Mailing List Archive

[VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49
Hi, all;
Please find below the proposed release tarball and signatures:
https://dist.apache.org/repos/dist/dev/httpd/

I would like to call a VOTE over the next few days to release
this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.

The computed digests of the tarball up for vote are:
sha1: 525378680b3474ff319b83af76565891f8b98331 *httpd-2.4.49-rc1.tar.gz
sha256: 345d3b9b218b1974d1cebd5ae72f6a661d83b52d839310222ff9ec94abb62205 *httpd-2.4.49-rc1.tar.gz
sha512: 8efa12f239e1075c0eb8634dde5fa12e73b766a6a8f17882d6bedab8be3e02a1a15be8288413bb6da5be34e58a6e239342cdcb59ebe2d8d88ea4712028b03e5f *httpd-2.4.49-rc1.tar.gz

The SVN candidate source is found at tags/candidate-2.4.49-rc1.

PS. Some slight change to previous releases:
The tarballs carry a prefix '-rc1' but the directory it unpacks
to is 'httpd-2.4.49'. This is to make sure that, when you vote
on a tarball and it is accepted, that we can release this very
thing you voted on.
All other things should be the same as in previous releases.
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On 9/10/21 11:23, stefan@eissing.org wrote:
> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha1: 525378680b3474ff319b83af76565891f8b98331 *httpd-2.4.49-rc1.tar.gz
> sha256: 345d3b9b218b1974d1cebd5ae72f6a661d83b52d839310222ff9ec94abb62205 *httpd-2.4.49-rc1.tar.gz
> sha512: 8efa12f239e1075c0eb8634dde5fa12e73b766a6a8f17882d6bedab8be3e02a1a15be8288413bb6da5be34e58a6e239342cdcb59ebe2d8d88ea4712028b03e5f *httpd-2.4.49-rc1.tar.gz
>
> The SVN candidate source is found at tags/candidate-2.4.49-rc1.
>
> PS. Some slight change to previous releases:
> The tarballs carry a prefix '-rc1' but the directory it unpacks
> to is 'httpd-2.4.49'. This is to make sure that, when you vote
> on a tarball and it is accepted, that we can release this very
> thing you voted on.
> All other things should be the same as in previous releases.
>

Sadly I have poor results on ye old Solaris 10 SPARC64 Oracle/Fujitsu
class server where I see a very strange :


beta #
beta # /opt/bw/bin/httpd -V
Server version: Apache/2.4.49 (Unix)
Server built: Sep 12 2021 03:54:11
Server's Module Magic Number: 20120211:116
Server loaded: APR 1.7.0, APR-UTIL 1.6.1
Compiled using: APR 1.7.0, APR-UTIL 1.6.1
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_PROC_PTHREAD_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/opt/bw"
-D SUEXEC_BIN="/opt/bw/bin/suexec"
-D DEFAULT_PIDLOG="var/apache/httpd/logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="etc/apache/httpd/mime.types"
-D SERVER_CONFIG_FILE="etc/apache/httpd/httpd.conf"
beta #
beta #
beta # /opt/bw/bin/apachectl start
httpd: Syntax error on line 75 of /opt/bw/etc/apache/httpd/httpd.conf:
Cannot load modules/mod_ssl.so into server: ld.so.1: httpd: fatal:
relocation error: file /opt/bw/modules/mod_ssl.so: symbol ERR_GET_FUNC:
referenced symbol not found
beta #

OpenSSL 3.0.0 was not a problem here. A few nits but nothing at
all serious.


Not sure where this is coming from. If this is trivial let me know.


--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On 9/12/21 02:36, Dennis Clarke wrote:
> On 9/10/21 11:23, stefan@eissing.org wrote:
>> Hi, all;
>> Please find below the proposed release tarball and signatures:
>> https://dist.apache.org/repos/dist/dev/httpd/
>>
>> I would like to call a VOTE over the next few days to release
>> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
>> [ ] +1: It's not just good, it's good enough!
>> [ ] +0: Let's have a talk.
>> [ ] -1: There's trouble in paradise. Here's what's wrong.
>>

* * * NOTE -1 There's trouble in paradise. Here's what's wrong. * * *


Reply to self here ...

I discovered in the OpenSSL 3.0.0 release notes:


* The ERR_GET_FUNC() function was removed. With the loss
of meaningful function codes, this function can only
cause problems for calling applications.

