[Bug 1659252] Re: AC openssl library version mismatch in apache

Elan Ruusamäe 1659252 at bugs.launchpad.net
Wed Jan 25 19:31:41 CET 2017 

apache doesn't link with openssl. this is pristine install with apache
only:

bash-3.2# ldd /usr/sbin/httpd.prefork 
        libpcre.so.0 => /lib64/libpcre.so.0 (0x00007f84be254000)
        libaprutil-1.so.0 => /usr/lib64/libaprutil-1.so.0 (0x00007f84be033000)
        libapr-1.so.0 => /usr/lib64/libapr-1.so.0 (0x00007f84bde08000)
        libpthread.so.0 => /lib64/tls/libpthread.so.0 (0x00007f84bdcf3000)
        libc.so.6 => /lib64/tls/libc.so.6 (0x00007f84bdacd000)
        libexpat.so.0 => /usr/lib64/libexpat.so.0 (0x00007f84bd9aa000)
        libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00007f84bd873000)
        libuuid.so.1 => /lib64/libuuid.so.1 (0x00007f84bd66f000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007f84bd56c000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f84be487000)
bash-3.2#

even installing apache-mod_ssl does not make apache binary link with
openssl (it's dynamically loaded module)

bash-3.2# rpm -q apache-mod_ssl               
apache-mod_ssl-2.2.32-1.amd64
bash-3.2# ldd /usr/sbin/httpd.prefork |grep ssl
bash-3.2# ldd /usr/sbin/httpd.prefork |grep -c ssl
0
bash-3.2# 

what other apache packages you have installed?
$ rpm -qa '*apache*'

or or maybe nss configuration affects?
$ cat /etc/nsswitch.conf

also post objdump output to see what is httpd binary directly linking
against:

$ objdump -p /usr/sbin/httpd.prefork

-- 
You received this bug notification because you are subscribed to PLD
Linux.
https://bugs.launchpad.net/bugs/1659252

Title:
  AC openssl library version mismatch in apache

Status in PLD Linux:
  New

Bug description:
  In AC Apache binary and mod_ssl have different openssl library
  compiled in causing SSL vhost to stop working. Any "SSLEngine On"
  directive causes following error "Unable to initialize TLS servername
  extension callback (incompatible OpenSSL version?)" and prevent apache
  to start.

  /usr/sbin/httpd.prefork -v       
  Server version: Apache/2.2.32 (PLD/Linux)
  Server built:   Jan 16 2017 17:14:55

  ldd /usr/sbin/httpd.prefork | grep ssl
          libssl.so.0.9.7 => /usr/lib/libssl.so.0.9.7 (0xb7c9b000)

  ldd /usr/lib/apache/mod_ssl.so | grep ssl
          libssl.so.1.0.0 => /lib/libssl.so.1.0.0 (0xb7eeb000)

  
  Apache should be recompiled using 1.0.2 openssl

To manage notifications about this bug go to:
https://bugs.launchpad.net/pld-linux/+bug/1659252/+subscriptions

More information about the pld-bugs mailing list