Summary: | server goes into infinite loop | ||
---|---|---|---|
Product: | Apache httpd-2 | Reporter: | Marvin Solomon <solomon> |
Component: | mod_ssl | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
Status: | CLOSED FIXED | ||
Severity: | critical | ||
Priority: | P3 | ||
Version: | 2.0.35 | ||
Target Milestone: | --- | ||
Hardware: | Sun | ||
OS: | Solaris |
Description
Marvin Solomon
2002-04-23 01:16:08 UTC
A similar fix was made by dougm into ssl_io_input_read to return APR_EOF when OpenSSL returns 0. (This is one of the major gotchas we found right after releasing 2.0.35.) This fix is in modules/ssl/ssl_engine_io.c revision 1.73. It will be included in the next release of Apache. Thanks for using Apache! It would be nice if "major gotchas" were documented somewhere on the web page to save poor slobs like me from wasting a whole day tracking down the bug only to be told "oh yeah, we knew that". Well, sorry about that. The best thing we can recommend is to search resolved bugs or download our latest CVS snapshots. Unfortunately, Bugzilla doesn't default to searching closed bugs. We are intending to do a 2.0.36 release in the next few days to address the PRs that we have already fixed (and it's been a bunch). Thanks for using Apache! To add to what Justin said (since he and I were saying it at the same time and he beat me to it ;), if you suspect a bug, the best thing to do is always to check the CHANGES file in the development tree (http://cvs.apache.org/viewcvs.cgi/httpd-2.0/CHANGES)... that's our central repository of Things We've Fixed. The STATUS file in that same directory is also a good place to look, as it might mention known but outstanding issues. Thanks... I did indeed search the bug database before launching into my own search of the source code. I just tried again. Keyword searches always come up empty. I finally tried searching all bugs involving mod_ssl in 2.0.35 in all states, and found out that my bug was a duplicate of 8165, which is listed as CLOSED (what's the difference between CLOSED and RESOLVED?) As for searching http://cvs.apache.org/viewcvs.cgi/httpd-2.0/CHANGES , I'm afraid that useless. The CVS check-in message associated with the fix of that bug is, in its entirety, PR: 7802 Obtained from: Submitted by: Reviewed by: fix compilation problem in ssl_engine_kernel.c if SSL_LIBRARY_VERSION >= 0x00907000 Don't look at the commit log for CHANGES, look at the contents of CHANGES itself. What I was trying to get you to see was this in particular, though: http://cvs.apache.org/viewcvs.cgi/httpd-2.0/CHANGES.diff?r1=1.689&r2=1.690 When you go to http://cvs.apache.org/viewcvs.cgi/httpd-2.0/CHANGES, you have to click on the version number of the most recent revision to see the file itself. Thanks again. |