Paul Dale


Thus ERR_GET_FUNC() was removed, but it looks like httpd is still
trying to use it, which explains the error I'm seeing. What I see
is :



beta #
beta # /opt/bw/bin/httpd -V
Server version: Apache/2.4.49 (Unix)
Server built: Sep 12 2021 03:54:11
Server's Module Magic Number: 20120211:116
Server loaded: APR 1.7.0, APR-UTIL 1.6.1
Compiled using: APR 1.7.0, APR-UTIL 1.6.1
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_PROC_PTHREAD_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/opt/bw"
-D SUEXEC_BIN="/opt/bw/bin/suexec"
-D DEFAULT_PIDLOG="var/apache/httpd/logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="etc/apache/httpd/mime.types"
-D SERVER_CONFIG_FILE="etc/apache/httpd/httpd.conf"
beta #
beta #
beta # /opt/bw/bin/apachectl start
httpd: Syntax error on line 75 of /opt/bw/etc/apache/httpd/httpd.conf:
Cannot load modules/mod_ssl.so into server: ld.so.1: httpd: fatal:
relocation error: file /opt/bw/modules/mod_ssl.so: symbol ERR_GET_FUNC:
referenced symbol not found
beta #

We see https://github.com/apache/httpd/pull/258 exists however I am
only now looking at how to patch 2.4.49 based on those changes in
trunk.

--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
ERR_GET_FUNC was blocking this for me on FreeBSD 13 with OpenSSL 3.0 from ports.
Warning in build logs, but failure at runtime

ssl_engine_init.c:1375:22: warning: implicit declaration of function
'ERR_GET_FUNC' is invalid in C99 [-Wimplicit-function-declaration]
&& (ERR_GET_FUNC(ERR_peek_last_error())

and the fix is https://svn.apache.org/viewvc?view=revision&revision=1891138
as noted above.

All seems well with that r1891138 fix and OpenSSL 3.0.0 on FreeBSD
13.0-p4 amd64 / clang 11.0.1

[Sun Sep 12 11:48:50.820341 2021] [mpm_event:notice] [pid 80970:tid
34372395008] AH00489: Apache/2.4.49 (FreeBSD) OpenSSL/3.0.0 configured
-- resuming normal operations

On Sun, Sep 12, 2021 at 7:02 AM Dennis Clarke <dclarke@blastwave.org> wrote:
>
> On 9/12/21 02:36, Dennis Clarke wrote:
> > On 9/10/21 11:23, stefan@eissing.org wrote:
> >> Hi, all;
> >> Please find below the proposed release tarball and signatures:
> >> https://dist.apache.org/repos/dist/dev/httpd/
> >>
> >> I would like to call a VOTE over the next few days to release
> >> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> >> [ ] +1: It's not just good, it's good enough!
> >> [ ] +0: Let's have a talk.
> >> [ ] -1: There's trouble in paradise. Here's what's wrong.
> >>
>
> * * * NOTE -1 There's trouble in paradise. Here's what's wrong. * * *
>
>
> Reply to self here ...
>
> I discovered in the OpenSSL 3.0.0 release notes:
>
>
> * The ERR_GET_FUNC() function was removed. With the loss
> of meaningful function codes, this function can only
> cause problems for calling applications.
>
> Paul Dale
>
>
> Thus ERR_GET_FUNC() was removed, but it looks like httpd is still
> trying to use it, which explains the error I'm seeing. What I see
> is :
>
>
>
> beta #
> beta # /opt/bw/bin/httpd -V
> Server version: Apache/2.4.49 (Unix)
> Server built: Sep 12 2021 03:54:11
> Server's Module Magic Number: 20120211:116
> Server loaded: APR 1.7.0, APR-UTIL 1.6.1
> Compiled using: APR 1.7.0, APR-UTIL 1.6.1
> Architecture: 64-bit
> Server MPM: event
> threaded: yes (fixed thread count)
> forked: yes (variable process count)
> Server compiled with....
> -D APR_HAS_SENDFILE
> -D APR_HAS_MMAP
> -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
> -D APR_USE_PROC_PTHREAD_SERIALIZE
> -D APR_USE_PTHREAD_SERIALIZE
> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
> -D APR_HAS_OTHER_CHILD
> -D AP_HAVE_RELIABLE_PIPED_LOGS
> -D DYNAMIC_MODULE_LIMIT=256
> -D HTTPD_ROOT="/opt/bw"
> -D SUEXEC_BIN="/opt/bw/bin/suexec"
> -D DEFAULT_PIDLOG="var/apache/httpd/logs/httpd.pid"
> -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
> -D DEFAULT_ERRORLOG="logs/error_log"
> -D AP_TYPES_CONFIG_FILE="etc/apache/httpd/mime.types"
> -D SERVER_CONFIG_FILE="etc/apache/httpd/httpd.conf"
> beta #
> beta #
> beta # /opt/bw/bin/apachectl start
> httpd: Syntax error on line 75 of /opt/bw/etc/apache/httpd/httpd.conf:
> Cannot load modules/mod_ssl.so into server: ld.so.1: httpd: fatal:
> relocation error: file /opt/bw/modules/mod_ssl.so: symbol ERR_GET_FUNC:
> referenced symbol not found
> beta #
>
> We see https://github.com/apache/httpd/pull/258 exists however I am
> only now looking at how to patch 2.4.49 based on those changes in
> trunk.
>
> --
> Dennis Clarke
> RISC-V/SPARC/PPC/ARM/CISC
> UNIX and Linux spoken
> GreyBeard and suspenders optional
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On Sun, Sep 12, 2021 at 3:02 AM Dennis Clarke <dclarke@blastwave.org> wrote:
>
> On 9/12/21 02:36, Dennis Clarke wrote:
> > On 9/10/21 11:23, stefan@eissing.org wrote:
> >> Hi, all;
> >> Please find below the proposed release tarball and signatures:
> >> https://dist.apache.org/repos/dist/dev/httpd/
> >>
> >> I would like to call a VOTE over the next few days to release
> >> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> >> [ ] +1: It's not just good, it's good enough!
> >> [ ] +0: Let's have a talk.
> >> [ ] -1: There's trouble in paradise. Here's what's wrong.
> >>
>
> * * * NOTE -1 There's trouble in paradise. Here's what's wrong. * * *

