Menu
▾
▴
Re: [naviserver-devel] Fwd: No notifications with webpush::send
|
From: Wolfgang W. <wol...@di...> - 2021-12-09 16:09:45
|
This is the solution we came up with:
We downloaded, compiled and installed the latest stable openssl version
3.0.0.
Then we added /usr/local/lib64 to /etc/ld.so.conf.d/libc.conf
After/sbin/ldconfig Naviserver finds the new openssl version when
compiling with:
--with-openssl=/usr/local/
So far everything seems to work, we only get one warning from the linker:
/usr/bin/ld: warning: libcrypto.so.1.1, needed by
/usr/lib/gcc/x86_64-linux-gnu/8/../../../x86_64-linux-gnu/libssl.so, may
conflict with libcrypto.so.3
Again, thanks for your help,
Wolfgang
Am 09.12.21 um 11:44 schrieb Gustaf Neumann:
>
>
>
>
> -------- Forwarded Message --------
> Subject: Re: [naviserver-devel] No notifications with webpush::send
> Date: Thu, 9 Dec 2021 11:43:44 +0100
> From: Gustaf Neumann <ne...@wu...>
> To: Wolfgang Winkler via naviserver-devel
> <nav...@li...>
>
>
>
>
> On 09.12.21 09:33, Wolfgang Winkler via naviserver-devel wrote:
>>
>> We are using 1.1.1d on our production server, which is a debian buster.
>>
>> bytes {} tag 1e58277931d45f4c593cffbf291b39b7
>
> i can confirm, that with Debian GNU/Linux 10 (buster) and OpenSSL
> 1.1.1d bytes are empty.
>
> With e.g. Rocky Linux release 8.4 (one successor of CentOS, also
> conservative), with e.g. 1.1.1g, everything is fine.
>
>
>> I've tried to use 1.1.1k on buster. I installed it with
>>
>> ./config --prefix=/usr/local/openssl && make && make install
>>
>> and compiled naviserver with
>>
>> ./configure
>> --enable-64bit=true--prefix=/usr/local/naviserver-git--with-openssl=/usr/local/openssl--with-tcl=/usr/local/lib/--enable-threads
>>
>> But naviserver still uses the packaged openssl version:
>> # ldd nsd/nsd
>> libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1
>
>
> There is something starnge on Buster concerning libraries. I have
> downloaded newest openssl from git, configured + make install, and
> configured
> Naviserver as usual
>
> $ ./configure --enable-64bit -prefix=/usr/local/ns --with-openssl=/usr/local/
>
> but was surprised that it the version was not picked up for loading.
> After brutally linking the files, everything was fine.
>
> So, there seems to be some load-path that has to be configured for Buster,
> but I am not an expert (and have not time to investigate deeper).
>
> But with this, the right OpenSSL is loaded, encrypt returns non-empty:
>
> $ ln -s /usr/local/lib64/*so* /usr/local/lib/
> $ ldconfig -v
> $ make install
> $ ./nsd/nsd -c -u nsadmin
> [-main:conf-] Notice: OpenSSL 3.1.0-dev initialized
> ...
> % package require tcltest 2.2
> % namespace import -force ::tcltest::*
> % test aead-1.0 {aead::encrypt} -body {
> set d [ns_crypto::aead::encrypt string -cipher aes-128-gcm -iv 123456789 -key secret "hello world"]
> list bytes [string length [dict get $d bytes]] tag [string length [dict get $d tag]]
> } -result {bytes 22 tag 32}
>
>
> I have to rush,
>
> -gn
>
>
>
>
> _______________________________________________
> naviserver-devel mailing list
> nav...@li...
> https://lists.sourceforge.net/lists/listinfo/naviserver-devel
--
*Wolfgang Winkler*
Geschäftsführung
wol...@di...
mobil +43.699.19971172
dc:*büro*
digital concepts Novak Winkler OG
Software & Design
Landstraße 68, 5. Stock, 4020 Linz
www.digital-concepts.com <http://www.digital-concepts.com>
tel +43.732.997117.72
tel +43.699.1997117.2
Firmenbuchnummer: 192003h
Firmenbuchgericht: Landesgericht Linz
|
