You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2003/10/23 08:37:34 UTC

DO NOT REPLY [Bug 24031] New: - Passphrase protected private key in SSLProxyMachineCertificateFile causes SEGV

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24031>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=24031

Passphrase protected private key in SSLProxyMachineCertificateFile causes SEGV

           Summary: Passphrase protected private key in
                    SSLProxyMachineCertificateFile causes SEGV
           Product: Apache httpd-2.0
           Version: 2.0.47
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: kris.verbeeck@advalvas.be


The current reverse proxy code can not handle private keys that are
passphrase protected.  The key is never decrypted (there is no
passphrase prompt) which results in a SIGSEGV.  Using a non-encrypted
key fixes this SIGSEGV.

GDB info of the segfault (no backtrace available):

   (gdb) c
   Continuing.
   Program received signal SIGSEGV, Segmentation fault.
   0x0810d39c in X509_check_private_key (x=0x8236b30, k=0x82420a8)
       at x509_cmp.c:380
   380                     if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0

(See also the following thread:
http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=106629032008685&w=2)

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org