>
>
> Reply to self here ...
>
> I discovered in the OpenSSL 3.0.0 release notes:
>
>
> * The ERR_GET_FUNC() function was removed. With the loss
> of meaningful function codes, this function can only
> cause problems for calling applications.
>
> Paul Dale
>
>
> Thus ERR_GET_FUNC() was removed, but it looks like httpd is still
> trying to use it, which explains the error I'm seeing. What I see
> is :


This seems like a configuration that wouldn't have worked for 2.4.48.
I don't think it has any bearing on a 2.4.49 release.
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On Sun, Sep 12, 2021 at 2:07 PM Eric Covener <covener@gmail.com> wrote:
>
> On Sun, Sep 12, 2021 at 3:02 AM Dennis Clarke <dclarke@blastwave.org> wrote:
> >
> > On 9/12/21 02:36, Dennis Clarke wrote:
> > > On 9/10/21 11:23, stefan@eissing.org wrote:
> > >> Hi, all;
> > >> Please find below the proposed release tarball and signatures:
> > >> https://dist.apache.org/repos/dist/dev/httpd/
> > >>
> > >> I would like to call a VOTE over the next few days to release
> > >> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> > >> [ ] +1: It's not just good, it's good enough!
> > >> [ ] +0: Let's have a talk.
> > >> [ ] -1: There's trouble in paradise. Here's what's wrong.
> > >>
> >
> > * * * NOTE -1 There's trouble in paradise. Here's what's wrong. * * *
>
> >
> >
> > Reply to self here ...
> >
> > I discovered in the OpenSSL 3.0.0 release notes:
> >
> >
> > * The ERR_GET_FUNC() function was removed. With the loss
> > of meaningful function codes, this function can only
> > cause problems for calling applications.
> >
> > Paul Dale
> >
> >
> > Thus ERR_GET_FUNC() was removed, but it looks like httpd is still
> > trying to use it, which explains the error I'm seeing. What I see
> > is :
>
>
> This seems like a configuration that wouldn't have worked for 2.4.48.
> I don't think it has any bearing on a 2.4.49 release.

+1
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On 11/09/2021 01:23, stefan@eissing.org wrote:

> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha1: 525378680b3474ff319b83af76565891f8b98331 *httpd-2.4.49-rc1.tar.gz
> sha256:
> 345d3b9b218b1974d1cebd5ae72f6a661d83b52d839310222ff9ec94abb62205
> *httpd-2.4.49-rc1.tar.gz
> sha512:
> 8efa12f239e1075c0eb8634dde5fa12e73b766a6a8f17882d6bedab8be3e02a1a15be8288413bb6da5be34e58a6e239342cdcb59ebe2d8d88ea4712028b03e5f
> *httpd-2.4.49-rc1.tar.gz
>
> The SVN candidate source is found at tags/candidate-2.4.49-rc1.
>
> PS. Some slight change to previous releases:
> The tarballs carry a prefix '-rc1' but the directory it unpacks
> to is 'httpd-2.4.49'. This is to make sure that, when you vote
> on a tarball and it is accepted, that we can release this very
> thing you voted on.
> All other things should be the same as in previous releases.

