php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #22112 When Php compiled with support for openssl it broke the SIHUP of apache
Submitted: 2003-02-07 13:28 UTC Modified: 2003-02-26 10:39 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: sysadmin at destination dot ca Assigned:
Status: Not a bug Package: Apache related
PHP Version: 4.3.0 OS: Linux Redhat 6.2
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: sysadmin at destination dot ca
New email:
PHP Version: OS:

 

 [2003-02-07 13:28 UTC] sysadmin at destination dot ca
Hi,

My setup :
Apache/1.3.27 (Unix) PHP/4.3.0 mod_ssl/2.8.12 OpenSSL/0.9.6g

PHP compiled without openssl or anyother app that need openssl compiled in php
apachectl startssl
killall -1 httpd - Apache reload configuration and all is fine
killall -1 httpd - Apache reload configuration and all is fine
killall -1 httpd - Apache reload configuration and all is fine
killall -1 httpd - Apache reload configuration and all is fine
killall -1 httpd - Apache reload configuration and all is fine
killall -1 httpd - Apache reload configuration and all is fine
etc ....
the httpd deamon reload is config and never die

PHP compiled with --with-openssl=/usr/local/ssl ( tested 4 time with different delay between SIGHUP )
apachectl startssl
killall -1 httpd - Apache reload configuration and all is fine
killall -1 httpd - Apache reload configuration and all is fine
killall -1 httpd - Apache reload configuration and all is fine
killall -1 httpd - SIGHUP received.  Attempting to restart -- and apache never restart

PHP compiled with --with-openssl=/usr/local/ssl --with-imap --with-imap-ssl=/usr/local/ssl
apachectl startssl
killall -1 httpd - SIGHUP received.  Attempting to restart -- and apache never restart
I can't even SIGHUP one time the http server

Ok i know that the bug is between apache-mod_ssl and php-openssl

But i would like to know how i can correct that problem.

Thanks in advance for any help.

Regards.



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-02-10 12:53 UTC] sniper@php.net
Are modssl and PHP linked with SAME ssl lib?

 [2003-02-10 13:16 UTC] sysadmin at destination dot ca
Yes.

I have tried to compile them with a different library to be sure it was not the case.

When i compile modssl and php with different openssl version apache don't even start.

I can confirm you that modssl and php use the librairie installed in my /usr/local/ssl directory and even from a fresh install.

I have also try the exact same setup on 3 other server and i have the exact same problem.

Regards
 [2003-02-11 13:24 UTC] sysadmin at destination dot ca
I have done deeper test and i have found a work around.

That work around do not correct the problem at all.

The only time i can procude that problem si when 
1. Server web is compiled with mod_ssl
2. Php is compipled with mod_ssl
3. One or more Virtualhost use the tag ErrorLog /path/to/log/file

You need the 3 conditions to see the bug.

So as a temporary solution i have disabled the ErrorLog tag in every virtualhost.

If you find a more convenient way to do it i will appreciate.

Thanks and have a good day
 [2003-02-20 22:59 UTC] rmosher at on-the dot net
The ErrorLog enter has nothing to do with the problem for me.  I'm using PHP 4.3.1 (same problem with 4.2.3 btw); otherwise the setup is the same (same Apache et al).
 [2003-02-21 07:11 UTC] sysadmin at destination dot ca
Have you try my workaround ?

That workaround have also correct the problem of apache serving empty php document.

There is a huge bug presently in php related to the apache path variable, lot of ticket open for this one and it look like no one at php is interesting to solve that one.

As with openssl 0.9.7a you can't compile php 4.3.1 or latest snapshot.

I was proud to use php for a long time, now it more of a headhache for me because as it grow i have more problem uprgrading ... they have to keep the base the same, we can't manage to have more and more complex configuration when not needed and we can't ask the people we host to change there web site every time the PHP TEAM remove or alter the use of a function in PHP.

I wish they will resolve all this problem soon with 4.3.2.
 [2003-02-23 04:51 UTC] sniper@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a backtrace to see what is happening behind the scenes. To
find out how to generate a backtrace, please read
http://bugs.php.net/bugs-generating-backtrace.php

Once you have generated a backtrace, please submit it to this bug
report and change the status back to "Open". Thank you for helping
us make PHP better.


And also give us the complete configure line for PHP and modssl..

 [2003-02-24 07:38 UTC] sysadmin at destination dot ca
Ok you want me to use a Productin server to be able to create the condition of a random bug about the open_dir lookup.

I will try but will be hard ... since i can only reproduce the bug where the httpd server don't reload correctly with killall -1 httpd on a test server.

The other bug about the base_dir is random on a multiple virtualhost setup ...

Anyway i will see want i can do about it.
 [2003-02-24 07:51 UTC] sniper@php.net
I asked for those configure lines...?
Can you please give them first?

(and compiling with openssl 0.9.7a works fine for me with latest snapshot btw..)

