Bug 708550 - mod_auth_cas cannot be loaded after update to RHEL 6.1
mod_auth_cas cannot be loaded after update to RHEL 6.1
Status: CLOSED ERRATA
Product: Fedora EPEL
Classification: Fedora
Component: mod_auth_cas (Show other bugs)
el6
x86_64 Linux
unspecified Severity unspecified
: ---
: ---
Assigned To: Adam Miller
Fedora Extras Quality Assurance
:
: 731547 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-05-27 19:23 EDT by Jimmy Ngo
Modified: 2016-09-23 19:21 EDT (History)
6 users (show)

See Also:
Fixed In Version: mod_auth_cas-1.1-3.fc25 mod_auth_cas-1.1-3.el6 mod_auth_cas-1.1-3.el7 mod_auth_cas-1.1-3.fc23
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-09-23 12:26:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
SRPM for version 1.0.9.1 (75.67 KB, audio/x-pn-realaudio-plugin)
2013-01-24 01:02 EST, Aaron Howell
no flags Details

  None (edit)
Description Jimmy Ngo 2011-05-27 19:23:20 EDT
Description of problem:
mod_auth_cas cannot be loaded by Apache after updating to RHEL 6.1. It was working fine on RHEL 6.0 before the update. I assume some shared library update caused this.

Version-Release number of selected component (if applicable):
mod_auth_cas.x86_64               1.0.8.1-2.el6

How reproducible:
Reproduced on a freshly installed RHEL 6.0 machine after updating to RHEL 6.1.

Steps to Reproduce:
1. Update to RHEL 6.1
2. Try to load mod_auth_cas into Apache
  
Actual results:
Cannot load /etc/httpd/modules/mod_auth_cas.so into server: /etc/httpd/modules/mod_auth_cas.so: undefined symbol: SSL_connect

Expected results:
mod_auth_cas should load in Apache as it did with RHEL 6.0.

Additional info:
ldd suggests that the only shared library is libc.so.6 although, it seems that SSL_connect is part of openssl. I've also tried installing the compatibility version (openssl098e) from the RHEL repo, but that did not fix the problem either.
Comment 1 Jimmy Ngo 2011-06-02 20:47:58 EDT
After further investigation, it appears that the recent update with openldap caused mod_auth_cas to not find the openldap libraries. mod_auth_cas.so should be linked to libssl to provide the SSL_connect symbol.

https://rhn.redhat.com/errata/RHBA-2011-0673.html
Comment 2 Jimmy Ngo 2011-06-02 21:00:46 EDT
Alternatively, the default conf file should have an IfModule directive to load mod_ssl before trying to load mod_auth_cas

--- auth_cas.conf.old   2011-06-02 17:59:51.000000000 -0700
+++ auth_cas.conf       2011-06-02 17:58:53.000000000 -0700
@@ -2,5 +2,8 @@
 # mod_auth_cas is an Apache 2.0/2.2 compliant module that supports the
 # CASv1 and CASv2 protocols
 #
+<IfModule !mod_ssl.c>
+LoadModule ssl_module modules/mod_ssl.so
+</IfModule>
 
 LoadModule auth_cas_module modules/mod_auth_cas.so
Comment 3 Eric Eisenhart 2011-08-17 16:49:37 EDT
*** Bug 731547 has been marked as a duplicate of this bug. ***
Comment 4 Trey Dockendorf 2011-10-18 12:59:41 EDT
Added the mod_ssl IfModule directive to auth_cas.conf fixed this problem for me.
Comment 5 Fedora Update System 2011-10-18 13:47:20 EDT
mod_auth_cas-1.0.8.1-3.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/mod_auth_cas-1.0.8.1-3.el6
Comment 6 Fedora Update System 2011-10-24 11:37:34 EDT
Package mod_auth_cas-1.0.8.1-3.el6:
* should fix your issue,
* was pushed to the Fedora EPEL 6 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=epel-testing mod_auth_cas-1.0.8.1-3.el6'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2011-4731
then log in and leave karma (feedback).
Comment 7 Viorel Tabara 2011-11-03 18:28:54 EDT
The fix requires mod_ssl but the RPM package does not require it?

