Re: [VOTE] Release httpd-2.4.48
Le 17/05/2021 à 23:36, Christophe JAILLET a écrit : Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.48: [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. The computed digests of the tarball up for vote are: sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e *httpd-2.4.48.tar.gz sha512: 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb *httpd-2.4.48.tar.gz The SVN tag is '2.4.48' at r1889975. My +1 as well, CJ
Re: [VOTE] Release httpd-2.4.48
On Tue, 18 May 2021 at 00:37, Christophe JAILLET wrote: > > Hi, all; > Please find below the proposed release tarball and signatures: > https://dist.apache.org/repos/dist/dev/httpd/ > > I would like to call a VOTE over the next few days to release this > candidate tarball as 2.4.48: > [ ] +1: It's not just good, it's good enough! > [ ] +0: Let's have a talk. > [ ] -1: There's trouble in paradise. Here's what's wrong. > Tested on Windows. I confirm that ETag regression that was present in httpd 2.4.47 does not reproduce in httpd 2.4.48. But if I were the one to ask, I would say that r1889793 is too large to be released in a patch release, and should instead be included in 2.6.x. -- Ivan Zhakov
Re: [VOTE] Release httpd-2.4.48
Am 17.05.2021 um 23:36 schrieb Christophe JAILLET: Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.48: [X] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. The computed digests of the tarball up for vote are: sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e *httpd-2.4.48.tar.gz sha512: 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb *httpd-2.4.48.tar.gz The SVN tag is '2.4.48' at r1889975. +1 to release and thanks a bunch for RM! Summary: all OK except for - one single crash on SLES 11 statically linked during SSL handshake. - two crashes on Solaris with prefork MPM during shutdown. Only with released APR/APU not with svn heads. Tests ongoing. I think I have seen such before, so not a regression. - minor nit: The following files in the tarballs contains french date lines probably due to exporting them from svn with your local locale: - ROADMAP - VERSIONING - maybe others? Maybe already fixed, I saw some conversation about in the future using a default locale in scripts. Detailed report: - Sigs and hashes OK - contents of tarballs identical - contents of tag and tarballs identical except for expected deltas Built on - Solaris 10 Sparc as 32 Bit Binaries - SLES 11+12+15 (64 Bits) - RHEL 6+7+8 (64 Bits) For all platforms built - with default (shared) and static modules - with module set reallyall - using --enable-load-all-modules - against - bundled APR/APU from deps tarball - external APR/APU 1.7.0/1.6.1 (expat) - APR/APU 1.6.5/1.6.1 (expat) - APR/APU 1.7.x r1889104/1.7.x r1889948 (expat) - APR/APU 1.7.x r1889104/1.7.x r1889948 (libxml2) - APR/APU 1.6.x r1876940/1.6.x r1889948 (expat) - using external libraries - expat 2.3.0 - pcre 8.44 - lua 5.4.3 (compiled with LUA_COMPAT_MODULE) - libxml2 2.9.12 - libnghttp2 1.43.0 - brotli 1.0.9 - curl 7.76.1 - jansson 2.13.1 - libldap 2.4.58 (resp. 2.4.52 when using OpenSSL 0.9.8) and - openssl 0.9.8zh, 1.0.2, 1.0.2u, 1.1.1, 1.1.1k, 3.0.0alpha16 - Tool chain: - platform gcc except on Solaris (gcc 9.3.0 Solaris 10) - CFLAGS: -O2 -g -Wall -fno-strict-aliasing - on Solaris additionally -mpcu=v9, -D_XOPEN_SOURCE, -D_XOPEN_SOURCE_EXTENDED=1, -D__EXTENSIONS__ and -D_XPG6 All of the 884 builds succeeded. - compiler warnings: see earlier separate mail Tested for - SLES 11+12 done - SLES 15 and RHEL 6+7+8 mostly done - Solaris 10 Sparc about 12% done - MPMs prefork, worker, event - default and static module builds - log level trace8 - module set reallyall (129 modules plus 3 MPMs) - Perl client bundle build against OpenSSL 1.1.1g plus patches, 1.1.0l, 1.0.2u and 0.9.8zh - OpenSSL once linked statically and once as a