On Sun, Mar 29, 2015 at 07:27:44AM -0700, Kent Fritz wrote:
> Running March 26 snapshot, amd64, and built-from-source for getting
> backtrace. Simple httpd.conf. Note that tls config is before non-tls --
> it works fine the other way:
> http_ip="192.168.1.131"
>
> server "default" {
> listen on $http_ip tls port 443
> listen on $http_ip port 80
> root "/var/www/htdocs"
> }
>
>
> # httpd -d -vvvvvvv
> startup
> server_tls_load_keypair: using certificate /etc/ssl/server.crt
> server_tls_load_keypair: using private key /etc/ssl/private/server.key
> server_privinit: adding server default
> server_privinit: adding server default
> socket_rlimit: max open files 1024
> socket_rlimit: max open files 1024
> socket_rlimit: max open files 1024
> logger exiting, pid 8995
> Segmentation fault (core dumped)
> # server exiting, pid 12675
> server exiting, pid 259
> server exiting, pid 6301
Thanks for the report. The problem is config_setserver() using
tls_cert/tls_key when they are NULL but tls_cert_len/tls_key_len
have values. The parser will inherit paths and lengths but
NULL the pointer to the loaded values.
server_tls_load_keypair() will always set the tls len values
we don't need to inherit them at all.
Index: parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/httpd/parse.y,v
retrieving revision 1.66
diff -u -p -r1.66 parse.y
--- parse.y 9 Mar 2015 15:46:45 -0000 1.66
+++ parse.y 30 Mar 2015 07:06:08 -0000
@@ -1907,6 +1907,8 @@ server_inherit(struct server *src, const
fatal("out of memory");
dst->srv_conf.tls_cert = NULL;
dst->srv_conf.tls_key = NULL;
+ dst->srv_conf.tls_cert_len = 0;
+ dst->srv_conf.tls_key_len = 0;
if (src->srv_conf.return_uri != NULL &&
(dst->srv_conf.return_uri =
