List Info

Thread: OS X TLS authentication never completing
OS X TLS authentication never completing
user name
 2006-12-04 12:05:14 
Hi Aaron,

On Wed, 2006-11-22 at 17:05 -0500, Aaron Shelmire wrote:
> Hi all,
>     I am attempting to setup a test/dev installation of
prelude on an OS
> X 32-bit powerpc  box. Everything seems to install
fine. Although  when
> running the prelude-manager and then kicking off the
prelude-lml,
> authentication doesn't complete.
> 
> This is what occurs when the respective executables are
started up...

[...]

> - Connecting to localhost:4960 prelude Manager server.
> 
> If I Control-C out of the LML, I don't see any error
message. But if the
> manager is stopped first I see this message...
> 
> 
> prelude-client: error starting prelude-client: TLS
handshake failed: A
> TLS packet with unexpected length was received..

What version of GnuTLS are you using? Does upgrading to a
newer version
help? 

Also, providing the strace output for prelude-lml might be
useful to
track down the issue.

Regards,

-- 
Yoann Vandoorselaere | Responsable R&D / CTO |
PreludeIDS Technologies
Tel: +33 (0)8 70 70 21 58                  Fax: +33(0)4 78
42 21 58
http://www.prelude-ids.com


_______________________________________________
Prelude-user site list
Prelude-userprelude-ids.org
http://www.prelude-ids.org/mailman/listinfo/prelude-user
OS X TLS authentication never completing
user name
 2006-12-04 13:15:17 
Hi Aaron, i'm very interested in your port effort to OSX, 
please tell me what OSX version you are using ?

Thanks a lot

Tristan

Le lundi 04 décembre 2006 à 13:05 +0100, Yoann
Vandoorselaere a écrit :
> Hi Aaron,
> 
> On Wed, 2006-11-22 at 17:05 -0500, Aaron Shelmire
wrote:
> > Hi all,
> >     I am attempting to setup a test/dev
installation of prelude on an OS
> > X 32-bit powerpc  box. Everything seems to install
fine. Although  when
> > running the prelude-manager and then kicking off
the prelude-lml,
> > authentication doesn't complete.
> > 
> > This is what occurs when the respective
executables are started up...
> 
> [...]
> 
> > - Connecting to localhost:4960 prelude Manager
server.
> > 
> > If I Control-C out of the LML, I don't see any
error message. But if the
> > manager is stopped first I see this message...
> > 
> > 
> > prelude-client: error starting prelude-client: TLS
handshake failed: A
> > TLS packet with unexpected length was received..
> 
> What version of GnuTLS are you using? Does upgrading to
a newer version
> help? 
> 
> Also, providing the strace output for prelude-lml might
be useful to
> track down the issue.
> 
> Regards,


_______________________________________________
Prelude-user site list
Prelude-userprelude-ids.org
http://www.prelude-ids.org/mailman/listinfo/prelude-user
OS X TLS authentication never completing
user name
 2006-12-05 00:08:24 

  


  

    
  

  
  
   
     
    

  

    OS X TLS authentication never completing
  


  

     user name

     2006-12-06 11:24:54
  


  

    
On Mon, 2006-12-04 at 19:08 -0500, Aaron Shelmire wrote:
>     I have tried a few different versions of gnuTLS.
The first I'm not
> sure of the version, but I'm sure it was older.
>     I then went to gnutls 1.6.0 to no avail. Then
downgraded to 1.4.5,
> which I'm currently using and experiencing the same
behavior.
> 
>     I have also recompiled all of the packages gnutls
relies upon
> (libgcrypt, libtasn, opencdk, liblzo, and many others),
and then the
> overlaying Prelude bits.
> 
>     The test machine being used is Mac OsX 10.4,
details via uname...
> 
> uname -a
> Darwin mm-165-109.internet2.edu 8.8.0 Darwin Kernel
Version 8.8.0: Fri
> Sep  8 17:18:57 PDT 2006; rootnu-79
2.12.6.obj~1/RELEASE_PPC Power
> Macintosh powerpc
> 
>     The dump of a ktrace of prelude-lml is attached as
a text file.
> 

Hi Aaron,

Thanks for providing me these information. Right now I'm
suspecting the
GnuLib poll() emulation code on the prelude-manager side to
not do it's
job properly. 

Could you try running prelude-manager on another, non MacOSX
architecture, and try to connect a sensor that is running on
the MacOSX
system, and then testing the opposite way?

Regards,

-- 
Yoann Vandoorselaere <yoannprelude-ids.org>

_______________________________________________
Prelude-user site list
Prelude-userprelude-ids.org
http://www.prelude-ids.org/mailman/listinfo/prelude-user



  


  

    
  

  
  
   
     
    

  

    OS X TLS authentication never completing
  


  

     user name

     2006-12-11 19:17:48
  


  

    
Yoann,
    You are correct. Prelude-lml works fine connecting to a
remote
prelude-manager on a Linux box. Prelude-Manager does not
complete the
connection with remote or local sensors.

    I tried editing poll.m4 to make the configure fail the
'poll
usability' test by inserting a line previous to your ifdef
"This is Mac
Os X", in hopes that prelude was already setup to use
kevent or select,
but that didn't work out.

