Date: Wed, 29 Oct 2003 21:05:40 -0800 From: Kris Kennaway <kris@obsecurity.org> To: "Branko F. Gra?nar" <bfg@noviforum.si> Cc: freebsd-current@freebsd.org Subject: Re: FreeBSD 5.1-p10 reproducible crash with Apache2 Message-ID: <20031030050540.GA25906@rot13.obsecurity.org> In-Reply-To: <3F9F9884.3020309@noviforum.si> References: <3F9F9884.3020309@noviforum.si>
next in thread | previous in thread | raw e-mail | index | archive | help
--LQksG6bCIzRHxTLp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Oct 29, 2003 at 11:37:56AM +0100, "Branko F. Gra?nar" wrote: > Hi. >=20 > FreeBSD 5.1-p10 (and also possible other 5.1-pX version) can be remotely > locked up if the following criteria is met: >=20 > + apache2 has mod_ssl loaded and enabled > + apache2 has the following configuration directives set to the > following values: >=20 > SSLMutex sem > SSLSessionCache shm:/some/file(1048576) >=20 > + client connects via SSL/TLS to apache fast enough. >=20 > If all conditions above are satisfied except the last one, then lockup > doesn't happen. >=20 > I tested on three 5.1-p10 machines (SMP, uniprocessor, uniprocessor with > hypterthreading) with JMeter 1.9.1. >=20 > It is possible lockup machine with 100 requests (1 concurrent request) > in 1-3 seconds. >=20 > If SSLMutex is set to file:/path/somewhere and SSLSessionCache is set to > dbm:/some/dbm lockup does not accour. >=20 > Linux 2.4.22 is not affected by this issue. >=20 > Details: What kernel configuration? What hardware? Kris --LQksG6bCIzRHxTLp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/oJwkWry0BWjoQKURAqYYAJ92W7HTAmfl2EwIimKUc0Mrl+vWoACg3Qor Twxs3HZqj1X6/NtdWIt5nc0= =YJh4 -----END PGP SIGNATURE----- --LQksG6bCIzRHxTLp--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031030050540.GA25906>