[9front] https exec header invalid

[9front] https exec header invalid

[william]

Struggle with https. Never got around to figuring this out.  But in theory

Create key with rsagen, convert to x509 and pemencode it. Cat it to factotum on boot using
cpustart. Make sure both services are created. One for port 80 and the other for 443.

Why am I getting: exec header invalid. not much more in the logs and nothing in /sys/log/http

I will rebuild the key and pem for security but I think I'm missing something. Here is my configuration 
steps. 

	ramfs -p
	cd /tmp
	auth/rsagen -t 'service=tls role=client owner=*' > think.key
	chmod 600 think.key
	cp think.key /sys/lib/tls/think.key

	auth/rsa2x509 'C=US CN=thinktankworkspaces.com' /sys/lib/tls/think.key | \
		auth/pemencode CERTIFICATE > /sys/lib/tls/think.pem

	cat /cfg/$sysname/cpustart
	cat /sys/lib/tls/think.key >> /mnt/factotum/ctl

	cat /bin/service.auth/tcp443
 	#!/bin/rc
 	exec tlssrv -D -c /sys/lib/tls/think.pem -l /sys/log/https /bin/service/tcp80 $*

	cat tcp80
	#!/bin/rc
	exec /rc/bin/rc-httpd/rc-httpd >>[2]/sys/log/www


tail /sys/log/listen
maat Apr 23 15:44:01 tcp: /cfg/maat/service.www/tcp443: exec header invalid

tail/sys/log/www
45.79.94.76/ -  - GET - md_handler sites/45.79.94.76/index.md - lib/default_master.tpl
Sat Apr 23 15:49:47 PDT 2022 :: 45.79.94.76 :: GET / HTTP/1.1 :: :: 200 ::

I feel like the cert is wrong and will rebuild it after this email. 

cat think.pem
-----BEGIN CERTIFICATE-----
MIIC1zCCAb+gAwIBAgIBADANBgkqhkiG9w0BAQsFADAvMQswCQYDVQQGEwJVUzEg
MB4GA1UEAxMXdGhpbmt0YW5rd29ya3NwYWNlcy5jb20wHhcNMjIwNDIzMjIwMjU4
WhcNMjUwNDI1MjIwMjU4WjAvMQswCQYDVQQGEwJVUzEgMB4GA1UEAxMXdGhpbmt0
YW5rd29ya3NwYWNlcy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDzGShZv2cAxpRsJEqGOhSWom7zUdWe3zJU4FSY2V1UWlr/Aw0fjkh1kDiNFuUX
arZ1ekMMBZQXQte+YnPZ/AdZy+4ovwEqG5R7k/AzFgonhPQrFFjySjmzGpeKc4We
dwiCgW28zDOCg2dr4CC9C2b6HonJH4/dyFF2Jx54sRC9NxuHtJYl/64BzYxxKkOQ
7czrnkoZ3BQCIzDcQFXn58NKCZSj9jI4ps8tChrLoJiGD7bjBqmvdoppfvrZOmTk
WBiLTdyj3q7C6rqWbYCX+v6VHWN+Rsh0q1B28umEYluUtK2AcxitC6pzkxmR/wsz
JWZ0GQr3DH2bZ6zfdZVWD3R1AgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHIMtrrV
toCAqHRpYnDp5bgZlMk7EClX8H7LK1naFOBbEjfceuBqBanxqe0NwNGTqqPI/EWb
efFW12r6GWyztTiEdideoGTh+KwN8rKWqfrLi68xtfPuAFQIBdjrjP4ZyKVFs31z
hN9e9Nf8bdXzSMomKtgCO6qZmymw4YtZUz0oqJCxmu98o3nPVinLVolhyJoFiB2w
FOhxTVSpfqctXMIhNijPaFoPzRcaFnJ1YGX9ZOKbk14Gv6vyC0s9wkqDJg0S4V+L
0ORt2cvOhIyw41Ppimld+gNUVU3MpQNtzijYcYj+1PvUZn922Hn9cpwUwx/WdRbF
NM8NXDafMS2uHP4=
-----END CERTIFICATE-----

