Bug#229677: apache2-common: segfault-o-rama with ldap auth

[Fabio Massimo Di Nitto]

Hi Wichert,
can you test using apache2 2.0.48 and see if it still happens?

Thanks
Fabio

On Mon, 26 Jan 2004, Wichert Akkerman wrote:

> Package: apache2-common
> Version: 2.0.47-1
   ^^

> ii  libapr0 2.0.48-4 The Apache Portable Runtime
  ^^

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html

Bug#130883: marked as done (libapache-mod-perl: mod_perl confused about method vs. direct calls when using internal_redirect)

[Debian Bug Tracking System]

Your message dated Sun, 25 Jan 2004 18:46:27 -0800
with message-id <[EMAIL PROTECTED]>
and subject line No bug here (error in test case)
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 26 Jan 2002 04:49:22 +
>From [EMAIL PROTECTED] Fri Jan 25 22:49:22 2002
Return-path: <[EMAIL PROTECTED]>
Received: from tantale.fifi.org [216.27.190.146] (root)
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 16UKmH-0008L4-00; Fri, 25 Jan 2002 22:49:21 -0600
Received: from localhost ([EMAIL PROTECTED] [127.0.0.1])
by tantale.fifi.org (8.9.3/8.9.3/Debian 8.9.3-21) with ESMTP id UAA18807
for <[EMAIL PROTECTED]>; Fri, 25 Jan 2002 20:49:20 -0800
Received: from film.fifi.org ([EMAIL PROTECTED] [127.0.0.1])
by localhost (8.12.1/8.12.1/Debian -5) with ESMTP id g0Q4gvCV010619
for <[EMAIL PROTECTED]>; Fri, 25 Jan 2002 20:42:57 -0800
Received: (from [EMAIL PROTECTED])
by film.fifi.org (8.12.1/8.12.1/Debian -5) id g0Q4guVm010616;
Fri, 25 Jan 2002 20:42:56 -0800
Sender: [EMAIL PROTECTED]
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: libapache-mod-perl: mod_perl confused about method vs. direct calls 
when using internal_redirect
X-Debbugs-CC: Philippe Troin <[EMAIL PROTECTED]>
From: Philippe Troin <[EMAIL PROTECTED]>
Date: 25 Jan 2002 20:42:56 -0800
Message-ID: <[EMAIL PROTECTED]>
Lines: 126
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.1
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Delivered-To: [EMAIL PROTECTED]

Package: libapache-mod-perl
Version: 1.26-1
Severity: normal

Assuming this startup.pl file:

==
# Common
package Common;

use Apache::Constants qw(:common);

sub handler($$)
  {
my $self = shift;
my $req = shift;
$req->content_type('text/plain');
$req->send_http_header();
$req->print($self->doit());
return OK;
  }

sub doit
  {
return "COMMON";
  }

# Common::Impl1
package Common::Impl1;

@ISA=qw(Common);

sub doit
  {
return "IMPL1\n";
  }

# Common::Impl2;
package Common::Impl2;

@ISA=qw(Common);

sub doit
  {
return "IMPL2\n";
  }

# Redir
package Redir;

use Apache::Constants qw(:common);

sub handler
  {
my $req = shift;
$req->internal_redirect("/1");
return OK;
  }

1;
==

and assuming this perl configuration:

==

  Order allow,deny
  Allow from all
  SetHandler perl-script
  PerlHandler Common



  Order allow,deny
  Allow from all
  SetHandler perl-script
  PerlHandler Common::Impl1



  Order allow,deny
  Allow from all
  SetHandler perl-script
  PerlHandler Common::Impl2



  Order allow,deny
  Allow from all
  SetHandler perl-script
  PerlHandler Redir


PerlRequire startup.pl
==

Then, directing a browser to /0 prints COMMON, to /1 prints IMPL1, to
/2 prints IMPL2. Similarly, when pointing to R which redirects
internally to /1, IMPL1 should appear.

However, I get a 500 Internal server error and this in the logs:

[error] Undefined subroutine &Common::Impl1::handler called at
startup.pl line 49.

That seems wrong.
I hope this terse bug makes sense to you ;-)

Phil.


-- System Information
Debian Release: 3.0
Kernel Version: Linux film 2.2.20 #1 SMP Fri Nov 9 22:12:41 PST 2001 i686 
unknown

Versions of the packages libapache-mod-perl depends on:
ii  apache-common  1.3.22-2.1 Support files for all Apache webservers
ii  libc6  2.2.4-7GNU C Library: Shared libraries and Timezone
ii  libdevel-symdu 2.00-5 Perl module for inspecting perl's symbol tab
ii  libmime-base64 2.12-4 MIME/Base64 decoding for Perl
ii  libperl5.6 5.6.1-6Shared Perl library.
ii  liburi-perl1.15-1 Manipulates and accesses URI strings
ii  libwww-perl5.53-2 WWW client/server library for Perl
ii  perl   5.6.1-6Larry Wall's Practical Extraction and Report
ii  perl-base  5.6.1-6The Pathologically Eclectic Rubbish Lister.
^^^ (Provides virtual package perlapi-5.6.1)

---
Received: (at 130883-done) by bugs.debian.org; 26 Jan 2004 02:46:38 +
>From [EMAIL PROTECTED] Sun Jan 25 18:46:38 2004
Return-path: <[EMAIL PROTECTED]>
Received: from adsl-64-175-14-58.dsl

Мощная реклама в Интернет.

