Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Cherokee: dev

Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue

 

 

Cherokee dev RSS feed   Index | Next | Previous | View Threaded


cherokee at googlecode

Feb 1, 2011, 6:38 AM

Post #1 of 9 (991 views)
Permalink
Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue

Status: New
Owner: ----

New issue 1126 by firste...@gmail.com: CentOS (and possibly RHEL) unable to
use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

What steps will reproduce the problem?
1. Install a CentOS server. Update to the latest versions of all programs
using yum.
- you will need to have at least a standard compilation environment
including gcc, make, and openssl.
2. Download, configure, and install Cherokee.
- using the curl -O http://www.cherokee-project.com/install && python
install method will suffice. You can also try the standard compile options
on the FAQ page.
- see note 1 for what happens if you compile everything staticly
3. run cherokee-admin and configure the server. Use a ssl certificate in
the config.
4. Start the server from the admin page.

What is the expected output? What do you see instead?
Expected: Server starts and supports HTTPS (ssl) connections.

What is seen instead:
Something just happened while opening a plug-in file
The operating system
reported '/opt/cherokee/lib/cherokee/libplugin_libssl.so: undefined symbol:
SSL_set_SSL_CTX' while trying to
load '/opt/cherokee/lib/cherokee/libplugin_libssl.so'.

What version of the product are you using? On what operating system?
Latest (i.e. at this time 1.0.19) on Centos (5.5)

Please provide any additional information below.
Centos appears to currently ship with OpenSSL 0.9.8e-fips-rhel 01 Jul
2008. As most everything in the system is linked against this library,
it's not a trivial thing to simply replace it. Yes, it probably will work
to compile a newer version of openSSL (which to be honest is probably the
sensible thing to do) HOWEVER that introduces some difficulties from the
standpoint of maintenance and administration.

It appears that the SSL_set_SSL_CTX routines were added in OpenSSL 1.0 .

I am unsure if this affects Redhat Enterprise Linux or not; it does NOT
affect Fedora (per pigmej in the irc channel.)

- If the server is compiled statically, the compilation will fail when it
tries to link libplugin_openssl.so against the openssl library, as it
cannot find the SSL_set_SSL_CTX reference.)

* IF the SSL_set_SSL_CTX lines are commented out, the server compiles
statically, but it does not run properly with SSL. (This is logical.)

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev


cherokee at googlecode

Apr 20, 2011, 9:13 PM

Post #2 of 9 (834 views)
Permalink
Re: Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue [In reply to]

Comment #1 on issue 1126 by da...@davidjb.com: CentOS (and possibly RHEL)
unable to use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

Confirmed to affect RHEL 5.6 with Cherokee 1.2.2 and OpenSSL 0.9.8e.

Got the same error
message: "'/opt/cherokee/lib/cherokee/libplugin_libssl.so: undefined
symbol: SSL_set_SSL_CTX' while trying to
load '/opt/cherokee/lib/cherokee/libplugin_libssl.so'"

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev


cherokee at googlecode

Apr 20, 2011, 9:37 PM

Post #3 of 9 (831 views)
Permalink
Re: Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue [In reply to]

Comment #2 on issue 1126 by da...@davidjb.com: CentOS (and possibly RHEL)
unable to use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

Confirmed to affect RHEL 5.6 with Cherokee 1.2.2 and OpenSSL 0.9.8e.

Got the same error
message: "'/opt/cherokee/lib/cherokee/libplugin_libssl.so: undefined
symbol: SSL_set_SSL_CTX' while trying to
load '/opt/cherokee/lib/cherokee/libplugin_libssl.so'"

Installed using the same method.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev


cherokee at googlecode

Jun 2, 2011, 12:35 PM

Post #4 of 9 (773 views)
Permalink
Re: Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue [In reply to]

Comment #3 on issue 1126 by a...@sheepdoginc.ca: CentOS (and possibly RHEL)
unable to use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

This appears to work for me. yum installing openssl brings in 1.0a, and
reinstalling cherokee made it work for me.

can anyone else confirm this?

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev


cherokee at googlecode

Jun 2, 2011, 4:39 PM

Post #5 of 9 (769 views)
Permalink
Re: Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue [In reply to]

Comment #4 on issue 1126 by da...@davidjb.com: CentOS (and possibly RHEL)
unable to use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

What version of CentOS/RHEL (and/or 3rd party repos) are you using?

The standard version of OpenSSL for me in RHEL 5.6 is 0.9.8e (so Cherokee
doesn't work) and in RHEL 6.1 is 1.0.0 (Cherokee does work).

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev


cherokee at googlecode

Jun 9, 2011, 11:21 PM

Post #6 of 9 (755 views)
Permalink
Re: Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue [In reply to]

Comment #5 on issue 1126 by fari...@gmail.com: CentOS (and possibly RHEL)
unable to use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

I have this problem too. But, now i can use ssl for cherokee. I have to
compile openSSL 1.0 in another directory and compile cherokee to uses that
new opensll.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev


cherokee at googlecode

Aug 12, 2011, 12:01 PM

Post #7 of 9 (600 views)
Permalink
Re: Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue [In reply to]

Comment #6 on issue 1126 by pavel.l...@gmail.com: CentOS (and possibly
RHEL) unable to use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

Today I've made packages for CentOS 5, you can try them on:

http://ftp-hk.tmapy.cz/tmapy-twist/centos/5/testing/i386/RPMS/
http://ftp-hk.tmapy.cz/tmapy-twist/centos/5/testing/x86_64/RPMS/
http://ftp-hk.tmapy.cz/tmapy-twist/centos/5/testing/SRPMS/

libplugin_libssl is built in statically with openssl-1.0.0d.

If somebody can test it, it will be great

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev


cherokee at googlecode

Sep 16, 2011, 4:37 AM

Post #8 of 9 (503 views)
Permalink
Re: Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue [In reply to]

Comment #7 on issue 1126 by pavel.l...@gmail.com: CentOS (and possibly
RHEL) unable to use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

Static build of openssl (1.0.0d) is now (cherokee - version 1.2.99) working
correctly.
Packages for Fedora and EPEL are in testing repository now, you can try
them and change karma there.

Can somebody close this bug?



_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev


cherokee at googlecode

Sep 16, 2011, 6:55 AM

Post #9 of 9 (500 views)
Permalink
Re: Issue 1126 in cherokee: CentOS (and possibly RHEL) unable to use ssl - openSSL issue [In reply to]

Updates:
Status: Fixed
Owner: alobbs
Labels: Type-Defect Priority-High OpSys-All Component-Logic

Comment #8 on issue 1126 by alobbs: CentOS (and possibly RHEL) unable to
use ssl - openSSL issue
http://code.google.com/p/cherokee/issues/detail?id=1126

Absolutely!
Thank you for the follow-up.

_______________________________________________
Cherokee-dev mailing list
Cherokee-dev [at] lists
http://lists.octality.com/listinfo/cherokee-dev

Cherokee dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.