Subject: Re: server crashes after upgrade to 942
The patch you applied will reduce the crashes to almost nil since it's only vulnerable at the split second the certificate is *actually* changed, but I'm going to go in and fix it right.
Thanks again for such an intelligently investigated bug report. You made it easy :)
Happy to help~
Thank you for your work on citadel!
Hi,
I'm using my own built 943 image without the update_key_and_cert_if_needed, and encountered another server crash. Here's the log.
In the past we went through this elaborate process of cleanly closing everything we opened - file handles, sockets, library functions, allocated memory -- so that we could run Valgrind and see if there were any memory leaks. This turned out to be quite a liability, because in production it would often take too long and the server process was killed either by the operator or by the system before it could get to the part where it closed the database. Once we decided to just go straight for the database we had a lot less people reporting that their databases got corrupted.
Newer code (particularly webcit-ng) simply reports the size of the heap from time to time so that we can observe if we have a memory leak. So far it's been a good strategy.
Yes I was shutting down the server, and it seems like doing double free in smtp_cleanup_function and server crashed there....If it happens again I'll try to get more information, I did forget to collect the ctdlvisor outputs this time(but not sure if this kind of server crash would have any..).
I just finished installing my server using the easyinstaller method and it installed successfully and is running. But when I logged in and entered my admin credentials, I don't see the main dashboard, I just see this message: didn't find Template [roombanner] 10 10. Not sure where to go from here....
I just finished installing my server on raspberrypi 3 using the easy installer method, and it installed successfully and is running, but when I login as admin, I don't see the dashboard, I just see this message: didn't find Template [roombanner] 10 10. Any idea as to what I have that's not setup right?
hi, i am new to citidel...i am trying to use the easy-install on a CentOS7 server. at some point in the process, i get this:
crypto.o: In function `bind_to_key_and_certificate':
/tmp/citadel-build.8827/webcit/crypto.c:39: undefined reference to `TLS_server_method'
collect2: error: ld returned 1 exit status
gmake: *** [webcit] Error 1
Citadel Easy Install is aborting.
The last few lines above this message may indicate what went wrong.
Linux RedHat 7.9.2009(Core 3.10.0-1160.49.1.el7.x86_64 x86_64)
can some one give me a hand with this, not sure where to go from here..
thanks in advance... here is a longer log paste
Compiler: gcc -I/usr/local/ctdlsupport/include -g -Wall -DHAVE_CONFIG_H -D_REENTRANT -c -o buildinfo
Linker: gcc -L/usr/local/ctdlsupport/lib -Wl,--rpath -Wl,/usr/local/ctdlsupport/lib -lssl -lcrypto -lexpat -lcitadel -lical -lz -lpthread
CC webserver.c
CC context_loop.c
CC ical_dezonify.c
CC cookie_conversion.c
CC locate_host.c
CC summary.c
CC webcit.c
CC auth.c
CC sockets.c
CC mainmenu.c
CC serv_func.c
CC who.c
CC marchlist.c
CC roomops.c
CC roomlist.c
CC roomtokens.c
CC roomviews.c
CC blogview_renderer.c
CC msg_renderers.c
CC jsonview_renderer.c
CC mailview_renderer.c
CC bbsview_renderer.c
CC messages.c
CC paging.c
CC sysmsgs.c
CC useredit.c
CC vcard_edit.c
vcard_edit.c: In function 'parse_vcard':
vcard_edit.c:424:6: warning: variable 'is_b64' set but not used [-Wunused-but-set-variable]
int is_b64 = 0;
^
CC preferences.c
CC html2html.c
CC listsub.c
CC roomchat.c
CC graphics.c
CC netconf.c
CC siteconfig.c
CC subst.c
CC calendar.c
CC calendar_tools.c
calendar_tools.c: In function 'partstat_as_string':
calendar_tools.c:195:2: warning: enumeration value 'ICAL_PARTSTAT_FAILED' not handled in switch [-Wswitch]
switch(partstat) {
^
CC calendar_view.c
CC tasks.c
CC event.c
CC smtpqueue.c
CC availability.c
CC iconbar.c
CC icontheme.c
CC crypto.c
crypto.c: In function 'bind_to_key_and_certificate':
crypto.c:39:2: warning: implicit declaration of function 'TLS_server_method' [-Wimplicit-function-declaration]
if (!(new_ctx = SSL_CTX_new(TLS_server_method()))) {
^
crypto.c:39:2: warning: passing argument 1 of 'SSL_CTX_new' makes pointer from integer without a cast [enabled by default]
In file included from webcit.h:95:0,
from crypto.c:14:
/usr/include/openssl/ssl.h:2087:10: note: expected 'const struct SSL_METHOD *' but argument is of type 'int'
SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
^
CC inetconf.c
CC notes.c
CC wiki.c
CC dav_main.c
CC dav_get.c
CC dav_propfind.c
CC dav_report.c
CC fmt_date.c
CC dav_options.c
CC autocompletion.c
CC gettext.c
CC tabs.c
CC sieve.c
CC sitemap.c
CC dav_delete.c
CC dav_put.c
CC http_datestring.c
CC downloads.c
CC addressbook_popup.c
CC pushemail.c
CC sysdep.c
CC openid.c
CC decode.c
CC modules_init.c
CC paramhandling.c
CC utils.c
Running scripts/get_ical_data.sh
CC ical_maps.c
CC ical_subst.c
CC static.c
CC feed_generator.c
LD: webcit
crypto.o: In function `bind_to_key_and_certificate':
/tmp/citadel-build.8827/webcit/crypto.c:39: undefined reference to `TLS_server_method'
collect2: error: ld returned 1 exit status
gmake: *** [webcit] Error 1
Citadel Easy Install is aborting.
