On Tue, Jun 13, 2017 at 10:05 PM, Eric Covener <cove...@gmail.com> wrote: > +1 AIX/xlc/ppc64 > > I have two quirks to record, both are openssl / openssl 1.1 related > but given the state of my AIX system I am still +1 on the release. > > - proxy/ssl.t almost totally fails with handhsake errors between > client and origin > [Tue Jun 13 21:37:04.265062 2017] [ssl:info] [pid 15073386:tid 6169] > SSL Library Error: error:14171105:SSL > routines:tls_process_server_hello:wrong cipher returned > > - There is some kind of atexit()-like issue with unloaded openssl-1.1 > that causes a SIGILL at shutdown (goes away w/o mod_ssl, is not > related to signal handling thing) > .() at 0x0 > exit(??) at 0x9000000000550c0 > destroy_and_exit_process(process = 0x000000011001eb28, > process_exit_value = 0), line 266 in "main.c" > main(argc = 4, argv = 0x0ffffffffffff7c8), line 685 in "main.c"
(replying to old vote thread for posterity) TIL: - linux calls atexit() callbacks when a library is unloaded, not just at process exit - AIX doesn't - openssl 1.1 adds an atexit handler - openssl 1.1 has some code to try to prevent the library from really being unloaded by inflating the dlopen reference count so its atexit will really be available at exit. - https://github.com/openssl/openssl/pull/1693 - apparently this isn't working on AIX - openssl 1.1 doesn't seem to be provided by IBM or third parties on AIX as of early 2018. -- Eric Covener cove...@gmail.com