Apache2 segfault with SSLProxyMachineCertificateFile (upstream patch not applied in ubuntu)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Apache2 Web Server |
Unknown
|
Unknown
|
|||
apache2 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Lucid |
Won't Fix
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Medium
|
Unassigned |
Bug Description
When I use SSLProxyMachine
Here's the error.log contents with "LogLevel debug" :
[Thu Aug 04 20:35:05 2011] [info] Init: Seeding PRNG with 648 bytes of entropy
[Thu Aug 04 20:35:05 2011] [info] Loading certificate & private key of SSL-aware server
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [info] Init: Generating temporary RSA private keys (512/1024 bits)
[Thu Aug 04 20:35:05 2011] [info] Init: Generating temporary DH parameters (512/1024 bits)
[Thu Aug 04 20:35:05 2011] [info] Init: Initializing (virtual) servers for SSL
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [info] Configuring server for SSL protocol
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [debug] ssl_engine_
[Thu Aug 04 20:35:05 2011] [info] mod_ssl/2.2.14 compiled against Server: Apache/2.2.14, Library: OpenSSL/0.9.8k
Googleing this issue, I found a very similar story leading to a patch by the apache team (see https:/
I ran apt-get source apache2 on my server and compared the included ssl_engine_init.c with the patched version from the svn above. I confirm this patch is not included the current package (as available today in ubuntu repositories for Lucid).
I would happily patch my source, compile and test to confirm it fixes the issue, but that's a bit beyond my Ubuntu knowledge (especially the "compile and rebuild package before apt-get-installing the fixed version" part).
BTW : please consider publishing the fixed version in Lucid repositories, as I cannot use a non-LTS release.
ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: apache2 2.2.14-5ubuntu8.4
ProcVersionSign
Uname: Linux 2.6.32-
Architecture: i386
Date: Thu Aug 4 20:21:18 2011
EcryptfsInUse: Yes
InstallationMedia: Ubuntu-Server 10.04.1 LTS "Lucid Lynx" - Release i386 (20100816.2)
ProcEnviron:
LANG=fr_FR.UTF-8
SHELL=/bin/bash
SourcePackage: apache2
Changed in apache2 (Ubuntu): | |
importance: | Undecided → Medium |
Changed in apache2 (Ubuntu): | |
status: | New → Triaged |
Attaching a copy of the (one line) patch from apache (the URL I got it from is in the previous comment).