Full_Name: Bart van Leeuwen Version: various OS: FreeBSD Submission from: (NULL) (195.64.50.136)
Situation: Server has multiple virtual hosts and uses the namevirtualhost option. A ssl virtual host is defined using its hostname instead of its ip. Due to a dns failure, 1 of the names used for a ssl virtual host cannot be resolved. (can be simulated of course by defining a virtual host with a non existant name) When apache starts, it first complains about being unable to resolve the hostname, then mod_ssl gets a sig 11 in its module init. Taking a quick peek at the offending code reveals 2 things: 1. the variable addrs, which contains a pointer, is used without verification if it actually points to anything. 2. mod_ssl contains code that should log a warning about the above configuration, however, it doesn't log this warning. Possible fix: first of all ensure there is a null check on addrs, 2nd, if the check on multiple ssl virtual hosts on a single IP is indeed required, it would make sense to compare the content of the according field in the addrs struct, and not the pointer to that content (looks to me like its address is taken and compared instead of its value) regards, Bart van Leeuwen DOOSYS IT Consultants http://www.doosys.com/ ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
