10-Maj-98 02:06:31, sudog (sudog@dcss.douglas.bc.ca) wrote:
>I've been banging my head against a wall trying to figure out why in the
>world my compilation of Apache-SSL keeps coredumping on me when it first
>tries to initialize itself before actually opening a port and serving
>data.

>I have scraped through a gdb session and found that the SSL code at one
>point invokes the strlen() function with a (0) value. strlen tries to find
>the length of the value, but since (0) is presumably not in the program's
>addressing space, it segmentation faults. Is this on purpose? Should
>strlen not be checking for this sort of thing? What's the programming
>commandment again...


>Marc Tooley
>tooleym@douglas.bc.ca
>P.S. The archives I'm using are:
>       SSLeay-0.9.0
>       apache_1.2.6
>       apache_1.2.6+ssl_1.16
>All available from ftp.replay.com I think. see http://www.apache-ssl.org
>for more details.

You've obviously spent more time than I with the problem, but I'ves the samr
problem. I also first tried SSLeay-0.8.0, that one worked, but gave me a very
secure server indeed, it immediately closed the connection upon any HTTP/1.x
GET command. Which NetBSD version are you using? I'm using version 1.3, but
consider upgrading to 1.3.1 or 1.3.2 since it seems to be near now. I got some
warnings when compiling, did you? Also, the https server doesn't recognise the
SSL-cache commands.

How did you configure SSLeay? I used ./Configure gcc.

                        Rasmus  Wiman
                      --=============--
                   THE LAST SURFER IN HELL

rasmus@ebox.tninet.se (Preferred)
razz@lysator.liu.se (also possible)
rasmus_wiman@augs.se (plausible)
http://www.lysator.liu.se/~razz
http://user.tninet.se/~iyu219n