编译 – 在AIX上使用MySQL身份验证支持编译proftpd

2022-04-07 08:05:46

编辑1:

问题似乎与MySQL组件有关.因为如果我从配置文件中删除每个SQL指令,它确实可以在ftp / ftpes,sftp和ftps上运行

编辑2:

如果我把一个现有主机没有托管数据库,连接到ftp守护程序将挂起并最终超时,而如果我放错了数据库或非响应主机,它将尝试运行unix auth instaed of mysql auth.

编辑3:

Sqllog提到我们可以看到线路2月07日15:44:12 mod_sql / 4.3 [15139036]:进入mysql cmd_open之后是一个新的日志行超过一分钟07年2月15日15:45:27:

Feb 07 15:44:11 mod_sql/4.3[15139036]: defaulting to 'mysql' backend
Feb 07 15:44:11 mod_sql/4.3[15139036]: backend module 'mod_sql_mysql/4.0.8'
Feb 07 15:44:11 mod_sql/4.3[15139036]: backend api    'mod_sql_api_v1'
Feb 07 15:44:11 mod_sql/4.3[15139036]: >>> sql_sess_init
Feb 07 15:44:11 mod_sql/4.3[15139036]: entering         mysql cmd_defineconnection
Feb 07 15:44:11 mod_sql/4.3[15139036]:   name: 'default'
Feb 07 15:44:11 mod_sql/4.3[15139036]:   user: 'mysql_poney_user'
Feb 07 15:44:11 mod_sql/4.3[15139036]:   host: 'pingableHostWithoutDB.net'
Feb 07 15:44:11 mod_sql/4.3[15139036]:     db: 'mysql_poney_user'
Feb 07 15:44:11 mod_sql/4.3[15139036]:   port: '15140'
Feb 07 15:44:11 mod_sql/4.3[15139036]:    ttl: '2'
Feb 07 15:44:11 mod_sql/4.3[15139036]: exiting  mysql cmd_defineconnection
Feb 07 15:44:11 mod_sql/4.3[15139036]: connection 'default' successfully established
Feb 07 15:44:11 mod_sql/4.3[15139036]: mod_sql engine     : on
Feb 07 15:44:11 mod_sql/4.3[15139036]: negative_cache     : off
Feb 07 15:44:11 mod_sql/4.3[15139036]: authenticate       : users
Feb 07 15:44:11 mod_sql/4.3[15139036]: usertable          : proftpd_users
Feb 07 15:44:11 mod_sql/4.3[15139036]: userid field       : userid
Feb 07 15:44:11 mod_sql/4.3[15139036]: password field     : passwd
Feb 07 15:44:11 mod_sql/4.3[15139036]: UID field          : uid
Feb 07 15:44:11 mod_sql/4.3[15139036]: GID field          : gid
Feb 07 15:44:11 mod_sql/4.3[15139036]: homedir field      : homedir
Feb 07 15:44:11 mod_sql/4.3[15139036]: shell field        : shell
Feb 07 15:44:11 mod_sql/4.3[15139036]: SQLMinUserUID      : 200
Feb 07 15:44:11 mod_sql/4.3[15139036]: SQLMinUserGID      : 1
Feb 07 15:44:11 mod_sql/4.3[15139036]: <<< sql_sess_init
Feb 07 15:44:12 mod_sql/4.3[15139036]: >>> sql_escapestr
Feb 07 15:44:12 mod_sql/4.3[15139036]: entering         mysql cmd_escapestring
Feb 07 15:44:12 mod_sql/4.3[15139036]: entering         mysql cmd_open
Feb 07 15:45:27 mod_sql/4.3[15139036]: exiting  mysql cmd_open
Feb 07 15:45:27 mod_sql/4.3[15139036]: exiting  mysql cmd_escapestring
Feb 07 15:45:27 mod_sql/4.3[15139036]: unrecoverable backend error
Feb 07 15:45:27 mod_sql/4.3[15139036]: error: '2003'
Feb 07 15:45:27 mod_sql/4.3[15139036]: message: 'Can't connect to MySQL server on 'pingableHostWithoutDB.net' (78)'
Feb 07 15:45:27 mod_sql/4.3[15139036]: entering         mysql cmd_exit
Feb 07 15:45:27 mod_sql/4.3[15139036]: exiting  mysql cmd_exit

原始问题

我有一个proftpd配置文件,在proftpd 1.3.4b和proftpd 1.3.4d上进行了测试.现在我想在新系统上编译AIX 6.1.
我正在使用IBM XLc编译器.

这是我安装的库:

