OK great, thanks for those pointers. I will have a look at this through the week, so will get back to you with what I find.
Philip On 6/1/20 8:03 PM, Martin Simmons wrote: > The warning about term.h should be OK. > > There are no useful debug messages in the TLS code, but it looks like the > Director is sending non-TLS messages back to the console (that is a common > reason for "routines:ssl3_get_record:wrong version number" in OpenSSL). > > I think you will have to run bacula-dir under gdb. It looks like stepping > through the functions bnet_tls_server and tls_bsock_accept might show where > the problem occurs. > > __Martin > > >>>>>> On Mon, 1 Jun 2020 17:40:25 +0200, Philip Brown said: >> Hi Martin, >> >> I tried this earlier on to trick "./configure" and led to failure in >> operation. >> >> However, I have tried again with your suggestion, it builds fine. Only >> the following warnings, which I assume are not related: >> >> configure: WARNING: term.h: present but cannot be compiled >> configure: WARNING: term.h: check for missing prerequisite headers? >> configure: WARNING: term.h: see the Autoconf documentation >> configure: WARNING: term.h: section "Present But Cannot Be Compiled" >> configure: WARNING: term.h: proceeding with the compiler's result >> >> As when I "tricked" configure earlier, I again get the following on >> connecting from bconsole: >> >> root@pops:~# bacula-dir -d 99 -c /etc/opt/ooce/bacula/bacula-dir.conf >> bacula-dir: dird.c:219-0 Debug level = 99 >> root@pops:~# bacula-dir: address_conf.c:274-0 Initaddr 0.0.0.0:9101 >> bacula-dir: dir_plugins.c:151-0 Load Director plugins >> bacula-dir: dir_plugins.c:153-0 No Director plugin directory! >> bacula.pbdigital.org-dir: bnet_server.c:86-0 Addresses 0.0.0.0:9101 >> bacula.pbdigital.org-dir: cram-md5.c:69-0 send: auth cram-md5 challenge >> <1363275624.1591024...@bacula.pbdigital.org-dir> ssl=2 >> bacula.pbdigital.org-dir: cram-md5.c:157-0 sending resp to challenge: >> UmY2x6/F4y/QY7+XMw+gpD >> bacula.pbdigital.org-dir: authenticate.c:437-0 TLS negotiation failed. >> bacula.pbdigital.org-dir: authenticate.c:451-0 Unable to authenticate >> console "*UserAgent*" at client:192.168.100.1:44418. >> ^C >> >> This is the error from the client: >> >> Connecting to Director bacula.bcn.pbdigital.org:9101 >> bconsole: bsockcore.c:410-0 OK connected to server Director daemon >> bacula.bcn.pbdigital.org:9101. >> bconsole: cram-md5.c:157-0 sending resp to challenge: RE+YB90dLD/KtW+d47+z3A >> bconsole: cram-md5.c:76-0 send: auth cram-md5 challenge >> <601611756.1591024858@bconsole> ssl=2 >> bconsole: cram-md5.c:95-0 Authenticate OK UmY2x6/F4y/QY7+XMw+gpD >> bconsole: openssl.c:67-0 jcr=0 Connect failure: ERR=error:1408F10B:SSL >> routines:ssl3_get_record:wrong version number >> TLS negotiation failed >> Director authorization problem. >> Most likely the passwords do not agree. >> If you are using TLS, there may have been a certificate validation error >> during the TLS handshake. >> For help, please see >> http://www.bacula.org/rel-manual/en/problems/Bacula_Frequently_Asked_Que.html >> >> >> To check that SSL is linked: >> >> >> root@pops:~# ldd `which bacula-dir` >> libbacfind-9.6.3.so => /opt/ooce/bacula/lib/libbacfind-9.6.3.so >> libbacsql-9.6.3.so => /opt/ooce/bacula/lib/libbacsql-9.6.3.so >> libbaccats-9.6.3.so => /opt/ooce/bacula/lib/libbaccats-9.6.3.so >> libbaccfg-9.6.3.so => /opt/ooce/bacula/lib/libbaccfg-9.6.3.so >> libbac-9.6.3.so => /opt/ooce/bacula/lib/libbac-9.6.3.so >> libz.so => /lib/64/libz.so >> libpthread.so.1 => /lib/64/libpthread.so.1 >> libnsl.so.1 => /lib/64/libnsl.so.1 >> libsocket.so.1 => /lib/64/libsocket.so.1 >> libxnet.so.1 => /lib/64/libxnet.so.1 >> libintl.so.1 => /lib/64/libintl.so.1 >> libresolv.so.2 => /lib/64/libresolv.so.2 >> libwrap.so.1 => /usr/lib/64/libwrap.so.1 >> libssl.so.1.1 => /lib/64/libssl.so.1.1 >> libcrypto.so.1.1 => /lib/64/libcrypto.so.1.1 >> libstdc++.so.6 => /usr/gcc/9/lib/amd64/libstdc++.so.6 >> libm.so.2 => /lib/64/libm.so.2 >> librt.so.1 => /lib/64/librt.so.1 >> libgcc_s.so.1 => /usr/gcc/9/lib/amd64/libgcc_s.so.1 >> libc.so.1 => /lib/64/libc.so.1 >> libpq.so.5 => /opt/ooce/pgsql-12/lib/libpq.so.5 >> libmp.so.2 => /lib/64/libmp.so.2 >> libmd.so.1 => /lib/64/libmd.so.1 >> >> root@pops:~# ldd `which bconsole` >> libreadline.so.8 => /usr/lib/64/libreadline.so.8 >> libncurses.so.6 => /usr/lib/64/libncurses.so.6 >> libbaccfg-9.6.3.so => /opt/ooce/bacula/lib/libbaccfg-9.6.3.so >> libbac-9.6.3.so => /opt/ooce/bacula/lib/libbac-9.6.3.so >> libwrap.so.1 => /usr/lib/64/libwrap.so.1 >> libz.so => /lib/64/libz.so >> libpthread.so.1 => /lib/64/libpthread.so.1 >> libnsl.so.1 => /lib/64/libnsl.so.1 >> libsocket.so.1 => /lib/64/libsocket.so.1 >> libxnet.so.1 => /lib/64/libxnet.so.1 >> libintl.so.1 => /lib/64/libintl.so.1 >> libresolv.so.2 => /lib/64/libresolv.so.2 >> libssl.so.1.1 => /lib/64/libssl.so.1.1 >> libcrypto.so.1.1 => /lib/64/libcrypto.so.1.1 >> libstdc++.so.6 => /usr/gcc/9/lib/amd64/libstdc++.so.6 >> libm.so.2 => /lib/64/libm.so.2 >> librt.so.1 => /lib/64/librt.so.1 >> libgcc_s.so.1 => /usr/gcc/9/lib/amd64/libgcc_s.so.1 >> libc.so.1 => /lib/64/libc.so.1 >> libmp.so.2 => /lib/64/libmp.so.2 >> libmd.so.1 => /lib/64/libmd.so.1 >> >> I have reverse dns set up and configs are fine, as it is same >> environment I have been using with my openssl with api=0.9.8. >> >> Not sure where in the code to look as this is far from my expertise =) >> >> Philip
pEpkey.asc
Description: application/pgp-keys
_______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
