httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mathihalli, Madhusudan" <>
Subject RE: [PATCH ?] RE: SEGV in allocator_free
Date Thu, 25 Mar 2004 17:20:37 GMT

>-----Original Message-----
>From: Joe Orton []
>Are those who can reproduce this segfault using a reverse proxy to an
>SSL backend (i.e. SSLProxyEngine on)? 

Yes and No :)
Yes - I have the directive in the ssl.conf.
No - I'm not proxying to a SSL backend.

How to reproduce: 

sslswamp -connect IP:$APACHE_HOST:443 -session s \
         -time 61 -update 10 -expect 1000 -num 5 \
         -cipher RC4-SHA -CAfile /tmp/ca.crt     \
         -cert /tmp/client.crt -request $http_file

The httpd.conf is the standard stuff. The ssl.conf is as shown below :

<IfModule mod_disk_cache.c>
  CacheRoot "/opt/apache/logs/"
  CacheSize 5
  CacheGcInterval 4
  CacheMaxExpire 86400
  CacheLastModifiedFactor 0.1
  CacheDefaultExpire 1

<IfModule mod_ssl.c>

  # Extra MIME-types for downloading Certificates and CRLs
  AddType application/x-x509-ca-cert .crt
  AddType application/x-pkcs7-crl    .crl

  # Inter-Process Session Cache
  SSLSessionCache         shmcb:/opt/apache/logs/ssl_scache(512000)
  SSLSessionCacheTimeout  300

  # Semaphore location
  SSLMutex                file:/opt/apache/logs/ssl_mutex

  SSLPassPhraseDialog     builtin
  SSLRandomSeed startup   builtin
  SSLRandomSeed connect   builtin

  ## SSL Virtual Host Context

    ServerAdmin root@

    # Logging configuration (ErrorLog level is set for the global server)
    ErrorLog  /opt/apache/logs/error_log
    CustomLog /opt/apache/logs/access_log \
              "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    # SSL Engine Switch
    SSLEngine             on
    SSLCipherSuite        !ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    # SSL Proxy configuration
    SSLProxyEngine        on
    SSLProxyCipherSuite   !ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    # Server Certificate
    SSLCertificateFile    /opt/apache/conf/ssl.crt/server.crt

    # Server Private Key
    SSLCertificateKeyFile /opt/apache/conf/ssl.key/server.key

    # Certificate Authority (CA)
    SSLCACertificateFile  /opt/apache/conf/ssl.crt/ca.crt
    SSLCACertificatePath  /opt/apache/conf/ssl.crt/

    # Enable Client verification
    SSLVerifyClient require

    # Proxy all the requests to the backend server
    ProxyRequests    off
    ProxyVia         on
    ProxyPass        /
    ProxyPassReverse /

    <Proxy *>
      Order deny,allow
      Allow from all


View raw message