On 2019/04/11 20:25, Stuart Henderson wrote: > On 2019/04/10 05:12, Frank Groeneveld wrote: > > Last week an update to apache-httpd was released which fixes an important > > security issue. I updated a number of servers right away, but after > > receiving some traffic they started to produce SSL errors. I've tried to > > debug this as far as I could and have come to the conclusion that it only > > happens when using mpm_event_module. My configs are default, but I enable > > SSL and switch to the evented MPM. For certificates I use Let's Encrypt > > (using acme-client). ab prints the following errors. > > > > SSL handshake failed (1). > > 140321585887104:error:0407008A:rsa > > routines:RSA_padding_check_PKCS1_type_1:invalid > > padding:crypto/rsa/rsa_pk1.c:66: > > 140321585887104:error:04067072:rsa routines:rsa_ossl_public_decrypt:padding > > check failed:crypto/rsa/rsa_ossl.c:655: > > 140321585887104:error:1416D07B:SSL routines:tls_process_key_exchange:bad > > signature:ssl/statem/statem_clnt.c:2414: > > > > Web browsers show an error also, but some refreshing sometimes fixes the > > problem. Is anybody else able to reproduce this? Can I do anything to help > > resolve it? > > > > Thanks in advance. > > > > Frank > > > > I can replicate this on 6.4 but not -current, I'll see if I can figure > out what's up. >
Seems it was introduced between 2.4.35 and 2.4.37. I don't see anything particularly suspicious in the main code diff between those two versions, but one of the subtler changes is that it switches off MODSSL_USE_OPENSSL_PRE_1_1_API for libressl 2.7+. So probably one of the ifdef blocks is taking a code path that fails with the libressl code in 6.4 but has been changed post-6.4-release. Builds are taking ages on the machine I'm testing on and the wifi connection I'm on at the moment is stalling every few minutes and I'm losing patience now but if anyone wants to pick it up I'd suggest looking through the various #if MODSSL_USE_OPENSSL_PRE_1_1_API blocks and see if adding "&& !defined(LIBRESSL_VERSION_NUMBER)" to any of them fixes things (the usual libressl-porting whack-a-mole..).