All good on slackware 14.2 and 15.0-rc1 (running 24 hours)

using apr 1.70, and apr-util-1.6.1-patched (1 patch only applied against
orig src, req'd for mariadb 10.2+) and openssl-1.1.1L

--
Regards,
Noel Butler

This Email, including attachments, may contain legally privileged
information, therefore at all times remains confidential and subject to
copyright protected under international law. You may not disseminate
this message without the authors express written authority to do so.
If you are not the intended recipient, please notify the sender then
delete all copies of this message including attachments immediately.
Confidentiality, copyright, and legal privilege are not waived or lost
by reason of the mistaken delivery of this message.
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
+1, thanks again for RM'ing and the release improvements.

AIX/xlc/ppc64 100% on httpd-framework albeit not the greatest module
coverage on my new system

Files=139, Tests=7027, 231 wallclock secs ( 1.82 usr 0.43 sys + 45.99
cusr 20.74 csys = 68.98 CPU)
Result: PASS

On Fri, Sep 10, 2021 at 11:24 AM stefan@eissing.org <stefan@eissing.org> wrote:
>
> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha1: 525378680b3474ff319b83af76565891f8b98331 *httpd-2.4.49-rc1.tar.gz
> sha256: 345d3b9b218b1974d1cebd5ae72f6a661d83b52d839310222ff9ec94abb62205 *httpd-2.4.49-rc1.tar.gz
> sha512: 8efa12f239e1075c0eb8634dde5fa12e73b766a6a8f17882d6bedab8be3e02a1a15be8288413bb6da5be34e58a6e239342cdcb59ebe2d8d88ea4712028b03e5f *httpd-2.4.49-rc1.tar.gz
>
> The SVN candidate source is found at tags/candidate-2.4.49-rc1.
>
> PS. Some slight change to previous releases:
> The tarballs carry a prefix '-rc1' but the directory it unpacks
> to is 'httpd-2.4.49'. This is to make sure that, when you vote
> on a tarball and it is accepted, that we can release this very
> thing you voted on.
> All other things should be the same as in previous releases.



--
Eric Covener
covener@gmail.com
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
Hi,

no problems found on Debian 11.

5.10.0-8-amd64 #1 SMP Debian 5.10.46-4 (2021-08-03) x86_64 GNU/Linux

OpenSSL 1.1.1l 24 Aug 2021 (Library: OpenSSL 1.1.1k 25 Mar 2021)

Server version: Apache/2.4.49 (Unix)
Server built: Sep 13 2021 00:03:20
Server's Module Magic Number: 20120211:116
Server loaded: APR 1.7.0, APR-UTIL 1.6.1
Compiled using: APR 1.7.0, APR-UTIL 1.6.1
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_PROC_PTHREAD_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/opt/apache/2.4.49"
-D SUEXEC_BIN="/opt/apache/2.4.49/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"

Cheers,

C

Am Fri, Sep 10, 2021 at 05:23:53PM +0200 schrieb stefan@eissing.org:
> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha1: 525378680b3474ff319b83af76565891f8b98331 *httpd-2.4.49-rc1.tar.gz
> sha256: 345d3b9b218b1974d1cebd5ae72f6a661d83b52d839310222ff9ec94abb62205 *httpd-2.4.49-rc1.tar.gz
> sha512: 8efa12f239e1075c0eb8634dde5fa12e73b766a6a8f17882d6bedab8be3e02a1a15be8288413bb6da5be34e58a6e239342cdcb59ebe2d8d88ea4712028b03e5f *httpd-2.4.49-rc1.tar.gz
>
> The SVN candidate source is found at tags/candidate-2.4.49-rc1.
>
> PS. Some slight change to previous releases:
> The tarballs carry a prefix '-rc1' but the directory it unpacks
> to is 'httpd-2.4.49'. This is to make sure that, when you vote
> on a tarball and it is accepted, that we can release this very
> thing you voted on.
> All other things should be the same as in previous releases.
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On Fri, Sep 10, 2021 at 5:24 PM stefan@eissing.org <stefan@eissing.org> wrote:
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:

[X] +1: It's not just good, it's good enough!

All my testing passed on debian(s) 11 and 10.

