[Modules] packaging for Fedora Core 11

Erick Calder e at arix.com
Fri Sep 11 23:52:42 EDT 2009

I'm attempting to package this module as an RPM for the Fedora  
distribution.  I've come across some problems I need help with:

1. relocation of the install seems ignored... if I run:

make DESTDIR=/tmp install

the makefile still attempts to install to /usr.  this is problematic  
for building RPMs but I don't know enough about automake to patch the  
needed files.

2. SRP seemed to fail when the module tried to load, complaining about  
a missing function gnutls_srp_server_get_username.  is there something  
else I need to have installed or is it a bug? I've compiled with -- 
disable-srp for now but would like to figure out whether there is a  
hard dependency I should respect

3.  the document below indicates that without the dhfile or rsafile,  
the module will never work.  however, after making those files don't  
get created... are they no longer needed or is something wrong with my  


4. I've set up a session cache via the command below:

GnuTLSCache dbm "/var/cache/mod_gnutls"

however the directory remains empty after I restart the server and  
instead I see two files: mod_gnutls.dir and mod_gnutls.pag in /var/ 
cache... this seems wrong?

5. I've placed the following assertives in one of my virtual hosts:

GnuTLSEnable on
GnuTLSCertificateFile /path/to/my/crt
GnuTLSKeyFile /path/to/my/key

but when I visit the virtual host, the following shows up on the logs:

[Fri Sep 11 20:09:49 2009] [error] GnuTLS: Hanshake Alert (42)  
'Certificate is bad'.
[Fri Sep 11 20:09:49 2009] [error] [client] GnuTLS:  
Handshake Failed (-12) 'A TLS fatal alert has been received.'

the domain is one of two that I'm using to test.  one of them works,  
the other doesn't.  the certificates were generated in the same way  
and signed by the same CA.  what could be the matter here?

I found this:


which seems somewhat relevant but my tarball doesn't have an  
auth_cert.c - help?

6. By turning off GnuTLS on the domain that works ok, I get the  
message below from the second domain:

SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)

ok.  enough for now.  hope someone can help. sigh.

- e
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.outoforder.cc/pipermail/modules/attachments/20090911/ee1a661e/attachment.html 

More information about the Modules mailing list