[zooxanthellae]

Мгновенная супер реклама в Интернете.
Высочайшее качество за небольшие средства.
Наверное надо узнать больше?
(O95)-1O9-5325

Bug#229677: apache2-common: segfault-o-rama with ldap auth

[Wichert Akkerman]

Package: apache2-common
Version: 2.0.47-1
Severity: critical

As soon as I enable LDAP authentication on a vhost apache2 will segfault
on pretty much all hits. The LDAP config is trivial:

   
   AuthName"Attingo Staff Portal"
   AuthTypeBasic
   AuthLDAPEnabled on
   AuthLdapURL
   ldap://vortex:389/ou=People,dc=attingo,dc=nl?uid?sub
   Require valid-user
   

Wichert.

-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux random 2.4.22exec-shield #1 Tue Nov 25 23:26:51 CET 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages apache2-common depends on:
ii  debconf 1.3.22   Debian configuration management sy
ii  debianutils 2.6.2Miscellaneous utilities specific t
ii  libapr0 2.0.48-4 The Apache Portable Runtime
ii  libc6   2.3.2.ds1-10 GNU C Library: Shared libraries an
ii  libdb4.14.1.25-16Berkeley v4.1 Database Libraries [
ii  libexpat1   1.95.6-6 XML parsing C library - runtime li
ii  libldap22.1.23-1 OpenLDAP libraries
ii  libssl0.9.7 0.9.7c-5 SSL shared libraries
ii  mime-support3.24-1   MIME files 'mime.types' & 'mailcap
ii  net-tools   1.60-9   The NET-3 networking toolkit
ii  openssl 0.9.7c-5 Secure Socket Layer (SSL) binary a
ii  zlib1g  1:1.2.1-3compression library - runtime

-- no debconf information

Processed: Re: Bug#229653: apache: /etc/init.d/apache still leaking environment

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

> tags 229653 - security
Bug#229653: apache: /etc/init.d/apache still leaking environment
Tags were: patch security
Tags removed: security

> thanks
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Bug#130883: 70% sav1ngs on v1agra

[Albert Tran]

Generic viagra, at cheap prices.
Most places charge $20, we charge $3. Quite a difference, huh? 

An amazing erection WITHIN SEVERAL SECONDS is guaranteed to you! 
Go into sexual overdrive today... vrm!

Shipped worldwide.

Your easy to use solution is here: http://www.cutpricemeds.info/via/?bling=
soft

 
Link below is for that people who dislike: 
http://www.cutpricemeds.info/off.html

Bug#229653: apache: /etc/init.d/apache still leaking environment

[Matthew Wilcox]

Sorry, this patch is useless to me.  Please resend as a unified or
context diff (diff -u).

On Sun, Jan 25, 2004 at 03:48:57PM +0100, [EMAIL PROTECTED] wrote:
> Patch:
> 
> 22a23
> > ENV="env -i LANG=${LANG} PATH=${PATH}"
> 32c33
> < start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
> ---
> > $ENV start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
> 48c49
> < start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
> ---
> > $ENV start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
> -- 
> 
> Ister.ORG
> mailto:[EMAIL PROTECTED]
> http://www.ister.org
> 
> 
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> 

-- 
"Next the statesmen will invent cheap lies, putting the blame upon 
the nation that is attacked, and every man will be glad of those
conscience-soothing falsities, and will diligently study them, and refuse
to examine any refutations of them; and thus he will by and by convince 
himself that the war is just, and will thank God for the better sleep 
he enjoys after this process of grotesque self-deception." -- Mark Twain

Bug#229653: apache: /etc/init.d/apache still leaking environment

[info]

Package: apache
Version: 1.3.26-0woody3
Severity: important
Tags: security patch



-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux  2.4.18 #5 Mon May 5 13:56:33 CEST 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages apache depends on:
ii  apache-common 1.3.26-0woody3 
ii  dpkg  1.9.21
ii  libc6 2.2.5-11.2  
ii  libdb22:2.7.7.0-7 
ii  libexpat1 1.95.2-6 
ii  logrotate 3.5.9-8
ii  mime-support  3.18-1
ii  perl  5.6.1-7 
ii  perl [perl5]  5.6.1-7 

Description:

When I start or restart apache later than boot time using /etc/init.d/apache, 
the environment is leaking into the web server process. The point to fix this 
problem is already found in the script, but unfortunately not properly 
implemented.

Debian SID seems also to be affected.

