Bug 2095650
| Summary: | Dependency from mod_http2 on httpd broken | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 8 | Reporter: | Stefan Neufeind <redhat> | |
| Component: | httpd-2.4-module | Assignee: | Luboš Uhliarik <luhliari> | |
| Status: | CLOSED ERRATA | QA Contact: | Branislav Náter <bnater> | |
| Severity: | unspecified | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 8.6 | CC: | icesalov | |
| Target Milestone: | rc | Keywords: | Triaged | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | httpd-2.4-8080020221213105150.fd72936b | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 2143176 (view as bug list) | Environment: | ||
| Last Closed: | 2023-05-16 08:28:23 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2143176 | |||
|
Description
Stefan Neufeind
2022-06-10 06:38:01 UTC
Hello Stefan, Do you know, what version mod_http2 had before and after the update? Can't say anymore, sorry. Not easy to retest this in the environment I had around that time. I only see the versions that I logged in this issue. So that seems to have been *after* the update mod_http2 1.15.7-5.module+el8.6.0+823+f143cee1 - which does seem to have some dependency to httpd and failed a reload with the old httpd/mod_ssl-version I had ... but worked fine after updating to httpd 2.4.37-47.module+el8.6.0+823+f143cee1.1 (I bet the httpd-release before was just one minor patch-level update before that - it's usually alway kept up-to-date.) Hi Stefan, I found out what is the problem - when I was backporting the CVE fix for httpd, there was a change in API [0]. As a part of that CVE fix, new function ap_post_read_request has been introduced. Therefore, if you try to run a new mod_http2 containing the fix of that CVE, with the older httpd which does not include ap_post_read_request function, httpd startup will end up with the following error: Nov 10 06:14:21 ci-vm-10-0-137-130.hosted.upshift.rdu2.redhat.com systemd[1]: Starting The Apache HTTP Server... Nov 10 06:14:21 ci-vm-10-0-137-130.hosted.upshift.rdu2.redhat.com httpd[6922]: httpd: Syntax error on line 59 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/…ead_request Nov 10 06:14:21 ci-vm-10-0-137-130.hosted.upshift.rdu2.redhat.com systemd[1]: httpd.service: Main process exited, code=exited, status=1/FAILURE Nov 10 06:14:21 ci-vm-10-0-137-130.hosted.upshift.rdu2.redhat.com systemd[1]: httpd.service: Failed with result 'exit-code'. Nov 10 06:14:21 ci-vm-10-0-137-130.hosted.upshift.rdu2.redhat.com systemd[1]: Failed to start The Apache HTTP Server. Unfortunately I forgot to add correct dependency of mod_http2 to the httpd. I will fix this in the next mod_http2 release and I will try to come up with some tests so it will be less likely to this issue to happen again. [0] https://bugzilla.redhat.com/show_bug.cgi?id=2035030 Wow, thanks a bunch for digging this deep into it. Sounds logical and promising. Thanks for the update. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (httpd:2.4 bug fix and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2023:2789 |