Re: Apache gets SIGSEGV in ssl3_finish_mac()

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

On Sat, Nov 21, 2009 at 05:50:52PM +0100, Emmanuel Dreyfus wrote:
> Hello
> 
> I have a NetBSD box running apache that regulary dumps a core, always
> with a SIGSEGV in SSL code:
> 
> #0 0xbbb37b54 in ssl3_finish_mac () from /usr/lib/libssl.so.6
> #1 0xbbb343b2 in ssl3_do_write () from /usr/lib/libssl.so.6
> #2 0xbbb2435e in ssl3_send_server_hello () from /usr/lib/libssl.so.6
> #3 0xbbb2674f in ssl3_accept () from /usr/lib/libssl.so.6
> #4 0xbbb3b7bd in SSL_accept () from /usr/lib/libssl.so.6
> #5 0xbbb19bcb in ssl23_get_client_hello () from /usr/lib/libssl.so.6
> #6 0xbbb1a356 in ssl23_accept () from /usr/lib/libssl.so.6
> #7 0xbbb3b7bd in SSL_accept () from /usr/lib/libssl.so.6
> 
> The machine runs NetBSD 5.0_STABLE as of 200908010000Z, with
> apache-2.2.14 built from pkgsrc (as of today). 
> 
> httpd is linked with /usr/lib/libssl.so.6, from built-in OpenSSL.
> openssl version says "OpenSSL 0.9.9-dev 09 May 2008"
> 
> I have this in httpd.conf. It was copied from some place I don't really
> remeber. I have no idea whether it's good or if it would be better to
> remove the line (hint welcome):
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> 
> It seems that Firefox 3.6 beta have a much higher chance of triggering
> the problem. Any idea of what can be wrong?

I see it too, on all my ssl-enabled http servers. It seems harmless ...

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--