Back to your phpLogCon instanceHi,
I have the same problem here, but work well with the latest git. Will you release soon a 3.19.8 version ?
Thanks for your great work.
MonitorWare Knowledge Base
Your first source for knowledge
Can't get TLS to work - "unsupported version" error
Moderator: rgerhards
10 posts • Page 1 of 1
Professional Services Information
- Custom written rsyslog.conf?
- Maintenance Contract?
- Installation support?
Re: Can't get TLS to work
by saispo on Tue Jul 01, 2008 10:01 am
I apply all the patch and use your rsyslog 3.19.8 Test 1 package but i have the same error... Have you an idea ?
2989.871893973:imtcp.c: New connect on NSD 0x80dffd0.
2989.871918907:imtcp.c: GTLS certificate file: '/etc/rsyslog-ca/machine-cert.pem'
2989.871935953:imtcp.c: GTLS key file: '/etc/rsyslog-ca/machine-key.pem'
2989.874523305:imtcp.c: GnuTLS handshake does not complete immediately - setting to retry (this is OK and normal)
2989.874597510:imtcp.c: hasRcvInBuffer on nsd 0x80dad20: pszRcvBuf (nil), lenRcvBuf 0
2989.874619991:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.874640455:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
2989.874659816:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.874680094:imtcp.c: hasRcvInBuffer on nsd 0x80f9b70: pszRcvBuf (nil), lenRcvBuf 0
2989.874702571:imtcp.c: nsdsel_gtls.c:110: Select: var 'pThis->iBufferRcvReady'[%d]: 0
2989.874722220:imtcp.c: --------<NSDSEL_PTCP> calling select, active fds (max 27): 5 6 27
2989.875240159:imtcp.c: hasRcvInBuffer on nsd 0x80dad20: pszRcvBuf (nil), lenRcvBuf 0
2989.875267427:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
2989.875287941:imtcp.c: hasRcvInBuffer on nsd 0x80f9b70: pszRcvBuf (nil), lenRcvBuf 0
2989.875305446:imtcp.c: GnuTLS requested retry of 1 operation - executing
2989.875361974:imtcp.c: unexpected GnuTLS error -9 in nsdsel_gtls.c:166: A TLS packet with unexpected length was received.
2989.875394445:imtcp.c: hasRcvInBuffer on nsd 0x80dad20: pszRcvBuf (nil), lenRcvBuf 0
2989.875413264:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.875432135:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
2989.875450284:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.875469447:imtcp.c: hasRcvInBuffer on nsd 0x80f9b70: pszRcvBuf (nil), lenRcvBuf 0
2989.875487570:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.875506893:imtcp.c: nsdsel_gtls.c:110: Select: var 'pThis->iBufferRcvReady'[%d]: 0
2989.875525170:imtcp.c: --------<NSDSEL_PTCP> calling select, active fds (max 27): 5 6 27
2989.875581016:imtcp.c: hasRcvInBuffer on nsd 0x80dad20: pszRcvBuf (nil), lenRcvBuf 0
2989.875600695:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
2989.875620636:imtcp.c: hasRcvInBuffer on nsd 0x80f9b70: pszRcvBuf (nil), lenRcvBuf 0
2989.875639197:imtcp.c: netstream 0x80f9ea8 with new data
2989.875658479:imtcp.c: gtlsRcv return. nsd 0x80f9b70, iRet -2089, lenRcvBuf 0, ptrRcvBuf 0
2989.875680163:imtcp.c: Called LogError, msg: netstream session 0x80f9ea8 will be closed due to error [-2089]
Thanks
2989.871893973:imtcp.c: New connect on NSD 0x80dffd0.
