[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 62552] Loading mod_md segfaults when using DBDriver from mod_authn_dbd

--- Comment #15 from Stefan Eissing <stefan@xxxxxxxxxxx> ---
The minimal backtrace shows where exactly the crash in openssl 1.0.2 happens:

Thread 1 (Thread 0x7ffff7fe0780 (LWP 31111)):
#0  0x00007ffff4346610 in ?? ()
#1  0x00007ffff4f07935 in ssleay_rand_status () at md_rand.c:577
#2  0x00007ffff54b312c in md_crypt_init (pool=pool@entry=0x555555803388) at

And md_rand.c:577 in OpenSSL 1.0.2 is:

571: static int ssleay_rand_status(void)
572: {
573:     CRYPTO_THREADID cur;
574:     int ret;
575:     int do_not_lock;
577:     CRYPTO_THREADID_current(&cur);

Which hints at problems with initialization order in openssl usage *before*
mod_ssl installs its own crypto lock handler.

OpenSSL 1.1.x eliminated that locking callback, I think. For an apache with
several modules using OpenSSL, how would we ensure that initialization order is
deterministic. And what if modules want to access openssl *before* the post
config phase?

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx