VAST Seaside problem at startup

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
29 messages Options
12
Reply | Threaded
Open this post in threaded view
|

VAST Seaside problem at startup

Long Haired David
I have recently installed 8.6 as a clean install. I have loaded the Seaside feature and run up my code that was working under earlier versions of 8. When I try to log into the main Seaside control web page I get the following come up.


I know nothing about the Seaside internals. Can anyone tell me how to get this sorted please?


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Seth Berman
Hello,

Just to make sure I understand, when you say 8.6...do you mean the latest release 8.6.2 or the actual 8.6 release?
I ask because 8.6.2 will have the OpenSSL key generation ability for https connections. 
If VA OpenSSL connectivity isn't setup properly (meaning you don't have openssl libraries available or the version of OpenSSL < 1.0.0), then Seaside will be unable to generate secure keys.

-- Seth

I would debug the method WASecureKeyGenerator

On Wednesday, May 11, 2016 at 3:33:51 PM UTC-4, Totally Objects wrote:
I have recently installed 8.6 as a clean install. I have loaded the Seaside feature and run up my code that was working under earlier versions of 8. When I try to log into the main Seaside control web page I get the following come up.

<a href="https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png" style="margin-left:1em;margin-right:1em" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;" onclick="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;">


I know nothing about the Seaside internals. Can anyone tell me how to get this sorted please?


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Seth Berman
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing

On Wednesday, May 11, 2016 at 5:03:53 PM UTC-4, Seth Berman wrote:
Hello,

Just to make sure I understand, when you say 8.6...do you mean the latest release 8.6.2 or the actual 8.6 release?
I ask because 8.6.2 will have the OpenSSL key generation ability for https connections. 
If VA OpenSSL connectivity isn't setup properly (meaning you don't have openssl libraries available or the version of OpenSSL < 1.0.0), then Seaside will be unable to generate secure keys.

-- Seth

I would debug the method WASecureKeyGenerator

On Wednesday, May 11, 2016 at 3:33:51 PM UTC-4, Totally Objects wrote:
I have recently installed 8.6 as a clean install. I have loaded the Seaside feature and run up my code that was working under earlier versions of 8. When I try to log into the main Seaside control web page I get the following come up.

<a href="https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png" style="margin-left:1em;margin-right:1em" rel="nofollow" target="_blank" onmousedown="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;" onclick="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;">


I know nothing about the Seaside internals. Can anyone tell me how to get this sorted please?


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
In reply to this post by Long Haired David
I have 8.6.2 installed. It makes no difference if I put a break in WASecureKeyGenerator startup because this never fires. I still get the same error. Are you saying that there is no simple way to install and run Seaside in 8.6.2 without going through other security processes? If that is so then it is a shame because Seaside was easy and good to use in my previous version.


On Wednesday, May 11, 2016 at 8:33:51 PM UTC+1, Totally Objects wrote:
I have recently installed 8.6 as a clean install. I have loaded the Seaside feature and run up my code that was working under earlier versions of 8. When I try to log into the main Seaside control web page I get the following come up.

<a href="https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png" style="margin-left:1em;margin-right:1em" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;" onclick="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;">


I know nothing about the Seaside internals. Can anyone tell me how to get this sorted please?


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
In reply to this post by Long Haired David
Well something is badly wrong. I run Windows under Parallels on my Mac. I have just installed Windows 10 on a clean install and then loaded 8.6.2.  I get the same starting error. Surely this can't be right?

On Wednesday, May 11, 2016 at 8:33:51 PM UTC+1, Totally Objects wrote:
I have recently installed 8.6 as a clean install. I have loaded the Seaside feature and run up my code that was working under earlier versions of 8. When I try to log into the main Seaside control web page I get the following come up.

<a href="https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png" style="margin-left:1em;margin-right:1em" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;" onclick="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;">


I know nothing about the Seaside internals. Can anyone tell me how to get this sorted please?


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
In reply to this post by Seth Berman
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Louis LaBrunda
Hi David,

I haven't been following this problem very closely so, allow me to just throw an idea out there that could be very off base.  It sounds like it could be a packaging problem.  I haven't used Seaside for a while but as I remember things it was very hard to package in that lots of classes would get packaged out.  That is complicated by the fact that Seaside catches lots of errors and ignores them because it doesn't want to blow up it is get bad user input.  I don't remember how but you should be able to turn on some debugging option that will at least report more of what is going on.

