Re: [VOTE] Release httpd-2.4.40
Jan Ehrhardt in gmane.comp.apache.devel (Sat, 03 Aug 2019 21:22:58 +0200): >Gregg Smith in gmane.comp.apache.devel (Sat, 3 Aug 2019 08:43:21 -0700): >>On 8/3/2019 6:51 AM, Daniel Ruggeri wrote: >>> Hi, all; >>> Please find below the proposed release tarball and signatures: >>> https://dist.apache.org/repos/dist/dev/httpd/ >> >>[X] +1: It's good enough! >> >>VC14 & 15 x86 & x64 w/ makefiles > >Did you test mod_md? If I remove the apache/md directory httpd 2.4.39 >creates certificates, first in md/staging then in md/domains. >httpd 2.4.40 fails. > >No config changes. VC9 x86 OpenSSL 1.0.2, if that matters. Both 2.4.39 >and 2.4.40 were compiled today. > >I will test later on with VC15 x64 OpenSSL 1.1.1. Same problem with VC15 x64 OpenSSL 1.1.1 and Apachelounge's VS16 x64 https://www.apachelounge.com/viewtopic.php?t=8329 Maybe some config chanes are needed, but then they should be clearly documented in the change log. The trouble with this release is that the problem with mod_md will only show up when the first certificate has to be renewed. FWIW: [x] -1: There's trouble in paradise. Here's what's wrong. -- Jan
Re: [VOTE] Release httpd-2.4.40
Gregg Smith in gmane.comp.apache.devel (Sat, 3 Aug 2019 08:43:21 -0700): >On 8/3/2019 6:51 AM, Daniel Ruggeri wrote: >> Hi, all; >> Please find below the proposed release tarball and signatures: >> https://dist.apache.org/repos/dist/dev/httpd/ > >[X] +1: It's good enough! > >VC14 & 15 x86 & x64 w/ makefiles Did you test mod_md? If I remove the apache/md directory httpd 2.4.39 creates certificates, first in md/staging then in md/domains. httpd 2.4.40 fails. No config changes. VC9 x86 OpenSSL 1.0.2, if that matters. Both 2.4.39 and 2.4.40 were compiled today. I will test later on with VC15 x64 OpenSSL 1.1.1. -- Jan
Re: [VOTE] Release httpd-2.4.40
On 8/3/2019 6:51 AM, Daniel Ruggeri wrote: Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ [X] +1: It's good enough! VC14 & 15 x86 & x64 w/ makefiles Opps, looks like the APLOGNO's didn't get filled in. I'm still ok with releasing .40 w/o them. mod_md.c(386): warning C4003: not enough actual parameters for macro 'APLOGNO' mod_md.c(391): warning C4003: not enough actual parameters for macro 'APLOGNO' mod_md.c(601): warning C4003: not enough actual parameters for macro 'APLOGNO' mod_md.c(608): warning C4003: not enough actual parameters for macro 'APLOGNO' mod_md.c(659): warning C4003: not enough actual parameters for macro 'APLOGNO' mod_md.c(702): warning C4003: not enough actual parameters for macro 'APLOGNO' mod_md.c(912): warning C4003: not enough actual parameters for macro 'APLOGNO'
[VOTE] Release httpd-2.4.40
Hi, all; Please find below the proposed release tarball and signatures: https://dist.apache.org/repos/dist/dev/httpd/ I would like to call a VOTE over the next few days to release this candidate tarball as 2.4.40: [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. The computed digests of the tarball up for vote are: sha1: 31bc6f87ac209010b8b364abc1c80dfaee53cc64 *httpd-2.4.40.tar.gz sha256: 451e6cf6caa09119900b74652266427f70050de5c51948acd4aaaf60d0d3cad0 *httpd-2.4.40.tar.gz -- Daniel Ruggeri
Re: Vote thread for 2.4.40 not started yet?
Ahhh! I did send a VOTE email, but it looks like it never made it
through to the list!
I will retry from my ASF address through the ASF mail relay...
