Return-Path: X-Original-To: apmail-httpd-dev-archive@www.apache.org Delivered-To: apmail-httpd-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 70966118BF for ; Wed, 16 Apr 2014 04:49:03 +0000 (UTC) Received: (qmail 46734 invoked by uid 500); 16 Apr 2014 04:49:00 -0000 Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 46344 invoked by uid 500); 16 Apr 2014 04:49:00 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 46333 invoked by uid 99); 16 Apr 2014 04:48:58 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 16 Apr 2014 04:48:58 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [85.25.46.13] (HELO fornix.velox.ch) (85.25.46.13) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 16 Apr 2014 04:48:53 +0000 Received: from cortex.velox.ch (77-57-164-164.dclient.hispeed.ch [77.57.164.164]) (authenticated bits=0) by fornix.velox.ch (8.14.4/8.14.4/2.2) with ESMTP id s3G4mVZk030485 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 16 Apr 2014 06:48:31 +0200 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=velox.ch; s=fornix-727e; t=1397623711; bh=rJF0i5QWtx1kkBzB9TkT33o1xc8azpn5NZAWEuRcZT0=; h=Date:From:To:CC:Subject:References:In-Reply-To; b=HCjs1+Lnm5K9hXUtpfuGc9Amn55OY+d+u2MXtO3hAZ8SCzREoApMDa/GR/UdxdTZE DKhcymQAmwAcQPC32+efdJAO64bYE/s72m+bV2TucZmsB8eTl/8Uh2D7n6HFDkXmDO YHFp2+5D1/CA/scQ0Ey0Ch1eNIhipsX0R4HJ6lSYht87pfgQl4rY62lJIzJMMvEqi8 KyW9SYtemIzBLqpR9lCOy+8usUl3m9wOU45VYHUgI7TTXq8gzz9EFusssClkBP7tnj nU6fImFcN3oFF8YsaUSKbXxu7doZK5YMUMEalzjdDQvjKfNgA6InVQysY8adB0xJOr ke0L/C/gHNopg== X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on cortex.velox.ch X-Spam-Level: Message-ID: <534E0B9E.2040302@velox.ch> DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=velox.ch; s=cortex-8a58; t=1397623709; bh=rJF0i5QWtx1kkBzB9TkT33o1xc8azpn5NZAWEuRcZT0=; h=Date:From:To:CC:Subject:References:In-Reply-To; b=YWnRzkAS1ujC+SUwtznpFBDZYvsZS4ntAXOc2//My4UNPlmx7fO/MfMXeYCSair5S XhPNZvZwY32MPQb9Q8wgQx1ZrFOsAttHg99Gj8oo1fXILn/KgJiZO/JdMD3l1AA8lc YNUYiOnvrZ8sD7BKBrh9zUtQ/BE2m2GdsSUf7Db26tp43TFwObjmEONIfd4OQgqkQw b1PiNZjsrOS3fXvuKvSB9V2SqhqOZoo5OB58yi9ITImqdS2sOD1M/RtVZb9O54WPM3 p7ruTa4Y04Q/80eIuAaxl3xILUsHA2QW8Xp2EFLseEvj1SXGDj5TpPGrpGfQrg5N/c plyoaQCZ3bfGw== Date: Wed, 16 Apr 2014 06:48:30 +0200 From: Kaspar Brand MIME-Version: 1.0 To: dev@httpd.apache.org CC: Jesse Defer Subject: Re: http://httpd.apache.org/ mini-advisory needed on 2.4.9 breakage IMO... References: <53491867.9020005@velox.ch> In-Reply-To: <53491867.9020005@velox.ch> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org X-Old-Spam-Status: No, score=-1.5 required=8.0 tests=AWL=0.023,BAYES_00=-1.5, NO_RECEIVED=-0.001,NO_RELAYS=-0.001,T_DKIM_INVALID=0.01 autolearn=no version=3.3.2 On 12.04.2014 12:41, Kaspar Brand wrote: > The "Expecting: DH PARAMETERS" error is probably a red herring - it's > most likely a leftover in the OpenSSL error stack after the > configuration of another certificate (we try to load DH parameters at > the end of ssl_init_server_certs, which in turn is called from > ssl_init_server_ctx). Turns out that it's an issue with OpenSSL versions before 0.9.8h, in the first place, see https://issues.apache.org/bugzilla/show_bug.cgi?id=56410 for more details. Jesse, would appreciate if you can find the time to also try the patch I attached to the bug report from Kurt - thanks. Kaspar