopenssl config examples at my site to reflect this.
> >>
> >> nsopenssl 3.0 will have session caching turned on by default, so that
> >> if you want it turned off you'll have to explicitly do so.
> >>
> >>
> >> /s.
> >>
> >>
> >>
> >> On Monday, March 10, 2003, at 11:32 PM, William Scott Jordan wrote:
> >>
> >>> ServerSessionCache is set to false.
> >>>
> >>> Scott
> >>>
>
[AOLSERVER] Connecting to two different versions of Oracle
I have a situation in which I have to connect to two different Oracle databases from AOLServer. One is an Oracle 9i database which uses the UTF-8 character set and the other is an Oracle 7 database which uses ASCII. The current oracle driver works with Oracle 9i if I change all the ora8 references to ora8 and link it against the Oracle 9i libraries. It also works with Oracle 7 if I do the same thing (I mean, link it against the Oracle 9i libraries and change all ora8 to ora9). However, I can't use the driver for what I want due to the environment variables. If I set the NLS_LANG environment variable to "UTF-8" the Oracle 7 database returns a weird error (something about fetch out of sequence). If I don't use the NLS_LANG environment variable the Oracle 7 database works, but the Oracle 9i database doesn't work with Unicode. I was thinking about implementing some configuration parameters for the oracle driver. What I have in mind is being able to tell the oracle driver from the nsd.tcl config file how it should set the environment variables, something like: ns_param setenv "NLS_LANG" "UTF-8" I'm not really sure how to do this, but I've written AOLServer modules before so I'm confident I can do it. Is this worth the effort or am I just overcomplicating something that could have a much simpler solution? Would this be useful to anyone else? alas, should I post this somewhere if I do it? Thanks, -Oscar -- pgp fingerprint: BC64 2E7A CAEF 39E1 9544 80CA F7D5 784D FB46 16C1 -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list: http://www.aolserver.com/listserv.html List information and options: http://listserv.aol.com/
