Bug#683340: marked as done (Core dump in ssl proxy)

To: Stefan Fritsch <sf@sfritsch.de>
Subject: Bug#683340: marked as done (Core dump in ssl proxy)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 28 May 2016 12:39:04 +0000
Message-id: <[🔎] handler.683340.D683340.146443901629711.ackdone@bugs.debian.org>
References: <alpine.DEB.2.11.1605281435200.31657@eru.sfritsch.de> <20120730223919.75384f85@buffy.scoobygang>

Your message dated Sat, 28 May 2016 14:36:53 +0200 (CEST)
with message-id <alpine.DEB.2.11.1605281435200.31657@eru.sfritsch.de>
and subject line Re: Bug#683340: Core dump in ssl proxy
has caused the Debian Bug report #683340,
regarding Core dump in ssl proxy
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
683340: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683340
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: Core dump in ssl proxy
From: John Williams <john@pond-weed.com>
Date: Mon, 30 Jul 2012 22:39:19 +0100
Message-id: <20120730223919.75384f85@buffy.scoobygang>

Package: apache2
Version: 2.2.22-9

I have got webserver A (which is apache) acting as a reverse proxy for
webserver B (which is lighttpd).
Note that I'm using the i386 version in both cases.

Webserver A is configured like this:
  SSLProxyEngine on
  SSLProxyCACertificateFile /etc/apache2/ca.crt
  SSLProxyMachineCertificateFile /etc/apache2/proxy.pem
  <Location /somewhere>
    ProxyPass https://serverb/somewhere
  </Location>

If I turn on ssl client verification on webserver B, then any attempt
to use the reverse proxy fails; webserver A returns HTTP code 500 and I
see a message like this in its error log:
  [notice] child pid 2381 exit signal Segmentation fault (11)
With client verification turned off on webserver B, everything works OK.

--- End Message ---

--- Begin Message ---

To: Steve Powers <stevep@advfn.com>, 683340-done@bugs.debian.org

Subject: Re: Bug#683340: Core dump in ssl proxy

From: Stefan Fritsch <sf@sfritsch.de>

Date: Sat, 28 May 2016 14:36:53 +0200 (CEST)

Message-id: <alpine.DEB.2.11.1605281435200.31657@eru.sfritsch.de>

In-reply-to: <55FC1BF0.30606@advfn.com>

References: <55FC1947.8080707@advfn.com> <55FC1BF0.30606@advfn.com>
version: 2.4.1-1

On Fri, 18 Sep 2015, Steve Powers wrote:
> I came across this issue after much research as it appears a fairly
> unused scenario.
> 
> It is still apparent in 2.2.22-13+deb7u6 on Wheezy. It is not present in
> Apache 2.4 on Jessie.

Thanks for the information. Since wheezy is no longer supported, I am 
closing the bug

> 
> It was fixed in apache in r1467593:
> https://svn.apache.org/viewvc?view=rev&rev=1467593
> 
> Details can be seen in:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=54698
> 
> Workaround is to swap order of key and certificate in your
> /etc/apache2/proxy.pem file.
> 
> 
--- End Message ---

Reply to:

Prev by Date: Processed: found 671171 in 2.2.16-6
Next by Date: Bug#678504: marked as done (apache2: "request failed: error reading the headers" with SSL and Firefox/13.0.1)
Previous by thread: Processed: found 671171 in 2.2.16-6
Next by thread: Bug#678504: marked as done (apache2: "request failed: error reading the headers" with SSL and Firefox/13.0.1)
Index(es):
- Date
- Thread