apache 2.4.23 (incl. patch) && OpsenSSL 1.1.0d: crash on Linux

[Matthias Apitz <gu...@unixarea.de>]

Hello,

I have the following host and build:

  SUSE Linux Enterprise Server 12 (x86_64) SP0

  apache: 2.4.23 with a patch for OpenSSL 1.1
  apr-1.5.2
  apr-util-1.5.4
  OpenSSL 1.1.0d

all the above compiled for 32-bit (because we are a software distributor and
have to support 32-bit hardware too).

This crashes on start of httpd with the gdb backtrace attached below. It
seems that the problem is coming down from a call within libapr-1.so or
mod_ssl.so 

The exact same suite works fine on Solaris SunOS 10.

What are the options? Do we have to recompile apache(...) with OpenSSL 1.0.x?

Thanks

	matthias


(gdb) bt
#0  0xf7fdb440 in __kernel_vsyscall ()
#1  0xf7d59477 in raise () from /lib/libc.so.6
#2  0xf7d5abce in abort () from /lib/libc.so.6
#3  0xf7d97ec8 in __libc_message () from /lib/libc.so.6
#4  0xf7d9e04a in malloc_printerr () from /lib/libc.so.6
#5  0xf7d9ed0d in _int_free () from /lib/libc.so.6
#6  0xf7b0795c in CRYPTO_free () from /usr/local/sisis-pap/lib/libcrypto.so.1.1
#7  0xf7a89480 in BN_clear_free () from /usr/local/sisis-pap/lib/libcrypto.so.1.1
#8  0xf7ab8488 in DH_free () from /usr/local/sisis-pap/lib/libcrypto.so.1.1
#9  0xf7c9412f in free_dh_params () from /usr/local/sisis-pap/apache/modules/mod_ssl.so
#10 0xf7c9905c in ssl_init_ModuleKill () from /usr/local/sisis-pap/apache/modules/mod_ssl.so
#11 0xf7f6da2e in run_cleanups () from /usr/local/sisis-pap/apache/lib/libapr-1.so.0
#12 0xf7f6cb6f in apr_pool_clear () from /usr/local/sisis-pap/apache/lib/libapr-1.so.0
#13 0x080702e0 in main ()


-- 
Matthias Apitz, \u2709 guru@unixarea.de, \u2302 http://www.unixarea.de/  \u260e +49-176-38902045

Re: apache 2.4.23 (incl. patch) && OpsenSSL 1.1.0d: crash on Linux

[Matthias Apitz <gu...@unixarea.de>]

El d�a lunes, marzo 20, 2017 a las 09:49:45a. m. +0100, Luca Toscano escribi�:

> > I have the following host and build:
> >
> >   SUSE Linux Enterprise Server 12 (x86_64) SP0
> >
> >   apache: 2.4.23 with a patch for OpenSSL 1.1
> >   apr-1.5.2
> >   apr-util-1.5.4
> >   OpenSSL 1.1.0d
> >
> > ...

> [sneaking in the dev@apr list, non authoritative answer but it might help]
> 
> Openssl 1.1.x support is now merged in the latest 2.4.x httpd branch and it
> will be included in the next release, but for 2.4.23 you'd need to use
> 1.0.x. You can check
> http://people.apache.org/~jorton/httpd-2.4.x-openssl110.patch if you want
> more details about what changed.

Hello,

Thanks. As I said I have had applied a patch, the one which was
published in https://bz.apache.org/bugzilla/show_bug.cgi?id=60061

But, now with the new patch it seems to be fine.

Thanks

	matthias
-- 
Matthias Apitz, \u2709 guru@unixarea.de, \u2302 http://www.unixarea.de/  \u260e +49-176-38902045

Re: apache 2.4.23 (incl. patch) && OpsenSSL 1.1.0d: crash on Linux

[Luca Toscano <to...@gmail.com>]

Hello Matthias,

2017-03-20 7:43 GMT+01:00 Matthias Apitz <gu...@unixarea.de>:

>
> Hello,
>
> I have the following host and build:
>
>   SUSE Linux Enterprise Server 12 (x86_64) SP0
>
>   apache: 2.4.23 with a patch for OpenSSL 1.1
>   apr-1.5.2
>   apr-util-1.5.4
>   OpenSSL 1.1.0d
>
> all the above compiled for 32-bit (because we are a software distributor
> and
> have to support 32-bit hardware too).
>
> This crashes on start of httpd with the gdb backtrace attached below. It
> seems that the problem is coming down from a call within libapr-1.so or
> mod_ssl.so
>
> The exact same suite works fine on Solaris SunOS 10.
>
> What are the options? Do we have to recompile apache(...) with OpenSSL
> 1.0.x?


[sneaking in the dev@apr list, non authoritative answer but it might help]

Openssl 1.1.x support is now merged in the latest 2.4.x httpd branch and it
will be included in the next release, but for 2.4.23 you'd need to use
1.0.x. You can check
http://people.apache.org/~jorton/httpd-2.4.x-openssl110.patch if you want
more details about what changed.

Thanks!

Luca