Article delegate-en/2418 of [1-5017] on the server localhost:7119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]

Newsgroups: mail-lists.delegate-en
[DeleGate-En] Linux problems?
24 Sep 2003 15:35:38 GMT poieqbdyi-qa4rnuhlsja6.ml@delegate.org 

Dear Mr. Sato,

I am about to test delegate to use it as a "http-https" bridge, clients are
about to connect to a delegate http server, which will connect itself via
https and client certificate to a https web server.

After downloading the current stable windows release and the sslway,
*eay32.* libraries it seems to work using Windows NT 4.0 as a delegate
server.

But doing (I hope so) the same under linux it won't run (trying redhat 8.0
and suse 8.0 with same results):

downloading source code of stable release (8.7.0)
making delegated (with "make")
making sslway (with make -f Makefile.go sslway) in filters/ subdir,
(SSLEAY=/usr/lib)
compiling and linking without errors

making $HOME/delegate && $HOME/delegate/lib
copying delegated into $HOME/delegate
copying sslway & certs in $HOME/delegate/lib

starting delegated with the same settings, same certificate like under NT

-> Accessing the protected webpage results in http error 500, the delegate
log looks like

09/24 16:59:29.31 [15872] 1+1: FSV arg[0] sslway
09/24 16:59:29.31 [15872] 1+1: FSV arg[1] -vd
09/24 16:59:29.31 [15872] 1+1: FSV arg[2] -pass
09/24 16:59:29.31 [15872] 1+1: FSV arg[3] pass:asdf
09/24 16:59:29.31 [15872] 1+1: FSV arg[4] -cert
09/24 16:59:29.31 [15872] 1+1: FSV arg[5] lib/client.pem
## SSLway[15872](clientpc) start
## SSLway[15872](clientpc) certfile loaded:
/home/wps5022/delegate/lib/client.pem
## SSLway[15872](clientpc) passphrase for lib/client.pem -- OK
## SSLway[15872](clientpc) keyfile loaded:
/home/wps5022/delegate/lib/client.pem
09/24 16:59:29.32 [15871] 1+1: FSV CFI_STAT fopen(00/000000X)
09/24 16:59:29.32 [15871] 1+1: >> CFI/1.0 100 start^M
## SSLway[15872](clientpc) connected
## SSLway[15872](clientpc) server's cert. = **subject
<</C=DE/ST=Hessen/L=Frankfurt/O=dwpbank
AG/OU=ITTOS/CN=webserver/Email=roger.hohmann@dwpbank..de>> **issuer
<</C=DE/ST=Hessen/L=Frankfurt/O=dwpbank
AG/OU=ITTOS/CN=webserver/Email=roger.hohmann@dwpbank..de>>
09/24 16:59:29.53 [15871] 1+1: >> CFI/1.0 200-
Ident:roger.hohmann@dwpbank..de^M
09/24 16:59:29.53 [15871] 1+1: ## server ident: roger.hohmann@dwpbank..de
09/24 16:59:29.53 [15871] 1+1: ##[FSV] set ServerAuth
[roger.hohmann@dwpbank..de]
09/24 16:59:29.53 [15871] 1+1: >> CFI/1.0 200
Certificate:/C=DE/ST=Hessen/L=Frankfurt/O=dwpbank
AG/OU=ITTOS/CN=webserver/Email=roger.hohmann@dwpbank..de///C=DE/ST=Hessen/L=Frankfurt/O=dwpbank

AG/OU=ITTOS/CN=webserver/Email=roger.hohmann@dwpbank..de^M
09/24 16:59:29.54 [15871] 1+1: HTTP => (ntw14036:443) GET / HTTP/1.1^M
09/24 16:59:29.55 [15871] 1+1: KeepAlive[15] = 1
09/24 16:59:29.55 [15871] 1+1: #CEsv THRU Accept-Encoding:gzip, deflate
09/24 16:59:29.55 [15871] 1+1: HTTP relayed request 278head
## SSLway[15872](clientpc) C-S: 314/314 -> 314/SSL
## SSLway[15872](clientpc) done
09/24 16:59:29.76 [15871] 1+1: #CEcl disable chunk for Content-Encoding
09/24 16:59:29.76 [15871] 1+1: PollIn.POLLHUP (15) errno=0
09/24 16:59:29.76 [15871] 1+1: HTTP realy_response: EOF at start
09/24 16:59:29.76 [15871] 1+1: relay_response()=-10001, cache=0, httpStat=P
DontTruncate=0
09/24 16:59:29.76 [15871] 1+1: #HT11 EOF from the server
09/24 16:59:29.76 [15871] 1+1: #HT11 close svsokcs[23,24]
09/24 16:59:29.76 [15871] 1+1/1: HCKA:[1] KeepAlive: GET P =>1
09/24 16:59:29.76 [15871] 1+1/1: HCKA:[1] closed -- ?
09/24 16:59:29.76 [15871] 1+1/1: LINGER: [25] 30 8{1,30}
09/24 16:59:29.76 [15871] 1+1/1:
dirfopen(/home/wps5022/delegate/act/clients/28/149.67.10.91:clientpc,r+):
8191730 [15]
09/24 16:59:29.76 [15871] 1+1/1: disconnected [25]
-@[149.67.10.91]clientpc:1552 (0.470s)(0)
09/24 16:59:29.76 [15871] 1+1/1: FSV CFI_STAT fclose(20/0000000)
X
09/24 16:59:29.76 [15871] 1+1/1: CFI process [15872] done (1/1 AFT-0)
09/24 16:59:29.77 [15871] 1+1: StickyServer done
[nonStickyProtocol(http:https:https)] 1 req / 1 conn / 0 sec

