В репозиторий добавлен Apache httpd 2.4.54-1 с поддержкой сжатия brotli от Google, mod_http2 2.0.2 для Red Hat Enterprise Linux, Rocky Linux, Alma Linux и CentOS. Mod_ssl собран динамически с OpenSSL 1.1.1o.
Исправлена уязвимость CVE-2022-26377: Apache HTTP Server: mod_proxy_ajp: Possible request smuggling.
Заметим, что httpd 2.4.54 поддерживает TLS 1.3 при сборке с OpenSSL 1.1.1. Все новые шифры включены и работают.
C версии 2.4.54-2 мы собираем OpenSSL+QUIC 1.1.1 отдельно, он устанавливается в /lib64 отдельно с суффиксом .so.81.1.1 и никак не затрагивает системные библиотеки.
Для установки в EL8 нужно включить соответствующий Module stream:
dnf module enable -y httpd:codeit
TLS 1.3 final на сегодня работает в Google Chrome 70+ и Mozilla Firefox 63+.
Для работы с SELinux в rpm включена соответствующая минимальная политика.
Модуль brotli уже включён в базовый RPM. Всё, что нужно — настроить фильтр
AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript
Hello,
I am just curious if you are aware of any troubles with the repo? Possible corruption maybe? I running into a Content-Length issue when trying to pull down packages.
——
Downloading Packages:
[MIRROR] httpd-filesystem-2.4.54-1.module_codeit.codeit.el8.noarch.rpm: Interrupted by header callback: Server reports Content-Length: 33590 but expected size is: 33598
(1/11): apr-1.7.0-2.el8.x86_64.rpm 772 kB/s | 129 kB 00:00
[MIRROR] httpd-tools-2.4.54-1.module_codeit.codeit.el8.x86_64.rpm: Interrupted by header callback: Server reports Content-Length: 102586 but expected size is: 102582
[MIRROR] httpd-filesystem-2.4.54-1.module_codeit.codeit.el8.noarch.rpm: Interrupted by header callback: Server reports Content-Length: 33590 but expected size is: 33598
(2/11): httpd-2.4.54-1.module_codeit.codeit.el8.x86_64.rpm 3.6 MB/s | 1.5 MB 00:00
[MIRROR] httpd-tools-2.4.54-1.module_codeit.codeit.el8.x86_64.rpm: Interrupted by header callback: Server reports Content-Length: 102586 but expected size is: 102582
[FAILED] httpd-tools-2.4.54-1.module_codeit.codeit.el8.x86_64.rpm: No more mirrors to try — All mirrors were already tried without success
(4-5/11): mod_http2-2.0.2-1.codeit.el8.x86_64.rpm 44% [===============================================- ] 901 kB/s | 1.7 MB 00:02 ETA
The downloaded packages were saved in cache until the next successful transaction.
You can remove cached packages by executing ‘yum clean packages’.
Error: Error downloading packages:
httpd-tools-2.4.54-1.module_codeit.codeit.el8.x86_64: Cannot download, all mirrors were already tried without success
——
Thanks for your time!
Hello, no, we do not have information about the issues, thanks for reporting!
Could you provide more information on repository? Is this «stable» or «testing» EL8 repo?
You bet.
I am running a Rocky Linux VM (kvm/qemu). The repo file looks like this…
[CodeIT]
name=CodeIT repo
baseurl=https://repo.codeit.guru/packages/centos/$releasever/$basearch
enabled=1
gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-MasterOfDevon
gpgcheck=1
[CodeIT-mainline]
name=CodeIT mainline repo
baseurl=https://repo.codeit.guru/packages/mainline/centos/$releasever/$basearch
enabled=1
gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-MasterOfDevon
gpgcheck=1
[CodeIT-testing]
name=CodeIT testing repo
baseurl=https://repo.codeit.guru/packages/testing/$releasever/$basearch
enabled=0
gpgkey=https://repo.codeit.guru/RPM-GPG-KEY-MasterOfDevon
gpgcheck=1
I am trying to test out some packages, and how they work with each other before I upgrade my live systems.
I appreciate your response and all your efforts, thank you!!
I just jumped back in and tested it, and it seems to be working well now. If you threw your time at this, and I appreciate it very much!
Thank you!
——
Total download size: 3.8 M
Installed size: 9.9 M
Is this ok [y/N]: y
Downloading Packages:
(1/11): apr-1.7.0-2.el8.x86_64.rpm 308 kB/s | 129 kB 00:00
(2/11): httpd-filesystem-2.4.54-1.module_codeit.codeit.el8.noarch.rpm 78 kB/s | 33 kB 00:00
(3/11): httpd-tools-2.4.54-1.module_codeit.codeit.el8.x86_64.rpm 497 kB/s | 100 kB 00:00
(4/11): mod_http2-2.0.2-1.codeit.el8.x86_64.rpm 613 kB/s | 153 kB 00:00
(5/11): apr-util-1.6.1-6.el8.1.x86_64.rpm 27 MB/s | 104 kB 00:00
(6/11): apr-util-bdb-1.6.1-6.el8.1.x86_64.rpm 14 MB/s | 23 kB 00:00
(7/11): apr-util-openssl-1.6.1-6.el8.1.x86_64.rpm 18 MB/s | 26 kB 00:00
(8/11): mailcap-2.1.48-3.el8.noarch.rpm 26 MB/s | 38 kB 00:00
(9/11): rocky-logos-85.0-4.el8.x86_64.rpm 65 MB/s | 328 kB 00:00
(10/11): httpd-2.4.54-1.module_codeit.codeit.el8.x86_64.rpm 1.7 MB/s | 1.5 MB 00:00
(11/11): openssl-quic-libs-1.1.1o-1.codeit.el8.x86_64.rpm 3.6 MB/s | 1.4 MB 00:00
—————————————————————————————————————————————————————————————————————————————————————-
Total 3.7 MB/s | 3.8 MB 00:01
Installed:
apr-1.7.0-2.el8.x86_64 apr-util-1.6.1-6.el8.1.x86_64 apr-util-bdb-1.6.1-6.el8.1.x86_64 apr-util-openssl-1.6.1-6.el8.1.x86_64 httpd-2.4.54-1.module_codeit.codeit.el8.x86_64
httpd-filesystem-2.4.54-1.module_codeit.codeit.el8.noarch httpd-tools-2.4.54-1.module_codeit.codeit.el8.x86_64 mailcap-2.1.48-3.el8.noarch mod_http2-2.0.2-1.codeit.el8.x86_64 openssl-quic-libs-1.1.1o-1.codeit.el8.x86_64
rocky-logos-85.0-4.el8.x86_64
——
Thank you for the confirmation!