Thanks again Stefan for this new release and the great procedure for
future ones!
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On 9/12/21 07:55, Bernard Spil wrote:
> ERR_GET_FUNC was blocking this for me on FreeBSD 13 with OpenSSL 3.0 from ports.
> Warning in build logs, but failure at runtime
>
> ssl_engine_init.c:1375:22: warning: implicit declaration of function
> 'ERR_GET_FUNC' is invalid in C99 [-Wimplicit-function-declaration]
> && (ERR_GET_FUNC(ERR_peek_last_error())
>
> and the fix is https://svn.apache.org/viewvc?view=revision&revision=1891138
> as noted above.
>
> All seems well with that r1891138 fix and OpenSSL 3.0.0 on FreeBSD
> 13.0-p4 amd64 / clang 11.0.1
>
> [Sun Sep 12 11:48:50.820341 2021] [mpm_event:notice] [pid 80970:tid
> 34372395008] AH00489: Apache/2.4.49 (FreeBSD) OpenSSL/3.0.0 configured
> -- resuming normal operations
>

Thank you for the top-post reply.

I am still of the opinion that "-1 There's trouble in paradise." due to
the fact that the 2.4.49-rc1 tarball will not work out of the box with
the production release of OpenSSL 3.0.0. There needs to be a fix here
such that it "just works"(tm) with the latest OpenSSL.


> On Sun, Sep 12, 2021 at 7:02 AM Dennis Clarke <dclarke@blastwave.org> wrote:
>>
>> On 9/12/21 02:36, Dennis Clarke wrote:
>>> On 9/10/21 11:23, stefan@eissing.org wrote:
>>>> Hi, all;
>>>> Please find below the proposed release tarball and signatures:
>>>> https://dist.apache.org/repos/dist/dev/httpd/
>>>>
>>>> I would like to call a VOTE over the next few days to release
>>>> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
>>>> [ ] +1: It's not just good, it's good enough!
>>>> [ ] +0: Let's have a talk.
>>>> [ ] -1: There's trouble in paradise. Here's what's wrong.
>>>>
>>
>> * * * NOTE -1 There's trouble in paradise. Here's what's wrong. * * *
>>
>>
>> Reply to self here ...
>>
>> I discovered in the OpenSSL 3.0.0 release notes:
>>
>>
>> * The ERR_GET_FUNC() function was removed. With the loss
>> of meaningful function codes, this function can only
>> cause problems for calling applications.
>>
>> Paul Dale
>>
>>
>> Thus ERR_GET_FUNC() was removed, but it looks like httpd is still
>> trying to use it, which explains the error I'm seeing. What I see
>> is :
>>
>>
>>
>> beta #
>> beta # /opt/bw/bin/httpd -V
>> Server version: Apache/2.4.49 (Unix)
>> Server built: Sep 12 2021 03:54:11
>> Server's Module Magic Number: 20120211:116
>> Server loaded: APR 1.7.0, APR-UTIL 1.6.1
>> Compiled using: APR 1.7.0, APR-UTIL 1.6.1
>> Architecture: 64-bit
>> Server MPM: event
>> threaded: yes (fixed thread count)
>> forked: yes (variable process count)
>> Server compiled with....
>> -D APR_HAS_SENDFILE
>> -D APR_HAS_MMAP
>> -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
>> -D APR_USE_PROC_PTHREAD_SERIALIZE
>> -D APR_USE_PTHREAD_SERIALIZE
>> -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>> -D APR_HAS_OTHER_CHILD
>> -D AP_HAVE_RELIABLE_PIPED_LOGS
>> -D DYNAMIC_MODULE_LIMIT=256
>> -D HTTPD_ROOT="/opt/bw"
>> -D SUEXEC_BIN="/opt/bw/bin/suexec"
>> -D DEFAULT_PIDLOG="var/apache/httpd/logs/httpd.pid"
>> -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
>> -D DEFAULT_ERRORLOG="logs/error_log"
>> -D AP_TYPES_CONFIG_FILE="etc/apache/httpd/mime.types"
>> -D SERVER_CONFIG_FILE="etc/apache/httpd/httpd.conf"
>> beta #
>> beta #
>> beta # /opt/bw/bin/apachectl start
>> httpd: Syntax error on line 75 of /opt/bw/etc/apache/httpd/httpd.conf:
>> Cannot load modules/mod_ssl.so into server: ld.so.1: httpd: fatal:
>> relocation error: file /opt/bw/modules/mod_ssl.so: symbol ERR_GET_FUNC:
>> referenced symbol not found
>> beta #
>>
>> We see https://github.com/apache/httpd/pull/258 exists however I am
>> only now looking at how to patch 2.4.49 based on those changes in
>> trunk.

I will take a close look at the patch links :

https://svn.apache.org/viewvc?view=revision&revision=1891138

At first glance there are many changes to modules/ssl/ssl_engine_init.c
so this is not just a three line change.