 [2003-02-24 08:22 UTC] sysadmin at destination dot ca
MODSSL :
./configure --with-apache=../apache_1.3.27 --with-ssl=/usr/local/ssl
APACHE :
./configure \
--prefix=/usr/local/apache \
--enable-module=log_agent \
--enable-module=log_referer \
--enable-module=info \
--enable-module=vhost_alias \
--enable-module=speling \
--enable-module=rewrite \
--enable-module=so \
--enable-module=ssl
OpenSSL 0.9.6i ( since OpenSSL 0.9.7 or 0.9.7a ) don't compile with php 4.3.1 or lastest stable snapshot )
./config --openssldir=/usr/local/ssl;make;make test;make install
PHP 4.3.1 or lastest stable snapshot
./configure \
--with-mysql=/usr/local/mysql \
--enable-calendar \
--enable-gettext \
--enable-ftp \
--enable-bcmath \
--enable-trans-sid \
--enable-gd-imgstrttf \
--enable-gd-native-ttf \
--with-dom \
--with-gd=/usr/gd-with_gif \
--with-jpeg-dir=/usr/lib \
--with-freetype-dir=/usr/local/freetype2 \
--with-png-dir=/usr/lib \
--with-gettext \
--with-zlib \
--with-mm=/usr/lib \
--with-zlib-dir=/usr/lib \
--with-pdflib=/usr/local/pdflib \
--with-config-file-path=/usr/local/apache/conf \
--with-apxs=/usr/local/apache/bin/apxs \
--with-mcrypt=/usr/local/libmcrypt \
--with-openssl=/usr/local/ssl \
--with-snmp \
--with-kerberos \
--with-imap \
--with-imap-ssl=/usr/local/ssl \
--prefix=/usr/local/php

RESUME :
As far as i know the problem exist for up to php 4.2.0
with this setup if you don't setup any open_basedir config in httpd.conf it look like there's no problem, if you setup a open_basedir for one virtual host the problem start to happen in the error log you see a website trying to load php file with the open_basedir of another virtualhost, the work around is to setup a open_basedir for every virtualhost.

This seem to correct the problem when killall -1 httpd make httpd to die and not reload is config.

If you need any further information please feel free to contact me again.

Regards
 [2003-02-24 08:28 UTC] sniper@php.net
If the problem that you opened this bug report for is fixed in latest cvs snapshot -> closed.

(check the bug database for reports about open_basedir problems and that openssl 0.9.7 problem. Add your comments to the existing reports and if you can't find any, submit new reports.)

 [2003-02-24 08:34 UTC] sysadmin at destination dot ca
Latest question.

I will try the latest snapshot today the one of friday still have the problem.

If the problem is corrected in the cvs-snaptsnot, how long till you release a new version ? since i can't run a cvs code on production server.

Regards
 [2003-02-24 08:43 UTC] sniper@php.net
I think I didn't understand you correctly..but didn't you just say in your last comment that it did work?

And next release (4.3.2) will be out in couple of weeks.
(hopefully mid-march)

 [2003-02-24 09:24 UTC] sysadmin at destination dot ca
no i have say i will try tomorrow with the lastest cvs snapshot ... with the latest cvs snapsot of friday it was not working.

I will keep you inform.

Regards
 [2003-02-26 08:00 UTC] sysadmin at destination dot ca
Hi,

There is the test i have run today.

TEST 1 :
------------------------------------------------------------
Apache 1.3.27
Mod_ssl 2.8.12
Openssl 0.9.6i

PHP version tried :
php4.3.1 :
[Wed Feb 26 08:28:52 2003] [notice] SIGHUP received.  Attempting to restart - but never restart
php4-200302261230
[Wed Feb 26 08:54:42 2003] [notice] SIGHUP received.  Attempting to restart - but never restart
php4-STABLE-200302261230
[Wed Feb 26 08:59:32 2003] [notice] SIGHUP received.  Attempting to restart - but never restart

So i confirm you that the latest stable release don't correct that problem.

Regars
Configuration file for php:

./configure \
--with-mysql=/usr/local/mysql \
--enable-calendar \
--enable-gettext \
--enable-ftp \
--enable-bcmath \
--enable-trans-sid \
--enable-gd-imgstrttf \
--enable-gd-native-ttf \
--enable-debug \
--with-dom \
--with-gd=/usr/gd-with_gif \
--with-jpeg-dir=/usr/lib \
--with-freetype-dir=/usr/local/freetype2 \
--with-png-dir=/usr/lib \
--with-gettext \
--with-zlib \
--with-mm=/usr/lib \
--with-zlib-dir=/usr/lib \
--with-pdflib=/usr/local/pdflib \
--with-config-file-path=/usr/local/apache/conf \
--with-apxs=/usr/local/apache/bin/apxs \
--with-mcrypt=/usr/local/libmcrypt \
--with-openssl=/usr/local/ssl \
--with-snmp \
--with-kerberos \
--with-imap \
--with-imap-ssl=/usr/local/ssl \
--prefix=/usr/local/php
------------------------------------------------------------

TEST 2 :
------------------------------------------------------------


------------------------------------------------------------
 [2003-02-26 10:31 UTC] sniper@php.net
Is mod_ssl compiled as static module into Apache or is it DSO? (see bug #22213)

 [2003-02-26 10:36 UTC] sysadmin at destination dot ca
static

And it look like you have no solution.

That will become verry hard to maintaint a web server with php since 4.2.0 it give me hugues headhache.

How can i help you find the problem of the sighup with mod_ssl compiled in apache not as a module, since i truly need it to work that way.

Regards
 [2003-02-26 10:39 UTC] sniper@php.net
Please do not submit the same bug more than once. An existing
bug report already describes this very problem. Even if you feel
that your issue is somewhat different, the resolution is likely
to be the same. Because of this, we hope you add your comments
to the existing bug instead.

Thank you for your interest in PHP.

Same as bug #22213, solution is to compile both as DSO, then it works. (add any further comments to 22213, there's no use to have several reports about same issue)

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 13:01:28 2024 UTC