2989.871918907:imtcp.c: GTLS certificate file: '/etc/rsyslog-ca/machine-cert.pem'
2989.871935953:imtcp.c: GTLS key file: '/etc/rsyslog-ca/machine-key.pem'
2989.874523305:imtcp.c: GnuTLS handshake does not complete immediately - setting to retry (this is OK and normal)
2989.874597510:imtcp.c: hasRcvInBuffer on nsd 0x80dad20: pszRcvBuf (nil), lenRcvBuf 0
2989.874619991:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.874640455:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
2989.874659816:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.874680094:imtcp.c: hasRcvInBuffer on nsd 0x80f9b70: pszRcvBuf (nil), lenRcvBuf 0
2989.874702571:imtcp.c: nsdsel_gtls.c:110: Select: var 'pThis->iBufferRcvReady'[%d]: 0
2989.874722220:imtcp.c: --------<NSDSEL_PTCP> calling select, active fds (max 27): 5 6 27
2989.875240159:imtcp.c: hasRcvInBuffer on nsd 0x80dad20: pszRcvBuf (nil), lenRcvBuf 0
2989.875267427:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
2989.875287941:imtcp.c: hasRcvInBuffer on nsd 0x80f9b70: pszRcvBuf (nil), lenRcvBuf 0
2989.875305446:imtcp.c: GnuTLS requested retry of 1 operation - executing
2989.875361974:imtcp.c: unexpected GnuTLS error -9 in nsdsel_gtls.c:166: A TLS packet with unexpected length was received.
2989.875394445:imtcp.c: hasRcvInBuffer on nsd 0x80dad20: pszRcvBuf (nil), lenRcvBuf 0
2989.875413264:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.875432135:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
2989.875450284:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.875469447:imtcp.c: hasRcvInBuffer on nsd 0x80f9b70: pszRcvBuf (nil), lenRcvBuf 0
2989.875487570:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
2989.875506893:imtcp.c: nsdsel_gtls.c:110: Select: var 'pThis->iBufferRcvReady'[%d]: 0
2989.875525170:imtcp.c: --------<NSDSEL_PTCP> calling select, active fds (max 27): 5 6 27
2989.875581016:imtcp.c: hasRcvInBuffer on nsd 0x80dad20: pszRcvBuf (nil), lenRcvBuf 0
2989.875600695:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
2989.875620636:imtcp.c: hasRcvInBuffer on nsd 0x80f9b70: pszRcvBuf (nil), lenRcvBuf 0
2989.875639197:imtcp.c: netstream 0x80f9ea8 with new data
2989.875658479:imtcp.c: gtlsRcv return. nsd 0x80f9b70, iRet -2089, lenRcvBuf 0, ptrRcvBuf 0
2989.875680163:imtcp.c: Called LogError, msg: netstream session 0x80f9ea8 will be closed due to error [-2089]
Thanks
- saispo
- Avarage
- Posts: 18
- Joined: Tue Jun 17, 2008 1:27 pm
Re: Can't get TLS to work
by rgerhards on Tue Jul 01, 2008 11:23 am
The official 3.19.8 will probably be released today, tomorrow at latest. So if everything works with the current git HEAD, no need to worry 
If the git HEAD does not work, please let me know, I'd eventually hold release than.
Thanks,
Rainer
If the git HEAD does not work, please let me know, I'd eventually hold release than.Thanks,
Rainer
-
rgerhards - Site Admin
- Posts: 1780
- Joined: Thu Feb 13, 2003 11:57 am
Re: Can't get TLS to work
by saispo on Tue Jul 01, 2008 1:03 pm
How do you compil git HEAD ?
I clone it, and use autotools but i've an error with automake, i add "--add-missing" but configure say : config.status: error: cannot find input file: Makefile.in
I hope some help please
I clone it, and use autotools but i've an error with automake, i add "--add-missing" but configure say : config.status: error: cannot find input file: Makefile.in
I hope some help please
- saispo
- Avarage
- Posts: 18
- Joined: Tue Jun 17, 2008 1:27 pm
Re: Can't get TLS to work
by rgerhards on Tue Jul 01, 2008 1:09 pm
Looks like I misunderstood you. I thought you already had it compiled.
The overall idea is to do "autoreconf -vfi" first, then the usual ./configure stuff. If that doesn't work, don't bother. I am right now doing the finishing touches, so there soon will be an official 3.19.8 tarball (OK, this way I can not do the final check, but then we could report a bug against the official release).
The overall idea is to do "autoreconf -vfi" first, then the usual ./configure stuff. If that doesn't work, don't bother. I am right now doing the finishing touches, so there soon will be an official 3.19.8 tarball (OK, this way I can not do the final check, but then we could report a bug against the official release).