Date: Fri, 02 Aug 2019 15:18:57 -0500
From: Daniel Ruggeri
To: dev@httpd.apache.org
Subject: [VOTE] Release httpd-2.4.40
Message-ID:
X-Sender: drugg...@primary.net
User-Agent: Roundcube Webmail/0.9.2
--
Daniel Ruggeri
On 8/3/2019 6:43 AM, Rainer Jung wrote:
> Hi Daniel,
>
> did you forget to start the vote thread or are the uploads not ready yet?
>
> Thanks and regards,
>
> Rainer
>
> Am 02.08.2019 um 22:18 schrieb drugg...@apache.org:
>> Author: druggeri
>> Date: Fri Aug 2 20:18:19 2019
>> New Revision: 35120
>>
>> Log:
>> Add 2.4.40 files
>>
>> Added:
>> dev/httpd/CHANGES_2.4
>> dev/httpd/CHANGES_2.4.40
>> dev/httpd/httpd-2.4.40-deps.tar.bz2 (with props)
>> dev/httpd/httpd-2.4.40-deps.tar.bz2.asc
>> dev/httpd/httpd-2.4.40-deps.tar.bz2.md5
>> dev/httpd/httpd-2.4.40-deps.tar.bz2.sha1
>> dev/httpd/httpd-2.4.40-deps.tar.bz2.sha256
>> dev/httpd/httpd-2.4.40-deps.tar.gz (with props)
>> dev/httpd/httpd-2.4.40-deps.tar.gz.asc
>> dev/httpd/httpd-2.4.40-deps.tar.gz.md5
>> dev/httpd/httpd-2.4.40-deps.tar.gz.sha1
>> dev/httpd/httpd-2.4.40-deps.tar.gz.sha256
>> dev/httpd/httpd-2.4.40.tar.bz2 (with props)
>> dev/httpd/httpd-2.4.40.tar.bz2.asc
>> dev/httpd/httpd-2.4.40.tar.bz2.md5
>> dev/httpd/httpd-2.4.40.tar.bz2.sha1
>> dev/httpd/httpd-2.4.40.tar.bz2.sha256
>> dev/httpd/httpd-2.4.40.tar.gz (with props)
>> dev/httpd/httpd-2.4.40.tar.gz.asc
>> dev/httpd/httpd-2.4.40.tar.gz.md5
>> dev/httpd/httpd-2.4.40.tar.gz.sha1
>> dev/httpd/httpd-2.4.40.tar.gz.sha256
>> Modified:
>> dev/httpd/Announcement2.4.html
>> dev/httpd/Announcement2.4.txt
>>
>> Modified: dev/httpd/Announcement2.4.html
>> ==
>>
>> --- dev/httpd/Announcement2.4.html (original)
>> +++ dev/httpd/Announcement2.4.html Fri Aug 2 20:18:19 2019
>> @@ -49,7 +49,7 @@
>>
>>
>> - Apache HTTP Server 2.4.39 Released
>> + Apache HTTP Server 2.4.40 Released
>>
>>
>> September 21, 2018
>> @@ -57,7 +57,7 @@
>>
>> The Apache Software Foundation and the Apache HTTP Server
>> Project are
>> pleased to > href="https://www.apache.org/dist/httpd/Announcement2.4.html";>announce
>> - the release of version 2.4.39 of the Apache
>> + the release of version 2.4.40 of the Apache
>> HTTP Server ("Apache"). This version of Apache is our latest GA
>> release of the new generation 2.4.x branch of Apache HTTPD and
>> represents fifteen years of innovation by the project, and is
>> @@ -69,7 +69,7 @@
>> encourage users of all prior versions to upgrade.
