Re: [VOTE] Release Apache httpd 2.4.13 as GA

Sun, 07 Jun 2015 22:13:04 -0700 

Am 08.06.2015 um 03:34 schrieb Jeff Trawick:

On Sun, Jun 7, 2015 at 1:20 PM, Rainer Jung <[email protected]
<mailto:[email protected]>> wrote:

...

    On FreeBSD I see the following failures:

    t/apache/limits.t                 (Wstat: 0 Tests: 12 Failed: 1)
       Failed test:  8


10.1: limits.t hangs for me after testing 7/12 if I have the kernel
accept filter loaded; passes fine otherwise

(presumably "hang" is just temporary, until the testcase is timed out)
Correct, it hangs for me as well, but just waiting long enough the test times our and proceeds. 


    t/modules/aaa.t                   (Wstat: 0 Tests: 40 Failed: 3)
       Failed tests:  23-24, 27


I don't see that with or without accept filter loaded
OK, I analyzed that: my test install failed to install HTTP::Cookies. That resulted in a failure to reset the UA in t/modules/aaa.t when switching to form based auth checks. The old UA still had redirect support active and thus the test failed, because it tested conditions on the wrong response. The failure to create a new UA was hidden, because Apache-Test/lib/Apache/TestRequest.pm uses 

    172     eval { $UA ||= __PACKAGE__->new(%$args); };

and the eval hides the error (likely on purpose for other situations).


    t/ssl/pr12355.t                   (Wstat: 0 Tests: 10 Failed: 4)
       Failed tests:  3-4, 7-8


ditto (tested only with accept filter unloaded)

    t/ssl/pr43738.t                   (Wstat: 0 Tests: 4 Failed: 2)
       Failed tests:  1-2


ditto (tested only with accept filter unloaded)


The failures have to do with renegotiations on POST. I see
[Mon Jun 08 05:00:10.525918 2015] [ssl:trace4] [pid 41020:tid 34396698624] ssl_engine_io.c(2059): [client 127.0.0.1:57206] OpenSSL: I/O error, 5 bytes expected to read on BIO#80 
2369be0 [mem: 813817003]
[Mon Jun 08 05:00:10.525934 2015] [ssl:debug] [pid 41020:tid 34396698624] ssl_engine_kernel.c(802): [client 127.0.0.1:57206] AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation) 

then a reneg handshake but finally:
[Mon Jun 08 05:00:10.527224 2015] [ssl:error] [pid 41020:tid 34396698624] [client 127.0.0.1:57206] AH02261: Re-negotiation handshake failed [Mon Jun 08 05:00:10.527250 2015] [ssl:error] [pid 41020:tid 34396698624] SSL Library Error: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher -- Too restrictive SSLCipherSuite or using DSA server certificate? 

The config for the test case wants

SSLCipherSuite RC4-MD5
That it fails is a bit strange, because the https communication in principle works and the OpenSSL used does support that cipher. 

Rainer

Reply via email to