SSL Compile
SSL Compile
I'm trying to get SSL working but get the following error when I try to start the server:
unrealircd.conf:269: listen with SSL flag enabled on a non SSL compile
I am using this configure, which worked fine before I added the SSL line:
./configure \
--prefix=/usr/$TYPE \
--enable-hub \
--with-listen=5 \
--with-dpath=/etc/$TYPE/unreal/$TAG \
--with-spath=/usr/$TYPE/sbin/unreal/unreal-$TAG \
--with-nick-history=2000 \
--with-sendq=3000000 \
--with-bufferpool=18 \
--with-hostname=hhdev \
--with-permissions=0600 \
--with-fd-setsize=1024 \
--enable-SSL \
--enable-dynamic-linking
I have also tried:
--enable-SSL=/usr/bin (this is where the OpenSSL command is)
and
--enable-SSL=/usr/share/lib (where the OpenSSL library is)
all with the same result.
Any suggestions???
unrealircd.conf:269: listen with SSL flag enabled on a non SSL compile
I am using this configure, which worked fine before I added the SSL line:
./configure \
--prefix=/usr/$TYPE \
--enable-hub \
--with-listen=5 \
--with-dpath=/etc/$TYPE/unreal/$TAG \
--with-spath=/usr/$TYPE/sbin/unreal/unreal-$TAG \
--with-nick-history=2000 \
--with-sendq=3000000 \
--with-bufferpool=18 \
--with-hostname=hhdev \
--with-permissions=0600 \
--with-fd-setsize=1024 \
--enable-SSL \
--enable-dynamic-linking
I have also tried:
--enable-SSL=/usr/bin (this is where the OpenSSL command is)
and
--enable-SSL=/usr/share/lib (where the OpenSSL library is)
all with the same result.
Any suggestions???
OpenSSL detective work
I don't know if this is relevant to my question, but I followed the investigation I found in one of the FAQs and got the following.
# locate libssl.so
/usr/lib/libssl.so
/lib/libssl.so.2
/lib/libssl.so.0.9.6b
# locate opensslv.h
/usr/include/openssl/opensslv.h
# grep OPENSSL_VERSION /usr/include/openssl/opensslv.h
#define OPENSSL_VERSION_NUMBER 0x0090602fL
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6b [engine] 9 Jul 2001"
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
# strings /usr/lib/libcrypto.so|grep 0.9.
OpenSSL 0.9.6b [engine] 9 Jul 2001
MD2 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
MD4 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
MD5 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
SHA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
SHA1 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RIPE-MD160 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
libdes part of OpenSSL 0.9.6b [engine] 9 Jul 2001
DES part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RC2 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RC4 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Blowfish part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CAST part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Big Number part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RSA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
DSA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Diffie-Hellman part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Stack part of OpenSSL 0.9.6b [engine] 9 Jul 2001
lhash part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RAND part of OpenSSL 0.9.6b [engine] 9 Jul 2001
EVP part of OpenSSL 0.9.6b [engine] 9 Jul 2001
ASN.1 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
PEM part of OpenSSL 0.9.6b [engine] 9 Jul 2001
X.509 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CONF part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CONF_def part of OpenSSL 0.9.6b [engine] 9 Jul 2001
TXT_DB part of OpenSSL 0.9.6b [engine] 9 Jul 2001
# locate libssl.so
/usr/lib/libssl.so
/lib/libssl.so.2
/lib/libssl.so.0.9.6b
# locate opensslv.h
/usr/include/openssl/opensslv.h
# grep OPENSSL_VERSION /usr/include/openssl/opensslv.h
#define OPENSSL_VERSION_NUMBER 0x0090602fL
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6b [engine] 9 Jul 2001"
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
# strings /usr/lib/libcrypto.so|grep 0.9.
OpenSSL 0.9.6b [engine] 9 Jul 2001
MD2 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
MD4 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
MD5 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
SHA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
SHA1 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RIPE-MD160 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
libdes part of OpenSSL 0.9.6b [engine] 9 Jul 2001
DES part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RC2 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RC4 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Blowfish part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CAST part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Big Number part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RSA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
DSA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Diffie-Hellman part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Stack part of OpenSSL 0.9.6b [engine] 9 Jul 2001
lhash part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RAND part of OpenSSL 0.9.6b [engine] 9 Jul 2001
EVP part of OpenSSL 0.9.6b [engine] 9 Jul 2001
ASN.1 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
PEM part of OpenSSL 0.9.6b [engine] 9 Jul 2001
X.509 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CONF part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CONF_def part of OpenSSL 0.9.6b [engine] 9 Jul 2001
TXT_DB part of OpenSSL 0.9.6b [engine] 9 Jul 2001
-
- Posts: 4
- Joined: Mon Apr 12, 2004 9:50 am
- Location: FRANCE
I've got the same problem as ronrudman.
I compiled an other time but there were no effect.
Note that on the end of ./configure I have done the certificate so ths ssl argument is taken.
I don't understant were is the problem.
Sorry for my poor english :s
Code: Select all
listen with SSL flag enabled on a non SSL compile
Note that on the end of ./configure I have done the certificate so ths ssl argument is taken.
I don't understant were is the problem.
Sorry for my poor english :s
Everytime you make a change in the compile-time settings by running ./Config, you also have to run make, otherwise the changes won't take effect. As you can see, the problem is that you ran ./Config to enable SSL support, however you didn't recompile the ircd. That's why your ircd doesn't work as you want.
