[Modules] Segmentation Fault with mod_gnutls
Daniel López
dani at tydnet.org
Wed Aug 11 02:25:17 EDT 2010
On Wednesday 11 August 2010 06:27:58 Jeff Williams wrote:
> Current Setup:
> FreeBSD 6.2 release
> Apache 2.2.16
> gnutls 2.10.1
> mod_gnutls 0.5.7
>
I have the same problem:
Aug 10 15:42:09 2010] [notice] child pid 5239 exit signal Segmentation
fault (11), possible coredump in /dades/backup/apachedebug
[Tue Aug 10 15:42:10 2010] [notice] child pid 5241 exit signal Segmentation
fault (11), possible coredump in /dades/backup/apachedebug
[Tue Aug 10 15:42:10 2010] [notice] child pid 5242 exit signal Segmentation
fault (11), possible coredump in /dades/backup/apachedebug
I've being googling form some days and found this problem twice or three times
but other solutions don't fit my problem: upgrading apache, disabling php-curl
(which I have not installed, switching from dbcache to memcached, and so on.
Anyway system is working and doesn't seem to have an overload o so.
I'm now a bit of lost and don't know already where to look for. Sorry for the
huge amount of text in this email. Hope can shed some light on this problem.
Let me know if you need any addiotional info.
My system:
Apache/2.2.9 (Debian) mod_gnutls/0.5.7 PHP/5.2.6-1+lenny9 with Suhosin-Patch
here are my installation notes:
-------------------DOC--------------------------
# LIBGPG-ERROR -> requeriment de LIBCRYPT
root at berlin:/usr/src# wget -c ftp://ftp.gnupg.org/gcrypt/libgpg-error/libgpg-
error-1.9.tar.bz2
root at berlin:/usr/src# bzip2 -d libgpg-error-1.9.tar.bz2
root at berlin:/usr/src# tar xvf libgpg-error-1.9.tar
root at berlin:/usr/src/# cd ../libgpg-error-1.9/
root at berlin:/usr/src/libgpg-error-1.9# ./configure
{{{
config.status: creating po/Makefile
Libgpg-error v1.9 has been configured as follows:
Platform: x86_64-unknown-linux-gnu
}}}
root at berlin:/usr/src/libgpg-error-1.9# make && make install
#LIBGCRYPT
root at berlin:/usr/src# wget -c
ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.4.6.tar.bz2
root at berlin:/usr/src# bzip2 -d libgcrypt-1.4.6.tar.bz2
root at berlin:/usr/src# tar xvf libgcrypt-1.4.6.tar
root at berlin:/usr/src/libgcrypt-1.4.6# ./configure
{{{
config.status: executing gcrypt-conf commands
Libgcrypt v1.4.6 has been configured as follows:
Platform: GNU/Linux (x86_64-unknown-linux-gnu)
}}}
root at berlin:/usr/src/libgcrypt-1.4.6# make && make install
# GNUTLS
root at berlin:/usr/src# cd /usr/src/gnutls-2.10.1#
root at berlin:/usr/src/gnutls-2.10.1# aptitude install libtasn1-3-dev libtasn1-3
libtasn1-3-bin
root at berlin:/usr/src/gnutls-2.10.1# ./configure --with-libgcrypt-
prefix=/usr/local
configure: summary of build options:
configure: summary of build options:
version: 2.10.1 shared 42:9:16
Host type: x86_64-unknown-linux-gnu
Install prefix: /usr/local
Compiler: gcc -std=gnu99
Warning flags: errors: warnings:
Library types: Shared=yes, Static=yes
Valgrind: no
Guile wrappers: no
C++ library: yes
OpenSSL library: yes
/dev/crypto: no
root at berlin:/usr/src/gnutls-2.10.1# make
# APR-MEMCACHE -> requeriment de mod_ngutls
root at berlin:/usr/src# bzip2 -d apr_memcache-0.7.0.tar.bz2
root at berlin:/usr/src# tar xvf apr_memcache-0.7.0.tar
root at berlin:/usr/src# cd apr_memcache-0.7.0
root at berlin:/usr/src/apr_memcache-0.7.0# ./configure --prefix=/usr/local/apr-
memcache
---
Configuration summary for apr_memcache
* Version: 0.7.0
* Prefix: /usr/local/apr-memcache
---
3. edit Makefile and memcache/Makefile this way:
LIBTOOL = /usr/share/apr-1.0/build/libtool --tag=gcc
root at berlin:/usr/src/apr_memcache-0.7.0# make && make install
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/apr-memcache/lib
root at berlin::/usr/src/mod_gnutls-0.5.7# ./configure
Configuration summary for mod_gnutls:
