You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2002/06/07 13:29:39 UTC
DO NOT REPLY [Bug 9689] New: -
httpd core dumps on certain configuration errors.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9689>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=9689
httpd core dumps on certain configuration errors.
Summary: httpd core dumps on certain configuration errors.
Product: Apache httpd-2.0
Version: 2.0.36
Platform: Sun
OS/Version: Solaris
Status: NEW
Severity: Major
Priority: Other
Component: mod_ssl
AssignedTo: bugs@httpd.apache.org
ReportedBy: solomon@conceptshopping.com
Apache 2.0.36 core dumps on certain configuration errors.
platform:
SunOS concept 5.7 Generic_106541-14 sun4u sparc SUNW,Ultra-60
Configured with
./configure --enable-ssl
In ssl.conf, I mistakenly had two SSLCertificateFile lines.
SSLCertificateFile /usr/local/apache2/conf/www.crt
SSLCertificateFile /usr/local/apache2/conf/www.key
(the second one was supposed to be SSLCertificateKeyFile).
I started it from apachectl via "startssl" which invokes httpd with -DSSL
and it core-dumped.
Here's the stack trace:
#0 apr_file_write (thefile=0x0, buf=0x1427c8, nbytes=0xffbed71c)
at readwrite.c:225
#1 0xff33fb14 in apr_file_puts (
str=0x1427c8 "Apache:mod_ssl:Error: Private key not found.\n", thefile=0x0)
at readwrite.c:340
#2 0xff33fc94 in apr_file_printf (fptr=0x0,
format=0x2d <Address 0x2d out of bounds>) at readwrite.c:409
#3 0x3c9e0 in ssl_pphrase_Handle (s=0xb76d0, p=0xee110)
at ssl_engine_pphrase.c:442
#4 0x36aa8 in ssl_init_Module (p=0xb4028, plog=0xec108, ptemp=0xee110,
base_server=0xb76d0) at ssl_engine_init.c:281
#5 0x5dd24 in ap_run_post_config (pconf=0xb4028, plog=0xec108, ptemp=0xee110,
s=0xb76d0) at config.c:129
#6 0x62918 in main (argc=2, argv=0xffbefa24) at main.c:579
Ignore the "<Address 0x2d out of bounds>", which appears to be gdb confused by
varargs. The key point is the call at ssl_engine_pphrase.c:442:
apr_file_printf(writetty,
"Apache:mod_ssl:Error: Pass phrase incorrect.\n");
At this ponit, writetty is NULL. The only assignment to writetty is at line
581 in ssl_pipe_child_create, and this function has never been called.
The only call to ssl_pipe_child_create is in ssl_pphrase_Handle_CB.
There are no direct calls to this function, but it's passed as an argument
to SSL_read_PrivateKey and thence to modssl_PEM_read_bio_PrivateKey
which is a macro for PEM_read_bio_PrivateKey, which is also a macro (in ssl)
for PEM_ASN1_read_bio. Burried deep in the file ssleay.txt, which is included
with the openssl sources, I found this:
If the data is encrypted, 'cb' will be called to prompt for a password.
Apparently, in my case, the data is not encrypted, so "cb" (in this case
ssl_pphrase_Handle_CB) is never called, so writetty is never initialized.
Fix: I'm not exactly sure. This logic is too convoluted for me to follow.
Work-around: Don't make mistakes in the .conf files :-).
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org