Lou

On Thursday, May 12, 2016 at 7:34:26 AM UTC-4, Totally Objects wrote:
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
Lou. This is just starting up Seaside in a clean image. I haven't done any packaging or anything.  I installed a new Windows 10 and then installed 8.6.2. I start up an adaptor and then point a browser at http://localhost:8080. I then get this error so I can't even see the main Seaside page. This can't be right so either I am doing something stupid or forgetting something.

David

On Thursday, May 12, 2016 at 1:35:37 PM UTC+1, Louis LaBrunda wrote:
Hi David,

I haven't been following this problem very closely so, allow me to just throw an idea out there that could be very off base.  It sounds like it could be a packaging problem.  I haven't used Seaside for a while but as I remember things it was very hard to package in that lots of classes would get packaged out.  That is complicated by the fact that Seaside catches lots of errors and ignores them because it doesn't want to blow up it is get bad user input.  I don't remember how but you should be able to turn on some debugging option that will at least report more of what is going on.

Lou

On Thursday, May 12, 2016 at 7:34:26 AM UTC-4, Totally Objects wrote:
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Seth Berman
Hello,

I can reproduce this.
Looks like Seaside wants to generate random numbers to use as keys for session caches.  If a secure RNG (via OpenSSL) is not available in Vast then it produces this walkback...even for http.
If it's not found at startup, then it installs a 'WANoSecureKeyGeneratorAvailable' which produces an error when asked for a key.

To get around this, try changing the key generator method to the following below.  This will force it to fallback to using EsRandom as the RNG.
In the meantime, we will revisit this internally to see if we can disconnect the OpenSSL requirement from the session cache keys.
Thanks for bringing this up....please let me know if the change described below solves your issue.

WANoSecureKeyGeneratorAvailable>>keyOfLength: anInteger
^super keyOfLength: anInteger

-- Seth

On Thursday, May 12, 2016 at 9:57:46 AM UTC-4, Totally Objects wrote:
Lou. This is just starting up Seaside in a clean image. I haven't done any packaging or anything.  I installed a new Windows 10 and then installed 8.6.2. I start up an adaptor and then point a browser at <a href="http://localhost:8080" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;">http://localhost:8080. I then get this error so I can't even see the main Seaside page. This can't be right so either I am doing something stupid or forgetting something.

David

On Thursday, May 12, 2016 at 1:35:37 PM UTC+1, Louis LaBrunda wrote:
Hi David,

I haven't been following this problem very closely so, allow me to just throw an idea out there that could be very off base.  It sounds like it could be a packaging problem.  I haven't used Seaside for a while but as I remember things it was very hard to package in that lots of classes would get packaged out.  That is complicated by the fact that Seaside catches lots of errors and ignores them because it doesn't want to blow up it is get bad user input.  I don't remember how but you should be able to turn on some debugging option that will at least report more of what is going on.

Lou

On Thursday, May 12, 2016 at 7:34:26 AM UTC-4, Totally Objects wrote:
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

John O'Keefe-3
In reply to this post by Long Haired David
David -

Beginning in VAST 8.6.2 Seaside prereqs the new Smalltalk Crypto support. The Crypto support requires OpenSSL DLLs (see Where do I get OpenSSL Libraries from and how do I set them up for VA Smalltalk 8.6.2 and above?). If these libraries are not available, this is the error you will get.

John

On Wednesday, May 11, 2016 at 3:33:51 PM UTC-4, Totally Objects wrote:
I have recently installed 8.6 as a clean install. I have loaded the Seaside feature and run up my code that was working under earlier versions of 8. When I try to log into the main Seaside control web page I get the following come up.

<a style="margin-right: 1em; margin-left: 1em;" onmousedown="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;" onclick="this.href=&#39;https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png&#39;;return true;" href="https://lh3.googleusercontent.com/-gSnYAgcGCfw/VzOI9DXMZ6I/AAAAAAAAADE/mECWkXP8Es0BG48gPZPFKSvcTAwV6JWggCLcB/s1600/Screen%2BShot%2B2016-05-11%2Bat%2B20.30.56.png" target="_blank" rel="nofollow">


I know nothing about the Seaside internals. Can anyone tell me how to get this sorted please?


