httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Minson, John M Mr ARMY GUEST" <john.min...@us.army.mil>
Subject Re: [users@httpd] using ldap secure causes core dump
Date Mon, 24 Nov 2008 19:00:02 GMT
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
note thi sis apache 2.2.10<br>
<br>
# ldd httpd<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libldap.so.5 =&gt;&nbsp;
/usr/lib/libldap.so.5<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libdl.so.1 =&gt;&nbsp;&nbsp;&nbsp;
/lib/libdl.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libssl.so.0.9.8 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/usr/local/ssl/lib/libssl.so.0.9.8<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libcrypto.so.0.9.8
=&gt;&nbsp;&nbsp;&nbsp;
/usr/local/ssl/lib/libcrypto.so.0.9.8<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libm.so.2 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;
/lib/libm.so.2<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libaprutil-1.so.0 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;
/usr/local/httpd/lib/libaprutil-1.so.0<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libexpat.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/usr/sfw/lib/libexpat.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libapr-1.so.0 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/usr/local/httpd/lib/libapr-1.so.0<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libuuid.so.1 =&gt;&nbsp;
/lib/libuuid.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libsendfile.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/lib/libsendfile.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; librt.so.1 =&gt;&nbsp;&nbsp;&nbsp;
/lib/librt.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libsocket.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/lib/libsocket.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libnsl.so.1 =&gt;&nbsp;&nbsp;
/lib/libnsl.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libpthread.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/lib/libpthread.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libc.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;
/lib/libc.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libsasl.so.1 =&gt;&nbsp;
/usr/lib/libsasl.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libmd.so.1 =&gt;&nbsp;&nbsp;&nbsp;
/lib/libmd.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libnspr4.so =&gt;&nbsp;&nbsp;
/usr/lib/mps/libnspr4.so<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libplc4.so =&gt;&nbsp;&nbsp;&nbsp;
/usr/lib/mps/libplc4.so<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libnss3.so =&gt;&nbsp;&nbsp;&nbsp;
/usr/lib/mps/libnss3.so<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libssl3.so =&gt;&nbsp;&nbsp;&nbsp;
/usr/lib/mps/libssl3.so<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libgcc_s.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/usr/local/lib/libgcc_s.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libgcc_s.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/usr/sfw/lib/libgcc_s.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libaio.so.1 =&gt;&nbsp;&nbsp;
/lib/libaio.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libmp.so.2 =&gt;&nbsp;&nbsp;&nbsp;
/lib/libmp.so.2<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libscf.so.1 =&gt;&nbsp;&nbsp;
/lib/libscf.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libthread.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/lib/libthread.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libsoftokn3.so =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/usr/lib/mps/libsoftokn3.so<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libplds4.so =&gt;&nbsp;&nbsp;
/usr/lib/mps/libplds4.so<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libdoor.so.1 =&gt;&nbsp;
/lib/libdoor.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libuutil.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/lib/libuutil.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libgen.so.1 =&gt;&nbsp;&nbsp;
/lib/libgen.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libbsm.so.1 =&gt;&nbsp;&nbsp;
/lib/libbsm.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libsecdb.so.1 =&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
/lib/libsecdb.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libtsol.so.2 =&gt;&nbsp;
/lib/libtsol.so.2<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; libcmd.so.1 =&gt;&nbsp;&nbsp;
/lib/libcmd.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /platform/SUNW,Sun-Fire-T200/lib/libc_psr.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /platform/SUNW,Sun-Fire-T200/lib/libmd_psr.so.1<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; /usr/lib/mps/cpu/sparcv8plus/libnspr_flt4.so<br>
<br>
ldd of mod_ssl and mod_authnz_ldap show nothing ? <br>
<br>
I think the issue is the 'libldap.so.5 =&gt;&nbsp; /usr/lib/libldap.so.5' .&nbsp;
This is pointing to the standard Solaris 10 ldap which I suspect was
built against the Solaris 10 ssl .<br>
<br>
I cannot get the apache config/make to pick up my install of open ldap
2.4.11 installed in /usr/local <br>
<br>
If I set LD_LIBRARY_PATH=/usr/local/lib the apache config gives me<br>
<br>
checking for ldap support...<br>
checking for ldap_init in -lldap50... no<br>
checking for ldap_init in -lldapssl41... no<br>
checking for ldap_init in -lldapssl40... no<br>
checking for ldap_init in -lldapssl30... no<br>
checking for ldap_init in -lldapssl20... no<br>
checking for ldap_init in -lldapsdk... no<br>
checking for ldap_init in -lldapsdk... no<br>
checking for ldap_init in -lldap... no<br>
checking for ldap_init in -lldap... no<br>
checking for ldap_init in -lldap... no<br>
checking for ldap_init in -lldap... no<br>
configure: error: could not find an LDAP library<br>
configure failed for srclib/apr-util<br>
<br>
<br>
<br>
<br>
Tom Evans wrote:
<blockquote cite="mid:1227546423.10955.44.camel@localhost" type="cite">
  <pre wrap="">On Mon, 2008-11-24 at 10:33 -0500, Minson, John M Mr ARMY GUEST wrote:
  </pre>
  <blockquote type="cite">
    <pre wrap="">If I attempt to use ldaps I get

[Mon Nov 24 10:19:07 2008] [debug] mod_authnz_ldap.c(582): [client 
150.125.168.140] ldap authorize: Creating LDAP req structure
[Mon Nov 24 10:19:15 2008] [notice] child pid 26129 exit signal 
Segmentation fault (11), possible coredump in /usr/local/httpd

Works fine in non-secure mode

Any ideas on what I can do get some more info on whats going on ?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <a class="moz-txt-link-rfc1738" href="http://httpd.apache.org/userslist.html">&lt;URL:http://httpd.apache.org/userslist.html&gt;</a>
for more info.
To unsubscribe, e-mail: <a class="moz-txt-link-abbreviated" href="mailto:users-unsubscribe@httpd.apache.org">users-unsubscribe@httpd.apache.org</a>
   "   from the digest: <a class="moz-txt-link-abbreviated" href="mailto:users-digest-unsubscribe@httpd.apache.org">users-digest-unsubscribe@httpd.apache.org</a>
For additional commands, e-mail: <a class="moz-txt-link-abbreviated" href="mailto:users-help@httpd.apache.org">users-help@httpd.apache.org</a>

    </pre>
  </blockquote>
  <pre wrap=""><!---->
Output of these commands please:

ldd /path/to/sbin/httpd
ldd /path/to/mod_ssl.so
ldd /path/to/mod_*ldap*.so

You almost certainly have httpd/mod_ssl linked to one OpenSSL library,
and mod_{,authnz_}ldap linked to another. Those commands should
demonstrate that. The solution is to rebuild/reinstall apache.

Tom


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <a class="moz-txt-link-rfc1738" href="http://httpd.apache.org/userslist.html">&lt;URL:http://httpd.apache.org/userslist.html&gt;</a>
for more info.
To unsubscribe, e-mail: <a class="moz-txt-link-abbreviated" href="mailto:users-unsubscribe@httpd.apache.org">users-unsubscribe@httpd.apache.org</a>
   "   from the digest: <a class="moz-txt-link-abbreviated" href="mailto:users-digest-unsubscribe@httpd.apache.org">users-digest-unsubscribe@httpd.apache.org</a>
For additional commands, e-mail: <a class="moz-txt-link-abbreviated" href="mailto:users-help@httpd.apache.org">users-help@httpd.apache.org</a>


  </pre>
</blockquote>
</body>
</html>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message