You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2003/10/23 08:37:34 UTC
DO NOT REPLY [Bug 24031] New: -
Passphrase protected private key in SSLProxyMachineCertificateFile causes SEGV
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24031>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24031
Passphrase protected private key in SSLProxyMachineCertificateFile causes SEGV
Summary: Passphrase protected private key in
SSLProxyMachineCertificateFile causes SEGV
Product: Apache httpd-2.0
Version: 2.0.47
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: Other
Component: mod_ssl
AssignedTo: bugs@httpd.apache.org
ReportedBy: kris.verbeeck@advalvas.be
The current reverse proxy code can not handle private keys that are
passphrase protected. The key is never decrypted (there is no
passphrase prompt) which results in a SIGSEGV. Using a non-encrypted
key fixes this SIGSEGV.
GDB info of the segfault (no backtrace available):
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
0x0810d39c in X509_check_private_key (x=0x8236b30, k=0x82420a8)
at x509_cmp.c:380
380 if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0
(See also the following thread:
http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=106629032008685&w=2)
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org