Net::SSLeay fails in mod_perl 1.29 - works from the shell

[David Oberlitner <ta...@cyberport.net>]

Hi,

The following code:

  use Net::SSLeay qw(post_https make_form);
  my ($page, $response, %reply_headers) = post_https('ssl.aspidon.net', 
443, '/test.html', '', make_form(var1 => 'one', var2 => 'two' ));
  print "$response\n";

When executed in mod_perl yields this error:

  response : HTTP/1.0 900 NET OR SSL ERROR

  SSL_connect 8810: 1 - error:140D308A:SSL 
routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable

When executed from a shell it works.

I found an identical problem statement in the mod_perl archives but no 
solution noted.
A few things I have tried:

 o Modified nobody's %ENV with the successful shell user's %ENV
 o Compiled from source: mod_perl-1.29, apache_1.3.33, openssl-0.9.7e, 
Net_SSLeay.pm-1.25
 o Tested on x86 Linux and sparc Linux platforms with similar 
configurations and identical results

Any pointers or suggestions?

Thanks,

David

-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: Net::SSLeay fails in mod_perl 1.29 - works from the shell

[David Oberlitner <ta...@cyberport.net>]

Perrin Harkins wrote:

>On Sun, 2004-11-28 at 23:19 -0700, David Oberlitner wrote:
>  
>
>>Hi,
>>
>>The following code:
>>
>>  use Net::SSLeay qw(post_https make_form);
>>  my ($page, $response, %reply_headers) = post_https('ssl.aspidon.net', 
>>443, '/test.html', '', make_form(var1 => 'one', var2 => 'two' ));
>>  print "$response\n";
>>
>>When executed in mod_perl yields this error:
>>
>>  response : HTTP/1.0 900 NET OR SSL ERROR
>>
>>  SSL_connect 8810: 1 - error:140D308A:SSL 
>>routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable
>>
>>When executed from a shell it works.
>>    
>>
>
>Usually this means there is an issue with environment, user permissions,
>or different versions of libraries or Perl executables.
>
>  
>
>>A few things I have tried:
>>
>> o Modified nobody's %ENV with the successful shell user's %ENV
>> o Compiled from source: mod_perl-1.29, apache_1.3.33, openssl-0.9.7e, 
>>Net_SSLeay.pm-1.25
>> o Tested on x86 Linux and sparc Linux platforms with similar 
>>configurations and identical results
>>    
>>
>
>Those are all good ideas.  I would also suggest verifying that the perl
>binary is the same from command-line as it is from mod_perl.  You could
>try becoming the user who you run mod_perl as (typically "nobody") and
>running the command-line version to see if it breaks from permissions.
>
>- Perrin
>  
>
Perrin,

Thank you for your reply and suggestions.

I granted user nobody a bash shell via /etc/passwd and executed "su - 
noboby".  Then executed the test script with success. In a second 
attempt I reinitialized the %ENV in the shell script one for one from 
the mod_perl %ENV output and still had success in the shell as user nobody.

"Perl -V" from both environments yielded zero differences. I can only 
find a single perl binary on the system "/usr/bin/perl -> perl5.8.4".

I have implemented LWP's HTTPS post functionality with succes. For now 
this is a necessary workaround. I will respond to the list if I ever 
find the source of my problem.

Thank you again.

David




-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html

Re: Net::SSLeay fails in mod_perl 1.29 - works from the shell

[Perrin Harkins <pe...@elem.com>]

On Sun, 2004-11-28 at 23:19 -0700, David Oberlitner wrote:
> Hi,
> 
> The following code:
> 
>   use Net::SSLeay qw(post_https make_form);
>   my ($page, $response, %reply_headers) = post_https('ssl.aspidon.net', 
> 443, '/test.html', '', make_form(var1 => 'one', var2 => 'two' ));
>   print "$response\n";
> 
> When executed in mod_perl yields this error:
> 
>   response : HTTP/1.0 900 NET OR SSL ERROR
> 
>   SSL_connect 8810: 1 - error:140D308A:SSL 
> routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable
> 
> When executed from a shell it works.

Usually this means there is an issue with environment, user permissions,
or different versions of libraries or Perl executables.

> A few things I have tried:
> 
>  o Modified nobody's %ENV with the successful shell user's %ENV
>  o Compiled from source: mod_perl-1.29, apache_1.3.33, openssl-0.9.7e, 
> Net_SSLeay.pm-1.25
>  o Tested on x86 Linux and sparc Linux platforms with similar 
> configurations and identical results

Those are all good ideas.  I would also suggest verifying that the perl
binary is the same from command-line as it is from mod_perl.  You could
try becoming the user who you run mod_perl as (typically "nobody") and
running the command-line version to see if it breaks from permissions.

- Perrin


-- 
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html