Opened 11 years ago
Closed 11 years ago
#528 closed defect (fixed)
crash on win32 with shared ssl_session_cache
| Reported by: | E Cleton | Owned by: | |
|---|---|---|---|
| Priority: | trivial | Milestone: | |
| Component: | nginx-core | Version: | 1.5.x |
| Keywords: | ssl_session_cache win32 | Cc: | |
| uname -a: | |||
| nginx -V: |
nginx version: nginx/1.5.12 (from http://nginx.org/download/)
TLS SNI support enabled configure arguments: --with-cc=cl --builddir=objs.msvc8 --with-debug --prefix= - -conf-path=conf/nginx.conf --pid-path=logs/nginx.pid --http-log-path=logs/access .log --error-log-path=logs/error.log --sbin-path=nginx.exe --http-client-body-te mp-path=temp/client_body_temp --http-proxy-temp-path=temp/proxy_temp --http-fast cgi-temp-path=temp/fastcgi_temp --http-scgi-temp-path=temp/scgi_temp --http-uwsg i-temp-path=temp/uwsgi_temp --with-cc-opt=-DFD_SETSIZE=1024 --with-pcre=objs.msv c8/lib/pcre-8.34 --with-zlib=objs.msvc8/lib/zlib-1.2.8 --with-select_module --wi th-http_realip_module --with-http_addition_module --with-http_sub_module --with- http_dav_module --with-http_stub_status_module --with-http_flv_module --with-htt p_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-htt p_auth_request_module --with-http_random_index_module --with-http_secure_link_mo dule --with-mail --with-openssl=objs.msvc8/lib/openssl-1.0.1f --with-openssl-opt =enable-tlsext --with-http_ssl_module --with-mail_ssl_module --with-ipv6 |
||
Description
crash while attempting to use ssl_session_cache
XP SP3, 32bit
nginx version: nginx/1.5.12 (from http://nginx.org/download/)
TLS SNI support enabled
configure arguments: --with-cc=cl --builddir=objs.msvc8 --with-debug --prefix= -
-conf-path=conf/nginx.conf --pid-path=logs/nginx.pid --http-log-path=logs/access
.log --error-log-path=logs/error.log --sbin-path=nginx.exe --http-client-body-te
mp-path=temp/client_body_temp --http-proxy-temp-path=temp/proxy_temp --http-fast
cgi-temp-path=temp/fastcgi_temp --http-scgi-temp-path=temp/scgi_temp --http-uwsg
i-temp-path=temp/uwsgi_temp --with-cc-opt=-DFD_SETSIZE=1024 --with-pcre=objs.msv
c8/lib/pcre-8.34 --with-zlib=objs.msvc8/lib/zlib-1.2.8 --with-select_module --wi
th-http_realip_module --with-http_addition_module --with-http_sub_module --with-
http_dav_module --with-http_stub_status_module --with-http_flv_module --with-htt
p_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-htt
p_auth_request_module --with-http_random_index_module --with-http_secure_link_mo
dule --with-mail --with-openssl=objs.msvc8/lib/openssl-1.0.1f --with-openssl-opt
=enable-tlsext --with-http_ssl_module --with-mail_ssl_module --with-ipv6
curl -i -k "https://127.0.0.1"
2014/04/01 11:06:32 [debug] 812#1860: *1 post event 04870108
2014/04/01 11:06:32 [debug] 812#1860: timer delta: 20
2014/04/01 11:06:32 [debug] 812#1860: posted events 04870108
2014/04/01 11:06:32 [debug] 812#1860: posted event 04870108
2014/04/01 11:06:32 [debug] 812#1860: *1 delete posted event 04870108
2014/04/01 11:06:32 [debug] 812#1860: *1 SSL handshake handler: 0
2014/04/01 11:06:32 [debug] 812#1860: shmtx lock
2014/04/01 11:06:32 [debug] 764#768: master WaitForMultipleObjects: 4
2014/04/01 11:06:32 [debug] 764#768: reap worker
2014/04/01 11:06:32 [notice] 764#768: worker process 812 exited with code C0000005
2014/04/01 11:06:32 [debug] 764#768: GetModuleFileName: "C:\nginx\nginx.exe"
2014/04/01 11:06:32 [notice] 764#768: start worker process 140
2014/04/01 11:06:32 [debug] 140#772: malloc: 00A74730:19
2014/04/01 11:06:32 [debug] 140#772: malloc: 00A74730:19
2014/04/01 11:06:32 [debug] 140#772: malloc: 00A74730:19
2014/04/01 11:06:32 [debug] 140#772: malloc: 00A73670:16
2014/04/01 11:06:32 [debug] 140#772: bind() 0.0.0.0:80 #168
2014/04/01 11:06:32 [debug] 140#772: bind() 0.0.0.0:443 #176
Caused by using:
ssl_session_cache shared:SSL:10m;
No ASLR or DEP in use, shared memory works, for example:
limit_req_zone $binary_remote_addr zone=floodp:20m rate=64r/s;
does not crash and works as it suppose to work.
Might be related to http://trac.nginx.org/nginx/ticket/235 (suggested patches tried but does not solve this issue)
Change History (6)
comment:1 by , 11 years ago
comment:2 by , 11 years ago
Yes both in server{} and http{} tried and both crash the same way.
and just tested with 1.2.9 and 1.4.7, same results, ssl_session_cache has not been working for over a year and may have never worked.
comment:3 by , 11 years ago
| Keywords: | win32 added |
|---|---|
| Status: | new → accepted |
| Summary: | crash while attempting to use ssl_session_cache → crash on win32 with shared ssl_session_cache |
I was able to reproduce the crash. Apparently shared ssl_session_cache indeed broken on win32 except when running without master process. There isn't much sense to use shared session cache on win32 as there is only one worker process currently supported, but anyway it shouldn't segfault.
The following patch should fix the problem:
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -1804,13 +1804,13 @@ ngx_ssl_session_cache_init(ngx_shm_zone_
return NGX_OK;
}
+ shpool = (ngx_slab_pool_t *) shm_zone->shm.addr;
+
if (shm_zone->shm.exists) {
- shm_zone->data = data;
+ shm_zone->data = shpool->data;
return NGX_OK;
}
- shpool = (ngx_slab_pool_t *) shm_zone->shm.addr;
-
cache = ngx_slab_alloc(shpool, sizeof(ngx_ssl_session_cache_t));
if (cache == NULL) {
return NGX_ERROR;
The root cause is that in a worker process shm_zone->data was set incorrectly (it was set to NULL instead of a proper value extracted from shared memory).
comment:4 by , 11 years ago
Confirmed this patch solves the issue including multiple workers and with ASLR, I'll include it into the next release, Snowman. Thanks Maxim!
Have you tried to move ssl_session_cache to the http{} level, as suggested by this comment to ticket #235?