В репозиторий добавлен Apache httpd 2.4.53-1 с поддержкой сжатия brotli от Google, mod_http2 2.0.2 для Red Hat Enterprise Linux, Rocky Linux, Alma Linux и CentOS. Mod_ssl собран динамически с OpenSSL 1.1.1m.
Ссылки:
Заметим, что httpd 2.4.53 поддерживает TLS 1.3 при сборке с OpenSSL 1.1.1. Все новые шифры включены и работают.
C версии 2.4.43-4 мы собираем OpenSSL отдельно, он устанавливается в /opt/codeit/openssl111 и никак не затрагивает системные библиотеки.
TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.
Для работы с SELinux в rpm включена соответствующая минимальная политика.
Модуль brotli уже включён в базовый RPM. Всё, что нужно — настроить фильтр
AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript
Hi Alexander,
I just updated my httpd (CentOS7) from the CodeIT repository today. But the headers show Apache 2.4.53 with OpenSSL-1.1.1l (instead of OpenSSL-1.1.1m), like this:
Apache/2.4.53 (codeit) OpenSSL/1.1.1l mod_fcgid/2.3.9 mod_nss/1.0.14 NSS/3.28.4 PHP/7.4.28
Could there be a mistake? Any chance that you will be releasing something with OpenSSL-1.1.1n (instead of m), soon?
Thanks,
Jonah
Hi Jonah,
Please run
yum upgrade openssl111-libsWe already have openssl 1.1.1n from the very first day of its release.
Hi Alexander,
Thank you very much for your solution. I have successfully followed your instructions and it has solved my problem.
Thank you for taking care of these OpenSSL things for all of us,
Jonah
Oh dear! I’m so sorry! I was unaware you are located in Ukraine. Stay stafe.
We are now working from the relatively safe place, so builds are on-time for now.
Ukrainian Army performs well, so we can continue the builds now.
I am so relieved that you are safe, and not only for my own selfish reasons for using CodeIT repo. I am genuinely happy that you are alive and healthy because you are such good people who are performing a valuable service that is available to the public for free.
Dear Alex stay safe.
i do however have question.
on my almalinux 8 machine i enable the codeit repo and then try to disabable the httpd module:
i then get this error:
AlmaLinux 8 — BaseOS 11 kB/s | 4.3 kB 00:00
AlmaLinux 8 — AppStream 12 kB/s | 4.7 kB 00:00
AlmaLinux 8 — Extras 9.9 kB/s | 3.9 kB 00:00
Remi’s RPM repository for Enterprise Linux 8 — x86_64 51 kB/s | 3.0 kB 00:00
Safe Remi’s RPM repository for Enterprise Linux 8 — x86_64 7.5 kB/s | 833 B 00:00
Error: Problems in request:
Modular dependency problems:
Problem: module php:7.2:8030020210119114311:2c7ca891.x86_64 requires module(httpd:2.4), but none of the providers can be installed
— conflicting requests
After that i get no update from codeit.
how can i fix this?
regards and the outmost respect,
Stefan
Dear Stefan,
Thanks!
Please also try to disable php module to install php from remi:
dnf module disable php