httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: [Vote] httpd 2.2.22 release
Date Sun, 29 Jan 2012 21:18:43 GMT
On 25.01.2012 23:59, William A. Rowe Jr. wrote:
> Candidate binaries are available from http://httpd.apache.org/dev/dist/ -
> these do not yet constitute ASF releases.  Win32 specific artifacts
> (x86 binary distribution and -win32-src.zip) will follow shortly, once
> I fix the release.sh breakage.
>
> There are two considerations, as Jim pointed out.  First a choice;
>
>   [X]  Include apr-util 1.4.1 in any httpd 2.2.x
>   [ ]  Remain at apr-util 1.3.12 in any httpd 2.2.x

IMHO 1.4.1 is an acceptable risk.

> And the vote (I'll have to resubmit if the preference is 1.3.12, but here goes);
>
>   +/-1
>   [ +1]  Release httpd 2.2.22 [with apr-util 1.4.1] as GA

+1 for release using APU 1.4.1.

Overview:

Minor problem (not a regression): config.guess and config.sub are a bit 
old (2008) due to
buildconf in the released apr overwriting the config.* in our svn by the
system config.*. This is fixed for future apr releases.

One new finding (but not a regression): when building with gcc 4.6.2 
configure fails during the version check for an external apr-util. gcc 
4.6.2 aborts when parsing apu_version.h because the file includes 
apr_version.h and the configure check has only includes set for apu, so 
the external apr_version.h is not found. Older gcc 4.1.2 also outputs an 
error but does not abort so for the older gcc the check succeeds. I will 
propose a fix.

One non-reproducible test failure for test 150 in t/ssl/proxy.t on 
Solaris 10 using external libs:

# Failed test 150 in .../Apache-Test/lib/Apache/TestCommonPost.pm at 
line 131 fail #131

#lwp request:
#POST https://localhost:8549/eat_post HTTP/1.0
#User-Agent: libwww-perl/5.836
#Content-Length: 29696
#
#server response:
#HTTP/1.1 502 Proxy Error
#Connection: close
#Date: Sun, 29 Jan 2012 10:43:26 GMT
#Content-Length: 396
#Content-Type: text/html; charset=iso-8859-1
#Client-Date: Sun, 29 Jan 2012 10:43:26 GMT
#Client-Peer: 127.0.0.1:8549
#Client-SSL-Cert-Issuer: /C=US/ST=California/L=San 
Francisco/O=ASF/OU=httpd-test/CN=ca/emailAddress=test-dev@httpd.apache.org
#Client-SSL-Cert-Subject: /C=US/ST=California/L=San 
Francisco/O=ASF/OU=httpd-test/rsa-test/CN=localhost/emailAddress=test-dev@httpd.apache.org
#Client-SSL-Cipher: DHE-RSA-AES256-SHA
#Client-SSL-Warning: Peer certificate not verified
#Title: 502 Proxy Error
#
# testing : length posted
# expected: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
# <html><head>
# <title>502 Proxy Error</title>
# </head><body>
# <h1>Proxy Error</h1>
# <p>The proxy server received an invalid^M

[Sun Jan 29 11:43:26 2012] [debug] ssl_engine_io.c(1908): OpenSSL: I/O 
error, 5 bytes expected to read on BIO#50841f8 [mem: 50ec3c8]
[Sun Jan 29 11:43:26 2012] [debug] ssl_engine_io.c(1869): | 1260: 07 40 
91 02 c8 ab a0 5e-5b 2a c0 57 1b 65 c6 39  .@.....^[*.W.e.9 |
[Sun Jan 29 11:43:26 2012] [info] [client 127.0.0.1] (70007)The timeout 
specified has expired: SSL input filter read failed.
[Sun Jan 29 11:43:26 2012] [debug] ssl_engine_io.c(1869): | 1270: 2f 96 
b7 bd c7 5e 28 2f-ee 9f 07 8c b2 3c 57 4e  /....^(/.....<WN |
[Sun Jan 29 11:43:26 2012] [debug] ssl_engine_io.c(1869): | 1280: 86 9a 
6e da e6 61 4d 2b-ec 94 70 cb a0 35 f7 74  ..n..aM+..p..5.t |
...
[Sun Jan 29 11:43:26 2012] [debug] ssl_engine_kernel.c(1879): OpenSSL: 
Read: SSL negotiation finished successfully
[Sun Jan 29 11:43:26 2012] [error] [client 127.0.0.1] (70014)End of file 
found: proxy: error reading status line from remote server localhost:8532
[Sun Jan 29 11:43:26 2012] [debug] mod_proxy_http.c(1466): [client 
127.0.0.1] proxy: NOT Closing connection to client although reading from 
backend server localhost:8532 failed.
[Sun Jan 29 11:43:26 2012] [error] [client 127.0.0.1] proxy: Error 
reading from remote server returned by /eat_post
[Sun Jan 29 11:43:26 2012] [debug] proxy_util.c(2029): proxy: HTTPS: has 
released connection for (localhost)
[Sun Jan 29 11:43:26 2012] [error] Optional function test said: POST 
/eat_post HTTP/1.0
[Sun Jan 29 11:43:26 2012] [error] Optional hook test said: POST 
/eat_post HTTP/1.0
[Sun Jan 29 11:43:26 2012] [debug] ssl_engine_kernel.c(1884): OpenSSL: 
Write: SSL negotiation finished successfully
[Sun Jan 29 11:43:26 2012] [info] [client 127.0.0.1] Connection closed 
to child 65 with standard shutdown (server localhost:8549)

Two additional failures only happen when I use a very recent Perl plus 
modules: tests 2+3 in t/security/CVE-2008-2364.t fail, because the Perl 
client reads status 100 instead of 200 resp. 502. Checking our logs 
indicates we did send the right status codes. So this seems to be a test 
framework problem.


Details:

- Signature and Hashes OK
- key in KEYS file
- gz and bz2 contents identical
- no unexpected diff to svn tag
- built and tested on
   - Solaris 8+10 Sparc
   - SuSE Linux Enterprise 10 (32Bit and 64Bit)
   - SLES 11 (64 Bit)
   - RedHat Enterprise Linux 5/6 64Bit
- builds fine using gcc
   - out of tree
   - with "all", "most" and default module sets
   - with either default (static) or shared linked modules
   - MPMs prefork, worker, event (where applicable)
   - dependencies apr/apu/expat/pcre/openssl:
     a) all bundled
     b) 1.4.5/(1.3.12|1.4.1)/2.0.1/8.21/0.9.8t
   - config.(guess|sub) outdated (see above)
   - configure fails for gcc 4.6.2 with external apr/apu
     (see above)
- test suite ran for all those builds with log levels
   info and debug
   - no test regressions w.r.t. at least 2.2.16-2.2.21:
     - Failed test 2 in t/ssl/extlookup.t at line 27
     - Failed test 9 in t/ssl/require.t at line 44
     For details about both see my 2.2.19 voting mail.
   - two additional failures only happen when I use a very recent
     Perl plus modules: tests 2+3 in t/security/CVE-2008-2364.t
     fail, because the Perl client reads status 100 instead of 200
     resp. 502. Checking our logs indicates we did send the right
     status codes. So this seems to be a test framework problem.
   - one non-reproducible test failure in t/ssl/proxy for test 150

Note that on the platforms RHEL 5/6, SLES 11 and Solaris 8 tests are 
still running, but for the other platforms I have complete results and 
for the remaining platforms until now all results are consistent.

Regards,

Rainer

Mime
View raw message