>>
>>
>> - Apache HTTP Server 2.4.39 is available for download from:
>> + Apache HTTP Server 2.4.40 is available for download from:
>>
>>
>> https://httpd.apache.org/download.cgi";
>> @@ -77,7 +77,7 @@
>>
>>
>> Please see the CHANGES_2.4 file,
>> linked from the download page, for a
>> - full list of changes. A condensed list, > href="./CHANGES_2.4.39">CHANGES_2.4.39 includes only
>> + full list of changes. A condensed list, > href="./CHANGES_2.4.40">CHANGES_2.4.40 includes only
>> those changes introduced since the prior 2.4 release. A summary
>> of all
>> of the security vulnerabilities addressed in this and earlier
>> releases
>> is available:
>>
>> Modified: dev/httpd/Announcement2.4.txt
>> ==
>>
>> --- dev/httpd/Announcement2.4.txt (original)
>> +++ dev/httpd/Announcement2.4.txt Fri Aug 2 20:18:19 2019
>> @@ -1,9 +1,9 @@
>> - Apache HTTP Server 2.4.39 Released
>> + Apache HTTP Server 2.4.40 Released
>> September 21, 2018
>> The Apache Software Foundation and the Apache HTTP Server Project
>> - are pleased to announce the release of version 2.4.39 of the Apache
>> + are pleased to announce the release of version 2.4.40 of the Apache
>> HTTP Server ("Apache"). This version of Apache is our latest GA
>> release of the new generation 2.4.x branch of Apache HTTPD and
>> represents fifteen years of innovation by the project, and is
>> @@ -13,7 +13,7 @@
>> We consider this release to be the best version of Apache
>> available, and
>> encourage users of all prior versions to upgrade.
>> - Apache HTTP Server 2.4.39 is available for download from:
>> + Apache HTTP Server 2.4.40 is available for download from:
>> https://httpd.apache.org/download.cgi
>> @@ -24,7 +24,7 @@
>> https://httpd.apache.org/docs/trunk/new_features_2_4.html
>> Please see the CHANGES_2.4 file, linked from the download
>> page, for a
>> - full list of changes. A condensed list, CHANGES_2.4.39 in
Vote thread for 2.4.40 not started yet?
Hi Daniel,
did you forget to start the vote thread or are the uploads not ready yet?
Thanks and regards,
Rainer
Am 02.08.2019 um 22:18 schrieb drugg...@apache.org:
Author: druggeri
Date: Fri Aug 2 20:18:19 2019
New Revision: 35120
Log:
Add 2.4.40 files
Added:
dev/httpd/CHANGES_2.4
dev/httpd/CHANGES_2.4.40
dev/httpd/httpd-2.4.40-deps.tar.bz2 (with props)
dev/httpd/httpd-2.4.40-deps.tar.bz2.asc
dev/httpd/httpd-2.4.40-deps.tar.bz2.md5
dev/httpd/httpd-2.4.40-deps.tar.bz2.sha1
dev/httpd/httpd-2.4.40-deps.tar.bz2.sha256
dev/httpd/httpd-2.4.40-deps.tar.gz (with props)
dev/httpd/httpd-2.4.40-deps.tar.gz.asc
dev/httpd/httpd-2.4.40-deps.tar.gz.md5
dev/httpd/httpd-2.4.40-deps.tar.gz.sha1
dev/httpd/httpd-2.4.40-deps.tar.gz.sha256
dev/httpd/httpd-2.4.40.tar.bz2 (with props)
dev/httpd/httpd-2.4.40.tar.bz2.asc
dev/httpd/httpd-2.4.40.tar.bz2.md5
dev/httpd/httpd-2.4.40.tar.bz2.sha1
dev/httpd/httpd-2.4.40.tar.bz2.sha256
dev/httpd/httpd-2.4.40.tar.gz (with props)
dev/httpd/httpd-2.4.40.tar.gz.asc
dev/httpd/httpd-2.4.40.tar.gz.md5
dev/httpd/httpd-2.4.40.tar.gz.sha1
dev/httpd/httpd-2.4.40.tar.gz.sha256
Modified:
dev/httpd/Announcement2.4.html
dev/httpd/Announcement2.4.txt
Modified: dev/httpd/Announcement2.4.html
==
--- dev/httpd/Announcement2.4.html (original)
+++ dev/httpd/Announcement2.4.html Fri Aug 2 20:18:19 2019
@@ -49,7 +49,7 @@
- Apache HTTP Server 2.4.39 Released
+ Apache HTTP Server 2.4.40 Released
September 21, 2018
@@ -57,7 +57,7 @@
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to https://www.apache.org/dist/httpd/Announcement2.4.html";>announce
- the release of version 2.4.39 of the Apache
+ the release of version 2.4.40 of the Apache
HTTP Server ("Apache"). This version of Apache is our latest GA
release of the new generation 2.4.x branch of Apache HTTPD and
represents fifteen years of innovation by the project, and is
@@ -69,7 +69,7 @@
encourage users of all prior versions to upgrade.