Ingo Schramm


Patch:

22a23
> ENV="env -i LANG=${LANG} PATH=${PATH}"
32c33
< start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
---
> $ENV start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
48c49
< start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
---
> $ENV start-stop-daemon --start --pidfile $PIDFILE --exec $DAEMON
-- 

Ister.ORG
mailto:[EMAIL PROTECTED]
http://www.ister.org

Re: Bug#228421: gcc 3.0.4 generates bad code on Debian 3.0/PARISC

[Matthew Wilcox]

On Sun, Jan 25, 2004 at 11:03:53AM -0700, Grant Grundler wrote:
> On Sun, Jan 25, 2004 at 06:05:17PM +0100, Willy Tarreau wrote:
> > But the root of the problem lies in gcc 3.0.4 since it is OK in 3.3.2. So
> > wouldn't it be easier to identify and backport the fix from 3.3.2 to 3.0.4
> > and inform all projects that they must recompile everything on parisc ?
> 
> "recompile everything" == "new release".
> AFAICT, the "debian way" is to recompile the packages that have bugs
> filed against them and binNMU (Non-Maintainer-Upload) just those packages.

Yes, but this is stuff already in stable.  Almost everything in sarge
should be compiled with gcc 3.2 or 3.3.  There are some exceptions,
such as old-KDE and some other old libs (C++ ABI changes).  It might be
worth someone tracking down the va_args patch for 3.0, but I'm certainly
not going to do it.

-- 
"Next the statesmen will invent cheap lies, putting the blame upon 
the nation that is attacked, and every man will be glad of those
conscience-soothing falsities, and will diligently study them, and refuse
to examine any refutations of them; and thus he will by and by convince 
himself that the war is just, and will thank God for the better sleep 
he enjoys after this process of grotesque self-deception." -- Mark Twain

$BL$>5Bz9-9p"((B5000$B1_$G3+6H(B$B$7$^$;$s$+!*!*(B

[$B3+6H%Q%C%/(B]

 $B!!(B
$B!!(B $BL$>5Bz9-9p"((B $B$4LBOG$JJ}$O:o=|$7$F$/[EMAIL PROTECTED](B
$B!!Ev9-9p$rkM[;T;{ED#8!]#2(B
(B   $BBeI=http://goldhand.zive.net/
$B!!(B

Re: Bug#228421: gcc 3.0.4 generates bad code on Debian 3.0/PARISC

[Grant Grundler]

On Sun, Jan 25, 2004 at 06:05:17PM +0100, Willy Tarreau wrote:
> But the root of the problem lies in gcc 3.0.4 since it is OK in 3.3.2. So
> wouldn't it be easier to identify and backport the fix from 3.3.2 to 3.0.4
> and inform all projects that they must recompile everything on parisc ?

"recompile everything" == "new release".
AFAICT, the "debian way" is to recompile the packages that have bugs
filed against them and binNMU (Non-Maintainer-Upload) just those packages.

thanks,
grant

Extract WhoIs data!

[Michael Chun]

Hello:

We are able to extract WhoIs data for any selection of domain names! We can 
either extract: 
1) only email addresses and domain expiry dates ($1/1,000 domains) or 
2) complete info provided at registration which includes the following fields 
($2/1,000 domains):
owner/registrar, administrative, technical contacts (emails, phones, 
addresses); 
domain expiry date, creation date, time of last update; domain servers.

If you are interested, please write me to [EMAIL PROTECTED] only 
(PLEASE USE THIS EMAIL ONLY AND DO NOT 'REPLY' TO THE MESSAGE). 

Best,
Michael Chun

Re: Bug#228421: gcc 3.0.4 generates bad code on Debian 3.0/PARISC

[Willy Tarreau]

On Sun, Jan 25, 2004 at 05:36:10PM +0100, Matthias Klose wrote:
> tags 228421 + woody
> tags 228421 + fixed-upstream
> thanks
> 
> Well, maybe a recompilation and binary NMU for apache would suffice?

recompiling apache with -O1 is enough, that's what I did here and it works.

> Should the report be reassignd to apache?

They should be informed of the problem, as well as any other project which
uses floating point and which is compiled with -O2 on parisc.

But the root of the problem lies in gcc 3.0.4 since it is OK in 3.3.2. So
wouldn't it be easier to identify and backport the fix from 3.3.2 to 3.0.4
and inform all projects that they must recompile everything on parisc ?

Thanks,
Willy

Re: Bug#228421: gcc 3.0.4 generates bad code on Debian 3.0/PARISC

[Matthias Klose]

tags 228421 + woody
tags 228421 + fixed-upstream
thanks

Well, maybe a recompilation and binary NMU for apache would suffice?
Should the report be reassignd to apache?


