From ramkumar.chinchani at gmail.com Fri May 13 04:28:26 2016 From: ramkumar.chinchani at gmail.com (Ramkumar Chinchani) Date: Thu, 12 May 2016 19:28:26 -0700 Subject: [mod_gnutls-devel] passing the identity to a backend process Message-ID: Here is my use case (not necessarily specific to mod_gnutls): TLS termination is handled by mod_gnutls However, apache is also acting as a reverse proxy and it is required to communicate the authenticated identity to a backend process. What are my options? Thanks. From thomas2.klute at uni-dortmund.de Sun May 15 12:52:56 2016 From: thomas2.klute at uni-dortmund.de (Thomas Klute) Date: Sun, 15 May 2016 12:52:56 +0200 Subject: [mod_gnutls-devel] passing the identity to a backend process In-Reply-To: References: Message-ID: <57385508.1070800@uni-dortmund.de> Am 13.05.2016 um 04:28 schrieb Ramkumar Chinchani: > Here is my use case (not necessarily specific to mod_gnutls): > > TLS termination is handled by mod_gnutls > > However, apache is also acting as a reverse proxy and it is required > to communicate the authenticated identity to a backend process. > > What are my options? I assume that you want to use TLS client authentication. The easiest way is probably to use the SSL_* environment variables (see the "Environment Variables" section in the manual), which pass various bits of information on the TLS connection. A remote application can't directly access the environment, but you could use mod_headers and the RequestHeader directive [1] to pass the data you need (e.g. the DN of a client certificate) in a custom header. If you have a working config, I'd be interested in adding an example to the manual. ;-) Regards, Thomas [1] https://httpd.apache.org/docs/current/mod/mod_headers.html#requestheader From sunil at medhas.org Wed May 25 06:24:11 2016 From: sunil at medhas.org (Sunil Mohan Adapa) Date: Wed, 25 May 2016 09:54:11 +0530 Subject: [mod_gnutls-devel] Apache 2 taking 100% CPU due to mod-gnutls Message-ID: <574528EB.9050809@medhas.org> Hello, When using mod-gnutls with Apache2 on FreedomBox, we are facing a serious issue that Apache2 ends up getting stuck with 100% CPU after serving some requests. I have reported the issue in detail: https://mod.gnutls.org/ticket/136 Could someone please take a look at it? Thank you, -- Sunil -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From thomas2.klute at uni-dortmund.de Wed May 25 19:14:31 2016 From: thomas2.klute at uni-dortmund.de (Thomas Klute) Date: Wed, 25 May 2016 19:14:31 +0200 Subject: [mod_gnutls-devel] Apache 2 taking 100% CPU due to mod-gnutls In-Reply-To: <574528EB.9050809@medhas.org> References: <574528EB.9050809@medhas.org> Message-ID: <5745DD77.9090403@uni-dortmund.de> Am 25.05.2016 um 06:24 schrieb Sunil Mohan Adapa: > When using mod-gnutls with Apache2 on FreedomBox, we are facing a > serious issue that Apache2 ends up getting stuck with 100% CPU after > serving some requests. > > I have reported the issue in detail: https://mod.gnutls.org/ticket/136 Thank you for the report! Unfortunately I could not reproduce the bug, but I agree that mgs_transport_write not setting errno might be an issue. Could you check if the attached patch fixes the problem? If this does not help, would you be able to provide me with a minimal configuration that can reproduce the problem (e.g. Apache conf, CGI script for the slow proxy backend, shell script to send requests)? Just the information which client you are using might be helpful as well because your report looks like a bug that might be exposed by specific client behavior at end of connection. Regards, Thomas -------------- next part -------------- A non-text attachment was scrubbed... Name: transport_write_errno.patch Type: text/x-patch Size: 780 bytes Desc: not available URL: From sunil at medhas.org Wed May 25 20:54:31 2016 From: sunil at medhas.org (Sunil Mohan Adapa) Date: Thu, 26 May 2016 00:24:31 +0530 Subject: [mod_gnutls-devel] Apache 2 taking 100% CPU due to mod-gnutls In-Reply-To: <5745DD77.9090403@uni-dortmund.de> References: <574528EB.9050809@medhas.org> <5745DD77.9090403@uni-dortmund.de> Message-ID: <5745F4E7.30403@medhas.org> On 05/25/2016 10:44 PM, Thomas Klute wrote: [...] > Thank you for the report! Unfortunately I could not reproduce the bug, > but I agree that mgs_transport_write not setting errno might be an > issue. Could you check if the attached patch fixes the problem? The patch fixes the problem. Tested on Debian package 0.7.4-2: - Without the patch, the problem is reproducible consistently with 'ab -c 8 -n 800' even before it finishes 100 requests. This happened every time I ran (I ran at least 5 times). - I have been unable to reproduce the problem with 'ab -c 8 -n 8000' and with 5 more shorter runs. > > If this does not help, would you be able to provide me with a minimal > configuration that can reproduce the problem (e.g. Apache conf, CGI > script for the slow proxy backend, shell script to send requests)? Just > the information which client you are using might be helpful as well > because your report looks like a bug that might be exposed by specific > client behavior at end of connection. I can still work on minimal setup if necessary. Let me know. Thank you, -- Sunil -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From thomas2.klute at uni-dortmund.de Fri May 27 20:15:03 2016 From: thomas2.klute at uni-dortmund.de (Thomas Klute) Date: Fri, 27 May 2016 20:15:03 +0200 Subject: [mod_gnutls-devel] Apache 2 taking 100% CPU due to mod-gnutls In-Reply-To: <5745F4E7.30403@medhas.org> References: <574528EB.9050809@medhas.org> <5745DD77.9090403@uni-dortmund.de> <5745F4E7.30403@medhas.org> Message-ID: <57488EA7.8050307@uni-dortmund.de> Am 25.05.2016 um 20:54 schrieb Sunil Mohan Adapa: > On 05/25/2016 10:44 PM, Thomas Klute wrote: > [...] >> Thank you for the report! Unfortunately I could not reproduce the bug, >> but I agree that mgs_transport_write not setting errno might be an >> issue. Could you check if the attached patch fixes the problem? > > The patch fixes the problem. I'm glad to hear that. If you have time, you might want to test a9fa3000b230e3e2c53a99fa86d11b19c74c4017 (or later commits from master) from https://github.com/airtower-luna/mod_gnutls.git where I've added a few more similarly missing errno settings in mgs_transport_read(). Either way I'll publish a bugfix release soon. > I can still work on minimal setup if necessary. Let me know. It's not necessary, but if you have a test that could be included in the test suite, that'd be helpful to prevent similar issues in the future. Based on your analysis and the fix I assume that would require triggering EAGAIN or EINTR while reading from the back end server. Regards, Thomas From thomas2.klute at uni-dortmund.de Sat May 28 14:29:48 2016 From: thomas2.klute at uni-dortmund.de (Thomas Klute) Date: Sat, 28 May 2016 14:29:48 +0200 Subject: [mod_gnutls-devel] New Release: mod_gnutls 0.7.5 Message-ID: <57498F3C.2040808@uni-dortmund.de> Hello everyone, I have just uploaded the source archive for mod_gnutls 0.7.5. This is a bugfix and maintenance release. Changelog since mod_gnutls 0.7.4: * Sunil Mohan Adapa reported retry loops during session shutdown in cleanup_gnutls_session() due to gnutls_bye() incorrectly returning GNUTLS_E_INTERRUPTED or GNUTLS_E_AGAIN. Setting the GnuTLS session errno in mgs_transport_write() fixes the problem. * Import Daniel Kahn Gillmor's patches for GnuPG v2 support from the Debian package. * Build system improvements that allow VPATH builds and get "make distcheck" to work You can download the release archive and detached PGP signature from https://mod.gnutls.org/downloads/ or check out the signed tag "mod_gnutls/0.7.5" from the git repository [1] or my repository on Github [2]. Kind regards, Thomas Klute [1] https://mod.gnutls.org/git/mod_gnutls [2] https://github.com/airtower-luna/mod_gnutls.git -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From sunil at medhas.org Sat May 28 15:48:25 2016 From: sunil at medhas.org (Sunil Mohan Adapa) Date: Sat, 28 May 2016 19:18:25 +0530 Subject: [mod_gnutls-devel] Apache 2 taking 100% CPU due to mod-gnutls In-Reply-To: <57488EA7.8050307@uni-dortmund.de> References: <574528EB.9050809@medhas.org> <5745DD77.9090403@uni-dortmund.de> <5745F4E7.30403@medhas.org> <57488EA7.8050307@uni-dortmund.de> Message-ID: <5749A1A9.1030302@medhas.org> On 05/27/2016 11:45 PM, Thomas Klute wrote: [...] > > I'm glad to hear that. If you have time, you might want to test > a9fa3000b230e3e2c53a99fa86d11b19c74c4017 (or later commits from master) > from https://github.com/airtower-luna/mod_gnutls.git where I've added a > few more similarly missing errno settings in mgs_transport_read(). > Either way I'll publish a bugfix release soon. Thank you for the fix and release. > >> I can still work on minimal setup if necessary. Let me know. > > It's not necessary, but if you have a test that could be included in the > test suite, that'd be helpful to prevent similar issues in the future. > Based on your analysis and the fix I assume that would require > triggering EAGAIN or EINTR while reading from the back end server. I will try to make some time for this. -- Sunil -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From webmaster at mod.gnutls.org Sat May 21 14:54:01 2016 From: webmaster at mod.gnutls.org (mod_gnutls) Date: Sat, 21 May 2016 12:54:01 -0000 Subject: [mod_gnutls-devel] [mod_gnutls] #136: Infinite loop while cleaning up GnuTLS session Message-ID: <043.0ae303e796bae5ec5095c4de14b2e177@mod.gnutls.org> #136: Infinite loop while cleaning up GnuTLS session -------------------------------------+------------------------------------- Reporter: | Owner: http://gtlsbug.livejournal.com/ | https://id.mayfirst.org/dkg Type: defect | Status: new Priority: critical | Component: code Version: | Keywords: -------------------------------------+------------------------------------- I noticed that some apache2 processes take 100% CPU after a few requests. Stack trace shows mod-gnutls as the problem. This problem causes embedded devices to slow down to an unusable state after using them for a while. A quick read tells us that cleanup_gnutls_session() getting stuck in a loop due to GNUTLS_E_INTERRUPTED or GNUTLS_E_AGAIN being returned by gnutls_bye(). After mgs_transport_write(), gnutls understands these errnos even though errno is not set during that function? Following is the debug information I collected. I am available to get more information or try out patches if necessary. Thanks in advance. ---- '''How to Reproduce:''' The problem is easily reproducible on my machines by sending a lot of requests to Apache. Most requests don't cause a problem while some lead to the problem. I believe the problem occurs when using mod-gnutls and proxying connections. Also this is more observable on pages taking time to load. $ ab -v 1 -c 8 -n 800 -H 'Cookie: XXX' https://freedombox- vm1/plinth/sys/users/ '''Stack traces:''' I collected several stack traces by letting the process run for a while and then interrupting it again. {{{ #0 mgs_transport_write (ptr=0x7f785b260028, buffer=, len=8023) at gnutls_io.c:871 #1 0x00007f78669d86d5 in _gnutls_writev_emu (session=, session=, vec=, giovec_cnt=, giovec=, fd=) at gnutls_buffers.c:447 #2 _gnutls_writev (total=8023, giovec_cnt=, giovec=0x7fff2ce06a20, session=0x564c16d28710) at gnutls_buffers.c:505 #3 _gnutls_io_write_flush (session=session at entry=0x564c16d28710) at gnutls_buffers.c:699 #4 0x00007f78669d4d5c in gnutls_bye (session=0x564c16d28710, how=how at entry=GNUTLS_SHUT_WR) at gnutls_record.c:281 #5 0x00007f78641a329e in cleanup_gnutls_session (data=0x7f785b260028) at gnutls_hooks.c:722 #6 0x00007f78693e1cfe in