shared library Every OpenSSL version in the client is tested with every OpenSSL version in the server. The total number of test suite runs until now is ~8000 (more still to come, especially most of the Solaris ones and some of those with statically linked OpenSSL in combination with statically linked server on Linux). Some local adjustments to tests were used: - t/modules/buffer.t: removing huge buffer tests -my $bigsize = 10; +my $bigsize = 1; - fixing limitrequestline overwrite which does not yet really work in Apache-Test/lib/Apache/TestConfig.pm 87d86'global LimitRequestLine setting (default is 128)', 96a96 > # limitrequestline => 'global LimitRequestLine setting (default is 128)', 372,373c372,373 < $vars->{limitrequestline} ||= 128; < $vars->{limitrequestlinex2} = 2 * $vars->{limitrequestline}; --- > #$vars->{limitrequestline} ||= 128; > #$vars->{limitrequestlinex2} = 2 * $vars->{limitrequestline}; - the temporary workaround for OpenSSL 3 when using "openssl crl -hash" with STDIN in Apache-Test/lib/Apache/TestSSLCA.pm is no longer necessary, problem fixed in OpenSSL 3.0.0alpha16 The following test failures were seen: a A single crash in SLES 11 APU 1.6.1 APR 1.7.0 OpenSSL 1.0.2u build statically using event. Crash during ssl_io_filter_handshake calling ... CRYPTO_malloc and finally "glibc detected *** /path/to/bin/httpd: malloc(): memory corruption: 0x00faafe1" gdb data see below. b Two crashes on Solaris 10 Sparc, once APU 1.6.1 APR 1.6.5 OpenSSL 3.0.0alpha16 and once APU 1.6.1 APR 1.7.0 OpenSSL 1.1.1k build dynamically both using prefork. Crash during shutdown when apr_pool_destroy() for the pchild pool calls allocator_free() (invalid node->next). Might be fixed in svn heads. I will check, whether the ongoing Solaris
Re: [VOTE] Release httpd-2.4.48
The bandages back-ported from trunk resolved all the lua 5.4 issues... +1 from the peanut gallery for this candidate. On Mon, May 17, 2021, 16:37 Christophe JAILLET < christophe.jail...@wanadoo.fr> wrote: > Hi, all; > Please find below the proposed release tarball and signatures: > https://dist.apache.org/repos/dist/dev/httpd/ > > I would like to call a VOTE over the next few days to release this > candidate tarball as 2.4.48: > [ ] +1: It's not just good, it's good enough! > [ ] +0: Let's have a talk. > [ ] -1: There's trouble in paradise. Here's what's wrong. > > The computed digests of the tarball up for vote are: > sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz > sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e > *httpd-2.4.48.tar.gz > sha512: > 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb > > *httpd-2.4.48.tar.gz > > The SVN tag is '2.4.48' at r1889975. > > -- > Christophe JAILLET >
Re: [VOTE] Release httpd-2.4.48
On 20/05/2021 03:43, Christophe JAILLET wrote: So, even if the LibreSSL built was completely broken, I wouldn't consider it as a showstoper. Agreed, libressl is not used by any mainstream OS, its used by the OS related to forking it from openssl in openbsd, and maybe its spinoff (forget its name) but not used in freebsd, Redhat/fedora Debian/ubuntu/mint, SuSe, Slackware, Gentoo, Arch ... When one of these guys start using it in place of openssl then perhaps it should be considered a problem, but I don't see that happening any year soon -- Regards, Noel Butler This Email, including attachments, may contain legally privileged information, therefore at all times remains confidential and subject to copyright protected under international law. You may not disseminate this message without the authors express written authority to do so. If you are not the intended recipient, please notify the sender then delete all copies of this message including attachments immediately. Confidentiality, copyright, and legal privilege are not waived or lost by reason of the mistaken delivery of this message.
