You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by David Oberlitner <ta...@cyberport.net> on 2004/11/29 07:19:41 UTC
Net::SSLeay fails in mod_perl 1.29 - works from the shell
Hi,
The following code:
use Net::SSLeay qw(post_https make_form);
my ($page, $response, %reply_headers) = post_https('ssl.aspidon.net',
443, '/test.html', '', make_form(var1 => 'one', var2 => 'two' ));
print "$response\n";
When executed in mod_perl yields this error:
response : HTTP/1.0 900 NET OR SSL ERROR
SSL_connect 8810: 1 - error:140D308A:SSL
routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable
When executed from a shell it works.
I found an identical problem statement in the mod_perl archives but no
solution noted.
A few things I have tried:
o Modified nobody's %ENV with the successful shell user's %ENV
o Compiled from source: mod_perl-1.29, apache_1.3.33, openssl-0.9.7e,
Net_SSLeay.pm-1.25
o Tested on x86 Linux and sparc Linux platforms with similar
configurations and identical results
Any pointers or suggestions?
Thanks,
David
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Net::SSLeay fails in mod_perl 1.29 - works from the shell
Posted by David Oberlitner <ta...@cyberport.net>.
Perrin Harkins wrote:
>On Sun, 2004-11-28 at 23:19 -0700, David Oberlitner wrote:
>
>
>>Hi,
>>
>>The following code:
>>
>> use Net::SSLeay qw(post_https make_form);
>> my ($page, $response, %reply_headers) = post_https('ssl.aspidon.net',
>>443, '/test.html', '', make_form(var1 => 'one', var2 => 'two' ));
>> print "$response\n";
>>
>>When executed in mod_perl yields this error:
>>
>> response : HTTP/1.0 900 NET OR SSL ERROR
>>
>> SSL_connect 8810: 1 - error:140D308A:SSL
>>routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable
>>
>>When executed from a shell it works.
>>
>>
>
>Usually this means there is an issue with environment, user permissions,
>or different versions of libraries or Perl executables.
>
>
>
>>A few things I have tried:
>>
>> o Modified nobody's %ENV with the successful shell user's %ENV
>> o Compiled from source: mod_perl-1.29, apache_1.3.33, openssl-0.9.7e,
>>Net_SSLeay.pm-1.25
>> o Tested on x86 Linux and sparc Linux platforms with similar
>>configurations and identical results
>>
>>
>
>Those are all good ideas. I would also suggest verifying that the perl
>binary is the same from command-line as it is from mod_perl. You could
>try becoming the user who you run mod_perl as (typically "nobody") and
>running the command-line version to see if it breaks from permissions.
>
>- Perrin
>
>
Perrin,
Thank you for your reply and suggestions.
I granted user nobody a bash shell via /etc/passwd and executed "su -
noboby". Then executed the test script with success. In a second
attempt I reinitialized the %ENV in the shell script one for one from
the mod_perl %ENV output and still had success in the shell as user nobody.
"Perl -V" from both environments yielded zero differences. I can only
find a single perl binary on the system "/usr/bin/perl -> perl5.8.4".
I have implemented LWP's HTTPS post functionality with succes. For now
this is a necessary workaround. I will respond to the list if I ever
find the source of my problem.
Thank you again.
David
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html
Re: Net::SSLeay fails in mod_perl 1.29 - works from the shell
Posted by Perrin Harkins <pe...@elem.com>.
On Sun, 2004-11-28 at 23:19 -0700, David Oberlitner wrote:
> Hi,
>
> The following code:
>
> use Net::SSLeay qw(post_https make_form);
> my ($page, $response, %reply_headers) = post_https('ssl.aspidon.net',
> 443, '/test.html', '', make_form(var1 => 'one', var2 => 'two' ));
> print "$response\n";
>
> When executed in mod_perl yields this error:
>
> response : HTTP/1.0 900 NET OR SSL ERROR
>
> SSL_connect 8810: 1 - error:140D308A:SSL
> routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable
>
> When executed from a shell it works.
Usually this means there is an issue with environment, user permissions,
or different versions of libraries or Perl executables.
> A few things I have tried:
>
> o Modified nobody's %ENV with the successful shell user's %ENV
> o Compiled from source: mod_perl-1.29, apache_1.3.33, openssl-0.9.7e,
> Net_SSLeay.pm-1.25
> o Tested on x86 Linux and sparc Linux platforms with similar
> configurations and identical results
Those are all good ideas. I would also suggest verifying that the perl
binary is the same from command-line as it is from mod_perl. You could
try becoming the user who you run mod_perl as (typically "nobody") and
running the command-line version to see if it breaks from permissions.
- Perrin
--
Report problems: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html