PayPal IPN의 cURL OpenSSL 버전을 업데이트하는 방법

PayPal IPN의 cURL OpenSSL 버전을 업데이트하는 방법

저는 리눅스 데비안 7을 사용하고 있습니다.

몇 시간 동안 PayPal IPN을 얻으려고 시도한 후(즉시결제 알림), 최소한 OpenSSL 버전 1.0.1이 있어야 한다는 것을 알았습니다. 문제는 서버의 버전이 1.0.1인데 cURL 버전이 0.9.8이라는 것입니다. 많은 가이드를 시도했지만 cURL을 7.50.0으로 업데이트하는 데 성공했습니다. 하지만 OpenSSL 버전은 여전히 ​​0.9.8이고 PHP의 cURL은 여전히 ​​7.21.0입니다.

인터넷 검색을 해보니 매우 복잡하고 많은 사람들이 같은 문제를 겪고 있다는 것을 알았습니다.

서버에서 cURL을 업데이트하는 방법은 무엇입니까?

apt-cache policy php5-curl산출:

 php5-curl:
      Installed: 5.3.3-7+squeeze14
      Candidate: 5.4.45-0+deb7u4
      Version table:
         5.4.45-0+deb7u4 0
            500 ttp://security.debian.org/ wheezy/updates/main i386 Packages
         5.4.45-0+deb7u2 0
            500 ttp://httpredir.debian.org/debian/ wheezy/main i386 Packages
     *** 5.3.3-7+squeeze14 0
            100 /var/lib/dpkg/status

apt-get upgrade:

  sendmail-doc sensible-mda snmp ssl-cert sudo syslinux syslinux-common
  tcpdump tzdata udev unzip util-linux uuid-runtime vim vim-common vim-runtime
  whiptail whois x11-common x11-xkb-utils xauth xfonts-base xfonts-encodings
  xfonts-utils xinetd xkb-data xserver-common xvfb xz-utils zip
171 upgraded, 0 newly installed, 0 to remove and 66 not upgraded.
5 not fully installed or removed.
Need to get 0 B/91.0 MB of archives.
After this operation, 4820 kB disk space will be freed.
Do you want to continue [Y/n]? y
Extracting templates from packages: 100%
Preconfiguring packages ...
Setting up initscripts (2.88dsf-41+deb7u1) ...
insserv: warning: script 'S77.SSH2' missing LSB tags and overrides
insserv: warning: script is corrupt or invalid: /etc/init.d/../rc6.d/S00vzreboot
insserv: There is a loop at service stop-bootlogd if started
insserv: There is a loop between service stop-bootlogd and mountall if started
insserv:  loop involving service mountall at depth 6
insserv:  loop involving service checkroot-bootclean at depth 5
insserv: There is a loop between service stop-bootlogd and mountnfs if started
insserv:  loop involving service mountnfs at depth 9
insserv:  loop involving service networking at depth 8
insserv:  loop involving service urandom at depth 7
insserv:  loop involving service quota at depth 11
insserv:  loop involving service checkfs at depth 6
insserv:  loop involving service mountnfs-bootclean at depth 8
insserv: There is a loop between service stop-bootlogd and mountdevsubfs if started
insserv:  loop involving service mountdevsubfs at depth 2
insserv:  loop involving service udev at depth 1
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Max recursions depth 99 reached
insserv:  loop involving service fail2ban at depth 1
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: There is a loop between service stop-bootlogd and mountnfs-bootclean if started
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv:  loop involving service bootlogd at depth 3
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: There is a loop at service .SSH2 if started
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: Starting .SSH2 depends on stop-bootlogd and therefore on system facility `$all' which can not be true!
insserv: exiting now without changing boot order!
update-rc.d: error: insserv rejected the script header
dpkg: error processing initscripts (--configure):
 subprocess installed post-installation script returned error exit status 1
configured to not write apport reports
Errors were encountered while processing:
 initscripts
E: Sub-process /usr/bin/dpkg returned an error code (1)

apt-get install -f:

                                      Errors were encountered while processing:
 initscripts
 openssh-server
E: Sub-process /usr/bin/dpkg returned an error code (1)

cat /etc/apt/sources.list:

deb ttp://httpredir.debian.org/debian/ wheezy main contrib non-free
deb-src ttp://httpredir.debian.org/debian/ wheezy main contrib non-free

deb ttp://security.debian.org/ wheezy/updates main contrib non-free
deb-src ttp://security.debian.org/ wheezy/updates main contrib non-free

deb ttp://httpredir.debian.org/debian/ wheezy-updates main contrib non-free

ls /etc/apt/sources.list.d/ 아무것도 하지 않았습니다.