The last few lines above this message may indicate what went wrong.
Linux RedHat 7.9.2009(Core 3.10.0-1160.49.1.el7.x86_64 x86_64)
[root@ffc-p-mail-1 ~]#
So I just got my server installed with the easyinstaller, and I want to know if its possible to change the server storage location or do I have to reinstall the whole process. If I run the setup command with the -hHome option will it just move the data storage location or will it do a new install and map to that location?
Subject: Re: easy-install of citidel on CentOS7 errors
/tmp/citadel-build.8827/webcit/crypto.c:39: undefined reference to
`TLS_server_method'
collect2: error: ld returned 1 exit status
gmake: *** [webcit] Error 1
Geez. Ok, I've just pushed an update to Easy Install to fix this, so you should be able to try again.
TLS_server_method() is supposed to be the replacement for SSLv23_server_method() but apparently CentOS 7 still has the old name and not the new one. They both do the same thing. Try it now.
Subject: Re: changing server storage location
So I just got my server installed with the easyinstaller, and I want
to know if its possible to change the server storage location or do I
have to reinstall the whole process. If I run the setup command
with the -hHome option will it just move the data storage location or
will it do a new install and map to that location?
The build you get with Easy Install really wants to use /usr/local/citadel, but if you specify another location it should work... just keep in mind that you'll need to move your data files there manually if you want to keep them.
Honestly though, you're probably better off symlinking /usr/local/citadel/data to the place where you want your data.
Wed Jan 12 2022 14:31:55 EST from IGnatius T Foobar Subject: Re: easy-install of citidel on CentOS7 errors/tmp/citadel-build.8827/webcit/crypto.c:39: undefined reference to
`TLS_server_method'
collect2: error: ld returned 1 exit status
gmake: *** [webcit] Error 1
Geez. Ok, I've just pushed an update to Easy Install to fix this, so you should be able to try again.
TLS_server_method() is supposed to be the replacement for SSLv23_server_method() but apparently CentOS 7 still has the old name and not the new one. They both do the same thing. Try it now.
hey, that did it....i was able to install and get into the gui...i did see some warnings in the install like this:
vcard_edit.c: In function 'parse_vcard':
vcard_edit.c:424:6: warning: variable 'is_b64' set but not used [-Wunused-but-set-variable]
int is_b64 = 0;
^
but since the install was successful...i guess i can ignore?
thanks again!
sorry for such a noob question, but i have looked at the faq and documentation...i don't see any mention of upgrades...so how do i do it?
thanks
sorry for such a noob question, but i have looked at the faq and
documentation...i don't see any mention of upgrades...so how do i do
it?
Depends on how you initially installed it.
If you originally used Easy Install, just run Easy Install again and it will do the right thing.
If you have the Docker image, just erase it and install the new image, and point it at your existing data directory.
Or if you used the Debian packages ... you've got some work to do because they're no longer maintained.
Ok so starting back up on trying to get a reverse proxy running here so i can everything on port 80 ( and 443 ), and just use DNS names to redirect internally.
For the most part its all setup again and was going down the list of apps to change over to 80. Got to citadel and i did a easy install/upgrade ( needed it anyway ) and switched it native from 8080 to 80. Works fine locally, or if change my router to not use the proxy and just redirect 8080 to 80. But if i hit it from the via proxy i get the below mess instead. ( and this worked last time i tried, but script kiddies were pounding my ports and killing the proxy )
Something obvious i'm missing before i waste a lot of time beating my head against the desk?
ya, i know, url is in the image, i dont care now, its public. . and no, not tackled ssl yet. I wanted to get everything running "regular" first.
Tinyproxy, configured to be a reverse proxy only. Stock config other than disabling forward proxy, adding the redirects, and adding a few extra threads. My other 3 apps, plus a extra 'test' one that was just listing the calling URL, are working at this point.
It worked last time i tried this, other than script kiddies flooding my port 80 and causing the proxy to die after about 10 minutes so i gave up at the time. But it was a good year or 2 ago, so an older version of citadel.
SYS_Citadel
Syslog has this when it works correctly.:
Jan 9 03:00:05 serv citserver[645]: citserver[645]: user_ops: <SYS_Citadel> is logged in; not deleting
Jan 9 03:00:05 serv citserver[645]: user_ops: <SYS_Citadel> is logged in; not deleting
Jan 9 03:00:05 serv citserver[645]: citserver[645]: Purged 1 users.
Jan 9 03:00:05 serv citserver[645]: Purged 1 users.
Jan 9 03:00:06 serv citserver[645]: citserver[645]: Expired 645 messages
Jan 19 03:00:57 server citserver[15494]: citserver[15494]: Purged 0 users.
Jan 19 03:00:57 server citserver[15494]: context: scheduled 1 idle sessions for termination
Jan 19 03:00:57 server citserver[15494]: Auto-purger: starting.
Jan 19 03:00:57 server citserver[15494]: Purged 0 users.
Jan 19 03:00:57 server citserver[15494]: citserver[15494]: context: [18720]SRV[SMTP-MTA] Session ended.
Jan 19 03:00:57 server citserver[15494]: context: [18720]SRV[SMTP-MTA] Session ended.
Jan 19 03:00:59 server citserver[15494]: citserver[15494]: Expired 1011 messages.
it forwards external name to internal IP. Retains the same port.
However it may be moot, tinyproxy is crashing again after too many sessions. Bumped up resources and ti runs about 3 hours then poof it dies. I'm thinking i'm going to read up on ngnix, set that up and see if it can handle the flood better.
I'm more interested in what conditions are configured to cause an HTTP connection to be forwarded to WebCit. Are you doing it by name, by path, by port, something else...?