| Summary: | =www-servers/apache-2.2.31[ssl] should be rebuilt after openssl version bump (=dev-libs/openssl-1.0.2e -> openssl-1.0.2f) | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Volkmar Glauche <volkmar.glauche> |
| Component: | Current packages | Assignee: | Lars Wendler (Polynomial-C) (RETIRED) <polynomial-c> |
| Status: | RESOLVED INVALID | ||
| Severity: | normal | CC: | base-system, hydrapolic |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Attachments: |
emerge --info
apache error_log excerpt |
||
Created attachment 424526 [details]
apache error_log excerpt
This is already solved in apache-2.eclass:
ssl? (
!libressl? ( >=dev-libs/openssl-1.0.2:0= )
libressl? ( dev-libs/libressl:= )
)
But openssl didn't bump subslot
1.0.2e should be compatible w/1.0.2f, so bumping the subslot would be incorrect. i haven't seen the behavior described myself. The openssl messages shown in the attached apache logs are only infos/notices. They do not lead to apache refusing to provide https content. The real error here is the segmentation fault in the last line which I doubt it comes from the updated openssl lib. |
Created attachment 424524 [details] emerge --info After upgrading dev-libs/openssl from 1.0.2e to 1.0.2f, apache 2.2.31 ceased to serve https:// connections. An excerpt from apache error_log is attached. Note the different OpenSSL versions reported in Lines 1 and 2 (compile time vs runtime). The last line shows a segmentation fault following a https:// connection attempt. Rebuilding apache against openssl 1.0.2f solves the problem, but the rebuild was not triggered automatically while upgrading openssl.