View Issue Details

IDProjectCategoryView StatusLast Update
0000479LDMud 3.3Compilation, Installationpublic2018-01-29 21:57
Reporterlynx Assigned ToGnomi  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version3.3.713 
Summary0000479: disable TLS at runtime no longer possible
Descriptionin earlier versions of ldmud you just needed to leave out --tls-key
and the driver would not activate its TLS abilities. nowadays the
behaviour has changed, openSSL looks for default certificates and
complains if it doesn't find any.

we find it very practical to compile ldmud with TLS because the admin
might at a later time decide to use it and can then simply activate it
in the configuration files.

so we think either openSSL should not complain after not being successful,
or we should be able to provide a --no-tls flag to the driver.
of course we can also redirect ldmud output to /dev/null ... ;)
then the admin will never know what went wrong.. like with a microsoft product.
Additional Informationthis sort of output is making casual new ldmud users nervous:

2006.07.19 17:51:44 LDMud 3.3.714 (Build 2308) (development)
2006.07.19 17:51:44 TLS: (OpenSSL) x509 keyfile 'key.pem', certfile 'cert.pem'
2006.07.19 17:51:44 TLS: (OpenSSL) trusted x509 certificates from directory '/et
c/ssl/certs'.
2006.07.19 17:51:44 TLS: Error setting x509 keyfile:
2006.07.19 17:51:44 TLS: SSL error:02001002:system library:fopen:No such file or
 directory.
2006.07.19 17:51:44 TLS: SSL error:20074002:BIO routines:FILE_CTRL:system lib.
2006.07.19 17:51:44 TLS: SSL error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_
file:system lib.
2006.07.19 17:51:44 Random seed: 0x44be4700
2006.07.19 17:51:44 Attempting to start erq '/home/nt/psyced/bin-linux/erq'.
TagsNo tags attached.

Activities

fippo

2006-08-16 01:55

reporter   ~0000514

tls is disabled, as the driver does not find the default certificate files.
Are you sure that previous versions simply disabled tls and did not generate error messages?

Gnomi

2009-05-19 15:40

manager   ~0001120

TLS can now be deactivated by default using configure (--with-tls-keyfile=no) and still used using the command line option --tls-key. (The other way around is also possible using '--tls-key none' on the command line to deactivate it.)

Committed as r2590.

Issue History

Date Modified Username Field Change
2006-07-19 09:07 lynx New Issue
2006-08-16 01:55 fippo Note Added: 0000514
2008-12-26 17:34 Gnomi Status new => assigned
2008-12-26 17:34 Gnomi Assigned To => Gnomi
2009-05-19 15:40 Gnomi Note Added: 0001120
2009-05-19 15:40 Gnomi Status assigned => resolved
2009-05-19 15:40 Gnomi Resolution open => fixed
2010-11-16 09:42 Gnomi Source_changeset_attached => ldmud.git master f462aa94
2018-01-29 18:59 Gnomi Source_changeset_attached => ldmud.git master f462aa94
2018-01-29 21:57 Gnomi Source_changeset_attached => ldmud.git master f462aa94