apache2: mod_ssl fails to load with OpenSSL 3.0
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Fix Released
|
High
|
Sergio Durigan Junior |
Bug Description
Installing apache2 in a system with OpenSSL 3.0 makes the service fail to start if mod_ssl is enabled:
Nov 18 21:55:43 autopkgtest-
Nov 18 21:55:43 autopkgtest-
Nov 18 21:55:43 autopkgtest-
Nov 18 21:55:43 autopkgtest-
Nov 18 21:55:43 autopkgtest-
Nov 18 21:55:43 autopkgtest-
Nov 18 21:55:43 autopkgtest-
We're planning to transition to OpenSSL 3.0 for the 22.04 release, and consider
this issue as blocking for this transition.
You can find general migration informations at
https:/
For your tests, you can build against libssl-dev as found in the PPA
schopin/
You can test this by using the follow PPA:
ppa:schopin/
Upstream has apparently fixed the issue with the following commit:
https:/
Related branches
- Andreas Hasenack: Approve
- Christian Ehrhardt (community): Needs Fixing
- git-ubuntu import: Pending requested
-
Diff: 3625 lines (+2918/-33) (has conflicts)22 files modifieddebian/apache2-bin.install (+1/-0)
debian/apache2-utils.ufw.profile (+14/-0)
debian/apache2.dirs (+1/-0)
debian/apache2.install (+1/-0)
debian/apache2.postrm (+1/-0)
debian/apache2.py (+48/-0)
debian/apache2ctl (+33/-18)
debian/changelog (+1897/-2)
debian/control (+7/-1)
debian/index.html (+19/-12)
debian/patches/series (+13/-0)
debian/patches/support-openssl3-001.patch (+88/-0)
debian/patches/support-openssl3-002.patch (+345/-0)
debian/patches/support-openssl3-003.patch (+48/-0)
debian/patches/support-openssl3-004.patch (+56/-0)
debian/patches/support-openssl3-005.patch (+121/-0)
debian/patches/support-openssl3-006.patch (+33/-0)
debian/patches/support-openssl3-007.patch (+72/-0)
debian/patches/support-openssl3-008.patch (+29/-0)
debian/patches/support-openssl3-009.patch (+36/-0)
debian/patches/support-openssl3-010.patch (+54/-0)
debian/source/include-binaries (+1/-0)
- Bryce Harrington (community): Approve
- Canonical Server packageset reviewers: Pending requested
-
Diff: 976 lines (+900/-0)12 files modifieddebian/changelog (+8/-0)
debian/patches/series (+10/-0)
debian/patches/support-openssl3-001.patch (+88/-0)
debian/patches/support-openssl3-002.patch (+345/-0)
debian/patches/support-openssl3-003.patch (+48/-0)
debian/patches/support-openssl3-004.patch (+56/-0)
debian/patches/support-openssl3-005.patch (+121/-0)
debian/patches/support-openssl3-006.patch (+33/-0)
debian/patches/support-openssl3-007.patch (+72/-0)
debian/patches/support-openssl3-008.patch (+29/-0)
debian/patches/support-openssl3-009.patch (+36/-0)
debian/patches/support-openssl3-010.patch (+54/-0)
Changed in apache2 (Ubuntu): | |
assignee: | nobody → Sergio Durigan Junior (sergiodj) |
Changed in apache2 (Ubuntu): | |
status: | New → In Progress |
Changed in apache2 (Ubuntu): | |
status: | In Progress → Fix Committed |
Actually, a better reference for an upstream fix is:
https:/ /github. com/apache/ httpd/pull/ 258
Note that, as of this writing, the PR is still open and apparently a regression has been found with OpenSSL 3. We should take a closer look.