Bug 34039 - SSLSessionCache dbm:[...] crashes Apache
Summary: SSLSessionCache dbm:[...] crashes Apache
Status: RESOLVED DUPLICATE of bug 25667
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_ssl (show other bugs)
Version: 2.0.52
Hardware: Sun Solaris
: P3 blocker (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Depends on:
Reported: 2005-03-16 17:55 UTC by Markus Wernig
Modified: 2005-10-25 04:36 UTC (History)
0 users

httpd config file (main + vhost 2.0.52) The calls we see when the file explodes are to /some/WLSservice (see bottom of file) (6.68 KB, text/plain)
2005-03-22 18:05 UTC, Markus Wernig

Note You need to log in before you can comment on or make changes to this bug.
Description Markus Wernig 2005-03-16 17:55:28 UTC
Apache 1.3.33 with mod_ssl
Apache 2.0.52 --with-ssl

Symptom: The dbm file that is configured with the SSLSessionCache directive
suddenly starts to grow exponentially and finally reaches up to 900 MB.
At this state the parent process is still accepting new https/SSL requests and
forks off children for each new one. But the SSL handshake never happens, and
the children just keep hanging there, doing nothing. Finally the MAX_CLIENT
limit is reached, and the server is dead for all practical purposes.

We see this at different occasions, with all Apache versions.
Case 1: We see a load peak (~8 SSL requests per second) over a period of about 1
hour, then the load decreases. About one hour after the peak when the load
reaches about 5 requests/sec the file explodes and the server hangs.
Case 2: Same as above, but time difference is about 2 hours.
Case 3: A sudden surge of SSL requests (avg. ~0.6 requests/sec) to an otherwise
idle server causes the same effect, the SessionCache file exploding (from ~100K
during the day to finally 860 MB). Below is an example file size history, with
snapshots being taken every minute. In this case there were two ssl request
"waves", one from 22:02 to 22:06, the other one from 22:44 to ?? (server crashed
at ~22:49) 

22:02:38 110592         
22:03:38 1451008         
22:04:38 1451008         
22:05:38 1451008         
22:06:38 1451008                 
22:43:38 1451008         
22:44:38 1451008         
22:45:38 54164480         
22:46:38 54164480         
22:47:38 77381632         
22:48:38 861713408


regards /markus
Comment 1 Markus Wernig 2005-03-17 04:24:37 UTC
There is one difference between the setups of the two versions here:
Apache 1.3.33 does BasicAuth, while Apache 2.0.52 does Client certificate
We've just finished testing against 1.3.33, and when turning off the BasicAuth,
the problem does not occur, not even under high load (500 parallel sessions).

Comment 2 Joe Orton 2005-03-19 20:19:08 UTC
Please give the configuration for the SSL vhost.
Comment 3 Markus Wernig 2005-03-22 18:05:41 UTC
Created attachment 14539 [details]
httpd config file (main + vhost 2.0.52)
The calls we see when the file explodes are to /some/WLSservice (see bottom of file)

I've sanitized the file some and removed config details for a second vhost on
the same box that runs on port 443. The vhost that keeps crashing (and for
which we see the described behaviour in relation to the requests) runs on port
Comment 4 Joe Orton 2005-10-25 12:36:08 UTC
This is probably the same as 25667.  Use shmcb not dbm.

*** This bug has been marked as a duplicate of 25667 ***