Bug 729585 - httpd segfaults when SSLCryptoDevice set to invalid
Summary: httpd segfaults when SSLCryptoDevice set to invalid
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: httpd
Version: 6.1
Hardware: All
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Joe Orton
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks: 767990
TreeView+ depends on / blocked
 
Reported: 2011-08-10 09:13 UTC by Miroslav Vadkerti
Modified: 2014-10-23 14:56 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 767990 (view as bug list)
Environment:
Last Closed: 2011-12-06 15:15:52 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1630 normal SHIPPED_LIVE httpd bug fix update 2011-12-06 00:50:47 UTC

Description Miroslav Vadkerti 2011-08-10 09:13:52 UTC
Description of problem:
If SSLCryptoDevice config variable is set to some unkown value httpd segfaults.

# service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: Syntax error on line 68 of /etc/httpd/conf.d/ssl.conf:
SSLCryptoDevice: Invalid argument; must be one of: 'builtin' (none), 'aesni' (Intel AES-NI engine (no-aesni)), 'dynamic' (Dynamic engine loading support)
/bin/bash: line 1: 18787 Segmentation fault      (core dumped) /usr/sbin/httpd
                                                           [FAILED]
Version-Release number of selected component (if applicable):
httpd-2.2.15-9.el6

How reproducible:
100%

Steps to Reproduce:
1. Set SSLCryptoDevice in /etc/httpd/conf.d/ssl.conf to some trash value
2. Restart httpd
  
Actual results:
Segfault

Expected results:
No Segfault, only error message

Comment 1 Joe Orton 2011-08-12 13:40:58 UTC
Thanks, fixed upstream.

http://svn.apache.org/viewvc?view=revision&revision=1157105

Comment 4 errata-xmlrpc 2011-12-06 15:15:52 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1630.html

Comment 5 Leonard den Ottolander 2014-10-23 14:56:00 UTC
This was committed upstream as http://svn.apache.org/viewvc?view=revision&revision=1157105 to trunk / 2.4.x.

However, it was not commited upstream to the 2.2 branch so this issue still exists in upstream 2.2.29.


Note You need to log in before you can comment on or make changes to this bug.