[Modules] mod-gnutls 'SSL_SRP_USER' and ModPython
Ambrose Andrews
ambrose-bulk at vrvl.net
Sat Jul 26 06:54:54 EDT 2008
Hi...
I run Debian 'Lenny' testing with:
Apache2 v 2.2.9
Mod-Python v 3.3.1
Mod-GnuTLS v 0.5.1
I've struck some mod-gnutls specific trouble in interaction with
modpython - see this traceback:
"""
MOD_PYTHON ERROR
ProcessId: 15879
Interpreter: 'CRYPTO'
ServerName: 'www.pathogens.vrvl.net'
DocumentRoot: '/var/www/SSL_www.zed.vrvl.net/'
URI: '/'
Location: '/'
Directory: None
Filename: '/var/www/SSL_www.zed.vrvl.net/'
PathInfo: ''
Phase: 'PythonHandler'
Handler: 'django.core.handlers.modpython'
Traceback (most recent call last):
File "/usr/lib/python2.5/site-packages/mod_python/importer.py", line
1537, in HandlerDispatch
default=default_handler, arg=req, silent=hlist.silent)
File "/usr/lib/python2.5/site-packages/mod_python/importer.py", line
1229, in _process_target
result = _execute_target(config, req, object, arg)
File "/usr/lib/python2.5/site-packages/mod_python/importer.py", line
1128, in _execute_target
result = object(arg)
File "/var/lib/python-support/python2.5/django/core/handlers/modpython.py",
line 177, in handler
return ModPythonHandler()(req)
File "/var/lib/python-support/python2.5/django/core/handlers/modpython.py",
line 137, in __call__
os.environ.update(req.subprocess_env)
File "/usr/lib/python2.5/os.py", line 489, in update
self[k] = dict[k]
File "/usr/lib/python2.5/os.py", line 474, in __setitem__
putenv(key, item)
TypeError: putenv() argument 2 must be string, not None
"""
So to investigate, from inside a modpython script I get this output
for str(req.subprocess_env):
{
'SCRIPT_NAME': '/',
'REQUEST_URI': '/',
'QUERY_STRING': '',
'REQUEST_METHOD': 'GET',
'SERVER_PROTOCOL': 'HTTP/1.1',
'GATEWAY_INTERFACE': 'CGI/1.1',
'SSL_SERVER_S_AN1': 'UNSUPPORTED',
'SSL_SERVER_S_AN0': 'DNSNAME:*.pathogens.vrvl.net',
'SSL_SERVER_A_KEY': 'RSA',
'SSL_SERVER_A_SIG': 'RSA-SHA',
'SSL_SERVER_V_START': 'Jul 21 10:36:39 2008 EST',
'SSL_SERVER_V_END': 'Jul 21 10:36:39 2010 EST',
'SSL_SERVER_CERT_TYPE': 'X.509',
'SSL_SERVER_M_VERSION': '3',
'SSL_SERVER_M_SERIAL': '5B8F',
'SSL_SERVER_I_DN': 'O=CAcert Inc.,OU=http://www.CAcert.org,CN=CAcert
Class 3 Root',
'SSL_SERVER_S_DN': 'CN=*.pathogens.zed.vrvl.net',
'SSL_SESSION_ID':
'2352784F1DDE3AA3687B3ED53D6C7055CBC3BA2F80B13B58760B9C33B9413EA2',
'SSL_CIPHER_EXPORT': 'false',
'SSL_CIPHER_ALGKEYSIZE': '256',
'SSL_CIPHER_USEKEYSIZE': '256',
'SSL_CLIENT_VERIFY': 'NONE',
'SSL_SRP_USER': None,
'SSL_COMPRESS_METHOD': 'NULL',
'SSL_CIPHER': 'DHE_RSA_AES_256_CBC_SHA1',
'SSL_PROTOCOL': 'SSL3.0',
'SSL_VERSION_INTERFACE': 'mod_gnutls/0.5.1',
'SSL_VERSION_LIBRARY': 'GnuTLS/2.2.1',
'HTTPS': 'on'
}
and was offered the following observation in the Django irc channel:
"""
19:47 < Magus-> aha
19:47 < Magus-> SSL_SRP_USER is being set wrong
19:48 < Magus-> it is None instead of a string like "NONE" like
SSL_CLIENT_VERIFY is set to
19:48 < Magus-> since you can't update environ with None as an env var value
19:51 < Magus-> its probably an issue in the module though, unless its
the modpython handler replacing None with 'NONE' on the other bits
"""
So I don't know if the problem is modpython not dealing with an exotic
environment variable it doesn't get from mod-ssl or whether it is a
mod-gnutls inconsistency. Anyone know?
-AA.
--
Ambrose Andrews
LPO box 8274 ANU Acton ACT 0200 Australia
http://www.vrvl.net/~ambrose/
mailto:ambrose at vrvl.net
home:+61_262305976
work:+61_261256749
mobile:+61_415544621
irc:{undernet|freenode|oftc}:znalo
xmpp:ambrose at jabber.fsfe.org
sip:znalo at ekiga.net
CE38 8B79 C0A7 DF4A 4F54 E352 2647 19A1 DB3B F823
556A 6D19 0904 827C 9DB8 3697 32D0 1E11 403F 2BE1
More information about the Modules
mailing list