Re: [VOTE] Release httpd-2.4.48
On Wed, May 19, 2021 at 07:43:51PM +0200, Christophe JAILLET wrote: > Le 18/05/2021 à 14:57, Giovanni Bechis a écrit : > > On 5/18/21 1:53 PM, Joe Orton wrote: > >> On Tue, May 18, 2021 at 01:30:25PM +0200, Ruediger Pluem wrote: > >>> > >>> > >>> On 5/18/21 11:52 AM, Giovanni Bechis wrote: > On 5/17/21 11:36 PM, Christophe JAILLET wrote: > > Hi, all; > > Please find below the proposed release tarball and signatures: > > https://dist.apache.org/repos/dist/dev/httpd/ > > > > I would like to call a VOTE over the next few days to release this > > candidate tarball as 2.4.48: > > [ ] +1: It's not just good, it's good enough! > > [ ] +0: Let's have a talk. > > [ ] -1: There's trouble in paradise. Here's what's wrong. > > > > The computed digests of the tarball up for vote are: > > sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz > > sha256: > > 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e > > *httpd-2.4.48.tar.gz > > sha512: > > 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb > > *httpd-2.4.48.tar.gz > > > > The SVN tag is '2.4.48' at r1889975. > > > -1 for me. > new mod_md doesn't build with LibreSSL because nor EVP_PKEY_X25519 nor > EVP_PKEY_X448 are defined. > I have asked LibreSSL guys if they will add EVP_PKEY_* constants to > evp.h. > > Hi Giovanni, > > From my point of view, we do not *officially* support LibreSSL. The > mod_ssl doc is only about OpenSSL. I've found no reference to it, apart > from the many LIBRESSL_VERSION_NUMBER in the code itself. > So, even if the LibreSSL built was completely broken, I wouldn't > consider it as a showstoper. > > If we consider that Linking against LibreSSL is a must have, then, at > least we should update the doc. > I have several Apache httpd + LibreSSL setups and I would like to keep them working I will work to have LibreSSL compatibility as much as I can. > >>> > >>> Did 2.4.46 build with LibreSSL? > >> > > 2.4.46 and 2.4.47 builds. > > >> Looks like this is new in 2.4.48 but both LibreSSL users can work around > >> this or not build mod_md, it doesn't seem like a showstopper. > >> > > no real showstopper for me, please remove my "-1" vote. > > > > Let us know if you want to change your vote to something else (see [1]) > or if you just don't vote for this release. > +1 for me then, I can backport patches where needed. > > > >> Giovanni, if you care about keeping Libre support alive can you work out > >> how to get it building in Travis? It's daft if we are only hitting > >> these compat issues in post-roll testing. > >> > > I agree and I will take a look at it. > > Just great :) > Thx. > > And then, updating the doc would worth it ;-) > This will be one of the first steps. Giovanni > CJ > > [1]: > https://apache.org/foundation/voting.html#expressing-votes-1-0-1-and-fractions > signature.asc Description: PGP signature
Re: [VOTE] Release httpd-2.4.48
Le 18/05/2021 à 14:57, Giovanni Bechis a écrit : On 5/18/21 1:53 PM, Joe Orton wrote: On Tue, May 18, 2021 at 01:30:25PM +0200, Ruediger Pluem wrote: On 5/18/21 11:52 AM, Giovanni Bechis wrote: On 5/17/21 11:36 PM, Christophe JAILLET wrote: Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.48: [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. The computed digests of the tarball up for vote are: sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e *httpd-2.4.48.tar.gz sha512: 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb *httpd-2.4.48.tar.gz The SVN tag is '2.4.48' at r1889975. -1 for me. new mod_md doesn't build with LibreSSL because nor EVP_PKEY_X25519 nor EVP_PKEY_X448 are defined. I have asked LibreSSL guys if they will add EVP_PKEY_* constants to evp.h. Hi Giovanni, From my point of view, we do not *officially* support LibreSSL. The mod_ssl doc is only about OpenSSL. I've found no reference to it, apart from the many LIBRESSL_VERSION_NUMBER in the code itself. So, even if the LibreSSL built was completely broken, I wouldn't consider it as a showstoper. If we consider that Linking against LibreSSL is a must have, then, at least we should update the doc. Did 2.4.46 build with LibreSSL? 2.4.46 and 2.4.47 builds. >> Looks like this is new in 2.4.48 but both LibreSSL users can work around this or not build mod_md, it doesn't seem like a showstopper. no real showstopper for me, please remove my "-1" vote. Let us know if you want to change your vote to something else (see [1]) or if you just don't vote for this release. Giovanni, if you care about keeping Libre support alive can you work out how to get it building in Travis? It's daft if we are only hitting these compat issues in post-roll testing. I agree and I will take a look at it. Just great :) Thx. And then, updating the doc would worth it ;-) CJ [1]: https://apache.org/foundation/voting.html#expressing-votes-1-0-1-and-fractions
