Am 22.04.2021 um 11:25 schrieb Christophe JAILLET:
Hi, all;
Please find below the proposed release tarball and signatures:
https://dist.apache.org/repos/dist/dev/httpd/
I would like to call a VOTE over the next few days to release this
candidate tarball as 2.4.47:
[ ] +1: It's not just good, it's good enough!
[ ] +0: Let's have a talk.
[ ] -1: There's trouble in paradise. Here's what's wrong.
The computed digests of the tarball up for vote are:
sha1: f4281be0bf08489a51d818b596a92bfcfbb2c708 *httpd-2.4.47.tar.gz
sha256: 567d5ac72ea643e3828e8e54f32e06f1fad10095d33ae4071eeaec3c78b70a34
*httpd-2.4.47.tar.gz
sha512:
de4c80e1ddebe3286c234179fd01d4917f479f75a7fe958032c19a8f22546e95f31e3b50073844d09f20f54894e7d511bcd9fd2f1cd2b2c71b3a182d6e62bab3
*httpd-2.4.47.tar.gz
The SVN tag is '2.4.47' at r1889091.
--
Christophe JAILLET
+1 to release and thanks a bunch for stepping in as RM!
I think I wasn't able to import your key from a pgp key server, but
maybe I wasn't using the right ones. Your key is in the KEYS file,
probably just not in the network of key servers.
Summary: all OK except for
- one single crash on SLES 11 using prefork.
Detailed report:
- Sigs and hashes OK
- contents of tarballs identical
- contents of tag and tarballs identical
except for expected deltas
Built on
- Solaris 10 Sparc as 32 Bit Binaries
- SLES 11+12+15 (64 Bits)
- RHEL 6+7+8 (64 Bits)
For all platforms built
- with default (shared) and static modules
- with module set reallyall
- using --enable-load-all-modules
- against
- bundled APR/APU from deps tarball
- external APR/APU 1.7.0/1.6.1 (expat)
- APR/APU 1.6.5/1.6.1 (expat)
- APR/APU 1.7.x r1889104/1.7.x r1884108 (expat)
- APR/APU 1.7.x r1889104/1.7.x r1884108 (libxml2)
- APR/APU 1.6.x r1876940/1.6.x r1876943 (expat)
- APR/APU 1.6.x r1876940/1.6.x r1876943 (libxml2)
- using external libraries
- expat 2.3.0
- pcre 8.44
- lua 5.4.3 (compiled with LUA_COMPAT_MODULE)
- libxml2 2.9.10
- libnghttp2 1.43.0
- brotli 1.0.9
- curl 7.76.1
- jansson 2.13.1
- libldap 2.4.58
and
- openssl 0.9.8zh, 1.0.2, 1.0.2u, 1.1.1, 1.1.1k, 3.0.0alpha15
- Tool chain:
- platform gcc except on Solaris
(gcc 9.3.0 Solaris 10)
- CFLAGS: -O2 -g -Wall -fno-strict-aliasing
- on Solaris additionally -mpcu=v9, -D_XOPEN_SOURCE,
-D_XOPEN_SOURCE_EXTENDED=1, -D__EXTENSIONS__
and -D_XPG6
All of the 852 builds done until now succeeded, 32 builds on Solaris yet
to come.
- compiler warnings:
- only on Solaris 10 Sparc (GCC 9.3.0): APR 1.7.x
srclib/apr/locks/unix/proc_mutex.c:979:49: warning:
'mutex_proc_pthread_cond_methods' defined but not used
[-Wunused-const-variable=]
=> the declaration checks for APR_USE_PROC_PTHREAD_MUTEX_COND,
which is defined on Solaris, the use in line 1437 also checks
HAVE_PTHREAD_MUTEX_ROBUST, which is not defined on Solaris.
- deprecation warnings when building against OpenSSL 3.0.0, see other
mail
Tested for
- SLES 11+12+15, RHEL 6+7+8
- Tests for Solaris 10 Sparc still to come, when builds finish there
- MPMs prefork, worker, event
- default and static module builds
- log level trace8
- module set reallyall (129 modules plus 3 MPMs)
- Perl client bundle build against OpenSSL 1.1.1g plus patches, 1.1.0l,
1.0.2u and 0.9.8zh
- OpenSSL once linked statically and once as a shared library
Every OpenSSL version in the client is tested with every OpenSSL version
in the server.
The total number of test suite runs until now is ~3800 (many more still
to come, especially those with statically linked OpenSSL and most of the
Solaris ones).
Some local adjustments to tests were used:
- t/modules/buffer.t: removing huge buffer tests
-my $bigsize = 10;
+my $bigsize = 1;
- fixing limitrequestline overwrite which does not yet really work in
Apache-Test/lib/Apache/TestConfig.pm
87d86
'global LimitRequestLine setting (default is 128)',
96a96
> # limitrequestline => 'global LimitRequestLine setting (default is
128)',
372,373c372,373
< $vars->{limitrequestline} ||= 128;
< $vars->{limitrequestlinex2} = 2 * $vars->{limitrequestline};
---
> #$vars->{limitrequestline} ||= 128;
> #$vars->{limitrequestlinex2} = 2 * $vars->{limitrequestline};
- temporary workaround for a OpenSSL 3 when using "openssl crl -hash"
with STDIN in Apache-Test/lib/Apache/TestSSLCA.pm
39a40
> my $openssl_workaround = $ENV{APACHE_TEST_OPENSSL_CMD_WORKAROUND} ||
$openssl;
426c427
< chomp(my $hash = `$openssl $type -noout -hash < $file`);
---
> chomp(my $hash = `$openssl_workaround $type -noout -hash <
$file`);
This enables to use OpenSSL 3 everywhere in test suite configuration and
setup and override it only in the CRL hash command line, for which it is
currently buggy.
The following test failures were seen:
a All https tests fail between OpenSSL 0.9.8zh and 3.0.0alpha15
Not a regression.
Probably need to figure out how
