Re: [BugDB] mod_ssl segfaults under Solaris 2.8 (PR#671)
On Sun, Mar 10, 2002 at 11:30:29AM -0500, R. DuFresne wrote: So the engin version should be compatible with the non-engine version unless there has been something I have missed in the list here or elsewhere? It probably is - I just haven't seen that error before, so it was an obvious place to start. BTW: when replying to [BugDB] postings, then please let your replies go to [EMAIL PROTECTED] - that way they will go into the bug database and get sent automagically to the list. vh Mads Toftum -- With a rubber duck, one's never alone. -- The Hitchhiker's Guide to the Galaxy __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] mod_ssl segfaults under Solaris 2.8 (PR#671)
-==-=-=---=---==-==---==--=-==--=--==- Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed At 03:18 PM 3/10/2002 +0100, you wrote: On Sun, Mar 10, 2002 at 09:04:04AM +0100, [EMAIL PROTECTED] wrote: Full_Name: Ari D Jordon Version: 2.8.7 OS: Solaris 2.8 Submission from: (NULL) (68.49.144.213) using apache 1.3.23, starting httpd with -DSSL immediately seg faults. post mortem revealed it was dying in ssl_cmd_SSLEngine, specifically in that mySrvConfig() was returning 0. not quite sure if this is a problem with mod_ssl or apache itself, as mySrvConfig is a define for ap_get_module_config. any suggestions would be appreciated. Are you using the engine version of openssl? Unless you have a supported crypto accelerator, then you shouldn't be using the engine version. no, this is the normal version (0.9.6b). we've built ssh against this version, and it works fine. i've done some further experimentation, and this is what i've found: after commenting out the macro version of ap_get_module_config in http_config.h (apache source), i was able to get a better idea of the problem the second paramater passed to ap_get_module_config (ssl_module) seems to have an incorrect value for module_index (19 every time i've traced it). and, each time, conf_vector[module_index] is NULL. not sure if it's a coincidence, but there has been consitently a value in conf_vector[module_index+1]. perhaps something is misconfigured in my apache setup? -==-=-=---=---==-==---==--=-==--=--==- Content-Type: application/pgp-signature -BEGIN PGP MESSAGE- Version: PGPfreeware 7.0.3 for non-commercial use http://www.pgp.com iQA+AwUBPIxRubu5aMb7oqrkEQIJtACg2h/nQkpBCW7lHwrm+0miZi3YbLEAmNX5 8Z6q9F07VQAWaDYs4e2tCvs= =R8kN -END PGP MESSAGE- -==-=-=---=---==-==---==--=-==--=--==--- __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
[BugDB] mod_ssl segfaults under Solaris 2.8 (PR#671)
Full_Name: Ari D Jordon Version: 2.8.7 OS: Solaris 2.8 Submission from: (NULL) (68.49.144.213) using apache 1.3.23, starting httpd with -DSSL immediately seg faults. post mortem revealed it was dying in ssl_cmd_SSLEngine, specifically in that mySrvConfig() was returning 0. not quite sure if this is a problem with mod_ssl or apache itself, as mySrvConfig is a define for ap_get_module_config. any suggestions would be appreciated. __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] mod_ssl segfaults under Solaris 2.8 (PR#671)
On Sun, Mar 10, 2002 at 09:04:04AM +0100, [EMAIL PROTECTED] wrote: Full_Name: Ari D Jordon Version: 2.8.7 OS: Solaris 2.8 Submission from: (NULL) (68.49.144.213) using apache 1.3.23, starting httpd with -DSSL immediately seg faults. post mortem revealed it was dying in ssl_cmd_SSLEngine, specifically in that mySrvConfig() was returning 0. not quite sure if this is a problem with mod_ssl or apache itself, as mySrvConfig is a define for ap_get_module_config. any suggestions would be appreciated. Are you using the engine version of openssl? Unless you have a supported crypto accelerator, then you shouldn't be using the engine version. vh Mads Toftum -- With a rubber duck, one's never alone. -- The Hitchhiker's Guide to the Galaxy __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] mod_ssl segfaults under Solaris 2.8 (PR#671)
On Sun, 10 Mar 2002 [EMAIL PROTECTED] wrote: On Sun, Mar 10, 2002 at 09:04:04AM +0100, [EMAIL PROTECTED] wrote: Full_Name: Ari D Jordon Version: 2.8.7 OS: Solaris 2.8 Submission from: (NULL) (68.49.144.213) using apache 1.3.23, starting httpd with -DSSL immediately seg faults. post mortem revealed it was dying in ssl_cmd_SSLEngine, specifically in that mySrvConfig() was returning 0. not quite sure if this is a problem with mod_ssl or apache itself, as mySrvConfig is a define for ap_get_module_config. any suggestions would be appreciated. Are you using the engine version of openssl? Unless you have a supported crypto accelerator, then you shouldn't be using the engine version. But, it should not make a difference if he is should it? The documentation for the engine version states: NOTES = openssl-engine-0.9.6.tar.gz does not depend on openssl-0.9.6.tar, you do not need to download both. openssl-engine-0.9.6.tar.gz is usable even if you don't have an external crypto device. The internal OpenSSL functions are contained in the engine openssl, and will be used by default. No external crypto device is chosen unless you say so. You have actively tell the openssl utility commands to use it through a new command line switch called -engine. And if you want to use the ENGINE library to do something similar, you must also explicitely choose an external crypto device, or the built-in crypto routines will be used, just as in the default OpenSSL distribution. So the engin version should be compatible with the non-engine version unless there has been something I have missed in the list here or elsewhere? Thanks, Ron DuFresne -- ~~ admin senior security consultant: sysinfo.com http://sysinfo.com Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation. -- Johnny Hart testing, only testing, and damn good at it too! __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]
Re: [BugDB] mod_ssl segfaults under Solaris 2.8 (PR#671)
Hi, On Monday 11 March 2002 03:18, [EMAIL PROTECTED] wrote: Are you using the engine version of openssl? Unless you have a supported crypto accelerator, then you shouldn't be using the engine version. I can assure you that it should make no difference. The only reason the non-engine version existed at 0.9.6 was to give developers more lead-time to adjusting their to the subtle API changes in the engine version. Using the engine version without specifying an engine should work just as the non-engine version as far as mod_ssl is concerned. Cheers, Geoff __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager[EMAIL PROTECTED]