Cherokee doesn't start with admin!ows!enabled

[fuzzball1980]

Hi guys, I have been using cherokee 1.2.101 for a while without problems. Recently my client asked to disable SSLv3 - SSLv2 TLSv1.0 and TLSv1.1. I have managed to disable the ciphers using the ciphers list but it seems that it is not passing a security test on his side anyway. So I decided to update to 1.2.104, I have cloned and compiled without problem, but when I run cherokee I got an error complaining that cherokee could not read the config file. If I replace my config file with the default config it runs without any problem. The output is just that no detail about the error, the key or the line breaking the conf.

The same config file works ok on v1.2.101

Is there any incompatibility between 101 and 104 config files?

I have run upgrade_config script and it doesnt detect any upgrade to be made. Should the script detect a version change? I believe that maybe in the past I used the script to upgrade to 1.4 and then rolled back but the config file remain with the version flag from 104, is it posible?

In any case is there a way to debug and detect which line is breaking the config?

Any help will be really appreciated.

Thank you very much!

[skinkie]

Have you tried cherokee-admin to see if you can save it again?

[fuzzball1980]

Yes I can save without problem from de Admin.

El El jue, 10 ene. 2019 a las 04:33, Stefan de Konink < notifications@github.com> escribió:

Have you tried cherokee-admin to see if you can save it again?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/cherokee/webserver/issues/1218#issuecomment-452997818, or mute the thread https://github.com/notifications/unsubscribe-auth/AFDPAnlqMte1cQYetgaHxH4HkOFYrv4oks5vBuzegaJpZM4Z4qjF .

[skinkie]

So your problem persists after admin save? Could you run cherokee -t?

[fuzzball1980]

Yes it persist, the command cherokee -t return

Test on /usr/local/etc/cherokee/cherokee.conf: Failed PID 4431:exited re=1

[skinkie]

Technically you could debug it by compiling cherokee with 'trace'. --enable-trace That might give some hints what happens. I would suggest to look first for empty values in the configuration (look in the configuration where a line ends with =)

CHEROKEE_TRACE="all" cherokee

[fuzzball1980]

ok, will try that

I just changed the config!version=001002104 to 001002101 executed the upgrade_config it says

Upgrading cherokee.conf from 1002101 to 1002104.. Upgraded Saving new configuration.. OK

but cherokee -r still fails

will try compiling with trace enabled

Thanks!

[fuzzball1980]

Got it!!

I had one line at the end of the file admin!ows!enabled = 0

and a path to the DH parameters PEM file that doesnt exist on my dev environment

I have deleted the DH params file and still got the error, deleted the admin!ows!enabled = 0 and it runs ok.

I dont know where that lines comes from.

Thank you very much!

[skinkie]

Lets mark this as bug then, so we will also remove admin!ows!enabled from the admin upon migration.