Bug 1724879

Summary: httpd terminates all SSL connections using an abortive shutdown
Product: Red Hat Enterprise Linux 7 Reporter: Aaron Ogburn <aogburn>
Component: httpdAssignee: Luboš Uhliarik <luhliari>
Status: CLOSED ERRATA QA Contact: Branislav Náter <bnater>
Severity: high Docs Contact:
Priority: urgent    
Version: 7.7CC: bnater, jorton, kkawana, luhliari
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-09-29 20:07:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Aaron Ogburn 2019-06-28 02:18:17 UTC 
Description of problem:

httpd is terminating SSL connections incorrectly and is ignoring configuraton parameters and closing the connection before the timeout is defined.

we believe the following bug is responsible for this behaviour and we would like to see it deployed on RHEL 7.6 
https://bz.apache.org/bugzilla/show_bug.cgi?id=54998

You can replicate the problem on a webserver using the following command.
openssl s_client -crlf -connect server:443


Version-Release number of selected component (if applicable):

httpd-2.4.6-88.el7

How reproducible:

Very


Steps to Reproduce:
You can replicate the problem on a webserver using the following command.
openssl s_client -crlf -connect server:443

On servers where the patch is not available the openssl connection will be closed with 'read:errno=0' and on servers correctly working you will see the connection closing with 'closed'

Actual results:


Expected results:


Additional info:
Comment 8 errata-xmlrpc 2020-09-29 20:07:35 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: httpd security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:3958