You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Pavel Matěja <pa...@netsafe.cz> on 2014/02/18 15:53:53 UTC
Segmentation faults when SSLProxyCheckPeerName On
Hi,
since we've enabled SSLProxyCheckPeerName our reverserse proxy I can see
AH00052: child pid 5711 exit signal Segmentation fault (11)
in our logs during Nessus scans.
Backend server has several X509v3 Subject Alternative Names and Nessus sends
just IP as Host header.
We are running: Apache/2.4.7 (Unix) OpenSSL/1.0.1f
Mod_backtrace says:
**** Crash at 2014-02-18 14:24:22
Process id: 5912
Fatal signal: 11
/apache/modules/mod_backtrace.so:0xb709bede
/apache/modules/mod_whatkilledus.so:0xb709668b
/apache/modules/mod_whatkilledus.so:0xb709686b
/apache/bin/httpd:ap_run_fatal_exception+0x48 0x807b51f
/apache/bin/httpd:0x80a75e7
/apache/bin/httpd:0x80a7622
[0xb774b400]
/lib/libaprutil-1.so.0:apr_brigade_cleanup+0x22 0xb7578535
/lib/libaprutil-1.so.0:0xb757850d
/lib/libapr-1.so.0:0xb75308db
/lib/libapr-1.so.0:apr_pool_destroy+0x52 0xb752fb10
/apache/bin/httpd:0x8092603
/apache/modules/mod_ssl.so:0xb72e0c4f
/apache/bin/httpd:ap_pass_brigade+0x94 0x807d9d1
/apache/modules/mod_ssl.so:0xb72e099f
/apache/bin/httpd:ap_pass_brigade+0x94 0x807d9d1
/apache/bin/httpd:ap_process_request_after_handler+0x9a 0x8104c52
/apache/bin/httpd:ap_process_async_request+0x674 0x8105308
/apache/bin/httpd:ap_process_request+0x1a 0x8105328
/apache/bin/httpd:0x81014c0
/apache/bin/httpd:0x81015c9
/apache/bin/httpd:ap_run_process_connection+0x48 0x80a3ccb
/apache/bin/httpd:ap_process_connection+0x51 0x80a4100
/apache/bin/httpd:0x818d3e9
Anobody seen something similar?
--
Pavel Matěja
Re: Segmentation faults when SSLProxyCheckPeerName On
Posted by Kaspar Brand <ht...@velox.ch>.
On 18.02.2014 15:53, Pavel Matěja wrote:
> Hi,
> since we've enabled SSLProxyCheckPeerName our reverserse proxy I can see
> AH00052: child pid 5711 exit signal Segmentation fault (11)
> in our logs during Nessus scans.
>
> Backend server has several X509v3 Subject Alternative Names and Nessus sends
> just IP as Host header.
>
> We are running: Apache/2.4.7 (Unix) OpenSSL/1.0.1f
>
> Mod_backtrace says:
Are you able to grab a complete stack trace? (I'm not familiar with
reading mod_backtracke output, and the mod_ssl.so lines lack function
names, so it's hard to tell if something went wrong when checking cert
names.)
Is it limited to SSLProxyCheckPeerName on, or does it also occur with
SSLProxyCheckPeerCN on? If the former is true, then it seems that
something in ssl_util_ssl.c:SSL_X509_match_name goes wrong (that's
basically the new code path for this option).
Kaspar