Last update (for your suggestions) -- verbose output
t/security/CVE-2008-2364.t ..
1..3
# Running under perl version 5.010001 for aix
# Current time local: Fri Aug 8 11:38:28 2014
# Current time GMT: Fri Aug 8 11:38:28 2014
# Using Test.pm version 1.25_02
# Using Apache/Test.pm version 1.38
# testing : reverse proxy to index.html
# expected: 200
# received: '200'
ok 1
# testing : small number of interim responses - CVE-2008-2364
# expected: 200
# received: '100'
not ok 2
# Failed test 2 in t/security/CVE-2008-2364.t at line 19
# testing : large number of interim responses - CVE-2008-2364
# expected: 502
# received: '100'
not ok 3
# Failed test 3 in t/security/CVE-2008-2364.t at line 22
Failed 2/3 subtests
t/ssl/extlookup.t ...........
1..4
# Running under perl version 5.010001 for aix
# Current time local: Fri Aug 8 11:38:32 2014
# Current time GMT: Fri Aug 8 11:38:32 2014
# Using Test.pm version 1.25_02
# Using Apache/Test.pm version 1.38
# testing : ssl_ext_lookup works for 1.3.6.1.4.1.18060.12.0
# expected: 200
# received: '200'
ok 1
# testing : Extension value match for 1.3.6.1.4.1.18060.12.0
# expected: 'Lemons'
# received: 'NULL'
not ok 2
# Failed test 2 in t/ssl/extlookup.t at line 27
# testing : ssl_ext_lookup works for 2.16.840.1.113730.1.13
# expected: 200
# received: '200'
ok 3
# testing : Extension value match for 2.16.840.1.113730.1.13
# expected: 'This Is A Comment'
# received: 'This Is A Comment'
ok 4
Failed 1/4 subtests
t/ssl/require.t .............
1..10
# Running under perl version 5.010001 for aix
# Current time local: Fri Aug 8 11:38:36 2014
# Current time GMT: Fri Aug 8 11:38:36 2014
# Using Test.pm version 1.25_02
# Using Apache/Test.pm version 1.38
ok 1
ok 2
ok 3
ok 4
ok 5
ok 6
ok 7
ok 8
not ok 9
# Failed test 9 in t/ssl/require.t at line 44
ok 10
Failed 1/10 subtests
Test Summary Report
-------------------
t/security/CVE-2008-2364.t (Wstat: 0 Tests: 3 Failed: 2)
Failed tests: 2-3
t/ssl/extlookup.t (Wstat: 0 Tests: 4 Failed: 1)
Failed test: 2
t/ssl/require.t (Wstat: 0 Tests: 10 Failed: 1)
Failed test: 9
Files=3, Tests=17, 13 wallclock secs ( 0.08 usr 0.02 sys + 4.31 cusr
1.88 csys = 6.29 CPU)
Result: FAIL
Failed 3/3 test programs. 4/17 subtests failed.
Thank you for your attention!
On Fri, Aug 8, 2014 at 1:12 PM, Michael Felt <mamf...@gmail.com> wrote:
> update:
> I think the CVE test passed with 2.4.10 and failed with 2.2.28 because
> 1. iirc, 2.4.10 does not have CGI (by default) and 2.2.28 does.
> 2. the perl cgi_scripts needed are not present, so cannot be loaded
>
> The test is - mainly -
>
> Apache::TestRequest::module("proxy_http_reverse");
> Apache::TestRequest::user_agent(requests_redirectable => 0);
>
> my $r = GET("/reverse/");
> ok t_cmp($r->code, 200, "reverse proxy to index.html");
>
> if (have_cgi) {
> $r = GET("/reverse/modules/cgi/nph-interim1.pl");
> ok t_cmp($r->code, 200, "small number of interim responses -
> CVE-2008-2364");
>
> $r = GET("/reverse/modules/cgi/nph-interim2.pl");
> ok t_cmp($r->code, 502, "large number of interim responses -
> CVE-2008-2364");
>
> } else {
> skip "skipping tests without CGI module" foreach (1..2);
> }
>
> The first test passed (can GET /reverse/ )
> But the other two fail - I think because the nph-interim?.pl are missing
> in the ./test I download via svn:
>
> michael@x054:[/data/prj/SVN]svn checkout
> http://svn.apache.org/repos/asf/httpd/test/framework/trunk
> /data/prj/apache/httpd/test
>
> Fetching external item into 'apache/httpd/test/Apache-Test'
> Checked out external at revision 1616713.
>
> Checked out revision 1616713.
>
> cd /data/prj/apache/httpd/test
> root@x099:[/data/prj/apache/httpd/test]find . -name nph-interm1.pl
> root@x099:[/data/prj/apache/httpd/test]find . -name reverse
> ./t/htdocs/modules/proxy/reverse
> root@x099:[/data/prj/apache/httpd/test]find . -name reverse
> root@x099:[/data/prj/apache/httpd/test]ls -l
> ./t/htdocs/modules/proxy/reverse
> total 32
> drwxrwxr-x 6 michael felt 4096 Aug 06 12:40 .svn
> drwxrwxr-x 3 michael felt 4096 Feb 19 2013 notproxy
> root@x099:[/data/prj/apache/httpd/test]find . -name
> cgi
> ./t/htdocs/modules/cgi
>
> Suggestions?
