httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Re: [VOTE] Release Apache httpd 2.4.13 as GA
Date Mon, 08 Jun 2015 05:12:13 GMT
Am 08.06.2015 um 03:34 schrieb Jeff Trawick:
> On Sun, Jun 7, 2015 at 1:20 PM, Rainer Jung <rainer.jung@kippdata.de
> <mailto:rainer.jung@kippdata.de>> wrote:
...
>     On FreeBSD I see the following failures:
>
>     t/apache/limits.t                 (Wstat: 0 Tests: 12 Failed: 1)
>        Failed test:  8
>
>
> 10.1: limits.t hangs for me after testing 7/12 if I have the kernel
> accept filter loaded; passes fine otherwise
>
> (presumably "hang" is just temporary, until the testcase is timed out)

Correct, it hangs for me as well, but just waiting long enough the test 
times our and proceeds.

>     t/modules/aaa.t                   (Wstat: 0 Tests: 40 Failed: 3)
>        Failed tests:  23-24, 27
>
>
> I don't see that with or without accept filter loaded

OK, I analyzed that: my test install failed to install HTTP::Cookies. 
That resulted in a failure to reset the UA in t/modules/aaa.t when 
switching to form based auth checks. The old UA still had redirect 
support active and thus the test failed, because it tested conditions on 
the wrong response. The failure to create a new UA was hidden, because 
Apache-Test/lib/Apache/TestRequest.pm uses

     172     eval { $UA ||= __PACKAGE__->new(%$args); };

and the eval hides the error (likely on purpose for other situations).

>     t/ssl/pr12355.t                   (Wstat: 0 Tests: 10 Failed: 4)
>        Failed tests:  3-4, 7-8
>
>
> ditto (tested only with accept filter unloaded)
>
>     t/ssl/pr43738.t                   (Wstat: 0 Tests: 4 Failed: 2)
>        Failed tests:  1-2
>
>
> ditto (tested only with accept filter unloaded)

The failures have to do with renegotiations on POST. I see

[Mon Jun 08 05:00:10.525918 2015] [ssl:trace4] [pid 41020:tid 
34396698624] ssl_engine_io.c(2059): [client 127.0.0.1:57206] OpenSSL: 
I/O error, 5 bytes expected to read on BIO#80
2369be0 [mem: 813817003]
[Mon Jun 08 05:00:10.525934 2015] [ssl:debug] [pid 41020:tid 
34396698624] ssl_engine_kernel.c(802): [client 127.0.0.1:57206] AH02260: 
Performing full renegotiation: complete handshake protocol (client does 
support secure renegotiation)

then a reneg handshake but finally:

[Mon Jun 08 05:00:10.527224 2015] [ssl:error] [pid 41020:tid 
34396698624] [client 127.0.0.1:57206] AH02261: Re-negotiation handshake 
failed
[Mon Jun 08 05:00:10.527250 2015] [ssl:error] [pid 41020:tid 
34396698624] SSL Library Error: error:1408A0C1:SSL 
routines:SSL3_GET_CLIENT_HELLO:no shared cipher -- Too restrictive 
SSLCipherSuite or using DSA server certificate?

The config for the test case wants

SSLCipherSuite RC4-MD5

That it fails is a bit strange, because the https communication in 
principle works and the OpenSSL used does support that cipher.

Rainer

Mime
View raw message