run_cleanups (cref=0x7f785b285098) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:2352 #7 apr_pool_clear (pool=0x7f785b285028) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:762 #8 0x00007f78609ab4ce in child_main (child_num_arg=child_num_arg at entry=7, child_bucket=child_bucket at entry=0) at prefork.c:616 #9 0x00007f78609ab974 in make_child (s=0x7f7869c79470, slot=7, bucket=0) at prefork.c:824 #10 0x00007f78609ac85d in perform_idle_server_maintenance (p=) at prefork.c:932 #11 prefork_run (_pconf=, plog=, s=) at prefork.c:1128 #12 0x0000564c15541eae in ap_run_mpm (pconf=0x7f7869ca9028, plog=0x7f7869c76028, s=0x7f7869c79470) at mpm_common.c:94 #13 0x0000564c1553b516 in main (argc=3, argv=0x7fff2ce070c8) at main.c:778 #0 write_flush (ctxt=ctxt at entry=0x7f785b260028) at gnutls_io.c:624 #1 0x00007f786419ee32 in mgs_transport_write (ptr=0x7f785b260028, buffer=, len=8023) at gnutls_io.c:871 #2 0x00007f78669d86d5 in _gnutls_writev_emu (session=, session=, vec=, giovec_cnt=, giovec=, fd=) at gnutls_buffers.c:447 #3 _gnutls_writev (total=8023, giovec_cnt=, giovec=0x7fff2ce06a20, session=0x564c16d28710) at gnutls_buffers.c:505 #4 _gnutls_io_write_flush (session=session at entry=0x564c16d28710) at gnutls_buffers.c:699 #5 0x00007f78669d4d5c in gnutls_bye (session=0x564c16d28710, how=how at entry=GNUTLS_SHUT_WR) at gnutls_record.c:281 #6 0x00007f78641a329e in cleanup_gnutls_session (data=0x7f785b260028) at gnutls_hooks.c:722 #7 0x00007f78693e1cfe in run_cleanups (cref=0x7f785b285098) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:2352 #8 apr_pool_clear (pool=0x7f785b285028) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:762 #9 0x00007f78609ab4ce in child_main (child_num_arg=child_num_arg at entry=7, child_bucket=child_bucket at entry=0) at prefork.c:616 #10 0x00007f78609ab974 in make_child (s=0x7f7869c79470, slot=7, bucket=0) at prefork.c:824 #11 0x00007f78609ac85d in perform_idle_server_maintenance (p=) at prefork.c:932 #12 prefork_run (_pconf=, plog=, s=) at prefork.c:1128 #13 0x0000564c15541eae in ap_run_mpm (pconf=0x7f7869ca9028, plog=0x7f7869c76028, s=0x7f7869c79470) at mpm_common.c:94 #14 0x0000564c1553b516 in main (argc=3, argv=0x7fff2ce070c8) at main.c:778 #0 0x00007f78696022e0 in apr_bucket_alloc at plt () from /usr/lib/x86_64 -linux-gnu/libaprutil-1.so.0 #1 0x00007f7869604591 in apr_bucket_flush_create () from /usr/lib/x86_64 -linux-gnu/libaprutil-1.so.0 #2 0x00007f786419dc1c in write_flush (ctxt=ctxt at entry=0x7f785b260028) at gnutls_io.c:642 #3 0x00007f786419ee32 in mgs_transport_write (ptr=0x7f785b260028, buffer=, len=8023) at gnutls_io.c:871 #4 0x00007f78669d86d5 in _gnutls_writev_emu (session=, session=, vec=, giovec_cnt=, giovec=, fd=) at gnutls_buffers.c:447 #5 _gnutls_writev (total=8023, giovec_cnt=, giovec=0x7fff2ce06a20, session=0x564c16d28710) at gnutls_buffers.c:505 #6 _gnutls_io_write_flush (session=session at entry=0x564c16d28710) at gnutls_buffers.c:699 #7 0x00007f78669d4d5c in gnutls_bye (session=0x564c16d28710, how=how at entry=GNUTLS_SHUT_WR) at gnutls_record.c:281 #8 0x00007f78641a329e in cleanup_gnutls_session (data=0x7f785b260028) at gnutls_hooks.c:722 #9 0x00007f78693e1cfe in run_cleanups (cref=0x7f785b285098) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:2352 #10 apr_pool_clear (pool=0x7f785b285028) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:762 #11 0x00007f78609ab4ce in child_main (child_num_arg=child_num_arg at entry=7, child_bucket=child_bucket at entry=0) at prefork.c:616 #12 0x00007f78609ab974 in make_child (s=0x7f7869c79470, slot=7, bucket=0) at prefork.c:824 #13 0x00007f78609ac85d in perform_idle_server_maintenance (p=) at prefork.c:932 #14 prefork_run (_pconf=, plog=, s=) at prefork.c:1128 #15 0x0000564c15541eae in ap_run_mpm (pconf=0x7f7869ca9028, plog=0x7f7869c76028, s=0x7f7869c79470) at mpm_common.c:94 #16 0x0000564c1553b516 in main (argc=3, argv=0x7fff2ce070c8) at