This is only an info for others who might run into the same problem:
I used the httpd test suite for httpd 2.2.9 in combination with OpenSSL
0.9.8h (the recent version).
The test suite calls
openssl \
req -new -key keys/client_revoked.pem -out csr/client_revoked.csr \
-passin pass:httpd -passout pass:httpd -config \
conf/client_revoked.cnf
at the beginning. With OpenSSL 0.9.8h this crashes (Solaris) resp. gives
a malloc error (Linux).
This is not an httpd bug. If one uses an older openssl (e.g. 0.9.8g) in
the PATH but still runs httpd/mod_ssl with 0.9.8h, there is no SSL test
failure.
The corresponding OpenSSL bug is already known and fixed in CVS:
http://cvs.openssl.org/chngview?cn=17196
Regards,
Rainer
