Date: Wed, 07 Apr 2004 15:39:42 -0600 From: RYAN vAN GINNEKEN <rmvg@shaw.ca> To: Matthew Seaman <m.seaman@infracaninophile.co.uk> Cc: freebsd-questions@freebsd.org Subject: Re: startssl at boot time Message-ID: <4074751E.2070607@shaw.ca> In-Reply-To: <20040406090720.GB17361@happy-idiot-talk.infracaninophile.co.uk> References: <406F324B.1050005@shaw.ca> <20040404112328.GB7849@happy-idiot-talk.infracaninophile.co.uk> <4072488A.7050200@shaw.ca> <20040406090720.GB17361@happy-idiot-talk.infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
This is right ??? the reason i ask is because apache does not start on a
reboot no ssl or even regular apache. here is the log output of an
apache stop then apache start using the script listed below when i use
apache start only regular apache starts so i then have to issue the
apache startssl command.
[Wed Apr 07 13:20:01 2004] [info] removed PID file /var/run/httpd.pid
(pid=3196)
[Wed Apr 07 13:20:01 2004] [notice] caught SIGTERM, shutting down
[Wed Apr 07 13:20:07 2004] [info] mod_unique_id: using ip addr 192.168.0.202
[Wed Apr 07 13:20:08 2004] [info] Init: Initializing OpenSSL library
[Wed Apr 07 13:20:08 2004] [info] Init: Seeding PRNG with 0 bytes of entropy
[Wed Apr 07 13:20:08 2004] [info] Init: Generating temporary RSA private
keys (512/102
[Wed Apr 07 13:20:08 2004] [info] Init: Generating temporary DH
parameters (512/1024 b
[Wed Apr 07 13:20:08 2004] [warn] Init: Session Cache is not configured
[hint: SSLSess
[Wed Apr 07 13:20:08 2004] [info] Init: Initializing (virtual) servers
for SSL
[Wed Apr 07 13:20:08 2004] [info] Server: Apache/2.0.49, Interface:
mod_ssl/2.0.49, Li
[Wed Apr 07 13:20:09 2004] [info] mod_unique_id: using ip addr 192.168.0.202
[Wed Apr 07 13:20:10 2004] [info] Init: Initializing OpenSSL library
[Wed Apr 07 13:20:10 2004] [info] Init: Seeding PRNG with 0 bytes of entropy
[Wed Apr 07 13:20:10 2004] [info] Init: Generating temporary RSA private
keys (512/102
[Wed Apr 07 13:20:12 2004] [info] Init: Generating temporary DH
parameters (512/1024 b
[Wed Apr 07 13:20:12 2004] [info] Init: Initializing (virtual) servers
for SSL
[Wed Apr 07 13:20:12 2004] [info] Server: Apache/2.0.49, Interface:
mod_ssl/2.0.49, Li
[Wed Apr 07 13:20:13 2004] [notice] Apache/2.0.49 (Unix) PHP/4.3.5
mod_ssl/2.0.49 Open
[Wed Apr 07 13:20:13 2004] [info] Server built: Mar 30 2004 04:02:47
[Wed Apr 07 13:20:13 2004] [debug] prefork.c(955): AcceptMutex: flock
(default: flock)
Seems to initialize ssl but my ssl page still does not work however my
regular page does work. Here is a print out of the log file when i do
an apachectl stop and apachectl startssl. when i use startssl
everything work great including my ssl page.