main.c:778 #0 _mbuffer_head_get_next (cur=0x564c16d2c9a0, msg=msg at entry=0x7fff2ce06a10) at gnutls_mbuffers.c:191 #1 0x00007f78669d83bd in _gnutls_io_write_flush (session=session at entry=0x564c16d28710) at gnutls_buffers.c:682 #2 0x00007f78669d4d5c in gnutls_bye (session=0x564c16d28710, how=how at entry=GNUTLS_SHUT_WR) at gnutls_record.c:281 #3 0x00007f78641a329e in cleanup_gnutls_session (data=0x7f785b260028) at gnutls_hooks.c:722 #4 0x00007f78693e1cfe in run_cleanups (cref=0x7f785b285098) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:2352 #5 apr_pool_clear (pool=0x7f785b285028) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:762 #6 0x00007f78609ab4ce in child_main (child_num_arg=child_num_arg at entry=7, child_bucket=child_bucket at entry=0) at prefork.c:616 #7 0x00007f78609ab974 in make_child (s=0x7f7869c79470, slot=7, bucket=0) at prefork.c:824 #8 0x00007f78609ac85d in perform_idle_server_maintenance (p=) at prefork.c:932 #9 prefork_run (_pconf=, plog=, s=) at prefork.c:1128 #10 0x0000564c15541eae in ap_run_mpm (pconf=0x7f7869ca9028, plog=0x7f7869c76028, s=0x7f7869c79470) at mpm_common.c:94 #11 0x0000564c1553b516 in main (argc=3, argv=0x7fff2ce070c8) at main.c:778 #0 0x00007f7869602caa in apr_brigade_cleanup () from /usr/lib/x86_64 -linux-gnu/libaprutil-1.so.0 #1 0x0000564c1555926a in ap_core_output_filter (f=0x7f785b2641e0, new_bb=0x7f785b2640e8) at core_filters.c:385 #2 0x00007f786419dc4d in write_flush (ctxt=ctxt at entry=0x7f785b260028) at gnutls_io.c:645 #3 0x00007f786419ee32 in mgs_transport_write (ptr=0x7f785b260028, buffer=, len=8023) at gnutls_io.c:871 #4 0x00007f78669d86d5 in _gnutls_writev_emu (session=, session=, vec=, giovec_cnt=, giovec=, fd=) at gnutls_buffers.c:447 #5 _gnutls_writev (total=8023, giovec_cnt=, giovec=0x7fff2ce06a20, session=0x564c16d28710) at gnutls_buffers.c:505 #6 _gnutls_io_write_flush (session=session at entry=0x564c16d28710) at gnutls_buffers.c:699 #7 0x00007f78669d4d5c in gnutls_bye (session=0x564c16d28710, how=how at entry=GNUTLS_SHUT_WR) at gnutls_record.c:281 #8 0x00007f78641a329e in cleanup_gnutls_session (data=0x7f785b260028) at gnutls_hooks.c:722 #9 0x00007f78693e1cfe in run_cleanups (cref=0x7f785b285098) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:2352 #10 apr_pool_clear (pool=0x7f785b285028) at /tmp/buildd/apr-1.5.2/memory/unix/apr_pools.c:762 #11 0x00007f78609ab4ce in child_main (child_num_arg=child_num_arg at entry=7, child_bucket=child_bucket at entry=0) at prefork.c:616 #12 0x00007f78609ab974 in make_child (s=0x7f7869c79470, slot=7, bucket=0) at prefork.c:824 #13 0x00007f78609ac85d in perform_idle_server_maintenance (p=) at prefork.c:932 #14 prefork_run (_pconf=, plog=, s=) at prefork.c:1128 #15 0x0000564c15541eae in ap_run_mpm (pconf=0x7f7869ca9028, plog=0x7f7869c76028, s=0x7f7869c79470) at mpm_common.c:94 #16 0x0000564c1553b516 in main (argc=3, argv=0x7fff2ce070c8) at main.c:778 }}} '''Software versions:''' {{{ root at freedombox-vm1:~# dpkg -l libapache2-mod-gnutls* apache2* libgnutls* Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig- pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-===============================================-============================-============================-=================================================================================================== ii apache2 2.4.20-1 amd64 Apache HTTP Server un apache2-api-20120211 (no description available) ii apache2-bin 2.4.20-1 amd64 Apache HTTP Server (modules and other binary files) ii apache2-data 2.4.20-1 all Apache HTTP Server (common files) ii apache2-dbg 2.4.20-1 amd64 Apache debugging symbols un apache2-doc (no description available) un apache2-suexec-custom (no description available) un apache2-suexec-pristine (no description available) ii apache2-utils 2.4.20-1 amd64 Apache HTTP Server (utility programs for web servers) un apache2.2-bin (no description available) un