However it may work ....

/opt/bw/build-1/libtool --silent --mode=compile \
/opt/developerstudio12.6/bin/cc -I/opt/bw/include \
-std=iso9899:2011 -m64 -xarch=sparc -xO0 -g -errfmt=error \
-erroff=%none -errshort=full -xstrconst -xildoff \
-xmemalign=8s -xnolibmil -xcode=pic32 -xregs=no%appl \
-xlibmieee -mc -ftrap=%none -xbuiltin=%none -xunroll=1 -Qy \
-xdebugformat=dwarf -DSOLARIS2=10 -D_REENTRANT \
-I/opt/bw/include \
-D_POSIX_PTHREAD_SEMANTICS -D_LARGEFILE64_SOURCE -D_TS_ERRNO \
-D_X_OPEN_SOURCE=600 \
-I. \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/os/unix \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/include \
-I/opt/bw/include/apr-1 -I/opt/bw/include \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/aaa \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/cache \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/core \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/database
\
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/filters
\
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/ldap \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/server \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/loggers
\
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/lua \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/proxy \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/http2 \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/session
\
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/ssl \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/test \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/server \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/md \
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/arch/unix
\
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/dav/main
\
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/generators
\
-I/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/mappers
\
-prefer-pic -c ssl_engine_init.c && touch ssl_engine_init.slo
"ssl_engine_init.c", line 300: error: undefined struct/union member:
vhost_md5
"ssl_engine_init.c", line 300: warning: improper pointer/integer
combination: op "="
"ssl_engine_init.c", line 1502: warning: improper pointer/integer
combination: op "!="
"ssl_engine_init.c", line 1511: error: undefined struct/union member:
retained
"ssl_engine_init.c", line 1511: error: undefined struct/union member:
privkeys
"ssl_engine_init.c", line 1511: error: left operand of "->" must be
pointer to struct/union
"ssl_engine_init.c", line 1511: warning: improper pointer/integer
combination: arg #1
"ssl_engine_init.c", line 1681: error: undefined struct/union member:
mac_params
"ssl_engine_init.c", line 1681: error: cannot dereference non-pointer type
"ssl_engine_init.c", line 1682: error: undefined symbol: OSSL_MAC_PARAM_KEY
"ssl_engine_init.c", line 1682: warning: improper pointer/integer
combination: arg #1
"ssl_engine_init.c", line 1681: error: assignment type mismatch:
int "=" struct ossl_param_st {pointer to const char key,
unsigned int data_type, pointer to void data, unsigned long data_size,
unsigned long return_size}
"ssl_engine_init.c", line 1684: error: improper member use: mac_params
"ssl_engine_init.c", line 1684: error: cannot dereference non-pointer type
"ssl_engine_init.c", line 1685: error: undefined symbol:
OSSL_MAC_PARAM_DIGEST
"ssl_engine_init.c", line 1685: warning: improper pointer/integer
combination: arg #1
"ssl_engine_init.c", line 1684: error: assignment type mismatch:
int "=" struct ossl_param_st {pointer to const char key,
unsigned int data_type, pointer to void data, unsigned long data_size,
unsigned long return_size}
"ssl_engine_init.c", line 1686: error: improper member use: mac_params
"ssl_engine_init.c", line 1686: error: cannot dereference non-pointer type
"ssl_engine_init.c", line 1686: error: assignment type mismatch:
int "=" struct ossl_param_st {pointer to const char key,
unsigned int data_type, pointer to void data, unsigned long data_size,
unsigned long return_size}
"ssl_engine_init.c", line 1689: warning: argument #2 is incompatible
with prototype:
prototype: pointer to function(pointer to struct ssl_st {},
pointer to unsigned char, pointer to unsigned char, pointer to struct
evp_cipher_ctx_st {}, pointer to struct evp_mac_ctx_st {}, int)
returning int : "/opt/bw/include/openssl/tls1.h", line 333
argument : pointer to function(pointer to struct ssl_st {},
pointer to unsigned char, pointer to unsigned char, pointer to struct
evp_cipher_ctx_st {}, pointer to struct hmac_ctx_st {}, int) returning int
cc: acomp failed for ssl_engine_init.c
gmake[4]: ***
[/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/build/rules.mk:212:
ssl_engine_init.slo] Error 1
gmake[4]: Leaving directory
'/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/ssl'
gmake[3]: ***
[/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/build/rules.mk:117:
shared-build-recursive] Error 1
gmake[3]: Leaving directory
'/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules/ssl'
gmake[2]: ***
[/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/build/rules.mk:117:
shared-build-recursive] Error 1
gmake[2]: Leaving directory
'/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/modules'
gmake[1]: ***
[/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/build/rules.mk:117:
shared-build-recursive] Error 1
gmake[1]: Leaving directory
'/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003'
gmake: ***
[/opt/bw/build/httpd-2.4.49-rc1_sunos5.10_sparcv9_sslv3.003/build/rules.mk:75:
all-recursive] Error 1


Nope.

