On Monday 09 April 2018 12:34 PM, Thomas Klute wrote: > Am 04.04.2018 um 12:49 schrieb Sunil Mohan Adapa: >> I am investigating a serious regression on all FreedomBoxes with reverse >> proxying TLS connections. I found that the following tests fail with >> Apache 2.4.33-1 (Debian): >> >> FAIL: test-19_TLS_reverse_proxy.bash >> FAIL: test-20_TLS_reverse_proxy_client_auth.bash >> FAIL: test-21_TLS_reverse_proxy_wrong_cert.bash >> FAIL: test-22_TLS_reverse_proxy_crl_revoke.bash >> FAIL: test-23_TLS_reverse_proxy_mismatched_priorities.bash >> >> Can someone please confirm. > > This seems to be a result of Apache changing the API used by mod_proxy > to set up its client connections, in particular introducing the > "ssl_engine_set" function. > > Please try the attached patch and let me know if it fixes the issue. >
I confirm that the patch fixes the issue. I did the following: - I build a .deb with the patch applied on top of mod-gnutls_0.8.2-3 inside cowbuilder. All tests have passed while they were failing without the patch. - I installed the built .deb on FreedomBox machine and confirmed that the original problem with reverse proxying has been fixed. Thank you very much for a prompt fix. Now, if we could have a release with the fix sneak into Debian... :) -- Sunil
signature.asc
Description: OpenPGP digital signature
_______________________________________________ mod_gnutls-devel mailing list mod_gnutls-devel@lists.gnutls.org http://lists.gnupg.org/mailman/listinfo/mod_gnutls-devel