Reputation: 5049
Segmentation fault in openssl_sign under apache, but allright in CLI
I have PHP code that signs request using openssl_sign:
if (($pkeyid = openssl_pkey_get_private($keystr)) === false)
{
$this->setError('Cannot retrieve private key from: ' . $this->getParam('keyFile'));
return false;
}
if (!openssl_sign($message, $sign, $pkeyid, OPENSSL_ALGO_SHA1))
{
$this->setError('Cannot sign with private key');
return false;
}
It is working normally when code is run in CLI, but under Apache (php 5.2.17 as module) line with !openssl_sign($message, $sign, $pkeyid, OPENSSL_ALGO_SHA1) results in segfault (11).
$pkeyid = openssl_pkey_get_private($keystr) gives valid key.
Have someone encountered such error? What is solution if any? Alternatives compliant with openssl_sign? How it could be rapidly diagnosed?
Upvotes: 0
Views: 734
Answers (1)
Reputation: 213686
The most likely cause: both your PHP module and the apache httpd itself are linked against libopenssl, but different versions of it, causing symbols from the "wrong" library to get called.
Set ulimit -c unlimited, let httpd dump core, and analyse it with gdb:
gdb /path/to/httpd /path/to/core
(gdb) info shared
# look for more than one instance of openssl
(gdb) info func EVP_SignFinal
# look for more than one definition -- one could be statically linked into httpd
Upvotes: 2
Related Questions
- OpenSSL Error messages: error:0A000126:SSL routines::unexpected eof while reading
- OPENSSL file_get_contents(): Failed to enable crypto
- PHP openssl_sign stops executing any and all scripting
- OpenSSL installed but not working
- 64 bit Linux/Ubuntu and openssl issue (could not read symbols: Bad value)
- OpenSSL req won't work on PHP Shell
- PHP openssl_sign DIES
- Issues with OpenSSL on PHP - different behaviour for different versions
- Apache server (xampp) crashes when using openssl function
- openssl_seal problems