Willy Tarreau writes:
> Package: gcc
> Version: 2:3.0.4-5
> 
> Kernel: Linux hp 2.4.24-pa0 #1 Sun Jan 11 18:48:21 CET 2004 parisc unknown
> glibc: Version: 2.2.5-11.5
> 
> GCC 3.0.4 included in Debian 3.0 generates bad code on PARISC platform. The
> original apache 1.3.26 distributed in this port returns lines full of zeroes
> in the size field of the files between 1 and 100 MB :
> 
>  linux-2.4.20-wt17.tar.bz2   08-Jun-2003 11:05  
> 0.M  
> 
>  patch-2.4.20-to-2.4.20-wt17.bz2 08-Jun-2003 11:04  
> -0.0M
>   
> 
>  CONTENTS-2.4.20-wt1708-Jun-2003 10:5218k  
> 
> ... and so on.
> 
> So I have recompiled 1.3.29 from sources with gcc-3.0.4, and the problem was
> exactly the same. Digging through the code, I discovered that for exactly
> these files, apache uses a floating point representation for the size, and it
> calls ap_rprintf() which is sort of an sprintf(), with (size/1048576.0) as an
> argument, and "%4.1fM" as the format string.
> 
> Replacing the format with "%4eM" gave me something interesting :
> 
>  linux-2.4.20-wt17.tar.bz2   08-Jun-2003 11:05  8.417643e-53M  
>  patch-2.4.20-to-2.4.20-wt17.bz2 08-Jun-2003 11:04  1.284430e-57M  
>  CONTENTS-2.4.20-wt1708-Jun-2003 10:5218k  
> 
> I've read the complete implementation of ap_rprintf(), and it seems correct
> to me. But some double arguments are passed as va_args at several places. So
> I thought that it could be possible that gcc does not handle this very well.
> Then I recompiled only util_script.c and ap_snprintf.c with gcc-3.3.2, not
> changing anything else, and apache now reports correct sizes :
> 
>  linux-2.4.20-wt17.tar.bz2   08-Jun-2003 11:05  30.1M  
>  patch-2.4.20-to-2.4.20-wt17.bz2 08-Jun-2003 11:04   7.2M  
>  CONTENTS-2.4.20-wt1708-Jun-2003 10:5218k  
> 
> Now I've found that it's very easy to reproduce. Consider this trivial 
> program :
> 
> #include 
> #include 
> main() {
>printf("%4.1f\n", 1.23456);
> }
> 
> Now, test it :
> 
> # gcc -O2 -o fp-test fp-test.c
> # ./fp-test
>  0.0
> # gcc -O1 -o fp-test fp-test.c
> # ./fp-test 
>  1.2
> # gcc-3.3.2-parisc -O2 -o fp-test fp-test.c
> # ./fp-test
>  1.2
> 
> # gcc -v
> Reading specs from /usr/lib/gcc-lib/hppa-linux/3.0.4/specs
> Configured with: ../src/configure -v --enable-languages=c,c++,f77,proto,objc 
> --prefix=/usr --infodir=/share/info --mandir=/share/man --enable-shared 
> --with-gnu-as --with-gnu-ld --with-system-zlib --enable-long-long 
> --enable-nls --without-included-gettext --disable-checking 
> --enable-threads=posix --with-cpp-install-dir=bin hppa-linux
> Thread model: posix
> gcc version 3.0.4
> 
> # gcc-3.3.2-parisc -v
> Reading specs from /usr/lib/gcc-lib/hppa1.1-hp-linux-gnu/3.3.2/specs
> Configured with: ../gcc-3.3.2/configure --prefix=/usr --with-gnu-ld 
> --with-gnu-as --host=hppa1.1-hp-linux-gnu --target=hppa1.1-hp-linux-gnu 
> --with-cpu=7100LC --enable-languages=c,c++ --disable-nls --disable-locale 
> --enable-shared --enable-target-optspace 
> --enable-version-specific-runtime-libs --program-suffix=-3.3.2-parisc 
> --enable-threads
> Thread model: posix
> gcc version 3.3.2
> 
> So it seems that the work-around simply is to switch back to -O1.
> Unfortunately, I tried about 20 -fno-XXX with -O2 to find the culprit,
> but I couldn't. And I don't remember how I can dump the -O1 and -O2
> equivalents.
> 
> I hope I didn't forget anything. At the moment, I don't know if there are
> packages other than apache which have been affected by this bug.
> 
> Regards,
> Willy
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#229505: marked as done (apache-ssl: post-installation script fails)

[Debian Bug Tracking System]

Your message dated Sun, 25 Jan 2004 15:18:51 +0100 (CET)
with message-id <[EMAIL PROTECTED]>
and subject line Bug#229505: apache-ssl: post-installation script fails
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--
Received: (at submit) by bugs.debian.org; 18 Jan 2004 11:53:43 +
>From [EMAIL PROTECTED] Sun Jan 18 05:53:42 2004
Return-path: <[EMAIL PROTECTED]>
Received: from pd9561fbf.dip.t-dialin.net ([127.0.0.1]) [217.86.31.191] 
by master.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1AiBUs-0004kS-00; Sun, 18 Jan 2004 05:53:42 -0600
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Michael Kebe <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: apache-ssl: post-installation script fails
X-Mailer: reportbug 2.37
Date: Sun, 18 Jan 2004 12:53:33 +0100
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_01_24 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=HAS_PACKAGE,OUR_MTA_MSGID,
X_DEBBUGS_CC autolearn=no version=2.60-bugs.debian.org_2004_01_24
X-Spam-Level: 

