Module not transmitting RPC traffic. FreeBSD
Closed this issue · 2 comments
Hello!
I am running FreeBSD 10.2-STABLE and attempting to compile this module from source.
I have installed all of the necessary support libraries (gcc, libinotify, autoconf, pkg-tools, libuuid)
I have managed to get the software to compile, by some miracle and a few tweaks in the source files. However when I go to load the .so object generated into Apache, I get
Cannot load libexec/apache24/mod_proxy_msrpc.so into server: /usr/local/libexec/apache24/mod_proxy_msrpc.so: Undefined symbol "inotify_add_watch"
Since FreeBSD uses kqueue instead of the Linux inotify system, I understand the error is caused by inotify. The libraries are there and in the correct locations to support inotify and the system does pick up the header files and compiles with them appropriately, but there is a problem I have identified when a configure is ran:
configure:4174: checking for inotify_init1 configure:4174: gcc -o conftest -L/usr/local/lib/ conftest.c >&5 /tmp//ccefzpA0.o: In functionmain':
conftest.c:(.text+0xa): undefined reference to inotify_init1' collect2: error: ld returned 1 exit status configure:4174: $? = 1 configure: failed program was: | /* confdefs.h */ | #define PACKAGE_NAME "mod_proxy_msrpc" | #define PACKAGE_TARNAME "mod_proxy_msrpc" | #define PACKAGE_VERSION "0.1.1" | #define PACKAGE_STRING "mod_proxy_msrpc 0.1.1" | #define PACKAGE_BUGREPORT "micha@lenk.info" | #define PACKAGE_URL "" | #define STDC_HEADERS 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_MEMORY_H 1 | #define HAVE_STRINGS_H 1 | #define HAVE_INTTYPES_H 1 | #define HAVE_STDINT_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_FCNTL_H 1 | #define HAVE_LIMITS_H 1 | #define HAVE_STDLIB_H 1 | #define HAVE_STRING_H 1 | #define HAVE_UNISTD_H 1 | #define HAVE_SYS_TYPES_H 1 | #define HAVE_SYS_STAT_H 1 | #define HAVE_SYS_INOTIFY_H 1 | #define HAVE_SYS_SELECT_H 1 | #define HAVE_UUID_UUID_H 1 | #define HAVE_STRCASECMP 1 | #define HAVE_STRCHR 1 | #define HAVE_STRRCHR 1 | /* end confdefs.h. */
Something is going wrong and the system is having trouble configuring and compiling for inotify support, despite all the appropriate libraries being present.
I grabbed a quick c++ program that uses inotify and compiled with g++ and was able to successfully compile and run the program.
Please help. I don't want to go to a Windows system in my DMZ. :(
I was able to solve my compile issue. I figured it out when g++ worked to compile that test program but gcc would not. g++ was including the library in the compiler for inotify. I had to manually specify the library in gcc when I ran the compiler. This caused everything to successfully build and now the modules loads inside of Apache successfully.
However, now I am having problems with functionality. It is not working as intended and RPC traffic is still not being proxied to the Exchange server or to the Remote Desktop Gateway server. Both of these servers are able to be access via the website, but when I attempt to use Exchange ActiveSync or the Remote Desktop Gateway service directly it, the data connection fails.
I have abandoned trying force this module to operate correctly in Apache for my purposes as a Remote Desktop Gateway and Exchange. Apache just does not want to cooperate with me. This module is well-written and has good intentions, but Apache's SSL reverse proxy implementation just bites the big one. Due to how the HTTPS connection encrypts it is impossible, without SNI, to perform host-based lookups. Apache's operation of SNI is terrible and just checks the sites in order of virtual hosts due to lack of availability of SNI (such as ActiveSync or RemoteDesktopGateway connections). For single domain, single purpose reverse proxies, I am sure this is perfectly fine because the traffic only has to go one place.
For anyone that finds this thread, use haproxy. It literally took me an hour and I have working RD Gateway, Exchange ActiveSync, OWA, and RPC over it all. It is a well-supported pkg that the devs don't have have a tiff with MS, like Apache does.