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Seth Berman
In reply to this post by Seth Berman
Hello all,

I believe I described how to "work around" the issue in my previous post and this is adequate for playing around with Seaside in the absence of OpenSSL.
However, I would NOT recommend this solution in any sort of deployment or usage as an internet web server for http (and obviously https).
EsRandom is not, and was never really intended to be, a secure RNG which means that reverse engineering its algorithm, by folks with the skills in this area, would probably not be too terribly difficult.

-- Seth

On Thursday, May 12, 2016 at 11:08:16 AM UTC-4, Seth Berman wrote:
Hello,

I can reproduce this.
Looks like Seaside wants to generate random numbers to use as keys for session caches.  If a secure RNG (via OpenSSL) is not available in Vast then it produces this walkback...even for http.
If it's not found at startup, then it installs a 'WANoSecureKeyGeneratorAvailable' which produces an error when asked for a key.

To get around this, try changing the key generator method to the following below.  This will force it to fallback to using EsRandom as the RNG.
In the meantime, we will revisit this internally to see if we can disconnect the OpenSSL requirement from the session cache keys.
Thanks for bringing this up....please let me know if the change described below solves your issue.

WANoSecureKeyGeneratorAvailable>>keyOfLength: anInteger
^super keyOfLength: anInteger

-- Seth

On Thursday, May 12, 2016 at 9:57:46 AM UTC-4, Totally Objects wrote:
Lou. This is just starting up Seaside in a clean image. I haven't done any packaging or anything.  I installed a new Windows 10 and then installed 8.6.2. I start up an adaptor and then point a browser at <a href="http://localhost:8080" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;">http://localhost:8080. I then get this error so I can't even see the main Seaside page. This can't be right so either I am doing something stupid or forgetting something.

David

On Thursday, May 12, 2016 at 1:35:37 PM UTC+1, Louis LaBrunda wrote:
Hi David,

I haven't been following this problem very closely so, allow me to just throw an idea out there that could be very off base.  It sounds like it could be a packaging problem.  I haven't used Seaside for a while but as I remember things it was very hard to package in that lots of classes would get packaged out.  That is complicated by the fact that Seaside catches lots of errors and ignores them because it doesn't want to blow up it is get bad user input.  I don't remember how but you should be able to turn on some debugging option that will at least report more of what is going on.

Lou

On Thursday, May 12, 2016 at 7:34:26 AM UTC-4, Totally Objects wrote:
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
That fix worked. Thanks. I am staggered that no one has brought this up! As I am using this with a Riak NoSQL database at the back which just answers anything on a certain port then security wouldn't seem to be my biggest concern - grin.

At the grand old age of 71 I am working towards a project for my last year at the Open University so, I would hope that you would sort this before I get there next year :-)

Thanks again.

David

On Thursday, May 12, 2016 at 4:43:12 PM UTC+1, Seth Berman wrote:
Hello all,

I believe I described how to "work around" the issue in my previous post and this is adequate for playing around with Seaside in the absence of OpenSSL.
However, I would NOT recommend this solution in any sort of deployment or usage as an internet web server for http (and obviously https).
EsRandom is not, and was never really intended to be, a secure RNG which means that reverse engineering its algorithm, by folks with the skills in this area, would probably not be too terribly difficult.

-- Seth

On Thursday, May 12, 2016 at 11:08:16 AM UTC-4, Seth Berman wrote:
Hello,

I can reproduce this.
Looks like Seaside wants to generate random numbers to use as keys for session caches.  If a secure RNG (via OpenSSL) is not available in Vast then it produces this walkback...even for http.
If it's not found at startup, then it installs a 'WANoSecureKeyGeneratorAvailable' which produces an error when asked for a key.

To get around this, try changing the key generator method to the following below.  This will force it to fallback to using EsRandom as the RNG.
In the meantime, we will revisit this internally to see if we can disconnect the OpenSSL requirement from the session cache keys.
Thanks for bringing this up....please let me know if the change described below solves your issue.

