You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "James J. Lippard" <li...@discord.org> on 2002/09/30 19:20:51 UTC
[users@httpd] Issues with Apache 2 mod_auth_dbm w/Berkeley DB and SSL CRLs
I've been working on upgrading to Apache 2, and am stuck on two
remaining issues.
The first is user authentication. I currently use mod_auth_db (Berkeley
DBs) with Apache 1.3.26. I am configuring Apache 2 with
./configure --enable-modules="ssl auth_dbm cache proxy speling status rewrite so" --with-berkeley-db=/usr/local/lib
but when I attempt to access a password-protected directory, I get
errors like:
/usr/libexec/ld.so: Undefined symbol "_db_open" called from httpd:/usr/local/a
pache2/lib/libaprutil-0.so.9.2 at 0x401aa328
So somehow the Berkeley db library is not properly being linked.
When I posted this to comp.infosystems.www.servers.unix, I got an
emailed reply from another individual who has seen the same or a
similar issue.
I've experimented with switching to SDBM just to see if I can get
that to work, but I seem to be getting different SDBM libraries
between my user_manage script and the web server. (The former
generates .dir and .pag files; the latter says it can't find
the user file.) I'd prefer to use Berkeley DBs to keep my existing
user files, if possible.
---
My second issue is that I use X.509 client certificate authentication,
with a CRL specified. When I attempt to access any pages using client
certificate authentication, the server claims that the CRL is expired:
[Fri Sep 27 20:23:41 2002] [error] Certificate Verification: Error (12): CRL has expired
even though the CRL does not expire until October 28, 2002--a month
later.
Is this error message perhaps incorrect--maybe it's not finding the CRL,
or doesn't want to see it in PEM format? I suspect the issue is some
kind of discrepancy between the format it's in and the format desired.
I'm using the SSLCARevocationFile directive, pointing to the .pem file
that contains the CRL for my CA (i.e., it's not a bundle and I'm not
using hash symlinks in an SSLCARevocationPath).
Any assistance in resolving these two issues would be greatly appreciated.
--
Jim Lippard lippard@discord.org http://www.discord.org/
GPG Key ID: 0xF8D42CFE
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Issues with Apache 2 mod_auth_dbm w/Berkeley DB and SSL CRLs
Posted by "i.t" <i....@ithum.de>.
msg Montag, 30. September 2002 19:20 by James J. Lippard:
> /usr/libexec/ld.so: Undefined symbol "_db_open" called from
> httpd:/usr/local/a pache2/lib/libaprutil-0.so.9.2 at 0x401aa328
>
> So somehow the Berkeley db library is not properly being linked.
>
> When I posted this to comp.infosystems.www.servers.unix, I got an
> emailed reply from another individual who has seen the same or a
> similar issue.
well - with the same ./configure I'll get after make is successfully
processing sdbm:
***
»/opt/httpd-2.0.42/srclib/apr-util/dbm«
/bin/sh /opt/httpd-2.0.42/srclib/apr/libtool --silent --mode=compile gcc -g
-O2 -pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT -D_XOPEN_SOURCE=500
-D_BSD_SOURCE -D_SVID_SOURCE -D_GNU_SOURCE
-I/opt/httpd-2.0.42/srclib/apr-util/include
-I/opt/httpd-2.0.42/srclib/apr-util/include/private
-I/opt/httpd-2.0.42/srclib/apr/include -I/usr/local/lib/include
-I/opt/httpd-2.0.42/srclib/apr-util/xml/expat/lib -c apr_dbm.c && touch
apr_dbm.lo
/bin/sh /opt/httpd-2.0.42/srclib/apr/libtool --silent --mode=compile gcc -g
-O2 -pthread -DHAVE_CONFIG_H -DLINUX=2 -D_REENTRANT -D_XOPEN_SOURCE=500
-D_BSD_SOURCE -D_SVID_SOURCE -D_GNU_SOURCE
-I/opt/httpd-2.0.42/srclib/apr-util/include
-I/opt/httpd-2.0.42/srclib/apr-util/include/private
-I/opt/httpd-2.0.42/srclib/apr/include -I/usr/local/lib/include
-I/opt/httpd-2.0.42/srclib/apr-util/xml/expat/lib -c apr_dbm_berkeleydb.c &&
touch apr_dbm_berkeleydb.lo
apr_dbm_berkeleydb.c: In function `vt_db_open':
apr_dbm_berkeleydb.c:200: warning: passing arg 2 of pointer to function from
incompatible pointer type
apr_dbm_berkeleydb.c:200: warning: passing arg 4 of pointer to function makes
pointer from integer without a cast
apr_dbm_berkeleydb.c:200: too few arguments to function
***
newest Berkeley DB from sleepycat is installed; I've general problems with
apr-util compiling a static build with 2.0.42 and 2.0.43dev.
I've just running a Apache/2.0.43-dev with
mod_authn_dbm.c und mod_authz_dbm.c etc. as DSO but can't bring it to work
as a static build.
Well - for me it's only testing, if you urgently need a solution you should
consider to subscribe to different dev and testers lists, see
http://httpd.apache.org/lists.html
i.t
--
. ___
| | Irmund Thum
| |
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org