Public bug reported:
Apache2 crashes with multiple SSL sites.
When starting apache2 with multiple SSL sites I get a SEGV like this:
(gdb) bt
#0 0x00007ffff05faaf3 in ?? () from /usr/lib/apache2/modules/mod_ssl.so
#1 0x00007ffff29647a6 in int_free_ex_data (class_index=<optimized out>,
obj=0x555555af7460, ad=0x555555af7488) at ex_data.c:522
#2 0x00007ffff2a05061 in x509_cb (operation=operation@entry=3,
pval=pval@entry=0x7fffffffc218, it=it@entry=0x7ffff2cc0780 <X509_it>,
exarg=exarg@entry=0x0) at x_x509.c:113
#3 0x00007ffff2a08fea in asn1_item_combine_free
(pval=pval@entry=0x7fffffffc218, it=it@entry=0x7ffff2cc0780 <X509_it>,
combine=combine@entry=0)
at tasn_fre.c:173
#4 0x00007ffff2a091c5 in ASN1_item_free (val=val@entry=0x555555af7460,
it=it@entry=0x7ffff2cc0780 <X509_it>) at tasn_fre.c:71
#5 0x00007ffff2a0514c in X509_free (a=a@entry=0x555555af7460) at x_x509.c:141
#6 0x00007ffff05ee0b8 in ssl_pphrase_Handle (s=s@entry=0x7ffff7fc1de0,
p=p@entry=0x7ffff7fbf028) at ssl_engine_pphrase.c:275
#7 0x00007ffff05e3658 in ssl_init_Module (p=0x7ffff7ff0028, plog=<optimized
out>, ptemp=0x7ffff7fbf028, base_server=0x7ffff7fc1de0)
at ssl_engine_init.c:194
#8 0x00005555555aa2a9 in ap_run_post_config (pconf=0x7ffff7ff0028,
plog=0x7ffff7fbd028, ptemp=0x7ffff7fbf028, s=0x7ffff7fc1de0) at config.c:103
#9 0x000055555558ae07 in main (argc=6, argv=0x7fffffffe5a8) at main.c:765
This is 100% repeatable.
This looks very like:
https://bugzilla.redhat.com/show_bug.cgi?id=1074406
save that I am not using Auth at all. However, ssl itself requires the
socache logic, so perhaps it has the same root cause.
Disabling a couple of SSL sites normally resolves the problem.
What I expected to happen: apache2 to start without SEGV
What actually happened: apache2 did not start due to SEGV
root@nimtest:/root# lsb_release -rd
Description: Ubuntu 14.04.1 LTS
Release: 14.04
root@nimtest:/root# apt-cache policy apache2-bin
apache2-bin:
Installed: 2.4.7-1ubuntu4.1
Candidate: 2.4.7-1ubuntu4.1
Version table:
*** 2.4.7-1ubuntu4.1 0
500 http://gb.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64
Packages
500 http://security.ubuntu.com/ubuntu/ trusty-security/main amd64
Packages
100 /var/lib/dpkg/status
2.4.7-1ubuntu4 0
500 http://gb.archive.ubuntu.com/ubuntu/ trusty/main amd64 Packages
root@nimtest:/root# dpkg --list | egrep '\b(apache2|libssl|openssl)'
ii apache2 2.4.7-1ubuntu4.1
amd64 Apache HTTP Server
ii apache2-bin 2.4.7-1ubuntu4.1
amd64 Apache HTTP Server (binary files and modules)
ii apache2-data 2.4.7-1ubuntu4.1
all Apache HTTP Server (common files)
ii apache2-dbg 2.4.7-1ubuntu4.1
amd64 Apache debugging symbols
ii apache2-utils 2.4.7-1ubuntu4.1
amd64 Apache HTTP Server (utility programs for web servers)
ii libgnutls-openssl27:amd64 2.12.23-12ubuntu2.1
amd64 GNU TLS library - OpenSSL wrapper
ii libssl1.0.0:amd64 1.0.1f-1ubuntu2.5
amd64 Secure Sockets Layer toolkit - shared libraries
ii libssl1.0.0-dbg:amd64 1.0.1f-1ubuntu2.5
amd64 Secure Sockets Layer toolkit - debug information
ii openssl 1.0.1f-1ubuntu2.5
amd64 Secure Sockets Layer toolkit - cryptographic utility
ii python-openssl 0.13-2ubuntu6
amd64 Python 2 wrapper around the OpenSSL library
Modules in use:
root@nimtest:/root# ls -1 /etc/apache2/mods-enabled/
access_compat.load
alias.conf
alias.load
auth_basic.load
authn_core.load
authn_file.load
authz_core.load
authz_groupfile.load
authz_host.load
authz_user.load
autoindex.conf
autoindex.load
cgi.load
dbd.load
deflate.conf
deflate.load
dir.conf
dir.load
env.load
filter.load
headers.load
ident2.load
lbmethod_byrequests.load
