[Pkg-openssl-devel] initialization problems

Miroslav Zacek miroslav.zacek at skype.net
Mon Jul 19 11:18:18 UTC 2010


I've reported a bug in the openssl initialization process, see #2305. 
http://blog.gmane.org/gmane.comp.encryption.openssl.devel

The problem is that apache crashes (exit signal Segmentation fault (11)) if:
- mod_ssl is enabled
- php5-curl is enabled
- any https://... page is accessed on that server (even static, no php)

The page can be accessed via standard browser (not via php5-curl). So the apache is crashing even though no php (except module initialization) is running. I backtraced it and found out that the segmentation fault appears in /lib/libcrypto.so.0.9.8:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff214ea60 in sha1_md () from /lib/libcrypto.so.0.9.8
(gdb) backtrace full
#0  0x00007ffff214ea60 in sha1_md () from /lib/libcrypto.so.0.9.8
No symbol table info available.
#1  0x00007ffff1e7c7cf in engine_unlocked_init (e=0x7ffff8641160) at eng_init.c:67
        to_return = 1
#2  0x00007ffff1e7dc34 in engine_table_select (table=0x7ffff216c860, nid=427) at eng_table.c:274
 
I'm communicating with Dr Stephen N. Henson, the OpenSSL project core developer, but I'm not an expert on SSL and I think you can trace the problem faster. I think that S. Henson is suspecting the problem being somewhere in the debian patch (the AES-NI) so he is not trying to reproduce the bug and navigates me what to do to debug it. But this could long weeks or months to find the bug. Could you please try to reproduce the error?

The problem was first reported here as apache/php5-curl problem (but the error is more likely in the openssl library):
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/590639
but nobody seems to deal with it. I know more people having the same problem.




More information about the Pkg-openssl-devel mailing list