WANoSecureKeyGeneratorAvailable>>keyOfLength: anInteger
^super keyOfLength: anInteger

-- Seth

On Thursday, May 12, 2016 at 9:57:46 AM UTC-4, Totally Objects wrote:
Lou. This is just starting up Seaside in a clean image. I haven't done any packaging or anything.  I installed a new Windows 10 and then installed 8.6.2. I start up an adaptor and then point a browser at <a href="http://localhost:8080" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;">http://localhost:8080. I then get this error so I can't even see the main Seaside page. This can't be right so either I am doing something stupid or forgetting something.

David

On Thursday, May 12, 2016 at 1:35:37 PM UTC+1, Louis LaBrunda wrote:
Hi David,

I haven't been following this problem very closely so, allow me to just throw an idea out there that could be very off base.  It sounds like it could be a packaging problem.  I haven't used Seaside for a while but as I remember things it was very hard to package in that lots of classes would get packaged out.  That is complicated by the fact that Seaside catches lots of errors and ignores them because it doesn't want to blow up it is get bad user input.  I don't remember how but you should be able to turn on some debugging option that will at least report more of what is going on.

Lou

On Thursday, May 12, 2016 at 7:34:26 AM UTC-4, Totally Objects wrote:
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
In reply to this post by Seth Berman
Just to let you know. This is still in 9.0. Wast it supposed to be fixed? Or should were going down the route described by John?

David

On Thursday, May 12, 2016 at 4:08:16 PM UTC+1, Seth Berman wrote:
Hello,

I can reproduce this.
Looks like Seaside wants to generate random numbers to use as keys for session caches.  If a secure RNG (via OpenSSL) is not available in Vast then it produces this walkback...even for http.
If it's not found at startup, then it installs a 'WANoSecureKeyGeneratorAvailable' which produces an error when asked for a key.

To get around this, try changing the key generator method to the following below.  This will force it to fallback to using EsRandom as the RNG.
In the meantime, we will revisit this internally to see if we can disconnect the OpenSSL requirement from the session cache keys.
Thanks for bringing this up....please let me know if the change described below solves your issue.

WANoSecureKeyGeneratorAvailable>>keyOfLength: anInteger
^super keyOfLength: anInteger

-- Seth

On Thursday, May 12, 2016 at 9:57:46 AM UTC-4, Totally Objects wrote:
Lou. This is just starting up Seaside in a clean image. I haven't done any packaging or anything.  I installed a new Windows 10 and then installed 8.6.2. I start up an adaptor and then point a browser at <a href="http://localhost:8080" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;">http://localhost:8080. I then get this error so I can't even see the main Seaside page. This can't be right so either I am doing something stupid or forgetting something.

David

On Thursday, May 12, 2016 at 1:35:37 PM UTC+1, Louis LaBrunda wrote:
Hi David,

I haven't been following this problem very closely so, allow me to just throw an idea out there that could be very off base.  It sounds like it could be a packaging problem.  I haven't used Seaside for a while but as I remember things it was very hard to package in that lots of classes would get packaged out.  That is complicated by the fact that Seaside catches lots of errors and ignores them because it doesn't want to blow up it is get bad user input.  I don't remember how but you should be able to turn on some debugging option that will at least report more of what is going on.

Lou

On Thursday, May 12, 2016 at 7:34:26 AM UTC-4, Totally Objects wrote:
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Seth Berman
Hello David,

The preferred route is the one that John described.

-- Seth 

On Wednesday, October 11, 2017 at 3:26:10 PM UTC-4, Totally Objects wrote:
Just to let you know. This is still in 9.0. Wast it supposed to be fixed? Or should were going down the route described by John?

David

On Thursday, May 12, 2016 at 4:08:16 PM UTC+1, Seth Berman wrote:
Hello,

I can reproduce this.
Looks like Seaside wants to generate random numbers to use as keys for session caches.  If a secure RNG (via OpenSSL) is not available in Vast then it produces this walkback...even for http.
If it's not found at startup, then it installs a 'WANoSecureKeyGeneratorAvailable' which produces an error when asked for a key.

