Bug 729585 - httpd segfaults when SSLCryptoDevice set to invalid
Summary: httpd segfaults when SSLCryptoDevice set to invalid
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: httpd
Version: 6.1
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Joe Orton
QA Contact: BaseOS QE Security Team
Depends On:
Blocks: 767990
TreeView+ depends on / blocked
Reported: 2011-08-10 09:13 UTC by Miroslav Vadkerti
Modified: 2014-10-23 14:56 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 767990 (view as bug list)
Last Closed: 2011-12-06 15:15:52 UTC

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:1630 normal SHIPPED_LIVE httpd bug fix update 2011-12-06 00:50:47 UTC

Description Miroslav Vadkerti 2011-08-10 09:13:52 UTC
Description of problem:
If SSLCryptoDevice config variable is set to some unkown value httpd segfaults.

# service httpd restart
Stopping httpd:                                            [FAILED]
Starting httpd: Syntax error on line 68 of /etc/httpd/conf.d/ssl.conf:
SSLCryptoDevice: Invalid argument; must be one of: 'builtin' (none), 'aesni' (Intel AES-NI engine (no-aesni)), 'dynamic' (Dynamic engine loading support)
/bin/bash: line 1: 18787 Segmentation fault      (core dumped) /usr/sbin/httpd
Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Set SSLCryptoDevice in /etc/httpd/conf.d/ssl.conf to some trash value
2. Restart httpd
Actual results:

Expected results:
No Segfault, only error message

Comment 1 Joe Orton 2011-08-12 13:40:58 UTC
Thanks, fixed upstream.


Comment 4 errata-xmlrpc 2011-12-06 15:15:52 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Comment 5 Leonard den Ottolander 2014-10-23 14:56:00 UTC
This was committed upstream as http://svn.apache.org/viewvc?view=revision&revision=1157105 to trunk / 2.4.x.

However, it was not commited upstream to the 2.2 branch so this issue still exists in upstream 2.2.29.

Note You need to log in before you can comment on or make changes to this bug.