mime.conf
mime.load
mpm_prefork.conf
mpm_prefork.load
negotiation.conf
negotiation.load
php5.conf
php5.load
proxy.conf
proxy.load
proxy_balancer.conf
proxy_balancer.load
proxy_http.load
reqtimeout.conf
reqtimeout.load
rewrite.load
setenvif.conf
setenvif.load
slotmem_shm.load
socache_shmcb.load
ssl.conf
ssl.load
status.conf
status.load
substitute.load
websocket.load
websocket_draft76.load
Here's a startup log plus 'bt full'
root@nimtest:/root# APACHE_LOCK_DIR=/var/lock/apache2 APACHE_RUN_USER=www-data
gdb --args /usr/sbin/apache2 -k start -X -e Debug
GNU gdb (Ubuntu 7.7-0ubuntu3.1) 7.7
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/sbin/apache2...Reading symbols from
/usr/lib/debug//usr/sbin/apache2...done.
done.
(gdb) run
Starting program: /usr/sbin/apache2 -k start -X -e Debug
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[Fri Sep 05 19:20:45.569382 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module access_compat_module from
/usr/lib/apache2/modules/mod_access_compat.so
[Fri Sep 05 19:20:45.572221 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module alias_module from /usr/lib/apache2/modules/mod_alias.so
[Fri Sep 05 19:20:45.574731 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module auth_basic_module from
/usr/lib/apache2/modules/mod_auth_basic.so
[Fri Sep 05 19:20:45.577289 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module authn_core_module from
/usr/lib/apache2/modules/mod_authn_core.so
[Fri Sep 05 19:20:45.579829 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module authn_file_module from
/usr/lib/apache2/modules/mod_authn_file.so
[Fri Sep 05 19:20:45.582459 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module authz_core_module from
/usr/lib/apache2/modules/mod_authz_core.so
[Fri Sep 05 19:20:45.585176 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module authz_groupfile_module from
/usr/lib/apache2/modules/mod_authz_groupfile.so
[Fri Sep 05 19:20:45.587851 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module authz_host_module from
/usr/lib/apache2/modules/mod_authz_host.so
[Fri Sep 05 19:20:45.590460 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module authz_user_module from
/usr/lib/apache2/modules/mod_authz_user.so
[Fri Sep 05 19:20:45.593611 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module autoindex_module from
/usr/lib/apache2/modules/mod_autoindex.so
[Fri Sep 05 19:20:45.596597 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module cgi_module from /usr/lib/apache2/modules/mod_cgi.so
[Fri Sep 05 19:20:45.599459 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module dbd_module from /usr/lib/apache2/modules/mod_dbd.so
[Fri Sep 05 19:20:45.602970 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module deflate_module from
/usr/lib/apache2/modules/mod_deflate.so
[Fri Sep 05 19:20:45.607589 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module dir_module from /usr/lib/apache2/modules/mod_dir.so
[Fri Sep 05 19:20:45.611506 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module env_module from /usr/lib/apache2/modules/mod_env.so
[Fri Sep 05 19:20:45.615353 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module filter_module from /usr/lib/apache2/modules/mod_filter.so
[Fri Sep 05 19:20:45.618714 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module headers_module from
/usr/lib/apache2/modules/mod_headers.so
[Fri Sep 05 19:20:45.621296 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module ident_module from /usr/lib/apache2/modules/mod_ident2.so
