|
[SMS] - Superb Mini Server Project Support Forum |
|
|
|
View previous topic :: View next topic |
Author |
Message |
Lars Senior Member
Joined: 25 Oct 2010 Posts: 136
|
Posted: Mon Apr 01, 2019 1:20 pm Post subject: Problem building ddclient-3.8.3 with Slackbuilds in SMS2.0.9 |
|
|
Due to some issues with ddclient 3.8.2 I wanted to build ddclient 3.8.3 using Slackbuilds
https://slackbuilds.org/repository/14.2/network/ddclient/
using ddclient-3.8.3.tar.bz2 from the Slackbuild site
When running the Slackbuild-script i immediately halted on
Code: | bzip2: (stdin) is not a bzip2 file.
tar: Child returned status 2
tar: Error is not recoverable: exiting now |
I opened the script and found:
Code: | tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 |
Is this really right? I didn't recognize it from my previous extracting tar.bz2 archives?
Instead of changing the Slackbuild-script I decided to try and extract the ddclient-3.8.3.tar.bz2 manually.
First using the command from the script
# tar xvf ddclient-3.8.3.tar.bz2
with the same result as above.
-Then using the extract commands I ordinary use
Code: | tar jxvf ddclient-3.8.3.tar.bz2
# tar jxvf ddclient-3.8.3.tar.bz2
bzip2: (stdin) is not a bzip2 file.
tar: Child returned status 2
tar: Error is not recoverable: exiting now |
Code: | # tar -jxvf ddclient-3.8.3.tar.bz2
bzip2: (stdin) is not a bzip2 file.
tar: Child returned status 2
tar: Error is not recoverable: exiting now |
Code: | # tar -Jxvf ddclient-3.8.3.tar.bz2
xz: (stdin): File format not recognized
tar: Child returned status 1
tar: Error is not recoverable: exiting now |
Just by chance I tried to take the problem with extraction to OpenSUSE:
And found that
tar jxvf ddclient-3.8.3.tar.bz2 works in OpenSUSE
tar jxf ddclient-3.8.3.tar.bz2 works in OpenSUSE
But not SMS.2.0.9 that if I remember right is built on Slackware14.0?
I've searched the Slackware 14.0-14.2 X86 repositories but couldn't find any ddclient package.
I cannot run the Slackbuild-script i OpenSUSE, is there any way You can help me out here?
Best regards
Lars
I think I found a solution :
I extracted ddclient-3.8.3.tar.bz2 in OpenSUSE, moved the extracted directory back to SMS-2.0.9 and compressed it using bzip2.
Now the Slackbuild-script worked! -There's just one or two things I wonder about, perhaps I only noticed them because of the initial troubles with the tar.bz2-file?
Examining the Slackbuild process I saw
Code: | Searching for symbolic links:
No symbolic links were found, so we won't make an installation script.
|
Now I didn't want to make an installation script, just a package. And next:
Code: | Would you like to reset all directory permissions to 755 (drwxr-xr-x) and
directory ownerships to root.root ([y]es, [n]o)? n |
Perhaps it has occured before running Slackbuild, but without my noticing?
Best regards
Lars
|
|
Back to top |
|
gerasimos_h Site Admin
Joined: 09 Aug 2007 Posts: 1757 Location: Greece
|
Posted: Sat Apr 06, 2019 8:32 am Post subject: |
|
|
A "tar xvf" is enough, tar will recognize compression and untar it even if it's xz, without the J option...
I successfully untar the ddclient-3.8.3.tar.bz2 in SMS-2.0.9 even on a slackware-11 installation with tar-1.16...
Do you have a full SMS installation?
gerasimos_h
_________________ Superb! Mini Server Project Manager
http://sms.it-ccs.com |
|
Back to top |
|
Lars Senior Member
Joined: 25 Oct 2010 Posts: 136
|
Posted: Sun Apr 07, 2019 11:44 am Post subject: |
|
|
Dear gerasimos_h!
Yes, I have got a full SMS-2.0.9 installation! After extracting in SuSE and recompressing in SMS-2.0.9 which worked, I decided to investigate the source-code for ddclient which I downloaded from sourceforge.net in SMS-2.0.9, and found it was corrupt. When downloading the same sourcecode from SuSE there were no problem extracting it with
$ tar xvf in SMS-2.0.9 as You pointed out!
