httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: [BUG] mod_ssl
Date Fri, 21 Sep 2001 13:52:01 GMT
From: "Sander Striker" <striker@apache.org>
Sent: Friday, September 21, 2001 4:45 AM


> Sorry to bring this up, but I tripped over a segfault
> in mod_ssl while trying to add client authentication
> to subversion.
> 
> I can't reproduce this with openssl s_client, which
> makes the issue harder.  There probably is a bug somewhere
> in svn or neon (or my usage of that), but that doesn't
> really matter, segfaults should never happen.  I'll try to
> come up with a simple repro recipe, but right now, there isn't
> one without installing subversion and doing mods to that.

There is one of a dozen things going on.  Let's drop a few.

Would you try disabling includes on /error/ documents, then
drop the error documents altogether, and let us know if you
don't die() with an error if things come out alright?

I suspect it's the internal redirct that has lost some state
back from the original connection/request, or worse (and my
fear) that due to the client mis-validation - we've broken the
ssl state or never completed the ssl setup, allowing us to die
with error feedback to the misvalidated client.

Try dropping mod_include and let's see what that accomplishes.

Bill


Mime
View raw message