To get around this, try changing the key generator method to the following below.  This will force it to fallback to using EsRandom as the RNG.
In the meantime, we will revisit this internally to see if we can disconnect the OpenSSL requirement from the session cache keys.
Thanks for bringing this up....please let me know if the change described below solves your issue.

WANoSecureKeyGeneratorAvailable>>keyOfLength: anInteger
^super keyOfLength: anInteger

-- Seth

On Thursday, May 12, 2016 at 9:57:46 AM UTC-4, Totally Objects wrote:
Lou. This is just starting up Seaside in a clean image. I haven't done any packaging or anything.  I installed a new Windows 10 and then installed 8.6.2. I start up an adaptor and then point a browser at <a href="http://localhost:8080" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;">http://localhost:8080. I then get this error so I can't even see the main Seaside page. This can't be right so either I am doing something stupid or forgetting something.

David

On Thursday, May 12, 2016 at 1:35:37 PM UTC+1, Louis LaBrunda wrote:
Hi David,

I haven't been following this problem very closely so, allow me to just throw an idea out there that could be very off base.  It sounds like it could be a packaging problem.  I haven't used Seaside for a while but as I remember things it was very hard to package in that lots of classes would get packaged out.  That is complicated by the fact that Seaside catches lots of errors and ignores them because it doesn't want to blow up it is get bad user input.  I don't remember how but you should be able to turn on some debugging option that will at least report more of what is going on.

Lou

On Thursday, May 12, 2016 at 7:34:26 AM UTC-4, Totally Objects wrote:
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
OK. I have installed the dlls and everything seems to be fine. Thanks for the prompt to do that.

It does seem that the 64bit DLLs are still called 32 though as in
CRYPTO_LIB=libeay32
SSL_LIB=ssleay32

Part from that, I have taken out the patch and I am OK. My Seaside is running fine.

Thanks to you and John for your help.

David

On Wednesday, October 11, 2017 at 8:43:53 PM UTC+1, Seth Berman wrote:
Hello David,

The preferred route is the one that John described.

-- Seth 

On Wednesday, October 11, 2017 at 3:26:10 PM UTC-4, Totally Objects wrote:
Just to let you know. This is still in 9.0. Wast it supposed to be fixed? Or should were going down the route described by John?

David

On Thursday, May 12, 2016 at 4:08:16 PM UTC+1, Seth Berman wrote:
Hello,

I can reproduce this.
Looks like Seaside wants to generate random numbers to use as keys for session caches.  If a secure RNG (via OpenSSL) is not available in Vast then it produces this walkback...even for http.
If it's not found at startup, then it installs a 'WANoSecureKeyGeneratorAvailable' which produces an error when asked for a key.

To get around this, try changing the key generator method to the following below.  This will force it to fallback to using EsRandom as the RNG.
In the meantime, we will revisit this internally to see if we can disconnect the OpenSSL requirement from the session cache keys.
Thanks for bringing this up....please let me know if the change described below solves your issue.

WANoSecureKeyGeneratorAvailable>>keyOfLength: anInteger
^super keyOfLength: anInteger

-- Seth

On Thursday, May 12, 2016 at 9:57:46 AM UTC-4, Totally Objects wrote:
Lou. This is just starting up Seaside in a clean image. I haven't done any packaging or anything.  I installed a new Windows 10 and then installed 8.6.2. I start up an adaptor and then point a browser at <a href="http://localhost:8080" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flocalhost%3A8080\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHe-wK21qitFTuLNvLF8GFyaOoS3w&#39;;return true;">http://localhost:8080. I then get this error so I can't even see the main Seaside page. This can't be right so either I am doing something stupid or forgetting something.

David

On Thursday, May 12, 2016 at 1:35:37 PM UTC+1, Louis LaBrunda wrote:
Hi David,

I haven't been following this problem very closely so, allow me to just throw an idea out there that could be very off base.  It sounds like it could be a packaging problem.  I haven't used Seaside for a while but as I remember things it was very hard to package in that lots of classes would get packaged out.  That is complicated by the fact that Seaside catches lots of errors and ignores them because it doesn't want to blow up it is get bad user input.  I don't remember how but you should be able to turn on some debugging option that will at least report more of what is going on.

