Hi Pascal,
On Tuesday 26 March 2013, Pascal Junod (Mailing Lists) wrote:
> Dear Apache developpers,
>
> You might want to clean a bit the code of
>
> modules/aaa/mod_auth_digest.c
>
> This blog post
>
> http://crypto.junod.info/2013/03/25/awakening-zombie-code-in-apache
> -httpd/
>
> explains why and how.
>
> Essentially, it is possible to make httpd crash by awakening code
> related to the MD5-sess digest authentication mechanism variant.
>
> Latest versions 2.4.4 and 2.2.24 are vulnerable to this bug.
I agree that mod_auth_digest is in a sorry state, but I can't
reproduce your bug. Do you see the log message logged by
log_error_and_cleanup()? If yes, what is the logged message exactly,
i.e. at which point does the shm initialization go wrong?
If the problem is failed shm initialization, I suspect that the
attached patch may fix your crashes.
BTW, from reading the code, I think that the shm stuff is also used
without MD5-sess or auth-int. But I haven't really tested that, yet.
Cheers,
Stefan
diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c
index d718e2c..8d63db0 100644
--- a/modules/aaa/mod_auth_digest.c
+++ b/modules/aaa/mod_auth_digest.c
@@ -223,6 +223,8 @@ static apr_status_t cleanup_tables(void *not_used)
opaque_lock = NULL;
}
+ client_list = NULL;
+
return APR_SUCCESS;
}