apache2.2-common (no description available) ii libapache2-mod-gnutls 0.7.4-2 amd64 Apache module for SSL and TLS encryption with GnuTLS ii libapache2-mod-gnutls-dbgsym 0.7.4-2 amd64 Debug symbols for libapache2-mod-gnutls ii libgnutls-deb0-28:amd64 3.3.20-1 amd64 GNU TLS library - main runtime library ii libgnutls-openssl27:amd64 3.4.11-4 amd64 GNU TLS library - OpenSSL wrapper ii libgnutls30:amd64 3.4.11-4 amd64 GNU TLS library - main runtime library un libgnutls30-dbg (no description available) ii libgnutls30-dbgsym:amd64 3.4.11-4 amd64 Debug symbols for libgnutls30 }}} '''Apache MPM:''' {{{ root at freedombox-vm1:~# a2query -M prefork }}} '''Apache Site Configuration:''' {{{ ## ## On all sites, provide Plinth on a default path: /plinth ## ## Requires the following Apache modules to be enabled: ## mod_headers ## mod_proxy ## mod_proxy_http ## ProxyPass http://127.0.0.1:8000/plinth ## Send the scheme from user's request to enable Plinth to redirect ## URLs, set cookies, set absolute URLs (if any) properly. RequestHeader set X-Forwarded-Proto 'https' env=HTTPS ## Allow traffic only from private networks ## IPv4 local addresses Require ip 127.0.0.0/8 ## IPv4 link local addresses Require ip 169.254.0.0/16 ## IPv4 class A private addresses Require ip 10.0.0.0/8 ## IPv4 class B private addresses Require ip 172.16.0.0/12 ## IPv4 class C private addresses Require ip 192.168.0.0/16 ## IPv6 local address Require ip ::1 ## IPv6 link local addresses Require ip fe80::/10 ## IPv6 private addresses Require ip fc00::/7 }}} -- Ticket URL: mod_gnutls The apache httpd module for HTTPS using GnuTLS From webmaster at mod.gnutls.org Sun May 22 17:21:55 2016 From: webmaster at mod.gnutls.org (mod_gnutls) Date: Sun, 22 May 2016 15:21:55 -0000 Subject: [mod_gnutls-devel] [mod_gnutls] #136: Infinite loop while cleaning up GnuTLS session In-Reply-To: <043.0ae303e796bae5ec5095c4de14b2e177@mod.gnutls.org> References: <043.0ae303e796bae5ec5095c4de14b2e177@mod.gnutls.org> Message-ID: <058.77ac96bc4738c191bfa5b93d83634cbc@mod.gnutls.org> #136: Infinite loop while cleaning up GnuTLS session -------------------------------------+------------------------------------- Reporter: | Owner: http://gtlsbug.livejournal.com/ | https://id.mayfirst.org/dkg Type: defect | Status: new Priority: critical | Component: code Version: | Resolution: Keywords: | -------------------------------------+------------------------------------- Comment (by http://gtlsbug.livejournal.com/): Forgot to mention that when compiled with --enable-maintainer, I see the following messages repeated continuously in /tmp/gnutls_debug: {{{ <3> ASSERT: gnutls_record.c:284 <3> ASSERT: gnutls_buffers.c:462 <2> WRITE: -1 returned from 0x7f926dc0e028, errno: 11 <3> ASSERT: gnutls_record.c:284 <3> ASSERT: gnutls_buffers.c:462 }}} -- Ticket URL: mod_gnutls The apache httpd module for HTTPS using GnuTLS From webmaster at mod.gnutls.org Sat May 28 15:55:52 2016 From: webmaster at mod.gnutls.org (mod_gnutls) Date: Sat, 28 May 2016 13:55:52 -0000 Subject: [mod_gnutls-devel] [mod_gnutls] #136: Infinite loop while cleaning up GnuTLS session In-Reply-To: <043.0ae303e796bae5ec5095c4de14b2e177@mod.gnutls.org> References: <043.0ae303e796bae5ec5095c4de14b2e177@mod.gnutls.org> Message-ID: <058.4b6c25962cbdae4f717ca477823f646e@mod.gnutls.org> #136: Infinite loop while cleaning up GnuTLS session -------------------------------------+------------------------------------- Reporter: | Owner: http://gtlsbug.livejournal.com/ | https://id.mayfirst.org/dkg Type: defect | Status: closed Priority: critical | Component: code Version: | Resolution: fixed Keywords: | -------------------------------------+------------------------------------- Changes (by http://gtlsbug.livejournal.com/): * status: new => closed * resolution: => fixed Comment: This is now fixed in 0.7.5. -- Ticket URL: mod_gnutls The apache httpd module for HTTPS using GnuTLS