This bug also applies to EAP 6's distributed http packages. +++ This bug was initially created as a clone of Bug #971861 +++ Description of problem: OCSP (mod_ssl) does not properly handle responses properly to some responders. - If a responder sends null or blank data (but dose not close the connection) mod_ssl simply ends the response. Issue best described by: http://openssl.6102.n7.nabble.com/Decoding-OCSP-response-data-ASN1-D2I-READ-BIO-not-enough-data-td24437.html OCSP also does not work with an intermediate CA is in place (for Apache configuration) Issue best described by: https://issues.apache.org/bugzilla/show_bug.cgi?id=46037 Diff is attached for both issues as well as fixed the init script handling (it was changing files in the source directory which is really bad RPM practice). --- Additional comment from Eric Rich on 2013-06-07 08:56:51 EDT --- Also attaching test build of the patch. --- Additional comment from Misha H. Ali on 2013-06-10 01:03:58 EDT --- Is this a late addition for the JBEWS 2.0.1 release notes? Drafting a release note if this is the case. If not, please correct me. Setting need info for Wei Nan to confirm the above and to ACK the doc text. --- Additional comment from Jimmy Wilson on 2013-06-10 23:14:04 EDT --- Per Permaine, we're including this for 2.0.1 CR as well. I'm assuming that's acceptable to all. Please ACK for inclusion. --- Additional comment from Libor Fuka on 2013-06-24 02:57:37 EDT --- Verified on EWS 2.0.1 CR3 on Solaris 10,11 (Intel 32,64, SPARC), Windows 2008 (32, 64) and Windows 2008 R2 (64 bit) --- Additional comment from Michal Haško on 2013-06-26 04:54:13 EDT --- VERIFIED on - EWS 2.0.1 CR3 RHEL5 i386 zips - EWS 2.0.1 CR3 RHEL5 x86_64 zips - EWS 2.0.1 CR3 RHEL6 i386 zips - EWS 2.0.1 CR3 RHEL6 x86_64 zips - httpd-2.2.22-23.ep6.el5.src.rpm - httpd-2.2.22-23.ep6.el6.src.rpm --- Additional comment from Libor Fuka on 2013-06-28 03:50:26 EDT ---
zips here: https://bugzilla.redhat.com/show_bug.cgi?id=987851
Only relevant for RPMs, zip httpd is from EWS-2.0.1, which already includes this fix. VERIFIED during EAP-6.1.1-ER4 testing cycle: httpd-2.2.22-25.ep6.el5.src.rpm httpd-2.2.22-25.ep6.el6.src.rpm The patch is present and applied in srpm.