You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Griff Hamlin <ha...@ns3.accelenet.net> on 2000/07/09 02:32:06 UTC

mod_perl and Raven

To: modperl@apache.org
From: hamlin@accelenet.net
Subject : mod_perl and Raven


I can build Apache 1.3.12 with either mod_perl-1.24 or with Raven-1.5, but 
not both at once.  I'm using an "evaluation" version of Raven to insure 
it works before I buy it. The details of my installation and my problem 
are given below.

Does anyone have any ideas about this problem? 
Thanks in advance.

I installed Raven, mod_perl, and apache by following the instructions in
the mod_perl installation guide (http://perl.apache.org/guide/install.html),
in the section titled "static mod_perl and dynamic Raven SSL Installation".
I noticed two things in the installation guide that might be mis-prints
or out-of-date:
1. Step 3 says to run /usr/local/raven/bin/ravenctl. When I run this program
   it gives a menu containing choices about generating digital certificates.
   I must run /usr/local/raven/bin/raven_admin_tls in order to "export
   Raven sources".
2. Step 5 says to use APACHE_SRC=/path/to/apacahe_x.x.x. I must
   use APACHE_SRC=/path/to/apache_x.x.x/src in order not to get errors.
Perhaps the above 2 items indicate I've already made some mistake.

I'm running on a Red-Hat 6.2 Linux.
The specific commands I use to build everything are:
1) Un-tar mod_perl-1.24, apache_1.3.12, and raven_ssl-1.5.0 into 3 separate 
   directories.

2) cd /usr/local/raven_ssl-1.5.0
   ./setup (answer question specifying don't install included Apache).

3) Copy raven module to apache source directory:
   /usr/local/raven/bin/raven_admin_tls 
       (select 'export raven sources (to /usr/local/apache_1.3.12)

4): Generate a test certificate:
     /usr/local/raven/bin/ravenctl and "self sign cert". THen "install cert".

5) Build mod_perl:
    cd /usr/local/mod_perl-1.24
    perl Makefile.PL APACHE_PREFIX=/usr/local/apache_raven \
    APACHE_SRC=/usr/local/apache_1.3.12/src \
    EVERYTHING=1 USE_APACI=1 PREP_HTTPD=1 DO_HTTPD=1
    make ; make install

6)  build apache httpsd:
   cd /usr/local/apache_1.3.12
   ./configure --target=httpsd
        --prefix=/usr/local/apache_raven \
        --enable-module=most \
        --enable-shared=max \
        --suexec-logfile=logs/suexec.log \
        --activate-module=src/modules/perl/libperl.a
   make
   make isntall

7) I'm not sure why I must do the following: 
   mkdir /usr/local/apache_raven/logs/safe

8) start Apache:
   /usr/local/apache_raven/bin/httpsdctl startssl

If I leave out step 5 above (mod_perl), the resulting Apache with only
Raven works fine.

However, after building Apache with both mod_perl and Raven, I get an error
message when I try to display a web-page on my browser. The log file
/usr/local/apache_raven/logs/raven_ssl_log contains the following error 
messages:

[08/Jul/2000 14:52:53 31976] [info]  Init: Configuring server griff.accelenet.net:443 for SSL protocol
[08/Jul/2000 14:52:53 31976] [warn]  Init: (griff.accelenet.net:443) RSA server certificate CommonName (CN) `raven_ssl.evaluation' does NOT match server name.
[08/Jul/2000 14:53:05 31977] [info]  Connection to child 0 established (server griff.accelenet.net:443)
[08/Jul/2000 14:53:05 31977] [info]  Seeding PRNG with 1160 bytes of entropy
[08/Jul/2000 14:53:05 31977] [error] SSL handshake failed (server griff.accelenet.net:443, client 24.130.13.168) (RavenSSL library error follows)
[08/Jul/2000 14:53:05 31977] [error] RavenSSL: error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02
[08/Jul/2000 14:53:05 31977] [error] RavenSSL: error:04064072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed
[08/Jul/2000 14:53:05 31977] [error] RavenSSL: error:14086081:SSL routines:SSL3_ENC:block cipher pad is wrong
[08/Jul/2000 14:53:11 31981] [info]  Connection to child 4 established (server griff.accelenet.net:443)
[08/Jul/2000 14:53:11 31981] [info]  Seeding PRNG with 1160 bytes of entropy
[08/Jul/2000 14:53:11 31981] [error] SSL handshake failed (server griff.accelenet.net:443, client 24.130.13.168) (RavenSSL library error follows)
[08/Jul/2000 14:53:11 31981] [error] RavenSSL: error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02

Griff Hamlin
hamlin@accelenet.net