You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Lenkov, Alexandr" <al...@mera.ru> on 2013/01/16 15:54:39 UTC
tomcat and openssl issue
Hello,
I am having an issue with loading libeay32.dll in tomcat process (Windows XP, Windows 7). It needs to be loaded at 0xFB00000 address (FIPS requirement). But I get a "Attempt to access invalid address" error. This library can be loaded by other processes correctly. Issue only with tomcat. Are there any restrictions on DLL Base address for tomcat process? How can I change it?
Tomcat version is 6.0.36 (also happens on 6.0.32).
Also the openssl version shown in the logs seems to be wrong:
2013-01-16 13:37:04,319 INFO [org.apache.catalina.core.AprLifecycleListener] OpenSSL successfully initialized with version OpenSSL 1.0.0g 18 Jan 2012
I am using 0.9.8x
Thank you.
Alex.
Re: tomcat and openssl issue
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Alexandr,
On 1/16/13 10:21 AM, Lenkov, Alexandr wrote:
> Thank you. Looks like my description was not clear. My web
> application uses a dll (in C++) which uses openssl in FIPS mode.
> So it is different from native library.
>
> If I create libeay32.dll without /FIXED linker option then it may
> be loaded (at different address) and works. When I use /FIXED it
> cannot be loaded at 0xFB00000.
You said that this DDL "can be loaded by other processes correctly".
Have you tried it from a Java process, or only from C++ client code?
I'm fairly sure Tomcat does nothing to restrict you from loading DDLs
however you want, but the JVM can certainly do that kind of thing.
> Also the openssl version shown in the logs seems to be wrong:
>
> 2013-01-16 13:37:04,319 INFO
> [org.apache.catalina.core.AprLifecycleListener] OpenSSL
> successfully initialized with version OpenSSL 1.0.0g 18 Jan 2012
So you are trying to use Tomcat's APR/native library *and* your own
version of OpenSSL at the same time? What happens if you disable the
AprLifecycleListener to avoid loading APR/native?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEAREIAAYFAlD2yW0ACgkQ9CaO5/Lv0PDZOQCfbAZNwpcwz92LoWyU3FKS8CWT
l9YAnR7Q75mJ7mvgsyh2dOKz3rdTNwA8
=d2c2
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: tomcat and openssl issue
Posted by "Lenkov, Alexandr" <al...@mera.ru>.
Thank you. Looks like my description was not clear. My web application uses a dll (in C++) which uses openssl in FIPS mode. So it is different from native library.
If I create libeay32.dll without /FIXED linker option then it may be loaded (at different address) and works. When I use /FIXED it cannot be loaded at 0xFB00000.
-----Original Message-----
From: Mark Thomas [mailto:markt@apache.org]
Sent: Wednesday, January 16, 2013 7:03 PM
To: Tomcat Users List
Subject: Re: tomcat and openssl issue
On 16/01/2013 14:54, Lenkov, Alexandr wrote:
> Hello,
>
> I am having an issue with loading libeay32.dll in tomcat process (Windows XP, Windows 7). It needs to be loaded at 0xFB00000 address (FIPS requirement). But I get a "Attempt to access invalid address" error. This library can be loaded by other processes correctly. Issue only with tomcat. Are there any restrictions on DLL Base address for tomcat process? How can I change it?
>
> Tomcat version is 6.0.36 (also happens on 6.0.32).
>
> Also the openssl version shown in the logs seems to be wrong:
>
> 2013-01-16 13:37:04,319 INFO
> [org.apache.catalina.core.AprLifecycleListener] OpenSSL successfully
> initialized with version OpenSSL 1.0.0g 18 Jan 2012
>
> I am using 0.9.8x
The native library for Windows provided in the downloads statically links a specific version of OpenSSL.
You'll need to recompile the native library for dynamic linking. You'll also need to fix any errors that arise from using an older version of OpenSSL.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: tomcat and openssl issue
Posted by Mark Thomas <ma...@apache.org>.
On 16/01/2013 14:54, Lenkov, Alexandr wrote:
> Hello,
>
> I am having an issue with loading libeay32.dll in tomcat process (Windows XP, Windows 7). It needs to be loaded at 0xFB00000 address (FIPS requirement). But I get a "Attempt to access invalid address" error. This library can be loaded by other processes correctly. Issue only with tomcat. Are there any restrictions on DLL Base address for tomcat process? How can I change it?
>
> Tomcat version is 6.0.36 (also happens on 6.0.32).
>
> Also the openssl version shown in the logs seems to be wrong:
>
> 2013-01-16 13:37:04,319 INFO [org.apache.catalina.core.AprLifecycleListener] OpenSSL successfully initialized with version OpenSSL 1.0.0g 18 Jan 2012
>
> I am using 0.9.8x
The native library for Windows provided in the downloads statically
links a specific version of OpenSSL.
You'll need to recompile the native library for dynamic linking. You'll
also need to fix any errors that arise from using an older version of
OpenSSL.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org