No subject


Sat Oct 2 08:10:42 CEST 2010 

<br>
<br><font size=3D"3">#if HAVE_LIBGNUTLS</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
conn_printf("SSL\n");</font>
<br><font size=3D"3">if ( read_conn_status(0, peername) ) {</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; csync_debug(1, "SSL command failed.\n");</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; conn_close();</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; return -1;</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
}</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
conn_activate_ssl(0);</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
conn_check_peer_cert(peername, 1);</font>
<br><font size=3D"3">#else</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
csync_debug(0, "ERROR: Config request SSL but this csync2 is built
without SSL support.\n");</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
csync_error_count++;</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
return -1;</font>
<br><font size=3D"3">#endif</font>
<br>
<br><font size=3D"3">Similar for the remote in csync2.c which happens on the
start: </font>
<br>
<br><font size=3D"3">#ifdef HAVE_LIBGNUTLS</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; conn_printf("OK (activating_ssl).\n");</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; conn_activate_ssl(1);</font>
<br>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; if ( !conn_gets(line, 4096) ) return 0;</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; cmd =3D strtok(line, "\t \r\n");</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; para =3D cmd ? strtok(0, "\t \r\n")
: 0;</font>
<br><font size=3D"3">#else</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; conn_printf("This csync2 server is built
without SSL support.\n");</font>
<br><font size=3D"3">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; return 0;</font>
<br><font size=3D"3">#endif</font>
<br>
<br><font size=3D"3">Could you be running a different version than you actual=
ly
is doing your ldd check on? ldd `which csync2` </font>
<br>
<br><font size=3D"3">Can you try with</font>
<br>
<br><font size=3D"3">nossl </font><font size=3D"2">&nbsp;</font><font size=3D=
"3">glddb-master
glddb-slave1</font><font size=3D"2"> &nbsp;</font>
<br>
<br><font size=3D"3">just to check that your config works without SSL ?</font>
<br>
<br><font size=3D"3">cheers, </font>
<br><font size=3D"3">:-Dennis </font>
<br>
<br><font size=3D"3">On 05/10/2010, at 21.22, Christopher J Bidwell wrote:</f=
ont>
<br>
<br><font size=3D"2" face=3D"sans-serif">Just a little bit of insight as to h=
ow
my setup "should" go. </font><font size=3D"3"><br>
</font><font size=3D"2" face=3D"sans-serif"><br>
I have a primary webserver that should feed content to four public webservers.
&nbsp;</font><font size=3D"3"> <br>
</font><font size=3D"2" face=3D"sans-serif"><br>
My contents of my /etc: &nbsp;(this is the same on both my master and my
slave servers).</font><font size=3D"3"> </font><font size=3D"2" face=3D"sans-=
serif"><br>
[@glddb-slave1 etc]# lsl csync2*</font><font size=3D"3"> </font><font size=3D=
"2" face=3D"sans-serif"><br>
-rw-r--r-- 1 root root 710 Oct &nbsp;5 &nbsp;2010 csync2.cfg</font><font size=
=3D"3">
</font><font size=3D"2" face=3D"sans-serif"><br>
-rw------- 1 root root &nbsp;65 Oct &nbsp;5 &nbsp;2010 csync2.key_ehp</font><=
font size=3D"3">
</font><font size=3D"2" face=3D"sans-serif"><br>
-rw-r--r-- 1 root root 774 Oct &nbsp;5 &nbsp;2010 csync2_ssl_cert.pem</font><=
font size=3D"3">
</font><font size=3D"2" face=3D"sans-serif"><br>
-rw-r--r-- 1 root root 887 Oct &nbsp;5 &nbsp;2010 csync2_ssl_key.pem</font><f=
ont size=3D"3">
<br>
</font><font size=3D"2" face=3D"sans-serif"><br>
Here is my configuration file:</font><font size=3D"3"> </font><font size=3D"2=
" face=3D"sans-serif"><br>
------------------------------</font><font size=3D"3"> </font><font size=3D"2=
" face=3D"sans-serif"><br>
# Csync2 Example Configuration File</font><font size=3D"3"> </font><font size=
=3D"2" face=3D"sans-serif"><br>
# ---------------------------------</font><font size=3D"3"> </font><font size=
=3D"2" face=3D"sans-serif"><br>
#</font><font size=3D"3"> </font><font size=3D"2" face=3D"sans-serif"><br>
# Please read the documentation:</font><font size=3D"3"> </font><font size=3D=
"2" face=3D"sans-serif"><br>
# </font><a href=3D"http://oss.linbit.com/csync2/paper.pdf"><font size=3D"2" =
color=3D"blue" face=3D"sans-serif"><u>http://oss.linbit.com/csync2/paper.pdf<=
/u></font></a><font size=3D"3">
<br>
</font><font size=3D"2" face=3D"sans-serif"><br>
group mygroup</font><font size=3D"3"> </font><font size=3D"2" face=3D"sans-se=
rif"><br>
 {</font><font size=3D"3"> </font><font size=3D"2" face=3D"sans-serif"><br>
 &nbsp; &nbsp; &nbsp; &nbsp; host glddb-master (glddb-slave1);</font><font si=
ze=3D"3">
<br>
</font><font size=3D"2" face=3D"sans-serif"><br>
 &nbsp; &nbsp; &nbsp; &nbsp; key /etc/csync2.key_ehp;</font><font size=3D"3">
<br>
</font><font size=3D"2" face=3D"sans-serif"><br>
 &nbsp; &nbsp; &nbsp; &nbsp; include /home/www/vhosts/ehp.wr;</font><font siz=
e=3D"3">
</font><font size=3D"2" face=3D"sans-serif"><br>
 }</font><font size=3D"3"> </font><font size=3D"2" face=3D"sans-serif"><br>
--------------------------</font><font size=3D"3"> </font><font size=3D"2" fa=
ce=3D"sans-serif"><br>
I figure just for simplicity I'll remove any other complexities until I
can at least get communication to work.</font><font size=3D"3"> <br>
</font><font size=3D"2" face=3D"sans-serif"><br>
I run csync2 -iivvv and I get this:</font><font size=3D"3"> </font><font size=
=3D"2" face=3D"sans-serif"><br>
----------------------------</font><font size=3D"3"> </font><font size=3D"2" =
face=3D"sans-serif"><br>
[glddb-slave1 csync2]# csync2 -iivvv</font><font size=3D"3"> </font><font siz=
e=3D"2" face=3D"sans-serif"><br>
Csync2 daemon running. Waiting for connections.</font><font size=3D"3"> </fon=
t><font size=3D"2" face=3D"sans-serif"><br>
&lt;11462&gt; New connection from 192.168.1.132:43675.</font><font size=3D"3">
</font><font size=3D"2" face=3D"sans-serif"><br>
Peer&gt; </font><font size=3D"3"><br>
</font><font size=3D"2" face=3D"sans-serif"><br>

More information about the Csync2 mailing list