- Apache HTTP Server 2.4.39 is available for download from:
+ Apache HTTP Server 2.4.40 is available for download from:
https://httpd.apache.org/download.cgi";
@@ -77,7 +77,7 @@
Please see the CHANGES_2.4 file, linked from
the download page, for a
- full list of changes. A condensed list, CHANGES_2.4.39 includes only
+ full list of changes. A condensed list, CHANGES_2.4.40 includes only
those changes introduced since the prior 2.4 release. A summary of all
of the security vulnerabilities addressed in this and earlier releases
is available:
Modified: dev/httpd/Announcement2.4.txt
==
--- dev/httpd/Announcement2.4.txt (original)
+++ dev/httpd/Announcement2.4.txt Fri Aug 2 20:18:19 2019
@@ -1,9 +1,9 @@
-Apache HTTP Server 2.4.39 Released
+Apache HTTP Server 2.4.40 Released
September 21, 2018
The Apache Software Foundation and the Apache HTTP Server Project
- are pleased to announce the release of version 2.4.39 of the Apache
+ are pleased to announce the release of version 2.4.40 of the Apache
HTTP Server ("Apache"). This version of Apache is our latest GA
release of the new generation 2.4.x branch of Apache HTTPD and
represents fifteen years of innovation by the project, and is
@@ -13,7 +13,7 @@
We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.
- Apache HTTP Server 2.4.39 is available for download from:
+ Apache HTTP Server 2.4.40 is available for download from:
https://httpd.apache.org/download.cgi
@@ -24,7 +24,7 @@
https://httpd.apache.org/docs/trunk/new_features_2_4.html
Please see the CHANGES_2.4 file, linked from the download page, for a
- full list of changes. A condensed list, CHANGES_2.4.39 includes only
+ full list of changes. A condensed list, CHANGES_2.4.40 includes only
those changes introduced since the prior 2.4 release. A summary of all
of the security vulnerabilities addressed in this and earlier releases
is available:
Re: changelog mod_md ssl patch
Hi Steffen, Am 03.08.2019 um 12:36 schrieb Steffen: Changelog says mod_ssl needs patch. That is a typo or where is the patch. *) mod_md: new features - supports the ACMEv2 protocol - new challenge method 'tls-alpn-01' implemented, needs mod_ssl patch to become available I would say it's conatined in: *) mod_ssl/mod_md: reversing dependency by letting mod_ssl offer hooks for adding certificates and keys to a virtual host. An additional hook allows answering special TLS connections as used in ACME challenges. Adding 2 new hooks for init/get of OCSP stapling status information when other modules want to provide those. Falls back to own implementation with same behaviour as before. [Stefan Eissing] especially in "An additional hook allows answering special TLS connections as used in ACME challenges.". The refence to a needed mod_ssl patch is a bit hard tu understand here and probably had a historical reason, before that patch actually got applied to mod_ssl (and if you are using mod_md from github and mod_ssl is older). Regards, Rainer
changelog mod_md ssl patch
Changelog says mod_ssl needs patch. That is a typo or where is the patch. *) mod_md: new features - supports the ACMEv2 protocol - new challenge method 'tls-alpn-01' implemented, needs mod_ssl patch to become available
