Apache 2.4 with OpenSSL 1.1.0

Started by Gregg, March 14, 2017, 08:51:06 PM

Previous topic - Next topic

Gregg

Work continues by the Apache developers on getting Apache 2.4 working with OpenSSL 1.1.0.

What seems to work so far:
httpd, yes mod_ssl will now build and seems to work fine with OpenSSL 1.1.0.

What does seems not to work yet:
abs, it builds but at this point it doesn't seem to work, not for me anyway.
apr_crypto_openssl.dll doesn't build (it's a different project of the ASF than the server) so there is no chance for mod_session_crypto at this time.

I have VC14 x86 & x64 preview builds for testing.

If anyone would like to take one for a spin reply to this post and I'll send you a link.


DnvrSysEngr

I am game for it.  Send me the link.  I will test it out and see what works, is broken, etc.

-S


Gregg

I've got it building now. It was a "duh" moment and I used apr 1.5 when building these.

DnvrSysEngr


Gregg

Try for Monday morning.
This time I might include some extras.
mod_brotli which will be added to 2.4 once brotli comes out with a new release (git-brotli-master works now).
mod_socache_redis (the ASF's version) which will be added to 2.4 once APR 1.6 is released.
As you can see by this thread, you're the only brave guinea pig :)
Liking Cha Cha?

DnvrSysEngr

Nothing wrong with living on the edge.  I can say that I have not encountered any issues with the 2.4.26-Dev build you provided.

I be back from vacation on Monday and will be looking forward to trying out a new build.  Cha cha cha.

Jan-E

Quote from: Gregg on March 23, 2017, 06:33:42 PM
As you can see by this thread, you're the only brave guinea pig :)

The only one that was interested in your builds. There might have been others that built Apache 2.4 from http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-openssl-1.1.0-compat/

Quote from: Gregg on March 23, 2017, 06:33:42 PM
Liking Cha Cha?

What is the current status of ChaCha in terms of browser support? Is Firefox already supporting it?

Gregg

The latest FF certainly does. Not the ESR (45).
Pale Moon and Vivaldi do.
IIRC the Chrome on one of the Linux Live DVDs I tried yesterday did.
The Midori on Bodhi Linux at lease did AES256-GCM384

Qualys says these do:
FF 47+
Chrome 49+
Android 7

IE/Edge, Safari: AES256-GCM384

The big looser is FF ESR:  ECDHE-RSA-AES128-GCM-SHA256

Edit: Afterthought
The LibreSSL builds have chacha.

DnvrSysEngr

Ran ChaCha with 2.4.25 build with LibreSSL and all nightly/dev builds of browsers agreed with it

Gregg

#10
New proper build (r1) with APR/APR-Util 1.6.0-dev is there.
Includes mod_brotli and mod_socache_redis this time.
I only built x64.
Same Bat time, same Bat channel.

Jan-E

#11
Send me the link, please

Frankiesay

can u send me a link too and thanks alot!

DnvrSysEngr

One minor error on the Index.html page.  Link should be for <a href="/modules.lua">Loaded Modules</a>,  it is typed as modues.lua - missing the l in modules.  Darn typo error.

Gregg

I thought I fixed that before I zipped it up. Oh well, not life threatening.

@Frankiesay, I have sent you a PM on this forum with the link.