You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2002/06/07 13:29:39 UTC

DO NOT REPLY [Bug 9689] New: - httpd core dumps on certain configuration errors.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9689>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9689

httpd core dumps on certain configuration errors.

           Summary: httpd core dumps on certain configuration errors.
           Product: Apache httpd-2.0
           Version: 2.0.36
          Platform: Sun
        OS/Version: Solaris
            Status: NEW
          Severity: Major
          Priority: Other
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: solomon@conceptshopping.com


Apache 2.0.36 core dumps on certain configuration errors.

platform:
    SunOS concept 5.7 Generic_106541-14 sun4u sparc SUNW,Ultra-60

Configured with
    ./configure --enable-ssl

In ssl.conf, I mistakenly had two SSLCertificateFile lines.
    SSLCertificateFile /usr/local/apache2/conf/www.crt
    SSLCertificateFile /usr/local/apache2/conf/www.key
(the second one was supposed to be SSLCertificateKeyFile).

I started it from apachectl via "startssl" which invokes httpd with -DSSL
and it core-dumped.

Here's the stack trace:

#0  apr_file_write (thefile=0x0, buf=0x1427c8, nbytes=0xffbed71c)
    at readwrite.c:225
#1  0xff33fb14 in apr_file_puts (
    str=0x1427c8 "Apache:mod_ssl:Error: Private key not found.\n", thefile=0x0)
    at readwrite.c:340
#2  0xff33fc94 in apr_file_printf (fptr=0x0, 
    format=0x2d <Address 0x2d out of bounds>) at readwrite.c:409
#3  0x3c9e0 in ssl_pphrase_Handle (s=0xb76d0, p=0xee110)
    at ssl_engine_pphrase.c:442
#4  0x36aa8 in ssl_init_Module (p=0xb4028, plog=0xec108, ptemp=0xee110, 
    base_server=0xb76d0) at ssl_engine_init.c:281
#5  0x5dd24 in ap_run_post_config (pconf=0xb4028, plog=0xec108, ptemp=0xee110, 
    s=0xb76d0) at config.c:129
#6  0x62918 in main (argc=2, argv=0xffbefa24) at main.c:579

Ignore the "<Address 0x2d out of bounds>", which appears to be gdb confused by
varargs.  The key point is the call at ssl_engine_pphrase.c:442:

    apr_file_printf(writetty,
        "Apache:mod_ssl:Error: Pass phrase incorrect.\n");

At this ponit, writetty is NULL.  The only assignment to writetty is at line
581 in ssl_pipe_child_create, and this function has never been called.
The only call to ssl_pipe_child_create is in ssl_pphrase_Handle_CB.
There are no direct calls to this function, but it's passed as an argument
to SSL_read_PrivateKey and thence to modssl_PEM_read_bio_PrivateKey
which is a macro for PEM_read_bio_PrivateKey, which is also a macro (in ssl)
for PEM_ASN1_read_bio.  Burried deep in the file ssleay.txt, which is included
with the openssl sources, I found this:

    If the data is encrypted, 'cb' will be called to prompt for a password.

Apparently, in my case, the data is not encrypted, so "cb" (in this case
ssl_pphrase_Handle_CB) is never called, so writetty is never initialized.

Fix:  I'm not exactly sure.  This logic is too convoluted for me to follow.

Work-around:  Don't make mistakes in the .conf files :-).

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org