cat think.key
key proto=rsa service=tls role=client owner=* size=2048 ek=10001 !dk=C3BEB72A05200894DE0071FC7C369A4B6D020FF50E20FE3205FC18C2770C5A96E2FCC25537DA96E7EB384E0B686EC1A3A7D6C9D40D4DE0A917159B2B1414874ABC15CA437AC99029B0943FEEB2C97C66E7412502361EA4755E6D35B3AD9D1AD60457F9A7F3796A972A98C7813517D0548870843D60D7C1AC2E8A7353D5A7D7E27B6D568856D802279B5E5D4A1F52018E4C54E3A5F0EFADB59125C2092889ABAF9FB540EF88C36B10D78D5245B67AB3BD60ADC3B2302494ABCC98F5B871FED3452DD0A74DA14B76BF654290D84C606B319BF54A8C2F593D0CD451C4AA79BEF502D4B7B1A35023E455200CA1ECE8CCE96A72EBB6EFEB4309F408668710B2669865 n=F3192859BF6700C6946C244A863A1496A26EF351D59EDF3254E05498D95D545A5AFF030D1F8E487590388D16E5176AB6757A430C05941742D7BE6273D9FC0759CBEE28BF012A1B947B93F033160A2784F42B1458F24A39B31A978A73859E770882816DBCCC338283676BE020BD0B66FA1E89C91F8FDDC85176271E78B110BD371B87B49625FFAE01CD8C712A4390EDCCEB9E4A19DC14022330DC4055E7E7C34A0994A3F63238A6CF2D0A1ACBA098860FB6E306A9AF768A697EFAD93A64E458188B4DDCA3DEAEC2EABA966D8097FAFE951D637E46C874AB5076F2E984625B94B4AD807318AD0BAA73931991FF0B33256674190AF70C7D9B67ACDF7595560F7475 !p=853EE71EF67CC6350C6CB747B05EAC6E5FACC777FE8B2C51E91CD17990B668C6CC5FE886225827F5BD23E154EB68C8CFFCC21B9F1001301B5C92DEFB94E98C1FB2CAD1B3AA585E543B2BF3CE275B4C50FA2940DABFF6F145FA4DE6844E888327BBE53E437B430275EC96AFCDAB0DA44A4A217C09484DAD688F38DC75AA350383 !q=1D30E3C206F7DD10DFD77AF17FF6B8399C02906E5147EBA2673DCD0C95241514EFFFFE7A6F30ABC3C0B1DAB4A78A95A05EC706D38E9D027120484F7690B058E29DDBF412EB6A4CC079533DECE2B041B86B94764CF9F776ECF1B667FF83633D5EA99F40281C67240069817086E8E03D61875FBD674B5B62B6D22216994D4430EA7 !kp=5F269C45301FCA2AF7C46ADD76C524BD6CF5253C3B39875CB6EB2D6B723BD076A65B96E0B285E1834A9DE4BB8FA03446D2688AF0FBACDD7DAC8DF54E12F8F4676E76076A15AB2531614FF1BAB5C02CAF66F52EAB078A80A1482D78FFE254F9D3D609CE7CC1F90838CDCA8DA081162CCC2043E91F77D28092BA3410BAB5E145B !kq=84E1E9ED788B1D6D938DF7BD26289ABAA5D78664AADE1B6C514EA400836C9E0B91FE671432D5FD14403D62BCBF73BF6F2C0418AF36A6C856F1FE3ABE222AA475F8E72F4E711C96081A4535C106B0167CD03E25CA849E606280733B398D8255FC776CDB41BD0A487917D085CF9E8C2CDFACC1C8145096D1E82CEBC0B45D67EEC5 !c2=18A7AD290DD6A4B2C50C1F5191C8F14D4DEFB3109B9F8F01FA629AC8E75B54008440CE322080F3E6DDC55EA8CEB94DCBD5481DCB98D15237C532F3BB475D69EBBEB9BBCA27D12E9F58B1600B6ADD2A46E97B02877564D8826130547366BAF53E113EDA5C197448931CD1138022DE0BC6075294886C6276F3D0E32A94E68060E30

Re: [9front] https exec header invalid

[ori]

Quoth william@thinktankworkspaces.com:
> 
> Why am I getting: exec header invalid. not much more in the logs and nothing in /sys/log/http
> 
> I will rebuild the key and pem for security but I think I'm missing
> something. Here is my configuration steps. 

that error has nothing to do with the https config,
and everything to do with a binary that you're running
being invalid.

Re: [9front] https exec header invalid

[william]

daunting... When I run it command line it get the following. 

tlssrv -D -c /sys/lib/tls/think.pem -l /tmp/log/https /cfg/maat/service.www/tcp80 $*

maat Apr 24 13:48:43  tls reports tlsServer2
maat Apr 24 13:48:43  tls reports initial msgRecv failed
maat Apr 24 13:48:43  tls reports failed: tls hungup
https://45.79.94.76


cat tcp80
#!/bin/rc
exec /rc/bin/rc-httpd/rc-httpd >>[2]/sys/log/www

was not sure if I needed to change something in select handler

if(~ $SERVER_NAME 45.79.94.76){
	PATH_INFO=$location
	FS_ROOT=/usr/www/werc/sites/$SERVER_NAME
	exec static-or-cgi /usr/www/werc/bin/werc.rc
}

like a redirect or something?

Quoth ori@eigenstate.org:
> Quoth william@thinktankworkspaces.com:
> > 
> > Why am I getting: exec header invalid. not much more in the logs and nothing in /sys/log/http
> > 
> > I will rebuild the key and pem for security but I think I'm missing
> > something. Here is my configuration steps. 
> 
> that error has nothing to do with the https config,
> and everything to do with a binary that you're running
> being invalid.
> 
> 

Re: [9front] https exec header invalid

[ori]

Quoth william@thinktankworkspaces.com:
> daunting... When I run it command line it get the following. 
> 
> tlssrv -D -c /sys/lib/tls/think.pem -l /tmp/log/https /cfg/maat/service.www/tcp80 $*
> 
> maat Apr 24 13:48:43  tls reports tlsServer2
> maat Apr 24 13:48:43  tls reports initial msgRecv failed
> maat Apr 24 13:48:43  tls reports failed: tls hungup
> https://45.79.94.76
> 
> 
> cat tcp80
> #!/bin/rc
> exec /rc/bin/rc-httpd/rc-httpd >>[2]/sys/log/www
> 
> was not sure if I needed to change something in select handler
> 
> if(~ $SERVER_NAME 45.79.94.76){
> 	PATH_INFO=$location
> 	FS_ROOT=/usr/www/werc/sites/$SERVER_NAME
> 	exec static-or-cgi /usr/www/werc/bin/werc.rc
> }
> 
> like a redirect or something?
> 

Is it possible that you just don't have what you expect in
the namespace when running it from listen?