the corresponding NT log entries:

09/24 16:55:47.94 [599] 1+0: FSV arg[0] sslway
09/24 16:55:47.94 [599] 1+0: FSV arg[1] -vd
09/24 16:55:47.94 [599] 1+0: FSV arg[2] -pass
09/24 16:55:47.94 [599] 1+0: FSV arg[3] pass:asdf
09/24 16:55:47.94 [599] 1+0: FSV arg[4] -cert
09/24 16:55:47.94 [599] 1+0: FSV arg[5] .\client.pem
09/24 16:55:47.94 [664] 2+0: ### [0] c:\httpd\perl\bin\gzip 0
.. searching for gunzip, no success ..
09/24 16:55:47.97 [664] 2+0: ### [4] C:\WINNT\system32\gunzip 0
09/24 16:55:47.97 [664] 2+0: ### [5] C:\WINNT\gunzip 0
09/24 16:55:47.97 [664] 2+0: ### [6] C:\Programme\Microsoft
Office\Office\gunzip 0
(WIN) 55:47 [599] spawn() = 340 [670], children(alive=1,total=1)
(WIN) 55:47 [599] wait(0) = ...
## SSLway[670](localhost) start
## SSLway[670](localhost) certfile loaded: C:\roger\delegate/.\client.pem
## SSLway[670](localhost) passphrase for .\client.pem -- OK
## SSLway[670](localhost) keyfile loaded: C:\roger\delegate/.\client.pem
## SSLway[670](localhost) connected
## SSLway[670](localhost) server's cert. = **subject
<</C=DE/ST=Hessen/L=Frankfurt/O=dwpbank
AG/OU=ITTOS/CN=webserver/Email=roger.hohmann@dwpbank..de>> **issuer
<</C=DE/ST=Hessen/L=Frankfurt/O=dwpbank
AG/OU=ITTOS/CN=webserver/Email=roger.hohmann@dwpbank..de>>
## SSLway[670](localhost) C-S: 354/354 -> 354/SSL
## SSLway[670](localhost) S-C: 2865/2865 -> 2865
## SSLway[670](localhost) C-S: 247/247 -> 247/SSL
## SSLway[670](localhost) S-C: 1688/1688 -> 1688
## SSLway[670](localhost) done
.1.7\bin\gunzip.exe 0

It seems to me that there is something wrong with the ssl connect under
linux, but I can't find my error..

With kindest regards

Roger Hohmann
DeutscheWertpapierService Bank AG
Department: ITTOS
Völklinger Straße 4
D - 40219 Düsseldorf
Tel.: +49 000 000 000f
Fax: +49 211 826  4015
EMail: roger.hohmann@dwpbank..de





Diese Nachricht ist vertraulich. Sie ist ausschliesslich fuer
den im Adressfeld ausgewiesenen Adressaten bestimmt.
Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir um eine kurze Nachricht. Jede unbefugte Weiterleitung
oder Fertigung einer Kopie ist unzulaessig. Da wir nicht die
Echtheit oder Vollstaendigkeit der in dieser Nachricht
enthaltenen Informationen garantieren koennen, schliessen wir
die rechtliche Verbindlichkeit der vorstehenden Erklaerungen
und Aeusserungen aus. Wir verweisen in diesem Zusammenhang
auch auf die  fuer die Bank geltenden Regelungen ueber die
Verbindlichkeit von Willenserklaerungen mit verpflichtendem
Inhalt, die in den bankueblichen Unterschriftenverzeichnissen
bekannt gemacht werden.

This message is confidential and may be privileged. It is
intended solely for the named  addressee. If you are not the
intended recipient please inform us. Any unauthorised
dissemination, distribution or copying hereof is prohibited.
As we cannot guarantee the  genuineness or completeness of
the information contained in this message, the statements
set forth above are not legally binding. In connection
therewith, we also refer to the governing regulations of
the bank concerning signatory authority published in the
standard bank signature lists with regard to the legally
binding effect of statements made with the intent to
obligate the bank.
  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V