rpm -qa
    apr-1.4.6-1
    mkisofs-1.13-4
    pci.df1000fa-1-191A5
    openldap-2.4.23-0.3
    apr-util-ldap-1.5.1-1
    openssl-1.0.1e-2
    bash-3.0-1
    coreutils-5.0-2
    grep-2.5.1-1
    pci.1069B166.0A-050A008a-1
    pci.1069B166.08-0508008a-1
    pci.1069B166.10-0510006d-1
    pci.df1000fa-1-90X13
    pci.df1080f9-1-91x4
    ibm.scsi.disk.10k300-RPQR-1
    ibm.scsi.disk.73lpx15-c51d-1
    ibm.scsi.disk.146z10-s28g-1
    ibm.scsi.disk.146lp-C50K-1
    ses.0018-0018-01
    cdrecord-1.9-7
    pci.1069B166.10-0710000b-1
    screen-3.9.10-2
    expat-2.1.0-1
    zlib-1.2.7-2
    AIX-rpm-6.1.6.15-5
    gettext-0.10.40-8
    libiconv-1.14-2
    apr-util-1.5.1-1
    db4-4.7.25-2
    bzip2-1.0.6-1
    info-4.13a-2
    readline-6.2-4
    pcre-8.32-1
    openssl-devel-1.0.1e-2
    httpd-2.4.3-1
    mpfr-3.1.2-1
    MySQL-devel-5.1.56-1
    libgcc-4.6.1-1
    gcc-4.6.1-1
    libstdc++-4.6.1-1
    libstdc++-devel-4.6.1-1
    gmp-5.1.3-1
    gmp-devel-5.1.3-1
    mpfr-devel-3.1.2-1
    libmpc-1.0.1-2
    libmpc-devel-1.0.1-2
    gcc-cpp-4.6.1-1
    zlib-devel-1.2.7-2

这是我用来编译的脚本:

export CONFIG_SHELL=/opt/freeware/bin/bash
export CONFIG_ENV_ARGS=/opt/freeware/bin/bash
export CC=cc
export CFLAGS="-qmaxmem=16384 -DSYSV -D_AIX -D_AIX32 -D_AIX41 -D_AIX43 -D_AIX51 -D_AIX52 -D_AIX53 -D_AIX61 -D_ALL_SOURCE -DFUNCPROTO=15 -O -I/opt/freeware/include"
export CXX=xlC
export CXXFLAGS=$CFLAGS
export CPPFLAGS='-U__STR__'
export F77=xlf
export FFLAGS="-O -I/opt/freeware/include"
export LD=ld
export LDFLAGS="-L/opt/freeware/lib -Wl,-blibpath:/opt/freeware/lib:/usr/lib:/lib:/opt/freeware/lib/mysql:/opt/freeware/lib/mysql/mysql"
export PATH=/usr/bin:/bin:/etc:/usr/sbin:/usr/ucb:/usr/bin/X11:/sbin:/usr/vac/bin:/usr/vacpp/bin:/usr/ccs/bin:/usr/dt/bin:/usr/opt/perl5/bin:/opt/freeware/bin:/opt/freeware/sbin:/usr/local/bin:/usr/lib/instl
export CFLAGS="-DSYSV -D_AIX -D_AIX32 -D_AIX41 -D_AIX43 -D_AIX51 -D_AIX52 -D_AIX53 -D_AIX61 -D_ALL_SOURCE -DFUNCPROTO=15 -O -I/opt/freeware/include"
make clean
./configure  '--with-modules=mod_tls:mod_sql:mod_sql_mysql:mod_sql_passwd:mod_sftp:mod_sftp_sql' '--without-getopt' '--enable-openssl' '--with-includes=/home/poney/libmath_header:/home/poney/include_mysql/mysql/' '--with-libraries=/home/poney/libmath_lib:/opt/freeware/lib/mysql/mysql:/opt/freeware/lib/mysql/mysql/libmysqlclient.a' '--prefix=/usr/local/proftpd'
make

事情是它编译没有进一步警告. make install时我还会收到警告:

ld: 0711-224 WARNING: Duplicate symbol: .bcopy
ld: 0711-224 WARNING: Duplicate symbol: .memmove
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information.

我的配置允许FTPS SFTP和FTP,如果我尝试连接ftps,它确实有效,直到我输入密码:

openssl s_client -connect 127.0.0.1:210 -starttls ftp
    CONNECTED(00000003)
    depth=0 /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
    verify error:num=18:self signed certificate
    verify return:1
    depth=0 /C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
    verify return:1
    ---
    Certificate chain
     0 s:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
       i:/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
    ---
    Server certificate
    -----BEGIN CERTIFICATE-----
    MIICWDCCAcGgAwIBAg[...]8dqCxa3HS6bgg==
    -----END CERTIFICATE-----
    subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
    issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 1264 bytes and written 341 bytes
    ---
    New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
    Server public key is 1024 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
    SSL-Session:
        Protocol  : TLSv1
        Cipher    : DHE-RSA-AES256-SHA
        Session-ID: 6F520DFBC97CF172B68A99510AAFA765658324A4478D87ACB481362070A88034
        Session-ID-ctx:
        Master-Key: [...]
        Key-Arg   : None
        Start Time: 1391443369
        Timeout   : 300 (sec)
        Verify return code: 18 (self signed certificate)
    ---
    220 ProFTPD 1.3.4d Server (ftp daemon) [127.0.0.1]
    USER frank
    331 Password required for frank
    PASS $$$$$

之后什么都没有,它什么都不做.在proftpd方面,deamon确实提供了一些跟踪:
see pastbin

我在这里看不到任何有用的东西.

我很确定这个库有什么问题,但我真的不知道为什么它不想在最后因为编译而没有问题.

解决方法:

最后答案是:
这不是一个错误,这是一个功能

如果您尝试连接dns中已知的数据库但数据包被防火墙丢弃,那么您将陷入客户端的sql超时(大约85秒),如果您已将modthqlc设置为AUthOrder,则无法进行其他身份验证第一.

所以我的编译选项也正确,包版本也是正确的.

上一篇:linux – 安全补丁上的自动内核重新编译?


下一篇:算法第二章上机实践报告