[AWS] SSL questions

David Marceau davidmarceau@sympatico.ca
Mon, 05 Jan 2004 07:06:53 -0500
Previous message: [AWS] SSL questions
Next message: [AWS] SSL questions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jessica et Vincent Tourvieille wrote:
> 
> Greetings !
> 
> I am trying to set up an AWS-based secure server and here are
> the following problems (and associated questions) I have:
> 
> 1) When installing AWS in the /usr/local/... directly,
> libz.a did not end up being copied
> to the lib directory, I had to copy it manually.
> Would that be a makefile bug, or is this file
> simply not needed?
> 
> 2) When building AWS, the secure part of the
> runme demo does behave as expected.
> However after installing AWS (in the usr/local/Ada/AWS... directory).
> It was quite a challenge to find the appropriate command line,
> (it would be helpful to display the command line being used to compile the
> demos,
> even DEBUG=1 does not display it)
Been there, done that.  
In every makefile in the aws source tree 
you're going to have to change 
a line at the beginning holding makefile directives:
"
.SILENT: all build build clean distrib install set_std set_ssl
"

Comment that line out.  Remember to do it in every makefile.
I did attempt to put it into the makefile.conf instead 
but it didn't seem to work as intended if I remember correctly.  
It would have been a better way though since the change would have been implied
everywhere with just one line in one file.

There is one other thing the gnatmake command has some switches :) Yes it's true
:)
-v for verbose -V for version something like that.
You may also want to do this for the actually compiler and linker switches via
the gnatcc and ld switches mentioned in the gnatmake documentation.
This may be overkill but you will get exactly what you want.


> 
> So I tried the following:
> (my program uses the gnade ODBC features)
> (Note that I get the same result whether
> my_program.adb is the runme demo or my own program,
> I tried both with each command line)
> 
> gnatmake my_program.adb \
> -I/usr/local/Ada/AWS/aws-1.4/AWS/include \
> -I/usr/local/Ada/AWS/aws-1.4/AWS/components \
> -aI/usr/local/Ada/gnade/cvs_snapshot_27_12_2003/gnade/lib/ada \
> -aO/usr/local/Ada/gnade/lib/ \
> -bargs -E -largs \
> -L/usr/local/Ada/AWS/aws-1.4/AWS/lib -laws \
> -lz -lssl -lcrypto \
> -L/usr/local/Ada/gnade/cvs_snapshot_27_12_2003/gnade/lib/ \
> -lodbc
> 
> when I run my program this is the output I get :
> 
> -- Beginning of output
> I'm on the port 1234
> press Q key if you want me to stop.
> Execution terminated by unhandled exception
> Exception name: PROGRAM_ERROR
> Message: AWS has been configured without SSL support.
> Call stack traceback locations:
> 0x817f7ab 0x8166657 0x816677a
> -- end of output
> 
> But if I remove the "-laws" from the command, my program
> runs fine. Now the only problem is that with my switches,
> all my aws* ali and object files are in the local directory.
> To avoid this I followed the AWS user guide
> and changed the command to:
> 
> gnatmake my_program.adb \
> -aI/usr/local/Ada/AWS/aws-1.4/AWS/include \
> -I/usr/local/Ada/AWS/aws-1.4/AWS/components \
> -aO/usr/local/Ada/AWS/aws-1.4/AWS/lib \
> -aI/usr/local/Ada/gnade/cvs_snapshot_27_12_2003/gnade/lib/ada \
> -aO/usr/local/Ada/gnade/cvs_snapshot_27_12_2003/gnade/lib/ \
> -bargs -E -largs \
> -L/usr/local/Ada/AWS/aws-1.4/AWS/lib -laws \
> -lz -lssl -lcrypto \
> -L/usr/local/Ada/gnade/cvs_snapshot_27_12_2003/gnade/lib/ \
> -lodbc
> 
> NOTE that there is still the -laws.
> 
> And I get the same exception:
> 
> -- Begin output
> I'm on the port 1234
> press Q key if you want me to stop.
> Execution terminated by unhandled exception
> Exception name: PROGRAM_ERROR
> Message: AWS has been configured without SSL support.
> Call stack traceback locations:
> 0x8126d1f 0x810ddaf 0x810ded2
> -- end output
> 
> But if I remove the -laws I get compilation error:
> 
> -- begin extract of output
> b~my_program.o(.text+0x482): In function `adainit':
> : undefined reference to `aws__config_E'
> b~my_program.o(.text+0x48d): In function `adainit':
> : undefined reference to `aws__config___elabs'
> b~my_program.o(.text+0x493): In function `adainit':
> : undefined reference to `aws__config_E'
> b~my_program.o(.text+0x49a): In function `adainit':
> : undefined reference to `aws__config__set_E'
> b~my_program.o(.text+0x4a0): In function `adainit':
> : undefined reference to `aws__net_E'
> ...
> ./my_program.o(.text+0x7dd): In function `_ada_my_program':
> : undefined reference to `aws__server__shutdown'
> gnatlink: cannot call /usr/local/Ada/Gnat/bin/real/gcc
> gnatmake: *** link failed.
> -- end of output
> 
> So when I force gnatmake to use the object and ALI files
> that I installed previously, then it says that AWS
> is configured without SSL support. But when I built
> AWS, I have made sure that in makefile.conf, the MODE
> is set to ssl.
> 
> In summary the only command line that enables me to run
> successfully is the one without -laws and that recompiles
> the AWS library.
> 
> Would you have any idea why this is happenning ?
> (I would welcome an explanation about the -laws flag meaning
> too since I am a bit lost !)
What are the environment variables you have exported?
i.e. ADA_INCLUDE_PATH, ADA_OBJECT_PATH, LD_LIBRARY_PATH
For what you want to accomplish yes you are going have to use the switch you
said to place your "objects" in another directory.
That said if you do this, then you have to tell the compiler where to go to them
using the ADA_INCLUDE_PATH/ADA_OBJECT_PATH.
The LD_LIBRARY_PATH is there for when you run the binary(at run-time) your
binary will know where to go to get all the stuff that isn't residing in the
same directory as your executable.
A quick way to check in windows is in the sdk there is an exe something called
the "dependency viewer".
A quick way to check in linux if everything is ok...ldd my_program
If you have undefined references 
that's because not everything is in your LD_LIBRARY_PATH yet.  
IMHO LD_LIBRARY_PATH is a better way to go because it is isolated to just the
process that you export it in :)  If your running windows, LD_LIBRARY_PATH still
applies and whatever it doesn't find there it goes looking in the PATH
environment. i.e. windows system32 directory like all the other windows
dlls/exes.  BTW in linux, you could also change stuff in /etc/ld.so.conf.

> 
> 3) Attempt to generate a self signed certificate:
> Using the successful command line above and the AWS provided
> certificate, I can run sucessfully the secure server.
> However,  when I try to generate my own self signed certificate
> (my ultimate goal is to have a CA approved one) following the methods
> described in http://www.openssl.org/docs/HOWTO/
> I get the  "No Common Encryption Algorithm" error from my Mozilla browser
> (the opera browser simply does not say nor load anything, while internet
> explorer
> gives "page not found")
> 
Please be more specific.  
What exactly is the command line you used to generate your stuff?
Previous message: [AWS] SSL questions
Next message: [AWS] SSL questions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]