Segmentation fault when LogLevel set to debug in apache2-ssl module
When on an Apache server the LogLevel in the ssl module is set to debug, the RADIUS authentication process causes a segmentation fault:
Sep 15 10:20:20 alpine kern.alert kernel: [ 755.423413] grsec: From x.x.x.x: Segmentation fault occurred at 00000051000009c6 in /usr/sbin/httpd[httpd:2502] uid/euid:81/81 gid/egid:81/81, parent /usr/sbin/httpd[httpd:2497] uid/euid:0/0 gid/egid:0/0
To error can be reproduced as follows:
-
Add some packages:
apk add freeradius apache2-ssl apache-mod-auth-radius
-
Start radius:
radiusd -X
-
Stop the program then start it as a service:
rc-service radiusd start
-
Modify the following settings in /etc/apache2/conf.d/mod-auth-radius.conf: AddRadiusAuth localhost:1812 test123 5 #AuthRadiusCookieValid 60 <Directory /var/www/localhost/htdocs>
-
Modify the following settings in /etc/apache2/conf.d/ssl.conf: #SSLMutex default LogLevel debug
-
Start Apache:
rc-service apache2 start
-
Now browse to https://Your\_IP\_address
-
Check /var/log/messages
(from redmine: issue id 3441, created on 2014-10-16, closed on 2019-06-11)