On Fri, May 14, 1999, Robert Read wrote:
> Red Hat 5.2, apache 1.3.6, mod-ssl 2.2.8-1.3.6, and openssl 0.9.2b. When
> a bad pass phrase is entered using the default handler, apache seg faults.
> I've added enough ssl_logs to see that the seg fault happens in
> ssl_pphrase_Handle() during the call SSL_read_RSAPrivateKey() at some
> point after ssl_pphrase_Handle_CB returns.
> [...]
Hmmm... strange. I've never observed this myself nor heard from segfault
related to the pass phrase dialog. And I cannot see an obvious programming
mistake inside ssl_engine_pphrase.c. So my questions are:
1. is any DSO part of the game?
When yes, have you compiled OpenSSL with -fpic?
2. does OpenSSL already pass it's "make test"?
3. can you correctly read the key via
"openssl rsa -noout -text -in server.key"?
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
