Bug 1397241 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed to tomcat
Summary: Backport Apache Bug 53098 - mod_proxy_ajp: patch to set worker secret passed ...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: httpd
Version: 7.4
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Luboš Uhliarik
QA Contact: Ondřej Pták
URL:
Whiteboard:
Depends On:
Blocks: 1397243
TreeView+ depends on / blocked
 
Reported: 2016-11-22 01:57 UTC by Fraser Tweedale
Modified: 2017-08-01 21:36 UTC (History)
8 users (show)

Fixed In Version: httpd-2.4.6-62.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1397243 (view as bug list)
Environment:
Last Closed: 2017-08-01 21:36:44 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Apache Bugzilla 53098 0 None None None 2016-11-22 01:57:30 UTC
Red Hat Product Errata RHBA-2017:2175 0 normal SHIPPED_LIVE httpd bug fix update 2017-08-01 18:40:47 UTC

Description Fraser Tweedale 2016-11-22 01:57:31 UTC 
Description of problem:

Apache 2.4 does not support the AJP "worker secret" parameter.  This
has been implemented in 2.5 (Bug 53098[1]).  The change itself
(r1738878[2]) is small and straightforward.

[1] https://bz.apache.org/bugzilla/show_bug.cgi?id=53098
[2] https://svn.apache.org/viewvc?view=revision&revision=1738878

FreeIPA (ipa) and Dogtag (pki-core) would benefit from this feature
being backported to Apache in RHEL 7.4.


Version-Release number of selected component (if applicable): 2.4
Comment 4 Jean-frederic Clere 2016-11-29 10:17:56 UTC 
Well until the size of proxy_worker_shared is below 800 and secret is tested for '\0' we should be a good.
Comment 8 errata-xmlrpc 2017-08-01 21:36:44 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2175
Note You need to log in before you can comment on or make changes to this bug.