Bug 1084230

Summary: mod_ssl option "SSLPassPhraseDialog exec:/path/to/program" no longer works as documented
Product: [Fedora] Fedora Reporter: Bill Gianopoulos <wgianopoulos>
Component: httpdAssignee: Jan Kaluža <jkaluza>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 20CC: jkaluza, jorton, pahan
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-08-20 06:00:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Bill Gianopoulos 2014-04-03 23:27:57 UTC 
Description of problem:


Version-Release number of selected component (if applicable): mod_ssl-2.4.9-2.fc20.x86_64


Additional info:

This has worked for every version from fedora14 through mod_ssl-2.4.9-2.fc20.x86_64

The documentation says that the program will be called with 2 parameters the first being <hostname>:<port number> and the second being either ``RSA'', ``DSA'', or ``ECC''.

After updating to mod_ssl-2.4.9-2.fc20.x86_64, it is, in my case, being called with one parameter only, and it being <hostname>:<port number>:0.  This is most likely an upstream regression.  This is likely not an intentional change.  Were it intentional the documentation should have updated appropriately, yet it was not.
Comment 1 Bill Gianopoulos 2014-04-03 23:31:36 UTC 
(In reply to Bill Gianopoulos from comment #0)

> This has worked for every version from fedora14 through
> mod_ssl-2.4.9-2.fc20.x86_64

Oops bad cut/paste that should have read every version form fedora14 through mod_ssl-2.4.6-6.fc20.x86_64
Comment 2 Jan Kaluža 2014-04-04 11:59:35 UTC 
This looks like a bug. I've sent email upstream and I'm working on patch currently. Thanks for letting us know.
Comment 3 Bill Gianopoulos 2014-04-04 12:26:08 UTC 
(In reply to Jan Kaluža from comment #2)
> This looks like a bug. I've sent email upstream and I'm working on patch
> currently. Thanks for letting us know.

Thanks!

I have worked around it in the script i run.  I decided to file it here rather than in Apache's bugzilla, because my experience has not been very successful in getting anything fixed via that method unless a patch is provided and I am not familiar enough with this code to do that.
Comment 4 Jan Kaluža 2014-04-07 08:36:54 UTC 
It looks like the original upstream developer who did this incompatibility thinks it's not the core information for the scripts using SSLPassPhraseDialog. The documentation in httpd trunk (developer version of 2.5) has been fixed.

He asked following:
> Can you provide more information about the specific script/program (and
> what is causing the incompatibility)? This would help in getting a
> better understanding of the problem, I think.

Original upstream thread can be found here:
http://mail-archives.apache.org/mod_mbox/httpd-dev/201404.mbox/%3C533FE7EC.9060706%40velox.ch%3E
Comment 5 Fedora Admin XMLRPC Client 2014-06-30 09:54:18 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 6 Jan Kaluža 2014-08-20 06:00:50 UTC 
This has been fixed in httpd-2.4.10 as it is in Fedora 20 now.