httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 47808] Child process core dumps when enabling CRL
Date Wed, 09 Sep 2009 19:46:18 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=47808



--- Comment #8 from Ruediger Pluem <rpluem@apache.org> 2009-09-09 21:46:14 CEST ---
(In reply to comment #7)
> Not quite sure if I understood you correctly. If I disable debug log level,
> which is defined inside the ssl virtual host section, it defaults back to the
> warn level, defined globally. But the core dump still occurs.

Hm. I guess the crash happens now somewhat later in the code. Can you please
crosscheck the stacktrace of the dumps that get created with debug turned off?
Nevertheless the following patch should fix the segfault you reported and give
better output.

Index: modules/ssl/ssl_engine_kernel.c
===================================================================
--- modules/ssl/ssl_engine_kernel.c     (Revision 813083)
+++ modules/ssl/ssl_engine_kernel.c     (Arbeitskopie)
@@ -1457,10 +1457,20 @@
             X509_NAME_print(bio, issuer, 0);

             BIO_printf(bio, ", lastUpdate: ");
-            ASN1_UTCTIME_print(bio, X509_CRL_get_lastUpdate(crl));
+            if (X509_CRL_get_lastUpdate(crl)) {
+                ASN1_UTCTIME_print(bio, X509_CRL_get_lastUpdate(crl));
+            }
+            else {
+                BIO_printf(bio, "NULL");
+            }

             BIO_printf(bio, ", nextUpdate: ");
-            ASN1_UTCTIME_print(bio, X509_CRL_get_nextUpdate(crl));
+            if (X509_CRL_get_nextUpdate(crl)) {
+                ASN1_UTCTIME_print(bio, X509_CRL_get_nextUpdate(crl));
+            }
+            else {
+                BIO_printf(bio, "NULL");
+            }

             n = BIO_read(bio, buff, sizeof(buff) - 1);
             buff[n] = '\0';
@@ -1492,9 +1502,9 @@
         /*
          * Check date of CRL to make sure it's not expired
          */
-        i = X509_cmp_current_time(X509_CRL_get_nextUpdate(crl));
-
-        if (i == 0) {
+        if ((X509_CRL_get_nextUpdate(crl) == NULL)
+            || ((i = X509_cmp_current_time(X509_CRL_get_nextUpdate(crl)))
+                == 0)) {
             ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
                          "Found CRL has invalid nextUpdate field");



But your debug outputs show that the nextUpdate field of your CRL is empty
which is IMHO bad. So I guess your CRL needs fixing as well.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message