Re: [VOTE] Release Apache httpd 2.4.9 as GA
+1: Fed18, CentOS6, OSX 10.9.2 (Xcode 5.1) On Mar 13, 2014, at 12:49 PM, Jim Jagielski j...@jagunet.com wrote: The pre-release test tarballs for Apache httpd 2.4.9 can be found at the usual place: http://httpd.apache.org/dev/dist/ I'm calling a VOTE on releasing these as Apache httpd 2.4.9 GA. [ ] +1: Good to go [ ] +0: meh [ ] -1: Danger Will Robinson. And why. Vote will last the normal 72 hrs. NOTE: The *-deps are only there for convenience.
Re: [VOTE] Release Apache httpd 2.4.9 as GA
Am 13.03.2014 17:49, schrieb Jim Jagielski: The pre-release test tarballs for Apache httpd 2.4.9 can be found at the usual place: http://httpd.apache.org/dev/dist/ I'm calling a VOTE on releasing these as Apache httpd 2.4.9 GA. [ ] +1: Good to go [ ] +0: meh [ ] -1: Danger Will Robinson. And why. Vote will last the normal 72 hrs +1 Fedora 20 x86_64 openssl-1.0.1e-37.fc20.20140109.rh.x86_64 apr-util-1.5.3-1.fc20.x86_64 apr-1.5.0-4.fc20.20131231.rh.x86_64 ___ 2.4.8 RC was also stable with that openssl containing backports https://bugzilla.redhat.com/show_bug.cgi?id=1074163 openssl-1.0.1e-37.fc20.20140109.rh.x86_64 is a cpu-optimized rebuild of Fedora's src.rpm with no other changes than compiler/linker flags ___ thanks for https://issues.apache.org/bugzilla/show_bug.cgi?id=56094 signature.asc Description: OpenPGP digital signature
rewriterule
Hello, I want to log client certificate chain, when there is ssl verification failure. So I have a rule RewriteCond %{SSL:SSL_CLIENT_VERIFY} !=SUCCESS RewriteRule ^(.*)$ /cgi-bin/printenv.pl [QSA,PT,L] But it doesn’t work. If change the rule to success, it works, but I need to log the chain only when client verification fails. It appears that, when there is failure, my condition and rule never gets executed. Any work around doing that? Thanks S
Re: [VOTE] Release Apache httpd 2.4.9 as GA
On 13.03.2014 17:49, Jim Jagielski wrote: The pre-release test tarballs for Apache httpd 2.4.9 can be found at the usual place: http://httpd.apache.org/dev/dist/ I'm calling a VOTE on releasing these as Apache httpd 2.4.9 GA. [ ] +1: Good to go [ ] +0: meh [ ] -1: Danger Will Robinson. And why. Vote will last the normal 72 hrs. NOTE: The *-deps are only there for convenience. I get some test failures: t/ssl/pr12355.t (Wstat: 0 Tests: 10 Failed: 4) Failed tests: 3-4, 7-8 t/ssl/pr43738.t (Wstat: 0 Tests: 4 Failed: 2) Failed tests: 1-2 They happen during renegotiation. All parts should be using OpenSSL 1.0.1f. The requests end up with status 403 instead of 200. trace log: ssl_engine_kernel.c(778): AH02260: Performing full renegotiation: complete handshake protocol (client does support secure renegotiation) ssl_engine_kernel.c(1801): OpenSSL: Handshake: start ssl_engine_kernel.c(1809): OpenSSL: Loop: SSL renegotiate ciphers ssl_engine_kernel.c(1809): OpenSSL: Loop: SSLv3 write hello request A core_filters.c(525): core_output_filter: flushing because of FLUSH bucket ssl_engine_kernel.c(1809): OpenSSL: Loop: SSLv3 flush data ssl_engine_kernel.c(1809): OpenSSL: Loop: SSLv3 write hello request C [client 127.0.0.1:39714] AH02226: Awaiting re-negotiation handshake ssl_engine_kernel.c(1801): OpenSSL: Handshake: start ssl_engine_kernel.c(1809): OpenSSL: Loop: before accept initialization core_filters.c(525): core_output_filter: flushing because of FLUSH bucket ssl_engine_io.c(2039): OpenSSL: read 5/5 bytes from BIO#2a75a8 [mem: 2aeb5b] (BIO dump follows) core_filters.c(525): core_output_filter: flushing because of FLUSH bucket ssl_engine_io.c(2039): OpenSSL: read 458/458 bytes from BIO#2a75a8 [mem: 2aeb60] (BIO dump follows) ssl_engine_kernel.c(1920): AH02043: SSL virtual host for servername localhost found core_filters.c(525): core_output_filter: flushing because of FLUSH bucket ssl_engine_kernel.c(1819): OpenSSL: Write: SSLv3 read client hello C ssl_engine_kernel.c(1838): OpenSSL: Exit: error in SSLv3 read client hello C [client 127.0.0.1:39714] AH02261: Re-negotiation handshake failed: Not accepted by client!? More complete log under http://people.apache.org/~rjung/renegotitation-failure-2.4.9.txt Regards, Rainer
AW: [VOTE] Release Apache httpd 2.4.9 as GA
-Ursprüngliche Nachricht- Von: Rainer Jung [mailto:rainer.j...@kippdata.de] Gesendet: Freitag, 14. März 2014 19:14 An: dev@httpd.apache.org Betreff: Re: [VOTE] Release Apache httpd 2.4.9 as GA On 13.03.2014 17:49, Jim Jagielski wrote: The pre-release test tarballs for Apache httpd 2.4.9 can be found at the usual place: http://httpd.apache.org/dev/dist/ I'm calling a VOTE on releasing these as Apache httpd 2.4.9 GA. [ ] +1: Good to go [ ] +0: meh [ ] -1: Danger Will Robinson. And why. Vote will last the normal 72 hrs. NOTE: The *-deps are only there for convenience. I get some test failures: t/ssl/pr12355.t (Wstat: 0 Tests: 10 Failed: 4) Failed tests: 3-4, 7-8 t/ssl/pr43738.t (Wstat: 0 Tests: 4 Failed: 2) Failed tests: 1-2 They happen during renegotiation. All parts should be using OpenSSL 1.0.1f. The requests end up with status 403 instead of 200. Which MPM? Regards Rüdiger
Re: Rich is looking for a substitute httpd talk for Denver
So, looks like we'll just leave that one slot empty in the httpd track, or fill it with something off-topic. Unless ... last ditch effort here - if anyone would like to do a what's coming in 2.6 kind of discussion, that could be a way to fill the space. But I'm reluctant to just fill the space to fill the space. --Rich -- Rich Bowen - rbo...@rcbowen.com - @rbowen http://apachecon.com/ - @apachecon