Re: apache failed

[Emmanuel Lacour <elacour@easter-eggs.com>]

On Mon, Dec 02, 2002 at 02:59:32PM +0100, Mathieu Laurent wrote:
> It 's not the error messages when logrotate reload apache config. I have 
> this problem after a request.
> 
> I have two webserver with the same config. And I can see that the two 
> servers receive this request and one of them died after.
> 
> I see on the mails in this discussion ( 
> http://lists.debian.org/debian-security/2002/debian-security-200209/msg00303.html 
> ) that apache gives this error message (client sent HTTP/1.1 request 
> without hostname (see RFC2616 section 14.23): /) when it receives request 
> from the worm.
> 
> When I check the log from this fatal request on the other server, I have 
> this:
> [Fri Nov 29 15:06:39 2002] [error] [client xxx.xx.x.x] client sent 
> HTTP/1.1 request without hostname (see RFC2616 section 14.23): /[Fri Nov 
> 29 15:06:51 2002] [error] mod_ssl: SSL handshake failed (server 
> xxxxxxx::443, client xxx.xx.x.x (OpenSSL library error follows)
> [Fri Nov 29 15:06:52 2002] [error] OpenSSL: error:1406B458:SSL 
> routines:GET_CLIENT_MASTER_KEY:key arg too long
> 
> I have this error message +/- 5 times by day. And sometimes, apache died.
> 

ok, it's definitively not the same problem!
it seems your experienced a kind of ssl DOS???

Can't help you more...

-- 
Easter-eggs                                Spécialiste GNU/Linux
44-46 rue de l'Ouest  -  75014 Paris   -   France -  Métro Gaité
Phone: +33 (0) 1 43 35 00 37    -     Fax: +33 (0) 1 41 35 00 76
mailto:elacour@easter-eggs.com   -    http://www.easter-eggs.com