>
>
>
> On Fri, Aug 8, 2014 at 12:42 PM, Michael Felt <mamf...@gmail.com> wrote:
>
>> after --enable-proxy reran tests and get this:
>> ...
>> using Apache/2.2.28-dev (worker MPM)
>> ...
>> Test Summary Report
>> -------------------
>> t/security/CVE-2008-2364.t (Wstat: 0 Tests: 3 Failed: 2)
>> Failed tests: 2-3
>>
>> t/ssl/extlookup.t (Wstat: 0 Tests: 4 Failed: 1)
>> Failed test: 2
>> t/ssl/require.t (Wstat: 0 Tests: 10 Failed: 1)
>> Failed test: 9
>> Files=109, Tests=3709, 589 wallclock secs ( 5.13 usr 0.48 sys + 166.18
>> cusr 74.55 csys = 246.34 CPU)
>> Result: FAIL
>>
>> Any assistance with taking the next step, e.g., understanding why the
>> test failed, is welcome.
>>
>>
>> On Fri, Aug 8, 2014 at 10:42 AM, Michael Felt <mamf...@gmail.com> wrote:
>>
>>> So, back to testing again - on the same system where 2.4.10-distro
>>> passed all tests it ran, 2.2.28-dev has a few errors reporting - and I need
>>> to figure out why mod_proxy is not being built (or maybe it is only that it
>>> is not Loaded)
>>>
>>> Summary:
>>> cc is a tracked alias for /usr/vac/bin/cc
>>> root@x099:[/data/prj/apache/httpd/test]oslevel -s
>>> 7100-02-04-1341
>>> root@x099:[/data/prj/apache/httpd/test]type perl
>>> perl is /usr/bin/perl
>>> root@x099:[/data/prj/apache/httpd/test]ls -l /usr/bin/perl
>>> lrwxrwxrwx 1 root system 29 Aug 05 21:00 /usr/bin/perl
>>> -> /usr/opt/perl5/bin/perl5.10.1
>>>
>>> root@x099:[/data/prj/apache/httpd/test]find /opt/httpd -name apxs
>>> /opt/httpd/sbin/apxs
>>> root@x099:[/data/prj/apache/httpd/test]perl Makefile.PL -apxs
>>> /opt/httpd/sbin/apxs
>>> [ info] generating script ./Apache-Test.save/t/cgi-bin/
>>> next_available_port.pl
>>> [ info] generating script ./Apache-Test.save/t/cgi-bin/cookies.pl
>>> ...
>>> Checking for File::Spec...ok
>>> Checking for Cwd...ok
>>> Generating a Unix-style Makefile
>>> Writing Makefile for httpd-test
>>> Writing MYMETA.yml and MYMETA.json
>>> root@x099:[/data/prj/apache/httpd/test]
>>>
>>> root@x099:[/data/prj/apache/httpd/test]find . ! -user michael -exec
>>> chown michael {} \;
>>> root@x099:[/data/prj/apache/httpd/test]su michael
>>> root@x099:[/data/prj/apache/httpd/test]t/TEST
>>> [warning] setting ulimit to allow core files
>>> ulimit -c unlimited; /usr/opt/perl5/bin/perl
>>> /data/prj/apache/httpd/test/t/TEST
>>> cd test_rwrite && make .libs/mod_test_rwrite.so
>>> make[1]: Entering directory
>>> `/data/prj/apache/httpd/test/c-modules/test_rwrite'
>>> /opt/httpd/sbin/apxs -D APACHE2
>>> -I/data/prj/apache/httpd/test/c-modules -c mod_test_rwrite.c
>>> ...
>>> using Apache/2.2.28-dev (worker MPM)
>>>
>>> waiting 60 seconds for server to start: ...
>>> waiting 60 seconds for server to start: ok (waited 2 secs)
>>> server loopback:8529 started
>>> server loopback:8530 listening (mod_nntp_like)
>>> server loopback:8531 listening (mod_nntp_like_ssl)
>>> server loopback:8532 listening (mod_ssl)
>>> server loopback:8533 listening (ssl_optional_cc)
>>> server loopback:8534 listening (ssl_pr33791)
>>> server loopback:8535 listening (proxy_http_bal1)
>>> server loopback:8536 listening (proxy_http_bal2)
>>> server loopback:8537 listening (proxy_http_balancer)
>>> server loopback:8538 listening (cve_2011_3368_rewrite)
>>> server loopback:8539 listening (proxy_http_reverse)
>>> server loopback:8540 listening (cve_2011_3368)
>>> server loopback:8541 listening (mod_headers)
>>> server loopback:8542 listening (error_document)
>>> server loopback:8543 listening (http_strict)
>>> server loopback:8544 listening (mod_vhost_alias)
>>> server loopback:8545 listening (mod_include)
>>> server loopback:8546 listening (proxy_http_https)
>>> server loopback:8547 listening (proxy_https_https)
>>> server loopback:8548 listening (proxy_https_http)
>>> [ info] adding source lib /data/prj/apache/httpd/test/Apache-Test/lib
>>> to @INC
>>> t/apache/404.t ...................... ok
>>> t/apache/acceptpathinfo.t ........... ok
>>> ...
