On Tue, Jun 13, 2017 at 10:05 PM, Eric Covener <cove...@gmail.com> wrote:
> +1 AIX/xlc/ppc64
>
> I have two quirks to record, both are openssl / openssl 1.1 related
> but given the state of my AIX system I am still +1 on the release.
>
> - proxy/ssl.t almost totally fails with handhsake errors between
> client and origin
> [Tue Jun 13 21:37:04.265062 2017] [ssl:info] [pid 15073386:tid 6169]
> SSL Library Error: error:14171105:SSL
> routines:tls_process_server_hello:wrong cipher returned
>
> - There is some kind of atexit()-like issue with unloaded openssl-1.1
> that causes a SIGILL at shutdown (goes away w/o mod_ssl, is not
> related to signal handling thing)
> .() at 0x0
> exit(??) at 0x9000000000550c0
> destroy_and_exit_process(process = 0x000000011001eb28,
> process_exit_value = 0), line 266 in "main.c"
> main(argc = 4, argv = 0x0ffffffffffff7c8), line 685 in "main.c"
(replying to old vote thread for posterity)
TIL:
- linux calls atexit() callbacks when a library is unloaded, not just
at process exit
- AIX doesn't
- openssl 1.1 adds an atexit handler
- openssl 1.1 has some code to try to prevent the library from really
being unloaded by inflating the dlopen reference count so its atexit
will really be available at exit.
- https://github.com/openssl/openssl/pull/1693
- apparently this isn't working on AIX
- openssl 1.1 doesn't seem to be provided by IBM or third parties on
AIX as of early 2018.
--
Eric Covener
cove...@gmail.com