[Fri Sep 05 19:20:45.624291 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module lbmethod_byrequests_module from
/usr/lib/apache2/modules/mod_lbmethod_byrequests.so
[Fri Sep 05 19:20:45.627441 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module mime_module from /usr/lib/apache2/modules/mod_mime.so
[Fri Sep 05 19:20:45.630890 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module mpm_prefork_module from
/usr/lib/apache2/modules/mod_mpm_prefork.so
[Fri Sep 05 19:20:45.634628 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module negotiation_module from
/usr/lib/apache2/modules/mod_negotiation.so
[Fri Sep 05 19:20:45.771556 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module php5_module from /usr/lib/apache2/modules/libphp5.so
[Fri Sep 05 19:20:45.776446 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module proxy_module from /usr/lib/apache2/modules/mod_proxy.so
[Fri Sep 05 19:20:45.779712 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module proxy_balancer_module from
/usr/lib/apache2/modules/mod_proxy_balancer.so
[Fri Sep 05 19:20:45.783012 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module proxy_http_module from
/usr/lib/apache2/modules/mod_proxy_http.so
[Fri Sep 05 19:20:45.785965 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module reqtimeout_module from
/usr/lib/apache2/modules/mod_reqtimeout.so
[Fri Sep 05 19:20:45.789713 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module rewrite_module from
/usr/lib/apache2/modules/mod_rewrite.so
[Fri Sep 05 19:20:45.792660 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module setenvif_module from
/usr/lib/apache2/modules/mod_setenvif.so
[Fri Sep 05 19:20:45.795575 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module slotmem_shm_module from
/usr/lib/apache2/modules/mod_slotmem_shm.so
[Fri Sep 05 19:20:45.798641 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module socache_shmcb_module from
/usr/lib/apache2/modules/mod_socache_shmcb.so
[Fri Sep 05 19:20:45.808987 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module ssl_module from /usr/lib/apache2/modules/mod_ssl.so
[Fri Sep 05 19:20:45.812723 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module status_module from /usr/lib/apache2/modules/mod_status.so
[Fri Sep 05 19:20:45.816188 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module substitute_module from
/usr/lib/apache2/modules/mod_substitute.so
[Fri Sep 05 19:20:45.820615 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module websocket_module from
/usr/lib/apache2/modules/mod_websocket.so
[Fri Sep 05 19:20:45.825187 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module websocket_draft76_module from
/usr/lib/apache2/modules/mod_websocket_draft76.so
[Fri Sep 05 19:20:45.829577 2014] [so:debug] [pid 46103] mod_so.c(266):
AH01575: loaded module websocket_vnc_proxy_module from
/usr/lib/apache2/modules/mod_websocket_vnc_proxy.so
AH00548: NameVirtualHost has no effect and will be removed in the next release
/etc/apache2/sites-enabled/000-extility-amber-listen.conf:10
AH00558: apache2: Could not reliably determine the server's fully qualified
domain name, using 127.0.1.1. Set the 'ServerName' directive globally to
suppress this message
[New Thread 0x7fffe6d32700 (LWP 46111)]
[Thread 0x7fffe6d32700 (LWP 46111) exited]
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff05faaf3 in ?? () from /usr/lib/apache2/modules/mod_ssl.so
(gdb) bt full
#0 0x00007ffff05faaf3 in ?? () from /usr/lib/apache2/modules/mod_ssl.so
No symbol table info available.