Not exactly a drop in replacement. I will dig around and see if there is
a way to deal with the above.

So I guess the question should be will httpd 2.4.49 work with OpenSSL 3?


--
Dennis Clarke
RISC-V/SPARC/PPC/ARM/CISC
UNIX and Linux spoken
GreyBeard and suspenders optional
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On 9/12/21 22:41, Dennis Clarke wrote:
> On 9/12/21 07:55, Bernard Spil wrote:

reply to self again ...

Looking in trunk I see modules/ssl/ssl_private.h :

struct SSLSrvConfigRec {
SSLModConfigRec *mc;
ssl_enabled_t enabled;
const char *vhost_id;
const unsigned char *vhost_md5; /* = ap_md5_binary(vhost_id, ...) */
int session_cache_timeout;
BOOL cipher_server_pref;
BOOL insecure_reneg;
modssl_ctx_t *server;
#ifdef HAVE_TLSEXT
ssl_enabled_t strict_sni_vhost_check;
#endif
#ifndef OPENSSL_NO_COMP
BOOL compression;
#endif
BOOL session_tickets;

};


This member vhost_md5 does not exist in 2.4.49 :

struct SSLSrvConfigRec {
SSLModConfigRec *mc;
ssl_enabled_t enabled;
const char *vhost_id;
int vhost_id_len;
int session_cache_timeout;
BOOL cipher_server_pref;
BOOL insecure_reneg;
modssl_ctx_t *server;
#ifdef HAVE_TLSEXT
ssl_enabled_t strict_sni_vhost_check;
#endif
#ifdef HAVE_FIPS
BOOL fips;
#endif
#ifndef OPENSSL_NO_COMP
BOOL compression;
#endif
BOOL session_tickets;
};

I will go back to trunk and see where I land.


Dennis
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On 9/10/21 17:23, stefan@eissing.org wrote:
> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1, works fine on Fedora 34 and OpenBSD 6.9.

Giovanni
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
On Fri, Sep 10, 2021 at 05:23:53PM +0200, stefan@eissing.org wrote:
> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> [X] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.

+1 for release, passes test suite on Fedora 34 and RHEL8, and in CI :)

Huge thanks to Stefan for the release and process improvements.

Regards, Joe
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
Le 10/09/2021 à 17:23, stefan@eissing.org a écrit :
> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> [X] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha1: 525378680b3474ff319b83af76565891f8b98331 *httpd-2.4.49-rc1.tar.gz
> sha256: 345d3b9b218b1974d1cebd5ae72f6a661d83b52d839310222ff9ec94abb62205 *httpd-2.4.49-rc1.tar.gz
> sha512: 8efa12f239e1075c0eb8634dde5fa12e73b766a6a8f17882d6bedab8be3e02a1a15be8288413bb6da5be34e58a6e239342cdcb59ebe2d8d88ea4712028b03e5f *httpd-2.4.49-rc1.tar.gz
>
> The SVN candidate source is found at tags/candidate-2.4.49-rc1.
>
> PS. Some slight change to previous releases:
> The tarballs carry a prefix '-rc1' but the directory it unpacks
> to is 'httpd-2.4.49'. This is to make sure that, when you vote
> on a tarball and it is accepted, that we can release this very
> thing you voted on.
> All other things should be the same as in previous releases.
>

+1 ; Tested only with event.

Tested with:
Linux pop-os 5.11.0
gcc (Ubuntu 10.3.0-1ubuntu1) 10.3.0
OpenSSL 1.1.1j 16 Feb 2021
libssl-dev 1.1.1j
libbrotli-dev 1.0.9
libjansson-dev 2.13.1
libnghttp2-dev 1.43.0
libpcre2-dev 10.36
liblua5.3-dev 5.3.3
libsystemd-dev 247.3
libldap2-dev 2.4.57+dfsg
libxml2-dev 2.9.10+dfsg
libcurl4-openssl-dev 7.74.0


Also, a few things should be fixed, but can be done later:
LuaHookPreTranslateName is not documented (neither in trunk nor in 2.4.x)
<LuaHookPreTranslateName> is not documented (neither in trunk nor in 2.4.x)



Thx a lot Stefan for RM and tools.

