Hi, Per the recently announced vulnerability in versions of apache < 1.3.26, I decided to be a happy little prole and update all of my webservices.
Unpacking clean source for apache, mod_ssl and mod_perl-1.26, I upgraded
the packages like I always do:
apply mod_ssl to apache, apply mod_perl to apache, compile apache,
install apache, compile mod_ssl apxs module.
however, this time around, upon running ./apachetel startssl, apache
segfaulted:
275 [HAL:root](/usr/apache):./bin/apachectl startssl
./bin/apachectl: line 184: 4423 Segmentation fault $HTTPD -DSSL
./bin/apachectl startssl: httpd could not be started
apache starts fine without ssl enabled.
Here's an strace:
...
...
...
[snip]
stat("/usr/apache/conf/access.conf", {st_mode=S_IFREG|0600, st_size=348,
...}) = 0
lstat("/usr/apache/conf/access.conf", {st_mode=S_IFREG|0600,
st_size=348, ...}) = 0
open("/usr/apache/conf/access.conf", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0600, st_size=348, ...}) = 0
fstat(3, {st_mode=S_IFREG|0600, st_size=348, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x4019f000
read(3, "##\n## access.conf -- Apache HTTP"..., 4096) = 348
read(3, "", 4096) = 0
close(3) = 0
munmap(0x4019f000, 4096) = 0
brk(0x80f7000) = 0x80f7000
pipe([3, 4]) = 0
fork() = 4494
close(3) = 0
fcntl(4, F_GETFL) = 0x1 (flags O_WRONLY)
fstat(4, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x4019f000
_llseek(4, 0, 0xbfffda00, SEEK_CUR) = -1 ESPIPE (Illegal seek)
dup2(4, 2) = 2
pipe([3, 5]) = 0
fork() = 4495
close(3) = 0
fcntl(5, F_GETFL) = 0x1 (flags O_WRONLY)
fstat(5, {st_mode=S_IFIFO|0600, st_size=0, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x404ac000
_llseek(5, 0, 0xbfffda00, SEEK_CUR) = -1 ESPIPE (Illegal seek)
open("/var/adm/https.log", O_WRONLY|O_APPEND|O_CREAT, 0666) = 3
fcntl(3, F_DUPFD, 15) = 15
close(3) = 0
fcntl(15, F_GETFL) = 0x401 (flags
O_WRONLY|O_APPEND)
fstat(15, {st_mode=S_IFREG|0644, st_size=11391310, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x404ad000
_llseek(15, 0, [0], SEEK_CUR) = 0
munmap(0x404ad000, 4096) = 0
time(NULL) = 1024609805
open("/etc/localtime", O_RDONLY) = 3
read(3, "TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0"..., 44)
= 44
read(3, "\236\246,\200\237\272\371p\240\206\16\200\241\232\333p"...,
1170) = 1170
fstat(3, {st_mode=S_IFREG|0644, st_size=1262, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x404ad000
read(3, "\377\377\271\260\1\0\377\377\253\240\0\4\377\377\271\260"...,
4096) = 48
close(3) = 0
munmap(0x404ad000, 4096) = 0
getpid() = 4493
write(15, "[20/Jun/2002 16:50:05 04493] [in"..., 110) = 110
time(NULL) = 1024609805
getpid() = 4493
write(15, "[20/Jun/2002 16:50:05 04493] [in"..., 82) = 82
time(NULL) = 1024609805
getpid() = 4493
write(15, "[20/Jun/2002 16:50:05 04493] [in"..., 72) = 72
brk(0x80f8000) = 0x80f8000
brk(0x80f9000) = 0x80f9000
brk(0x80fa000) = 0x80fa000
brk(0x80fb000) = 0x80fb000
brk(0x80fd000) = 0x80fd000
brk(0x80fb000) = 0x80fb000
brk(0x80fd000) = 0x80fd000
time(NULL) = 1024609805
getpid() = 4493
write(15, "[20/Jun/2002 16:50:05 04493] [in"..., 119) = 119
open("/etc/ssl/www.cert", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0600, st_size=1493, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x404ad000
read(3, "-----BEGIN CERTIFICATE-----\nMIIE"..., 4096) = 1493
brk(0x80fe000) = 0x80fe000
brk(0x80ff000) = 0x80ff000
close(3) = 0
munmap(0x404ad000, 4096) = 0
open("/etc/ssl/www.key", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0600, st_size=887, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS,
-1, 0) = 0x404ad000
read(3, "-----BEGIN RSA PRIVATE KEY-----\n"..., 4096) = 887
close(3) = 0
munmap(0x404ad000, 4096) = 0
time(NULL) = 1024609805
getpid() = 4493
time(NULL) = 1024609805
time(NULL) = 1024609805
getpid() = 4493
write(15, "[20/Jun/2002 16:50:05 04493] [in"..., 82) = 82
getpid() = 4493
getuid() = 0
time(NULL) = 1024609805
open("/dev/urandom", O_RDONLY) = 3
read(3, "$\255\215\30L\315\255\356\3106\305\213\364\f\233\25", 16) = 16
close(3) = 0
time(NULL) = 1024609805
getpid() = 4493
write(15, "[20/Jun/2002 16:50:05 04493] [in"..., 97) = 97
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
...