Lou

On Thursday, May 12, 2016 at 7:34:26 AM UTC-4, Totally Objects wrote:
I have now tested this on Windows 7, Windows 10 and Windows Server 2012 and I get the same error. What am I doing wrong as it can't be your Seaside implementation, can it?

David

On Wednesday, May 11, 2016 at 11:16:34 PM UTC+1, Seth Berman wrote:
Sorry...posted too soon.
I would debug the method WASecureKeyGenerator class>>startUp and verify #canSeed is failing


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Seth Berman
Hi David,

Great, glad to hear.  Yes, for OpenSSL binaries <= 1.0.2, they retained the ‘32’ at the end.  Even many of the build flags for compiling the project still have 32 in them even though it’s a 64-bit compile.  In >= 1.1.0, they changed the names, so it’s libcrypto and libssl instead of libeay32 and ssleay32.
Our bindings are compatible with 1.0.x and 1.1.0, so we left the abt ini reference alone.
Once the last of the 1.0.x branch (1.0.2) goes out of support end of year 2019, the ini file will be changed.

- Seth


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/group/va-smalltalk.
For more options, visit https://groups.google.com/d/optout.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
Hi Seth. Just to mention that I have had to install libeay32.dll and ssleay32.dll into the dll directory when running Seaside under 9.2

Are there any updated instructions that we should be following?

David

On Thursday, October 12, 2017 at 2:22:08 PM UTC+1, Seth Berman wrote:
Hi David,

Great, glad to hear.  Yes, for OpenSSL binaries <= 1.0.2, they retained the ‘32’ at the end.  Even many of the build flags for compiling the project still have 32 in them even though it’s a 64-bit compile.  In >= 1.1.0, they changed the names, so it’s libcrypto and libssl instead of libeay32 and ssleay32.
Our bindings are compatible with 1.0.x and 1.1.0, so we left the abt ini reference alone.
Once the last of the 1.0.x branch (1.0.2) goes out of support end of year 2019, the ini file will be changed.

- Seth


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/va-smalltalk/48d5ba5b-b3e6-4784-94f8-631bb19dfe77%40googlegroups.com.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Mariano Martinez Peck-2


On Sat, Nov 23, 2019, 5:53 PM Totally Objects <[hidden email]> wrote:
Hi Seth. Just to mention that I have had to install libeay32.dll and ssleay32.dll into the dll directory when running Seaside under 9.2

Are there any updated instructions that we should be following?

Hi David, 


Does that help? 

Best, 



David

On Thursday, October 12, 2017 at 2:22:08 PM UTC+1, Seth Berman wrote:
Hi David,

Great, glad to hear.  Yes, for OpenSSL binaries <= 1.0.2, they retained the ‘32’ at the end.  Even many of the build flags for compiling the project still have 32 in them even though it’s a 64-bit compile.  In >= 1.1.0, they changed the names, so it’s libcrypto and libssl instead of libeay32 and ssleay32.
Our bindings are compatible with 1.0.x and 1.1.0, so we left the abt ini reference alone.
Once the last of the 1.0.x branch (1.0.2) goes out of support end of year 2019, the ini file will be changed.

- Seth


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/va-smalltalk/48d5ba5b-b3e6-4784-94f8-631bb19dfe77%40googlegroups.com.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/va-smalltalk/CAOUkibH%3Dg%2BO6AwmS0%2BK%3DpgdDG0zk%3D0vvYqu%3D03-kh7Q5MnTkrw%40mail.gmail.com.
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Long Haired David
Yes, I found that but thought it was worth checking in case that was an old issue (as it mentions 8.6.2 and above!). Also, I wanted to publicise the need to other Seaside users in case they didn't know as I didn't find it easy to sort this out, until Seth helped.

On Saturday, November 23, 2019 at 9:06:01 PM UTC, Mariano Martinez Peck wrote:


On Sat, Nov 23, 2019, 5:53 PM Totally Objects <<a href="javascript:" target="_blank" gdf-obfuscated-mailto="GJ4VsFf_BgAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">da...@...> wrote:
Hi Seth. Just to mention that I have had to install libeay32.dll and ssleay32.dll into the dll directory when running Seaside under 9.2

Are there any updated instructions that we should be following?

