Posted on

12-Jan-2008

Updates
I had some trouble with PMAS – the anti-Spam gateway: Crash of a server project due to AccVIO somewhere. No real problem since a new worker process is started automatically. But this time, no data, just that message.

I had two workers running: 0003 and 0008.

%%%%%%%%%%% OPCOM 10-JAN-2008 02:50:16.38 %%%%%%%%%%%
Message from user SYSTEM on DIANA
%PTSMTP-E-WORKERDIED, worker PTSMTP 0003 (20200B22) terminated unexpectedly
-SYSTEM-F-ACCVIO, access violation, reason mask=!XB, virtual address=!XH, PC=!XH, PS=!XL
-PTSMTP-I-WORKERCONN, while processing connection from 200.53.81.174,4161

and down went worker with ID 0003. Worker 0009 was started. but at the next message, 0008 crashed with the same error. 000A was started, and the next message crashed 0009.

this went on, until the last:

%%%%%%%%%%% OPCOM 10-JAN-2008 10:34:42.87 %%%%%%%%%%%
Message from user SYSTEM on DIANA
%PTSMTP-E-WORKERDIED, worker PTSMTP 0013 (20204195) terminated unexpectedly
-SYSTEM-F-ACCVIO, access violation, reason mask=!XB, virtual address=!XH, PC=!XH, PS=!XL
-PTSMTP-I-WORKERCONN, while processing connection from 122.164.19.249,2681

and only worker with ID 0014 remained. Just that one where I normally have two at hand.
Ni idea why this happened.
There were som eother crashed before that I signalled to process, and it seems some code has changed just to prevent the formerly signalled ACCVIO crashes. So I downloaded the latest update. It just meant replacement of three executables, stopping and starting the software. Now it’s a matter of wait and see.

VMS updates and new services
There are a number of patches to be installed on VMS. One is obligatoty if you want to run CIFS – Samba, that is – and I wanted to have that installed it on Persophone first, for easy exchnage of files between the emulated Alpga and the Windows environment it runs on. It requires UPDATE 5 – a patch consolidating a number of earlier patches to VMS. So I did install it first, and since it requires a reboot, I did. Alas: VMS bugchecked on startup due to a spinlock error….
It happened a colleague before. He contacted Emulators International and it turned out that he used an old version of IDLE – the software that allows Windows to use the processor is the emulated processor is in IDLE state – doing nothing.
A new version of the software is included in this version of the emulator and there was no mention of the new IDLE image required – so we didn’t install it. Luckily, Emulators International came up with a solution that we could use without reversing the installation – something troublesome when you hadn’t made a copy of the systemdisk-container before applying the update. It is descrtibed on the Personal Alpha Forum
Anyway: It’s installed on Persephone now, not yet configured. One thing NOT to try here, is setting the emulator as PDC, and require Windows login in that domain. It will fail for the obvious reason that the PDC cannot be found – because it can only be found after the emulator is started….DUH

Posted on

SQLite and GNV

wg_webpage
The major work at the moment is getting a program running that takes input from a file and dunps it into a webpage. The basics behind it: the forementioned routines, did work already and the testprogram has been modified to show at least a hardcoded content. But coding the whole lot from there proved more troublesome than anticipated so I deciced to redo the program from scratch – but use what’s already working.

One thing I encounterd is a serverless SQL engine, used in the anti-spam gateway to store statistics: SQLite. I downloaded the sources and was trying to get it to compile, to begin with, but that didn’t work. next I tried using the GNV package – I still had 1.6 on the box. the configure script ran up to checking the header files and stalled there. In a brain flash I downloaded and installed the latest (2.1) version and ran into some problems: The directory was accessable only for displaying the contents. CD to it fails, as well as running a script. Put a message on ITRC and got the answer to get to the directory – but running the script fails in a number of places and doesn’t get as far as running under GNV 1.6. It appears the scripts needs to be updated in one place, and some adaptions are to be made to circumvent some other problems. There may be some bits missing, so I’ll have to get these as well.
One thing I noted: the modules need to be built /NOANSI, and /FLOAT=IEEE. But that’s a minor issue. With this knowledge, it may be possible to circumvent GNV.

Posted on

06-Jan-2008

Rejected Webaccess
Last weblog shows an attempt to do simething werid:

210.51.23.7 - - [06/Jan/2008:02:06:34 +0100] "GET http://clickingagent.com/proxycheck.php?ip=217.149.210.164&port=80&loc= HTTP/1.0" 403 864
...
210.51.23.7 - - [06/Jan/2008:05:27:00 +0100] "GET http://clickingagent.com/proxycheck.php?ip=217.149.210.164&port=80&loc= HTTP/1.0" 403 864
In other words – this person (?) tries something and appearently fails to reckognize autentication errors – for 2 1/2 hours. There are 159 entries all together, the intervals differ – from minutes to tenths of seconds. In vain, of course, because proxies are not enabled.
Plus the ever recurring types of attempts, but less than normal.

One thin g to add to be allowed: the count program. It’s in the home page and valid – but shows up, as well as the webpage itself.

SSL
This weekend I tried to get a server certificate from CA-cert, and had (I think) to use the HP-supplied scripts ($ @SSL$COM:SSL$_CERT_TOOLS), because the WASD SSL kit isn’t complete in that respect (according Mark’s documentation), I got one from CA-cert and after some playing around following documentation, I thought I got one to use as server certificate. But the server failes on handling it:
%HTTPD-I-SSL, ssssssss.grootersnet.nl:443
-SSL-I-CERT, DDDDDD:SSSSSSSS.PEM
-SSL-W-ERROR, "error:0906D06C:PEM routines:PEM_read_bio:no start line" (HT_ROOT:[SRC.OPENSSL-0_9_8.CRYPTO.PEM]PEM_LIB.C;1 644)"Expecting: CERTIFICATE"
-SSL-W-ERROR, "error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib" (HT_ROOT:[SRC.OPENSSL-0_9_8.SSL]SSL_RSA.C;1 727)
-SERVICE-W-SSL, service not configured

leaving each of the SSL’d sites inaccesable. So I reversed to the original, and first check how to create such a certificate…

Posted on

02-jan-2008

No access?? No files??
A (likely to be minor) issue was found this morning.
Having enabled SSL on the operator desk, it seems the logs are inaccessable:

ERROR 403 – The requested action is not permitted.

Checking other direct-access directories, the same occurs. WATCH log indicates that no files are available; the mapping is correct, but files are not located. It might be that all files are indeed missing. This is to be checked!

Funny, though, that permission seem to be denied, where files cannot be found.

UPDATE
It turned out that access to the WASD logs wouldn’t work anyway since there wer no files left there. So I rerean the procedure that normally runs on Monday at midnight. This doesn’t just copy the files (whisch still existed in the WASD log directory) but also creates an index.html file. The WASD logs couul be accessed by that index file, but brwosing the directory wasn’t possible either.
So I signalled the issue on the WASD list, and created a procedure to do the same with the oprrator and FTP logs. That works fine, so the problem is solved. But it seems curious that using HTTPS (SSL?) implicily disables directory browsing…