repeat this message about 300 more times
...
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time([1024609805]) = 1024609805
getpid() = 4493
time(NULL) = 1024609805
getpid() = 4493
write(15, "[20/Jun/2002 16:50:05 04493] [in"..., 95) = 95
brk(0x8109000) = 0x8109000
open("./php.ini", O_RDONLY) = -1 ENOENT (No such file or
directory)
open("/usr/lib/php.ini", O_RDONLY) = -1 ENOENT (No such file or
directory)
brk(0x810a000) = 0x810a000
brk(0x810b000) = 0x810b000
brk(0x810c000) = 0x810c000
brk(0x810d000) = 0x810d000
brk(0x810e000) = 0x810e000
brk(0x810f000) = 0x810f000
brk(0x8110000) = 0x8110000
brk(0x8111000) = 0x8111000
brk(0x8112000) = 0x8112000
brk(0x8113000) = 0x8113000
brk(0x8114000) = 0x8114000
brk(0x8115000) = 0x8115000
brk(0x8116000) = 0x8116000
brk(0x8117000) = 0x8117000
brk(0x8118000) = 0x8118000
brk(0x8119000) = 0x8119000
brk(0x811a000) = 0x811a000
brk(0x811b000) = 0x811b000
brk(0x811c000) = 0x811c000
brk(0x811d000) = 0x811d000
brk(0x811e000) = 0x811e000
brk(0x811f000) = 0x811f000
brk(0x8120000) = 0x8120000
brk(0x8121000) = 0x8121000
brk(0x8122000) = 0x8122000
brk(0x8123000) = 0x8123000
brk(0x8125000) = 0x8125000
brk(0x8126000) = 0x8126000
--- SIGSEGV (Segmentation fault) ---
+++ killed by SIGSEGV +++
configurations:
mod_ssl:
./configure \
"--with-apache=../apache_1.3.26" \
"$@"
apache:
CC="gcc" \
RANLIB="ranlib" \
./configure \
"--with-layout=Apache" \
"--prefix=/usr/apache" \
"--enable-module=rewrite" \
"--enable-module=ssl" \
"--enable-module=so" \
"--enable-shared=ssl" \
"--enable-suexec" \
"--suexec-caller=www" \
"$@"
php4:
./configure --prefix=/usr --with-apxs=/usr/apache/bin/apxs \
--with-openssl=../../openssl-0.9.6c --enable-bcmath \
--with-mysql=/usr/mysql
gcc version: 2.95.3
libc: libc6
ldd: 1.9.9
ld: 2.11.2
OpenSSL: 0.9.6.c
Let me know if there's anything else I can include to help you out;
I hope I'm just missing something stupid...
sorry if I'm wasting anyone's time.
Much thanks,
Garrett
--
Garrett Kuchta [gkuchta[at]astro.umn.edu]
Assistant System Manager
Dept. of Astronomy
University of Minnesota, Twin Cities
http://www.astro.umn.edu/~gkuchta
msg14412/pgp00000.pgp
Description: PGP signature