Hi David, 

<a href="https://www.instantiations.com/docs/FAQ/wwhelp/wwhimpl/js/html/wwhelp.htm#href=va09002.html" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.instantiations.com%2Fdocs%2FFAQ%2Fwwhelp%2Fwwhimpl%2Fjs%2Fhtml%2Fwwhelp.htm%23href%3Dva09002.html\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGRgqnE6WSwC_Ccq3nD79l4u8xv7g&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fwww.instantiations.com%2Fdocs%2FFAQ%2Fwwhelp%2Fwwhimpl%2Fjs%2Fhtml%2Fwwhelp.htm%23href%3Dva09002.html\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGRgqnE6WSwC_Ccq3nD79l4u8xv7g&#39;;return true;">https://www.instantiations.com/docs/FAQ/wwhelp/wwhimpl/js/html/wwhelp.htm#href=va09002.html

Does that help? 

Best, 



David

On Thursday, October 12, 2017 at 2:22:08 PM UTC+1, Seth Berman wrote:
Hi David,

Great, glad to hear.  Yes, for OpenSSL binaries <= 1.0.2, they retained the ‘32’ at the end.  Even many of the build flags for compiling the project still have 32 in them even though it’s a 64-bit compile.  In >= 1.1.0, they changed the names, so it’s libcrypto and libssl instead of libeay32 and ssleay32.
Our bindings are compatible with 1.0.x and 1.1.0, so we left the abt ini reference alone.
Once the last of the 1.0.x branch (1.0.2) goes out of support end of year 2019, the ini file will be changed.

- Seth


--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to <a href="javascript:" rel="nofollow" target="_blank" gdf-obfuscated-mailto="GJ4VsFf_BgAJ" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">va-sma...@googlegroups.com.
To view this discussion on the web visit <a href="https://groups.google.com/d/msgid/va-smalltalk/48d5ba5b-b3e6-4784-94f8-631bb19dfe77%40googlegroups.com?utm_medium=email&amp;utm_source=footer" rel="nofollow" target="_blank" onmousedown="this.href=&#39;https://groups.google.com/d/msgid/va-smalltalk/48d5ba5b-b3e6-4784-94f8-631bb19dfe77%40googlegroups.com?utm_medium\x3demail\x26utm_source\x3dfooter&#39;;return true;" onclick="this.href=&#39;https://groups.google.com/d/msgid/va-smalltalk/48d5ba5b-b3e6-4784-94f8-631bb19dfe77%40googlegroups.com?utm_medium\x3demail\x26utm_source\x3dfooter&#39;;return true;">https://groups.google.com/d/msgid/va-smalltalk/48d5ba5b-b3e6-4784-94f8-631bb19dfe77%40googlegroups.com.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/va-smalltalk/322d6edd-8a39-49ed-bd76-75072a75f5b9%40googlegroups.com.
David
Totally Objects
Doing Smalltalk since 1989
Reply | Threaded
Open this post in threaded view
|

Re: VAST Seaside problem at startup

Mariano Martinez Peck-2


On Sun, Nov 24, 2019 at 4:29 PM Totally Objects <[hidden email]> wrote:
Yes, I found that but thought it was worth checking in case that was an old issue (as it mentions 8.6.2 and above!). Also, I wanted to publicise the need to other Seaside users in case they didn't know as I didn't find it easy to sort this out, until Seth helped.


Hi David,

Thanks for your concern, very much appreciated. As of 9.2, we ship two Seaside examples, one called "Hello World" with some basic setup and one called "Traffic Light" with advanced maps organization, packaging, and stack dumping and remote debugger examples. Both examples are shipped with in the manager of the product and they have also been documented. 


In those you can see that it's explained the dependency of Seaside on OpenSSL. 

Hope this helps too. 

Best,

--
Mariano Martinez Peck
Software Engineer, Instantiations Inc.

--
You received this message because you are subscribed to the Google Groups "VA Smalltalk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/va-smalltalk/CAOUkibF6xQx2cH%2B1%2BqYz6rvhyKSPph0pgbj3jBO3hN57zBjG3Q%40mail.gmail.com.
12