Re: [naviserver-devel] No notifications with webpush::send

[Gustaf N. <ne...@wu...>]

On 09.12.21 09:33, Wolfgang Winkler via naviserver-devel wrote:
>
> We are using 1.1.1d on our production server, which is a debian buster.
>
> bytes {} tag 1e58277931d45f4c593cffbf291b39b7

i can confirm, that with Debian GNU/Linux 10 (buster) and OpenSSL 1.1.1d 
bytes are empty.

With e.g. Rocky Linux release 8.4 (one successor of CentOS, also 
conservative), with e.g. 1.1.1g, everything is fine.


> I've tried to use 1.1.1k on buster. I installed it with
>
> ./config --prefix=/usr/local/openssl && make && make install
>
> and compiled naviserver with
>
> ./configure 
> --enable-64bit=true--prefix=/usr/local/naviserver-git--with-openssl=/usr/local/openssl--with-tcl=/usr/local/lib/--enable-threads
>
> But naviserver still uses the packaged openssl version:
> # ldd nsd/nsd
> libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1


There is something starnge  on Buster concerning libraries. I have
downloaded newest openssl from git, configured + make install, and 
configured
Naviserver as usual

$ ./configure --enable-64bit -prefix=/usr/local/ns --with-openssl=/usr/local/

but was surprised that it the version was not picked up for loading.
After brutally linking the files, everything was fine.

So, there seems to be some load-path that has to be configured for Buster,
but I am not an expert (and have not time to investigate deeper).

But with this, the right OpenSSL is loaded, encrypt returns non-empty:

$ ln -s /usr/local/lib64/*so* /usr/local/lib/
$ ldconfig -v
$ make install
$ ./nsd/nsd -c -u nsadmin
[-main:conf-] Notice: OpenSSL 3.1.0-dev  initialized
...
% package require tcltest 2.2
% namespace import -force ::tcltest::*
% test aead-1.0 {aead::encrypt} -body {
     set d [ns_crypto::aead::encrypt string -cipher aes-128-gcm -iv 123456789 -key secret "hello world"]
     list bytes [string length [dict get $d bytes]] tag [string length [dict get $d tag]]
} -result {bytes 22 tag 32}


I have to rush,

-gn