Bug 818521

Summary: mod_gridsite crashes
Product: [Fedora] Fedora Reporter: Joe Orton <jorton>
Component: gridsiteAssignee: Ricardo Rocha <rocha.porto>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: 17CC: rocha.porto, steve.traylen
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-08-01 18:21:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Joe Orton 2012-05-03 09:07:41 UTC 
Description:
With a plain f17 install, default configuration, loading
http://localhost/
crashes the server if mod_gridsite is installed.

Version:
httpd-2.2.22-4.fc17.x86_64
gridsite-1.7.19-1.fc17.x86_64
Comment 1 Joe Orton 2012-05-03 09:08:00 UTC 
(gdb) where
#0  0x00007f85d69d5d41 in mod_gridsite_perm_handler (r=0x7f85f02626d0) at mod_gridsite.c:3240
#1  0x00007f85ebf13380 in ap_run_fixups (r=0x7f85f02626d0) at /usr/src/debug/httpd-2.2.22/server/request.c:73
#2  0x00007f85ebf1547e in ap_process_request_internal (r=r@entry=0x7f85f02626d0)
    at /usr/src/debug/httpd-2.2.22/server/request.c:241
#3  0x00007f85ebf156b8 in ap_sub_req_method_uri (method=method@entry=0x7f85ebf2ee0b "GET", new_uri=0x7f85ee277fd8 "index.aspx", 
    r=r@entry=0x7f85f0291c50, next_filter=0x7f85f0293530) at /usr/src/debug/httpd-2.2.22/server/request.c:1682
#4  0x00007f85ebf15705 in ap_sub_req_lookup_uri (new_uri=<optimized out>, r=r@entry=0x7f85f0291c50, next_filter=<optimized out>)
    at /usr/src/debug/httpd-2.2.22/server/request.c:1694
#5  0x00007f85e375e012 in fixup_dir (r=0x7f85f0291c50) at /usr/src/debug/httpd-2.2.22/modules/mappers/mod_dir.c:235
#6  dir_fixups (r=0x7f85f0291c50) at /usr/src/debug/httpd-2.2.22/modules/mappers/mod_dir.c:298
#7  0x00007f85ebf13380 in ap_run_fixups (r=0x7f85f0291c50) at /usr/src/debug/httpd-2.2.22/server/request.c:73
#8  0x00007f85ebf1547e in ap_process_request_internal (r=r@entry=0x7f85f0291c50)
    at /usr/src/debug/httpd-2.2.22/server/request.c:241
#9  0x00007f85ebf265c8 in ap_process_request (r=r@entry=0x7f85f0291c50)
    at /usr/src/debug/httpd-2.2.22/modules/http/http_request.c:280
#10 0x00007f85ebf23508 in ap_process_http_connection (c=0x7f85f01c29a0)
    at /usr/src/debug/httpd-2.2.22/modules/http/http_core.c:190
#11 0x00007f85ebf1f5d0 in ap_run_process_connection (c=0x7f85f01c29a0) at /usr/src/debug/httpd-2.2.22/server/connection.c:43
#12 0x00007f85ebf1f9e8 in ap_process_connection (c=c@entry=0x7f85f01c29a0, csd=<optimized out>)
    at /usr/src/debug/httpd-2.2.22/server/connection.c:190
Comment 2 Joe Orton 2012-05-03 09:08:33 UTC 
Program terminated with signal 11, Segmentation fault.
#0  0x00007f85d69d5d41 in mod_gridsite_perm_handler (r=0x7f85f02626d0) at mod_gridsite.c:3240
3240	    cred = user->firstcred;
(gdb) print user
$1 = (GRSTgaclUser *) 0x0
Comment 3 Steve Traylen 2012-05-03 09:56:28 UTC 
Looks  to be a new feature of fedora 17 despite being same gridsite and  httpd on fedora16.
Comment 4 Joe Orton 2012-05-03 12:28:05 UTC 
Wow.  This module is an utter trainwreck.  If it ever works it was by luck not design.  It is hacking into mod_ssl private structure.  Really really gross.

 * CLEARLY, THIS WILL BREAK IF THERE ARE MAJOR CHANGES TO ssl_private.h!!!

Uh, yeah.

The package needs to distribute the LICENSE and NOTICE files from httpd as per the ASL2 license terms.  

If you insist on shipping this in Fedora, the package needs to have a strict lock-step version requirement on a specific httpd version for which the assumptions about mod_ssl internals have been verified.  e.g.

Requires: httpd%{?isa} = x.y.z-z

and those assumptions will need to be reverified for every new single NVR bump for the httpd package.  Yes, we may well make changes to mod_ssl private strucutres in a Release bump.
Comment 5 Joe Orton 2012-05-03 13:08:54 UTC 
(that "CLEARLY, THIS WILL" sentence is from the source code)
Comment 6 Fedora End Of Life 2013-07-04 06:43:47 UTC 
This message is a reminder that Fedora 17 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 17. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '17'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 17's end of life.

Bug Reporter:  Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 17 is end of life. If you 
would still like  to see this bug fixed and are able to reproduce it 
against a later version  of Fedora, you are encouraged  change the 
'version' to a later Fedora version prior to Fedora 17's end of life.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.
Comment 7 Fedora End Of Life 2013-08-01 18:21:06 UTC 
Fedora 17 changed to end-of-life (EOL) status on 2013-07-30. Fedora 17 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.