Bug 236164
| Summary: | openssl RAND_poll segfault when fd >= FD_SETSIZE (affects apache2 startup with many SSL vhosts) | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 4 | Reporter: | Joe Miller <jmiller> |
| Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
| Status: | CLOSED ERRATA | QA Contact: | Brian Brock <bbrock> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.0 | CC: | nick, xavier |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | RHSA-2007-1003 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-11-15 14:58:48 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Joe Miller
2007-04-12 07:19:56 UTC
additional steps to help recreate the problem.
1) setup httpd.conf as normal. make sure mod_ssl is loaded
2) add a lot of vhosts with this simple perl script:
#!/usr/bin/perl
$num_vhosts = 10000;
my $i = 0;
while ( $i < $num_vhosts ) {
my $port = 10000 + $i;
print <<EOF;
<VirtualHost 1.1.1.1:80>
ServerName shared-test$i.something.dom
ServerAdmin support\@something.dom
DocumentRoot /web/htdocs
CustomLog /tmp/shared-test-log-$i.log combined
</VirtualHost>
Listen $port
<VirtualHost 1.1.1.1:$port>
ServerName shared-test$i-$port.something.dom
ServerAdmin support\@something.dom
DocumentRoot /web/htdocs
CustomLog /tmp/shared-test-log-ssl-$i.log combined
</VirtualHost>
EOF
$i++;
}
# perl fillvhosts.pl >> httpd.conf
# ulimit -n 128000
# /usr/sbin/httpd.worker
We have this patched in RHEL-5 and Fedora openssl. Excellent. Will it be patched for RHEL3 or 4 as well? RHEL3 - probably not. RHEL4 - it depends on further evaluation. This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release. This is a pretty serious problem as it takes a lot less then 6000 vhosts. In some cases with log files it can be < 1000 which is pretty common. It has been 7 months since this bug was first submitted. 6 months since management said they would look into it further. Can we please get an update on the status of a fix? I am hoping Redhat hasn't abandoned users who are still using RHEL 4. I look forward to an update from the Redhat team shortly. Xavier As you can see from bug status the bug fix errata for this is in the release pending state to be released within RHEL 4.6 update release. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2007-1003.html |