git.net

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 62552] Loading mod_md segfaults when using DBDriver from mod_authn_dbd


https://bz.apache.org/bugzilla/show_bug.cgi?id=62552

--- Comment #15 from Stefan Eissing <stefan@xxxxxxxxxxx> ---
The minimal backtrace shows where exactly the crash in openssl 1.0.2 happens:

Thread 1 (Thread 0x7ffff7fe0780 (LWP 31111)):
#0  0x00007ffff4346610 in ?? ()
#1  0x00007ffff4f07935 in ssleay_rand_status () at md_rand.c:577
#2  0x00007ffff54b312c in md_crypt_init (pool=pool@entry=0x555555803388) at
md_crypt.c:136

And md_rand.c:577 in OpenSSL 1.0.2 is:

571: static int ssleay_rand_status(void)
572: {
573:     CRYPTO_THREADID cur;
574:     int ret;
575:     int do_not_lock;
576: 
577:     CRYPTO_THREADID_current(&cur);

Which hints at problems with initialization order in openssl usage *before*
mod_ssl installs its own crypto lock handler.

OpenSSL 1.1.x eliminated that locking callback, I think. For an apache with
several modules using OpenSSL, how would we ensure that initialization order is
deterministic. And what if modules want to access openssl *before* the post
config phase?

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx




( ! ) Warning: include(msgfooter.php): failed to open stream: No such file or directory in /var/www/git/apache2-bugs/msg03011.html on line 105
Call Stack
#TimeMemoryFunctionLocation
10.0008358280{main}( ).../msg03011.html:0

( ! ) Warning: include(): Failed opening 'msgfooter.php' for inclusion (include_path='.:/var/www/git') in /var/www/git/apache2-bugs/msg03011.html on line 105
Call Stack
#TimeMemoryFunctionLocation
10.0008358280{main}( ).../msg03011.html:0