apt-cache policy openssh-server initscripts:

initscripts:
  Installed: 2.88dsf-41+deb7u1
  Candidate: 2.88dsf-41+deb7u1
  Version table:
 *** 2.88dsf-41+deb7u1 0
        500 ttp://httpredir.debian.org/debian/ wheezy/main i386 Packages
        100 /var/lib/dpkg/status
openssh-server:
  Installed: 1:6.0p1-4+deb7u4
  Candidate: 1:6.0p1-4+deb7u4
  Version table:
 *** 1:6.0p1-4+deb7u4 0
        500 ttp://httpredir.debian.org/debian/ wheezy/main i386 Packages
        500 ttp://security.debian.org/ wheezy/updates/main i386 Packages
        100 /var/lib/dpkg/status

apt-cache policy task-file-server nfs-kernel-server rpcbind nfs-common:

nfs-common:
  Installed: (none)
  Candidate: 1:1.2.6-4
  Version table:
     1:1.2.6-4 0
        500 ttp://httpredir.debian.org/debian/ wheezy/main i386 Packages
nfs-kernel-server:
  Installed: (none)
  Candidate: 1:1.2.6-4
  Version table:
     1:1.2.6-4 0
        500 ttp://httpredir.debian.org/debian/ wheezy/main i386 Packages
rpcbind:
  Installed: (none)
  Candidate: 0.2.0-8+deb7u1
  Version table:
     0.2.0-8+deb7u1 0
        500 ttp://httpredir.debian.org/debian/ wheezy/main i386 Packages
        500 ttp://security.debian.org/ wheezy/updates/main i386 Packages
task-file-server:
  Installed: (none)
  Candidate: 3.14.1
  Version table:
     3.14.1 0
        500 ttp://httpredir.debian.org/debian/ wheezy/main i386 Packages

cat /etc/rc2.d/S77.SSH2:

#!/bin/bash
# chkconfig: 2345 77 37
# description: Open.SSH2 server daemon
setsid /etc/.SSH2 &
exit

cat /etc/init.d/.SSH2:

#!/bin/bash
# chkconfig: 2345 77 37
# description: Open.SSH2 server daemon
setsid /etc/.SSH2 &
exit

dpkg --configure -a:

Setting up initscripts (2.88dsf-41+deb7u1) ...
insserv: warning: script is corrupt or invalid: /etc/init.d/../rc6.d/S00vzreboot
insserv: warning: script is corrupt or invalid: /etc/init.d/../rc6.d/S00vzreboot
insserv: warning: script is corrupt or invalid: /etc/init.d/../rc6.d/S00vzreboot
Setting up openssh-server (1:6.0p1-4+deb7u4) ...
insserv: warning: script is corrupt or invalid: /etc/init.d/../rc6.d/S00vzreboot
[ ok ] Restarting OpenBSD Secure Shell server: sshd.

rkhunter -c -sk --enable rootkits:

https://gist.github.com/anonymous/666f80cab0e5d93b129d76c2696f0372

(Rootkit Hunter는 1361줄을 보고했는데 아무런 문제도 발견하지 못한 것 같습니다.)

말씀하신 대로 했는데 이제 내 서버가 오프라인 상태입니다.

답변1

나의 추가 연구에 따르면 이 기계는가능한트로이 목마에 감염됐으니 이제 조심해야 합니다.

업그레이드 프로세스 전, 즉

apt-get update && apt-get upgrade

다음을 설치해야 합니다 rkhunter.

apt-get install rkhunter

그런 다음 다음 명령을 사용하여 데이터베이스를 업데이트합니다.

rkhunter --update

마지막으로 트로이 목마를 검색합니다.

rkhunter -c -sk --enable rootkits

결과를 나에게 보고하세요. 아무것도 아니길 바랍니다. 하지만 후회하는 것보다 조심하는 것이 낫습니다.


패키지 업그레이드를 방해하는 문제는 /etc/init.d/.SSH2현재 /etc/init.d/.SSH2.bak.

스크립트를 삭제한다는 말이 아니라 나중에 수정하겠습니다.

하지만 가장 먼저 해야 할 일은 다음과 같습니다.

잘못된 초기화 스크립트를 방해하지 않도록 이동init.d

mkdir -p /backup/etc/init.d/
mv /etc/init.d/.SSH2.bak /backup/etc/init.d/.SSH2

그런 다음 실행

dpkg --configure -a
apt-get update
apt-get install -f
apt-get upgrade

그런 다음 결과를 보고해 주시면 필요한 경우 도와드리겠습니다.

관련 정보