-
rgerhards - Site Admin
- Posts: 1780
- Joined: Thu Feb 13, 2003 11:57 am
Re: Can't get TLS to work
by saispo on Tue Jul 01, 2008 1:10 pm
Excuse me... i miss "libtoolize" 
But i have an error with the git 'HEAD'...
omlibdbi.c: Dans la fonction «reportDBError» :
omlibdbi.c:136: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:136: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
omlibdbi.c:144: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:144: attention : le format n'est pas une chaîne littérale et pas d'argument de format
omlibdbi.c: Dans la fonction «initConn» :
omlibdbi.c:170: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:170: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
omlibdbi.c:173: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:173: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
omlibdbi.c:185: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:185: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
omlibdbi.c: Dans la fonction «parseSelectorAct» :
omlibdbi.c:275: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:275: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
make[3]: *** [omlibdbi_la-omlibdbi.lo] Erreur 1
make[3]: quittant le répertoire « /home/eole/Compil/Recompilation/rsyslog/rsyslog-3.19.8.1/plugins/omlibdbi »
make[2]: *** [all-recursive] Erreur 1
make[2]: quittant le répertoire « /home/eole/Compil/Recompilation/rsyslog/rsyslog-3.19.8.1 »
make[1]: *** [all] Erreur 2
make[1]: quittant le répertoire « /home/eole/Compil/Recompilation/rsyslog/rsyslog-3.19.8.1 »
make: *** [build-stamp] Erreur 2
debuild: fatal error at line 1247:
debian/rules build failed
Erreur de compilation du paquet
But i have an error with the git 'HEAD'...
omlibdbi.c: Dans la fonction «reportDBError» :
omlibdbi.c:136: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:136: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
omlibdbi.c:144: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:144: attention : le format n'est pas une chaîne littérale et pas d'argument de format
omlibdbi.c: Dans la fonction «initConn» :
omlibdbi.c:170: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:170: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
omlibdbi.c:173: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:173: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
omlibdbi.c:185: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:185: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
omlibdbi.c: Dans la fonction «parseSelectorAct» :
omlibdbi.c:275: attention : passing argument 2 of «errmsg.LogError» makes integer from pointer without a cast
omlibdbi.c:275: erreur: trop peu d'arguments pour la fonction «errmsg.LogError»
make[3]: *** [omlibdbi_la-omlibdbi.lo] Erreur 1
make[3]: quittant le répertoire « /home/eole/Compil/Recompilation/rsyslog/rsyslog-3.19.8.1/plugins/omlibdbi »
make[2]: *** [all-recursive] Erreur 1
make[2]: quittant le répertoire « /home/eole/Compil/Recompilation/rsyslog/rsyslog-3.19.8.1 »
make[1]: *** [all] Erreur 2
make[1]: quittant le répertoire « /home/eole/Compil/Recompilation/rsyslog/rsyslog-3.19.8.1 »
make: *** [build-stamp] Erreur 2
debuild: fatal error at line 1247:
debian/rules build failed
Erreur de compilation du paquet
- saispo
- Avarage
- Posts: 18
- Joined: Tue Jun 17, 2008 1:27 pm
Re: Can't get TLS to work
by saispo on Tue Jul 01, 2008 2:39 pm
Same error on TLS with latest git 'HEAD' 
- Code: Select all
9605.517078145:imtcp.c: --------<NSDSEL_PTCP> calling select, active fds (max 6): 5 6
9605.541139844:imtcp.c: hasRcvInBuffer on nsd 0x80dad10: pszRcvBuf (nil), lenRcvBuf 0
9605.541171231:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
9605.541191471:imtcp.c: New connect on NSD 0x80e0030.