[Wed Apr 07 13:23:21 2004] [info] removed PID file /var/run/httpd.pid
(pid=3227)
[Wed Apr 07 13:23:21 2004] [notice] caught SIGTERM, shutting down
[Wed Apr 07 13:23:26 2004] [info] mod_unique_id: using ip addr 192.168.0.202
[Wed Apr 07 13:23:27 2004] [info] Init: Initializing OpenSSL library
[Wed Apr 07 13:23:27 2004] [info] Init: Seeding PRNG with 136 bytes of
entropy
[Wed Apr 07 13:23:27 2004] [info] Init: Generating temporary RSA private
keys (512/102
[Wed Apr 07 13:23:29 2004] [info] Init: Generating temporary DH
parameters (512/1024 b
[Wed Apr 07 13:23:29 2004] [debug] ssl_scache_dbm.c(403): Inter-Process
Session Cache
[Wed Apr 07 13:23:29 2004] [info] Init: Initializing (virtual) servers
for SSL
[Wed Apr 07 13:23:29 2004] [info] Server: Apache/2.0.49, Interface:
mod_ssl/2.0.49, Li
[Wed Apr 07 13:23:30 2004] [info] mod_unique_id: using ip addr 192.168.0.202
[Wed Apr 07 13:23:31 2004] [info] Init: Initializing OpenSSL library
[Wed Apr 07 13:23:31 2004] [info] Init: Seeding PRNG with 136 bytes of
entropy
[Wed Apr 07 13:23:31 2004] [info] Init: Generating temporary RSA private
keys (512/102
[Wed Apr 07 13:23:31 2004] [info] Init: Generating temporary DH
parameters (512/1024 b
[Wed Apr 07 13:23:31 2004] [debug] ssl_scache_dbm.c(403): Inter-Process
Session Cache
[Wed Apr 07 13:23:31 2004] [info] Init: Initializing (virtual) servers
for SSL
[Wed Apr 07 13:23:31 2004] [info] Server: Apache/2.0.49, Interface:
mod_ssl/2.0.49, Li
[Wed Apr 07 13:23:31 2004] [notice] Apache/2.0.49 (Unix) PHP/4.3.5
mod_ssl/2.0.49 Open
[Wed Apr 07 13:23:31 2004] [info] Server built: Mar 30 2004 04:02:47
[Wed Apr 07 13:23:31 2004] [debug] prefork.c(955): AcceptMutex: flock
(default: flock)
here are the differences in the logs did this manually will have to
spend some time using the diff command as it could work for comparing
log entries too right? So it must have something to do with the entropy
and the session cache i guess.
[Wed Apr 07 13:20:08 2004] [info] Init: Seeding PRNG with 0 bytes of entropy
[Wed Apr 07 13:20:08 2004] [warn] Init: Session Cache is not configured
[hint: SSLSess
Matthew Seaman wrote:
>On Tue, Apr 06, 2004 at 12:04:58AM -0600, RYAN vAN GINNEKEN wrote:
>
>
>
>>Patch guess i am new to patches in fact this is my first one usually
>>just install the port as is and hope that all the patches are added.
>>Have compiled a few packages from source but would rather not.
>>
>>Oh i think i get it it looks like mergemaster the + gets added and the -
>>gets removed right i will do manually will that work NOPE
>>
>>please explain how i apply the patch works as i tried to manually edit
>>the config file and apache did not start at all thank you in advance.
>>Below is a copy of the edited apache2.sh file.
>>
>>#!/bin/sh
>>PREFIX=/usr/local
>>
>>case "$1" in
>>start)
>> SSL=ssl
>> [ -x ${PREFIX}/sbin/apachectl ] && ${PREFIX}/sbin/apachectl
>>start${SSL} > /dev
>> ;;
>>stop)
>> [ -r /var/run/httpd.pid ] && ${PREFIX}/sbin/apachectl stop >
>>/dev/null && echo
>> ;;
>>*)
>> echo "Usage: `basename $0` {start|stop}" >&2
>> ;;
>>esac
>>
>>exit 0
>>
>>
>
>Yes -- that's right. However, for future reference, use the patch(1)
>program which can automate all that stuff for you.
>
>All you should need to do is save the message into a file, and then:
>
> # cd /usr/local/etc/rc.d
> # patch < /tmp/saved-message
>
>You don't even need to edit the saved message to extract the patch
>text: the patch(1) program deals with all that automatically.
>
>And you're right -- this is exactly what mergemaster(1) uses. The
>patch is produced by the diff(1) program, which is why they are
>occasionally known as 'diffs'. Note that diff(1) can produce patches
>in three different formats, but for historical reasons the default
>format is not the 'unidiff' format that basically everyone uses: you
>have to type 'diff -u' to get that.
>
> Cheers,
>
> Matthew
>
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4074751E.2070607>