Re: problem with apache-dynamic engine support - modssl

This is a discussion on Re: problem with apache-dynamic engine support - modssl ; Are you doing this? SSLCryptoDevice dynamic SSLCryptoDeviceCtrl SO_PATH: SSLCryptoDeviceCtrl ID: SSLCryptoDeviceCtrl LOAD What errors are you getting (my guess would be a problem with SO_PATH)? How are you building mod_ssl (static or shared)? Make sure you build it shared and ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Re: problem with apache-dynamic engine support

  1. Re: problem with apache-dynamic engine support

    Are you doing this?

    SSLCryptoDevice dynamic
    SSLCryptoDeviceCtrl SO_PATH:
    SSLCryptoDeviceCtrl ID:
    SSLCryptoDeviceCtrl LOAD

    What errors are you getting (my guess would be a problem with SO_PATH)?
    How are you building mod_ssl (static or shared)?

    Make sure you build it shared and it should work. If you need it
    static you will need to tweak Geoff's patch to get it to work.

    Of course all of my experience was on FreeBSD, not sure if the same
    problems apply to Linux.

    Brian

    On Jun 29, 2005, at 6:59 AM, sriramamohan gadam wrote:
    > Currently i am working for adding engine support to
    > openssl.
    >
    > we need to make this engine support dynamic.
    >
    > i am using openssl-0.9.7d and mod_ssl-2.8.14 and apche
    > 1.3.27.
    >
    > I had applied the patch that has been given by geoff
    > thorpe mod_ssl-2.8.4-1.3.20-control.diff
    >
    > This is working fine in FreeBSD. But the same thing is
    > not working in case of linux.
    >
    > If anybody can help on this that would be grate.
    >
    > Thanks
    >
    >
    > Sriram
    >
    >
    >
    > __________________________________
    > Discover Yahoo!
    > Get on-the-go sports scores, stock quotes, news and more. Check it out!
    > http://discover.yahoo.com/mobile.html
    > __________________________________________________ ____________________
    > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
    > User Support Mailing List modssl-users@modssl.org
    > Automated List Manager majordomo@modssl.org
    >


    __________________________________________________ ____________________
    Apache Interface to OpenSSL (mod_ssl) www.modssl.org
    User Support Mailing List modssl-users@modssl.org
    Automated List Manager majordomo@modssl.org

  2. Re: problem with apache-dynamic engine support

    hi Brian,

    Thanks.

    iam configuring mod_ssl after pacthing, using the command
    ../configure --with-apache= --with-ssl=
    --enable-rule= SSL_EXPERIMENTAL

    after this i am configuring apache

    CFLAGS="-DSSL_EXPERIMENTAL_ENGINE -DSSL_ENGINE" ./configure
    --enable-module=ssl --enable-shared=ssl


    After the investigation through the problem, i figured out that there
    is a slight difference b/w freebsd and linux.

    in apache it will run two processes initially.


    In apache when it is scanning through the httpd.conf it will save
    commands
    SO_PATH, ID, LOAD
    into one table which is part of libssl.so

    In case of freebsd

    Parent opens libssl.so and makes one reference to it. afterwards as
    part of LOAD command it opens engine shared library specified by
    SO_PATH

    then it forks one process and detaches it self.

    In child it will first closes libssl.so in ap_os_dso_unload as part of
    cleanups.

    Then again it opens in ap_os_dso_load. so all the variable in child are
    reset back to initial values.
    Then it opens engine library . This is working fine



    Now in case of Linux

    when the parent opens engine library it is making one more reference to
    libssl.so, it has now two references.
    When the child unload ssl library it is decrementing reference count of
    ssl library by 1. still one reference is there, it does not unload
    completely.

    So all the variables are inherited from the parent. when child scans
    the httpd.cong, it is adding SO_PATH,ID, LOAD as new commands to
    already existing table, which has three entries inherited from the
    parent. in this case
    total entries are now 6.
    Then child executes first three commands successfully.
    when child trying to execute 4th command which is SO_PATH, it is
    getting failed.

    I hope i have given enough info.


    Thanks

    Sriram


+ Reply to Thread