This bug was fixed in the package ceph - 12.2.11-0ubuntu0.18.04.2
---
ceph (12.2.11-0ubuntu0.18.04.2) bionic; urgency=medium
* d/control: Use openssl1.0 at build and runtime as
civetweb v1.8 is incompatible with 1.1 abi. It is
only compatible starting with civetweb v1.10 and
[VERIFICATION BIONIC]
I have deployed a Ceph cluster using juju deploy and then have updated
the entire cluster[1] to the ceph packages found in bionic-proposed
(built against libssl1.0.0).
On the rgw node, I have setup a ssl certificate, and instruct civetweb
in /etc/ceph/ceph.conf to use ssl[2]
[VERIFICATION BIONIC - Part 2] ^
The entire test cluster has been upgraded from bionic-proposed (ceph).
The test cluster has a RGW on every node, and the packages have tightly
versioned dependencies, so that upgraded the osds, mons, mgrs.
--
You received this bug notification because you are a m
** Description changed:
[Impact]
Since the introduction of OpenSSL 1.1.1 in 18.04 LTS:
https://launchpad.net/bugs/1797386
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8
[VERIFICATION BIONIC]
Here's what has been brought to my attention from an impacted user
testing the package found in bionic-proposed:
"
Hi,
I've tested these packages, and they seem to work OK.
I've done:
check bucket contents uploaded before upgrade still OK after upgrade
list, get, put, retrie
Hello Kellen, or anyone else affected,
Accepted ceph into bionic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/ceph/12.2.11-0ubuntu0.18.04.2 in a
few hours, and then in the -proposed repository.
Please help us by testing this new package. See
https
** Description changed:
[Impact]
+
+ Since the introduction of OpenSSL 1.1.1 in 18.04 LTS:
+ https://launchpad.net/bugs/1797386
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8
Uploaded in bionic upload queue. Waiting for sru verfication team
approval in order to start building in bionic-proposed.
- Eric
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822872
Title:
Bionic:
** Changed in: ceph (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822872
Title:
Bionic: Luminous radosgw incompatible with libssl1.1
To manage notificatio
* debdiff: lp1822872-ceph-bionic.debdiff
* MP:
https://git.launchpad.net/~slashd/ubuntu/+source/ceph/commit/?id=1abb386339c34bb793f1d7caa168930217724c71
** Patch added: "lp1822872-ceph-bionic.debdiff"
https://bugs.launchpad.net/ubuntu/bionic/+source/ceph/+bug/1822872/+attachment/5259077/+file
It has been brought to my attention by an impacted user who tested a
test package [2.2.11-0ubuntu0.18.04.1+testpkg15042019b2] with the fix:
"
Hi,
..
All three machines are now running 12.2.11-0ubuntu0.18.04.1+testpkg15042019b2
[though installing those packages did restart the entire cluster, which
It has been brought to my attention by an impacted user who tested a
test package [2.2.11-0ubuntu0.18.04.1+testpkg15042019b2] with the fix:
"
Hi,
..
All three machines are now running 12.2.11-0ubuntu0.18.04.1+testpkg15042019b2
...
and yes, they are all listening on the https port, and some light t
** Description changed:
[Impact]
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8c1736000 0 civetweb: 0x56114520d620: load_dll:
libcrypto.so.1.1: cannot find CRYPTO_num_locks
The backport of the civetweb fix in the attempts to resolve the
compatibility problem, reveal not being not being trivial, as it was
made on top of things not yet present in v1.8.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:/
The backport of the civetweb fix in the attempts to resolve the
compatibility problem, revealed not being trivial, as it was made on top
of things not yet there in v1.8.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.laun
** Changed in: ceph (Ubuntu Bionic)
Importance: Medium => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822872
Title:
Bionic: Luminous radosgw incompatible with libssl1.1
To manage notific
** Description changed:
[Impact]
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8c1736000 0 civetweb: 0x56114520d620: load_dll:
libcrypto.so.1.1: cannot find CRYPTO_num_locks
** Merge proposal linked:
https://code.launchpad.net/~slashd/ubuntu/+source/ceph/+git/ceph/+merge/366115
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822872
Title:
Bionic: Luminous radosgw inc
** Description changed:
[Impact]
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8c1736000 0 civetweb: 0x56114520d620: load_dll:
libcrypto.so.1.1: cannot find CRYPTO_num_locks
** Description changed:
[Impact]
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8c1736000 0 civetweb: 0x56114520d620: load_dll:
libcrypto.so.1.1: cannot find CRYPTO_num_locks
** Changed in: ceph (Ubuntu Bionic)
Status: Confirmed => In Progress
** Changed in: ceph (Ubuntu Bionic)
Assignee: (unassigned) => Eric Desrochers (slashd)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launc
** Description changed:
[Impact]
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8c1736000 0 civetweb: 0x56114520d620: load_dll:
libcrypto.so.1.1: cannot find CRYPTO_num_locks
** Description changed:
[Impact]
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8c1736000 0 civetweb: 0x56114520d620: load_dll:
libcrypto.so.1.1: cannot find CRYPTO_num_locks
** Description changed:
[Impact]
This is breaking Ceph cluster https service.
