Bug 622003
Summary: | Calling program crashes when loading OpenSSL CHIL Engine twice | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Sander Temme <sander> |
Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 5.4 | CC: | ebenes, jbastian, mjc, mvadkert, prc, pvrabec, william.oakley |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | openssl-0.9.8e-19.el5 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-07-21 07:40:41 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Sander Temme
2010-08-06 18:18:44 UTC
What are your plans regarding this issue? I would like to do a product Integration Guide using the base OS OpenSSL and Apache, but this is a blocking issue for that. --Thanks The plan is to get the fix into a future Red Hat Enterprise Linux 5 update release. This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unfortunately unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. (In reply to comment #7) When you say "next release", do you mean six, seven, or a future update to five? This request was erroneously denied for the current release of Red Hat Enterprise Linux. The error has been fixed and this request has been re-proposed for the current release. (In reply to comment #9) Thank you, I am happy to hear that. Confirmed, openssl-0.9.8e-20.el5 fixes this issue. I simply used 'SSLCryptoDevice chil' in conf.d/ssl.conf and started server with LD_LIBRARY_PATH=/opt/nfast/toolkits/hwcrhk/ /usr/sbin/httpd Before -20 the server would segfault and not start up, with -20 the server starts up and SSL requests get handled by nCipher hardware (verified by watching hardserver.log) An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1010.html |