Package: apache-ssl
Version: 1.3.29.0.1-3
Severity: normal

After apt-get install apache-ssl I get:
> Setting up apache-ssl (1.3.29.0.1-3) ...
> Starting web server: apache-sslProcessing config directory:
> /etc/apache-ssl/conf.d
>  failed
> invoke-rc.d: initscript apache-ssl, action "start" failed.
> dpkg: error processing apache-ssl (--configure):
>  subprocess post-installation script returned error exit status 1
> Errors were encountered while processing:
>  apache-ssl
> E: Sub-process /usr/bin/dpkg returned an error code (1)


-- System Information:
Debian Release: testing/unstable
Architecture: i386
Kernel: Linux missmuh 2.4.20 #8 Tue Jun 3 23:51:20 CEST 2003 i686
Locale: LANG=C, [EMAIL PROTECTED]


---
Received: (at 229505-done) by bugs.debian.org; 25 Jan 2004 14:18:54 +
>From [EMAIL PROTECTED] Sun Jan 25 06:18:54 2004
Return-path: <[EMAIL PROTECTED]>
Received: from port5.ds1-sby.adsl.cybercity.dk (trider-g7.fabbione.net) 
[212.242.169.198] 
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1Akl6E-0007nq-00; Sun, 25 Jan 2004 06:18:54 -0800
Received: from trider-g7.ext.fabbione.net (port5.ds1-sby.adsl.cybercity.dk 
[212.242.169.198])
by trider-g7.fabbione.net (Postfix) with ESMTP id 7E2542E;
Sun, 25 Jan 2004 15:18:51 +0100 (CET)
Date: Sun, 25 Jan 2004 15:18:51 +0100 (CET)
From: Fabio Massimo Di Nitto <[EMAIL PROTECTED]>
Sender: [EMAIL PROTECTED]
To: Michael Kebe <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: Bug#229505: apache-ssl: post-installation script fails
In-Reply-To: <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
 <[EMAIL PROTECTED]>
 <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_01_24 
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=HAS_BUG_NUMBER autolearn=no 
version=2.60-bugs.debian.org_2004_01_24
X-Spam-Level: 


Hi Michael,
this was a bug in ssl-cert that has been fixed in sid already and
it should enter testing in a couple of days.

Fabio

On Sun, 25 Jan 2004, Michael Kebe wrote:

> Fabio Massimo Di Nitto wrote:
> > Hi,
> > are you running testing? is this a fresh installation or an
> > upgrade?
>
> Yes, I am running testing. I think it was a fresh install, because I
> purge the previous installation...
>
> > Please provide me more information asap.
>
> I found the problem by myself:
>
> If you left one field in the dialog for the certificate empty you will get:
>
> > Setting up apache-ssl (1.3.29.0.1-3) ...
> > Generating a 1024 bit RSA private key
> > ...++
> > ...++
> > writing new private key to '/etc/apache-ssl/apache.pem'
> > -
> > problems making Certificate Request
> > 32587:error:0D07A098:asn1 encoding routines:ASN1_mbstring_copy:string too 
> > short:a_mbstr.c:147:minsize=1
> > dpkg: error processing apache-ssl (--configure):
> >  subprocess post-installation script returned error exit status 1
> > Errors were encountered while processing:
> >  apache-ssl
> > E: Sub-process /usr/bin/dpkg returned an error code (1)
>

Re: Bug#225056: apache: Segmentation fault on startup with virtual hosts

[Fabio Massimo Di Nitto]

On Sun, 25 Jan 2004, Emanuel Corthay wrote:

> and only when mod_php4 is loaded... And I don't need to make a request for
> the server to crash.

php4 is buggy. please disable the php4-imap extension and everything
should work just fine.

Fabio

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html

Re: Policy regarding apache modules

[Fabio Massimo Di Nitto]

On Sun, 25 Jan 2004, Sebastian Ley wrote:

> Hi,
>
> I am packaging OpenGroupware.org [1] which comes with an apache module
> that enables the webserver to handle the HTTP requests for the
> application server.
>
> 1) Is there a policy regarding naming, location in the filesystem etc.
> for apache modules?

Yes, please read carefully README.modules shipped with apache-dev.

> 2) The module needs some entries in httpd.conf. How do I handles this
> best? I could output a note which tells the user to update his
> httpd.conf but I would prefer something more automatic.

you can use /etc/apache/conf.d without mangling httpd.conf

Regards
Fabio

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html

Bug#229505: apache-ssl: post-installation script fails

[Michael Kebe]

Fabio Massimo Di Nitto wrote:
Hi,
are you running testing? is this a fresh installation or an
upgrade?
Yes, I am running testing. I think it was a fresh install, because I 
purge the previous installation...

