Description of problem: mod_auth_cas cannot be loaded by Apache after updating to RHEL 6.1. It was working fine on RHEL 6.0 before the update. I assume some shared library update caused this. Version-Release number of selected component (if applicable): mod_auth_cas.x86_64 1.0.8.1-2.el6 How reproducible: Reproduced on a freshly installed RHEL 6.0 machine after updating to RHEL 6.1. Steps to Reproduce: 1. Update to RHEL 6.1 2. Try to load mod_auth_cas into Apache Actual results: Cannot load /etc/httpd/modules/mod_auth_cas.so into server: /etc/httpd/modules/mod_auth_cas.so: undefined symbol: SSL_connect Expected results: mod_auth_cas should load in Apache as it did with RHEL 6.0. Additional info: ldd suggests that the only shared library is libc.so.6 although, it seems that SSL_connect is part of openssl. I've also tried installing the compatibility version (openssl098e) from the RHEL repo, but that did not fix the problem either.
After further investigation, it appears that the recent update with openldap caused mod_auth_cas to not find the openldap libraries. mod_auth_cas.so should be linked to libssl to provide the SSL_connect symbol. https://rhn.redhat.com/errata/RHBA-2011-0673.html
Alternatively, the default conf file should have an IfModule directive to load mod_ssl before trying to load mod_auth_cas --- auth_cas.conf.old 2011-06-02 17:59:51.000000000 -0700 +++ auth_cas.conf 2011-06-02 17:58:53.000000000 -0700 @@ -2,5 +2,8 @@ # mod_auth_cas is an Apache 2.0/2.2 compliant module that supports the # CASv1 and CASv2 protocols # +<IfModule !mod_ssl.c> +LoadModule ssl_module modules/mod_ssl.so +</IfModule> LoadModule auth_cas_module modules/mod_auth_cas.so
*** Bug 731547 has been marked as a duplicate of this bug. ***
Added the mod_ssl IfModule directive to auth_cas.conf fixed this problem for me.
mod_auth_cas-1.0.8.1-3.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/mod_auth_cas-1.0.8.1-3.el6
Package mod_auth_cas-1.0.8.1-3.el6: * should fix your issue, * was pushed to the Fedora EPEL 6 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=epel-testing mod_auth_cas-1.0.8.1-3.el6' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4731 then log in and leave karma (feedback).
The fix requires mod_ssl but the RPM package does not require it? $ rpm -qpRi mod_auth_cas-1.0.8.1-3.el6.i686.rpm config(mod_auth_cas) = 1.0.8.1-3.el6 httpd libc.so.6 libc.so.6(GLIBC_2.0) libc.so.6(GLIBC_2.1.3) libc.so.6(GLIBC_2.3.4) libc.so.6(GLIBC_2.4) rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rtld(GNU_HASH) rpmlib(PayloadIsXz) <= 5.2-1 Name : mod_auth_cas Relocations: (not relocatable) Version : 1.0.8.1 Vendor: Fedora Project Release : 3.el6 Build Date: Tue 18 Oct 2011 11:42:09 AM MDT Install Date: (not installed) Build Host: x86-17.phx2.fedoraproject.org Group : System Environment/Daemons Source RPM: mod_auth_cas-1.0.8.1-3.el6.src.rpm Size : 55906 License: GPLv3+ with exceptions Signature : (none) Packager : Fedora Project URL : http://www.ja-sig.org/wiki/display/CASC/mod_auth_cas Summary : Apache 2.0/2.2 compliant module that supports the CASv1 and CASv2 protocols Description : mod_auth_cas is an Apache 2.0/2.2 compliant module that supports the CASv1 and CASv2 protocols
That fixes this but I get this warning when restarting apache ------------- # service httpd restart Stopping httpd: [ OK ] Starting httpd: [Thu Nov 03 18:09:24 2011] [warn] module ssl_module is already loaded, skipping [ OK ] To solve I added this to my ssl.conf ------------- <IfModule !mod_ssl.c> LoadModule ssl_module modules/mod_ssl.so </IfModule> I also noticed the same thing, that mod_auth_cas does not automatically require mod_ssl in yum.
Created attachment 686472 [details] SRPM for version 1.0.9.1 I have created a RPM for ourselves based off of 1.0.8.1 SRPM - I've updated to the lastest release (1.0.9.1) available from github and patched in a further fix for a build issue. It appears the "SSL_connect" issue has been resolved in this version for 6.1
mod_auth_cas-1.1-3.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d103f54e1
mod_auth_cas-1.1-3.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f10bc2847b
mod_auth_cas-1.1-3.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe566c7cc3
mod_auth_cas-1.1-3.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-658421e322
mod_auth_cas-1.1-3.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bdffaa7e00
mod_auth_cas-1.1-3.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bdffaa7e00
mod_auth_cas-1.1-3.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f10bc2847b
mod_auth_cas-1.1-3.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-658421e322
mod_auth_cas-1.1-3.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d103f54e1
mod_auth_cas-1.1-3.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe566c7cc3
mod_auth_cas-1.1-3.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
mod_auth_cas-1.1-3.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
mod_auth_cas-1.1-3.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
mod_auth_cas-1.1-3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.