This problem is related to an underlying problem, and I wonder if I can bring it up here, without opening a new thread? -I just mention it very short here and wait for Your reply. If You want me to open a new thread I will, and add the information I've found so far.
My upgrade of ddclient and downloading problem in SMS-2.0.9 are both related to TLS v. 1.2. I've got openssl-1.0.2j-i486-1sms installed that should have a capacity to handle TLS 1.2.
But can SMS-2.0.9, that I recall is based on Slackware 14.0, as an OS handle TLS 1.2?
Best regards
Lars
|
|
Back to top |
|
gerasimos_h Site Admin
Joined: 09 Aug 2007 Posts: 1757 Location: Greece
|
|
Back to top |
|
Lars Senior Member
Joined: 25 Oct 2010 Posts: 136
|
Posted: Tue Apr 09, 2019 6:33 pm Post subject: |
|
|
Well, Gerasimos!
You were right, in two ways:
1. I downloaded ddclient-3.8.3.tar.bz2 from sourceforge and ddclient.tar.gz from slackbuilds with wget. Checked the ddclient-3.8.3.tar.bz2 against the version I downloaded with SuSE. There were a slight difference when comparing md5. The tar.gz was identical. -So I decided to remove my previously built package, rebuilt it with the src and script downloaded with wget, installed it.
2. It made no difference to my initial problem.
Now this SSL/TLS materia is not a materia I'm aquainted or familiar with. The little I know I've learnt during the last two weeks trying to solve my ddclient issue. You may therefore excuse my amateurism when trying to describe my problem
I hope You also can stand my novel-like length of the problem decription!
Since last spring I haven't started up my SMS-2.0.9 server till now in february.
I rent a domain and DNS-service for my SMS-2.0.9 server from a swedish webhotel since 2013. (2017 I also rent UNIX-space for the most of my site. I didn't want to leave my home server on when I leave for vacation.) -Last spring 2018 the webhotel upgraded their servers to TLS1_2 strict, that is with no tolerance for TLS1_1. As a concequence I could no longer administer my rented hotel space from OS X 10.7. Found a way to deal with that without upgrading my OS X (I had too many expensive applications installed that I should loose after upgrading.)
When starting up SMS now in february I noticed 2 things, I had to upgrade tor, and that ddclient didn't manage to update my IP.
/tmp/ddclient.cache contained no IP
When examining /var/log/messages I found ddclient could not connect to my webhotels dns-server.
Apr 4 10:36:30 fserver ddclient[1471]: WARNING: cannot send to dyndns.loopia.se:443 (Bad file descriptor).
Apr 4 10:36:30 fserver ddclient[1471]: FAILED: updating lee-mactux.org,www.lee-mactux.org: Could not connect to dyndns.loopia.se.
This is after upgrading ddclient to 3.8.3 and having changed dns.server description i ddclient.conf to dyndns.loopia.se.
The logs looked the same in febrary when I had ddclient-3.8.2 installed and the server name was dns.loopia.se.
I've been in contact with Loopias 2nd line support since 1½ week, they've suggested different configurations, but none of them worked. The've so far failed to find an explanation to the log lines. File descriptor is correct, have added full path to the *.php file where ddclient should write, but fails. They have managed to follow my different trials in their logs.
Up to april last year Ive never had any problems with ddclient updating my IP through ssl (ssl=yes).
By this time I had come to wonder about their server upgrade to TLS1_2. Could it be so that my ddclient for some reason couldn't manage TLS1_2? Therefore the upgrade to 3.8.3. Without any success. I thought about my OpenSSL version:
I've got openssl-1.0.2j-i486-1sms in SMS-2.0.9.
As far as I can read it should be able to handle TLS1_2
https://stackoverflow.com/questions/27430158/list-supported-ssl-tls-versions-for-a-specific-openssl-build
I also studied https://www.openssl.org/news/changelog.html and found that the link above had written correctly
"Openssl versions till 1.0.0h supports SSLv2, SSLv3 and TLSv1.0. From Openssl 1.0.1 onward support for TLSv1.1 and TLSv1.2 is added."
From my experiences with the TLS problems in OS X, I had come to wonder if it perhaps could be so that upgrading the SSL/TLS-software (in SLackware OpenSSL) is not enough? That there are certain features in the Operation system that also is required when it comes to handle TLS1_2 connections?
