Re: Apache gets SIGSEGV in ssl3_finish_mac()

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Sun, Nov 22, 2009 at 01:46:17PM +0000, Emmanuel Dreyfus wrote:
> On Sat, Nov 21, 2009 at 07:05:32PM +0100, Manuel Bouyer wrote:
> > I've not seen this yet, not did I get a report of such a problem.
> 
> I made some progress:
> 
> On an SSL enabled Apache 2.2.14, with no additionnal module, loading
> a static page from Firefox 3.6 over SSL will work for a short time. 
> 
> If I make a burst of a dozen page reload, I get a "The connexion was
> reset" message from Firefox, while the serving Apache instance gets
> a SIGSEGV. Once I get this, it is impossible to get the page again. 
> The same error will always occur until I restart Apache. Other clients
> can still load the page.
> 
> I dscovered that in Firefox, setting security.enable_tls_session_tickets
> to false will workaround this bug and restore a normal behavior. 
> 
> Anyone has an idea of what is going on?

This reminfs me on something; I has an issue with some svn clients and
large commits/imports/etc. It turned out to be a bug in the neon library
on the client side, related to tls which was turned on in recent apache
2.2 versions. Disabling TlSv1 on the server side worked around this.
So now I have:
        SSLProtocol all -TLSv1

maybe it would help with this problem too ?

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--