https://bz.apache.org/bugzilla/show_bug.cgi?id=63136
Bug ID: 63136 Summary: After r1781187 httpd is seg faulting in FIPS mode Product: Apache httpd-2 Version: 2.4.26 Hardware: PC OS: Linux Status: NEW Severity: regression Priority: P2 Component: mod_ssl Assignee: bugs@httpd.apache.org Reporter: luhli...@redhat.com Target Milestone: --- Hi all, after this commit http://svn.apache.org/viewvc?view=revision&revision=1781187 , httpd is crashing with SEG_FAULT. In the following code: ctx = SSL_CTX_new(method); mctx->ssl_ctx = ctx; SSL_CTX_set_options(ctx, SSL_OP_ALL); ctx is set to NULL by SSL_CTX_new function (method is set to TLS_server_method() in this case) and therefore SSL_CTX_set_options causes segfault. I traced also openssl's SSL_CTX_new call: 2938 || sk_SSL_CIPHER_num(ret->cipher_list) <= 0) { (gdb) 2943 ret->param = X509_VERIFY_PARAM_new(); (gdb) p ret $9 = (SSL_CTX *) 0x5555558cdc10 (gdb) n 2944 if (ret->param == NULL) (gdb) 2947 if (!FIPS_mode()) { (gdb) 2948 if ((ret->md5 = EVP_get_digestbyname("ssl3-md5")) == NULL) { (gdb) 2949 SSLerr(SSL_F_SSL_CTX_NEW, SSL_R_UNABLE_TO_LOAD_SSL3_MD5_ROUTINES); (gdb) 2950 goto err2; (gdb) 3065 SSL_CTX_free(ret); (gdb) 3066 return NULL; where FIPS_mode() returns 0, even if FIPS is enabled on the machine. I wanted to find, what causes, that FIPS_module_mode_set is called with 0, and found out, that this code from r1781187 did it: /* * Try to kill the internals of the SSL library. */ #ifdef HAVE_FIPS FIPS_mode_set(0); #endif + backtrace: Breakpoint 1, FIPS_module_mode_set (onoff=onoff@entry=0) at crypto/fips/fips.c:418 418 { (gdb) bt #0 FIPS_module_mode_set (onoff=onoff@entry=0) at crypto/fips/fips.c:418 #1 0x00007fffe8e3319c in FIPS_mode_set (r=r@entry=0) at crypto/o_fips.c:28 #2 0x00007fffe941e15f in ssl_cleanup_pre_config (data=<optimized out>) at mod_ssl.c:335 #3 0x00007ffff6dea00e in run_cleanups (cref=<optimized out>) at memory/unix/apr_pools.c:2629 #4 apr_pool_clear (pool=0x5555557e8848) at memory/unix/apr_pools.c:947 #5 0x0000555555577862 in reset_process_pconf (process=0x5555557e6928) at main.c:291 #6 0x00005555555771e4 in main (argc=<optimized out>, argv=<optimized out>) at main.c:750 (gdb) p onoff $2 = 0 -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org