>>> t/ssl/env.t ......................... ok
>>> t/ssl/extlookup.t ................... 1/4 # Failed test 2 in
>>> t/ssl/extlookup.t at line 27
>>> t/ssl/extlookup.t ................... Failed 1/4 subtests
>>> t/ssl/fakeauth.t .................... ok
>>> t/ssl/headers.t ..................... ok
>>> t/ssl/http.t ........................ ok
>>> t/ssl/pr12355.t ..................... ok
>>> t/ssl/pr43738.t ..................... ok
>>> t/ssl/proxy.t ....................... skipped: cannot find module
>>> 'mod_proxy', cannot find module 'proxy_http.c'
>>> t/ssl/require.t ..................... 2/10 # Failed test 9 in
>>> t/ssl/require.t at line 44
>>> t/ssl/require.t ..................... Failed 1/10 subtests
>>> t/ssl/v2.t .......................... ok
>>> t/ssl/varlookup.t ................... ok
>>> t/ssl/verify.t ...................... ok
>>>
>>> Test Summary Report
>>> -------------------
>>> t/ssl/extlookup.t (Wstat: 0 Tests: 4 Failed: 1)
>>> Failed test: 2
>>> t/ssl/require.t (Wstat: 0 Tests: 10 Failed: 1)
>>> Failed test: 9
>>> Files=109, Tests=3503, 533 wallclock secs ( 4.66 usr 0.47 sys + 161.53
>>> cusr 73.62 csys = 240.28 CPU)
>>> Result: FAIL
>>> Failed 2/109 test programs. 2/3503 subtests failed.
>>> [warning] server loopback:8529 shutdown
>>> [warning] port 8529 still in use...
>>> ......done
>>> [ error] error running tests (please examine t/logs/error_log)
>>>
>>>
>>>
>>> On Thu, Aug 7, 2014 at 6:05 PM, Michael Felt <mamf...@gmail.com> wrote:
>>>
>>>> Actually, there are more files involved - if you read the CHANGES you
>>>> might understand. So, here is a tar file with everything.
>>>>
>>>> As a zip file, because my mailer refuses the .tar file
>>>>
>>>>
>>>>
>>>> On Thu, Aug 7, 2014 at 5:43 PM, Michael Felt <mamf...@gmail.com> wrote:
>>>>
>>>>> Made updates to the wiki - and, although probably too late for 2.2.28
>>>>> release - please review this patch for build/aix stuff. Who knows, if/when
>>>>> a 2.2.29 release ever comes these will be there too.
>>>>>
>>>>> p.s. starting test run for trunk (aka 2.2.28)
>>>>>
>>>>> p.p.s. The idea is that the CHANGES file be added in build/aix. If
>>>>> that is a sin of some sort, please just append to build/aix/README.aix I
>>>>> will see what it becomes when trunk is updated.
>>>>>
>>>>>
>>>>> On Thu, Aug 7, 2014 at 9:08 AM, Michael Felt <mamf...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> I already have a login. I have a problem with writing in wiki's -
>>>>>> never satisfied with how I put it there, but I shall add/update the info
>>>>>> I
>>>>>> know.
>>>>>>
>>>>>>
>>>>>> On Wed, Aug 6, 2014 at 2:40 PM, Eric Covener <cove...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> On Wed, Aug 6, 2014 at 8:37 AM, Michael Felt <mamf...@gmail.com>
>>>>>>> wrote:
>>>>>>> > The good news:
>>>>>>> > All tests successful.
>>>>>>> > Files=109, Tests=4763, 645 wallclock secs ( 5.69 usr 0.51 sys +
>>>>>>> 175.37 cusr
>>>>>>> > 113.07 csys = 294.64 CPU)
>>>>>>> > Result: PASS
>>>>>>> >
>>>>>>> > How: tested on AIX 7.1 with a more modern perl version. There is
>>>>>>> one
>>>>>>> > sub-module (Test::Try if i recall correctly) - that demands perl
>>>>>>> 5.10 as a
>>>>>>> > minimum. So without that there are probably several perl modules
>>>>>>> that are
>>>>>>> > not sufficient for the tests to be processed correctly)
>>>>>>> >
>>>>>>> > For now I am just going to be happy with: All tests successful.
>>>>>>> ... Result:
>>>>>>> > PASS
>>>>>>> >
>>>>>>>
>>>>>>> Can you take a pass through
>>>>>>> https://wiki.apache.org/httpd/AIXPlatform
>>>>>>> while it's still fresh? You may have to register a nickname there and
>>>>>>> then ask for write access (spam problems
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
