On Monday 09 April 2018 12:34 PM, Thomas Klute wrote:
> Am 04.04.2018 um 12:49 schrieb Sunil Mohan Adapa:
>> I am investigating a serious regression on all FreedomBoxes with reverse
>> proxying TLS connections.  I found that the following tests fail with
>> Apache 2.4.33-1 (Debian):
>> FAIL: test-19_TLS_reverse_proxy.bash
>> FAIL: test-20_TLS_reverse_proxy_client_auth.bash
>> FAIL: test-21_TLS_reverse_proxy_wrong_cert.bash
>> FAIL: test-22_TLS_reverse_proxy_crl_revoke.bash
>> FAIL: test-23_TLS_reverse_proxy_mismatched_priorities.bash
>> Can someone please confirm.
> This seems to be a result of Apache changing the API used by mod_proxy
> to set up its client connections, in particular introducing the
> "ssl_engine_set" function.
> Please try the attached patch and let me know if it fixes the issue.

I confirm that the patch fixes the issue. I did the following:

- I build a .deb with the patch applied on top of mod-gnutls_0.8.2-3
inside cowbuilder. All tests have passed while they were failing without
the patch.

- I installed the built .deb on FreedomBox machine and confirmed that
the original problem with reverse proxying has been fixed.

Thank you very much for a prompt fix. Now, if we could have a release
with the fix sneak into Debian... :)


Attachment: signature.asc
Description: OpenPGP digital signature

mod_gnutls-devel mailing list

Reply via email to