Re: [BugDB] mod_ssl segfaults under Solaris 2.8 (PR#671)

Sun, 10 Mar 2002 08:10:26 -0800 

On Sun, 10 Mar 2002 [EMAIL PROTECTED] wrote:

> On Sun, Mar 10, 2002 at 09:04:04AM +0100, [EMAIL PROTECTED] wrote:
> > Full_Name: Ari D Jordon
> > Version: 2.8.7
> > OS: Solaris 2.8
> > Submission from: (NULL) (68.49.144.213)
> > 
> > 
> > using apache 1.3.23, starting httpd with -DSSL immediately seg faults.  post
> > mortem revealed it was dying in ssl_cmd_SSLEngine, specifically in that
> > mySrvConfig() was returning 0.  not quite sure if this is a problem with mod_ssl
> > or apache itself, as mySrvConfig is a define for ap_get_module_config.  any
> > suggestions would be appreciated.
> 
> Are you using the engine version of openssl? Unless you have a supported
> crypto accelerator, then you shouldn't be using the engine version.
> 


But, it should not make a difference if he is should it?  The
documentation for the engine version states:

  NOTES
  =====

  openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do
  not need to download both.

  openssl-engine-0.9.6.tar.gz is usable even if you don't have an external
  crypto device.  The internal OpenSSL functions are contained in the
  engine "openssl", and will be used by default.

  No external crypto device is chosen unless you say so.  You have
actively
  tell the openssl utility commands to use it through a new command line
  switch called "-engine".  And if you want to use the ENGINE library to
  do something similar, you must also explicitely choose an external
crypto
  device, or the built-in crypto routines will be used, just as in the
  default OpenSSL distribution.

So the engin version should be compatible with the non-engine version
unless there has been something I have missed in the list here or
elsewhere?

Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to