Please provide me more information asap.
I found the problem by myself:
If you left one field in the dialog for the certificate empty you will get:
Setting up apache-ssl (1.3.29.0.1-3) ...
Generating a 1024 bit RSA private key
...++
...++
writing new private key to '/etc/apache-ssl/apache.pem'
-
problems making Certificate Request
32587:error:0D07A098:asn1 encoding routines:ASN1_mbstring_copy:string too 
short:a_mbstr.c:147:minsize=1
dpkg: error processing apache-ssl (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 apache-ssl
E: Sub-process /usr/bin/dpkg returned an error code (1)
And if you then try again "apt-get install apache-ssl" you will get (the 
message of my first report):

Setting up apache-ssl (1.3.29.0.1-3) ...
Starting web server: apache-sslProcessing config directory: 
/etc/apache-ssl/conf.d
 failed
invoke-rc.d: initscript apache-ssl, action "start" failed.
dpkg: error processing apache-ssl (--configure):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 apache-ssl
E: Sub-process /usr/bin/dpkg returned an error code (1)

So if left a field empty in the dialog for the creation of a certificate 
a corrupted "apache.pem" will be created:

 /var/log/apache-ssl/error.log 
[Sun Jan 25 14:16:40 2004] [crit] Error reading server certificate file 
/etc/apache-ssl/apache.pem
[Sun Jan 25 14:16:40 2004] [crit] error:0906D06C:PEM routines:PEM_read_bio:no 
start line
-- 8< -
and then on the second "apt-get install apache-ssl" the postinstall 
script just checks if there is a /etc/apache-ssl/apache.pem, and yes 
there is one, but one that is *corrupted*. So it will try to start 
apache-ssl, but it won't (see error.log)

So maybe its a good thing to say in the dialog to fill out *every* field 
or to check if the apache.pem is correct and working.

Greetings
Michael


signature.asc
Description: OpenPGP digital signature

Re: Bug#225056: apache: Segmentation fault on startup with virtual hosts

[Emanuel Corthay]

 Hi,

I have the same problem, but it seg fault only if I have more than 2 virtual
host, it's still ok with 2! :

###
My apache is crashing (segmentation fault) when I try starting it, it's the
first time it's doing that on me, and I tried everything that came into my
mind.
I have :
Server version: Apache/1.3.29 (Debian GNU/Linux)
Server built:   Dec 17 2003 15:54:05
On my debian testing (2.4.22 kernel) box

Symptom:
apache -X returns: Processing config directory: /etc/apache/conf.d
and then segmentation fault. The log doesn't report anything, except that
apache was probably not exited nicely (you bet...).

Context:
It happens only when I have MORE than 2 virtual hosts configured (just any 2
of my 7 virtual hosts).
and only when mod_php4 is loaded... And I don't need to make a request for
the server to crash.

I would appreciate any suggestion, I really find it frustrating to have such
a great server limited to only 2 virtual on my server...
I would be happy to send more information if needed.

Thanks for you help!

Emanuel


#

To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: Bug#225056: apache: Segmentation fault on startup with virtual
hosts
From: Jeremy Lunn <[EMAIL PROTECTED]>
Date: Thu, 25 Dec 2003 22:22:29 +1100
Message-id: <[EMAIL PROTECTED]>
Old-return-path: <[EMAIL PROTECTED]>
Reply-to: Jeremy Lunn <[EMAIL PROTECTED]>, [EMAIL PROTECTED]

Package: apache
Version: 1.3.29-1Severity: normal
Using NameVirtualHosts, though since 1.3.29 I am getting a segmentation
fault on startup if more than one virtual host is specified (obviously
it defeats the purpose of virtual hosts if you can only list one).  To
add to the strangeness, starting without the virtual hosts then
reloading seems to work fine (also 'apachectlt configtest' shows up asOK).
I don't know how to get any verbosity out of apache other than this:
europa:/home/jeremy# /usr/sbin/apache -XSegmentation fault
Strange is all I can say, though I'm guessing it's an upstream bug in1.3.29.

-- System Information:Debian Release: testing/unstableArchitecture: i386
Kernel: Linux europa 2.4.23-xfs #2 Fri Dec 19 18:49:08 EST 2003 i686
Locale: LANG=en_AU, LC_CTYPE=en_AUVersions of packages apache depends on:
ii  apache-common   1.3.29-1 Support files for all Apache
webse
ii  debconf 1.3.20   Debian configuration management
sy
ii  dpkg1.10.18  Package maintenance system for
Deb
ii  libc6   2.3.2.ds1-10 GNU C Library: Shared libraries
an
ii  libdb4.14.1.25-10Berkeley v4.1 Database
Libraries [
ii  libexpat1   1.95.6-6 XML parsing C library - runtime
li
ii  libmagic1   4.06-1   File type determination library
us
ii  logrotate   3.6.5-2  Log rotation utility
ii  mime-support3.23-1   MIME files 'mime.types' &
'mailcap
ii  perl [perl5]5.8.0-18 Larry Wall's Practical
Extraction
-- debconf information excluded

Policy regarding apache modules

[Sebastian Ley]

Hi,

I am packaging OpenGroupware.org [1] which comes with an apache module
that enables the webserver to handle the HTTP requests for the
application server.

