UnrealIRCd Forums

I'm trying to get SSL working but get the following error when I try to start the server:

unrealircd.conf:269: listen with SSL flag enabled on a non SSL compile

I am using this configure, which worked fine before I added the SSL line:

./configure \
--prefix=/usr/$TYPE \
--enable-hub \
--with-listen=5 \
--with-dpath=/etc/$TYPE/unreal/$TAG \
--with-spath=/usr/$TYPE/sbin/unreal/unreal-$TAG \
--with-nick-history=2000 \
--with-sendq=3000000 \
--with-bufferpool=18 \
--with-hostname=hhdev \
--with-permissions=0600 \
--with-fd-setsize=1024 \
--enable-SSL \
--enable-dynamic-linking

I have also tried:
--enable-SSL=/usr/bin (this is where the OpenSSL command is)
and
--enable-SSL=/usr/share/lib (where the OpenSSL library is)

all with the same result.

Any suggestions???

I don't know if this is relevant to my question, but I followed the investigation I found in one of the FAQs and got the following.

# locate libssl.so
/usr/lib/libssl.so
/lib/libssl.so.2
/lib/libssl.so.0.9.6b


# locate opensslv.h
/usr/include/openssl/opensslv.h


# grep OPENSSL_VERSION /usr/include/openssl/opensslv.h
#define OPENSSL_VERSION_NUMBER 0x0090602fL
#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.6b [engine] 9 Jul 2001"
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

# strings /usr/lib/libcrypto.so|grep 0.9.
OpenSSL 0.9.6b [engine] 9 Jul 2001
MD2 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
MD4 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
MD5 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
SHA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
SHA1 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RIPE-MD160 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
libdes part of OpenSSL 0.9.6b [engine] 9 Jul 2001
DES part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RC2 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RC4 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Blowfish part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CAST part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Big Number part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RSA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
DSA part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Diffie-Hellman part of OpenSSL 0.9.6b [engine] 9 Jul 2001
Stack part of OpenSSL 0.9.6b [engine] 9 Jul 2001
lhash part of OpenSSL 0.9.6b [engine] 9 Jul 2001
RAND part of OpenSSL 0.9.6b [engine] 9 Jul 2001
EVP part of OpenSSL 0.9.6b [engine] 9 Jul 2001
ASN.1 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
PEM part of OpenSSL 0.9.6b [engine] 9 Jul 2001
X.509 part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CONF part of OpenSSL 0.9.6b [engine] 9 Jul 2001
CONF_def part of OpenSSL 0.9.6b [engine] 9 Jul 2001
TXT_DB part of OpenSSL 0.9.6b [engine] 9 Jul 2001

You're not supposed to be running ./configure to begin with. You are supposed to use ./Config.

I've got the same problem as ronrudman.
I compiled an other time but there were no effect.
Note that on the end of ./configure I have done the certificate so ths ssl argument is taken.

I don't understant were is the problem.

Sorry for my poor english :s

Everytime you make a change in the compile-time settings by running ./Config, you also have to run make, otherwise the changes won't take effect. As you can see, the problem is that you ran ./Config to enable SSL support, however you didn't recompile the ircd. That's why your ircd doesn't work as you want.

To Hindifarai: I would advise you to read the documentation.

To ronrudman:I would advise you to read the documentation.

As codemastr said:

You're not supposed to be running ./configure to begin with. You are supposed to use ./Config.

I used ./Config and then make.
And after post here I read documentation and I analyze each bloc of config.
I've verified openssl on my server.

If you have an idea about my problem or a piece of idea i would be glad to you. If you don't I will continue other tests.

I think that my english isn't correct , thanks if you read it fully.

open config.log and paste all lines that mention ssl (case insensitive)

jewles wrote: To ronrudman:I would advise you to read the documentation.

Actually, I DID read the documentation and I DID use ./Config. But then, I pasted the generated ./configure into a script so I could automate this without answering prompts, since I have to do this in multiple environments and want to be consistent. Mea Culpa - I didn't look at what else ./Config does: export OPENSSLPATH, make pem, etc.

OK, so I started completely from scratch and used ./Config (and make). It prompted me for values for a self-signed cert and generated the pem files, so this is good progress. But still, when I start the server I get the same error!

Hindifarai, you're problem is it can not find where the SSL libraries are installed. You'll have to tell it when it prompts you to enter the directory.

ronrudman: Use ./Config -q (quiet mode) when you don't feel like answering the questions again. Anyway, you haven't given the config.log output. That's what we need, not an explanation of why you did what you did.

Here is the config.log output...

*moderator:
Please actually read what I told you to do. I never said include the whole file. I asked you to do exactly what Hindifarai did.

Let's try this again:

# grep -i ssl config.log
$ ./configure --enable-hub --enable-ssl --with-listen=5 --with-dpath=/etc/hhtest/unreal/tli --with-spath=/usr/hhtest/sbin/unreal/unreal-tli --with-nick-history=2000 --with-sendq=3000000 --with-bufferpool=18 --with-hostname=hhprod --with-permissions=0600 --with-fd-setsize=1024 --enable-dynamic-linking
configure:2153: checking for openssl
configure:2171: found /usr/bin/openssl
configure:2183: result: /usr/bin/openssl
configure:9509: checking for openssl
configure:9514: result: found in /usr/include/openssl
ac_cv_path_OPENSSLPATH=/usr/bin/openssl
#define USE_SSL 1


Also, I don't know if this is relevant, but it fails to find descrypt (because I don't have it). Is it required?

To ronrudman: Okay, first of what is your current operating system and version. "uname -a" What version is your openssl. "openssl version"

jewles wrote:To ronrudman: Okay, first of what is your current operating system and version. "uname -a" What version is your openssl. "openssl version"