Date: Sun, 19 Sep 2004 11:47:54 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz> Cc: freebsd-questions@freebsd.org Subject: Re: Apache+mod_ssl + mod_php segfault (culprit found!) Message-ID: <20040919104754.GB51161@happy-idiot-talk.infracaninophile.co.uk> In-Reply-To: <414D141A.2050700@daleco.biz> References: <535FEA17-02B4-11D9-A03B-000A2791B6EC@illusionart.com> <20040910135111.GA50475@happy-idiot-talk.infracaninophile.co.uk> <414D141A.2050700@daleco.biz>
next in thread | previous in thread | raw e-mail | index | archive | help
--dc+cDN39EJAMEtIO
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sun, Sep 19, 2004 at 12:07:38AM -0500, Kevin D. Kinsey, DaleCo, S.P. wro=
te:
>=20
> Matthew Seaman wrote:
>=20
> >This sounds to me very much like you've got the mod_php loadable
> >object linked against an incompatible version of a shlib which
> >apach+mod_ssl is also linked to. At a guess:
> >
> > i) I'd finger the OpenSSL libs as a prime suspect: particularly if
> > you've also installed OpenSSL from ports. It's not necessary
> > to install OpenSSL from ports as the version in the base system
> > is perfectly OK.
> >
> >=20
> >
> <snip other good stuff>
>=20
> It certainly seems that you are right as usual, Matthew.
> Removing "openssl.so" from /usr/local/lib/php/20020429
> and restarting Apache works (no core dump!) ... albeit
> PHP doesn't have OpenSSL support in it now, I guess ...
>=20
> After checking with ldd(1) as you suggested ... how should
> we fix this if we want PHP to have support for OpenSSL?
> It's not that critical in my case ... but PHP is ;-)
Hmmm... Well, it works for me. Let's see:
=20
% ldd /usr/local/lib/php/20020429/openssl.so=20
/usr/local/lib/php/20020429/openssl.so:
libcrypto.so.3 =3D> /usr/lib/libcrypto.so.3 (0x28116000)
libssl.so.3 =3D> /usr/lib/libssl.so.3 (0x28213000)
=20
% ldd /usr/local/libexec/apache/libssl.so=20
/usr/local/libexec/apache/libssl.so:
libssl.so.3 =3D> /usr/lib/libssl.so.3 (0x28132000)
libcrypto.so.3 =3D> /usr/lib/libcrypto.so.3 (0x28161000)
=20
I guess that so long as the shlib version numbers and entry points are
the same in both cases, you won't have a problem. You do know that
apache13+mod_ssl involves a lot of patching to the apache part, and
that modules compiled for that combination aren't suitable for use
with plain apache13, and vice versa?
Try setting APACHE_PORT=3Dwww/apache13-modssl in your /etc/make.conf or
in the ENV[] section in /usr/local/etc/pkgtools.conf and recompiling
PHP and any PHP extensions.
Note that there's an unresolved bug to do with SSL support in PHP4 --
if you load SSL support as a module, you don't get all of the
functionality you do when SSL is compiled into PHP directly. One
package that is adversely affected is Squirrelmail, which is prevented
from using the encrypted version of IMAP. There's been several posts
about the problem around the FreeBSD lists, including instructions on
how to fudge the new PHP ports structure to get a compiled-in SSL
extension.
The bug doesn't affect PHP5, but then again, a log of PHP applications
don't work under PHP5 yet either.
Cheers,
Matthew
--=20
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
--dc+cDN39EJAMEtIO
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQFBTWPaiD657aJF7eIRAmdhAJ9gpR1nFCQ/6Ho+xzyveLmqaMuw6gCfc2kP
T/XV/V+Gi6OEzstwUM2wWcs=
=T1Kz
-----END PGP SIGNATURE-----
--dc+cDN39EJAMEtIO--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040919104754.GB51161>