httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 53029] New: Segmentation fault when no cookie is present
Date Tue, 03 Apr 2012 16:32:00 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=53029

             Bug #: 53029
           Summary: Segmentation fault when no cookie is present
           Product: Apache httpd-2
           Version: 2.4.1
          Platform: Macintosh
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_session_dbd
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: chris@cxtsoftware.com
    Classification: Unclassified


I am trying to use mod_session_dbd to store our session information (from
mod_auth_form) in our DB. We had previously been using mod_session_cookie which
was working just fine. Once we switched to mod_session_dbd we started getting
segfaults while running httpd (with no error message) whenever we rebooted our
machines.

After some trial and error it turns out that the segfault occurs because there
is no cookie for the site using mod_session_dbd present in the browser. You can
recreate the problem very easily by enabling mod_session_dbd and deleting any
cookies for your site from your browser then trying to load a page. To "fix"
the problem you can enable mod_session_cookie, go to the site (which generates
a cookie), shutdown httpd, re-enable mod_session_dbd and go to the site. This
time it will work and you can see the cookie be renamed and changed based on
mod_session_dbd. But if you delete that cookie and restart httpd the segfaults
will return.

Another weird item is the first time you load the page after enabling
mod_session_dbd (with a cookie present from mod_session_cookie) the guid saves
in the cookie and DB is all zeros. The next time you load the page it gets a
random guid.

mod_session_dbd config:

DBDPrepareSQL "DELETE FROM apache_session WHERE id = %s" deletesession
DBDPrepareSQL "UPDATE apache_session SET value = %s, expiry = %lld WHERE id =
%s" updatesession
DBDPrepareSQL "INSERT INTO apache_session (value, expiry, id) VALUES (%s, %lld,
%s)" insertsession
DBDPrepareSQL "SELECT value FROM apache_session WHERE id = %s AND (expiry = 0
OR expiry > %lld)" selectsession
DBDPrepareSQL "DELETE FROM apache_session WHERE expiry != 0 AND expiry < %lld"
cleansession

LoadModule session_module modules/mod_session.so
LoadModule session_dbd_module modules/mod_session_dbd.so
#LoadModule session_cookie_module modules/mod_session_cookie.so
LoadModule session_crypto_module modules/mod_session_crypto.so

Session On
SessionCryptoPassphrase secret
#SessionCookieName session path=/
SessionDBDCookieName session path=/

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message