[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

mod_ssl broken

From: Sander Striker <striker_at_apache.org>
Date: 2001-09-09 18:10:56 CEST


I have a local test machine running now.
subversion over http works as expected.
https is broken. This is not on the svn
side (I didn't get that far). mod_ssl
is broken when it comes to configs such
as these:

<VirtualHost _default_:443>
    SSLEngine on

    SSLCACertificatePath /var/openssl/ca/private
    SSLCACertificateFile /var/openssl/ca/private/cacert.pem

    SSLCertificateFile /var/openssl/ca/certs/striker.xs4all.nl-cert.pem
    SSLCertificateKeyFile /var/openssl/ca/certs/striker.xs4all.nl-key.pem

    DocumentRoot /opt/httpd/htdocs
    ServerName my.server.name

    <Location /svn>
# SSLVerifyClient require
# SSLVerifyDepth 1

        DAV svn
        SVNPath /home/svn

mod_ssl segfaults in ssl_config_perdir_merge:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1024 (LWP 9130)]
0x806dd1d in ssl_config_perdir_merge (p=0x814e22c, basev=0x0,
addv=0x8192e4c) at ssl_engine_config.c:269
269 cfgMergeArray(aRequirement);
(gdb) bt
#0 0x806dd1d in ssl_config_perdir_merge (p=0x814e22c, basev=0x0,
addv=0x8192e4c) at ssl_engine_config.c:269
#1 0x80a2c15 in ap_merge_per_dir_configs (p=0x814e22c, base=0x8192f34,
new_conf=0x8192c54) at config.c:262
#2 0x80b7376 in ap_location_walk (r=0x814e25c) at request.c:1236
#3 0x80b6511 in ap_process_request_internal (r=0x814e25c) at request.c:154
#4 0x8080ba0 in ap_process_request (r=0x814e25c) at http_request.c:284
#5 0x807c4fa in ap_process_http_connection (c=0x814c31c) at http_core.c:287
#6 0x80ac6db in ap_run_process_connection (c=0x814c31c) at connection.c:82
#7 0x80ac8b0 in ap_process_connection (c=0x814c31c) at connection.c:219
#8 0x80a13b2 in child_main (child_num_arg=0) at prefork.c:829
#9 0x80a150a in make_child (s=0x80e833c, slot=0) at prefork.c:916
#10 0x80a158c in startup_children (number_to_start=1) at prefork.c:939
#11 0x80a1985 in ap_mpm_run (_pconf=0x80e6ce4, plog=0x811eea4, s=0x80e833c)
at prefork.c:1155
#12 0x80a7323 in main (argc=1, argv=0xbffffdac) at main.c:431
#13 0x401f026a in __libc_start_main (main=0x80a6d98 <main>, argc=1,
ubp_av=0xbffffdac, init=0x8062460 <_init>, fini=0x80be834 <_fini>,
               rtld_fini=0x4000daa4 <_dl_fini>, stack_end=0xbffffd9c) at

The problem is that basev == NULL, which causes apr_array_append to barf.
I'll be looking into this next week (or someone working on mod_ssl will).


PS. To be more flexible we'll need some callback hooks in neon (if they're
    not already there) for:

    - server cert verification (ne_set_ssl_verify?)
    - client cert request (ie. the server asked us for one, and we didn't
      set it using sock_set_client_cert beforehand) ala ne_set_server_auth

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Oct 21 14:36:40 2006

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.