Bug#877343: marked as done (apache2: please include mod_md patch in apache2)

To: Ondřej Surý <ondrej@debian.org>
Subject: Bug#877343: marked as done (apache2: please include mod_md patch in apache2)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Mon, 23 Oct 2017 15:21:14 +0000
Message-id: <[🔎] handler.877343.D877343.150877193513302.ackdone@bugs.debian.org>
Reply-to: 877343@bugs.debian.org
References: <E1e6eVB-000BG7-Jn@fasolo.debian.org> <87ing0hzc8.fsf@c3pio.deuxchevaux.org>

Your message dated Mon, 23 Oct 2017 15:18:53 +0000
with message-id <E1e6eVB-000BG7-Jn@fasolo.debian.org>
and subject line Bug#877343: fixed in apache2 2.4.29-1
has caused the Debian Bug report #877343,
regarding apache2: please include mod_md patch in apache2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
877343: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877343
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: libapache2-mod-md: Doesn't seem to work at all: "AH02572: Failed to configure at least one certificate and key" (seems to require a patched version of mod_ssl / apache2)
From: Axel Beckert <abe@debian.org>
Date: Sat, 30 Sep 2017 19:26:47 +0200
Message-id: <87ing0hzc8.fsf@c3pio.deuxchevaux.org>

Package: libapache2-mod-md
Version: 0.9.0-1
Severity: grave

Dear Ondřej,

I've installed libapache2-mod-md on a machine (Raspberry Pi) running
Debian Unstable where apache2 was already installed.

I've disabled all previous site configurations and wrote a new site
configuration from scratch and only enabled that site:

---8<---
ServerAdmin abe@deuxchevaux.org
ServerName ….deuxchevaux.org
ManagedDomain ….deuxchevaux.org

# Requires libapache2-mod-md ≥ 0.9.4
#MDRequireHttps temporary

DocumentRoot /var/www/html

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

<VirtualHost *:80>
    Protocols h2 h2c http/1.1
</VirtualHost>

<IfModule mod_ssl.c>
<VirtualHost *:443>
    Protocols h2 http/1.1

    SSLEngine on
</VirtualHost>
</IfModule>
--->8---

"apache2ctl configtest" said that everything is fine: "Syntax OK".

Upon "service apache2 restart" I though got the following lines in the
error.log:

---8<---
[Sat Sep 30 18:39:45.407137 2017] [ssl:emerg] [pid 4976:tid 1995292672] AH02572: Failed to configure at least one certificate and key for ….deuxchevaux.org:443 
[Sat Sep 30 18:39:45.407356 2017] [ssl:emerg] [pid 4976:tid 1995292672] SSL Library Error: error:02001002:system library:fopen:No such file or directory (fopen('/etc/apache2/md/domains/….deuxchevaux.org/privkey.pem','r')) 
[Sat Sep 30 18:39:45.407449 2017] [ssl:emerg] [pid 4976:tid 1995292672] SSL Library Error: error:2006D080:BIO routines:BIO_new_file:no such file 
[Sat Sep 30 18:39:45.407621 2017] [ssl:emerg] [pid 4976:tid 1995292672] SSL Library Error: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned 
[Sat Sep 30 18:39:45.407675 2017] [ssl:emerg] [pid 4976:tid 1995292672] AH02312: Fatal error initialising mod_ssl, exiting. 
AH00016: Configuration Failed 
--->8---

According to https://github.com/icing/mod_md/wiki/2.4.x-Installation,
this module needs either Apache 2.5/2.6 (not yet in Debian) or a patched
Apache 2.4, otherwise I'd get the AH02572 error message and an SSL
Library Error. Which I got, see above.

So I checked apache2's changelog.Debian.gz for inclusion of such a patch
but found none. I also checked https://bugs.debian.org/src:apache2 for
an according request to include such a patch, but haven't found any
either.

So I assume that libapache2-mod-md is currently not usable at all with
plain Debian unstable.

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'unstable-debug'), (500, 'buildd-unstable'), (500, 'stable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental')
Architecture: armhf (armv7l)

Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages libapache2-mod-md depends on:
ii  apache2-bin [apache2-api-20120211]  2.4.27-6
ii  libapr1                             1.6.2-1
ii  libaprutil1                         1.6.0-2
ii  libc6                               2.24-17
ii  libcurl3-gnutls                     7.55.1-1
ii  libjansson4                         2.10-1
ii  libssl1.1                           1.1.0f-5

libapache2-mod-md recommends no packages.

libapache2-mod-md suggests no packages.