Re: [VOTE] Release httpd-2.4.48
Good evening Christophe, +1 for Windows Cheers, Steffen > Op 17 mei 2021 om 23:37 heeft Christophe JAILLET > het volgende geschreven: > > Hi, all; > Please find below the proposed release tarball and signatures: > https://dist.apache.org/repos/dist/dev/httpd/ > > I would like to call a VOTE over the next few days to release this candidate > tarball as 2.4.48: > [ ] +1: It's not just good, it's good enough! > [ ] +0: Let's have a talk. > [ ] -1: There's trouble in paradise. Here's what's wrong. > > The computed digests of the tarball up for vote are: > sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz > sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e > *httpd-2.4.48.tar.gz > sha512: > 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb > *httpd-2.4.48.tar.gz > > The SVN tag is '2.4.48' at r1889975. > > -- > Christophe JAILLET
Re: [VOTE] Release httpd-2.4.48
On 18/05/2021 21:50, Joe Orton wrote: On Mon, May 17, 2021 at 11:36:29PM +0200, Christophe JAILLET wrote: Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.48: [X] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. The computed digests of the tarball up for vote are: sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e *httpd-2.4.48.tar.gz sha512: 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb *httpd-2.4.48.tar.gz +1 for release, builds and passes test suite on RHEL8. Thanks for RMing again. Regards, Joe All good on slackware 14.0 14.2 and 15.0beta running 48 hours -- Regards, Noel Butler This Email, including attachments, may contain legally privileged information, therefore at all times remains confidential and subject to copyright protected under international law. You may not disseminate this message without the authors express written authority to do so. If you are not the intended recipient, please notify the sender then delete all copies of this message including attachments immediately. Confidentiality, copyright, and legal privilege are not waived or lost by reason of the mistaken delivery of this message.
Re: [VOTE] Release httpd-2.4.48
Hello, I tested in RHEL 6.10 and Centos 7.9 along with manually compiled: openssl-1.1.1k expat-2.2.10 apr-1.7.0 apr-util-1.6.1 pcre-8.44 nghttp2-1.43.0 (and to compile this , compiled Python-3.9.5) bonus: tested loading weblogic plugin too (WebLogic Server Plugin version 12.2.1.4.0 ) Results: no issues. +1 for me. El lun, 17 may 2021 a las 23:37, Christophe JAILLET () escribió: > > Hi, all; > Please find below the proposed release tarball and signatures: > https://dist.apache.org/repos/dist/dev/httpd/ > > I would like to call a VOTE over the next few days to release this > candidate tarball as 2.4.48: > [ ] +1: It's not just good, it's good enough! > [ ] +0: Let's have a talk. > [ ] -1: There's trouble in paradise. Here's what's wrong. > > The computed digests of the tarball up for vote are: > sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz > sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e > *httpd-2.4.48.tar.gz > sha512: > 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb > *httpd-2.4.48.tar.gz > > The SVN tag is '2.4.48' at r1889975. > > -- > Christophe JAILLET -- Daniel Ferradal HTTPD Project #httpd help at Freenode
Re: [VOTE] Release httpd-2.4.48
On 17/05/2021 23:36, Christophe JAILLET wrote: [X] +1: It's not just good, it's good enough! Tests are OK on fedora 34. Note that we miss the back port of https://github.com/apache/httpd/pull/186 for GCC11 for the --enable-maintainer-mode -- Cheers Jean-Frederic
Re: [VOTE] Release httpd-2.4.48
[X] +1: It's not just good, it's good enough! All good on my Debian(s). Thanks a bunch again Christophe !