To Hindifarai: I would advise you to read the documentation.
To ronrudman:I would advise you to read the documentation.
As codemastr said:
To ronrudman:I would advise you to read the documentation.
As codemastr said:
You're not supposed to be running ./configure to begin with. You are supposed to use ./Config.
FBSD-DEV Project
http://www.fbsd-dev.org
YatesDev Hosting
http://www.yatesdev.com
The Wrong Way
http://www.thewrongway.net
http://www.fbsd-dev.org
YatesDev Hosting
http://www.yatesdev.com
The Wrong Way
http://www.thewrongway.net
-
- Posts: 4
- Joined: Mon Apr 12, 2004 9:50 am
- Location: FRANCE
I used ./Config and then make.
And after post here I read documentation and I analyze each bloc of config.
I've verified openssl on my server.
If you have an idea about my problem or a piece of idea i would be glad to you. If you don't I will continue other tests.
I think that my english isn't correct , thanks if you read it fully.
And after post here I read documentation and I analyze each bloc of config.
I've verified openssl on my server.
If you have an idea about my problem or a piece of idea i would be glad to you. If you don't I will continue other tests.
I think that my english isn't correct , thanks if you read it fully.
-
- Posts: 4
- Joined: Mon Apr 12, 2004 9:50 am
- Location: FRANCE
Code: Select all
configure:2153: checking for openssl
configure:2171: found /usr/bin/openssl
configure:2183: result: /usr/bin/openssl
Code: Select all
configure:9509: checking for openssl
configure:9533: result: not found
configure:9535: WARNING: disabling ssl support
Actually, I DID read the documentation and I DID use ./Config. But then, I pasted the generated ./configure into a script so I could automate this without answering prompts, since I have to do this in multiple environments and want to be consistent. Mea Culpa - I didn't look at what else ./Config does: export OPENSSLPATH, make pem, etc.jewles wrote: To ronrudman:I would advise you to read the documentation.
OK, so I started completely from scratch and used ./Config (and make). It prompted me for values for a self-signed cert and generated the pem files, so this is good progress. But still, when I start the server I get the same error!
-
- Former UnrealIRCd head coder
- Posts: 811
- Joined: Sat Mar 06, 2004 8:47 pm
- Location: United States
- Contact:
Hindifarai, you're problem is it can not find where the SSL libraries are installed. You'll have to tell it when it prompts you to enter the directory.
ronrudman: Use ./Config -q (quiet mode) when you don't feel like answering the questions again. Anyway, you haven't given the config.log output. That's what we need, not an explanation of why you did what you did.
ronrudman: Use ./Config -q (quiet mode) when you don't feel like answering the questions again. Anyway, you haven't given the config.log output. That's what we need, not an explanation of why you did what you did.
-- codemastr
Let's try this again:
# grep -i ssl config.log
$ ./configure --enable-hub --enable-ssl --with-listen=5 --with-dpath=/etc/hhtest/unreal/tli --with-spath=/usr/hhtest/sbin/unreal/unreal-tli --with-nick-history=2000 --with-sendq=3000000 --with-bufferpool=18 --with-hostname=hhprod --with-permissions=0600 --with-fd-setsize=1024 --enable-dynamic-linking
configure:2153: checking for openssl
configure:2171: found /usr/bin/openssl
configure:2183: result: /usr/bin/openssl
configure:9509: checking for openssl
configure:9514: result: found in /usr/include/openssl
ac_cv_path_OPENSSLPATH=/usr/bin/openssl
#define USE_SSL 1
Also, I don't know if this is relevant, but it fails to find descrypt (because I don't have it). Is it required?
# grep -i ssl config.log
$ ./configure --enable-hub --enable-ssl --with-listen=5 --with-dpath=/etc/hhtest/unreal/tli --with-spath=/usr/hhtest/sbin/unreal/unreal-tli --with-nick-history=2000 --with-sendq=3000000 --with-bufferpool=18 --with-hostname=hhprod --with-permissions=0600 --with-fd-setsize=1024 --enable-dynamic-linking
configure:2153: checking for openssl
configure:2171: found /usr/bin/openssl
configure:2183: result: /usr/bin/openssl
configure:9509: checking for openssl
configure:9514: result: found in /usr/include/openssl
ac_cv_path_OPENSSLPATH=/usr/bin/openssl
#define USE_SSL 1
Also, I don't know if this is relevant, but it fails to find descrypt (because I don't have it). Is it required?
To ronrudman: Okay, first of what is your current operating system and version. "uname -a" What version is your openssl. "openssl version"
FBSD-DEV Project
http://www.fbsd-dev.org
YatesDev Hosting
http://www.yatesdev.com
The Wrong Way
http://www.thewrongway.net
http://www.fbsd-dev.org
YatesDev Hosting
http://www.yatesdev.com
The Wrong Way
http://www.thewrongway.net
jewles wrote:To ronrudman: Okay, first of what is your current operating system and version. "uname -a" What version is your openssl. "openssl version"
Code: Select all
[root@hhprod ~] # uname -a
Linux hhprod 2.4.18-3smp #1 SMP Thu Apr 18 07:27:31 EDT 2002 i686 unknown
[root@hhprod ~] # openssl version
OpenSSL 0.9.6b [engine] 9 Jul 2001