LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

RE: Ldirectord Redhat EL3 SSL checking problem

from [Philip Hayward] [Permanent Link]
To: "'LinuxVirtualServer.org users mailing list.'" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: Ldirectord Redhat EL3 SSL checking problem
From: Philip Hayward <Philip.Hayward@xxxxxxxxxxxxxx>
Date: Fri, 5 Nov 2004 14:27:53 -0000 
Hi Horms,

Thanks for the patch.

I have been unable to replicate this on Redhat 8 but have seen it on three
EL3 ES servers and on EL3 Update 2 and 3.

Applying the patch produces the results below.

Thanks for looking into this.

Phil

DEBUG2: Checking negotiate: real
server=negotiate:https:tcp:10.1.1.23:0:50743::\/orukt\/static\/test\.html:te
sted (virtual=tcp:10.1.1.61:0)
DEBUG2: Checking https url="https://10.1.1.23:50743/orukt/static/test.html";
virtualhost="10.1.1.23"
DEBUG2: Testing: 10.1.1.23, 50743, /orukt/static/test.html
Opening connection to 10.1.1.23:50743 (10.1.1.23) at blib/lib/Net/SSLeay.pm
(autosplit into blib/lib/auto/Net/SSLeay/open_tcp_connection.al) line 1463.
Creating SSL 0 context...
Creating SSL connection (context was '143973928')...
Setting fd (ctx 143973928, con 143976312)...
Entering SSL negotiation phase...
Cipher list: DHE-RSA-AES256-SHA, DHE-RSA-AES256-SHA, DHE-DSS-AES256-SHA,
AES256-SHA, EDH-RSA-DES-CBC3-SHA, EDH-DSS-DES-CBC3-SHA, DES-CBC3-SHA,
DES-CBC3-MD5, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA, AES128-SHA,
RC2-CBC-MD5, DHE-DSS-RC4-SHA, EXP-KRB5-RC4-MD5, EXP-KRB5-RC4-SHA,
KRB5-RC4-MD5, KRB5-RC4-SHA, RC4-SHA, RC4-MD5, RC4-MD5, KRB5-DES-CBC3-MD5,
KRB5-DES-CBC3-SHA, RC4-64-MD5, EXP1024-DHE-DSS-DES-CBC-SHA,
EXP1024-DES-CBC-SHA, EXP1024-RC2-CBC-MD5, KRB5-DES-CBC-MD5,
KRB5-DES-CBC-SHA, EDH-RSA-DES-CBC-SHA, EDH-DSS-DES-CBC-SHA, DES-CBC-SHA,
DES-CBC-MD5, EXP1024-DHE-DSS-RC4-SHA, EXP1024-RC4-SHA, EXP1024-RC4-MD5,
EXP-KRB5-RC2-CBC-MD5, EXP-KRB5-DES-CBC-MD5, EXP-KRB5-RC2-CBC-SHA,
EXP-KRB5-DES-CBC-SHA, EXP-EDH-RSA-DES-CBC-SHA, EXP-EDH-DSS-DES-CBC-SHA,
EXP-DES-CBC-SHA, EXP-RC2-CBC-MD5, EXP-RC2-CBC-MD5, EXP-RC4-MD5,
EXP-RC4-MD5\n at blib/lib/Net/SSLeay.pm (autosplit into
blib/lib/auto/Net/SSLeay/sslcat.al) line 1779.
SSLeay connect returned 1
Cipher `DHE-RSA-AES256-SHA'
Subject Name: /C=GB/ST=London/L=London/O=Digital Rum
Limited/OU=Ticketing/CN=orukt.stg.digitalrum.com
Issuer  Name: /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification
Authority
sslcat 8280: sending 70 bytes...
  write_all VM at entry=vm_unknown
  written so far 70:70 bytes (VM=vm_unknown)
waiting for reply...
  got 253:0 bytes (VM=vm_unknown).
  got 0:253 bytes (VM=vm_unknown).
Got 253 bytes.
DEBUG2: Result: HTTP/1.1 200 OK
DEBUG2: Expected String Present
DEBUG2: Status: 16777215 (fail)
DEBUG2: Disabled server=10.1.1.23

>From the following config:

virtual=10.1.1.61:0
        real=10.1.1.23:0 masq
        service=https
        scheduler=wlc
        checkport=50743
        request="orukt/static/test.html"
        receive="tested"
        checktype=negotiate
        persistent=300

Apache reports:
[05/Nov/2004:12:57:54 +0000] 10.1.1.200 TLSv1 DHE-RSA-AES256-SHA "GET
/orukt/static/test.html HTTP/1.0" 22
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: LVS-Tun not working correctl. No listening sockets?, Joseph Mack
Next by Date:  Re: LVS-Tun not working correctl. No listening sockets?, Andy Shinn
Previous by Thread:  Re: Ldirectord Redhat EL3 SSL checking problem, Horms
Next by Thread:  RE: Ldirectord Redhat EL3 SSL checking problem, Johan Elmerfjord
Indexes:  [Date] [Thread] [Top] [All Lists]