In message <> you write:
|> the best you can do is the following: Attach a
|> debugger to the running process.
I did this last night.
trace showed that httpd was busy doing read(31,"",1000) all the time.
lsof showed that fd 31 was connected to identd on the client, and was
in CLOSE_WAIT state.
I killed and restarted said identd, and everything went back to normal.
It was a strange coincidence that said identd went bad while I upgraded
mod_ssl. I apologize for taking your time.
BUT -
I think this could be exploited for a DOS attack - run a bogus identd
on a client and open up as many connections as the server has CPU's.
Do you think so, too, and should I report this to the Apache group?
The problem is - I cannot reproduce this intentionally...
vb
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
