ID: 22213
User updated by: alan at pair dot com
Reported By: alan at pair dot com
Status: Open
Bug Type: cURL related
Operating System: FreeBSD 4.6-STABLE
PHP Version: 4CVS-2003-02-13 (stable)
New Comment:
Here's a stack dump when it segfaults:
Program received signal SIGSEGV, Segmentation fault.
0x81df50c in SSL_CTX_ctrl ()
(gdb) bt
#0 0x81df50c in SSL_CTX_ctrl ()
#1 0x81793f4 in ssl_init_Module (s=0x830b038, p=0x830b010)
#2 0x8179741 in ssl_init_Module (s=0x830b038, p=0x830b010)
at ssl_engine_init.c:304
#3 0x8195dd0 in ap_init_modules (p=0x830b010, s=0x830b038)
at http_config.c:1703
#4 0x81a059e in standalone_main (argc=5, argv=0xbfbffa54) at
http_main.c:5172
#5 0x81a0ec0 in main (argc=5, argv=0xbfbffa54) at http_main.c:5566
#6 0x807f72d in _start ()
(gdb)
However, as I mentioned before, that's not completely accurate.
Stepping through the code, here's a bit more detail as to where it's
crashing:
(gdb)n
585 ctx = SSL_CTX_new(SSLv23_server_method()); /* be more
flexible */
(gdb) bt
#0 ssl_init_ConfigureServer (s=0x830b038, p=0x830b010, sc=0x830b3e0)
at ssl_engine_init.c:585
#1 0x8179741 in ssl_init_Module (s=0x830b038, p=0x830b010)
at ssl_engine_init.c:304
#2 0x8195dd0 in ap_init_modules (p=0x830b010, s=0x830b038)
at http_config.c:1703
#3 0x81a059e in standalone_main (argc=5, argv=0xbfbffa54) at
http_main.c:5172
#4 0x81a0ec0 in main (argc=5, argv=0xbfbffa54) at http_main.c:5566
#5 0x807f72d in _start ()
(gdb) n
586 SSL_CTX_set_options(ctx, SSL_OP_ALL);
(gdb)
Program received signal SIGSEGV, Segmentation fault.
0x81df50c in SSL_CTX_ctrl ()
(gdb) bt
#0 0x81df50c in SSL_CTX_ctrl ()
#1 0x81793f4 in ssl_init_Module (s=0x830b038, p=0x830b010)
#2 0x8179741 in ssl_init_Module (s=0x830b038, p=0x830b010)
at ssl_engine_init.c:304
#3 0x8195dd0 in ap_init_modules (p=0x830b010, s=0x830b038)
at http_config.c:1703
#4 0x81a059e in standalone_main (argc=5, argv=0xbfbffa54) at
http_main.c:5172
#5 0x81a0ec0 in main (argc=5, argv=0xbfbffa54) at http_main.c:5566
#6 0x807f72d in _start ()
(gdb)
This particular version is compiled with PHP 4.3.0, Apache 1.3.27,
mod_ssl 2.8.12, and curl 7.10.3. But I've been able to reproduce it
with different versions of curl and PHP.
If I run the same compiled executable without SSL turned on, it does
not segfault when it receives HUP.
If I compile curl --without-ssl, and compile php against this version
of curl, apache does not segfault when it receives SIGHUP even when
modssl is turned on.
If I compile PHP without curl, apache does not segfault when it
receives SIGHUP.
I don't know that it's curl's fault. I just know that the problem goes
away when PHP isn't using curl, or when curl isn't using SSL.
Thanks,
Alan
Previous Comments:
------------------------------------------------------------------------
[2003-02-14 17:16:26] daniel at haxx dot se
How about providing a stack trace or something that shows us what was
going on when it crashed?
For information, libcurl calls only two functions to initialize the
OpenSSL library:
SSL_load_error_strings();
SSLeay_add_ssl_algorithms(); (a define for SSL_library_init)
(The rest is done when some action is called for, and this report says
that isn't required for this problem to occur.)
I honestly can't see how this can be wrong from a libcurl point of
view.
------------------------------------------------------------------------
[2003-02-14 08:41:39] alan at pair dot com
Regarding notes/issues raised on bug #22112:
I made sure that apache is linking against only one copy of libssl and
libcrypto.
We have a global ErrorLog directive in the httpd.conf we're testing
with, but no VirtualHost blocks at all: it's a base conf file, and the
server doesn't even need to serve any pages for this to be a problem
for us.
Our httpd.conf conditionally turns on SSL only when the "-DSSL" flag is
present. When apache is run without that flag, it works without any
problems. It crashes only when SSL is running.
("SSLEngine on" only happens with -DSSL)
Thanks.
------------------------------------------------------------------------
[2003-02-14 08:33:47] alan at pair dot com
The configure command:
./configure --with-apache=/usr/pair/sw/apachessl_1.3.27
--with-config-file-path=/usr/local/etc --enable-magic-quotes
--enable-bcmath --without-cdb --with-zlib-dir=/usr/local --with-gd
--without-ttf --without-msql --with-mysql=/usr/local --with-iodbc
--with-pdflib --enable-inline-optimization --disable-memory-limit
--with-db --without-gdbm --with-ndbm --without-db2 --without-dbm
--with-gettext --without-readline --with-recode
--with-openssl=/usr/local/ssl --with-mcrypt --without-db3 --enable-dba
--with-curl=/usr/local/lib --with-png-dir=/usr/local/lib
Compiling without "--with-curl" fixes the bug. Compiling curl
"--without-ssl" also does the trick.
------------------------------------------------------------------------
[2003-02-13 19:22:22] [EMAIL PROTECTED]
And the full configure line used to configure php was..?
------------------------------------------------------------------------
[2003-02-13 16:17:05] [EMAIL PROTECTED]
This bug could be related to bug #22112.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/22213
--
Edit this bug report at http://bugs.php.net/?id=22213&edit=1