#1 0x00007ffff29647a6 in int_free_ex_data (class_index=<optimized out>,
obj=0x555555af7460, ad=0x555555af7488) at ex_data.c:522
mx = 1
i = 0
item = 0x555555835a90
ptr = <optimized out>
storage = 0x555555af6fa0
#2 0x00007ffff2a05061 in x509_cb (operation=operation@entry=3,
pval=pval@entry=0x7fffffffc218, it=it@entry=0x7ffff2cc0780 <X509_it>,
exarg=exarg@entry=0x0) at x_x509.c:113
ret = 0x555555af7460
#3 0x00007ffff2a08fea in asn1_item_combine_free
(pval=pval@entry=0x7fffffffc218, it=it@entry=0x7ffff2cc0780 <X509_it>,
combine=combine@entry=0)
at tasn_fre.c:173
tt = <optimized out>
seqtt = <optimized out>
ef = <optimized out>
cf = <optimized out>
aux = <optimized out>
asn1_cb = 0x7ffff2a04fa0 <x509_cb>
i = <optimized out>
#4 0x00007ffff2a091c5 in ASN1_item_free (val=val@entry=0x555555af7460,
it=it@entry=0x7ffff2cc0780 <X509_it>) at tasn_fre.c:71
No locals.
#5 0x00007ffff2a0514c in X509_free (a=a@entry=0x555555af7460) at x_x509.c:141
No locals.
#6 0x00007ffff05ee0b8 in ssl_pphrase_Handle (s=s@entry=0x7ffff7fc1de0,
p=p@entry=0x7ffff7fbf028) at ssl_engine_pphrase.c:275
using_cache = 0
mc = 0x7ffff7fc5950
sc = 0x7fffeb618bc8
pServ = 0x7fffeb64c5b8
cpVHostID = 0x7ffff7e5a160 "nimtest2.amb.flexiant.com:20443"
szPath =
"/etc/extility/skyline/ssl/certs/extility-skyline-cp-f1e48937-f534-39a7-80d6-7f9b7f790dc1.crt\000\177\000\000\060\313\377\377\377\177\000\000+",
'\000' <repeats 11 times>, "\b", '\000' <repeats 51 times>,
"\247\320\327\357\377\177", '\000' <repeats 42 times>...
pPrivateKey = <optimized out>
asn1 = <optimized out>
ucp = 0x555555835785 ""
length = <optimized out>
pX509Cert = 0x555555af7460
bReadable = <optimized out>
aPassPhrase = 0x7ffff7e5a110
nPassPhrase = 0
nPassPhraseCur = -120945919
cpPassPhraseCur = 0xc609ea311eb6e53b <error: Cannot access memory at
address 0xc609ea311eb6e53b>
nPassPhraseRetry = <optimized out>
nPassPhraseDialog = 0
nPassPhraseDialogCur = 272216735
bPassPhraseDialogOnce = 1963170297
cpp = <optimized out>
i = 0
j = 0
algoCert = 1
algoKey = 0
at = <optimized out>
an = 0x7ffff05fd3c2 "RSA"
pkey_mtime = 0
rv = <optimized out>
#7 0x00007ffff05e3658 in ssl_init_Module (p=0x7ffff7ff0028, plog=<optimized
out>, ptemp=0x7ffff7fbf028, base_server=0x7ffff7fc1de0)
at ssl_engine_init.c:194
mc = <optimized out>
sc = <optimized out>
s = 0x0
#8 0x00005555555aa2a9 in ap_run_post_config (pconf=0x7ffff7ff0028,
plog=0x7ffff7fbd028, ptemp=0x7ffff7fbf028, s=0x7ffff7fc1de0) at config.c:103
---Type <return> to continue, or q <return> to quit---
pHook = 0x7ffff7eb2bb8
n = 14
rv = 0
#9 0x000055555558ae07 in main (argc=6, argv=0x7fffffffe5a8) at main.c:765
c = 101 'e'
showcompile = 0
showdirectives = 0
confname = 0x5555555ca607 "apache2.conf"
def_server_root = 0x5555555ca5fa "/etc/apache2"
temp_error_log = 0x0
error = <optimized out>
process = 0x7ffff7ff2118
pconf = 0x7ffff7ff0028
plog = 0x7ffff7fbd028
ptemp = 0x7ffff7fbf028
pcommands = 0x7ffff7fc7028
opt = 0x7ffff7fc7118
rv = <optimized out>
mod = 0x5555557ec160 <ap_prelinked_modules+64>
opt_arg = 0x7fffffffe831 "Debug"
signal_server = <optimized out>
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1366174
Title:
apache2 SEGV with multiple SSL sites
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1366174/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
