On Mon, Aug 20, 2018 at 08:34:16PM +0200, Marion & Christophe JAILLET wrote:
according to https://httpd.apache.org/docs/2.4/en/mod/mod_alias.html#alias,
Alias with-in a LocationMatch is allowed since 2.4.19.
If you can test and confirm, I'll update the test-framework accordingly.
yes, as far as I tested correctly, this is true from 2.4.20 on, 2.4.19
was not released, so I can not test.
BTW, glad to see someone tweaking our test framework.
Feel free to send any improvements and/or additional tests. They will be
added to the base in order to improve future releases.
And I should say big thank you for the test suite. It helps me every
security update in regression testing.
For curiosity, there is a apache-test spec running the testsuite
during build (the package results in no rpm):
and therefore testing the httpd in respective distros. I have similar
setup in internal build service instance, where I am testing httpd
BEFORE and AFTER each security update in several distros.
For one example, from link , the testsuite is failing for
openSUSE Leap 42.3, and this is because we backported http_strict
things, but had not noticed
which we now found thanks to the testsuite and we will be releasing
update in near future to fix that.
You can notice from the , we have around twenty patches, but almost
all are dedicated to get around issues in older distros, like 'we
ported something to older distros', which the testsuite can not know.
One thing I noticed is insufficient version checking of httpd version,
see attachments. Note we will still be supporting 2.2 branch for
certain amount of time in one of our distros, not sure though how much
the testsuite upstream should take it into account given that 2.2 is no
longer supported upstream. But at least SSLOCSPResponderCertificateFile
should be surrounded I think.
I have also issue with ocsp.t failing completely, but that needs more
Thanks again for the great testsuite!