And here comes my amateurish way of formulating the question:
Could it be so that -if I take the openssl version you suggested openssl-1.0.2n- that a Slackware-14.2 system with openssl-1.0.2n manages TLS1_2, but a
Slackware-14.0 system with openssl-1.0.2n doesn't?
-I hesitate upgrading openssl. I thankfully remember when You 2014 helped me to simulate an openssl upgrade in a virtual SMS-1.6.0! It worked, but it was not unproblematical. Besides my openssl-1.0.2j-i486-1sms should be capable of handling TLS1_2.
Best regards
Lars
PS. I've found a solution for ddclient, but not one I like. I can let it connect to my dns-server through port 80 (ssl=no). DS.
|
|
Back to top |
|
Lars Senior Member
Joined: 25 Oct 2010 Posts: 136
|
Posted: Thu Apr 11, 2019 11:59 am Post subject: |
|
|
Some additional information,
Together with a Slackware friend I went through my installed packages in SMS-2.0.9 and compared the versions with Slackware 14.0 and his full Slackware 14.2:
Here is what we found
SMS/ 14.0/ 14.2
ddclient-3.8.3-noarch-1_SBo/ old, but the latest/
perl-io-socket-ssl-1.74-noarch-1sms/ - / 2.066 ! SBo
perl-net-libidn-0.12-i486-1sms/ -/ 0.12 SBo
perl-net-ssleay-1.48-i486-1sms/ n/a/ 1.81 ! - but
Net-SSLeay/ -/ 1.81 SBo is it equal?
gnutls-3.0.23-i486-1sms/ 3.3.26/ 3.6.7 !
openssl-1.0.2j-i486-1sms/ 1.0.1c/ 1.0.2h
I did at first not realize that gnutls was involved in SSL/TLS handling, but when I read gnutls.org it certainly seems so
Could it be an idea to upgrade gnutls? The difference in version number really sticks out.
Could it lead to problems with other packages in SMS? openssl, httpd, tor, et c?
That I have to rebuild ddclient I understand. If I upgrade gnutls, what version should I use? 3.3.26 is a patch for the version I've got. 3.6.7 is a similar patch for 14.2 version 3.4.13.
The other version differences that stick out are
perl-io-socket-ssl and perl-net-ssleay. The later perl-net-ssleay I could't find i Slackbuilds? Only Net-SSLeay; 1.55 for Slackware 14.0, 1.81 for Slackware 14.2.
This was just an idea from my side. Could my old per-io-socket-ssl, perl-net-ssleay and gnutls be an explanation to my TLS 1.2-problems? -Do You think the upgrades would affect many other functions in my SMS? I mostly use httpd, vsftpd, tor and ddclient.
Best regards
Lars
|
|
Back to top |
|
gerasimos_h Site Admin
Joined: 09 Aug 2007 Posts: 1757 Location: Greece
|
Posted: Thu Apr 18, 2019 10:10 am Post subject: |
|
|
Sorry for the late reply, been busy with many stuff and forgot it..
GnuTLS should be no problem, as it supports tls-1.2 from version 2.x.
Since ddclient is a perl script you should try to upgrade perl modules that are affected e.g. with
Code: | perl -MCPAN -e install IO::Socket::SSL |
and upgrade possible dependencies, or use cpan2tgz instead...
gerasimos_h
_________________ Superb! Mini Server Project Manager
http://sms.it-ccs.com |
|
Back to top |
|
Lars Senior Member
Joined: 25 Oct 2010 Posts: 136
|
|
Back to top |
|
Lars Senior Member
Joined: 25 Oct 2010 Posts: 136
|
Posted: Fri Nov 08, 2019 12:45 am Post subject: |
|
|
Dear gerasimos_h!
Well, I followed my assumptions, removed ddclient and it's previous dependencies, and rebuilt ddclient and it's dependencies from "bottom and up" with no improvement. ddclient still cannot connect to my DNS-server using ssl/tls-1.2.
Best regards
Lars
|
|
Back to top |
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You can attach files in this forum You can download files in this forum
|
|
|
|
SMS - Superb! Mini Server Project © 2016
Powered by phpBB © 2001, 2002 phpBB Group
iCGstation v1.0 Template By Ray © 2003, 2004 iOptional
|
|
|
|