   
-aaron



Yoann Vandoorselaere wrote:
> On Mon, 2006-12-04 at 19:08 -0500, Aaron Shelmire
wrote:
>   
>>     I have tried a few different versions of
gnuTLS. The first I'm not
>> sure of the version, but I'm sure it was older.
>>     I then went to gnutls 1.6.0 to no avail. Then
downgraded to 1.4.5,
>> which I'm currently using and experiencing the same
behavior.
>>
>>     I have also recompiled all of the packages
gnutls relies upon
>> (libgcrypt, libtasn, opencdk, liblzo, and many
others), and then the
>> overlaying Prelude bits.
>>
>>     The test machine being used is Mac OsX 10.4,
details via uname...
>>
>> uname -a
>> Darwin mm-165-109.internet2.edu 8.8.0 Darwin Kernel
Version 8.8.0: Fri
>> Sep  8 17:18:57 PDT 2006; rootnu-79
2.12.6.obj~1/RELEASE_PPC Power
>> Macintosh powerpc
>>
>>     The dump of a ktrace of prelude-lml is attached
as a text file.
>>
>>     
>
> Hi Aaron,
>
> Thanks for providing me these information. Right now
I'm suspecting the
> GnuLib poll() emulation code on the prelude-manager
side to not do it's
> job properly. 
>
> Could you try running prelude-manager on another, non
MacOSX
> architecture, and try to connect a sensor that is
running on the MacOSX
> system, and then testing the opposite way?
>
> Regards,
>
>   

_______________________________________________
Prelude-user site list
Prelude-userprelude-ids.org
http://www.prelude-ids.org/mailman/listinfo/prelude-user



  


  

    
  

  
  
   
     
    

  

    OS X TLS authentication never completing
  


  

     user name

     2006-12-12 12:41:08
  


  

    
On Mon, 2006-12-11 at 14:17 -0500, Aaron Shelmire wrote:

Hi Aaron,

>     You are correct. Prelude-lml works fine connecting
to a remote
> prelude-manager on a Linux box. Prelude-Manager does
not complete the
> connection with remote or local sensors.

Thanks. Could you please start OSX prelude-manager using the
-D=10
option, then trigger a connection from any sensor? You
should see a lot
of server-logic debugging output, which is what I am
interested in.

>     I tried editing poll.m4 to make the configure fail
the 'poll
> usability' test by inserting a line previous to your
ifdef "This is
> Mac Os X", in hopes that prelude was already setup
to use kevent or
> select, but that didn't work out.

If poll() is not available on the platform, then select()
will be used
as a replacement. I recall early version of OSX didn't have
poll. 

I'd be interested in the configure output for poll()
detection. Also,
double check whether libmissing/poll.c is used or not. In
case it is
not, try to force it's use.

Regards,

-- 
Yoann Vandoorselaere | Responsable R&D / CTO |
PreludeIDS Technologies
Tel: +33 (0)8 70 70 21 58                  Fax: +33(0)4 78
42 21 58
http://www.prelude-ids.com


_______________________________________________
Prelude-user site list
Prelude-userprelude-ids.org
http://www.prelude-ids.org/mailman/listinfo/prelude-user



  


  

    
  

  
  
   
     
    

  

    OS X TLS authentication never completing
  


  

     user name

     2006-12-12 12:48:15
  


  

    
On Tue, 2006-12-12 at 13:41 +0100, Yoann Vandoorselaere
wrote:
> On Mon, 2006-12-11 at 14:17 -0500, Aaron Shelmire
wrote:
> 
> Hi Aaron,
> 
> >     You are correct. Prelude-lml works fine
connecting to a remote
> > prelude-manager on a Linux box. Prelude-Manager
does not complete the
> > connection with remote or local sensors.
> 
> Thanks. Could you please start OSX prelude-manager
using the -D=10
> option, then trigger a connection from any sensor? You
should see a lot
> of server-logic debugging output, which is what I am
interested in.
> 
> >     I tried editing poll.m4 to make the configure
fail the 'poll
> > usability' test by inserting a line previous to
your ifdef "This is
> > Mac Os X", in hopes that prelude was already
setup to use kevent or
> > select, but that didn't work out.
> 
> If poll() is not available on the platform, then
select() will be used
> as a replacement. I recall early version of OSX didn't
have poll. 
> 
> I'd be interested in the configure output for poll()
detection. Also,
> double check whether libmissing/poll.c is used or not.
In case it is
> not, try to force it's use.

>From your earlier gdb output, I can see the replacement
poll() being
used. It would be nice to add some statement in there to
debug it. Have
a look at libmissing/poll.c.

Regards,

-- 
Yoann Vandoorselaere | Responsable R&D / CTO |
PreludeIDS Technologies
Tel: +33 (0)8 70 70 21 58                  Fax: +33(0)4 78
42 21 58
http://www.prelude-ids.com


_______________________________________________
Prelude-user site list
Prelude-userprelude-ids.org
http://www.prelude-ids.org/mailman/listinfo/prelude-user



  


  

    
  

  
  
   
     
    






 [1-7]











   
 





about | contact  Other archives ( Real Estate discussion Medical topics )