1) Is there a policy regarding naming, location in the filesystem etc.
for apache modules?

2) The module needs some entries in httpd.conf. How do I handles this
best? I could output a note which tells the user to update his
httpd.conf but I would prefer something more automatic.

Thanks in advance,
Sebastian

[1] http://www.opengroupware.org

-- 
PGP-Key: http://www.mmweg.rwth-aachen.de/~sebastian.ley/public.key
Fingerprint: A46A 753F AEDC 2C01 BE6E  F6DB 97E0 3309 9FD6 E3E6

Re: apache dies only if php4 module loaded

[fry]

Further testing revealed that only php4 extension imap.so crashed 
apache. I did no further testing, since this is a php4-imap | 
libc-client2002debian | uw-mailutils bug.

Regards,
Marko Mrdjenovic
Marko Mrdjenovic wrote:
Package: apache
Version: 1.3.29.0.1-3
Severity: normal
Followup-For: Bug #219973
After some testing I figured that apache dies only when php4 module is
loaded (php version: 4:4.3.3-4). At first it worked fine but then it just 
started
crashing, don't know why. Yet.
-- System Information:
Debian Release: 3.x
Architecture: i386
Kernel: Linux blue 2.4.21-3-586tsc #1 Sun Jul 20 15:03:47 EST 2003 i586
Locale: LANG=C, LC_CTYPE=C
Versions of packages apache depends on:
ii  apache-common   1.3.29.0.1-3 Support files for all Apache webse
ii  debconf 1.3.22   Debian configuration management sy
ii  dpkg1.10.18  Package maintenance system for Deb
ii  libc6   2.3.2.ds1-10 GNU C Library: Shared libraries an
ii  libdb4.14.1.25-16Berkeley v4.1 Database Libraries [
ii  libexpat1   1.95.6-6 XML parsing C library - runtime li
ii  libmagic1   4.06-2   File type determination library us
ii  libpam0g0.76-15  Pluggable Authentication Modules l
ii  logrotate   3.6.5-2  Log rotation utility
ii  mime-support3.24-1   MIME files 'mime.types' & 'mailcap
ii  perl [perl5]5.8.2-2  Larry Wall's Practical Extraction 

-- debconf information excluded

Bug#219973: apache dies only if php4 module loaded

[Fabio Massimo Di Nitto]

I don't understand why you are following up on this bug. In any case it is
a well known php4 problem (see BTS) and please do not mix bugs.

Thanks
Fabio

On Sun, 25 Jan 2004, Marko Mrdjenovic wrote:

> Package: apache
> Version: 1.3.29.0.1-3
> Severity: normal
> Followup-For: Bug #219973
>
> After some testing I figured that apache dies only when php4 module is
> loaded (php version: 4:4.3.3-4). At first it worked fine but then it just 
> started
> crashing, don't know why. Yet.
>
> -- System Information:
> Debian Release: 3.x
> Architecture: i386
> Kernel: Linux blue 2.4.21-3-586tsc #1 Sun Jul 20 15:03:47 EST 2003 i586
> Locale: LANG=C, LC_CTYPE=C
>
> Versions of packages apache depends on:
> ii  apache-common   1.3.29.0.1-3 Support files for all Apache 
> webse
> ii  debconf 1.3.22   Debian configuration management 
> sy
> ii  dpkg1.10.18  Package maintenance system for 
> Deb
> ii  libc6   2.3.2.ds1-10 GNU C Library: Shared libraries 
> an
> ii  libdb4.14.1.25-16Berkeley v4.1 Database Libraries 
> [
> ii  libexpat1   1.95.6-6 XML parsing C library - runtime 
> li
> ii  libmagic1   4.06-2   File type determination library 
> us
> ii  libpam0g0.76-15  Pluggable Authentication Modules 
> l
> ii  logrotate   3.6.5-2  Log rotation utility
> ii  mime-support3.24-1   MIME files 'mime.types' & 
> 'mailcap
> ii  perl [perl5]5.8.2-2  Larry Wall's Practical Extraction
>
> -- debconf information excluded
>
>
>
>

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html

Bug#219973: apache dies only if php4 module loaded

[Marko Mrdjenovic]

Package: apache
Version: 1.3.29.0.1-3
Severity: normal
Followup-For: Bug #219973

After some testing I figured that apache dies only when php4 module is
loaded (php version: 4:4.3.3-4). At first it worked fine but then it just 
started
crashing, don't know why. Yet.

