httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gregg Smith <...@gknw.net>
Subject Re: [VOTE] Release Apache httpd 2.4.8 as GA
Date Tue, 11 Mar 2014 21:46:35 GMT
On 3/11/2014 1:29 PM, Rainer Jung wrote:
> On 11.03.2014 17:34, Jim Jagielski wrote:
>> The pre-release test tarballs for Apache httpd 2.4.8 can be found
>> at the usual place:
>>
>> 	http://httpd.apache.org/dev/dist/
>>
>> I'm calling a VOTE on releasing these as Apache httpd 2.4.8 GA.
>>
>> [ ] +1: Good to go
>> [ ] +0: meh
>> [ ] -1: Danger Will Robinson. And why.
>>
>> Vote will last the normal 72 hrs.
>>
>> NOTE: The *-deps are only there for convenience.
> I get a segfault during startup init on www.apache.org when using SSL.
> This didn't happen for r1570851. Candidate is r1573360.

I'm seeing this with OpenSSL 0.9.8y on Windows.

> That server currently uses OpenSSL 1.0.1e.
>
> GDB:
>
> Program terminated with signal 11, Segmentation fault.
> #0  0x000000010287a19a in ssl_set_cert_masks () from
> /usr/local/lib/libssl.so.8
> (gdb) bt full
> #0  0x000000010287a19a in ssl_set_cert_masks () from
> /usr/local/lib/libssl.so.8
> No symbol table info available.
> #1  0x000000010287a6f6 in ssl_get_server_send_pkey () from
> /usr/local/lib/libssl.so.8
> No symbol table info available.
> #2  0x000000010287a7a9 in ssl_get_server_send_cert () from
> /usr/local/lib/libssl.so.8
> No symbol table info available.
> #3  0x0000000102616d2a in ssl_init_server_certs (pphrases=0x10226ab58,
> mctx=0x10227d938, ptemp=<optimized out>, p=<optimized out>, s=<optimized
> out>) at ssl_engine_init.c:959
> No locals.
> #4  ssl_init_server_ctx (pphrases=<optimized out>, sc=<optimized out>,
> ptemp=<optimized out>, p=<optimized out>, s=<optimized out>) at
> ssl_engine_init.c:1287
> No locals.
> #5  ssl_init_ConfigureServer (s=0x102277350, p=0x102023028,
> ptemp=0x102051028, sc=0x10227d7d8, pphrases=<optimized out>) at
> ssl_engine_init.c:1378
>          rv =<optimized out>
> #6  0x0000000102617cfc in ssl_init_Module (p=0x102023028,
> plog=<optimized out>, ptemp=0x102051028, base_server=0x10204dbe8) at
> ssl_engine_init.c:228
>          mc =<optimized out>
>          sc =<optimized out>
>          s = 0x102277350
>          rv = 0
>          pphrases = 0x10226ab58
> #7  0x000000000044965c in ap_run_post_config (pconf=0x102023028,
> plog=0x10204f028, ptemp=0x102051028, s=0x10204dbe8) at config.c:103
>          n = 4
>          rv =<optimized out>
> #8  0x000000000042afd7 in main (argc=9, argv=0x7fffffffd8c0) at main.c:696
>          c = 68 'D'
>          showcompile = 0
>          showdirectives = 0
>          confname = 0x7fffffffdbb7 "/.../conf/httpd.conf"
>          def_server_root = 0x4655c0 "/..."
>          temp_error_log = 0x0
>          error =<optimized out>
>          process = 0x102021118
>          pconf = 0x102023028
>          plog = 0x10204f028
>          ptemp = 0x102051028
>          pcommands = 0x102045028
>          opt = 0x102045118
>          rv =<optimized out>
>          opt_arg = 0x7fffffffdbfa "SSL"
>
> ...
>
> #3  0x0000000102616d2a in ssl_init_server_certs (pphrases=0x10226ab58,
> mctx=0x10227d938, ptemp=<optimized out>, p=<optimized out>, s=<optimized
> out>) at ssl_engine_init.c:959
> 959             if (!(ssl = SSL_new(mctx->ssl_ctx)) ||
>
> (gdb) print *pphrases
> $1 = {pool = 0x102051028, elt_size = 8, nelts = 0, nalloc = 2, elts =
> 0x10226ab78 ""}
>
> (gdb) print *mctx
> $2 = {sc = 0x10227d7d8, ssl_ctx = 0x102185600, pks = 0x10227da20, pkp =
> 0x0, ticket_key = 0x10227dab0, protocol = 6, pphrase_dialog_type =
> SSL_PPTYPE_BUILTIN,
>    pphrase_dialog_path = 0x0, cert_chain = 0x1022784c0 "/....crt",
> crl_path = 0x0, crl_file = 0x0,
>    crl_check_mode = SSL_CRLCHECK_UNSET, stapling_enabled = 0,
> stapling_resptime_skew = -1, stapling_resp_maxage = -1,
> stapling_cache_timeout = -1,
>    stapling_return_errors = 4294967295, stapling_fake_trylater =
> 4294967295, stapling_errcache_timeout = -1, stapling_responder_timeout =
> -1, stapling_force_url = 0x0,
>    srp_vfile = 0x0, srp_unknown_user_seed = 0x0, srp_vbase = 0x0, auth =
> {ca_cert_path = 0x0, ca_cert_file = 0x0,
>      cipher_suite = 0x102108d18 "...", verify_depth = 1, verify_mode =
> SSL_CVERIFY_NONE},
>    ocsp_enabled = 0, ocsp_force_default = 0, ocsp_responder = 0x0,
> ocsp_resptime_skew = -1, ocsp_resp_maxage = -1, ocsp_responder_timeout = -1}
>
> Config structure is roughly:
>
> <VirtualHost _default_:443>
>      ServerName ...
>      DocumentRoot ...
>      SSLEngine on
>      SSLCACertificateFile ....pem
>      SSLCertificateFile ....crt
>      SSLCertificateKeyFile ....key
>      SSLCertificateChainFile ....pem
> </VirtualHost>
>
> <VirtualHost *:443>
>     SSLEngine on
>     SSLCertificateFile ....crt
>     SSLCertificateKeyFile ....key
>     SSLCertificateChainFile ....crt
>
>     DocumentRoot ...
>     ServerName ...
>     ServerAlias ...
>     UseCanonicalName On
>
>     non-ssl config items
> </VirtualHost>
>
> <VirtualHost *:443>
>     ServerName ...
>     UseCanonicalName Off
>     VirtualDocumentRoot ...
>     VirtualScriptAlias ...
>     ServerAlias ...
>
>     SSLEngine on
>     SSLCertificateFile ....crt
>     SSLCertificateKeyFile ....key
>     SSLCertificateChainFile ....crt
>
>     non-ssl config items
> </VirtualHost>
>
> The certificates etc. in the three blocks are three different ones.
>
> I'll have a look what I can find out, just an early heads-up.
>
> Regards,
>
> Rainer


Mime
View raw message