Re: [VOTE] Release httpd-2.4.48
Hello All, +1: It's not just good, it's good enough! CentOS6, CentOS7, and CentOS8 builds and passes test suite for us. Thanks, Cory McIntire PO – cPanel Security Team Release Manager – EasyApache cPanel, L.L.C. From: Christophe JAILLET Date: Monday, May 17, 2021 at 4:37 PM To: dev@httpd.apache.org Subject: [VOTE] Release httpd-2.4.48 Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.48: [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. The computed digests of the tarball up for vote are: sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e *httpd-2.4.48.tar.gz sha512: 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb *httpd-2.4.48.tar.gz The SVN tag is '2.4.48' at r1889975. -- Christophe JAILLET
Re: [VOTE] Release httpd-2.4.48
On 5/18/21 1:53 PM, Joe Orton wrote: > On Tue, May 18, 2021 at 01:30:25PM +0200, Ruediger Pluem wrote: >> >> >> On 5/18/21 11:52 AM, Giovanni Bechis wrote: >>> On 5/17/21 11:36 PM, Christophe JAILLET wrote: Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.48: [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. The computed digests of the tarball up for vote are: sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e *httpd-2.4.48.tar.gz sha512: 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb *httpd-2.4.48.tar.gz The SVN tag is '2.4.48' at r1889975. >>> -1 for me. >>> new mod_md doesn't build with LibreSSL because nor EVP_PKEY_X25519 nor >>> EVP_PKEY_X448 are defined. >>> I have asked LibreSSL guys if they will add EVP_PKEY_* constants to evp.h. >> >> Did 2.4.46 build with LibreSSL? > 2.4.46 and 2.4.47 builds. > Looks like this is new in 2.4.48 but both LibreSSL users can work around > this or not build mod_md, it doesn't seem like a showstopper. > no real showstopper for me, please remove my "-1" vote. > Giovanni, if you care about keeping Libre support alive can you work out > how to get it building in Travis? It's daft if we are only hitting > these compat issues in post-roll testing. > I agree and I will take a look at it. > Regards, Joe > OpenPGP_signature Description: OpenPGP digital signature
Re: [VOTE] Release httpd-2.4.48
On Tue, May 18, 2021 at 01:30:25PM +0200, Ruediger Pluem wrote: > > > On 5/18/21 11:52 AM, Giovanni Bechis wrote: > > On 5/17/21 11:36 PM, Christophe JAILLET wrote: > >> Hi, all; > >> Please find below the proposed release tarball and signatures: > >> https://dist.apache.org/repos/dist/dev/httpd/ > >> > >> I would like to call a VOTE over the next few days to release this > >> candidate tarball as 2.4.48: > >> [ ] +1: It's not just good, it's good enough! > >> [ ] +0: Let's have a talk. > >> [ ] -1: There's trouble in paradise. Here's what's wrong. > >> > >> The computed digests of the tarball up for vote are: > >> sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz > >> sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e > >> *httpd-2.4.48.tar.gz > >> sha512: > >> 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb > >> *httpd-2.4.48.tar.gz > >> > >> The SVN tag is '2.4.48' at r1889975. > >> > > -1 for me. > > new mod_md doesn't build with LibreSSL because nor EVP_PKEY_X25519 nor > > EVP_PKEY_X448 are defined. > > I have asked LibreSSL guys if they will add EVP_PKEY_* constants to evp.h. > > Did 2.4.46 build with LibreSSL? Looks like this is new in 2.4.48 but both LibreSSL users can work around this or not build mod_md, it doesn't seem like a showstopper. Giovanni, if you care about keeping Libre support alive can you work out how to get it building in Travis? It's daft if we are only hitting these compat issues in post-roll testing. Regards, Joe
Re: [VOTE] Release httpd-2.4.48
On Mon, May 17, 2021 at 11:36:29PM +0200, Christophe JAILLET wrote: > Hi, all; >Please find below the proposed release tarball and signatures: > https://dist.apache.org/repos/dist/dev/httpd/ > > I would like to call a VOTE over the next few days to release this candidate > tarball as 2.4.48: > [X] +1: It's not just good, it's good enough! > [ ] +0: Let's have a talk. > [ ] -1: There's trouble in paradise. Here's what's wrong. > > The computed digests of the tarball up for vote are: > sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz > sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e > *httpd-2.4.48.tar.gz > sha512: > 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb > *httpd-2.4.48.tar.gz +1 for release, builds and passes test suite on RHEL8. Thanks for RMing again. Regards, Joe
Re: [VOTE] Release httpd-2.4.48
