> [[email protected] - Tue Jul 13 10:42:32 2010]: > > I think there is a bug in the openSSL initialization. > > In (K)ubuntu my Apache was crashing when I accessed any SSL page (even > static html) with > segmentation fault (11) when the php5-curl module was enabled (just > enabled, not used). > > I've found this bug reported here: > https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/590639 > but noone seems to be working on it. So I tried to find the problem > myself. I thought the bug is > in php5-curl, but I found out that the program crashes when the > ENGINE_load_builtin_engines() > from the openssl library is called. When I commented out the > ENGINE_load_aesni() initialization > method, the apache stopped crashing. > > This error is easy to reproduce: install latest (k)ubuntu lucid with > apache + ssl + php5-curl, > create a static page in the default ssl domain and access it via > browser (no php in action) and > the server crashes. > > This is the call structure: > > - php5-curl in interface.c line 819 calls > curl_global_init(CURL_GLOBAL_SSL) > - libcurl in lib/easy.c calls Curl_ssl_init > - libcurl in lib/sslgen.c line 163 calls curlssl_init > - libcurl in lib/ssluse.c line 632 calls ENGINE_load_builtin_engines() > - openssl in crypto/engine/eng_all.c calls ENGINE_load_aesni (this is > after the debian patch debian/patches/aesni.patch is applied) > > When I commented out this aesni initialization the problem with > segmentation was gone but curl wasn't able to fetch SSL pages. > >
This is OpenSSL with a load of non-standard patches AFAICS, something could have been broken there. The debugging traces in the debian report are not complete enough to see what the problem is: there are no debugging symbols. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