-- System Information:
Debian Release: 3.x
Architecture: i386
Kernel: Linux blue 2.4.21-3-586tsc #1 Sun Jul 20 15:03:47 EST 2003 i586
Locale: LANG=C, LC_CTYPE=C

Versions of packages apache depends on:
ii  apache-common   1.3.29.0.1-3 Support files for all Apache webse
ii  debconf 1.3.22   Debian configuration management sy
ii  dpkg1.10.18  Package maintenance system for Deb
ii  libc6   2.3.2.ds1-10 GNU C Library: Shared libraries an
ii  libdb4.14.1.25-16Berkeley v4.1 Database Libraries [
ii  libexpat1   1.95.6-6 XML parsing C library - runtime li
ii  libmagic1   4.06-2   File type determination library us
ii  libpam0g0.76-15  Pluggable Authentication Modules l
ii  logrotate   3.6.5-2  Log rotation utility
ii  mime-support3.24-1   MIME files 'mime.types' & 'mailcap
ii  perl [perl5]5.8.2-2  Larry Wall's Practical Extraction 

-- debconf information excluded

Processed: Re: Bug#229553: debconf note spam

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

> severity 229553 minor
Bug#229553: debconf note spam
Severity set to `minor'.

> tags 229553 + pending
Bug#229553: debconf note spam
There were no tags set.
Tags added: pending

> merge 229553 229027
Bug#229027: apache-common: Notes changed config file format on fresh install
Bug#229553: debconf note spam
Merged 229027 229553.

> stop
Stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Bug#229505: apache-ssl: post-installation script fails

[Fabio Massimo Di Nitto]

Hi,
are you running testing? is this a fresh installation or an
upgrade?

Please provide me more information asap.

Fabio

On Sun, 18 Jan 2004, Michael Kebe wrote:

> Package: apache-ssl
> Version: 1.3.29.0.1-3
> Severity: normal
>
> After apt-get install apache-ssl I get:
> > Setting up apache-ssl (1.3.29.0.1-3) ...
> > Starting web server: apache-sslProcessing config directory:
> > /etc/apache-ssl/conf.d
> >  failed
> > invoke-rc.d: initscript apache-ssl, action "start" failed.
> > dpkg: error processing apache-ssl (--configure):
> >  subprocess post-installation script returned error exit status 1
> > Errors were encountered while processing:
> >  apache-ssl
> > E: Sub-process /usr/bin/dpkg returned an error code (1)
>
>
> -- System Information:
> Debian Release: testing/unstable
> Architecture: i386
> Kernel: Linux missmuh 2.4.20 #8 Tue Jun 3 23:51:20 CEST 2003 i686
> Locale: LANG=C, [EMAIL PROTECTED]
>
>
>
>

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html

Bug#229553: debconf note spam

[Fabio Massimo Di Nitto]

severity 229553 minor
tags 229553 + pending
merge 229553 229027
stop
quit

Fabio

On Sat, 24 Jan 2004, Matt Zimmerman wrote:

> Package: apache-common
> Version: 1.3.29.0.1-3
> Severity: normal
>
> This package displays a priority 'high' debconf note
> (apache-common/confignotes) on every installation, containing information
> which is irrelevant except when upgrading from certain older versions.
> This message should only be displayed in situations where it actually
> applies.
>
> -- System Information:
> Debian Release: unstable
> Architecture: i386
> Kernel: Linux mizar 2.4.24-deb1-skas3-1 #1 Thu Jan 8 11:19:59 PST 2004 i686
> Locale: LANG=en_US, LC_CTYPE=en_US
>
> Versions of packages apache-common depends on:
> ii  apache-utils1.3.29.0.1-3 Utility programs for webservers
> ii  debconf 1.4.7Debian configuration management 
> sy
> ii  libc6   2.3.2.ds1-11 GNU C Library: Shared libraries 
> an
> ii  libdb4.14.1.25-16Berkeley v4.1 Database Libraries 
> [
> ii  libexpat1   1.95.6-6 XML parsing C library - runtime 
> li
> ii  mime-support3.24-1   MIME files 'mime.types' & 
> 'mailcap
> ii  perl [perl5]5.8.2-2  Larry Wall's Practical Extraction
> ii  sed 4.0.7-3  The GNU sed stream editor
>
> -- debconf information excluded
>
>
>

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp4.html

Bug#229553: debconf note spam

[Matt Zimmerman]

Package: apache-common
Version: 1.3.29.0.1-3
Severity: normal

This package displays a priority 'high' debconf note
(apache-common/confignotes) on every installation, containing information
which is irrelevant except when upgrading from certain older versions.
This message should only be displayed in situations where it actually
applies.

-- System Information:
Debian Release: unstable
Architecture: i386
Kernel: Linux mizar 2.4.24-deb1-skas3-1 #1 Thu Jan 8 11:19:59 PST 2004 i686
Locale: LANG=en_US, LC_CTYPE=en_US

Versions of packages apache-common depends on:
ii  apache-utils1.3.29.0.1-3 Utility programs for webservers
ii  debconf 1.4.7Debian configuration management sy
ii  libc6   2.3.2.ds1-11 GNU C Library: Shared libraries an
ii  libdb4.14.1.25-16Berkeley v4.1 Database Libraries [
ii  libexpat1   1.95.6-6 XML parsing C library - runtime li
ii  mime-support3.24-1   MIME files 'mime.types' & 'mailcap
ii  perl [perl5]5.8.2-2  Larry Wall's Practical Extraction 
ii  sed 4.0.7-3  The GNU sed stream editor

-- debconf information excluded


-- 
 - mdz