# logs:
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8c1736000 0 civetweb: 0x56114520d620: load_dll:
libcrypto.so.1.1: cannot find CRYPTO_num_locks
# IRC Discussion on freenode (#ubuntu-devel)
[11:46:46] slashd, jamespage - what am i missing about
https://bugs.launchpad.net/ubuntu/+source/ceph/+bug/1822872 ? =)
[11:46:47] Launchpad bug 1822872 in ceph (Ubuntu Bionic) "Bionic:
Luminous radosgw incompatible with libssl1.1" [Medium,Confirmed
In bionic we ship two OpenSSL: 1.0.2 and 1.1.0, both in main with
security support. The latter is getting upgraded from 1.1.0 to 1.1.1.
If ceph in bionic only supports 1.0.2 abi, it should build-depend on
libssl1.0-dev and use that both at build time and runtime.
If cepth in bionic support 1.1.0
** Description changed:
[Impact]
This is breaking Ceph cluster https service.
# logs:
- 2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
- 2019-04-02 16:40:14.846397 7ff8c1736000 0 civetweb: 0x56114520d620: load_dll:
libcrypto.so.1.1: cannot find CRYPTO_num_locks
** Description changed:
+ [Test Case]
+
+ 1) Generate a self-signed certificate or use whatever existing SSL
+ certificate already in place.
+
+ 2) From the radosgw node, modify "/etc/ceph/ceph.conf" as follow:
+ rgw_frontends = civetweb ssl_port=443 ssl_certificate=/etc/ssl/
+
+ 3) Restart t
I think we probably just want to pick the civetweb fix that resolves the
compatibility problem
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822872
Title:
Bionic: Luminous radosgw incompatible with
Note that disco and cosmic uses "1.10", and seems to contains the
necessary 1.1 support.
* civetweb.h:
#define CIVETWEB_VERSION "1.10"
#define CIVETWEB_VERSION_MAJOR (1)
#define CIVETWEB_VERSION_MINOR (10)
#define CIVETWEB_VERSION_PATCH (0)
#define CIVETWEB_VERSION_RELEASED
--
You received this
** Changed in: ceph (Ubuntu Bionic)
Status: New => Confirmed
** Changed in: ceph (Ubuntu Bionic)
Importance: Undecided => Medium
** Changed in: ceph (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subs
# Ceph: debian/control (just like Ceph upstream)
Build-Depends: cmake (>= 3.5),
cpio,
cryptsetup-bin | cryptsetup,
cython,
cython3,
debhelper (>= 9),
libsnappy-dev,
=> libssl-de
Additional information:
https://github.com/civetweb/civetweb/blob/master/RELEASE_NOTES.md
--
Release Notes v1.10
Objectives: OpenSSL 1.1 support, add server statistics and diagnostic data
..
* OpenSSL 1.1 support
--
--
You received this bug notification because you are a mem
https://github.com/civetweb/civetweb/issues/370
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1822872
Title:
Bionic: Luminous radosgw incompatible with libssl1.1
To manage notifications about this
Here's my thought process about this:
Package "2.2.11-0ubuntu0.18.04.1" uses: civetweb version "1.8"
Confirmation:
src/civetweb/include/civetweb.h:#define CIVETWEB_VERSION "1.8"
-
While I'm sure that downgrading libssl as 'Build-Depends' works for that
particular case, I am concerned ab
Here's my thought process about this:
Package "2.2.11-0ubuntu0.18.04.1" uses: civetweb version "1.8"
Confirmation:
src/civetweb/include/civetweb.h:#define CIVETWEB_VERSION "1.8"
-
While I'm sure that downgrading libssl as 'Build-Depends' works for that
particular case, I am concerned
It also been brought to my attention the following:
"
I can confirm that adjusting the Build-Depends to build against the older
libssl (from 1.1 to 1.0) works (per the patch you can see I added to the
upstream issue).
"
--
You received this bug notification because you are a member of Ubuntu
Bu
Here's what has been brought to my attention by someone impacted by the problem:
"
This is breaking our test cluster's https service, and blocks upgrading our
production cluster to 18.04.
2019-04-02 16:40:14.846313 7ff8c1736000 0 starting handler: civetweb
2019-04-02 16:40:14.846397 7ff8c17360
38 matches
Mail list logo