Bug 729585

Summary: httpd segfaults when SSLCryptoDevice set to invalid
Product: Red Hat Enterprise Linux 6 Reporter: Miroslav Vadkerti <mvadkert>
Component: httpdAssignee: Joe Orton <jorton>
Status: CLOSED ERRATA QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: high Docs Contact:
Priority: high    
Version: 6.1CC: leonard-rh-bugzilla, prc, zmraz
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 767990 (view as bug list) Environment:
Last Closed: 2011-12-06 15:15:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 767990    

Description Miroslav Vadkerti 2011-08-10 09:13:52 UTC 
Description of problem:
If SSLCryptoDevice config variable is set to some unkown value httpd segfaults.

# service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: Syntax error on line 68 of /etc/httpd/conf.d/ssl.conf:
SSLCryptoDevice: Invalid argument; must be one of: 'builtin' (none), 'aesni' (Intel AES-NI engine (no-aesni)), 'dynamic' (Dynamic engine loading support)
/bin/bash: line 1: 18787 Segmentation fault      (core dumped) /usr/sbin/httpd
                                                           [FAILED]
Version-Release number of selected component (if applicable):
httpd-2.2.15-9.el6

How reproducible:
100%

Steps to Reproduce:
1. Set SSLCryptoDevice in /etc/httpd/conf.d/ssl.conf to some trash value
2. Restart httpd
  
Actual results:
Segfault

Expected results:
No Segfault, only error message
Comment 1 Joe Orton 2011-08-12 13:40:58 UTC 
Thanks, fixed upstream.

http://svn.apache.org/viewvc?view=revision&revision=1157105
Comment 4 errata-xmlrpc 2011-12-06 15:15:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1630.html
Comment 5 Leonard den Ottolander 2014-10-23 14:56:00 UTC 
This was committed upstream as http://svn.apache.org/viewvc?view=revision&revision=1157105 to trunk / 2.4.x.

However, it was not commited upstream to the 2.2 branch so this issue still exists in upstream 2.2.29.