CJ
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
Currently, we have 8 +1 votes and a -1, non binding, on OpenSSL 3.0
compatibility. I will give this another day and plan to conclude
the results tomorrow.

Many thanks to all the people testing this candidate!

Cheers,
Stefan

> Am 13.09.2021 um 22:31 schrieb Christophe JAILLET <christophe.jaillet@wanadoo.fr>:
>
> Le 10/09/2021 à 17:23, stefan@eissing.org a écrit :
>> Hi, all;
>> Please find below the proposed release tarball and signatures:
>> https://dist.apache.org/repos/dist/dev/httpd/
>> I would like to call a VOTE over the next few days to release
>> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
>> [X] +1: It's not just good, it's good enough!
>> [ ] +0: Let's have a talk.
>> [ ] -1: There's trouble in paradise. Here's what's wrong.
>> The computed digests of the tarball up for vote are:
>> sha1: 525378680b3474ff319b83af76565891f8b98331 *httpd-2.4.49-rc1.tar.gz
>> sha256: 345d3b9b218b1974d1cebd5ae72f6a661d83b52d839310222ff9ec94abb62205 *httpd-2.4.49-rc1.tar.gz
>> sha512: 8efa12f239e1075c0eb8634dde5fa12e73b766a6a8f17882d6bedab8be3e02a1a15be8288413bb6da5be34e58a6e239342cdcb59ebe2d8d88ea4712028b03e5f *httpd-2.4.49-rc1.tar.gz
>> The SVN candidate source is found at tags/candidate-2.4.49-rc1.
>> PS. Some slight change to previous releases:
>> The tarballs carry a prefix '-rc1' but the directory it unpacks
>> to is 'httpd-2.4.49'. This is to make sure that, when you vote
>> on a tarball and it is accepted, that we can release this very
>> thing you voted on.
>> All other things should be the same as in previous releases.
>
> +1 ; Tested only with event.
>
> Tested with:
> Linux pop-os 5.11.0
> gcc (Ubuntu 10.3.0-1ubuntu1) 10.3.0
> OpenSSL 1.1.1j 16 Feb 2021
> libssl-dev 1.1.1j
> libbrotli-dev 1.0.9
> libjansson-dev 2.13.1
> libnghttp2-dev 1.43.0
> libpcre2-dev 10.36
> liblua5.3-dev 5.3.3
> libsystemd-dev 247.3
> libldap2-dev 2.4.57+dfsg
> libxml2-dev 2.9.10+dfsg
> libcurl4-openssl-dev 7.74.0
>
>
> Also, a few things should be fixed, but can be done later:
> LuaHookPreTranslateName is not documented (neither in trunk nor in 2.4.x)
> <LuaHookPreTranslateName> is not documented (neither in trunk nor in 2.4.x)
>
>
>
> Thx a lot Stefan for RM and tools.
>
> CJ
Re: [VOTE] Release httpd-2.4.49-rc1 as httpd-2.4.49 [ In reply to ]
All fine on windows till now.

Only waiting for a full-cycle test mod_md.

PS.
Thanks Stefan,
but I hope not a release every month or two/three, cost too much of my
cycles/free time.

On 10-9-2021 17:23, stefan@eissing.org wrote:
> Hi, all;
> Please find below the proposed release tarball and signatures:
> https://dist.apache.org/repos/dist/dev/httpd/
>
> I would like to call a VOTE over the next few days to release
> this candidate tarball httpd-2.4.49-rc1 as 2.4.49:
> [ ] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> The computed digests of the tarball up for vote are:
> sha1: 525378680b3474ff319b83af76565891f8b98331 *httpd-2.4.49-rc1.tar.gz
> sha256: 345d3b9b218b1974d1cebd5ae72f6a661d83b52d839310222ff9ec94abb62205 *httpd-2.4.49-rc1.tar.gz
> sha512: 8efa12f239e1075c0eb8634dde5fa12e73b766a6a8f17882d6bedab8be3e02a1a15be8288413bb6da5be34e58a6e239342cdcb59ebe2d8d88ea4712028b03e5f *httpd-2.4.49-rc1.tar.gz
>
> The SVN candidate source is found at tags/candidate-2.4.49-rc1.
>
> PS. Some slight change to previous releases:
> The tarballs carry a prefix '-rc1' but the directory it unpacks
> to is 'httpd-2.4.49'. This is to make sure that, when you vote
> on a tarball and it is accepted, that we can release this very
> thing you voted on.
> All other things should be the same as in previous releases.