On 5/18/21 11:52 AM, Giovanni Bechis wrote: > On 5/17/21 11:36 PM, Christophe JAILLET wrote: >> Hi, all; >> Please find below the proposed release tarball and signatures: >> https://dist.apache.org/repos/dist/dev/httpd/ >> >> I would like to call a VOTE over the next few days to release this candidate >> tarball as 2.4.48: >> [ ] +1: It's not just good, it's good enough! >> [ ] +0: Let's have a talk. >> [ ] -1: There's trouble in paradise. Here's what's wrong. >> >> The computed digests of the tarball up for vote are: >> sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz >> sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e >> *httpd-2.4.48.tar.gz >> sha512: >> 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb >> *httpd-2.4.48.tar.gz >> >> The SVN tag is '2.4.48' at r1889975. >> > -1 for me. > new mod_md doesn't build with LibreSSL because nor EVP_PKEY_X25519 nor > EVP_PKEY_X448 are defined. > I have asked LibreSSL guys if they will add EVP_PKEY_* constants to evp.h. Did 2.4.46 build with LibreSSL? Regards Rüdiger
Re: [VOTE] Release httpd-2.4.48
> Am 18.05.2021 um 11:52 schrieb Giovanni Bechis : > > On 5/17/21 11:36 PM, Christophe JAILLET wrote: >> Hi, all; >>Please find below the proposed release tarball and signatures: >> https://dist.apache.org/repos/dist/dev/httpd/ >> >> I would like to call a VOTE over the next few days to release this candidate >> tarball as 2.4.48: >> [ ] +1: It's not just good, it's good enough! >> [ ] +0: Let's have a talk. >> [ ] -1: There's trouble in paradise. Here's what's wrong. >> >> The computed digests of the tarball up for vote are: >> sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz >> sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e >> *httpd-2.4.48.tar.gz >> sha512: >> 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb >> *httpd-2.4.48.tar.gz >> >> The SVN tag is '2.4.48' at r1889975. >> > -1 for me. > new mod_md doesn't build with LibreSSL because nor EVP_PKEY_X25519 nor > EVP_PKEY_X448 are defined. > I have asked LibreSSL guys if they will add EVP_PKEY_* constants to evp.h. Meh, this ballsy libressl version definition, how many people have slits their wrists on that already? Thanks for the patch. I will bring that in to trunk and 2.4.x and github. Stefan > Giovanni > > The following patch is a workaround: > > Index: modules/md/md_crypt.c > --- modules/md/md_crypt.c.orig > +++ modules/md/md_crypt.c > @@ -71,6 +71,11 @@ > #include > #endif > > +#if defined(LIBRESSL_VERSION_NUMBER) > +#define EVP_PKEY_X25519 NID_X25519 > +#define EVP_PKEY_X448 NID_X448 > +#endif > + > static int initialized; > > struct md_pkey_t {
Re: [VOTE] Release httpd-2.4.48
On 5/17/21 11:36 PM, Christophe JAILLET wrote: > Hi, all; > Please find below the proposed release tarball and signatures: > https://dist.apache.org/repos/dist/dev/httpd/ > > I would like to call a VOTE over the next few days to release this candidate > tarball as 2.4.48: > [ ] +1: It's not just good, it's good enough! > [ ] +0: Let's have a talk. > [ ] -1: There's trouble in paradise. Here's what's wrong. > > The computed digests of the tarball up for vote are: > sha1: b581bcfdd939fe77c3821f7ad3863c7307374919 *httpd-2.4.48.tar.gz > sha256: 315c0bc50206b866fb17c2cdc28c1973765a8d59ca168b80286e8cb077d0510e > *httpd-2.4.48.tar.gz > sha512: > 91980f757fc0dede8c6cbf54ed973f82a63098aa50d0fce15fe3537687b4ffbb48ed50cdb4ae14eb4a8703450f032daf73f4f3d5e2dd0f75721948e12a9c6dfb > *httpd-2.4.48.tar.gz > > The SVN tag is '2.4.48' at r1889975. > -1 for me. new mod_md doesn't build with LibreSSL because nor EVP_PKEY_X25519 nor EVP_PKEY_X448 are defined. I have asked LibreSSL guys if they will add EVP_PKEY_* constants to evp.h. Giovanni The following patch is a workaround: Index: modules/md/md_crypt.c --- modules/md/md_crypt.c.orig +++ modules/md/md_crypt.c @@ -71,6 +71,11 @@ #include #endif +#if defined(LIBRESSL_VERSION_NUMBER) +#define EVP_PKEY_X25519 NID_X25519 +#define EVP_PKEY_X448 NID_X448 +#endif + static int initialized; struct md_pkey_t { OpenPGP_signature Description: OpenPGP digital signature
Re: [VOTE] Release httpd-2.4.48
Christophe JAILLET in gmane.comp.apache.devel (Mon, 17 May 2021 23:36:29 +0200): >https://dist.apache.org/repos/dist/dev/httpd/ > >I would like to call a VOTE over the next few days to release this >candidate tarball as 2.4.48: >[x] +1: It's not just good, it's good enough! I tested the substantial changes in mod_md with - Windows VC9 x86 - Windows VC15 x64 New certificates were generated as expected. -- Jan