No subject


Sat Oct 2 08:10:42 CEST 2010 

<br>
<br><font size=3>#if HAVE_LIBGNUTLS</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
conn_printf(&quot;SSL\n&quot;);</font>
<br><font size=3>if ( read_conn_status(0, peername) ) {</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; csync_debug(1, &quot;SSL command failed.\n&quot;);</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; conn_close();</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; return -1;</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
}</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
conn_activate_ssl(0);</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
conn_check_peer_cert(peername, 1);</font>
<br><font size=3>#else</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
csync_debug(0, &quot;ERROR: Config request SSL but this csync2 is built
without SSL support.\n&quot;);</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
csync_error_count++;</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
return -1;</font>
<br><font size=3>#endif</font>
<br>
<br><font size=3>Similar for the remote in csync2.c which happens on the
start: </font>
<br>
<br><font size=3>#ifdef HAVE_LIBGNUTLS</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; conn_printf(&quot;OK (activating_ssl).\n&quot;);</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; conn_activate_ssl(1);</font>
<br>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; if ( !conn_gets(line, 4096) ) return 0;</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; cmd = strtok(line, &quot;\t \r\n&quot;);</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; para = cmd ? strtok(0, &quot;\t \r\n&quot;)
: 0;</font>
<br><font size=3>#else</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; conn_printf(&quot;This csync2 server is built
without SSL support.\n&quot;);</font>
<br><font size=3>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; return 0;</font>
<br><font size=3>#endif</font>
<br>
<br><font size=3>Could you be running a different version than you actually
is doing your ldd check on? ldd `which csync2` </font>
<br>
<br><font size=3>Can you try with</font>
<br>
<br><font size=3>nossl </font><font size=2>&nbsp;</font><font size=3>glddb-master
glddb-slave1</font><font size=2> &nbsp;</font>
<br>
<br><font size=3>just to check that your config works without SSL ?</font>
<br>
<br><font size=3>cheers, </font>
<br><font size=3>:-Dennis </font>
<br>
<br><font size=3>On 05/10/2010, at 21.22, Christopher J Bidwell wrote:</font>
<br>
<br><font size=2 face="sans-serif">Just a little bit of insight as to how
my setup &quot;should&quot; go. </font><font size=3><br>
</font><font size=2 face="sans-serif"><br>
I have a primary webserver that should feed content to four public webservers.
&nbsp;</font><font size=3> <br>
</font><font size=2 face="sans-serif"><br>
My contents of my /etc: &nbsp;(this is the same on both my master and my
slave servers).</font><font size=3> </font><font size=2 face="sans-serif"><br>
[@glddb-slave1 etc]# lsl csync2*</font><font size=3> </font><font size=2 face="sans-serif"><br>
-rw-r--r-- 1 root root 710 Oct &nbsp;5 &nbsp;2010 csync2.cfg</font><font size=3>
</font><font size=2 face="sans-serif"><br>
-rw------- 1 root root &nbsp;65 Oct &nbsp;5 &nbsp;2010 csync2.key_ehp</font><font size=3>
</font><font size=2 face="sans-serif"><br>
-rw-r--r-- 1 root root 774 Oct &nbsp;5 &nbsp;2010 csync2_ssl_cert.pem</font><font size=3>
</font><font size=2 face="sans-serif"><br>
-rw-r--r-- 1 root root 887 Oct &nbsp;5 &nbsp;2010 csync2_ssl_key.pem</font><font size=3>
<br>
</font><font size=2 face="sans-serif"><br>
Here is my configuration file:</font><font size=3> </font><font size=2 face="sans-serif"><br>
------------------------------</font><font size=3> </font><font size=2 face="sans-serif"><br>
# Csync2 Example Configuration File</font><font size=3> </font><font size=2 face="sans-serif"><br>
# ---------------------------------</font><font size=3> </font><font size=2 face="sans-serif"><br>
#</font><font size=3> </font><font size=2 face="sans-serif"><br>
# Please read the documentation:</font><font size=3> </font><font size=2 face="sans-serif"><br>
# </font><a href=http://oss.linbit.com/csync2/paper.pdf><font size=2 color=blue face="sans-serif"><u>http://oss.linbit.com/csync2/paper.pdf</u></font></a><font size=3>
<br>
</font><font size=2 face="sans-serif"><br>
group mygroup</font><font size=3> </font><font size=2 face="sans-serif"><br>
 {</font><font size=3> </font><font size=2 face="sans-serif"><br>
 &nbsp; &nbsp; &nbsp; &nbsp; host glddb-master (glddb-slave1);</font><font size=3>
<br>
</font><font size=2 face="sans-serif"><br>
 &nbsp; &nbsp; &nbsp; &nbsp; key /etc/csync2.key_ehp;</font><font size=3>
<br>
</font><font size=2 face="sans-serif"><br>
 &nbsp; &nbsp; &nbsp; &nbsp; include /home/www/vhosts/ehp.wr;</font><font size=3>
</font><font size=2 face="sans-serif"><br>
 }</font><font size=3> </font><font size=2 face="sans-serif"><br>
--------------------------</font><font size=3> </font><font size=2 face="sans-serif"><br>
I figure just for simplicity I'll remove any other complexities until I
can at least get communication to work.</font><font size=3> <br>
</font><font size=2 face="sans-serif"><br>
I run csync2 -iivvv and I get this:</font><font size=3> </font><font size=2 face="sans-serif"><br>
----------------------------</font><font size=3> </font><font size=2 face="sans-serif"><br>
[glddb-slave1 csync2]# csync2 -iivvv</font><font size=3> </font><font size=2 face="sans-serif"><br>
Csync2 daemon running. Waiting for connections.</font><font size=3> </font><font size=2 face="sans-serif"><br>
&lt;11462&gt; New connection from 192.168.1.132:43675.</font><font size=3>
</font><font size=2 face="sans-serif"><br>
Peer&gt; </font><font size=3><br>
</font><font size=2 face="sans-serif"><br>

More information about the Csync2 mailing list