9605.541216159:imtcp.c: GTLS certificate file: '/etc/rsyslog-ca/machine-cert.pem'
9605.541233141:imtcp.c: GTLS key file: '/etc/rsyslog-ca/machine-key.pem'
9605.543898562:imtcp.c: GnuTLS handshake does not complete immediately - setting to retry (this is OK and normal)
9605.543972569:imtcp.c: hasRcvInBuffer on nsd 0x80dad10: pszRcvBuf (nil), lenRcvBuf 0
9605.543994705:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
9605.544015312:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
9605.544034482:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
9605.544054936:imtcp.c: hasRcvInBuffer on nsd 0x8150018: pszRcvBuf (nil), lenRcvBuf 0
9605.544076706:imtcp.c: nsdsel_gtls.c:110: Select: var 'pThis->iBufferRcvReady'[%d]: 0
9605.544096025:imtcp.c: --------<NSDSEL_PTCP> calling select, active fds (max 27): 5 6 27
9605.548743649:imtcp.c: hasRcvInBuffer on nsd 0x80dad10: pszRcvBuf (nil), lenRcvBuf 0
9605.548891707:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
9605.549011580:imtcp.c: hasRcvInBuffer on nsd 0x8150018: pszRcvBuf (nil), lenRcvBuf 0
9605.549124844:imtcp.c: GnuTLS requested retry of 1 operation - executing
9605.549275671:imtcp.c: unexpected GnuTLS error -8 in nsdsel_gtls.c:166: A record packet with illegal version was received.
9605.549406384:imtcp.c: hasRcvInBuffer on nsd 0x80dad10: pszRcvBuf (nil), lenRcvBuf 0
9605.549507626:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
9605.549587378:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
9605.549606357:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
9605.549625060:imtcp.c: hasRcvInBuffer on nsd 0x8150018: pszRcvBuf (nil), lenRcvBuf 0
9605.549642401:imtcp.c: nsdsel_gtls.c:94: Add: var 'pThis->iBufferRcvReady'[%d]: 0
9605.549661508:imtcp.c: nsdsel_gtls.c:110: Select: var 'pThis->iBufferRcvReady'[%d]: 0
9605.549678830:imtcp.c: --------<NSDSEL_PTCP> calling select, active fds (max 27): 5 6 27
9605.549731628:imtcp.c: hasRcvInBuffer on nsd 0x80dad10: pszRcvBuf (nil), lenRcvBuf 0
9605.549750249:imtcp.c: hasRcvInBuffer on nsd 0x80dd258: pszRcvBuf (nil), lenRcvBuf 0
9605.549768798:imtcp.c: hasRcvInBuffer on nsd 0x8150018: pszRcvBuf (nil), lenRcvBuf 0
9605.549786102:imtcp.c: netstream 0x814c540 with new data
9605.549804135:imtcp.c: gtlsRcv return. nsd 0x8150018, iRet -2089, lenRcvBuf 0, ptrRcvBuf 0
9605.549824046:imtcp.c: Called LogError, msg: netstream session 0x814c540 will be closed due to error
- saispo
- Avarage
- Posts: 18
- Joined: Tue Jun 17, 2008 1:27 pm
Re: Can't get TLS to work
by rgerhards on Tue Jul 01, 2008 2:42 pm
umm... I just released 3.19.8... Anyhow. Could you give the official tarball a try (even though I think it makes no difference). Also, I'd appreciate a complete debug log so that I can see how it involves (the excerpt does not yet point me to anything). Client and server config would also be good. If you prefer, you can mail me this material at rgerhards-at-gmail.com.
Anyhow. Could you give the official tarball a try (even though I think it makes no difference). Also, I'd appreciate a complete debug log so that I can see how it involves (the excerpt does not yet point me to anything). Client and server config would also be good. If you prefer, you can mail me this material at rgerhards-at-gmail.com.-
rgerhards - Site Admin
- Posts: 1780
- Joined: Thu Feb 13, 2003 11:57 am
Re: Can't get TLS to work
by rgerhards on Tue Jul 01, 2008 2:46 pm
Maybe I don't need the full server debug log. I checked, error code -8 is GNUTLS_E_UNSUPPORTED_VERSION_PACKET. It looks like there is a version mismatch between client and server. So both configs are definitely useful. Also, a debug log of the client would be good.
-
rgerhards - Site Admin
- Posts: 1780
- Joined: Thu Feb 13, 2003 11:57 am
Google Ads
10 posts • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests
