OK, the problem on OS X is that the default openssl is 0.98 which does not do
SNI.
I try to detect this in lines 14-17 by:
my $alpn_available = exists &Net::SSLeay::CTX_set_alpn_protos;
if ($alpn_available) {
$total_tests += $vhost_suite;
}
and change the test case expectations accordingly. That seems to fail on your
system. The test case thinks ALPN+SNI are available and wants to see
"localhost" in the response, but it is not used.
Unnecessary to say that the detection (and therefore the tests) work on my OS X
installation - also before 10.11.
Hmmm....are there SNI test cases for mod_ssl where I could see how it detects
it?
> Am 17.11.2015 um 16:30 schrieb Jim Jagielski <[email protected]>:
>
> Still:
>
> t/modules/http2.t .. 26/51
> # Failed test 34 in t/modules/http2.t at line 242 fail #4
> # testing : content comparision
> # expected: '<html><body>
> # <h2>Hello World!</h2>
> # TLS_SNI="localhost"
> # </body></html>
> # '
> # received: '<html><body>
> # <h2>Hello World!</h2>
> # TLS_SNI=""
> # </body></html>
> # '
> not ok 34
>
> # Failed test 50 in t/modules/http2.t at line 194 fail #6
> test case: VHOST001, expect 404 or 421 (using Host:): GET
> https://localhost:8544/misdirected
> # testing : GET https://localhost:8544/misdirected
> # expected: 421
> # received: '404'
> not ok 50
>
> # Failed test 51 in t/modules/http2.t at line 194 fail #7
> test case: VHOST002, expect 404 or 421 (using :authority): GET
> https://localhost:8544/misdirected
> # Failed test 50 in t/modules/http2.t at line 194 fail #6
> # testing : GET https://localhost:8544/misdirected
> # expected: 421
> # received: '404'
> not ok 51
>
> t/modules/http2.t .. Failed 3/51 subtests
>
>
>> On Nov 17, 2015, at 10:17 AM, Stefan Eissing <[email protected]>
>> wrote:
>>
>> OK, the change is from October 19th by me. I changed the test suite to have
>> the test run in deterministic order. $r is a references to an array of tests
>> and, depending on module availability, I push more elements to $r.
>>
>> I just changed it to push @$r, { ... }
>>
>> Please give it a try.
>>
>>> Am 17.11.2015 um 16:06 schrieb Jim Jagielski <[email protected]>:
>>>
>>> I am still 10.10 but w/ Xcode 7.1.1
>>>
>>>
>>> <jimsys:stable/httpd-test/framework> % perl -V
>>> Summary of my perl5 (revision 5 version 20 subversion 2) configuration:
>>>
>>> Platform:
>>> osname=darwin, osvers=14.4.0, archname=darwin-thread-multi-2level
>>> uname='darwin jimsys.local 14.4.0 darwin kernel version 14.4.0: thu may 28
>>> 11:35:04 pdt 2015; root:xnu-2782.30.5~1release_x86_64 x86_64 '
>>> config_args='-des -Duseithreads -Dusemultiplicity=y -Duseshrplib
>>> -Dprefix=/usr/local2 -Dvendorprefix=/usr/local2'
>>> hint=recommended, useposix=true, d_sigaction=define
>>> useithreads=define, usemultiplicity=define
>>> use64bitint=define, use64bitall=define, uselongdouble=undef
>>> usemymalloc=n, bincompat5005=undef
>>> Compiler:
>>> cc='cc', ccflags ='-fno-common -DPERL_DARWIN -fno-strict-aliasing -pipe
>>> -fstack-protector -I/usr/local/include -I/opt/local/include',
>>> optimize='-O3',
>>> cppflags='-fno-common -DPERL_DARWIN -fno-strict-aliasing -pipe
>>> -fstack-protector -I/usr/local/include -I/opt/local/include'
>>> ccversion='', gccversion='4.2.1 Compatible Apple LLVM 6.1.0
>>> (clang-602.0.53)', gccosandvers=''
>>> intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678
>>> d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16
>>> ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t',
>>> lseeksize=8
>>> alignbytes=8, prototype=define
>>> Linker and Libraries:
>>> ld='env MACOSX_DEPLOYMENT_TARGET=10.3 cc', ldflags =' -fstack-protector
>>> -L/usr/local/lib -L/opt/local/lib'
>>> libpth=/usr/local/lib
>>> /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/6.1.0/lib
>>>
>>> /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib
>>> /usr/lib /opt/local/lib
>>> libs=-lgdbm -ldbm -ldl -lm -lutil -lc
>>> perllibs=-ldl -lm -lutil -lc
>>> libc=, so=dylib, useshrplib=true, libperl=libperl.dylib
>>> gnulibc_version=''
>>> Dynamic Linking:
>>> dlsrc=dl_dlopen.xs, dlext=bundle, d_dlsymun=undef, ccdlflags=' '
>>> cccdlflags=' ', lddlflags=' -bundle -undefined dynamic_lookup
>>> -L/usr/local/lib -L/opt/local/lib -fstack-protector'
>>>
>>>> On Nov 17, 2015, at 9:59 AM, Stefan Eissing <[email protected]>
>>>> wrote:
>>>>
>>>> Hmm, what perl version is that? Works on my OS X (El 10.11) with perl -v:
>>>>
>>>> This is perl 5, version 18, subversion 2 (v5.18.2) built for
>>>> darwin-thread-multi-2level
>>>> (with 2 registered patches, see perl -V for more detail)
>>>>
>>>> //Stefan
>>>>
>>>>> Am 17.11.2015 um 15:44 schrieb Jim Jagielski <[email protected]>:
>>>>>
>>>>> Doing a quick tst I get:
>>>>>
>>>>> t/modules/http2.t .. push on reference is experimental at
>>>>> t/modules/http2.t line 319.
>>>>> Dubious, test returned 255 (wstat 65280, 0xff00)
>>>>> No subtests run
>>>>>
>>>>> Test Summary Report
>>>>> -------------------
>>>>> t/modules/http2.t (Wstat: 65280 Tests: 0 Failed: 0)
>>>>> Non-zero exit status: 255
>>>>> Parse errors: No plan found in TAP output
>>>>> Files=1, Tests=0, 1 wallclock secs ( 0.02 usr 0.01 sys + 0.31 cusr
>>>>> 0.06 csys = 0.40 CPU)
>>>>> Result: FAIL
>>>>> Failed 1/1 test programs. 0/0 subtests failed.
>>>>>
>>>>> This is on OSX
>>>>>
>>>>>> On Nov 17, 2015, at 8:12 AM, Jim Jagielski <[email protected]> wrote:
>>>>>>
>>>>>> I will.
>>>>>>
>>>>>>> On Nov 17, 2015, at 7:47 AM, Stefan Eissing
>>>>>>> <[email protected]> wrote:
>>>>>>>
>>>>>>> For the 2.4.18 backporting, can I find people here willing to look at:
>>>>>>>
>>>>>>> *) core/mod_ssl:
>>>>>>> - master conn_rec* addition to conn_rec
>>>>>>> - minor mmn bump
>>>>>>> - improved ALPN and Upgrade handling
>>>>>>> - allowing requests for servers whose TLS configuration is compatible
>>>>>>> to the SNI server ones
>>>>>>> - disabling TLS renegotiation for slave connections
>>>>>>> changes are necessary for update modules/http2
>>>>>>> trunk patch: http://svn.apache.org/r1708107
>>>>>>> http://svn.apache.org/r1709587
>>>>>>> http://svn.apache.org/r1709602
>>>>>>> http://svn.apache.org/r1709995
>>>>>>> http://svn.apache.org/r1710231
>>>>>>> http://svn.apache.org/r1710419
>>>>>>> http://svn.apache.org/r1710572
>>>>>>> http://svn.apache.org/r1710583
>>>>>>> + manual addition of "conn_rec *master;"
>>>>>>> 2.4.x patch:
>>>>>>> https://raw.githubusercontent.com/icing/mod_h2/master/sandbox/httpd/patches/2.4.17-protocols.patch
>>>>>>> branch mergeable to 2.4.x:
>>>>>>> ^/httpd/httpd/branches/2.4.17-protocols-changes
>>>>>>> +1: icing
>>>>>>>
>>>>>>> ? This is needed to backport the current mod_http2. If someone could
>>>>>>> find the time to look at this, please? Thanks!
>>>>>>>
>>>>>>> Cheers,
>>>>>>>
>>>>>>> Stefan
>>>>>>
>>>>>
>>>>
>>>
>>
>