./configure --with-apxs=/usr/bin/apxs2 \
--with-apr-memcache-libs=/usr/local/apr-memcache/lib \
--with-apr-memcache-includes=/usr/local/apr-
memcache/include/apr_memcache-0
* mod_gnutls version: 0.5.7
* Apache Modules directory: /usr/lib/apache2/modules
* GnuTLS Library version: 2.10.1
* SRP Authentication: yes
-------------------DOC--------------------------
my apache2 config
root at berlin:/usr/src/mod_gnutls-0.5.7# cat /etc/apache2/mods-enabled/gnutls.*
<IfModule mod_gnutls.c>
# mod_gnutls can optionaly use a memcached server to store SSL sessions.
This
# is useful in a cluster environment, where you want all your servers to
share
# a single SSL session cache.
GnuTLSCache memcache "127.0.0.1"
# The default method is to use a DBM backed cache. It is not super fast,
but
# it is portable and does not require another server to be running like
# memcached.
# GnuTLSCache dbm /var/cache/apache2/gnutls_cache
GnuTLSCacheTimeout 500
</IfModule>
LoadModule gnutls_module /usr/lib/apache2/modules/mod_gnutls.so
<VirtualHost ip:443>
ServerName ssl1.domain.org.com:443
GnuTLSEnable on
GnuTLSPriorities NORMAL
GNUTLSExportCertificates on
GnuTLSCertificateFile /etc/ssl/certs/ssl1.domain.org-cert
GnuTLSKeyFile /etc/ssl/private/ssl1.domain.org-key
DocumentRoot "/var/www/roundcube"
# DocumentRoot "/var/www/virtual/zonadns/ssl1"
<Directory /var/www/roundcube>
AllowOverride None
</Directory>
ErrorLog /var/log/apache2/domain.org.com-error.log
LogLevel warn
CustomLog /var/log/apache2/domain.org.com-access.log combined
ServerSignature On
</VirtualHost>
Here you have a backtrace from error: (loading roundcube under https)
Loaded symbols for /usr/lib/php5/20060613/sasl.so
Core was generated by `/usr/sbin/apache2 -k start'.
Program terminated with signal 11, Segmentation fault.
[New process 5241]
#0 _gnutls_recv_int (session=0x0, type=GNUTLS_APPLICATION_DATA,
htype=4294967295,
data=0xa386f0 "\r\nokie:
roundcube_sessid=456383db57de5a49379afc07d8710523; mailviewsplitterv=165;
mailviewsplitter=205;
PHPSESSID=3780ef45d6691d4e5caae764770c7a38\r\n\r\n3780ef45d6691d4e5caae764770c7a38\r\n\r\n1d4e5caae76477"...,
sizeofdata=<value optimized out>) at gnutls_record.c:878
878 if (session->internals.read_eof != 0)
(gdb) bt full
#0 _gnutls_recv_int (session=0x0, type=GNUTLS_APPLICATION_DATA,
htype=4294967295,
data=0xa386f0 "\r\nokie:
roundcube_sessid=456383db57de5a49379afc07d8710523; mailviewsplitterv=165;
mailviewsplitter=205;
PHPSESSID=3780ef45d6691d4e5caae764770c7a38\r\n\r\n3780ef45d6691d4e5caae764770c7a38\r\n\r\n1d4e5caae76477"...,
sizeofdata=<value optimized out>) at gnutls_record.c:878
headers = (uint8_t *) 0x1c00001c20 <Address 0x1c00001c20 out of
bounds>
recv_type = 8192
length = <value optimized out>
recv_data = (uint8_t *) 0x1 <Address 0x1 out of bounds>
ret = 0
ret2 = 10716840
header_size = <value optimized out>
empty_packet = 0
#1 0x00007f048ef72a9f in gnutls_io_input_read (ctxt=0xa386a8,
buf=0xa386f0 "\r\nokie: roundcube_sessid=456383db57de5a49379afc07d8710523;
mailviewsplitterv=165; mailviewsplitter=205;
PHPSESSID=3780ef45d6691d4e5caae764770c7a38\r\n\r\n3780ef45d6691d4e5caae764770c7a38\r\n\r\n1d4e5caae76477"...,
len=0x7fffb66ae748) at gnutls_io.c:227
wanted = 8192
bytes = 0
rc = <value optimized out>
#2 0x00007f048ef72eb5 in mgs_filter_input (f=0xa3c7a0, bb=0xa4d4f8,
mode=<value optimized out>, block=APR_BLOCK_READ, readbytes=8192) at
gnutls_io.c:323
status = <value optimized out>
len = 0
#3 0x000000000042cbcb in ap_rgetline_core (s=0xa4bfe0, n=8192,
read=0x7fffb66ae860, r=0xa4bfb0, fold=0, bb=0xa4d4f8)
at /build/buildd-apache2_2.2.9-10+lenny8-amd64-
OpzZ7v/apache2-2.2.9/server/protocol.c:231
rv = 10742096
e = (apr_bucket *) 0x0
bytes_handled = 0
current_alloc = 0
pos = 0xa3e950 "���"
last_char = 0x0
do_alloc = 1
---Type <return> to continue, or q <return> to quit---
thanks a lot for your help.
dani
More information about the Modules
mailing list