   $ rpm -qpRi mod_auth_cas-1.0.8.1-3.el6.i686.rpm
   config(mod_auth_cas) = 1.0.8.1-3.el6
   httpd  
   libc.so.6  
   libc.so.6(GLIBC_2.0)  
   libc.so.6(GLIBC_2.1.3)  
   libc.so.6(GLIBC_2.3.4)  
   libc.so.6(GLIBC_2.4)  
   rpmlib(CompressedFileNames) <= 3.0.4-1
   rpmlib(FileDigests) <= 4.6.0-1
   rpmlib(PayloadFilesHavePrefix) <= 4.0-1
   rtld(GNU_HASH)  
   rpmlib(PayloadIsXz) <= 5.2-1
   Name        : mod_auth_cas                 Relocations: (not relocatable)
   Version     : 1.0.8.1                           Vendor: Fedora Project
   Release     : 3.el6                         Build Date: Tue 18 Oct 2011 11:42:09 AM MDT
   Install Date: (not installed)               Build Host: x86-17.phx2.fedoraproject.org
   Group       : System Environment/Daemons    Source RPM: mod_auth_cas-1.0.8.1-3.el6.src.rpm
   Size        : 55906                            License: GPLv3+ with exceptions
   Signature   : (none)
   Packager    : Fedora Project
   URL         : http://www.ja-sig.org/wiki/display/CASC/mod_auth_cas
   Summary     : Apache 2.0/2.2 compliant module that supports the CASv1 and CASv2 protocols
   Description :
   mod_auth_cas is an Apache 2.0/2.2 compliant module that supports the CASv1
   and CASv2 protocols
Comment 8 Trey Dockendorf 2011-11-03 19:12:10 EDT
That fixes this but I get this warning when restarting apache
-------------

# service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd: [Thu Nov 03 18:09:24 2011] [warn] module ssl_module is already loaded, skipping
                                                           [  OK  ]


To solve I added this to my ssl.conf
-------------
<IfModule !mod_ssl.c>
        LoadModule ssl_module modules/mod_ssl.so
</IfModule>

I also noticed the same thing, that mod_auth_cas does not automatically require mod_ssl in yum.
Comment 9 Aaron Howell 2013-01-24 01:02:39 EST
Created attachment 686472 [details]
SRPM for version 1.0.9.1

I have created a RPM for ourselves based off of 1.0.8.1 SRPM - I've updated to the lastest release (1.0.9.1) available from github and patched in a further fix for a build issue. It appears the "SSL_connect" issue has been resolved in this version for 6.1
Comment 10 Fedora Update System 2016-09-02 18:28:42 EDT
mod_auth_cas-1.1-3.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d103f54e1
Comment 11 Fedora Update System 2016-09-02 18:28:57 EDT
mod_auth_cas-1.1-3.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f10bc2847b
Comment 12 Fedora Update System 2016-09-02 18:29:07 EDT
mod_auth_cas-1.1-3.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe566c7cc3
Comment 13 Fedora Update System 2016-09-02 18:29:15 EDT
mod_auth_cas-1.1-3.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-658421e322
Comment 14 Fedora Update System 2016-09-02 18:29:23 EDT
mod_auth_cas-1.1-3.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bdffaa7e00
Comment 15 Fedora Update System 2016-09-03 21:17:40 EDT
mod_auth_cas-1.1-3.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bdffaa7e00
Comment 16 Fedora Update System 2016-09-03 21:17:49 EDT
mod_auth_cas-1.1-3.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f10bc2847b
Comment 17 Fedora Update System 2016-09-03 21:19:27 EDT
mod_auth_cas-1.1-3.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-658421e322
Comment 18 Fedora Update System 2016-09-03 21:21:32 EDT
mod_auth_cas-1.1-3.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-7d103f54e1
Comment 19 Fedora Update System 2016-09-03 21:23:52 EDT
mod_auth_cas-1.1-3.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-fe566c7cc3
Comment 20 Fedora Update System 2016-09-23 12:26:04 EDT
mod_auth_cas-1.1-3.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
Comment 21 Fedora Update System 2016-09-23 15:19:26 EDT
mod_auth_cas-1.1-3.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.
Comment 22 Fedora Update System 2016-09-23 15:49:40 EDT
mod_auth_cas-1.1-3.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report.
Comment 23 Fedora Update System 2016-09-23 19:21:36 EDT
mod_auth_cas-1.1-3.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.