-- no debconf information

--- End Message ---

--- Begin Message ---

To: 877343-close@bugs.debian.org
Subject: Bug#877343: fixed in apache2 2.4.29-1
From: Ondřej Surý <ondrej@debian.org>
Date: Mon, 23 Oct 2017 15:18:53 +0000
Message-id: <E1e6eVB-000BG7-Jn@fasolo.debian.org>

Source: apache2
Source-Version: 2.4.29-1

We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 877343@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý <ondrej@debian.org> (supplier of updated apache2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 23 Oct 2017 14:46:55 +0000
Source: apache2
Binary: apache2 apache2-data apache2-bin apache2-utils apache2-suexec-pristine apache2-suexec-custom apache2-doc apache2-dev apache2-ssl-dev apache2-dbg
Architecture: source
Version: 2.4.29-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description:
 apache2    - Apache HTTP Server
 apache2-bin - Apache HTTP Server (modules and other binary files)
 apache2-data - Apache HTTP Server (common files)
 apache2-dbg - Apache debugging symbols
 apache2-dev - Apache HTTP Server (development headers)
 apache2-doc - Apache HTTP Server (on-site documentation)
 apache2-ssl-dev - Apache HTTP Server (mod_ssl development headers)
 apache2-suexec-custom - Apache HTTP Server configurable suexec program for mod_suexec
 apache2-suexec-pristine - Apache HTTP Server standard suexec program for mod_suexec
 apache2-utils - Apache HTTP Server (utility programs for web servers)
Closes: 877343 877524
Changes:
 apache2 (2.4.29-1) unstable; urgency=medium
 .
   [ Stefan Fritsch ]
   * Replace outdated dependency on dh-systemd
 .
   [ Ondřej Surý ]
   * New upstream version 2.4.29
   * Refresh quilt patches
   * Add mod_ssl_md patch needed for libapache2-mod-md (Closes: #877343)
   * Refresh patches on top of upstream release 2.4.29
   * Fix Apache crash on restarts (ASF Bug 61558)
   * Add deconfigure to the list of recognized scripts (Closes: #877524)
Checksums-Sha1:
 f790bca18a0a617858c01d1757e4b7de8030a72f 3152 apache2_2.4.29-1.dsc
 c6badd5f9bc3a951026c839d35ac05267612ff61 8638793 apache2_2.4.29.orig.tar.gz
 15053ba78f5039951d9e8677a286b7606ef45b77 706020 apache2_2.4.29-1.debian.tar.xz
 a690b45a97335ba5d07252c4d9180f317b5df863 9658 apache2_2.4.29-1_amd64.buildinfo
Checksums-Sha256:
 4f56721b020e1ff824906bed1336c366b4904dd35397847ebb5ee43fa4f40953 3152 apache2_2.4.29-1.dsc
 948e4a11278a5954698b880b30f401b1e9ab743713ee2c7280a54dd4ddd87085 8638793 apache2_2.4.29.orig.tar.gz
 0ec49849aa783327e9f676422f3dbf415838e57bad5e3fd157cb73dfa83e3d09 706020 apache2_2.4.29-1.debian.tar.xz
 4e2ad7bf437cbe5eb4a42b5d140fdb12c96d488e911df9d968809d3300c26395 9658 apache2_2.4.29-1_amd64.buildinfo
Files:
 422e741c09700c1bf27b76e5a3108898 3152 httpd optional apache2_2.4.29-1.dsc
 6380b0856658f07479fdcba9e20294a6 8638793 httpd optional apache2_2.4.29.orig.tar.gz
 d92a626e53e949e09042624d7f644d06 706020 httpd optional apache2_2.4.29-1.debian.tar.xz
 2c8dec618a3d3b899126086172c8c3ca 9658 httpd optional apache2_2.4.29-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEMLkz2A/OPZgaLTj7DJm3DvT8uwcFAlnuAmRfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDMw
QjkzM0Q4MEZDRTNEOTgxQTJEMzhGQjBDOTlCNzBFRjRGQ0JCMDcACgkQDJm3DvT8
uwcKlRAAy/z9Ajtu2k8XlvXQ+NZHu3Jhrv3Dq7tyrqG3yZpSDIiATR5fFVFOHvrJ
buD/Ul7a/na84XLgPmmHe6F1GR6wnSQSSK58eh6Of8PkjofTZ3Yp9GIoJxaOWORN
CC5YsPzeUxU7Eki1x7/CRqsD8emlIy7xlTQKGXzWz7pSxVna2CRKQlCyRd6U1zt+
AIVUrLoINs+K51mNPxU3mmRHbWBsIJovaCVCd6m+Th2Kz5PQhe+2XDjOTTeVxDUz
4KMhUPkc7l9BgZFheFIy6ZQekFo0XftlU96v8ao0RAvqzvKscVp2hq6PC+Kcjv6b
aonV/IFwsqz3vLavv3/ScqaiKvs4Nl1r8lEwH7aMbNgerwdZPFHDuZ9efvY3VDeI
br0tglfEEQbYcxT/D8gOh7WDIA8PurTgxlFFiXtY+WoDFLhF/DMYRelb+nIv+yMk
/yfHssBbNMEcY6CUUk/rGaEBb+XBI+/+2Rkyi18li6RByQDmxc7qLLggWVOuFMHG
JoBnaqljtkpK1cR0MP90VYiJHl1XdxjeMDQIYHGIRlIISBBifH3eU7wj1sK4aIe7
+KF434tXm22LSOjPNBw4bBlAXUYVaw+o0+Y0zkMuV/lm2RgD0i29CT1MbX/VGH7B
GxuWsmgZasnBKzGa8GPVs11t9QA1OpK1VjNx15PZX9sqmPj2fwI=
=gIsN
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: Processing of apache2_2.4.29-1_source.changes
Next by Date: apache2_2.4.29-1_source.changes ACCEPTED into unstable
Previous by thread: Processing of apache2_2.4.29-1_source.changes
Next by thread: apache2_2.4.29-1_source.changes ACCEPTED into unstable
Index(es):
- Date
- Thread